image

User accounts, prepaid cards, etc…

June 17, 2010 by
Filed under: Security 

Central User DatabaseYour own central user database
eCrisper makes it easy to setup your own central user database using resources you may already have. If your current web hosting service includes MySQL and PHP, like most do, your database could be up and running in no time and at no extra cost.

Having a central user database allows you to create accounts (username/password) that can be used to access any of your kiosks.

How it works
When a user enters a valid username and password, the account balance is retrieved from the database and displayed in the form of a timer at the bottom of the screen. When the session ends, the database is updated with the new balance and the account can be used again in the future. A session may end because the user clicks on the Quit button, because the balance reaches 0, or because of an inactivity timeout.

The components
The recommended database engine is MySQL since it is included in most web hosting packages. However, since eCrisper talks to the database through server scripts that you can modify, any database engine could be used.

The database includes only two tables:

Users: Username, Password, Balance in Seconds, Expiry Date
Sessions: Username, Kiosk ID, Seconds Used, Start Time, End Time

The server side scripts are written using the widely-used general-purpose scripting language PHP. Two PHP scripts currently exist:

startsession: When a user enters a username and password, these two values are sent to this script. The script validates the username and password, retrieves the balance, and create a record in table Sessions.

endsession: When a session ends, the number of seconds used is sent to the endsession script to update the account with the new balance and to update the Sessions record.

If you are using a demo version, you can try the access mode requiring an account (set in the Access section of the Preferences window). You can use the account username user with password password.

How can this be used
The database can be used to create prepaid cards either sold to users or distributed for free. The accounts can be created using phpMyAdmin, a web based interface to your MySQL database, or you can create your own customized web page and script.

A web page could also be created to allow your customers to purchase an account online possibly using Paypal as a method of payment. A button to this page could be displayed on the main menu. The user would create the account then use it to login. This could be a quick way to implement credit card payments without the need for a card reader and merchant accounts. Features could also include recharging an account, viewing balance, reports, etc…

This was designed to be flexible and customizable, to allow kiosk owners to use it as the foundation for their own development or to allow 3rd party developers to build new tools.

This will also be the foundation for new development such as support for cash payments with coin and bill acceptors and credit card readers, or even fingerprint scanners.

Setting up your own database
Once you have access to a server with MySQL and PHP, follow these steps:

  1. Your hosting service should give you access to phpMyAdmin. Use it to create a database and to run the following script to create the 2 tables – Download SQL script.
  2. Download the PHP scripts and copy them to your web server possibly under a PHP subdirectory. You will need to edit the file config.php with your own values – Download PHP script.
  3. Update the values in the Preferences window. The Authentication string is a form of password to ensure that only your kiosks can access the PHP scripts. The value in config.php should match the value in the Preferences window.User Database Setup
  4. Once your database is up and running, you can use phpMyAdmin to add users with the following SQL statement: insert into users (username,password,balance,created,updated) values (“john”,”somepassword”,3000,null,null)

Stay tuned for more info on this topic…

Comments

Comments are closed.