# Site User Management *Article Topics:* [*Sites*](https://docs.toomuchmedia.com/getting-started/common-topics/sites)*,* [*Tour*](https://docs.toomuchmedia.com/getting-started/common-topics/tours) NATS can send a postback script of your choosing every time a username gets added, removed, changed, expired, or checked. This is mostly used if you use an external verification script for checking user details. To use this postback script, go to the [Sites Admin](https://docs.toomuchmedia.com/nats-admin/sites), edit a tour of your choosing, and enter your script's URL in the Management URL field. For other postback examples, please check this article: [Postbacks and Post URLs](https://docs.toomuchmedia.com/nats-admin/sites/further-reading/postbacks-and-post-urls)
You can also prevent NATS from posting members' personal information through the user management postback script by using the [Sites Admin](https://docs.toomuchmedia.com/nats-admin/sites). Simply edit the site you want to affect, and check the "Disable Storing Personal Member Information" box on the Edit Site page (From the main admin\_sites page, click the Pencil Icon associated with a site). This will prevent information from the member\_info table from being sent (i.e., first name, last name, address, etc.). Each request identifies what actions the particular user (based on username) took to trigger the script. Your script should reply with one of the following messages: * OK|message * NOTOK|message * ERROR|message Replace "message" with a detailed explanation of your choosing. ## Username Actions Certain actions (calls) in NATS will trigger your user management script, returning a wide variety of parameters. The parameters passed in most of the user management calls will be similar, as a large amount of these parameters are taken from the NATS members table (i.e., memberid, status, joined, siteid, username, IP, etc.). Additionally, most of these calls use identical parameters to pass back information. These calls are *ACTIVATE*, *MANUALADD*, *DELETE*, and *TRIALTOFULL*. ### ADD Sent when a new username should be added to the user management system for user access. This occurs when a new member registers on one of your sites. This sends parameters from the members table, as well as the following extra parameters: * *member\_subscription\_id, memberidx, billerid, statid, cost, cost\_charge, spent, refunded, charges, next\_rebill, optionid, rebills, active, expires, nats\_expires, biller\_expires, original\_optionid, created\_date, loginid\_assigned, identid\_assigned, member\_identid, member\_loginid, country, xsell\_success, last\_modified, mychanges\_username/password/status/trial/mailok/marked, new\_status/trial/mailok/marked, siteid, username* ### MANUALADD Sent when a username is manually added via the [Members Admin](https://docs.toomuchmedia.com/nats-admin/members). This sends the available parameters from the member's table, as well as the additional parameters sent by the "ADD" user management call. ### ACTIVATE Sent when a user has been rebilled through the biller. This is used to record a rebill or to convert a member from a trial membership to a full membership. An additional user management called "[CHANGE](#change)" will happen if they are changed on member information ('username','password','email','optionid', 'programid', 'tourid', 'campaignid', 'token') during the activation. This sends the available parameters from the member's table, as well as the additional parameters sent by the "ADD" user management call. ### TRIALTOFULL Sent when a user upgrades from a trial to a full membership. This sends the available parameters from the member's table, as well as the additional parameters sent by the "ADD" user management call. {% hint style="info" %} **Good to Know:** Your script might be run more than once when doing a [conversion](https://docs.toomuchmedia.com/additional-resources/common-terms#conversion). {% endhint %} ### CHANGE Sent when a current username or password should be changed to a new username or password. This will only pass back a new username or new password if there is a new value for either. This sends a few different parameters from other user management calls. The "CHANGE" call also sends parameters such as *new\_username, new\_password, new\_cryptpass, new\_token*, etc. ### DELETE Sent when a user's account should be immediately removed from the active user list. This sends the available parameters from the member's table, as well as the additional parameters sent by the "ADD" user management call. ### EXPIRE Sent when a user's account should be expired on the provided date. The date might be in the past. This sends the available parameters from the member's table, as well as the additional parameters sent by the "ADD" user management call. This call also sends the *expires* parameter, expressed in unix\_timestamp format. ### CHECK Sent to check if a username is available, or already exists in your NATS database.\ This sends the following parameters: username, siteid, email, memberid (if available). {% hint style="warning" %} **Very Important:** If the **username exists**, you should configure the reply to be **"OK"**. If the **username does not exist**, and thus the username is available, the reply should be **"NOTOK"**. Configuring this incorrectly will limit the functionality of your Join Page! {% endhint %} ## User Management Encryption Key The User Management Encryption Key is used as another way to verify the postback data was sent by NATS. When User Management Encryption is enabled with a key that you create, all postbacks will be sent with the "hash" value. This is how the hash value will be calculated: {% code overflow="wrap" %} ``` md5('username'.'password'.'email'.'siteid'.'optionid'.'trial'.'status'.'management encryption key'); ``` {% endcode %} You can calculate the hash value to ensure the postback was sent from your NATS system. ## Error Logging If the reply is "ERROR", NATS will add the error to the surfer's note so you can see the problem in the Members Admin. ### Sample Scripts The following script allows you to log any [Postbacks](https://docs.toomuchmedia.com/nats-admin/sites/further-reading/postbacks-and-post-urls/affiliate-postback) sent by NATS to your User Management script. This script will take any information being posted to the user management script, and store it in a specified log file. In order for this script to work, you must first make your user management log file writable by Apache. To do so, you must change the */home/path/nats4/user\_management.log* path found in the following sample script to where your NATS user\_management.log file is located. {% hint style="warning" %} **Important:** Make sure that the log is NOT in a web accessible folder. {% endhint %} {% code overflow="wrap" %} ``` $val) { /** Add what the value is, what the name is. **/ if (is_array($val)) { foreach ($val as $val_key => $val_val) $message .= "&{$key}[{$val_key}]={$val_val}"; } else $message .= "&{$key}={$val}"; } /** Adding a return message to the log **/ $message .= "\n"; /** Adding the log to the specified file **/ error_log($message, 3, '/home/path/nats4/user_management.log'); /** Respond NOTOK so the User Management call isn't triggered **/ echo 'NOTOK'; ?> ``` {% endcode %} You may use the following sample script provided by Tanguy de Courson to put your User Management in effect. {% code overflow="wrap" %} ``` /** * A password authentication script for the NATS user management feature * where NATS posts the authentication to your authentication script * * NB: all functions MUST print out * OK|~message~ * or * NOTOK|~message~ * or * ERROR|~message~ * * @author Tanguy de Courson * **/ switch(@$_REQUEST['action']) { /** * Additional parameters: memberid, username, password, email, siteid, biller, trial * This call is done whenever a new username should be added to the user management for access. */ case 'ADD': add_user(); break; /** * Additional parameters: memberid, username, password, email, siteid, biller, trial * This call is done whenever a new username should be added to the user management for access. * This is generally done when reactivating someone who has been removed. */ case 'ACTIVATE': add_user(); break; /** * Additional parameters: memberid, username, password, siteid, biller, trial * This call is done whenever a username is manually added via the members admin or a biller refresh. **/ case 'MANUALADD': add_user(); break; /** * Additional parameters: memberid, username, siteid, biller * This call is done whenever a user changes from trial to full membership. **/ case 'TRIALTOFULL': upgrade_user(); break; /** * Additional parameters: memberid, username, siteid, biller, new_username, new_password * This call is done whenever an old username should be updated to a new username and/or password. **/ case 'CHANGE': change_password(); break; /** * Additional parameters: memberid, username, siteid, biller * This call is done whenever a current user should be immediately removed from the active user list. **/ case 'DELETE': delete_user(); break; /** * Additional parameters: memberid, username, siteid, biller, expire (YYYY-MM-DD format) * This call is done when a current user should be expired on a given date. The date MIGHT be in the past. **/ case 'EXPIRE': expire_user(); break; /** * Additional parameters: username, siteid * This call is done to verify if a username is still available. If the username DOES exist, the reply should be OK. If the username DOES NOT exist, the reply should be NOTOK. **/ case 'CHECK': check_user(); break; } function add_user() { } function upgrade_user() { } function change_password() { } function delete_user() { } function expire_user() { } function check_user() { } ``` {% endcode %}