NATS4 Site User Management
NATS can send a postback script of your choosing every time a username gets added, removed, changed, expired, or checked. This is mostly used if you use an external verification script for checking user details. To use this postback script, go to the Sites Admin, edit a tour of your choosing, and enter your script's URL in the Management URL field. For other postback examples, please check this article: NATS4 Postbacks and Post URLs
You can also prevent NATS from posting members' personal information through the user management postback script by using the Sites Admin. Simply edit the site you want to affect, and check the "Disable Storing Personal Member Information" box on the Edit Program page. This will prevent information from the member_info table from being sent (i.e., first name, last name, address, etc.).
Each request identifies what actions the particular user (based on username) took to trigger the script. Your script should reply with one of the following messages:
- OK|message
- NOTOK|message
- ERROR|message
Replace "message" with a detailed explanation of your choosing.
Username Actions
Certain actions (calls) in NATS will trigger your user management script, returning a wide variety of parameters. The parameters passed in most of the user management calls will be similar, as a large amount of these parameters are taken from the NATS members table (i.e., memberid, status, joined, siteid, username, IP, etc.).
Additionally, most of these calls use identical parameters to pass back information. These calls are ACTIVATE, MANUALADD, DELETE, and TRIALTOFULL.
ADD
Sent when a new username should be added to the user management system for user access. This occurs when a new member registers on one of your sites.
This sends parameters from the members table, as well as the following extra parameters:
- member_subscription_id, memberidx, billerid, statid, cost, cost_charge, spent, refunded, charges, next_rebill, optionid, rebills, active, expires, nats_expires, biller_expires, original_optionid, created_date, loginid_assigned, identid_assigned, member_identid, member_loginid, country, xsell_success, last_modified, mychanges_username/password/status/trial/mailok/marked, new_status/trial/mailok/marked, siteid, username
MANUALADD
Sent when a username is manually added via the members admin.
This sends the available parameters from the members table, as well as the additional parameters sent by the "ADD" user management call.
ACTIVATE
Sent when a user has rebilled through the biller. This is used to record a rebill, or to convert a member from a trial membership to a full membership.
This sends the available parameters from the members table, as well as the additional parameters sent by the "ADD" user management call.
TRIALTOFULL
Sent when a user upgrades from a trial to a full membership.
This sends the available parameters from the members table, as well as the additional parameters sent by the "ADD" user management call.
Note: Your script might be run more than once when doing a conversion.
CHANGE
Sent when a current username or password should be changed to a new username or password. This will only pass back a new username or new password if there is a new value for either.
This sends a few different parameters from other other user management calls. The "CHANGE" call also sends parameters such as new_username, new_password, new_cryptpass, new_token, etc.
DELETE
Sent when a user's account should be immediately removed from the active user list.
This sends the available parameters from the members table, as well as the additional parameters sent by the "ADD" user management call.
EXPIRE
Sent when a user's account should be expired on the provided date. The date might be in the past.
This sends the available parameters from the members table, as well as the additional parameters sent by the "ADD" user management call. This call also sends the expires parameter, expressed in unix_timestamp format.
CHECK
Sent to check if a username is available, or already exists in your NATS database.
=== NOTE: If the username does exist, the reply should be "OK". If the username does not exist, the reply should be "NOTOK". ===
This sends the following parameters: username and siteid.
Error Logging
If the reply is "ERROR", NATS will add the error to the surfer's note so you can see the problem in the Members Admin.
Sample Scripts
The following script allows you to log any Postbacks sent by NATS to your User Management script. This script will take any information being posted to the user management script, and store it in a specified log file. In order for this script to work, you must first make your user management log file writable by Apache. To do so, you must change the /home/path/nats4/user_management.log path found in the following sample script to where your NATS4 user_management.log file is located.
NOTE: Make sure that the log is NOT in a web accessible folder.
<? /** Adding a date to the first value. **/ $message = '[' . date('Y-m-d H:i:s') . '] '; /** Looping through all request variables. If it is an array, we loop within. **/ foreach ($_REQUEST as $key => $val) { /** Add what the value is, what the name is. **/ if (is_array($val)) { foreach ($val as $val_key => $val_val) $message .= "&{$key}[{$val_key}]={$val_val}"; } else $message .= "&{$key}={$val}"; } /** Adding a return message to the log **/ $message .= "\n"; /** Adding the log to the specified file **/ error_log($message, 3, '/home/path/nats4/user_management.log'); /** Respond NOTOK so the User Management call isn't triggered **/ echo 'NOTOK'; ?>
You may use the following sample script provided by Tanguy de Courson to put your User Management in effect.
/** * A password authentication script for the NATS user management feature * where NATS posts the authentication to your authentication script * * NB: all functions MUST print out * OK|~message~ * or * NOTOK|~message~ * or * ERROR|~message~ * * @author Tanguy de Courson * **/ switch(@$_REQUEST['action']) { /** * Additional parameters: memberid, username, password, email, siteid, biller, trial * This call is done whenever a new username should be added to the user management for access. */ case 'ADD': add_user(); break; /** * Additional parameters: memberid, username, password, email, siteid, biller, trial * This call is done whenever a new username should be added to the user management for access. * This is generally done when reactivating someone who has been removed. */ case 'ACTIVATE': add_user(); break; /** * Additional parameters: memberid, username, password, siteid, biller, trial * This call is done whenever a username is manually added via the members admin or a biller refresh. **/ case 'MANUALADD': add_user(); break; /** * Additional parameters: memberid, username, siteid, biller * This call is done whenever a user changes from trial to full membership. **/ case 'TRIALTOFULL': upgrade_user(); break; /** * Additional parameters: memberid, username, siteid, biller, new_username, new_password * This call is done whenever an old username should be updated to a new username and/or password. **/ case 'CHANGE': change_password(); break; /** * Additional parameters: memberid, username, siteid, biller * This call is done whenever a current user should be immediately removed from the active user list. **/ case 'DELETE': delete_user(); break; /** * Additional parameters: memberid, username, siteid, biller, expire (YYYY-MM-DD format) * This call is done when a current user should be expired on a given date. The date MIGHT be in the past. **/ case 'EXPIRE': expire_user(); break; /** * Additional parameters: username, siteid * This call is done to verify if a username is still available. If the username DOES exist, the reply should be OK. If the username DOES NOT exist, the reply should be NOTOK. **/ case 'CHECK': check_user(); break; } function add_user() { } function upgrade_user() { } function change_password() { } function delete_user() { } function expire_user() { } function check_user() { }