Tim Groeneveld

Random musings from the world of an Open Source geek

MyBanco 0.09 released!

/ | 4 Comments on MyBanco 0.09 released!

MyBanco 0.09 has been released. This release has a few new (minor) features in it, and a few minor bug fixes as well. The installer now ‘phones home’ to tell how many installations have been done. This is a new feature that I am working on where you can automatically be subscribed to new releases that occur, however, this is not fully complete.

[   ] mybanco-0.09.tar.bz2 21-Apr-2009 11:32 256 KB Unix/Linux .tar.bz2
[   ] mybanco-0.09.tar.bz2.md5 21-Apr-2009 11:34 55 bytes md5 checksum
[   ] mybanco-0.09.zip 21-Apr-2009 11:32 304 KB Windows .zip
[   ] mybanco-0.09.zip.md5 21-Apr-2009 11:34 51 bytes md5 checksum

Also, by popular demand I have started to write documentation for all the code. It is not fully complete (there really are only five files that contain this documentation). It is however a start.

You can download the documentation for version 0.09 here, or you can read it online at https://timg.ws/downloads/mybanco/docs/read/.

A new minor version will be out in a few days which will expand the documentation built into MyBanco, and provide a ‘Makefile’ for building documentation. Also, this new feature will expand on the new features brought in by the ‘phonehome’ function, such as update notifcations.

Please note that all data saved with the phone home feature is anonymous, and in the future it will be used to track the ten most commonly used functions on the MyInfo server, the number of users on the system and a list of the enabled features.

Also, there is now a bug tracker at http://mybanco.org/bugs/, so please report your bugs if you see them!

Adding SWIFT to MyBanco

| Leave a Comment

I have had a few emails regarding whether it would be possible to add Interbank communication support into MyBanco such as SWIFT, and I would just like to say here, YES! It is possible, and it is very easy to do.

If you are looking to write a new plugin to do SWIFT transactions (or any other type of external transactions) would be to do the following:

  1. Add a new $method to backend/Plugins/transfer.php
                    'swift' => Array (
                             'title' => 'International bank transfer via SWIFT',
                             'description' => 'Transfer to another {bank} account',
                             'icon' => 'swift'
                     )
  2. If necessary, change __transfer_listValidTransferMethods to make only particular users/bank account types to be able to transfer money via swift (it’s near the bottom of the function)
  3. Implement the following functions:
    • function _t_swift_required – This function returns a list of extra information that is required for the transaction to take place. (ie, extra fields that the user must enter, the account # and $amount is not necessary, as these are sent by default)
    • function _t_swift_check_data – Ensure that the data that has been imputed from the user is correct, for example, this would mean checking the LEK of a credit card transaction…
    • function _t_swift_preview – Send the data for preview. Nothing exciting here really
    • function _t_swift_transfer – This is where the fun stuff actually happens. This is where money would be removed from the account, the message put into the cron queue (if desired) or a real time message sent to SWIFTNet for the transaction to occur.

I would recommend that the way it be done would be to move the money wanting to be transferred into a temp. settlement account, and then add the item to a queue which would run on (another?) machine every 2-5 minutes. I really want to add an open source implementation of the SWIFT messaging system to MyBanco, however, like I said earlier, I no longer have access to any of the information or to any of the SWIFT servers to make this possible. If you have access to this sort of information, I would be happy to continue my development.

Hope this helps people out. By the way, if anyone has access to development documentation for SWIFTNet, I would really love to be able to access it, so just drop me a comment on this blog post.

Thanks,
– Tim

MyBanco: FAQ

/ | 1 Comment on MyBanco: FAQ

Every time I go to my Inbox every morning; I seem to have three or four questions waiting for me regarding MyBanco. Starting from the most asked question, and going down to questions I seem to get less often, I thought I might answer a few of those questions so that I will never have to type out the same repetitive answer again.

How can i download MyBanco 2009.1?
MyBanco 2009.1 is not yet released, I know that the site is a bit out of date, and that the release is way over due, all I can say is hold your horses and go download the latest release, which you will see on the very same download page that talks about MyBanco 2009.1, http://mybanco.org/download.html

Is this for real? Is MyBanco really meant in production environment of real banks?
Well, yes. This is the aim of the game. The application is not yet fully feature rich, so don’t expect Citi Bank to start using it just yet, but with enough programmers hands, it will become an application that can be used in production environments, not just for small community banks but also larger national banks.

I can’t install MyBanko. I do not use XAMPP. I use real web server. I can’t found where to write the MySQL server address on page 3 ?!?
Firstly, do your research. XAMPP is just a nice and easy way to get a webserver with Apache, PHP and MySQL installed on Windows without little work at all. It is a real server, just as much as a LAMP server is. I don’t know what you mean about MySQL, all you need to do is create a database with acceptable permissions (say with phpMyAdmin — which XAMPP also comes with…) and enter those login details into the installation script for MyBanco. The install application for MyBanco will come up when you go to the domain for MyBanco for the first time.

Is it possible to install with the following url: http://localhost/mybanco? Because, with the original installation method I have to sacrifice other websites.
No, it is not possible. The internet banking module is built to run off it’s own domain/subdomain. The easiest way to do it is to just create a virtual hosts configuration in Apache, where you have something like http://mybanco.localhost 🙂 The reason this is here is to make MyBanco comply with PCI DSS (https://www.pcisecuritystandards.org/), which are rules created by the major credit card issuers on the subject of how machines must handle credit card information. https://www.pcisecuritystandards.org/security_standards/pci_dss_download.html

PCI DSS Requirement 2.2.1 specifies ‘Implement only one primary function per server.’, which basically means that the internet banking interface must be on a separate server then say the backend server or the MySQL server. Of course, for testing it is OK for this to not be the case, but for the reason that there are rules to worry about, making it run the way you want in a testing environment has not really been a big concern.

PCI DSS Requirement 6.3.2 requires that test/production environments must be seperate, and it is recommended to have the same config. between both environments, yet another reason not to implement what you are saying.

MyBanco throws some errors even at installation. Step 4, i.e. stop after sql writing and gave no clue for me. And, also some undefined variables message after that.
If you encounter errors, please copy and paste them so I can fix them.

I manage a banking program at a community college. We are setting up a model branch for students to practice retail banking operations in a simulated environment and would like to use your retail banking solution. Does an extensive amount of programming need to be done before we can use the software. We only need the basics -nothing fancy. How exactly do I download it and get it to run? What hardware/operating system/database platform etc. do we need to run it? We will have about 5 – 25 work stations running it.
At the moment, MyBanco does not perform any lending functions, this is it’s only downfall. To get it running is very easy, if you look around the MyBanco website at this link http://www.mybanco.org/about-us.html you will see that there is a link to this blog post: https://timg.ws/2009/01/26/installing-mybanco-with-xampp-on-windows/ It describes all that needs to be done to install MyBanco on a Windows system.

You can download MyBanco from here: https://timg.ws/downloads/mybanco/ No fancy hardware is required, a basic Core2Duo machine, which costs less then $2,000 will be able to handle not 25 work stations, but 250!

MyBanco is very fast. No programming will need to be done, unless you want to offer loan support.

All I do at work is…

/ | 2 Comments on All I do at work is…

It’s amazing what I do in a week at work.


Milko’s Everywhere


Even more Milko’s


They are in the bin as well


Lot’s of screen with lots of text, too.

What is software?

/ | 2 Comments on What is software?

Software is really a very different type of “product” – the only I know that is released not completely finished neither fail-proof.

So, I just installed MyBanco

/ | 6 Comments on So, I just installed MyBanco

Right, so you have a new installation of MyBanco, what should you do now? Well, here are a few ideas just to get the ball rolling:

  • Create a new skin of MyBanco. Skins are very easy to make, you do it by just copying an existing skin to a new directory (skins are in C:\xampp\htdocs\Skins). For example, to make a skin called ‘wicked’, here are the steps.
    1. Copy the folder ‘Simple’ and paste it in the same directory.
    2. Rename ‘Copy of Simple’ to ‘wicked’
    3. Enter the folder ‘wicked’ and rename ‘Simple.php’ to ‘wicked.php’
    4. Goto ‘C:\xampp\htdocs’ and edit ‘config.php’.
    5. Change the line starting with “$CONFIG[‘skin’]” changing it to this:
      $CONFIG['skin'] = 'wicked';
    6. Start editing the new skin, making it look how you want 🙂
  • Install xbank. Do this by going to the admin, and specifying ‘Enable xbank’ in the config. If you have made the config file read only (not a bad idea!) you will have to edit config.php manually.
    When XBank is enabled, a new config item will appear, where you can add banks that allow communication with. To do this, you will have to know what the partner bank’s XBank I.D. is, and create a new Communication Key with them. You must share then with the manager of the partner bank’s system your communication key, and they will give you their communication key. If both keys are not traded, communication between the banks will be impossible, as the communication key builds up the security between the two banks.
  • Enable Currency XChange. (CXC).
    CXC is a system that allows different currencies to be traded in a fair way. The way that CXC works is that a new currency is created by a ‘Host Bank’. This host bank then specifies the four character CXID, or ‘Currency Xchange ID’, which other banks will use to specify the currency.

     

    For example, the “Test Bank of Testland” floats their new curreny, who’s CXID is “TEST”. “Test Bank of Testland” tells the CXC server that they are willing to put t10,000 into a CXC account. This new currency can now be floated at a rate specified by the “Test Bank of Testland” against *ONE* other currency already in the CXC.

    When another bank, for example the “First bank of Demonasia” has a customer that wants to put t2,000 into the account, the money will then be traded with the specified amount.

    This requires both banks to have communication set up not only between the CXC, but also with each other.

    The First Bank of Demonasia can then tell the Test bank of Testland that it has 2,000 to put into the foreign bank, and the money will appear in the account.

    Unlike other systems availible at the moment, this system does not magically ‘create’ currency, rather, it is only traded, so always the exact amount that was put in the system is actually there.

    Really cool things can then be done, for example, the Test bank of Testland can remove all the money that it has from circulation (which are not held in other banks)

  • Offer Phone Banking
    If you have an install of Asterisk laying around, you can actually create online banking for customers of your bank. For example, with voip.ms, a new number in America only costs around $3 a month, and you can accept two incoming calls at a time (and pay nothing to accept those calls). All you need to do to make this work well is have a good TTS (text To Speech engine installed, like Cepstral) and a Linux install of Asterisk, which is allowed to access the MyInfo location (the backend of MyBanco).
  • Allow SMS Banking
    If you have credits with Clickatell, you can actually do SMS banking. This costs a bit of money to actually set up, but getting it working once you pay the $30 a month is very simple. Customers can then see from anywhere how much money is available in their account.

Well, that should at least get the ball rolling. Read more »

Installing MyBanco with XAMPP on Windows

/ | 13 Comments on Installing MyBanco with XAMPP on Windows
  1. Download xampp-win32-1.7.0.exe from the Apache Friends website
  2. Run xampp-win32-1.7.0.exe, and set the ‘Extract Path’ to C:\
    ( It’s OK, all the files will go inside a directory called ‘xampp’ )
  3. When the extracting has finished, go into C:\xampp\, and rename htdocs to htdocs.old
  4. Create a new directory called ‘htdocs’
  5. Copy all of the extracted files from ‘mybanco-x.yy’ into C:\xampp\htdocs
  6. In ‘C:\xampp’, run the file ‘xampp-control.exe’.
  7. On the window that comes up, ensure that the ‘Apache’ (web server) and ‘MySQL’ (database) ‘Svc’ checkboxes are ticked.
  8. Open C:\xampp\apache\bin\php.ini with your favorite text editor
  9. Make sure the “;” character is removed from the following lines:
    • ;extension=php_curl.dll
    • ;extension=php_bz2.dll
    • ;extension=eaccelerator.dll
      This is only needed if the performance of MyBanco is not as desired. This can boost
      the speed of the application by almost three times. It is a real speed boost.
  10. Ensure that all the “magic_” lines are set to off (for example, magic_gpg….)
  11. Save the file and click Start on both of the above mentioned boxes (Apache and MySQL).
  12. If Apache fails to start, try commenting out all of the eAccelerator lines again with “;”‘s, I say this because the xampp version I had came with a eAccelerator version not for the build of PHP included with xampp.
  13. Now that xampp has started Apache and MySQL, goto http://127.0.0.1/phpmyadmin and click on the ‘Privilleges’ tab on the right top hand side of phpMyAdmin
  14. Click on ‘Add a new User’ and enter the following information:
    • Username: myinfo
    • Host: (choose Local’ from the drop down box)
    • Password: myinfo123
  15. On the ‘Database for user’ group, press ‘Create database with same name and grant all privileges’
  16. Now goto ‘http://127.0.0.1/install/
  17. Click next, press ‘I accept’ on the AGPL license (note: this means that you must share all code changes with anyone who can access the website, so if you change some code in MyBanco or any code that connects directly to MyBanco (ie, a MyBanco plugin) you must share that code with all people who can access the site. Even if all they see is the login page. This is so all people can benefit from other peoples changes to what is the most comprehensive open source bank operations software.
  18. Fix any errors that may occure on the next screen. Please note that this may mean more changes to the php.ini file.
  19. For the first three fields that you see on the next page, fill in the username and password that you created in phpMyAdmin. For the MyInfo backend location, enter ‘http://127.0.0.1/backend/’. Please note that this location should be changed for more secure environments. I say this, however, but no operations can be performed through the backend without first logging in.
  20. The install should go without any glitches. If it all goes OK, the bank software is installed!
  21. Now you can goto http://127.0.0.1 and see MyBanco working.
    A default account has been created called ‘tim’. Login with it, as ‘tim’ as the username, and ‘login’ as the password.

Quite a quick and easy install. Should take only around 25-30 minutes to complete. (Hell, it only took me twenty-thirty minutes to write!)

– Tim

Even more patches for MyBanco

/ | 2 Comments on Even more patches for MyBanco

Yesterday I talked about the mybanco-0.05-better-curl-support patch, and now I have a few more to share.

==> mybanco-0.05-check-for-mysql.patch
This patch makes the backend spit out a nice error if there is no MySQL extension loaded on the server. This is much better then things just appearing t do nothing

==> mybanco-0.05-better-errors-when-they-happen.patch
This patch adds more backend errors when other required extensions are not loaded.

==> mybanco-0.05-frontend-myinfo-enhancements.patch
This patch fixes up the way that requests are forged and sent to the MyInfo server. Requests are now faster and use less RAM. This is good!

==> mybanco-0.05-to-0.05.1.patch
This patch updates MyBanco’s version from 0.05 to 0.05.1, on it’s way to 0.06.

[TXT] mybanco-0.05-check-for-mysql.patch 26-Dec-2008 09:15 patch
[   ] mybanco-0.05-check-for-mysql.patch.md5 26-Dec-2008 09:15 md5 checksum
[TXT] mybanco-0.05-check-for-mysql.patch.txt 26-Dec-2008 09:15 diffstat
[TXT] mybanco-0.05-frontend-myinfo-enhancements.patch 26-Dec-2008 20:01 patch
[   ] mybanco-0.05-to-0.05.1.patch 26-Dec-2008 20:11 patch
[TXT] mybanco-0.05-better-errors-when-they-happen.patch 26-Dec-2008 20:11 patch
[   ] mybanco-0.05-better-errors-when-they-happen.patch.md5 26-Dec-2008 20:21 md5 checksum
[TXT] mybanco-0.05-better-errors-when-they-happen.patch.txt 26-Dec-2008 20:21 diffstat
[   ] mybanco-0.05-frontend-myinfo-enhancements.patch.md5 26-Dec-2008 20:21 md5 checksum
[TXT] mybanco-0.05-frontend-myinfo-enhancements.patch.txt 26-Dec-2008 20:21 patch
[   ] mybanco-0.05-to-0.05.1.patch.md5 26-Dec-2008 20:21 md5 checksum
[TXT] mybanco-0.05-to-0.05.1.patch.txt 26-Dec-2008 20:21 diffstat

New patch for MyBanco!

/ | Leave a Comment

Hello everyone!

About time I updated this blog!

Today I am writing to give you all a new patch (with another one comming in about one hour or three.)

This first patch, which I am going to offer up today is to improve a small issue with installations that do not have cURL enabled. If/when this is the case, a nice error will show up, rather then comming up with “Call to undefined function curl_init() in […]”.

Although only a small patch, it’s just a nice patch up for MyBanco 0.06; which is due out in the next few days, and will offer all new features, such as user registration (at long last!) and some other things which I will not discuss now. The next patch will improve the way that the communication to the backend is done, and will allow a huge improvement to the speed of the frontend. MyBanco 0.06 will also offer up a new method of usage which will not require the backend or the cURL extension in PHP.

[   ] mybanco-0.05-better-curl-support.patch 26-Dec-2008 08:39 patch
[   ] mybanco-0.05-better-curl-support.patch.md5 26-Dec-2008 08:50 md5 checksum
[TXT] mybanco-0.05-better-curl-support.patch.txt 26-Dec-2008 08:51 diffstat

St. George really needs to update their webpay client library for Linux

/ | Leave a Comment

My development environment is CentOS 5. Running a library that is two and a half years old really sucks on a new Linux box, especially because I had to install three compat libraries.

The software is called “webpay”, and the actual library itself is distributed as a binary library; which would be alright apart from the fact that this is a library that is meant to financial transactions, and I want to be able to trust that this library is the actual library that I am meant to use. When you go to download the file from St. George, there is no way to validate the file, no signed GPG files – not even an sha1sum.

What was even worse, is that the webpay client refused to work in the Virtuozzo container.

rt_sigaction(SIGPROF, {0x81c0ce0, [PROF], SA_RESTORER|SA_RESTART, 0xf09dc8}, {SIG_DFL}, 8) = 0
rt_sigprocmask(SIG_UNBLOCK, [PROF], NULL, 8) = 0
open("test.blue", O_RDONLY)              = 3
fstat64(3, {st_mode=S_IFREG|0777, st_size=4891, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7eb3000
read(3, "", 4096)                       = 0
brk(0x9ae9000)                          = 0x9ae9000

I would like it if it “just worked”, or even better – that libwebpayclient.so came with source, so we could actually compile the library ourselves, and debug the problem further. Even though the library is from a bank, I would have no problem sending back improved code to the bank, especially if it improved the way that my software worked.

Damn banks.