Member Usernames & Passwords

From TMM Wiki
Revision as of 09:21, 18 April 2013 by TMMBill (talk | contribs)
Jump to navigationJump to search
NATS 4
Members Admin
The Members Admin
View Member Details
Add Member
MySQL Auth
Mod Authn DB
Multisite Access
Member Logging
Member Password Retrieval
OpenID Connect
Mod Auth OpenIDC
ID Numbers
Skins and Templates Admin
The Skins and Templates Admin
Skins
Templates
Site Templates
Language Skins
Language Files
custom_errors.php
Join Page Variables
Skipping NATS Join Form
Post URL Variables
Member Usernames & Passwords
Form Validation
Username Recommendations
Password Retrieval
Post-Biller Templates
Geo-Target Join Options
Random Usernames and Passwords
Smarty
Smarty print array
Smarty Plugins
Available Smarty Functions
Affiliate Support Template
Adding a Verification Image
Custom Program and Campaign Selection Pages
Output An Affiliate's Last Paid Date
Affiliate Signup Email
Affiliate Join Page Linkcodes
Approval/Upgrade/Denial Variables
Approval/Upgrade/Denial Template Variables
CSS Theme Builder
NATS 3
Skins & Templates Admin
Smarty Plugins
Skins
Editing Skins
Creating Skins
Switching Skins
Templates
nats_code
Affiliate Stats Template
Affiliate Support Template
Affiliate Login Template
custom errors.php
Template Array Variable
Detailed Stats
NATS Variables
Dialer Statistics
Affiliate Signup
Post URL Variables
Member Usernames & Passwords
Output An Affiliate's Last Paid Date
Custom Program and Campaign Selection Pages
CAPTCHA Removal
Username Recommendations
Password Retrieval
Post-Biller Templates
Geo-Target Join Options
Template Caching
Random Usernames and Passwords
Base Templates
Protecting Template Data
Mail Reseller Signup Template Variable Names
Smarty
Smarty print array
News Section Templating
Affiliate Signup Email
Getting The NATSCode
Checking for Usernames on All Sites
Adding Stats to Affiliate Pages
Affiliate Join Page Linkcodes

NATS stores members' unencrypted and encrypted passwords by default. However, it also offers a feature that makes NATS only store a member's encrypted password for additional security. You can do this by going to the NATS4 Configuration Admin and going to the "Surfer Configuration" section. There, you will find an setting called MEMBERS_NO_UNENCRYPTED. Simply check this setting if you only want to store encrypted member passwords. Note: This means that NATS will not have this information to send to billers. If you are using a biller that requires password information to be sent to them from NATS, you will need to allow the specific billers' join page to enter the username and password information. When the biller sends this information back, we will still not store the password, but rather update the cryptpass accordingly so that authentication for the member still works.

You can also use additional Surfer Configuration settings to set further restrictions or permissions on member passwords and usernames. These settings include:

  • MEMBERS_NO_ACTIVE_UNENCRYPTED - Does not store unencrypted passwords for active members only.
  • USER_PASS_MATCHOK - Allows the member to have a matching username and password.
  • REUSE_MATCHING_USERNAME - Allows the member to add a new subscription to an existing account when the username and e-mail address match.
    • If a Username is taken, but status is expired or not signed up for more then 1 day:
      • If the surfer signing up can match the email a new subscription is created in the existing member record.
      • If the surfer signing up can not match the email, the existing member record gets renamed and a new member record is created.
    • If a Username is taken, and is active:
      • If the surfer can match the email with the original username, a new subscription gets created in the member record.
      • If the surfer can not match the email, they will be prompted with an error that the name is already taken.
  • NO_RANDOM_PASSWORDS - Does not allow NATS to create a random password for members signing up without passwords.
  • UNIQUE_MEMBER_NAMES - Determines whether or not members on separate sites can have the same username. For more information, please see our UNIQUE_MEMBER_NAMES writeup.
  • MEMBER_GET_NEW_USERNAME - Allows NATS to recommend new usernames to surfers if their chosen name is already in use. For more information please see our MEMBER_GET_NEW_USERNAME writeup.
  • RANDOM_USERPASS_DISALLOW_LIST - Sets disallowed characters for random username and password generation.
  • NEVER_RENAME_EXPIRED_MEMBERS - Disallows NATS from renaming any expired members. This will prevent members from signing back up unless REUSE_MATCHING_USERNAME is on.

Limiting Username & Password Length

To limit a member's username and password length, find the following code on the pre-join form template:

<TD class="join_name">Username:</TD><TD class="join_value"><input class="join_input" type="text"
name="signup[username:1:6:16:::username_check]" value="{$vars.username}">...

An important section to note is the following: [username:1:6:16:::username_check]

The fields between the colons above are: $name, $required, $min, $max, $compare, $ses_compare, $special, and $convert. Simply change the $max field to the maximum number of characters you would like to be accepted as a username or password.

Reusing Old Usernames

NATS also allows you to reuse old usernames by adding the following variable to your join form template:

<input type="hidden" name="signup[rename_old_member]" value="1">