|
Caitlyn Fagan
|
August 28, 2015 at 5:02 pm
Hi,
I am using the User Integration Add-on to allow for someone who is logged in as admin to be able to purchase tickets that the general public cannot. It may be kind of a specific use case (but one that I had discussed in a previous topic and was recommended to me), so I thought I would explain further. I have a client that I built a site for. The client’s business is a night club, but they have moveable seats, and the number of seats depend on whether someone who needs wheelchair ramps has purchased a ticket. So, I set it up where they create two tickets for each show. One is for the general public, and the other is only for those who are logged in to the backend of the site. They set the number of tickets sold to a smaller amount than what is sold out, and when that number gets sold, then instead of the warning being “sold out”, in instead says “almost sold out, please call the box office”. This works perfectly for our needs. The thing that is alarming me is that when a user who is logged in makes a purchase for someone who has called in, under the special admin ticket, then their WordPress user name get changed to the person’s name that they just purchased the ticket for. This just seems to cause some security concerns, because a registrants information is affecting a WordPress admins information.I know there are ways to spoof a user being logged in. And if they have access to the form fields that change Admin’s user names and things like that, if they’re not validated and stuff properly that could cause some pretty big issues. I was hoping you could address my concerns, and speak to whether this was the intention of the add-on – to change an existing WordPress admins information. Thank you so much!
|
|
Garth
|
August 28, 2015 at 10:58 pm
Hi Caitlyn,
How are you today?
This is a known issue caused primarily by admins purchasing tickets from the front-end while logged-in instead of processing tickets from the admin. We do have some changes in development that are ready for testing and we hope to have it released before too long.
However, for now, I would recommend doing this in either of two ways, whichever works better for you.
1) Use a different browser or the same browser in privacy mode so that when you process orders on the front-end, you are not logged-in as the administrator.
2) Process the transactions by adding a new attendee from the Event Espresso admin. You can add contact information, fill out the registration form, but then you will have to process the payments either directly through your gateway or via a offline method (e.g. cash).
I’ll try to update you with more information as the development progresses.
|
|
Caitlyn Fagan
|
August 31, 2015 at 8:48 am
Currently the way that we need this to work is such that an admin has to be logged in to see the button that allows the admin to be able to purchase a ticket for a customer.
Also, it seems like from your reply that you are probably already aware, but this process is making it so that any ticket that is purchased by an admin (while logged in), all of these tickets information (name, email etc) is being changed to the most recent submission. This is making it so that it is not even usable.
How would you suggest that an admin getting to an area to make these kinds of purchases without being logged in?
|
|
Caitlyn Fagan
|
August 31, 2015 at 11:01 am
Will the changes that are ready for testing to this add-on resolve the issue that I am having (Where any ticket that is purchased by an admin (while logged in) effects all of the tickets that have been purchased by that admin, where it changes the information (name, email etc) to the most recent submission.)?
|
|
Caitlyn Fagan
|
September 1, 2015 at 9:38 am
Sorry to keep asking, but I was hoping to get an answer to my questions above. The clients site is live, and this has messed up their inventory system, so if I could provide them with these answers it would be really helpful. Thank you!
|
|
Garth
|
September 1, 2015 at 9:50 am
Hi Caitlyn,
I guess I still don’t understand why the admins have to purchase tickets for a customer from the front-end of your own website. Why don’t you add new registrations manually from the Event Espresso admin so that this confusion doesn’t happen?
If you view the registrations for an event, there will be a “Add New Registration” button at the top of the page where you can add attendees manually.
You will have to process payments outside your admin (manually through your gateway), but this will avoid the information changing.
-
This reply was modified 8 years, 8 months ago by
 Garth. Reason: updated image url
|
|
Caitlyn Fagan
|
September 1, 2015 at 12:13 pm
Hi Garth,
I could not see the image that you attached, but I assume that this feature came out on an update from the version we have on the site (4.6.23). I don’t see an “Add New Registration” button at the top of the registrations page.
There are a few reasons why we want the admin tickets to be able to be purchased through the site, and not just manually through auth.net. The first being that it is important to my client to have all of the information within the same system, including transaction information. The second being that if they did this manually then the customers of my client would not receive the confirmation emails sent through event espresso on completion of purchase. And lastly, this would not make it an easier process for my client who has a customer on the phone, which is part of the reason why I had recommended event espresso to them – because it appeared that you would have this functionality available.
I don’t understand how this user integration add-on that allows only certain tickets to be visible for purchase if you are signed in, is supposed to work, if when you are signed in and purchase a ticket that it impacts all of the registration information for any other ticket that was purchased while signed in. Does this make sense? This event espresso issue seems to make this add-on not really useable. Can you explain this to me, I must not be understanding something.
Can you please tell me if the development updates that are ready for testing will resolve this issue?
|
|
Garth
|
September 1, 2015 at 1:43 pm
The first being that it is important to my client to have all of the information within the same system, including transaction information.
If add registrations manually through the admin, the data is still in Event Espresso. Only the payment step is completed outside Event Espresso and you can update the registration transaction manually anyway.
The second being that if they did this manually then the customers of my client would not receive the confirmation emails sent through event espresso on completion of purchase.
When you register attendees manually, you still have the option of sending the related messages just as if they had registered from the front-end (see the yellow section here):
And lastly, this would not make it an easier process for my client who has a customer on the phone, which is part of the reason why I had recommended event espresso to them – because it appeared that you would have this functionality available.
The only difference between the two steps is logging into your gateway to process the payment transaction manually. The same emails can be sent/configured, the same questions can be answered, etc.
I don’t understand how this user integration add-on that allows only certain tickets to be visible for purchase if you are signed in, is supposed to work, if when you are signed in and purchase a ticket that it impacts all of the registration information for any other ticket that was purchased while signed in. Does this make sense? This event espresso issue seems to make this add-on not really useable. Can you explain this to me, I must not be understanding something.
That’s what I’ve been trying to describe. The WP User Integration is designed for that user group, the USER, not the admin. We provide a proper avenue through the admin (as shown above) for your admins to register attendees manually.
Re development updates –
Do you know what GitHub is or how to use it? We’re working on a significant change that should help most people in this situation. See the core branch FET-7999-purchasing-agent:https://github.com/eventespresso/event-espresso-core/tree/FET-7999-purchasing-agent. This development offers a “Purchasing Agent” option so that the purchaser does not have to be an attendee. You could test this on a development server (not a liver server) to see if it helps.
|
|
Caitlyn Fagan
|
September 1, 2015 at 5:03 pm
Thank you.
I am familiar with git, and I’ve pulled down your version and set it up on my local machine. Is there something that I need to do to make the purchasing agent option work? Does the user need to be set as something different than administrator? Thanks so much for your help!
|
|
Garth
|
September 2, 2015 at 2:50 pm
Hi Caitlyn,
I guess I spoke too early, we still have some work to be done on this branch in order for the WP User Integration add-on to look for these changes.
Have you tried adding attendees manually from the admin? Select the Registrations for an event, then see the “Add New Registration” at the top.
|
|
Caitlyn Fagan
|
September 2, 2015 at 3:03 pm
Hi Garth,
Trying to figure out how the new purchasing agent will work, can you explain a little further about how to set it up? Just wanting to test it to see if it will fix our issues.
Also, I looked into the adding registration option that you mentioned above, and then manually purchasing through auth.net. We have a lot of repeating events, and tickets associated to specific dates. Under the add a new registration the filtering of dates does not work, and all of the tickets for every date is listed. This makes this option really not usable because there will be like 15 tickets that are named the same and have the same price (again for different dates) and it is not clear on this screen which ticket goes with which date. Do you have another alternative for us?
|
|
Caitlyn Fagan
|
September 2, 2015 at 3:19 pm
Also, I wanted to mention that we are not having the system send registration messages, and only payment related messages — because the client thinks that receiving so many emails for one purchase was not user friendly. (Not only are they getting the messages from event espresso, but also one from auth.net, so three messages did seem like too much, and was confusing for people). Therefore, doing it this way would only send the registration message, and since those are not activated it actually will send no message form event espresso.
|
|
Garth
|
September 4, 2015 at 8:31 am
Can you describe how the filtering does not work?
It sounds like you are using the same event, but with multiple datetimes and tickets, is that right? Is there a way we can change the display of those 15 tickets so you know which event is associated with datetime?
But when you’re selecting tickets, you should be able to expand the ticket and see which ticket is associated with a certain datetime.
|
|
Caitlyn Fagan
|
September 9, 2015 at 2:45 pm
Hi Garth,
I am definitely not seeing what you attached. Here is a screen shot of what I am seeing.
https://www.dropbox.com/s/f7rosqgkxjv6gcu/Screen%20Shot%202015-09-09%20at%202.26.11%20PM.png?dl=0
the filtering of the dates (drop down under the address) is not working. As you can see all of the tickets for this event is listed – it extends beyond what you can see here too.
Also, can you please give me some more guidance of how to set up the “Purchasing agent” option. I have the newer version of EE4 set up on my local machine and I am wanting to test that this will solve the issue that we are having. Does the user need to be set up as something other than admin or something?
thanks!
|
|
Dean
|
September 10, 2015 at 4:39 am
Hi Caitlyn,
Regarding the view of the page, do you have JavaScript turned on? Also it looks like there’s possibly a CSS clash going on, as it really shouldn’t look like that. Can you try disabling all other addons except EE and see if the view changes?
|
|
Caitlyn Fagan
|
September 10, 2015 at 11:03 am
Javascript is definitely turned on. I have two additional things besides EE – Event Espresso Calendar, and WP Users. I deactivated both of these, and nothing changed.
In addition to problem solving this, can you please respond to this (this is now my 4th time asking): Also, can you please give me some more guidance on how to set up the “Purchasing agent” option. I have the newer version of EE4 set up on my local machine and I am wanting to test that this will solve the issue that we are having. Does the user need to be set up as something other than admin or something?
thank you for your help
|
|
Lorenzo Orlando Caum
|
September 10, 2015 at 11:24 am
Hi Caitlyn, we made a mistake on the prior response. The purchasing agent work is still in progress. The initial work is available on GitHub but it isn’t a complete solution so it won’t work as-is for your needs.
—
Lorenzo
|
|
Caitlyn Fagan
|
September 10, 2015 at 12:40 pm
What does this mean? That it is just not ready for testing, so still in development? Will this be a solution in the future to “the known issue caused primarily by admins purchasing tickets from the front-end while logged-in”?
|
|
Lorenzo Orlando Caum
|
September 10, 2015 at 12:49 pm
Hi Caitlyn, this is still in development and its not ready for testing. Unfortunately, I do not have an estimate on when this will be released at this time.
—
Lorenzo
|
|
Caitlyn Fagan
|
September 10, 2015 at 1:02 pm
Thank you for letting me know.
So, then I really do need to find a solve for the filtering issue that we are having with the manual “Add Registration”. Is there more information that you need from me so that we can hopefully get this working?
|
|
Josh
|
September 11, 2015 at 8:53 am
Hi Caitlyn
You can add registrations while logged in as the admin, from the WordPress > Event Espresso > Events screen by following these steps:
1) Start on the WordPress > Event Espresso > Events screen.
2) Find the event you would like to add a registration to.
3) Hover over the name of the event, and click on the word “Registrations”
4) This will take you to a Registrations page where you click on the “Add New Registration”
Then you’ll be able to add a new registration, and the admin’s account details will be intact.
|
|
Caitlyn Fagan
|
September 11, 2015 at 3:56 pm
Hi Josh,
I don’t think you read the problem I’ve been having, so here it is again.
I looked into the adding registration option that you mentioned above, and then manually purchasing through auth.net. We have a lot of repeating events, and tickets associated to specific dates. Under the add a new registration the filtering of dates does not work, and all of the tickets for every date is listed. This makes this option really not usable because there will be like 15 tickets that are named the same and have the same price (again for different dates) and it is not clear on this screen which ticket goes with which date.
http://www.dropbox.com/s/f7rosqgkxjv6gcu/Screen%20Shot%202015-09-09%20at%202.26.11%20PM.png?dl=0
the filtering of the dates (drop down under the address) is not working. As you can see all of the tickets for this event is listed – it extends beyond what you can see here too.
|
|
Josh
|
September 14, 2015 at 8:24 am
Hi Caitlyn,
Did a third-party developer or a developer on your team add the date selector above the ticket selection that appears in your screenshot? The reason I ask is because Event Espresso 4 doesn’t add a date selector there. That’s the first thing I can recommend checking on.
|
