The project have two parts: 1. The Pin Code Generator and 2. Access Controll Script PHP and ASCII "database" Part 1. The script generates given number of random codes (for example 23125) that are saved on the ascii file and separated by enter. Part 2. When user enters on a PROTECTED page, the script checks if the code that user enters (through PIN CODE ENTRY LOGIN FORM) is on the database (ascii file). If the code is found (valid) the user gets access to the PROTECTED page and the script removes that code from the database. Script establishes a session that determines how long the user can access the PROTECTED page. The session "code" can be valid XX minutes from the first use or the session "code" can be valid until the browser window is closed. If the code is not found (invalid) the user gets ERROR message that is defined on the Access Control Script source code. ::: PIN CODE GENERATOR Generate [ 500 ] pcs codes ( i.e. how many different codes will be generated ) Separate codes by [ ENTER ] ( how codes are separated, either by ENTER or comma ) How many numbers per code [ 5 ] ( i.e. each code inlcudes 5 numbers ) Save as [ [url removed, login to view] ] GENERATE CODE LIST SAMPLE OUTPUT 12345 99787 23237 ::: PIN CODE ENTRY LOGIN FORM / ACCESS CONTROL SCRIPT On protected pages can be placed someting like php include "protect .php"... when that page calls Access Controll Script. Access Control Script checks if the user have already a VALID SESSION "code" for that protected page. If the session still is VALID user gets access to the protected page. If the session is INVALID / EXPIRED the script prints on the screen ERROR MESSAGE FOR EXPIRED SESSION and a login form such as below. If there is no session at all it prints only the login form: Please enter your PIN code [ 12345 ] SUBMIT When user press "Submit" the Access Controll Script checks if the code entered is on the database ( ascii file that is generated ). >If code is valid, user will get access for the protected web page AND the code will be removed from the database >If code is invalid, user will get ERROR message that is determined on the source code These can be determined on the source code: -Session "Code" is valid XX minutes from the first use OR -Session "Code" is valid until the browser window is closed -Error message for EXPIRED SESSION -Error message for INVALID CODE -Where code database is located etc. essentials The project can be done also some other way as long as it does what is described here. The idea is to generate PIN CODES on ASCII file that and have access control on some web pages that checks if the user have the right code or not. AFTER THE PRIMARY PROJECT IS DONE THERE IS A SECONDARY PROJECT Modification for OS COMMERCE checkout process: 1. If user is not logged in, when pressing CHECK OUT button, OS COMMERCE gives on the login screen option to SKIP & CONTINUE directly to check out without registration ( actually there is already MOD available for this... ) 2. However if user selects to register, only information that is asked is USERNAME, PASSOWRD and EMAIL ADDRESS. 3. At the check out i.e. when user press CHECK OUT or have entered registartion details after pressing check out, OS COMMERCE jumps directly to "CONFIRM" screen ( step 3. ). Payment MOD for OS COMMERCE The script starts when user press "CONFIRM ORDER" button on the shopping cart screen (step 3.). Script checks the total price of the order from the shopping cart "TOTAL". Script divides the total price by X and gets number of required access "PIN" codes. For example if the total price is 15. Script divides 15 by 5 and gets 3, which is the number of required codes. Script prints on the screen "You need X pcs of access codes" and "To get 1. access code call to 0700 and ENTER the access code [ 12345 ] SUBMIT " >If the code is valid AND no more access codes are required, the script prints: "CODE ACCPETED" and the user will get access to the "THANK YOU PAGE BY OSCOMMERCE" ( old step 4. ) and the code will be removed from the database >If the code is valid AND there IS X MORE access codes required, the script prints: "CODE ACCPETED" and the code will be removed from the database and the scrip prints: "X MORE ACCESS CODES ARE REQUIRED" and prints again submit form. "To get 2. access code call to 0700 and ENTER the access code [ 12345 ] SUBMIT" >If the code is invalid, the script prints: "ERROR MESSAGE INVALID CODE..." and prints again the submit form. "To get X. access code call to 0700 and ENTER the access code [ 12345 ] SUBMIT" This might include also some minor modifications not mentioned here, but that are essential to get this workig on OS COMMERCE.