Difference between revisions of "NATS4 Upsell Plus"

From TMM Wiki
Jump to navigationJump to search
 
(14 intermediate revisions by 3 users not shown)
Line 29: Line 29:
 
** [[NATS4_Epoch#UpsellPlus|Epoch]]
 
** [[NATS4_Epoch#UpsellPlus|Epoch]]
 
** [[NATS4_SegPay#Cross Sells and Upsells|Segpay]]
 
** [[NATS4_SegPay#Cross Sells and Upsells|Segpay]]
 +
** [[NATS4_Vendo_Services#Cross_Sales|Vendo Services]]  <font color=red>in development</font>
 
* To use autocampaigns with internal upsells, add <kbd>&autocamp=campaign</kbd> to the Upsell Plus URL. '''NOTE:''' For this to work, you must set <kbd>$config['ALLOW_REQUEST_AUTOCAMP']=1</kbd> in your ''config.php'' file and add "autocamp" as a hidden variable in the gateway_upsell and thirdparty_upsell templates: <code><input type="hidden" name="autocamp" value="{$smarty.request.autocamp}"></code>
 
* To use autocampaigns with internal upsells, add <kbd>&autocamp=campaign</kbd> to the Upsell Plus URL. '''NOTE:''' For this to work, you must set <kbd>$config['ALLOW_REQUEST_AUTOCAMP']=1</kbd> in your ''config.php'' file and add "autocamp" as a hidden variable in the gateway_upsell and thirdparty_upsell templates: <code><input type="hidden" name="autocamp" value="{$smarty.request.autocamp}"></code>
 +
* To save custom fields to the member record that will be created for the upsell, send the value in member_extra[custom{x}], where {x} is a number from 1-10
 +
** <input type=hidden name=member_extra[custom1] value={some_custom_value}>
  
 
== Redirect and Postback URLs ==
 
== Redirect and Postback URLs ==
  
'''Note: <span style="color:red">this feature is currently in development </span>'''<br>
+
As of NATS version 5.0.2.7, Upsell Plus supports overriding approval and denial redirect urls as well as additional approval and denial postback urls.  This feature will work for any biller that does not require a redirect to their system to complete the upsell process.  To use this feature, you will need to add the additional[] array to your /signup/upsellplus.php link.  For example, adding <code><kbd><nowiki>&additional[approvalurl]=https://somedomain.com/somepage.html</nowiki></kbd></code> will redirect the member to the <kbd><nowiki>https://somedomain.com/somepage.html</nowiki></kbd> url if ANY of the upsells are successful instead of showing the NATS page_upsell_approval template.  Here are all of the available variables:
 
 
Upsell Plus supports overriding approval and denial redirect urls as well as additional approval and denial postback urls.  This feature will work for any biller that does not require a redirect to their system to complete the upsell process.  To use this feature, you will need to add the additional[] array to your /signup/upsellplus.php link.  For example, adding <code><kbd><nowiki>&additional[approvalurl]=https://somedomain.com/sopmepage.html</nowiki></kbd></code> will redirect the member to the <kbd><nowiki>https://somedomain.com/sopmepage.html</nowiki></kbd> url if ANY of the upsells are successful instead of showing the NATS page_upsell_approval template.  Here are all of the available variables:
 
  
 
* <code>additional[approvalurl]=<url>?<query_string></code> - url to redirect to if ANY of the upsells are successful
 
* <code>additional[approvalurl]=<url>?<query_string></code> - url to redirect to if ANY of the upsells are successful
 
* <code>additional[denialurl]=<url>?<query_string></code> - url to redirect to if NONE of the upsells are successful
 
* <code>additional[denialurl]=<url>?<query_string></code> - url to redirect to if NONE of the upsells are successful
* <code>additional[approvalposturl]=<url>?<query_string></code> - url to send a post to if ANY of the upsells are successful (this is in addition to not instead of the postback url defined in the NATS site admin)
+
* <code>additional[approvalposturl]=<url>?<post_data></code> - url to send a post to if ANY of the upsells are successful (this is in addition to not instead of the postback url defined in the NATS site admin)
* <code>additional[denialposturl]=<url>?<query_string></code> - url to send a post to if NONE of the upsells are successful (this is in addition to not instead of the postback url defined in the NATS site admin)
+
* <code>additional[denialposturl]=<url>?<post_data></code> - url to send a post to if NONE of the upsells are successful (this is in addition to not instead of the postback url defined in the NATS site admin)
 +
 
 +
In order to use this feature, you need to set the signature password via the ADDITIONAL_SIGN_KEY config setting on the config admin -> surfer page in the one click systems section, sign the additional array in the url and provide the signature (<code>additional[signature]=<signature></code>) in your request.  Also, please make sure to remove the signature password value (<code>additional[password]</code>) from your request.  Here is an example script.
 +
<pre>
 +
<?php
 +
 
 +
$data = Array();
 +
$data['additional'] = Array();
 +
$data['additional']['password'] = '<value of the ADDITIONAL_SIGN_KEY config setting>';
 +
$data['additional']['approvalurl'] = '<value>';
 +
$data['additional']['denialurl'] = '<value>';
 +
$data['additional']['approvalposturl'] = '<value>';
 +
$data['additional']['denialposturl'] = '<value>';
 +
 
 +
ksort($data['additional']);
 +
$dataString = implode('~~~', $data['additional']);
 +
$data['additional']['signature'] = hash('sha512', $dataString);
 +
 
 +
unset($data['additional']['password']);
 +
 
 +
$query = http_build_query($data);
 +
</pre>
  
 
You will also need to make sure you have the following code on your upsellplus templates
 
You will also need to make sure you have the following code on your upsellplus templates
 
<pre>
 
<pre>
{if !empty($smarty.request.additional) && is_array($smarty.request.additional)}
+
{if !empty($additionalData) && is_array($additionalData)}
{foreach from=$smarty.request.additional key=additional_key item=additional_val}
+
{foreach from=$additionalData key=additional_key item=additional_val}
 
<input type="hidden" name="additional[{$additional_key|escape:'htmlall'}]" value="{$additional_val}"/>
 
<input type="hidden" name="additional[{$additional_key|escape:'htmlall'}]" value="{$additional_val}"/>
 
{/foreach}
 
{/foreach}
Line 64: Line 86:
 
== Additional Settings ==
 
== Additional Settings ==
  
'''Note: <span style="color:red">this feature is currently in development </span>'''<br>
+
As of NATS version 5.0.2.7, you can (optionally) enable the UPSELLPLUS_SKIP_HIDDEN_JOIN_OPTIONS configuration setting on the config admin -> surfer page in the 'one click systems' section to prevent NATS from showing hidden join options on the /signup/upsellplus.php page unless that join option is passed in via the upsellid or the upsellids variables.  This feature has no impact on processing, only on display.
 
 
You can (optionally) enable the UPSELLPLUS_SKIP_HIDDEN_JOIN_OPTIONS configuration setting on the config admin -> surfer page in the 'one click systems' section to prevent NATS from showing hidden join options on the /signup/upsellplus.php page unless that join option is passed in via the upsellid or the upsellids variables.  This feature has no impact on processing, only on display.
 
  
 
== Additional Security ==
 
== Additional Security ==
Line 92: Line 112:
  
 
== Advanced Member Lookup ==
 
== Advanced Member Lookup ==
Usually the member lookup is done using the siteid and the username parameters.  That will uniquely identify the member record in NATS.  However, that member record might have multiple subscriptions.  It is also possible to link to the /signup/upsellplus.php script using a list of siteids instead of one siteid.  In that case it is possible that multiple member records (with multiple subscriptions each) match the initial lookup.  When NATS is not able to determine a unique subscription, it will show the page_choose_subscription template so that the surfer can specify the subscription to use.  You can use additional flags to narrow or widen that lookup.
+
Usually, the member lookup is done using the siteid and the username parameters.  That will uniquely identify the member record in NATS.  However, that member record might have multiple subscriptions.  It is also possible to link to the /signup/upsellplus.php script using a list of siteids instead of one siteid.  In that case, it is possible that multiple member records (with multiple subscriptions each) match the initial lookup.  When NATS is not able to determine a unique subscription, it will show the page_choose_subscription template so that the surfer can specify the subscription to use.  You can use additional flags to narrow or widen that lookup.  You can use them by adding the params to the URL and/or the form on the template.
  
 
=== Main Lookup ===
 
=== Main Lookup ===
username and site (or siteid) => this method is the default and works in majority of the use cases, but can lead to multiple matching subscriptions for the same member record.
+
username and site (or siteid) => this method is the default and works in the majority of the use cases, but can lead to multiple matching subscriptions for the same member record.
  
 
OR
 
OR
  
memberid and session => just like the 'username and site' method above, this method works in majority of the use cases, but can lead to multiple matching subscriptions for the same member record.
+
memberid and session => just like the 'username and site' method above, this method works in the majority of use cases but can lead to multiple matching subscriptions for the same member record.
  
 
OR
 
OR
Line 108: Line 128:
  
 
memberidx (<biller>:<biller subscriptionid>) => this method will always lead to 1 subscription
 
memberidx (<biller>:<biller subscriptionid>) => this method will always lead to 1 subscription
 +
 +
=== Lookup Flags ===
 +
These flags are used to narrow or widen the initial member lookup
 +
 +
Subscription status (these options are mutually exclusive)
 +
* active_only => only return active subscriptions
 +
* expired_only => only return expired subscriptions
 +
* when neither flag is provided => return both active and expired subscriptions (default)
 +
 +
Subscription attribution (these options are mutually exclusive)
 +
* billerName => only return subscriptions for the given biller
 +
* allow_NATS_biller => allow subscriptions with the NATS:<value> memberidx (for example, NCR joins)
 +
* when neither flag is provided => do not return subscriptions with the NATS:<value> memberidx (default)
 +
 +
=== Ordering Flags ===
 +
These flags are used to order matching subscriptions on the page_choose_subscription template
 +
 +
* prefer_active => show active subscriptions first (default)
 +
* prefer_expired => show expired subscriptions first
 +
 +
=== Limit Flags ===
 +
These flags are used to return only 1 subscription
 +
 +
* most_recently_accessed_only => return only the most recently created/updated subscription (default)
 +
* least_recently_accessed_only => return only the least recently created/updated subscription
 +
  
 
[[Category:NATS4 Upsells]]
 
[[Category:NATS4 Upsells]]

Latest revision as of 05:21, 21 September 2022

NATS 4
Members Admin
The Members Admin
View Member Details
Add Member
MySQL Auth
Mod Authn DB
Multisite Access
Member Logging
Member Password Retrieval
OpenID Connect
Mod Auth OpenIDC
ID Numbers
Upsells Admin
The Upsells Admin
Configuring Cross Sells
Configuring Upsells
Cross Sell Supported Billers
Upsell Supported Billers
Process Gateway Cross Sales Outside NATS
Cross Sells: A to Z
Upsells: A to Z
Upsell Plus
Setting Rules

Upsell Plus is a feature in NATS4 that allows you to offer your members incentives to sign up for other sites after they have joined one of your sites. In order to complete the Upsell Plus process, the member will have to click on a link that you provide for them.

Creating an Upsell Link

If you want to offer the Upsell Plus feature to your members, first create an upsell in the Upsells Admin, then provide your member with a link to your Upsell Plus option. This supports one of two link formats:

Preferred format:

  • https://<linkdomain>/signup/upsellplus.php?site=<siteid>&username=<username>
    • Siteid and Username is the preferred method

Alternative format:

  • https://<linkdomain>/signup/upsellplus.php?memberid=<memberid>&natssess=<nats_session>&site=<siteid>


For all links, replace <linkdomain> with the linkdomain of the site that is offering this upsell and <siteid> with the site ID this member has already joined under. Replace <memberid>, <nats_session>, and <username> in the above examples with the member ID, session ID, and username of the member, respectively. Although both of the example formats will work with Upsell Plus, the first format is preferred.

You can also specify multiple sites to check through (to use with network member sites, for example):

  • https://<linkdomain>/signup/upsellplus.php?siteids=<siteid>,<siteid2>,<siteid3>&username=<username>

Optional Variables

Upsell Plus supports the use of additional variables to get certain effects from your Upsell Plus sales:

  • If you want members to be automatically submitted for upsells, add &upsellid=<upsellid>&email=<email>&submit=1 to the end of the Upsell Plus URL. Replace <email> with the e-mail address of the member and <upsellid> with the Outgoing Upsell ID of the upsell to purchase, found in the Upsells Admin.
  • If you want any of the available upsell options on the join form to be pre-checked, add &upsellids=<upsellid_list> to the end of the Upsell Plus URL. Replace <upsellid_list> with a comma-separated list of ID numbers for the upsell options you want to be automatically checked.
  • Some billers also support passing additional custom variables by adding &member_extra[<upsellid>][<customvariable>]=<customvalue> to the Upsell Plus URL. Billers that currently support this are:
  • To use autocampaigns with internal upsells, add &autocamp=campaign to the Upsell Plus URL. NOTE: For this to work, you must set $config['ALLOW_REQUEST_AUTOCAMP']=1 in your config.php file and add "autocamp" as a hidden variable in the gateway_upsell and thirdparty_upsell templates: <input type="hidden" name="autocamp" value="{$smarty.request.autocamp}">
  • To save custom fields to the member record that will be created for the upsell, send the value in member_extra[custom{x}], where {x} is a number from 1-10
    • <input type=hidden name=member_extra[custom1] value={some_custom_value}>

Redirect and Postback URLs

As of NATS version 5.0.2.7, Upsell Plus supports overriding approval and denial redirect urls as well as additional approval and denial postback urls. This feature will work for any biller that does not require a redirect to their system to complete the upsell process. To use this feature, you will need to add the additional[] array to your /signup/upsellplus.php link. For example, adding &additional[approvalurl]=https://somedomain.com/somepage.html will redirect the member to the https://somedomain.com/somepage.html url if ANY of the upsells are successful instead of showing the NATS page_upsell_approval template. Here are all of the available variables:

  • additional[approvalurl]=<url>?<query_string> - url to redirect to if ANY of the upsells are successful
  • additional[denialurl]=<url>?<query_string> - url to redirect to if NONE of the upsells are successful
  • additional[approvalposturl]=<url>?<post_data> - url to send a post to if ANY of the upsells are successful (this is in addition to not instead of the postback url defined in the NATS site admin)
  • additional[denialposturl]=<url>?<post_data> - url to send a post to if NONE of the upsells are successful (this is in addition to not instead of the postback url defined in the NATS site admin)

In order to use this feature, you need to set the signature password via the ADDITIONAL_SIGN_KEY config setting on the config admin -> surfer page in the one click systems section, sign the additional array in the url and provide the signature (additional[signature]=<signature>) in your request. Also, please make sure to remove the signature password value (additional[password]) from your request. Here is an example script.

<?php

$data = Array();
$data['additional'] = Array();
$data['additional']['password'] = '<value of the ADDITIONAL_SIGN_KEY config setting>';
$data['additional']['approvalurl'] = '<value>';
$data['additional']['denialurl'] = '<value>';
$data['additional']['approvalposturl'] = '<value>';
$data['additional']['denialposturl'] = '<value>';

ksort($data['additional']);
$dataString = implode('~~~', $data['additional']);
$data['additional']['signature'] = hash('sha512', $dataString);

unset($data['additional']['password']);

$query = http_build_query($data);

You will also need to make sure you have the following code on your upsellplus templates

{if !empty($additionalData) && is_array($additionalData)}
	{foreach from=$additionalData key=additional_key item=additional_val}
		<input type="hidden" name="additional[{$additional_key|escape:'htmlall'}]" value="{$additional_val}"/>
	{/foreach}
{/if}

Site Templates

Once you have set up your upsell options, your Upsell Plus URL, and any optional variables you wish to add to the process, you will need to modify new site templates if you want to customize the design of the Upsell Plus pages visited by your members:

  • gateway_upsell - Displayed to the member when they click an upsellplus link if their original subscription was purchased through a gateway biller
  • thirdparty_upsell - Displayed to the member when they click an upsellplus link if their original subscription was purchased through a third-party biller
  • page_upsell_approval - Displayed to the member if their upsell is approved
  • page_upsell_denial - Displayed to the member if their upsell is denied

There is also a _mobile version for each of the above templates, which is displayed to the member if NATS detects they are using a mobile device.

Additional Settings

As of NATS version 5.0.2.7, you can (optionally) enable the UPSELLPLUS_SKIP_HIDDEN_JOIN_OPTIONS configuration setting on the config admin -> surfer page in the 'one click systems' section to prevent NATS from showing hidden join options on the /signup/upsellplus.php page unless that join option is passed in via the upsellid or the upsellids variables. This feature has no impact on processing, only on display.

Additional Security

As of NATS version 4.1, Upsell Plus offers additional features that you can use to secure your member upsells. Member authentication strings allow you to require a verification string with member upsell submissions in order to prevent unwanted upsell attempts from outside sources, and traffic throttling allows you to prevent unwanted repeated access to your Upsell Plus pages.

Authentication Strings

This feature is disabled by default. If you want to enable this feature for your Upsell Plus transactions, enable the MEMBER_STRING_AUTH_UPSELLPLUS setting in the "Security" section of the Configuration Admin.

Once you have activated this setting, use the GET /member/authstring REST API endpoint to get the correct auth string for the member you want to process an upsell for. Please see our REST API Get Member Auth String wiki article for more information on this process.

This function will return the necessary auth string for the member to authenticate their Upsell Plus attempts. Include this auth string in the link for your member as shown in the example below:

https://<linkdomain>/signup/upsellplus.php?site=<siteid>&username=<username>&authstring=<authstring>

Throttling

Throttling is a security setting available in NATS 4.1 that allows you to temporarily lock out incoming traffic from a specific IP address if they submit too many requests to certain pages in NATS.

You can use the Throttling feature to help secure your upsellplus.php page, preventing surfers from forcing transactions without the correct auth string. Throttling settings are available in the "Security" section of the Configuration Admin.

Please visit our Throttling wiki article for general information about this feature.

Advanced Member Lookup

Usually, the member lookup is done using the siteid and the username parameters. That will uniquely identify the member record in NATS. However, that member record might have multiple subscriptions. It is also possible to link to the /signup/upsellplus.php script using a list of siteids instead of one siteid. In that case, it is possible that multiple member records (with multiple subscriptions each) match the initial lookup. When NATS is not able to determine a unique subscription, it will show the page_choose_subscription template so that the surfer can specify the subscription to use. You can use additional flags to narrow or widen that lookup. You can use them by adding the params to the URL and/or the form on the template.

Main Lookup

username and site (or siteid) => this method is the default and works in the majority of the use cases, but can lead to multiple matching subscriptions for the same member record.

OR

memberid and session => just like the 'username and site' method above, this method works in the majority of use cases but can lead to multiple matching subscriptions for the same member record.

OR

username and siteids => this method works well when you have unique usernames for all of your NATS sites. In that case, it can only lead to multiple matching subscriptions for the same member record. If you do not have unique usernames for all of your sites, this method can lead to multiple matching members as well.

OR

memberidx (<biller>:<biller subscriptionid>) => this method will always lead to 1 subscription

Lookup Flags

These flags are used to narrow or widen the initial member lookup

Subscription status (these options are mutually exclusive)

  • active_only => only return active subscriptions
  • expired_only => only return expired subscriptions
  • when neither flag is provided => return both active and expired subscriptions (default)

Subscription attribution (these options are mutually exclusive)

  • billerName => only return subscriptions for the given biller
  • allow_NATS_biller => allow subscriptions with the NATS:<value> memberidx (for example, NCR joins)
  • when neither flag is provided => do not return subscriptions with the NATS:<value> memberidx (default)

Ordering Flags

These flags are used to order matching subscriptions on the page_choose_subscription template

  • prefer_active => show active subscriptions first (default)
  • prefer_expired => show expired subscriptions first

Limit Flags

These flags are used to return only 1 subscription

  • most_recently_accessed_only => return only the most recently created/updated subscription (default)
  • least_recently_accessed_only => return only the least recently created/updated subscription