- This topic has 11 replies, 2 voices, and was last updated 7 years, 7 months ago by
.
-
Posts
-
I actually followed the steps in your document as follows:
1: created a user account at WP, assigned as Contributor
2: go to my phone, open safari, login WP
3: Use QR Reader to scan the barcode on a ticket
4: It goes to the event page5: I upgraded the user to Editor, logon again at safari on my phone
6: Scan again, same thing, not check in
7: I logout the user, logon as Administrator
8: Scan again, not check in, go to event page again9: I use google QR extension to read the QR code, I saw it first showed up a URL string with event id and ticket id, then jumped to event page. I use video recording to capture the URL and make a screen shot while replaying. It does include something like: /?event_qr_code=1&ticket_id=4887&event_id=4878
My question is: the qr code seems not embed the security code on the ticket or some sort of validation string, how you complete check in by only event id and ticket id?
Is there a problem with the QR code? that it shall include/embed more information?
Hi Kun Lu!
Thanks for reaching out to us. Let me help you with that issue.
The QR code will only have the ticket ID and Event ID. It does not need the security code because it will only allow a logged in user with proper permissions to check-in an attendee.
I’m not sure how the Google QR extension works, but many QR code scanner should work to check-in the attendees. You only need to make sure you are logged. Could you please try using a different QR code scanner to see if it works for you?
Also, when coming back, please share with us your system information by following this guide > https://theeventscalendar.com/knowledgebase/sharing-sys-info/
As a reference, we have a great article about using QR codes here > https://theeventscalendar.com/knowledgebase/using-qr-codes-event-tickets-plus/
Let us know how that goes.
Thanks,
Victor1:
The way you validate only event id and ticket id is a design flaw. You need to fix it next release because it is impossible for us to check whether a ticket is fake or not manually. We can check in 10 thousands guests a night.When I see your QR code only embed event id and ticket id, I absolutely know you have no way to check the fake tickets without additional validation code. You shall embed the security code with the QR code and pass it along with the URL for the system to validate the security code passed through URL is the same to the one stored in the system. That is one way you can validate fake ticket.
I need to post this to the forum so other know you have no way to automatically identify fake tickets at the current release.
2:
BTW, the check it still not working. You have not identify why the check in goes to the ticket/event page yet.Please check my first post. I followed all the instructions and it didn’t work. The QR reader is able to read the URL and redirect to the browser. I already logon the browser so the URL is passed with authentication already.
It still did not work.
I give you a very simple scenario
1: Some one make a fake ticket, very easily, he can make up the URL with event id and ticket id and make a QR code and print it on the ticket.
2: He shows up with the ticket. The ticket is scanned, pass, he is in.
3: A few hours later, the guest with the authentic ticket comes, the ticket is scanned, it fails. Now you are warned and you check his ID. His ID is fine. You just let the person with fake ticket in but the person with the REAL ticket is stopped.
You definitely have to let the real guest in. I am not arguing with this.
4. The problem is – you can not know the person with the fake ticket at the first place. You have not received any warning! The check in processes with only event id and ticket id is a flaw design. You shall embed additional information for validation.
5. What happen if I have a recurring event last for more than a month, with thousands of attendant expected. A general admission ticket allows guest come on any day between the opening and the closing day. If the public knows this flaw, what happen if hundreds or thousands of fake tickets be made?
Hi Kun Lu!
Thanks for following up with this!
I can totally see the point regarding the fake tickets. I will reach out to the team to have a closer look at this and will come back as soon as I have a more solid answer.
Regarding the check-in redirecting to the event page issue, do you see the attendee has been registered after the redirect? You can see this in the attendees page for the event.
If it does check-in the attendee, then this could be a theme or plugin conflict, so to narrow the problem down you should go through the testing for conflicts guide and see what you find in that process > https://theeventscalendar.com/knowledgebase/testing-for-conflicts/
On the other hand, if it doesn’t check in the attendee, this could be a problem with QR code scanner somehow, so it could be worth trying with some other QR code scanner to see if any difference.
Please, let us know how that goes.
Thanks,
VictorHi Kun Lu,
Thanks for your patience so far.
I have created a report to add the security code into the ticket QR code and include it in the check-in process. I have attached this thread to the report so we’ll notify you when it is released in one of our next maintenance releases.
Regarding the check-in going to the event page, we think this could potentially be a conflict with the Simple Calendar plugin your are using for your events.
Could you please try installing The Events Calendar plugin then create an event with it, also adding a ticket to the event? With that event, are you able to check-in the attendees scanning their QR code?
Let us know how it goes and if you have other questions.
Thanks,
VictorHi Kun Lu!
I appreciate you following up with this and for the tips you sent. I will make sure to pass them along to the report so the dev team can take it into account.
As for the feature ideas you shared, I think they can be something many other users might also be interested in having. I’d suggest you take a look at our User Voice here > https://tribe.uservoice.com/forums/195723-feature-ideas and post them there so other users can vote for it. This way it can get its way into one of our future feature releases of our plugins.
Regarding the check-in redirecting to the event, I understand it did check-in the attendee. Were you able to identify the problem by testing for conflicts? Have you tried using The Events Calendar to check-in for an event? Let me know about it and if you have other questions about it.
Thanks,
VictorHi Kun Lu!
Just wanted to share with you that a new release of our plugins is out, where we now include the security code into the ticket’s QR code.
Find out more about this release → https://theeventscalendar.com/maintenance-release-for-the-week-of-9-september-2018/
By default, the QR code check-in process will not check for the security code. This is to allow previously created tickets to still be functional. However, if you wish to turn on the security code verification, you can use the following snippet:
add_filter('tribe_tickets_plus_qr_check_security_code', 'tribe_check_security_code' ); function tribe_check_security_code() { return true; }We apologize for the delay and appreciate your feedback and patience while we worked on this.
As always, we suggest to setup a dev/staging site so you can make all plugin updates without disrupting the live site.
Please update the plugins and let us know if the fix works for your site.
Best,
VictorHey there! This thread has been pretty quiet for the last three weeks, so we’re going to go ahead and close it to avoid confusion with other topics. If you’re still looking for help with this, please do open a new thread, reference this one and we’d be more than happy to continue the conversation over there.
Thanks so much!
The Events Calendar Support Team
- The topic ‘QR Code not check in – no security information embedded in the code’ is closed to new replies.