This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
The introduction of electronic commerce has made most industries showcase their goods and services online. It helps to reduce marketing costs and competitive advantage. Online ticketing system or E-ticketing as it is widely known is a form of e-commerce that offers a new distribution channel for different kinds of tickets (Haneberg, 2008). It is mostly used in the airline industry. It was used to replace the use of traditional paper tickets. It started in 1995 in the United States and since then it has experienced a vast growth all over the world (Anne-Laure BERANGER, 2004).
Online Ticketing system in Nigeria
Nigeria is Africa's most populous country and the 7th in the world with an estimate population of 174,507,539 as of 2013 (United States Census Bureau, 2013). According to the Africa Internet & B2C E-Commerce Report in 2012, Nigeria is the African country with the highest number of internet users of 45 million users and the 10th in the world as of December 2011. It was also said that by 2013, one third of the population will have direct internet access. (ystats.com, 2012).
Figure : Africa's top 10 internet Countries (ystats.com, 2012)
This online presence has affected so many areas in Nigeria. The government designed an E-government project to introduce e-tax, e-learning, e-traffic, e-procurement, e-pricing, e-mail, e-tourism, e-payment, e-revenue, e-legislation, e-policing, e-judiciary, e-health, e-agriculture, e-services, e-kiosk, e-buka, etc. across the country (Ayo, 2006). (Ayo, 2006) inquired and discovered that virtually all organizations in Nigeria have online presence and Internet access. All most all the airlines in Nigeria have online ticketing systems and even some websites offer online ticket sales.
Applications of Online Ticketing
Airline Ticket, Train and bus tickets
As mentioned earlier, the airline industry was the first to adopt the online ticketing system and by 2008, the industry moved to 100% electronic ticketing and the paper ticket became history. It has helped the industry save up to US$3bilion per year and it is more convenient for passengers as they don't have to worry about losing tickets and they can make changes to itineraries more easily. All airlines in Nigeria use this system for ticket booking. Trains and buses have also adopted the electronic ticketing system since 2003 (Bienz, 2008). It has been adopted by most train and bus services in the United States, United Kingdom and some other parts of the world. However, this system has not been successfully implemented in Nigeria as the train services are not fully functional. The Lagos Metropolitan Area Transport Authority (LAMATA) has started making plans for e-ticketing systems for the buses it operates (Technology Times Reporter, 2012).
One of the current applications of online ticketing system is in the area of event tickets or reservation. It first started with concert tickets where customers can go online, check out concerts happening around them or concerts they specifically want to go and they can buy tickets online thereby reserving a seat at the event. The ticket is sent to their emails and they print it out for the event. This event ticketing has also extended to sports events, conferences, reunion parties, birthday parties, fundraisers, club association events, religious events, etc. It can also help unpaid events to control the crowd and the amount of tickets to sell. In some cases, customers can view the seating chart for the venue and chose the particular area they want to seat.
Existing Online ticketing systems
There are currently a number of different websites that offer online tickets sales. The major well known ones are: Ticketmaster (www.ticketmaster.com), Ticket Web (www.ticketweb.co.uk) and Naija ticket shop (www.naijaticketshop.com).
Ticketmaster is a global online ticketing system where users can select their country of residence. Ticket Web is not as global as Ticketmaster however there is Ticket Web USA and Ticket Web Canada. Naija ticket shop is the most popular online ticketing system for Nigeria. Each of the websites offer accounts to customers so that their details are kept in the database and when they want to purchase a ticket, it is quicker and they do not have to fill in their details again. Naija ticket shop also offer accounts for promoters.
Both Ticketmaster and Ticket Web have the seating chart of the venue for most of the events on their websites. Naija ticket shop and most of the Nigerian Online ticketing systems however do not offer seating charts of the venue for their events which means customers do not have seat choices. Ticketmaster have integration with Facebook, twitter and Google plus. They also have iPhone and android apps which make it easy for customers to use on their mobile phones. Ticket Web is also integrated with Facebook and twitter. They also have a YouTube page where customers can watch videos of some of their events. Naija ticket shop is integrated with Facebook, twitter, LinkedIn and RSS feed.
Ticketmaster and Ticket Web both make use of SSL encryption, however Naija ticket shop do not make if any form of encryption. All the websites however take extra security measures like password encryption, CAPTCHAs test and email verification.
Online ticketing system uses a three-tier architecture model. The bottom tier is the database management system (DBMS) where information is stored and query languages used to access records in the database, the middle tier is the web server application which connects and retrieves the scripting language for the user and the top tier is the web browser which the user operates. A critical evaluation of DBMS, web servers and scripting languages used when developing an online ticketing system will be discussed below.
Database Management system (DBMS)
A Database Management System (DBMS) is a system designed to store, manage, and facilitate access to databases (Frommholz, 2012). A database is a shared collection of logically related data and a description of this data, designed to meet the information needs of an organization (Connolly & Begg, 2002). Models of DBMS include: Hierarchical, Network, Deductive, Relational (RDBMS), Object-Oriented (OODBMS), Hybrid (Object-Relational), NoSQL ("not only SQL"). Examples of DBMS include: MySQL, SQLite, Microsoft SQL Server, Microsoft Access, Oracle, Sybase, IBM DB2, etc. However the most used DBMS will be further reviewed in the table below.
Supporter and Release date
Operating system support
Features (Linux Insider, 2013)
Oracle corporation, 1995
Windows, MAC OS X, Linux, BSD, UNIX, Amiga OS, Symbian, z/OS
ACID, Java support, Referential Integrity, transactions and Unicode
Fast, Easy, Open source, great performance
No separate transaction log, no separate roll back log, no file duplication (Vernon, 2003)
Oracle corporation, 1979
Oracle database 11g release 2
Windows, MAC OS X, Linux, UNIX, z/OS
ACID, Referential Integrity, transactions and Unicode
Reduces the risk of change within IT, runs large Online transaction processing and Very large databases (Trujillo, 2008)
Steep learning curve, slow and expensive (Haubrich, n.d.)
Microsoft SQL server
Microsoft corporation, 1989
Microsoft SQL server 2012
ACID, Referential Integrity, transactions and Unicode
It offers a wide range of editions and a strong support (Barett, 2012)
Expensive and supports only Windows OS platform
Table : Review of Database Management systems
Supporter and Release date
(Client-side, Server-side, web)
Open source, allows control over the web pages, the browser and the content of the HTML forms that appear in the browser (Valade, 2010)
Not useful for interacting with a database (Valade, 2010)
Developers are not limited to one programming language (COMPUTERS N SOFTWARES, 2011)
Uses only Windows OS, not an open sourced technology
PHP group, 1994
Supports every database, many operating systems and web servers, users can customise and modify its features to fit their environment, doesn't need a specific framework (Valade, 2010)
Error handling is primitive and slow server when multiple applications are executed. (Creative, 2012)
Table : Review of Scripting Languages
A Web Server is the software that delivers the web pages to the world and stores the websites (Valade, 2010). Users make two types of requests to the web server, to ask for a static HTML web page, image or style sheet and ask for a scripting program such as PHP to be run and return its output (Williams & Lane, 2002). So when a URL is typed in the web browser, a message is sent to the Web Server which sends an HTML file which is then interpreted by the browser to display the web page. Major Web Servers include Apache, IIS, nginx and GWS.
Supporter and Release date
Operating system support
Apache Software Foundation, 1995
Windows, MAC OS X, Linux, BSD, z/OS, Solaris, eComStation, OpenVMS, AIX, IBM i, HP-UX
Open source, runs fast on even average speed hardware and Its source code is widely available in case of changes.
No real tech support, except for message boards and third party vendors and it is not regularly updated (Apache HTTP server Project, n.d.)
Has a GUI interface, which makes the installation a bit easier and it has crash protection because of the client isolation from the web applications. (Apache HTTP server Project, n.d.)
Not a flexible web server and if you're using two servers, their configurations must match exactly (Apache HTTP server Project, n.d.)
NGINX Inc., 2002
Windows, MAC OS X, Linux, BSD, Solaris, AIX, HP-UX
Open source, high concurrency, performance and low memory usage (Nedelcu, 2010)
Asynchronous server which means it handles requests in a single thread (Vidal, 2012)
Table : Review of Web servers
Security is about dealing with a malicious user/super user who is dedicated on causing harm on a system. The more extended the use of the web is, the more the security threats and attacks are made on web application. Programmers need to consider the different types of security threats that can affect the application from the database to the scripting to the user computer. Below are some security threats that affect online ticketing systems and how they can be prevented.
SQL Injection: SQL (Structured Query Language) Injection is when data containing illegal characters or words is passed directly into a dynamically generated query and the query is then passed on to the database server where the query is executed (Kruse, 2008). This way the malicious user creates their own SQL statements and uses your program to query their SQL statements on your database, instead of your intended SQL statement (Bradley, 2006). It can be used to destroy, manipulate or extract data.
There are three important ways of preventing SQL injection. The first is to use database prepared statements which are supplied to the database query engine, allowing it to pre-compute the logic. Secondly, the database permission should be configured correctly and completely. Lastly, SQL injection can be prevented by critically checking every data that comes into the web application. (Kruse, 2008).
Session Hijacking: Session hijacking is an important application of Cross site scripting whereby an attacker listens to network traffic, phishes or uses session fixation to obtain session ID which is a user's identification and authentication token stored in cookies or the end of the URL as a $_GET variable to take control of a genuine user's web application session while that user is logged on to the application. This allows the attacker to be able to perform all normal web application functions with the same privileges of that legitimate user like online bill pay, composing an email, etc. (Endler, 2002).
There are different ways to prevent session hijacking, these includes making use of SSL (Secure Socket Layer) which is an internet protocol used for secure communication and encrypts information between computers over the internet. Also disable the use of session ID as a $_GET variable with programming. Specify a session time-out period which will prevent attackers from analysing user's data before the session time-out. Lastly, session ID of users should be changed when they log in or logout of the web application. (Bradley, 2006).
Haven considered the existing systems, a system is which will be solely based on customers not promoters as all the promoters will go through the administrator who will upload and manage all ticket sales. Customers will be able to signup/ log in to retrieve their details from the database. Also the system will send emails to existing customers bimonthly using their previous choice of event and region. Customers will be sent birthday messages and also offer birthday promotions for events, creating a closer customer relation. There will also be a 'ticket bought as a gift' option with special message attached to the ticket and sent to the receiver's email address. Quick calendar for events where customers can check the events taking place on a particular date improving search feature. There will be an advanced search with useful search features from the above existing systems. Seating charts of the venue for each event will be introduced into the Nigerian environment so customers can make seat choices and know the layout of the venue.
After researching into the various technologies needed to successfully design and implement an online ticketing system, it was decided that using the three-tier architecture mentioned above, MySQL will be used for the database management system, PHP will be used for the scripting language and Apache for the web server. Also HTML/CSS will be used for the layout and design of the website. MySQL and PHP was decided upon because of some previous knowledge of these technologies unlike the others, also they communicate with each other well has PHP has a built-in feature to communicate with MySQL database and they are free, fast and easy to use. Apache was decided for the web server because it is also free, popular, reliable, secure, and runs on most operating systems. Wamp server is going to be used as it installs Apache, PHP and a MySQL database on a Windows operating system alongside PhpMyAdmin which helps to manage the MySQL database.
This online ticketing system will be made as secure as possible. It will be protected against session hijacking by setting a session time-out of 15 minutes and session ID will be changed when a user logs in or logs out. The system will be also be protected against SQL injection and cross site scripting. There will be password encryption, email verification and the use of both text image and audio CAPTCHAs.