Site User Management

Article Topics: Sites, Tour

NATS can send a postback script of your choosing every time a username gets added, removed, changed, expired, or checked. This is mostly used if you use an external verification script for checking user details. To use this postback script, go to the Sites Admin, edit a tour of your choosing, and enter your script's URL in the Management URL field.

For other postback examples, please check this article: Postbacks and Post URLs

You can also prevent NATS from posting members' personal information through the user management postback script by using the Sites Admin. Simply edit the site you want to affect, and check the "Disable Storing Personal Member Information" box on the Edit Site page (From the main admin_sites page, click the Pencil Icon associated with a site). This will prevent information from the member_info table from being sent (i.e., first name, last name, address, etc.).

Each request identifies what actions the particular user (based on username) took to trigger the script. Your script should reply with one of the following messages:

OK|message
NOTOK|message
ERROR|message

Replace "message" with a detailed explanation of your choosing.

Username Actions

Certain actions (calls) in NATS will trigger your user management script, returning a wide variety of parameters. The parameters passed in most of the user management calls will be similar, as a large amount of these parameters are taken from the NATS members table (i.e., memberid, status, joined, siteid, username, IP, etc.).

Additionally, most of these calls use identical parameters to pass back information. These calls are ACTIVATE, MANUALADD, DELETE, and TRIALTOFULL.

ADD

Sent when a new username should be added to the user management system for user access. This occurs when a new member registers on one of your sites.

This sends parameters from the members table, as well as the following extra parameters:

member_subscription_id, memberidx, billerid, statid, cost, cost_charge, spent, refunded, charges, next_rebill, optionid, rebills, active, expires, nats_expires, biller_expires, original_optionid, created_date, loginid_assigned, identid_assigned, member_identid, member_loginid, country, xsell_success, last_modified, mychanges_username/password/status/trial/mailok/marked, new_status/trial/mailok/marked, siteid, username

MANUALADD

Sent when a username is manually added via the Members Admin.

This sends the available parameters from the member's table, as well as the additional parameters sent by the "ADD" user management call.

ACTIVATE

Sent when a user has been rebilled through the biller. This is used to record a rebill or to convert a member from a trial membership to a full membership.

An additional user management called "CHANGE" will happen if they are changed on member information ('username','password','email','optionid', 'programid', 'tourid', 'campaignid', 'token') during the activation.

This sends the available parameters from the member's table, as well as the additional parameters sent by the "ADD" user management call.

TRIALTOFULL

Sent when a user upgrades from a trial to a full membership.

This sends the available parameters from the member's table, as well as the additional parameters sent by the "ADD" user management call.

Good to Know: Your script might be run more than once when doing a conversion.

CHANGE

Sent when a current username or password should be changed to a new username or password. This will only pass back a new username or new password if there is a new value for either.

This sends a few different parameters from other user management calls. The "CHANGE" call also sends parameters such as new_username, new_password, new_cryptpass, new_token, etc.

DELETE

Sent when a user's account should be immediately removed from the active user list.

This sends the available parameters from the member's table, as well as the additional parameters sent by the "ADD" user management call.

EXPIRE

Sent when a user's account should be expired on the provided date. The date might be in the past.

This sends the available parameters from the member's table, as well as the additional parameters sent by the "ADD" user management call. This call also sends the expires parameter, expressed in unix_timestamp format.

CHECK

Sent to check if a username is available, or already exists in your NATS database. This sends the following parameters: username, siteid, email, memberid (if available).

Very Important: If the username exists, you should configure the reply to be "OK". If the username does not exist, and thus the username is available, the reply should be "NOTOK". Configuring this incorrectly will limit the functionality of your Join Page!

User Management Encryption Key

The User Management Encryption Key is used as another way to verify the postback data was sent by NATS. When User Management Encryption is enabled with a key that you create, all postbacks will be sent with the "hash" value.

This is how the hash value will be calculated:

md5('username'.'password'.'email'.'siteid'.'optionid'.'trial'.'status'.'management encryption key');

You can calculate the hash value to ensure the postback was sent from your NATS system.

Error Logging

If the reply is "ERROR", NATS will add the error to the surfer's note so you can see the problem in the Members Admin.

Sample Scripts

The following script allows you to log any Postbacks sent by NATS to your User Management script. This script will take any information being posted to the user management script, and store it in a specified log file. In order for this script to work, you must first make your user management log file writable by Apache. To do so, you must change the /home/path/nats4/user_management.log path found in the following sample script to where your NATS user_management.log file is located.

Important: Make sure that the log is NOT in a web accessible folder.

<?

/** Adding a date to the first value. **/
$message = '[' . date('Y-m-d H:i:s') . '] ';
/** Looping through all request variables. If it is an array, we loop within. **/
foreach ($_REQUEST as $key => $val) {
/** Add what the value is, what the name is. **/
        if (is_array($val)) {
                foreach ($val as $val_key => $val_val)  $message .= "&{$key}[{$val_key}]={$val_val}";
        }
        else $message .= "&{$key}={$val}";
}
/** Adding a return message to the log **/
$message .= "\n";
/** Adding the log to the specified file **/
error_log($message, 3, '/home/path/nats4/user_management.log');
/** Respond NOTOK so the User Management call isn't triggered **/
echo 'NOTOK';
 
?>

You may use the following sample script provided by Tanguy de Courson to put your User Management in effect.

/**
* A password authentication script for the NATS user management feature
* where NATS posts the authentication to your authentication script
* 
* NB: all functions MUST print out
* OK|~message~
* or
* NOTOK|~message~
* or
* ERROR|~message~
*
* @author Tanguy de Courson
*
**/


switch(@$_REQUEST['action']) {
	/**
	* Additional parameters: memberid, username, password, email, siteid, biller, trial
	* This call is done whenever a new username should be added to the user management for access.
	*/

	case 'ADD':
		add_user();
	break;

	/**
	* Additional parameters: memberid, username, password, email, siteid, biller, trial
	* This call is done whenever a new username should be added to the user management for access.
	* This is generally done when reactivating someone who has been removed.
	*/

	case 'ACTIVATE':
		add_user();
	break;

	/**
	* Additional parameters: memberid, username, password, siteid, biller, trial
	* This call is done whenever a username is manually added via the members admin or a biller refresh.
	**/

	case 'MANUALADD':
		add_user();
	break;

	/**
	* Additional parameters: memberid, username, siteid, biller
	* This call is done whenever a user changes from trial to full membership.
	**/

	case 'TRIALTOFULL':
		upgrade_user();
	break;

	/**
	* Additional parameters: memberid, username, siteid, biller, new_username, new_password
	* This call is done whenever an old username should be updated to a new username and/or password.
	**/

	case 'CHANGE':
		change_password();
	break;

	/**
	* Additional parameters: memberid, username, siteid, biller
	* This call is done whenever a current user should be immediately removed from the active user list.
	**/

	case 'DELETE':
		delete_user();
	break;

	/**
	* Additional parameters: memberid, username, siteid, biller, expire (YYYY-MM-DD format)
	* This call is done when a current user should be expired on a given date. The date MIGHT be in the past.
	**/

	case 'EXPIRE':
		expire_user();
	break;

	/**
	* Additional parameters: username, siteid
	* This call is done to verify if a username is still available. If the username DOES exist, the reply should be OK. If the username DOES NOT exist, the reply should be NOTOK.
	**/

	case 'CHECK':
		check_user();
	break;
}

function add_user() {
}

function upgrade_user() {
}

function change_password() {
}

function delete_user() {
}

function expire_user() {
}

function check_user() {
}

PreviousPost URLs Usage NextExample Postbacks for NATS Site User Management

Last updated 1 year ago

Was this helpful?