PDA

View Full Version : Web API or Webrevations samples



bretticus
11-05-2009, 08:59 PM
Hi guys,

I am a Web developer for a small company. We have a client who wants to use your campground software. Because they use a custom reservation system that we developed for them, their only option for getting online reservations into CM is via the email method. The only issue is that they want to get the credit card numbers from the reservations form. Obviously this is not a secure method for transporting credit card numbers around the Internet. I believe someone at CMS suggested L2TP or POP3S but neither is a basic service that we provide and a tough sell to the IT folks. What I am really interested in is emulating the posting and response of Webrevations. I noticed that your configuration let's you change the host, the posting URL, and the response URL. Would it be possible to post a sample of the data that is sent to and from Webrevations?

Thanks,

Brett Millett

sspielbusch
11-06-2009, 06:59 AM
I'm afraid the Webervations interface is proprietary, so we can't release any of the data format information. You would have to find out from Webervations if they will release the information.

Also note that the new version (being released today) will not support the Webervations interface unless a prior customer is already using it. So the only options would be to use the existing E-mail method or to use Reservation Friend for secure online reservations with real-time uploading of availability information.

bretticus
11-06-2009, 07:51 AM
Okay,

I wouldn't have thought of the actual data sent and received as proprietary but I understand why you wouldn't want to cross that line to test my point of view. :D

How about a feature request then? How about the ability to attach to Web Services and an accompanying API? I suppose the usual model is the other way around. But how great would it have been to build a Web Service on my end that can accept and issue the appropriate responses to your CM application?

sspielbusch
11-06-2009, 08:19 AM
That would be nice, but we can't add a special web services or API interface at this time, both because it's too much development for too little interest, and because of our exclusivity arrangement with Reservation Friend.

bretticus
11-06-2009, 08:30 AM
That would be nice, but we can't add a special web services or API interface at this time, both because it's too much development for too little interest, and because of our exclusivity arrangement with Reservation Friend.

I was being slightly facetious with my request. I understand that you can't just drop a new feature in at the drop of a hat. :) The exclusivity arrangement caught me off guard though. It shouldn't. I suppose that happens all the time when companies want API access to a closed system.

Thanks for your responses.

Best wishes,

Brett Millett

bretticus
11-06-2009, 08:36 AM
Actually, it just dawned on me that even POP3S wouldn't work because the email transactions are done from within the CM application. Last time I looked there were no options for SSL. Can you recommend something other than L2TP?

sspielbusch
11-06-2009, 12:59 PM
We may be adding SSL POP eventually, but as you say it's not there yet. I'm not sure quite how you would use L2TP for this.

One idea would be to keep the card info on a secure server, accessible through a special URL (with login, etc., for security). They would need to retrieve it manually, but you could include that URL as a parameter in the E-mail, e.g. with an ID numebr embedded in it, so they could copy/paste it from Campground Master into the browser to bring up the credit card info, then copy/paste that back into Campground Master.

bretticus
11-06-2009, 03:42 PM
Thanks for the suggestion. I thought the L2TP idea came form you guys. I guess not.

The idea was to set up a secure tunnel with the mail/web server (or another server on the same LAN.) This requires SSHD running on the target server. Using plink or something else, we could set up the pop3 port on the local machine they use for CM and forward that traffic through the tunnel to the target server. That server, in turn, forwards the request to the mail server. CM is configured to download mail from the local machine and it's all transparent (but secure.)

Thanks for the cc id, that would be the esiest for them. We might just go that route. In fact the client wants to your your software bad enough that they are willing to download the cc numbers separately.