• You've been granted Beta access to this site, allowing you to explore some of the new features while they're still under construction. More information can be found in the Beta forum.

Security Keypad script

jrfuda

Active Member
Does anyone have a security keypad script? Here's what I'm looking for:

I want to use this with MainLobby, and want it to be flexible enough so that anyone with HomeSeer and MainLobby (or just HomeSeer) could change a few lines and use it for their setup. Here goes:

Keys are pressed either in a ML scene or a HS web page

Based on the combination entered, HomeSeer executes an event, script or just changes a device's value

For example, in my script I identify 4 codes (these and what their entry does can be user-defined)

1234
2345
3456
4567

These for codes each trigger something unique, any other code that does not match these returns an error

So, let's say in my example, I have these functions:

1234 Arm Home
2345 Arm Away
3456 Disarm
4567 Panic

So, when 1234 is entered, HS runs an event that Arms my system in home mode and so on for the other three.

Now to make it more interesting.

The script would also maintain two device statuses and values

One would be the security system state (armed, disarmed, etc.) along with a corresponding value to use in triggers

The other would hold the numbers pressed - so when I type in 1234, the value and status incrementally becomes 1234 (1 then 12 then 123 then 1234)

The number device would revert to to display "error" and some other device value (say 0) if no match is found, if a match is found, a few seconds after the script does its thing, it changes the device display to "ready" (so someone couldn't just walk up and see the last code you entered) and some other value that would be recognized as "ready."

Also, the script would have to kill itself after, say 25 seconds, if the correct sequence isn't entered and it would then revert to "ready" on the number device and the last value for the system state.

Any thoughts?
 

electron

Administrator
Staff member
I have tried to make something similar before, but forgot what I discontinued working on it, I will have to dig it up and take a look at it.
 

Squintz

Senior Member
Why have the numbers displayed at all why not use password charaters such as "*"

I have created a security touch pad in the past but it wasnt for HomeSeer. It was for a VB6 application that i made for fun.
 

jrfuda

Active Member
Squintz, I want to limit the "password' to numbers and symbols that would normaly be on an alarm keypad, so folks that are using this as a supplement to their existing security system can use the same codes. The * and # symbols could be used to launch and end/reset the sccript, though. (pushing * starts the script and then the script running in HS listens for numbers. # resets the numbers).

The display is "confirmation" that the keys you pressed were in fact received. I suppose a * could be displayed in the interface instead for more security - and confirmation that something was pressed - Maybe this could be selectable by commenting or uncommenting a line in the script... I was also assuming that the device would atleast have to temporarily store the values on order for event triggers to work properly.
 

smee

Senior Member
I'm not sure if you'd want to do this or not, but you don't need to store the numbers anywhere as they are typed. I'm thinking of how this could be implemented using an ASP page under HomeSeer. With other systems it might be different.

Have a parameter in the URL pass the numbers so far. The URL would look something like:

Code:
http://192.168.0.20/keypad.html?code=123

That would be after the user has entered 3 characters. Initially, the page would be entered with no code parameter.

Every time the user hits a key, you call the page's URL and tack on the next number to the code parameter. When the page is loaded with four characters in the code string, instead of waiting for another keypress, you execute the desired action.

To add timeout capabilites, you create a property in HS called something like "keypad_timeout" with a normal state of OFF. You should also create an event called "reset_keypad_timeout" (there are other ways to do this). This event should just turn keypad_timeout OFF. When the page is called, the ASP checks to see if this is ON. If it is OFF, the ASP returns a page with no keys pressed. When a key is pressed, the ASP turns keypad_timeout ON, deletes the reset_keypad_timeout event, and adds a reset_keypad_timeout event set to trigger in 15 seconds (or whatever your timeout (per key) time is). If no key is pressed for 15 seconds, the next time the URL is requested, keypad_timeout will be OFF again and you'll start with a clean (no keys) page.

This is not the most secure setup in the world (your code is being passed back and forth over the network), but unless someone is snooping you'll be ok. You could rig some sort of encryption if you want.

Also, you don't really need to pass the code back in the html (but you will need to anyway if you want the user to be able to see what they type). You can add another device (like you suggested) in HS to hold the code as typed so far. You will just need to reset this during the timeout event in addition to reseting the keypad_timeout device.

I hope this makes sense. It's probably easier to write the page than it is to describe it.
 

smee

Senior Member
A few more things:

1) I forgot to mention that it also makes sense to put a meta tag on the page so that it reloads after 20 seconds or so (unless the current code is empty). This way, after a timeout the display will reset itself. But you don't want it reloading every 20 seconds even when it's not being used. So, if there is no partially-entered code there should be no meta tag for the refresh in the html. The 20 seconds was chosen to be slightly longer than the timeout length in my post above.

2) It's easy to add a parameter to the URL to specify whether to show the partially entered code or to show *s instead.

3) In most ordinary browsers, people will be able to see the partial code in the address box. In order to avoid this, the working page can be put inside a frame (an inline frame should work well). The outer page is initially loaded and has a URL that does not give away the code (e.g., /keypad_master.html). A frame on this page loads the actual working page (as described in the message above). The refresh should target the frame and the sub (ASP) page, not the entire page.
 

huggy59

Active Member
If you're looking for a web page, I have something you could use that was based on a javascript calculator in a web page. Works with Audreys. I modified it for channel and station entry for my audio/video gear, but you just pass the code to a back-end ASP page in a FORM POST and let that page handle it by calling anything you want using the values passed.

Here's the keypad code (no images, sorry) with some of my mods, and I'm sure there's more here than is necesary for what I use it for. If you need help, holler:

<FORM id=pad name=pad action=doevent.asp method=post>

<div align="center">
<script language="javascript">
<!--
var finished=0
var mem=""
var strChannel = 0

function bck() {
tmp = document.pad.box.value
tmplen = tmp.length
tmp = tmp.substring(0,tmplen-1)
document.pad.box.value = tmp
}

function key(data) {
if ( (data=="/") || (data=="*") || (data=="-") || (data=="+")) {
finished=0
}
if (finished) {
document.pad.box.value=""
finished=0
}
document.pad.box.value += data
}

function MP() {
mem=document.pad.box.value
}

function MR() {
if (finished) {
document.pad.box.value=""
finished=0
}
document.pad.box.value = eval(mem)+eval(document.pad.box.value)
}
function done() {
document.pad.channel.value = document.pad.box.value
document.pad.box.value = eval(document.pad.box.value)
finished=1
pad.submit()
}

function clrx() {
document.pad.box.value = ""
}

function backspace() {
tmp = document.pad.box.value
tmplen = tmp.length
tmp = tmp.substring(0,tmplen-1)
document.pad.box.value = tmp
}

function powx() {
tmp = document.pad.box.value;
document.pad.box.value="Math.pow("+tmp+",)"
}

function plusminus() {
document.pad.box.value=eval("-("+document.pad.box.value+")")
finished=1
}


function invx() {
document.pad.box.value=eval("1/("+document.pad.box.value+")")
finished=1

}

function squareRoot() {
document.pad.box.value=eval("Math.sqrt("+ document.pad.box.value+")")
finished=1
}


function errorHandler(message, url, line) {
alert("sorry, there was a "+message)
return true
}

window.onerror = errorHandler

//-->
</script>
<TABLE cellSpacing=1 cellPadding=1 border=0>
<TR align=middle><td colspan=3 align=center><input type=text size=20 name=box></td></tr>
<TR>
<TD align=middle height=50 width=50><a href="java script:key('7')"><img src="images/btn_7.jpg"></a></TD>
<TD align=middle height=50 width=50><a href="java script:key('8')"><img src="images/btn_8.jpg"></a></TD>
<TD align=middle height=50 width=50><a href="java script:key('9')"><img src="images/btn_9.jpg"></a></TD>
</TR>
<TR>
<TD align=middle height=50 width=50><a href="java script:key('4')"><img src="images/btn_4.jpg"></a></TD>
<TD align=middle height=50 width=50><a href="java script:key('5')"><img src="images/btn_5.jpg"></a></TD>
<TD align=middle height=50 width=50><a href="java script:key('6')"><img src="images/btn_6.jpg"></a></TD>
</TR>
<TR>
<TD align=middle height=50 width=50><a href="java script:key('1')"><img src="images/btn_1.jpg"></a></TD>
<TD align=middle height=50 width=50><a href="java script:key('2')"><img src="images/btn_2.jpg"></a></TD>
<TD align=middle height=50 width=50><a href="java script:key('3')"><img src="images/btn_3.jpg"></a></TD>
</TR>
<TR>
<TD align=middle height=50 width=50><a href="java script:clrx()"><img src="images/mybuttons/off.gif"></a></TD>
<TD align=middle height=50 width=50><a href="java script:key('0')"><img src="images/btn_0.jpg"></a></TD>
<TD align=middle height=50 width=50><a href="java script:done()"><img src="images/mybuttons/go.gif"></a></TD>
</TR></td>
</TABLE></div>
<input TYPE="hidden" ID="Caller" value="<%=strCaller%>" name="Caller">
<input TYPE="hidden" ID="Debug" value="<%=nDebug%>" name="Debug">
<input TYPE="hidden" ID="action" value="Run" name="action">
<input TYPE="hidden" ID="ev_name" value="ChangeChannel" name="ev_name">
<input TYPE="hidden" ID="source" value="<%=strSource%>" name="source">
<input TYPE="hidden" ID="channel" value="" name="channel">
</form>
 

smee

Senior Member
Here's a quick version of what I described in my previous posts. This does NOT implement the time out capabilities I described but they should be pretty easy to add. It doesn't hide itself inside a frame, either, so you can see the partial code in the address bar even if you are hiding the codes with *'s.

This is entirely within a single ASP page and runs under the HomeSeer server. Just put it in your HomeSeer/html directory and point your browser to your HS server /sch_keypad.asp .

It's not a particularly pretty page, but it does seem to work pretty well.

Modify the handle_code subroutine to perform any actions based on the codes entered. You can also control the number of characters that it looks for and whether to display the characters or "*".

It also does a lot of talking for debugging purposes. To remove the talking, place a single-quote (') in front of all the hs.speak lines to comment them out.
 

Attachments

  • sch_keypad.asp
    4 KB · Views: 33

smee

Senior Member
By the way, the page is written using <form>s, but I don't think that it needs to be. The <form>s can be replaced with direct links to the page (i.e., <aref ...>) since the input for each key doesn't change. That is, they can essentially be hardcoded into the html returned by response.send.
 

DavidL

Senior Member
For this to work in MainLobby (which JRFuda requests), this should be a script ("security.txt", not an asp page in the html directory of Homeseer) that accepts and appends to existing value stored, each script "payload" that it is sent (send a "1" to the security.txt script, then rerun the script and send a payload of "2" - now the saved value is "12"....). Then, if JRFuda (via Mainlobby transmission) sends a '#' key, the security.txt script will then compare the completed stored value (1234 as example) and if it equals the password stored in the script (or password.ini) (1234 for this example), then the script will call another script that can be configured in the security.txt file (secure_action.txt)
 

smee

Senior Member
jrfuda said:
...(or just HomeSeer)...
jrfuda said:
Keys are pressed either in a ML scene or a HS web page

Based on the combination entered, HomeSeer executes an event, script or just changes a device's value
I think my ASP page fits.

The additional features he asks for are relatively easy to implement.
 

jrfuda

Active Member
I think Krumpy has volunteered to tackle this - at least from the ML perspective.

What would be ideal, though, is a single script that would work with any combination HS alone, HS + ML, or even HS + Girder/remote (various lines could be commented in/out to accomidate the various interfaces).

What would be REALLY neat, is if there was a setup script that askes you questions about your setup and built the ACTUAL script (or an ini file) based on your answers - and then somehow encrypted the resulting script (or ini file) so it would not be too easy to pull the numbers out of it.
 

electron

Administrator
Staff member
If anyone needs help with the setup part, just look at the cnn script (and most of my others) I wrote, as they all guide you through the setup by asking questions, using TTS if desired, and generate the INI file.
 

mcascio

Active Member
Guys - you are way over complicating such an easy task using MainLobby/MLServer.

Here's how to emulate the populating of a security keypad (or thermostat for that matter) using SetVariable. I've attached a ml scene that illustrates how it works.

You'll need the Security Library to see it in action.

Basically I've created a textfield (Text.singleline) and assigned the following in it's label: {{SecurityInput}}

Then for each button that has a number value such as the number one button assign this MLServeCmd:
MLServeCmd.SetVariable|SecurityInput~{{SecurityInput}}1

For the reset button, I've created another command to clear it out:
MLServeCmd.SetVariable|SecurityInput~

Then you can pass the complete string or security code to where ever or what ever plugin you need.

Works great.

I've even created a startup for the scene that displays a message for a few seconds then disappears so the field is clear for input.
 

Attachments

  • 0012_0001b.mls
    28.6 KB · Views: 35
Top