To preface, I have a fairly decent background in web development / php / mysql, but there are some things that are rather common, that i've just never had to deal with OR more commonly with tessitura, never, until now, had the playground to play with!
I my first attempts to work with the API, using PHP and its SOAP client, i was able to make generate a session ID as well as print an output of upcoming shows - basic proof of concept, hello world.
So where do you go from there?
I'm sure i could figure this out, but why not ask. Regarding sessions, simply getting a session ID doesn't do me much good, unless i set it in a cookie, right? Additionally, I would need to check to see if a session already exist/has expired, see if the user is logged in, and so on and so forth.
So, talking out loud here, I need to set up my tool kit as i like to call it. Anyone out there care to share some experience, pitfalls, or advice?
Thanks,
James
Hi James,
I'll share a quick thought and experience. We are working with a client to get PCI compliant. Storing the Tessitura session key that you get back in a cookie is not necessarily PCI complient. You should save it in a PHP session variable.
For other advice, more than likely we need information regarding your goals/direction for development. For example, you could be wanting to build a purchase path or a constituent portal or a front page.
Regard,
Sam
Thanks Sam!
So does would anyone care to share an example of what/how they store their session variables?
As for goals; Yes, all of the above. Fortunately, i'm not is a rush, but i do believe in smart coding, and developing a versatile and expandable toolkit that today, could meet my needs for a front page, tomorrow a portal, and next month grow to include a purchase path.
James,
There are lots of considerations for developing your toolkit. Your first assesment should be about your topography. E.g. 2 website servers, 1 API server, 1 data server...
To answer your session question, did you mention that you're developing in PHP?
Regards,
Absolutely Sam! I have notices some people refer to performance optimizations and bottlenecks, primarily with seat servers, i think...But i'm sure there are others.
As for our/my own topology, right now, its a wee bit up to me! We're currently running strictly on TNEW and RAMP and our primary content site is on a shared LAMP host.
I don't really have any interest in hosting our site in-house (or leaving RAMP), but have been looking into a VPS, either Rackspace or Linode, but am yet to make a move and start developing. Additionally, i've set up a static IP and Ubuntu LAMP server at my office, and configured access to the API Gateway, simply for testing.
PHP is my language of choice.
Looks like the topics are multiplying :)
With that setup, you have what I like to think of as an open area and a guarded area. The open area is the front facing public site that is not behind https... Then the guarded are on the https domain. The issue that brings up is sharing data. The simple solution is to just keep things separated. For example, users would log in with in the purchase path (https) but if they go back to the front site (http) that site doesn't display any user information.
As for building a toolkit and the Tessitura Session Key... here is a sample piece of code to keep the key in the server session and let the server handle associating the user with a session. Below, I created a WebSession class that abstracts access to the php session object. Then in the sample page I get and set that property.
You could also use something like the Zend framework for this instead of writing your own.
Here is a sample
Sample Page
<?php
include 'Sessions.WebSession.php';
$SessionMgr = new Sessions\WebSession;
$SessionMgr->SetSessionKey('My Key');
print 'The Session Key Is: ' . $SessionMgr->GetSessionKey(); ?>
Sessions.WebSession.php
<?phpnamespace Sessions;
class WebSession { function __construct() { session_start(); } private $TessituraKey = 'TessituraKey'; function GetSessionKey(){ if(isset($_SESSION[$TessituraKey])) return $_SESSION[$TessituraKey]; return ''; } function SetSessionKey($value) { $_SESSION[$TessituraKey] = $value; }}?>