You do know that FreePBX is basically written in PHP don’t you?
The database in asterisk is sqlite3 (/var/lib/asterisk/astdb.sqlite3) and PHP has a complete library to read and write to it as , if you use the pbx box’es apache server, it will have full access to that database, just add your “families and keys” as appropriate using PHP’s random function inline for the keys and to present it back to the user and use a custom context leveraging on dbget (http://www.asteriskdocs.org/en/2nd_Edition/asterisk-book-html-chunk/asterisk-APP-F-7.html) to query your hopefully ephemeral entries, don’t forget to delete your added keys after the call. That is a very light weight solution and pretty well instantaneous.
James and I will have to disagree about “bad juju”, anything under your document root is exposed, and even admin/* has been compromised in living memory , just be careful and limit your code to only allow very well sanitized actions against the database, Many have been doing it for years.
[edit]
This assumes your clients will be connecting a sip/iax2 device to connect to the PBX with a preexisting account, if not than as James said “Don’t do it”, at least for a while until you have a much better understanding of how things work.
(A wild guess is that you want to make a bridged call between two external numbers, very scary over any web page)
Yes, that’s right, the sole telephony aimed for is bridged calls between 2 external numbers, the caller having purchased a passcode. As such the PBX only exists as a/ a firewall between caller and agent (legal advisers fyi), and b/ a means of time-limiting the call duration (to 10 minutes).
I wonder if there isn’t a simpler means of achieving this, but a modified PBX seemed the most sensible solution. None the less thanks for your comments.
What is left of the market is owned by the likes of Vonage and Walmart at sub penny a minute rates. Your solution requires that you pay for both incoming and outgoing legs if you use a B2BUA. Unless you are in the hundreds of thousands a month the can’t get close to that.
It will be very hard to find an billing agency to accept payments that knowingly accept VOIP business due to the level of fraud.
If you knew how sip works , then a three digit passcode on a “guest” call would be cracked by the black-hats in a few seconds and your server’s IP would be shared around the Gaza Strip and the Chinese Universities in a few more.
Ok, thanks, and clarity/brutality appreciated, seriously!
Laid bare, the business plan is:
Customer makes $20 paypal payment
On receipt, passcode sent to customer
Customer phones service, enters passcode to access advisers
Call directed to requested adviser.
I hoped this would simplify payment, leaving -
a. passcode access feature
b. automated switchboard to link caller with adviser
c. time limitation on calls
Kamailio looks powerful, I’ll take a closer look. Any other thoughts are very much welcome, thanks.