Documentation for directory & membership software

NeedSecure 2 - Security itself

VERY IMPORTANT!
Please download and run the NeedSecurity system Test Utility BEFORE purchasing our application. Please mind that running the Test Utility will help you make sure that NeedSecure 2 is fully compatible with your server requirements. Use these instructions for correct utility installation

Company News
04.12.2010 - Hosting
The experience and high qualifications of our developers and IT professionals of our company have allowed us to develop a unique offer for our new clients. read more

NeedSecure 2 - the next generation web site protection system

1.4.1 NeedSecure 2 Uninstallation

1.8 NeedSecure 2 Interface elements

1.8.4 Confirmation or error messages

1.8.6 Errors in data validation

2. Administration management configuration

3. Members management configuration

Documentation/Screenshots

NeedSecure 2 is a complete, efficient membership management and password protection software with a robust functionality and intuitive easy-to-use web interface for both multi-level administrators and members. The software offers four different protection methods which ensure the security of your web site. With just a single click you can protect any of its areas and easily add paid products/subscriptions. Unlimited payments, unlimited accounts, detailed statistics with graphs, coupons, discounts and lots more. NeedSecure 2 configuration and management can be done with absolutely no knowledge of programming, authentication mechanisms or PHP.

Back to the Top

1.2 About this guide

This guide explains how to configure, manage and administer NeedSecure 2. It consists of two main sections that provide a comprehensive walkthrough of the most important parts of the administration and members interfaces. Each of the parts explains the step by step process of using the system and outlines some nuances related to the key features of NeedSecure 2.

Back to the Top

1.3 System requirements

Server requirements:

Unix-hosting
Apache Web Server version 1.3.41 or later
PHP4/PHP5 support
Zend Optimizer v3.0.0 or higher
Database MySQL version 4.1.22 or later
Cron support
mod_auth (mod_auth_basic) module
mod_env module
mod_rewrite module
mod_proxy module
libcurl version 7.16.2
fsockopen support
mbstring support
gd library support

Browser requirements (obligatory for administration management only):

Firefox 2 or later
Internet Explorer 6 or later
Safari 2.0.2 or later
Opera 9
JavaScript enabled
Cookies enabled
recommended Flash Player 9 or later support

IMPORTANT! Please mind that NeedSecure 2 does NOT work with the enabled FrontPage Server Extensions!

Back to the Top

1.4 NeedSecure 2 Installation

The installation process is extremely simple, the Test Utility automatically performs the system compatibility check. Besides the fields requiring technical details are also automatically filled in, though can be changed manually if necessary. To install NeedSecure 2 an administrator has to pass through the following steps:

First of all please download NeedSecure 2 .zip file and unzip it either directly to some server folder or locally. If you unzip the software locally please upload all the unzipped files and folders to your server using any FTP manager. After that please enter the full path to the NeedSecure 2 in your browser address bar (e.g. http://mydomain.my/needsecure2/) and the installation process will start.
IMPORTANT! Please mind that it is necessary to upload the unzipped NeedSecure 2 files to your server ONLY in binary mode!
The process starts with the welcome screen where one can get acquainted with the general information about the software and the company-developer.
After pressing the “Next” button on the welcome screen page the NS System Test Utility performs the automatic compatibility check, if it detects any compatibility issues a user is taken to the page where the list of errors is displayed and it is impossible to continue installation until all the errors are eliminated; in case the software is fully compatible with the system the user is taken to the Terms of service page where it is necessary to read carefully all the terms and agree to them. The user has to check the “I agree” box to be able to continue the installation.
By clicking “Next” on the Terms of service page the user proceeds to the System settings where it is possible to configure General, Database and Date-time settings. In the “License code” field user needs to enter licence ID, that was sent to the client via e-mail message after purchasing. All licence information is also stored in LMH user panel, access to which is sent via e-mail to each buyer. Here user can view all his licences, edit/add domains, change his login/password and make requests for refunds if needed. If you didn’t receive licence ID or access information for LMH user panel for some reasons, possibly because of a system error, please contact our support team for fixing this problem. The fields “Script URL”, “Absolute path” and “IP address” in the General Settings are filled in automatically (the user is able to change them manually but it is highly recommended not to change the automatically detected values, unless the administrator is completely sure of what he/she is doing). If the values in the Database Settings appear invalid the warning icon with a tooltip is displayed beside the settings and it is not possible to continue the installation. It is also highly recommended not to change the value in the “DB table prefix” field. The user may change System settings later when logged in as an administrator in the System configuration section.
After clicking “Next” on the System settings page the user is directed to the Admin settings page. The Super administrator’s account is set on this page. It is obligatory to give a valid e-mail address as the password for the super admin is generated automatically (for security reasons) and sent to the specified e-mail address along with the login details. Thus, the e-mail address MUST BE CORRECT to avoid the reinstallation of the software. If for any reason it is impossible to send the e-mail with the login details, this information is displayed on the next page (the last page with the confirmation of the successful installation).
After filling in the super admin information the user proceeds to the Final page with the confirmation of successful registration.
WARNING! PLEASE BE VERY CAREFUL! Do NOT lose super admin’s login or password, they cannot be recovered as we do NOT leave backdoors for security reasons.
Please mind that it is very IMPORTANT to configure the server time-based scheduling service correctly. It is necessary for NeedSecure 2 to close member subscriptions, to inform members of different events in time. The correct configuration is also important for e-mail sending. Here is the step-by-step example of the server time-based scheduling service configuring (we used Cron):

There are two ways to confi1gure Cron – via Cpanel or via console.

A. Configuration via Cpanel.

Please enter the Cpanel of your web site. Cpanel

Then go to the “Advanced” section and choose “Cron jobs”. Cpanel

You have to create a new task for your Cron there. You need to choose the method of task creation either “Standard” or “Advanced”. Cpanel

If you choose the “Standard” option you are directed to the “Standard Cron Manager” interface. Cpanel

In the “Please enter an email address where the cron output will be sent” you need to enter the e-mail address to receive notifications every time Cron fulfills the corresponding task.

You need to specify the path to the NeedSecure 2 script in the “Command to run” field: /usr/bin/curl www.demo.needsecure.com/needsecure/cron/ . The correct way of entering the path is as follows – first “/usr/bin/curl” (the full path to the cURL on the server), then press “Space” and www.demo.needsecure.com/needsecure/cron/ (the main script URL to execute). An administrator can find the URL which must be executed in the Main script URL field after NeedSecure 2 is installed. IMPORTANT! Please mind that it is OBLIGATORY to add “cron/” to the URL in the “Main script URL” field after the software installation.

You need to choose the timetable for executing the NeedSecure 2 script in the tables below the “Command to run” field. We insistently recommend setting the frequency of the script execution to every 5-10 minutes.

It is possible to check whether Cron was configured correctly. You have to view the Email History. The information about all the messages is displayed there after the e-mails are queued and sent in packs.

Finally please press the Save Crontab button to commit changes. Cpanel

In case you need to delete a task please press the Delete button and then the Save Crontab button to save changes.

The “Advanced” option. Cpanel

The “Advanced” interface does not differ much from the “Standard” one. In the “Please enter an email address where the cron output will be sent” you need to enter the e-mail address to receive notifications every time Cron fulfills the corresponding task. You can enter several commands to execute at a time in the “Command” column. You can also add lines with commands by pressing the Add Cronjob button. Here you should mind the correct syntax of the dates you input. For the changes to take place please press the Commit changes button.

B. Configuration via console.

You need to enter the console and properly edit the “/etc/crontab” file (it is possible to find the tips here - http://en.wikipedia.org/wiki/Cron). It is necessary to configure it to execute the NeedSecure 2 script by URL, please do not forget to add “cron/” to the main script URL. You have to specify the path to the NeedSecure 2 script: /usr/bin/curl www.demo.needsecure.com/needsecure/cron/ . The correct way of entering the path is as follows – first “/usr/bin/curl” (the full path to the cURL on the server), then press “Space” and www.demo.needsecure.com/needsecure/cron/ (the main script URL to execute). An administrator can find the URL which must be executed in the “Main script URL” field after NeedSecure 2 is installed. IMPORTANT! Please mind that it is OBLIGATORY to add “cron/” to the URL in the “Main script URL” field after the software installation.

We insistently recommend setting the frequency of the script execution to every 5-10 minutes.

You have to restart Cron after you make any changes.

Back to the Top

1.4.1 NeedSecure 2 Uninstallation

It is very easy to uninstall our software. An administrator should enter his/her server using any ftp manager and delete all the unzipped NeedSecure 2 files and folders; it is also necessary to delete the NeedSecure 2 records (if any were added) from the database.

If you experience any problems during the installation or deletion of our software you are always welcome to contact our technical support via e-mail – support@conkurent.com .

Back to the Top

1.5 Contacting Conkurent LLC

Email addresses:
Support: support@needsecure.com
Sales: sales@needsecure.com
Info: info@needsecure.com

Mailing address:
Conkurent, LLC
762 E Whispering Oaks Dr
Palatine, IL 60074
USA

Back to the Top

1.6 Quick overview

NeedSecure 2 is a comprehensive and easy-to-use, single download software that allows you to add protection to any areas of your web site, control membership, track billing, view statistics, use in-built mailing tools and much more. Quick overview

NeedSecure 2 gives you powerful free/paid product access and web site protection functionalities in one simple comprehensive setup. By bringing together professional password protection and product groups with multi-aspect membership functionality under a single roof, NeedSecure 2 adds more business sense to the IT industry in general.

NeedSecure 2 includes several protection mechanisms that give you much broader opportunities in selecting the exact protection type you need in this or that situation. It is possible to protect web directories using 4 different protection types - standard mod_rewrite, sessions, cookies, php prepend. You may enable several protection types simultaneously, in case it is necessary the NeedSecure 2 system automatically defines the available method combinations.

NeedSecure 2 sets very high security standards and applies break in prevention technologies: CAPTCHA appears after the defined number of login failures, it is possible to temporary block an IP address if a wrong password continues to be entered for the defined number of attempts. The Password Sharing Prevention system component monitors the attempts to log in to one and the same member account from different IP addresses simultaneously, if the set number is exceeded the member account is automatically given the Suspended status. An administrator can also ban IP addresses.

With just a couple of clicks you can add products/subscription payments, coupons, define discounts, trial periods and prices for a day/month/3month/6month/year/5years usage. You will be able to customize registration forms, create custom pages for SEO purposes, add multiple languages, news, ban IP addresses, set expiration dates, add multi-level administrators etc.

Back to the Top

1.7 Using the help system

The software help system consists of tooltips and warning messages which considerably simplify managing NeedSecure 2. They are described in the Interface elements. Every user is always welcome to contact technical support service via e-mail – support@conkurent.com – to receive any necessary assistance.

Back to the Top

1.8 NeedSecure 2 Interface elements

1.8.1 Menus, tabs

There is a detailed menu in the left part of the software interface. It consists of sections which are divided into subsections. Clicking the name of any subsection will take an administrator to the page where it will be possible to make corresponding configurations. menu tabs

Back to the Top

1.8.2 Filters

There are filters (Search panels) at the top of subsection pages (where necessary) which enable a user to receive only the exact data he/she searches for. The Search Panels facilitate and reduce the time of managing the software. They may be hidden or shown by pressing the Search Panel Show/Hide button. Filters

Back to the Top

1.8.3 Page view

The “per page” and “page” options (where necessary) allow a user to determine the number of search results to display per one page and to go to the next or return to the previous page correspondingly. Page view

Back to the Top

1.8.4 Confirmation or error messages

After any changes take place a user gets a message at the top of any page informing of a successful operation completion (in green color) or warning of an error (in red color). Confirmation messages Error messages

Back to the Top

1.8.5 Tooltips

A tooltip icon beside the fields in the subsections (where necessary) provides additional helpful information as to the appropriate data inputting. It is necessary to hold the mouse cursor on this icon to view the tooltip information. Tooltips

Back to the Top

1.8.6 Errors in data validation

In case the data in any field appears invalid the field frame becomes red and a tip in red letters under the field name is displayed to provide help as to the correct filling in. Errors in data validation

Back to the Top

1.8.7 Sorting of data

There is a possibility to sort the information displayed in some subsections in an ascending and descending order depending on the user needs. The order is changed by a single left mouse click on the column head and the arrow shows the direction of data sorting. Sorting of data

Back to the Top

1.8.8 Date picker

The date pickers in the subsections (where necessary) allow to choose the displayed data according to the date, a user does not have to type the date manually.

Back to the Top

1.8.9 Importing data

There is an import icon beside the fields where it is possible to import data. There is no need to retype the information, it is automatically transferred (e.g. when editing a product description it is possible to import the description from one language to another).

Back to the Top

1.9 Design Management

In the Enterprise version the administrator has a capability to change the user panel design individually for authorized and/or unauthorized users. Lower script versions (Basic and Pro) allow the administrator to change only default templates.

A current template can be chosen in the section System Configuration -> Design Manager.

The default template is stored in the folders listed below:

path to Needsecure/css/default – css templates
path to Needsecure/img/default – images
path to Needsecure/system/application/views/default – html templates

To create your own template in the Enterprise version, you need to copy the above specified folders to the following directories, where new_template is the name of your template:

path to Needsecure/css/<new_template>
path to Needsecure/img/<new_template>
path to Needsecure/system/application/views/<new_template>

Then edit the content of these folders.

Overview

You can place NS blocks of code on the page in a random order, as well as select various color schemes for these blocks. This is done by using a 100% template-based design of NS. This section discusses various actions that can be performed in the context of field management. It contains the following topics:

Basic principles of the template system.
Global special tags.
Templates of NS major pages.

Basic principles of the template system

Templates and special tags are the key concepts of the front-end interface. Special tags can be global and local. Let's look at these concepts in greater detail.

A template consists of one or more text files that contain a combination of HTML tags and NS special tags and represent a certain element of the page. Templates do not contain specific information, they just format data on the site.

A special tag is a string of a certain type which is processed by the script and replaced with the appropriate value.

A global special tag is a tag which is processed in any template regardless of the template's purpose or nesting level.

A local special tag is a tag which is processed only in the current template.

Global special tags

{header} – the website headline. It includes meta tags and Javascripts, displays user information, a language selection form, and a logo. The headline must always be used with {footer};
{menu} – it includes the website menu navigation (the left-side column);
{footer} – it has no information which can be displayed to a user but is required for a page correct formation. {footer} has to be always used with {header};
{base_url} – root url. It is set in the administration section on the page System Configuration->Global Setup in the field “Main script url”

Syntax of special NS tags

The following constructions are met in templates:

{var} – a variable; “var”– a name of a variable;
{name}…{/name} – cycle, where “name” can be any name;
{if_name}…{/if_name} {else_name}…{/else_name} is equivalent to the following construction “if (true) {…} else{…}”. It differs from the cycle by availability “if” or “else” in the beginning of the name.
<{name}> - language variable, where “name” is any name.

Templates of NS major pages

For the registered users:

error_box.html (system\application\views\<new_template>\reg\user\common):

{box_class} – contains the css class name for the basic div;
{box_display} – indicates whether to show the basic div or not;
{class} и ‹id› – these two variables make up the div identifier which contains a text;
{display} – indicates whether to show or hide texts which are located in div-s with texts.
{item_class} – indicates css style for every text div;
{items} … ‹/items› – is a loop that goes through each error messages generated during the script runtime.
{text} – a message displayed on pages.

pager.html (system\application\views\<new_template>\reg\user\common):

{url} – the address of a page at which a pager is placed;
{sort_link} – a row of the form “/sort_by/sort_how”, where “sort_by” is a table’s column by which sorting is implemented, “sort_how “ is a sorting order (ascending or descending);
{perpage_list}… {/perpage_list} – a cycle which forms a drop-down list enabling to select the number of records per page {value}, {selected} – defines the selected value;
{page_selector} … {/page_selector} – enables/disables pages navigation;
{next_pages} … {/next_pages} – defines availability of the next page;
{current_per_page} – the number of records per page;
{next_page} – the number of the next page;
{pages} – total amount of pages;
{page_range} … {/page_range} – cycle which forms a drop-down list enabling page’s number {value} selection, where{selected} is a current (selected) page;
{prev_pages} … {/prev_pages} – defines availability of the next page;
{prev_page} – the number of the previous page.

footer.html (system\application\views\<new_template>\reg\user):
uses only global variables (read “Global variables”)

header.html (system\application\views\<new_template>\reg\user):

{header_title} – a page header;
{keywords} – keywords for a page’s description;
{config_script} … {/config_script} – indicates whether to integrate the JavaScript code passed to the template or not.
{content} – the JavaScript code passed to a template by the application.
{user_scripts} – indicates whether to download JavaScript files passed to a template
{script} – a list of JavaScript files passed to a template.
{warnings} … {/warnings} – a cycle which goes through all notifications {text} and installs ID{id} along with a style’s class{style} for the element which displays it;
{user_name} – displays the name of a current user;
{last_login_date} – displays the last visiting date of a current user;
{home_link} … {/home_link} – indicates whether to display a home page link;
{multi_language} … {/multi_language} – indicates whether to display the language menu for the Enterprise version
{content} – the language menu for the Enterprise version

menu.html (system\application\views\<new_template>\reg\user):

{active_products} … {/active_products} – displays or hides an item of the menu “active products” depending on the settings;
{paid_invoices} … {/paid_invoices} – displays or hides an item of the menu “paid invoices” depending on the settings;
{site_info} … {/site_info} – displays or hides an item of the menu “site info” depending on the settings;
{menu_additional} … {/menu_additional} – generates items of the menu for user pages if they are available;
{page_title} – the text of a separate menu item;

multi_language_menu.html (system\application\views\<new_template>\reg\user):

{current_url} – a current page address;
- {languages} … {/languages} – a cycle which forms an available languages list;
- {selected} – currently selected language;
  - {name} – language name;
- {change_language_disable} – allows or disallows language changes depending on the settings;
- {simple_translate} … {/simple_translate} – if set, displays an icon-link for editing of language constants translation for a current page;

remote_login_form.html (system\application\views\<new_template>\reg\user):

{login} – a login of a current authorized user.

remote_system_offline.html (system\application\views\<new_template>\reg\user):

{offline_reason} – a message displayed when the system status is offline

access_problem.html (system\application\views\<new_template>\reg\user):

{title} – message header;

after_buy.html (system\application\views\<new_template>\reg\user):
uses only global variables (read “Global variables”)

cancel_subscr.html (system\application\views\<new_template>\reg\user):

{message_box} –displays a message;
{error_box} – displays an error message;
{if_form_show} … {/if_form_show} – indicates whether to display the form or not;
{name} – a phrase which has to be typed by a user;

change_password.html (system\application\views\<new_template>\reg\user):

{message_box} – displays a message;
{error_box} – displays an error message;

custom_page.html (system\application\views\<new_template>\reg\user):

{page_content} – a page content set in the administration panel in the section Manage Pages while editing this page;

info.html (system\application\views\<new_template>\reg\user):

{if_product_list} … {/if_product_list} – defines whether a user is subscribed to any products or not;
{product_list} … {/product_list} – a cycle through the user’s products list. The list has the following parameters:
- {name} – product name;
{if_product_free} … {/if_product_free} – defines whether the product is free of charge or not;
- {currency} – currency;
- {output_regular_price} – price;
- {type1} – description;
- {subscr_cdate} – the subscription start date;
- {subscr_expire_date} – the subscription expiry date;
- {subscr_regular_period_value} {/subscr_regular_period_type} – set subscription period;
- {p_dirs} … {/p_dirs} – the list of directories which the product belongs to; where {name} is the directory name;
- {if_image} … {/if_image} – defines the visibility of the product ;
- {descr} – the product description;
{else_product_list} … {/else_product_list} – displays a message when a user doesn’t have any products;
{if_news} … {/if_news} – defines whether the news is available or not;
- {name} – the news name;
- {date} – the news date;
- {descr} – the news text;

lang_changed.html (system\application\views\<new_template>\reg\user):

{back_url} – a link to the previous page;

logout.html (system\application\views\<new_template>\reg\user):
Contains only global variables (read “Global variables”)

market_sale_nodes.html (system\application\views\<new_template>\reg\user):

{if_products} … {/if_products} – defines whether any products are available for the user or not;
{products} … {/products} – the user products list. The list parameters:
- {product_name} – the product name;
- {if_image} … {/if_image} – defines whether the product is displayed or not;
- {product_descr} – the product description;
- {group_name} – the product group name;
- {if_is_recouring} … {/if_is_recouring} – defines whether the product is recurring;
- {else_is_recouring} … {/else_is_recouring} – defines whether the product fee is one time;
- {if_trial_period} … {/if_trial_period} – defines whether a trial period is available for the products;
  - {trial_period_value} {/trial_period_type} – the trial period duration;
  - {currency} – currency for the trial period;
  - {trial_price} – trial period price;
- {if_not_free} … {/if_not_free} – if the product is paid, the price list {prices}is displayed, where {period} is the subscription period, {price} is the price for a corresponding period;
- {if_discount} … {/if_discount} – a “discount” icon is displayed if the product is discounted;
- {if_free} … {/if_free} – a “free” icon is displayed in case of a discount;
- {else_products} … {/else_products} – a message is displayed in case there are no products available to the user;

market_sale_page.html (system\application\views\<new_template>\reg\user):

{products} – displays a generated code from the market_sale_nodes.html template;
{groups} … {/groups} – displays the product groups list where {name} is a group name;

news_all.html (system\application\views\<new_template>\reg\user):

{news_table} – displays a table with all the news list

news_latest.html (system\application\views\<new_template>\reg\user):

{if_news_list} … {/if_news_list} – displays news if it is available.
- {items} … {/items} – a cycle through the news list;
  - {if_item_0} … {/if_item_0} – defines the last news style;
  - {if_item_1} … {/if_item_1} – defines the style for the last but one news;
  - {if_item_2} … {/if_item_2} – defines the style for the third news from the bottom;
  - {if_item_3} … {/if_item_3} – defines the style for the fourth news from the bottom;
  - {if_item_4} … {/if_item_4} – defines the style for the fifth news from the bottom;
  - {name} – the news header;
  - {date} – the news date;
  - {descr} – the news content;
- {submit_button} – displays the button to move to all news list;
- {else_news_list} … {/else_news_list} – a message is displayed in case the news is not available;

news_show.html (system\application\views\<new_template>\reg\user):

{name} – the news header;
- {date} – the news date;
- {add} – the news content;
- {submit_button} – a button to return to the previous page;

profile.html (system\application\views\<new_template>\reg\user):

{message_box} – displays a message
- {error_box} – displays an error message;
- {email_authentication} … {/email_authentication} – defines whether to display a user’s login {login} or not;
- {email} – user email;
- {name} – user name;
- {last_name} – user’s last name;
- {add_fields} – additional fields;

redirect.html (system\application\views\<new_template>\reg\user):

{title} – a header of the message on the redirection page;
- {url} – a link to redirecting page;

register_success.html (system\application\views\<new_template>\reg\user):
uses only global variables (read “Global variables”)

subscription.html (system\application\views\<new_template>\reg\user):

{if_total} … {/if_total} – total amount {total} of subscriptions is displayed in case the user has at least one subscription;
- {if_items} … {/if_items} – a subscriptions table {market_table} is displayed in case the subscriptions list is not empty;
- {else_items} … {/else_items} – a message is displayed if a subscription table is empty;

system_offline.html (system\application\views\<new_template>\reg\user):

{offline_reason} – a message;

table.html (system\application\views\<new_template>\reg\user):

{table_class} – css table style;
- {table_width} – table width;
- {columns} … {/columns} – a cycle which forms the first line of the table (column names);
  - {if_column_sortable} … {/if_column_sortable} – defines whether the table can be sorted by a selected column or not;
  - {if_column_sort_style} … {/if_column_sort_style} – a sorting style is applied to the sorted column;
  - {column_name} … {/column_name} – column name;
  - {if_column_sort} … {/if_column_sort} – if a column is sorted:
  - {if_sort_asc} … {/if_sort_asc} – if the sorting is done in an ascending order, the vertex of a triangle icon is upward;
  - {if_sort_desc} … {/if_sort_desc} – if the sorting is done in a descending order, the vertex of a triangle icon is downward;
  - {else_column_sortable} … {/else_column_sortable} – if the column cannot be sorted, the column name {column_name} is displayed;
- {rows} … {/rows} – cycle which forms table rows;
  - {if_odd} … {/if_odd} and {if_even} … {/if_even} – defines the style for each row;
  - {cells} … {/cells} – cycle which displays the table rows;
    - {cell_class} – the table cell style;
    - {if_cell_link} … {/if_cell_link} – if the cell content is a link;
      - {cell_link_class} – css class for the link;
      - {cell_link} – an address the link leads to
      - {cell_text} – a cell text;
    - {else_cell_link} … {/else_cell_link} – if the cell text isn’t a link, cell text {cell_text}is displayed
- {pager} – provides pages navigation;

transaction_info.html (system\application\views\<new_template>\reg\user):

{error_box} – displays an error message;
{if_no_error} … {/if_no_error} – if there are no errors, transaction details are displayed;
{if_info} … {/if_info} – if available, the list of details is displayed;
{info} … {/info} – the list of information regarding transaction;
- {item} – transaction details from the information list;
{if_date} … {/if_date} – if available, the date {date}is displayed;
{pay_system} – payment system;
{amount} – the transaction amount;
{button} – a button which directs back to the transactions list.

error_page.html (system\application\views\<new_template>\reg\user\authorize_net):

{return_back} – a link to the “active products” page;
{reason} – an error message;
{header_error} – a message header;

form_proceed.html (system\application\views\<new_template>\reg\user\authorize_net):

{if_title} … {/if_title} – if available, the form title {title} is displayed.
{a_form} – a form which sends data to authorize.net

field.html (system\application\views\<new_template>\reg\user\common\add_fields):

{if_field} … {/if_field} – indicates whether it is necessary to display additional fields or not;
{id_type} – field identifier and a field type;
{validation_errors} … {/validation_errors} – the list of validation errors in which
- {key}- css class for displaying;
- {value} – an error text;
{name} – field name;
{if_required} … {/if_required} – defines whether it is necessary to fill in this field or not;
{if_description} … {/if_description} – indicates whether it is necessary to display the description{description};
{if_type_text} … {/if_type_text} – indicates whether an add-on field type is text or not. The following parameters are set for a text field:
- {value} – value of a text field;
- {validation_classes} – css classes;
- {id} – field identifier;
- {field_width} – field width in pixels.
{if_type_select} … {/if_type_select} – indicates whether an add-on field is a drop-down list. The following parameters are set for this field:
- {values} … {/values} – an array of list values;
- {value} – a value from the list;
- {validation_classes} – css classes;
- {id} – field identifier;
- {field_width} – field width in pixels;
- {selected} – defines what item from the list is selected.
{if_type_multiselect} … {/if_type_multiselect} – indicates whether an add-on field is a list with multiple choice. The following parameters are set for this field:
- {values} … {/values} – an array of list values;
- {value} – a value from the list;
- {validation_classes} – css classes;
- {id} – field indicator;
- {field_width} – field width in pixels;
- {selected} – defines what item from the list is selected.
- {size} – field size.
{if_type_textarea} … {/if_type_textarea} – indicates whether an add-on field is a textarea. The following parameters are set for this field:
- {value} – field value;
- {validation_classes} – css classes;
- {id} – field indicator;
- {field_width} – field width in pixels.
{if_type_radio} … {/if_type_radio} – indicates whether an add-on field is a radio button. The following parameters are set for this field:
- {values} … {/values} – an array of list values;
- {value} – a value from the list;
- {validation_classes} – css class;
- {id} – field identifier;
- {checked} – defines which element is selected from the list.
{if_type_checkbox} … {/if_type_checkbox} – indicates whether an add-on field is the list of checkbox or not. The following parameters are set for this field:
- {values} … {/values} – an array of list values;
- {value} – a value from the list;
- {validation_classes} – css class(es);
- {id} – field identifier;
- {checked} – defines which element is selected from the list. If available, displays a form title {title};

paypal_form_proceed.html (system\application\views\<new_template>\reg\user\paypal):

{if_title} … {/if_title} – if available, displays a form title {title} ;
- {a_form} – a form which directs data to paypal;

market_active_nodes.html (system\application\views\<new_template>\reg\user):

{if_products} … {/if_products} – defines whether a user is subscribed to the products or not;
- {products} … {/products} –a list of user’s products. List parameters:
  - {if_pending} … {/if_pending} – defines whether the product status is pending or not;
  - {name} – product name;
  - {cdate} – the date when subscription terms start;
  - {if_subscr_end} … {/if_subscr_end} – defines whether the subscription terms are close to the end or not;
  - {expire_date} – expiry date;
  - {regular_period_value} {/regular_period_type} – subscription period;
  - {if_dirs} … {/if_dirs} – defines whether the product belongs to any directory;
  - {dirs} … {/dirs} – the list of directories to which the product belongs to;
    - {name} – the directory name;
    - {http_path} – the path to directory;
  - {if_image} … {/if_image} – defines whether the product has an image or not;
  - {descr} – product description;
  - {else_products} … {/else_products} – the message will be displayed if a user doesn’t have products;

market_active_page.html (system\application\views\<new_template>\reg\user):

{products} – displays a code generated from the template market_active_nodes.html;

payment_form.html (system\application\views\<new_template>\reg\user):

{error_message} – displays an error massage;
- {payment_add_fields} – displays additional fields;
- {billing_name} – recipient’s name;
- {if_need_billing_info} … {/if_need_billing_info} – defines whether to display additional input fields or not;
- {countries} … {/countries} – the list of countries, {name} – country name, {code}- country code;
- {states} … {/states} – the list of states, {name} – state name, {code} – state code;
{if_post_city} … {/if_post_city} – defines availability of the city value{post_city} and displays it if it is available. If the city value is not available{else_post_city}… {/else_post_city}, {post_city} is displayed an an empty value that can be substituted for any other value;
- {if_post_zip} … {/if_post_zip} – defines availability of the zip value{post_zip} and displays it if it is available. If the zip value is not available{else_post_zip}… {/else_post_zip}, a value like“123456” {post_zip} is displayed which can be substituted for any other value;
- {if_post_street} … {/if_post_street} – defines availability of the street value{post_street} and displays it if it is available. If the street value is not available{else_post_street}… {/else_post_street}, a blank value {post_street} is displayed which can be substituted for any other value;
- {if_post_phone} … {/if_post_phone} – defines availability of the phone value{post_phone} and displays it if it is available. If the phone value is not available{else_post_phone}… {/else_post_phone}, a value like“999-999-9999” {post_phone} is displayed which can be substituted by any other value;
- {url_cart} – a link to the form processing script;

shoping_cart.html (system\application\views\<new_template>\reg\user):

{error_box} – displays an error message;
- {if_products} … {/if_products} – defines if any products are subscribed to or not;
- {products} … {/products} – subscribed products list;
  - {name} – product name;
  - {additional_info} – additional information about the product;
  - {trial} – displays a period, price and currency of subscription for a trial period;
  - {dotted} – css class for displaying of a table cell;
- {regular_period_value} {/regular_period_type} – subscription period;
  - {if_old_regular_price} … {/if_old_regular_price} – displays an old price {old_regular_price}along with indication of currency {currency_code} if this old price is available;
  - {regular_price} – current product price;
  - {currency_code} –the product currency;
  - {if_recouring} … {/if_recouring} – defines the subscription type and displays it if the type is recurring;
  - {total} – total product price;
  - {coupon_disabled} – defines accessibility of coupons and forbids the field editing if coupons are not available;
  - {id} – the product ID;
  - {coupon} – a coupon code or a blank line if the code is not available;
- {total} – total sum of an order;
- {if_recalculate} … {/if_recalculate} – a button “recalculate” is displayed for paid products;
- {else_products} … {/else_products} – a message is displayed if subscribed products are not available;
- {from_url} – a link leading to the form processor;
- {payment_url} – a link leading to the form processor;
- {if_payment_systems} … {/if_payment_systems} – if available, displays a payment systems list;
{payment_systems} … {/payment_systems} – a payment systems list;
- {id} – a payment system ID;
- {name} – a payment system name;
- {else_payment_systems} … {/else_payment_systems} – a product is considered to be free if the payment list is empty;
- {payment_disabled} – in a demo version or if a product is not selected, or the payment list is empty for a paid product, the button will be inactive.

transaction.html (system\application\views\<new_template>\reg\user):

{error_box} – displays an error message;
{table} – displays a transactions table;
{submit_button} – displays a button «back»;

For non-registered users:

error_box.html (system\application\views\<new_template>\unreg\user\common):
The same as for a registered user.

pager.html (system\application\views\<new_template>\unreg\user\common):
The same as for a registered user.

footer.html (system\application\views\<new_template>\unreg\user):
The same as for a registered user.

header.html (system\application\views\<new_template>\unreg\user):

{header_title} – a page title;
{keywords} – keywords for a page description;
{config_script} … {/config_script} – indicates whether to include JavaScript code from the template or not;
{content} – JavaScript code which was directed to a template by the application;
{user_scripts} – indicates whether to download JavaScript files which were directed to a template or not;
{script} – a list of JavaScript files which were directed to a template;
{warnings} … {/warnings} – a cycle which goes through all notifications {text} and sets ID {id} along with a style class for an element which displays it;
{multi_language} … {/multi_language} – turns on/off the display of language menu for the Enterprise version;
{content} – language menu for the Enterprise version.

login_page.html (system\application\views\<new_template>\unreg\user):

{error_box} – displays an error message;
{message_box} – displays a message;
{demo_info} … {/demo_info} - in the demo version, cells are displayed between {demo_info} and {/demo_info};
{show_capcha} … {/show_capcha} – captcha can be displayed or not depending on the settings;
{user_login_title} – displays a language constant for the login (username) field;
{user_login} – default login field value;
{user_password} – default password field value;
{show_remember_field} … {/show_remember_field} – if set, the “Remember me” field is displayed;
{rand_code} … {/rand_code} – required service parameter;
{content} - service parameter content.
{red_url} … {/red_url} – the redirection page address after a correct login typed in.
{show_not_auth} … {/show_not_auth} – the Service parameter.

menu.html (system\application\views\<new_template>\unreg\user):

{site_info} … {/site_info} – the Site Info$ menu is displayed depending on the settings type;
{menu_additional} … {/menu_additional} – menu items for user pages are displayed if these pages are available;
{page_title} – the text for a corresponding menu item;

multi_language_menu.html (system\application\views\<new_template>\unreg\user):

{current_url} – a current page address;
{languages} … {/languages} – a cycle which forms a list of available languages;
- {selected} – a current language;
- {name} – language name;
{simple_translate} … {/simple_translate} – if set, an icon-link for the language constants translation on a current page is displayed;

registration.html (system\application\views\<new_template>\unreg\user):

{error_box} – displays an error message;
{message_box} – displays a message;
{login_authentication} … {/login_authentication} – it is displayed if the e-mail registration is not set; in this case{login} is the login field value by default;
{email} – default e-mail field value;
{fname} – default “first name” field value;
{lname} – default “last name” field value;
{member_force_pwd_gen} … {/member_force_pwd_gen} – it shows or hides “password” and “generate password” fields depending on the settings type;
{add_fields} – displays additional fields in case they are available;
{tos} – depending on the settings, checks the box for the “Please read and accept TOS” field;
{submit_disabled} – activates or deactivates the Registration button depending on the settings;

remind_password.html (system\application\views\<new_template>\unreg\user):

{error_box} – displays an error message;
{message_box} – displays a message;
{login} – default login field value;
{email} – default e-mail field value;
{capcha_error_display} – The style for indicating an error for the image code check.

remote_login_form.html (system\application\views\<new_template>\unreg\user):

{login_label} – displays a language constant for the login field;

remote_system_offline.html (system\application\views\<new_template>\unreg\user):
The same as for registered users.

access_problem.html (system\application\views\<new_template>\unreg\user):
The same as for a registered user.

activate_success.html (system\application\views\<new_template>\unreg\user):
uses only global variables (read “Global variables”)

custom_page.html (system\application\views\<new_template>\unreg\user):
The same as for a registered user.

lang_changed.html (system\application\views\<new_template>\unreg\user):
The same as for a registered user.

logout.html (system\application\views\<new_template>\unreg\user):
The same as for a registered user.

market_sale_nodes.html (system\application\views\<new_template>\unreg\user):
The same as for a registered user.

market_sale_page.html (system\application\views\<new_template>\unreg\user):
The same as for a registered user.

news_all.html (system\application\views\<new_template>\unreg\user):
The same as for a registered user.

news_latest.html (system\application\views\<new_template>\unreg\user):
The same as for a registered user.

news_show.html (system\application\views\<new_template>\unreg\user):
The same as for a registered user.

redirect.html (system\application\views\<new_template>\unreg\user):
The same as for a registered user.

register_success.html (system\application\views\<new_template>\unreg\user):

{need_activation} … {/need_activation} – shows or hides a message about the sent activation e-mail depending on the settings;

shoping_cart.html (system\application\views\<new_template>\unreg\user):

{error_box} – displays an error message;
{if_products} … {/if_products} – defines, whether the subscribed products are available or not;
{if_products} … {/if_products} – defines, whether the subscribed products are available or not;
- {products} … {/products} – the list of the subscribed products;
- {name} – a product name;
- {additional_info} – additional information about a product;
- {trial} – displays a period, price and subscription currency for a trial period;
- {dotted} – css class for a table cell display;
- {regular_period_value} {/regular_period_type} – subscription period;
- {if_old_regular_price} … {/if_old_regular_price} – displays an old price {old_regular_price}with a currency {currency_code}in case this old price is available;
- {regular_price} – a current product price;
- {currency_code} – the product currency;
- {if_recouring} … {/if_recouring} – defines a subscription type and displays it if the type is “recurring”;
- {total} – a total product price;
- {coupon} – displays a coupon code or a blank line in case the code is not available;
{total} – total order amount;
{if_recalculate} … {/if_recalculate} – displays a button “recalculate” for paid products;
{else_products} … {/else_products} – displays a message if the subscribed products are not available;
{from_url} – a link to the form processing script;
{payment_url} – a link to the form processing script;
{if_payment_systems} … {/if_payment_systems} – if available, displays a list of payment systems;
{payment_systems} … {/payment_systems} – a payment systems list;
{id} – a payment system ID;
{name} – a payment system name;
{else_payment_systems} … {/else_payment_systems}- a product is considered to be free of charge if the payment systems list is empty;
{payment_disabled} – the button is inactive in a demo version or if a product is not selected, or the payment system list is empty.

system_offline.html (system\application\views\<new_template>\unreg\user):
The same as for registered users.

error_page.html (system\application\views\<new_template>\unreg\user\authorize_net):
The same as for a registered user.

field.html (system\application\views\<new_template>\unreg\user\common\add_fields):
The same as for a registered user.

shoping_cart.html (system\application\views\<new_template>\unreg\user):
The same as for a registered user.

table.html (system\application\views\<new_template>\unreg\user):
The same as for a registered user.

Back to the Top

2. Administration management configuration

Once NeedSecure 2 is installed on your server you can login to your super administrator account. Open your web browser, click on the address bar and type-in the full path to the script. The login page must be loaded. Enter your Login and Password and press the Login button. Login screen

In case you've forgotten your password for some reason, you can restore it in the Remind Password section by following these steps:

Enter your current username.
Specify the e-mail address that was used during the registration.
Input the code from the image to confirm your actions.
Press the Remind button and check your mailbox in several minutes.

Once logged in, you’re taken to the Admin Control Panel. Actually, this is the main interface through which the system administration is carried out. From here the super administrator is entitled to add/modify/delete members and administrators, control their access permissions, monitor various statistical information, control security settings, manage news and newsletters, design and language data and much more.

Note: the NeedSecure 2 script features a powerful privilege system that allows to accurately define the level of control certain users have over the system. One should remember that all the administrators have a sufficiently wide set of privileges which, however, can be controlled by the super administrator. The Super administrator himself has unrestricted, highest possible privilege level, and cannot be deleted. In order to avoid confusion, further in this manual the term "administrator" is referred to the administrator user type, not to the super administrator.

For better usability all the tools in the admin part of NeedSecure 2 are formally divided into several groups: Product, Member Control, Statistics, Newsletter, Coupon, System Configuration, Administrator Control and Activity Logging.

Back to the Top

2.1 Product

Products List

In NeedSecure 2 every protected directory or file is referred to as product. Every registered member can subscribe to any of the available products.

This Product List contains the detailed information about all the available products.

The list features the following columns: ID, Product Name, Group, Pay Type, Action and Block Product.

ID is a unique number which the system assigns to every individual product.
Product Name is the title of the product.
Group indicates what group the product belongs to.
Pay Type indicates whether the product is free or paid. Paid products can be onetime (should be manually renewed after being overdue) or recurring (are automatically prolonged after expiration).
Action column lets you perform three actions:
1. Edit products (Change information about a product). Here one can modify the product information, i.e. it’s Name, Description, Group (one product belongs to one group), whether it’s free or paid (if it is paid– the prices for each time period can be defined, as well as set up Recurring billing, Discount, Trial price, Trial period duration), Protected directories, Poster;
2. Edit products. This action is included in order to raise the usability of NeedSecure 2. It is a simplified form for product editing which allows to change the name of the product and its description in any chosen system language;
3. Delete. Permanently removes the selected product from the list.
Block Product is used for blocking new product subscriptions, but does not influence the previously subscribed members. If a product becomes blocked, new subscriptions are impossible. The product may be unblocked any time.

For better usability the list can be filtered by group names. In the Per page dropdown menu you can select the number of items to display per page. To sort the list in an ascending or descending order, click on the corresponding column header.

Products Groups

For better usability, all products in NeedSecure 2 can be formally divided into groups. The Product Groups section displays the group ID, group Name, Number of products the group contains, for every item. You can easily edit every group’s Name and Description by clicking on the Edit button in the Action column as well as remove the group from the list using the Delete button.

To create new products group please follow the steps:

Click on the Add Group button located at the bottom of the groups list.
Specify the group’s Name and Description.
Click Add to add the group to the list.

In the Per page dropdown menu you can select the number of items to display per page. The list can also be sorted in an ascending or descending order by clicking on the corresponding column header.

Directories Protection

In this section one can see the Directory protection list and protect the selected directory(ies). To protect a directory click on Add Directory and choose Protection Method, Directory Name, Protected Directory URL and select the appropriate Directory to protect from the directory tree.

Action column lets you perform three actions:

- the Edit directory properties button is used for changing the settings determined when the directory was added.
- the Reprotect directory button is used in case the protection is disabled for some reason to re-enable it applying the earlier determined settings.
- the Delete directory button is used to remove the set protection from a directory.

Once a directory is protected, only registered members and members with active accounts can access this directory. There are four methods of protection available in the NeedSecure 2 system: Standard mod_rewrite, Cookie-based mod_rewrite, PHP Prepend, WWW Authentification. Each of the methods has its own pros and cons.

The most recommended Protection Method is Cookie-based mod_rewrite. This one is comparatively easy for a server to process but still provides protection of a directory based on the Cookie variable set by the NeedSecure 2 system on the client side. The problem of this method relates to the Sharing prevention issue. A member can share Cookies with anyone providing the access to the same products which are allowed to the original member. Besides there is no Access Log storing and no count for IP addresses used by members to log into the system in this method. There is a requirement for mod_rewrite to be enabled on the server for the method to work.

If the problem of Sharing prevention is quite significant then the best solution is to use the Standard mod_rewrite method. Along with the Access Log storing, checkup for the number of IP addresses which members use to log into the system, this method provides a solution for the Sharing prevention problem. Standard mod_rewrite needs mod_rewrite to be enabled on the server. The disadvantage of this method concerns the relatively high load on a server processor because by using this method NeedSecure 2 acts as a proxy and sends requests to the server for the appropriate data with Member privileges, then receives the response and finally outputs it to a member.

The PHP Prepend method provides a protection without heavy load on a server and without the mod_rewrite requirement. It has Access Log and solution for the Sharing prevention problem. The minus of the PHP Prepend method is the fact that it can be used only for php-files (and html-files via a php handler) and does not do for other files. If there is a need to protect some media files then another Protection Method has to be chosen.

ATTENTION! WARNING! The PHP Prepend method cannot be used to protect the whole directory if PHP is running as CGI on a server. In this case it is necessary to make the insertions in each separate file to obtain protection. Please run PHP as an Apache module on a server to protect the whole directory.

The WWW Authentification method is based on the core Apache server functionality. When trying to access a directory a valid username/password combination must be entered.

Method	Standard mod_rewrite	Cookie-based mod_rewrite	PHP Prepend	WWW Authentification
Access Log	+	-	+	-
Usability	+	+	+	-
Sharing prevention	+	-	+	-
Server loading	Heavy loading	Light loading	Light loading	Light loading
Requirements	mod_rewrite available from .htaccess files; libcurl version 7.16.2 (if not available than fsockopen should be allowed)	mod_rewrite available from .htaccess files	only PHP or HTML (via php handler) files can be protected	no special requirements, will work on any Apache webhosting
Notes	Recommended method		Cannot be used to protect images or downloadable content
How it works	The server redirects the request to the system file which checks if access is allowed for the current member and then there is a further redirect to the protected URL	When trying to access the URL the system checks if there is a COOKIE variable that corresponds to the mark on the system that allows access	Before providing access it forces php parser to run the file which checks if the current user is allowed to access the protected area	When a user enters the protected URL a browser shows the standard authentification window to input login and password

Please mind that together with our software we provide the NS System Test utility to test the availability of all the modules and the presence of all the requirements necessary for Needsecure 2 to work properly.

ATTENTION! WARNING! If you protect the directory which does not have an index.php or an index.html file a user may get the following message “Forbidden. You don't have permission to access /directory/ on this server”, trying to access the directory root (e.g. http://mydomain.my/directory/), even if the directory was not protected.

To avoid the “forbidden” message it is recommended:

to put an index.php or an index.html file to the directory root which will be executed every time the directory root is accessed;
or to enable the directory index by putting a file into the .htaccess and including the Options +indexes line at the very beginning of this file.

File Protection

When it is necessary to protect not a directory but a file or several files then File Protection section becomes in need. To protect a file select the Product that corresponds to the file(s) to be protected and manually insert the generated snippet of PHP code to the very beginning of the file(s).

Back to the Top

2.2 Member Control

This section comprises a set of controls used to manage the script’s members. This part of the manual briefly goes through the functions of the Member Control toolset.

Member statuses

Approved status is the first status a member receives after the registration when an administrator has reviewed and affirmed his/her account.

Activated status - when a member is approved by an administrator an e-mail with an activation link is sent to his address, following that link the member acquires the Activated status.

Suspended status – a member may receive the Suspended status when he/she is waiting for the approval by an administrator, when awaiting activation or the administrator sets the Suspend status for an already active member.

Unsuspended status – members get this status if they are first suspended and then an administrator approves or activates them.

Expired status – a member receives this status in case his/her membership was time limited by an administrator and the expiration date has come.

Deleted status – this status is given in case a member’s account was deleted.

Temporary blocked status – a member may be temporary blocked when the password is entered incorrectly several times in succession or one account is simultaneously entered from several IP addresses (this is done to prevent breaking into the members accounts). Please mind that CAPTCHA appears after several attempts to log in with an invalid password, if the member continues typing the invalid password his/her IP address is banned. The number of failed login attempts before the block and the duration of the block are specified in the settings by an administrator.

Add Member

The Add Member function is designed to manually add members.

To add a new member you’ll have to go through the following steps:

Specify all the required member information: login, e-mail address, real member’s first and last name;
Set the member’s account expiration date. The expiration date is the term, after which the member will have to renew the account; in case this field is left empty no time limits are set for the member’s account;
Input and confirm the password. Alternatively, the script can be told to generate the password automatically by ticking the Generate password checkbox;
Choose one of the three available member account statuses: approved, activated or suspended. However, this option is not required and can be left blank;
Fill-in the additional fields if they’re present. The additional fields are fully customizable and can be added to the Add Member form via the Additional Fields menu.

When all the required data is specified, press the Add button to add the newly created member.

Member List

Contains the list of all members registered in NeedSecure 2 system except those who are suspended. This section allows to search for the members by a number of criteria (Login, First Name, Last Name, Email), filter members’ list by the registration date, registration time period or username first character.

All the information about the members is displayed in the form of the table with a number of columns: Username, Email, Reg. date, Subscriptions, Approved, Activated, and Action respectively.

In the Per page dropdown menu you can select the number of items to display per page. Besides, the list can be sorted in an ascending or descending order by clicking on the corresponding column header.

The Subscriptions column displays the payment amount currently placed on the member’s account and the number of subscriptions the member is signed to.

The Approved and Activated columns show whether the member has been approved and/or activated by the administrator.

The Action column lets the administrator to View, Edit, Suspend and Delete members:

Click View to display the member’s detailed personal, subscriptions and payment information.
By pressing Suspend the member will get “frozen” and will lose the ability to carry out any action in the system. As soon as you press the Suspend button the member is sent an e-mail with the notification that his/her account has been suspended.
Pressing the Delete button will permanently delete the user from the system.
Use the Edit button to manage a member profile. It contains six tabs such as Member Info, Change Password, User Payments/Subscriptions, Email Client, Email History, Access Log.

In the Member Info section the account information is available for modifying. Here one can change Expiration Date (the Expired status is defined according to this date, a member's account is active until this date and becomes expired after it has passed), Email, First Name, Last Name, User Status and other issues defined in the Additional Fields menu.

In the Change Password section one should input New password and then retype it. Otherwise Random password generation is possible.

The User Payments/Subscriptions section consists of a table of ordered products with the corresponding information regarding order date, transactions, subscription types and price. It is also allowed to Add Payment Manually at the bottom of the table. Active subscriptions are marked red in the table. Paid subscriptions that were not approved by a payment system do not enclose the detailed information about transactions. When canceling the existing subscription a user can see the free payment mark in the details of the transaction, active subscription changes its status.

The Access Log stores the list of actions performed by the current member. One can apply a time range filter to specify the right set of actions by the time criterion. The table containing access logs has five columns which show the date and the time of the event, used products, URL, Member’s IP addresses, HTTP Referrer. One can sort the data by any of the columns. The members logging can be disabled in the Global setup subsection of System configuration. To clear the filter just make the fields empty and click on Search.

Approve / Suspend

Here the administrator can view the newly registered but not yet approved members as well as temporary suspend them. The administrator can control whether new members have to wait for approval in the Member Settings.

The table in this section contains four columns: Login, Name, Suspend reason and Action.

In the Suspend reason dropdown menu you can select the message displayed to the suspended members. The suspend reason list can be edited with the Edit button located next to the column header.

The Action column has three buttons to let you View, Approve or Suspend the selected member. A group of members can be approved or suspended via the corresponding buttons at the bottom of the list.

Activate / Suspend

Once a new member is registered, he/she needs to go through the activation process. Normally, to complete the activation the user has to follow the link in the e-mail sent to the mailbox specified during the registration process. The Activate / Suspend tool is designed to give the administrator the ability to suspend or manually activate the member when the activation process cannot be performed in the common way for some reason.

This section includes all the users who haven’t been activated yet. Once the user is activated, the record is removed from this list. The administrator can control if new members have to be activated in the Member Settings.

The information about inactive members is displayed in the form of the table with several columns: Login, Name and Action. In the Action column there are three tools available: View (displays detailed information about a user), Activate (activates a member) and Suspend (suspends a member).

A group of members can be activated or suspended via the corresponding buttons at the bottom of the list.

Unsuspend / Delete

Lists all the currently suspended members. With this tool the administrator is entitled to unsuspend or revoke currently suspended accounts via the Unsuspend and Delete buttons respectively.

Actually, the appearance and functionality of this section is quite similar to the one of the Approve / Suspend and Activate / Suspend tools.

Expired accounts

This is the list of expired member accounts. There are two columns: Login and Name. The members can be sorted by username in an ascending or descending order. It is possible to define the number of displayed per page search results with a “per page” dropdown menu. Left clicking on a member’s login allows viewing information about the chosen member. To remove the Expired status and make a member account Active it is necessary to enter Member List choose to Edit the member and set a new future expiration date in the Expiration Date field, the account will become active automatically.

Members Statistics

In this part the administrator can monitor the number of members registered over a definite period of time. Simply select the Year and Month and press the Go button. The statistics is displayed in the form of a column diagram. Please mind that to view the graphical statistics the Flash Player 9+ support should be enabled in a web browser. Members Statistics

Back to the Top

2.3 Statistics

Billing

This section comprises the information about all members’ subscriptions stored in the database.

The table has the following columns: Subscription ID, User Name, Product Name, Date, Transactions, Subscription Type and Regular Price.

Subscription ID is a unique number assigned to every subscription by the system.
User name is the name provided by the member during registration.
Product Name displays the name of the product the member is subscribed to.
Date stands for the time of signing to subscription.
Transactions column contains extensive information about all transactions conducted by members for the given subscription. On clicking details, a table with thorough payment information and transaction details is shown.
Subscription Type indicates whether the subscription is onetime (has to be manually renewed after being overdue) or recurring (is automatically prolonged after expiration).
Regular Price shows the amount of a regular recurrent payment, it is not the total amount of all transactions of a member.

Note: The record in the Billing table is created every time a member signs up to the new subscription. These records are neither removed automatically nor can be deleted manually, even when the subscription expires. Even in case a member closes subscription and signs up to it once again, none of the records is removed from this statistics.

The subscriptions can be searched by selecting Date or Period of time the payment was applied and pressing the Show button. In the Per page dropdown menu you can select the amount of items to display per page. The list can also be sorted in an ascending or descending order by clicking on the corresponding column header.

Total Statistics

Here one can see tabulated total statistics on products and product groups. Filter by payment date is available (time range should be set). The filtering does not affect the number of the table elements, the amount of data to be displayed is changed. The sorting is done according to the date of transaction. The table consists of product groups. Each product group share is displayed in the Percentage column. The number of transactions and income is also shown. To view the products inside the group click on the product group name – it will expand to show all the corresponding products below. The details of the group share, transactions and income amount are displayed for each product. The sorting by the column value works only for the products within a product group. Product group names are always sorted in an alphabetical order which cannot be changed. In the Per page dropdown menu you can select the amount of items to display per page. Total Statistics

Note that after some product is deleted it still can be seen in this section and all the statistics is available. But when the corresponding product group is deleted then the product’s statistics is deleted altogether.

Graphs

Graphs section reflects a visual view on the summary sales statistics. In this part of the administration area one can analyze dependencies of sales amount on the time period. It can be easily done by choosing the beginning From and the ending To time spots the sales graph will be drawn between. Corresponding dates can be chosen with the help of intuitive interface elements like small calendars. Please mind that to view the graphical statistics the Flash Player 9+ support must be enabled in a browser. Graphs

Back to the Top

2.4 Newsletter

A newsletter is a regularly distributed publication generally about one main topic that is of interest to its subscribers. The NeedSecure 2 Newsletter tool possesses a considerably wider functionality than simple message sending. The whole arsenal of the newsletter instruments is introduced in the three subsections: Email Templates, Send Email and Email History.

Email Templates

An administrator can easily manage email templates in this subsection. The created templates are used to automatically distribute news and system messages to different member groups.

The data in this subsection is shown in a table. This table consists of two columns: Name and Action.

The names of the templates are shown in the Name column. They can be sorted in an ascending or descending order. The Per page function allows choosing the number of displayed templates per each page.

There are three buttons in the Action column. The first Edit button is used for editing a template in a plain text form. The second Edit button is used for editing a template in an html form. The third Delete button is naturally used for deleting templates.

To create a new template please do the following:

Press the Add Template button.
Select or Import the language of the template.
Input the Template name.
Specify the e-mail header in the Subject field.
Enter the newsletter text in the Message field.
Add button allows adding any of the available placeholders from the dropdown menu to the message text, if required. Placeholder is a special text variable that will be replaced with the corresponding literal string in the sent e-mail.
Click Save to save the template or click Cancel to revoke changes.

Send Email

All the NeedSecure 2 e-mails are sent in packs with a definite periodization. The amount of messages in a pack is set in the Number of emails in one pack field. The messages are also sent following the certain priority: the e-mails enqueued earlier are sent first ("first in/first out" principle), besides the system messages are considered to be more important than news, so they are put to the top of the queue.

It is possible to filter the users for email sending in the Send Email subsection. There are three fields: an administrator can filter the users who will receive a message according to their status in the first field, according to the user groups in the second field and according to the products in the third.

Please mind that users receive messages in the languages they have chosen for their system interfaces.

The template for sending can be chosen from a dropdown menu in the Template field. It is possible to edit the header of the e-mail in the Subject field and its text in the Message field if the Edit box beside the Template field is checked. An administrator can also add any of the available placeholders from the dropdown menu by pressing the Add button.

It is necessary to press Send button to direct a message to the sending queue. But the administrator can also press the Keep button for bulk adding the templates to the queue. After the Keep button is pressed the messages are stored and can be seen in the list above the Keep and Send buttons. They can be deleted from this list by pressing Delete. To send the kept messages please press the Send button.

Email History

Email History records all the e-mails sent to members and enqueued for sending. There is a Search Panel at the top of the page. It allows to find the necessary data and filter it, so as Per page and Page functions. An administrator can choose whether to view the history of the sent e-mails or the sending queue in the Type field of the Search Panel.

The information about e-mails is stored in the form of a table with the following columns:

Template ID – the ID of the template used for the sent message.
Date – the date of sending the message or putting it to the sending queue.
Login – the login of the member the message was sent to.
User Type – the type of the member the message was sent to, whether it’s a user or an administrator.
Priority – defines whether the sent message is a simple newsletter or a system message.
Action – allows to perform two actions: view the sent e-mail and delete it by pressing the corresponding buttons. The recipient address, the e-mail header and its text are shown after pressing the View Email button. Please mind that it is highly NOT recommended to delete e-mails from the sending queue unless you are completely sure of what you are doing because they can be important system message and contain critical information.

It is possible to sort the data in the Template ID, Date, Login, User Type, Priority columns in an ascending or descending order.

Back to the Top

2.5 Coupon

There is a possibility to create Coupons to encourage a consumer ordering a product. Coupon code can be changed to a certain discount when customers purchase products.

Note that if a member enters a Coupon code but does not complete the transaction then the Coupon is considered to be used. After changing the coupon discount value for the coupon which was already in use - all the subscriptions done before will be displayed in the Statistics with the current discount value (a discount is applied at the moment of a purchase, the discount data is saved and all further recurrent payments occur taking into account the discount until the subscription is closed. If a discount coupon value is changed or deleted this does not affect already existing subscriptions; only new subscriptions are effected).

So here are the parameters of the coupon group:

Coupon name – the name of coupons groups, all coupons will be created with this group name.
Coupon Codes Count – the number of coupon codes to be generated.
Use Count – the number of times every coupon can be used.
Member Coupons Usage Count – the number of times every coupon can be used by one and the same user.
Code Length – the length of the generated coupons code.
Discount – generated coupons discount (% or USD) (Be careful when setting the discount amount in monetary units for it cannot be larger than the product price, especially when a discount is applied to several products simultaneously).
Comment – comment is visible only for the administrator(s).
Dates – date range when coupons can be used. The period, during which a discount coupon can be activated, this is not the period during which the discount coupon is valid.
Locked – disable these coupons batch, but keep it in the database, coupons can be enabled later.
Products – coupons can be used with the selected products. Hold the Ctrl key to select multiple products.

Coupons List

In this section the list of coupon groups is displayed.

The ID is the identifier of a coupons’ group;
The Coupon Codes column shows the number of coupons in the group and links to the list of the coupons from the corresponding group;
The Begin Date and the Expire Date relate to the time range when subscription discount coupons can be activated;
The Count/Used column contains the total amount of coupons in the group and the number of used coupons from the total amount;
The Discount means the amount of discount in USD or percents,
The Disabled relates to the status of the coupon group;
The Actions column contains buttons that provide the Edit and Delete functionalities. The Edit button allows to modify parameters for a Coupon group, particularly its name, number of times every coupon of the group can be used and how many times the coupon can be used by one member, discount value and its unit (USD or %). It should be defined which products the coupon group relates to.

Create Coupons

To create coupons one should click on the Create Coupons button and fill in the data about the coupons group. Make sure that all the required information matches the data mentioned above in the Edit section. Please pay attention to the Coupons Usage Count – it cannot be modified and can be defined only when adding coupon groups.

Coupon Statistic

Here one can see the table of coupons which were already used. The filters of the used coupons are available by the date of use (the filter is set according to the time range) and by the coupon code. These filters can be used simultaneously. The Clear button clears the filter fields. The Search button performs the search process.

The coupon statistics table contains Coupon Code and Coupon Group ID, Change time, Member who used the coupon, Product, Discount and its actual amount, Payment status.

Back to the Top

2.6 System Configuration

Change System Status

This tool allows an administrator to make the system temporary unavailable for members. Current system status can be turned on or off making it Online or Offline (this action can be followed up with the corresponding notification message).

Once the system is turned Offline, a logged member will see an Offline message but won’t be logged out, though he/she won’t be able to navigate to any pages. It will be possible to proceed with the activities after the system status changes back to Online.

The administrator may use this option to temporary turn off the system to change certain configurations or fix any bugs.

Security settings

Here you can edit security settings of NeedSecure 2.

Enable "Remember me" feature. When enabled, the Remember me feature can be used by members. Note that it is less secure.

Errors before CAPTCHA. Relates to the number of failed logins the user can perform before CAPTCHA appears on the login screen.

Errors before IP block. Sets the number of failed logins the user can perform from the moment CAPTCHA appears and till his/her IP-address is temporary blocked. Please be careful, only the last period set in the IP block selected period is taken into account.

Block period. The period of time in seconds to block the user’s IP address for. The IP is blocked if the user exceeds the number of allowed log in attempts before and after CAPCHA is displayed and during the period set in the IP block selected period.

IP block selected period. IP block becomes active when the number specified in Errors before CAPTCHA and Errors before IP block exceeds in time duration this period (in seconds). The IP address is blocked for the period specified in the Block period field.

Session expires after determines how long (in seconds) the session will be valid after the last member’s activity in the system. If a user does not conduct any activity during this period he/she is automatically logged out unless the “Remember me” option is enabled.

Block message. This is the notification the user will see when his IP-address is blocked.

Min Characters and Max Characters specify the minimal and maximal number of characters the CAPTCHA will contain.

Count before autoban. The number of different IP address that can access one account before this account becomes banned and receives the Suspened status.

Time Period (seconds). The number of IP addresses in the Count before autoban must be reached during this time period to suspend an account. Note that after an IP address is automatically blocked, the member who was logged in from different ip-addresses during this time period becomes suspended. In this case an administrator can activate the member and the record of the login attempts is cleared for this member.

Global Setup

In this section one can adjust appropriate paths, URLs and other variables for the system such as:

Your site name – the website title.
Main script URL – Root URL. Be careful - it is highly recommended NOT to change this parameter once the script is installed unless you are completely sure of what you are doing!
Script absolute path – Site root server path. Be careful - it is highly recommended NOT to change this parameter once the script is installed unless you are completely sure of what you are doing!
Redirect after logout – the URL a user will be redirected to after clicking the logout link (it may not necessarily be a NeedSecure 2 page; it may be any web page).
Redirect after login – the URL a user will be redirected to after logging into the system (it may not necessarily be a NeedSecure 2 page; it may be any web page).
Default records per page – a number of records per page (the default parameter for per page results display).
Set current site IP – required for the mod_rewrite protection. Be careful - it is highly recommended NOT to change this parameter after the installation unless you are completely sure of what you are doing!
Date format – an administrator can delimit the values using one of the following characters: ‘.’ , ‘-’ or ‘/’. The display order for year, month and day can be defined the following way:
- Y – four digits year, e.g. 1995; y – two digits year, e.g. 95;
- M – one digit month, e.g. 4; m – two digits month with leading zeroes, e.g. 04;
- D – one digit day, e.g. 6; d – two digits day with leading zeroes, e.g. 06;
Examples: Y-m-d = 1995-04-06; M/D/y = 4/6/95.
Force password generation – if checked a user won't be able to input a custom password, it will be generated by the system instead.
Log settings – enable/disable log features, the activity logging may be disabled for members or administrators separately.

Payment System Settings

The Payment System Settings section is used to manage accounts for such payment systems as PayPal, Authorize.net etc. Also each of the payment options can be enabled or disabled at any moment.

Ban IP

With the NeedSecure 2 Ban IP feature you can globally forbid access from any unwanted IP addresses to the system. Neither an administrator nor a user will be able to log in if their IP address matches the blocked address(es).

The list is arranged in a tabular form and includes three columns: Ban IP, Ban reason and Action.

Ban IP includes blocked IP addresses. Ban reason is a notification that will be displayed to the user attempting to access the protected data from the blocked IP address. Via the Action column you can Delete IP-addresses form the list or Edit their settings.

In the Per page dropdown menu you can select the number of items to display per page.

To block an IP-address (be careful - do not include the servers or any administrator’s IP addresses this will make the login to the system impossible) do the following:

In the Ban IP field input the IP address (it may be either a single address, e.g. 192.168.1, or an IP mask, e.g. 192.168.1*, or an IP range, e.g. 1.1.1.1 – 2.2.2.2) to ban.
Specify the Ban reason message. You can leave this field blank, but we recommend to fill it in for more information value.
Press the Add button.

Note that Ban reason is Multilanguage compatible.

Mailer Settings

This section provides possibility to manage mailer settings that will affect the Newsletter and other mail functionalities. Here one can define:

Outgoing address - will be seen in all outgoing e-mails in the field from;
Outgoing email charset – influences the e-mail message coding, be careful while changing it, do NOT change values in this field if you are not completely sure of what you are doing;
Outgoing email format – e-mail messages can be sent in a plain text or HTML format;
Number of sent emails in one pack – the e-mails are queued for sending according to the date they were added and their priority, they are sent in packs. The number of messages in one pack is determined by this field, try not to make the number too large;
SMTP settings, SMTP host, SMTP port – after SMTP setting is complete, it is possible to check whether everything is correct and the connection is active by pressing the “Test connection” button, the sent data will not be saved on a server, this will be a simple connection test;
Use Authentication - if this option is enabled a user has to enter his/her correct Username and Password to be able to send e-mails.

Please do not forget to press the “Save” button to save configurations after all the data is entered.

Member Settings

This section contains a set of options for new members’ registration.

Allow new members to register. This checkbox enables/disables the ability to accept new members to the system.
Use new accounts activation. When checked, the newly registered members’ accounts will need activation (whether by members themselves or manually by the administrator).
New accounts wait for approval. When checked, the member’s account will be inactive until it is approved by the administrator.
Force user to input billing info when making order. This checkbox when checked makes members to fill in the payment info before redirecting to the payment system for making an order. This forces a member to leave the payment details in the NeedSecure 2 system so that the administrator can check the response from the third-party payment systems and the actual payment made by the member.
Inform user by email about almost expired subscription before period, days – the number of days before the subscription expiry date when a user will be reminded of the coming account expiration.
Trusted email domains. Members with these e-mail domains won’t need to activate their account after registration. Note, that this list is ignored unless the New accounts wait for approval option is checked.
Denied email domains. Members with the e-mail domains contained in this list will not be able to register in the system.

When Member Settings are configured, click on the Save button to apply or Cancel to discard changes.

System Emails

This section contains the list of system e-mails sent to members or administrators to inform them about any changes in their accounts’ status and other substantial system events. The administrator can disable unnecessary system e-mails if he/she is given a corresponding Access level. The system e-mails are multilingual, so a member is going to receive the e-mails in the language he/she has chosen for the NeedSecure 2 interface. Depending on the Outgoing e-mail format the message will be sent in a Plain Text or HTML format.

All system e-mails can be easily modified through the Action column (it is very easy to make changes either in the plain text or in the template html code). To modify a system e-mail message, do the following:

Press the Edit button. Actually there are two edit buttons: the first one allows to edit a plain text template and the second button is used to edit an HTML-formatted template .
In the Subject field input the e-mail caption.
Enter the Message for the email notification.
If necessary, Add any of the available placeholders to the message body. A Placeholder is a special text variable or symbol that will later be replaced by some literal value once the email is sent out.
When all fields are specified, click Save to apply or Cancel to discard changes.

Additional Fields

Here you can specify any number of extra fields a user will have to fill in during the registration or other processes. This feature enables gathering any additional information about new members.

Custom fields are arranged in the form of a list. It is possible to manage the order of additional fields from top to bottom with the help of drag&drop functionality to move the rows of the table in an appropriate sequence. You can create extra fields by pressing the Add fields button located at the bottom of the list.

To add a custom field press the Add fields button and specify the following parameters:

Specify the Field title.
Add Field Description if necessary.
Check Required Mark if needed. When this option is checked, members will be unable to proceed with the registration until this field is filled in.
Select an appropriate Field type from the dropdown menu.
There are 6 field types available: text, select, select-multiple, textarea, radio and checkbox.
- text – allows text input in a simple line.
- select – allows selecting only one element from a dropdown menu.
- select-multiple – allows the selection of several elements from a dropdown menu by pressing the “Ctrl” key + left mouse button.
- textarea – the text input area which can contain several lines and has scroll capabilities.
- radio – allows choosing an appropriate option by selecting the corresponding button.
- checkbox – allows choosing an appropriate option by checking the corresponding box.
In the Field values area one should add possible values for such Field types as Select (single value), Select (multiple values), Radio Button. Field Types must be entered in a One per Line mode. For the Text and Textarea Types this section is unnecessary. If the Field Type is Check Box then only the first value is taken into consideration.
Default Value can be used with any of the selected Field Types. You can use only one default value for the Select (multiple values) Type.
Check Rule is a data validation rule for the additional field. The Rule can be set to check the input value to be a Phone number, Email or to include numbers only.
Click Add to apply settings.

The Additional fields feature is compatible with the Multilanguage functionality. The field can be required or not, it can have a default value.

Note that if, for example, any required additional field was created for the member’s profile after the profile was filled by some member, then this field must be filled the next time the profile is edited.

Manage News

This section allows to add and/or edit news, in particular the header of the news, date of publication, brief description, content and if necessary mark one as For members only.

The Publish column – if it is checked, the news will be displayed in the member’s interface;
The Date column – it is the date of publication;
The Members only column – if it is checked the news will be displayed to the logged in members only;
The Action column – allows to Delete or Edit the news. On the editing page a user can change the news Language, its Header, Brief description and Content.

It is possible to edit the news title by clicking on the news name in the interface.

In the Manage News section one can also define the number of news to be displayed per page in this area.

Design Manager

Design Manager (available in the Enterprise version only)

In this section the administrator can select layout templates for both registered and unregistered user sections. These templates come in the system by default and/or can be added by the administrator using the rules described above in the menu 1.9.

This part manages the home page content. The content is set separately for the registered and unregistered users. The number of the pages defines the number of the products that will be displayed on the home page for the corresponding user. The number of the news specifies the amount of the news that will be displayed on the home page for the corresponding user. The administrator text is a plain text or an HTML code that is displayed on the home page.

If the product has to be displayed on the home page, it must be marked as special. To do this click the corresponding icon (the first one) in Product->Product List in the table, the Action field. If the number of the marked products exceeds the number set for displaying, the products to display will be randomly selected from the marked products.

If the news is to be displayed on the home page, it must be marked as special. For this you must click the icon in System Configuration->in the Manage News table->in the Special field. The news, which will be displayed for the registered and unregistered users, is defined by the Members only indicator.

Manage Pages

In this section one can see the table which contains the list of pages with the possibility to mark pages

Published (means that a page is available in the member interface) or not;
to define if they are Shown in menu (if checked users will see the corresponding menu item. Once the item is clicked, a user will be directed to a corresponding page),
and if the page is for Members only (if the option is checked, the page will be available for the authorized members only).

The Copy to clipboard button allows to copy the link to this page to the clipboard. This link is used to direct to the page in the member interface.

The Edit feature allows to modify the language of a page, its title (will be displayed along with the system name in the browser header), content (all of the page html-code and text) and keywords (written in a coma separated way, they can be included to meta-tags of the head of an html page for search engine indexing). When adding a page these fields should be filled in (to add a new page it is necessary to click the Add page button).

The Delete button is used to delete pages.

It is possible to change the order in which the pages are displayed by dragging them with the mouse.

Language Editor

This section displays the list of languages available in NeedSecure 2 and allows to add new languages as well as set a Default language. In this section one can also edit existing languages by entering corresponding values for language variables. The following operations are available in the Action column:

Import/Export - the possibility to import and export language files is also available via XML (XLIFF).

Edit – allows to manually edit the names of the software elements. It is possible to search for an element according to its Label or Value. An administrator can choose the number of displayed search results in the “Per page” field and the page to view in the “Page” field. The search results are presented in the „Name – Translation” table. The Label name cannot be changed, but the Value name may be set in any language. To edit a value simply click on its name, a line for editing will appear under the Search field, then the value can be changed. It is necessary to press the “Update” button to save the changes.

Delete – an administrator can delete any language from the list, but the default.

Back to the Top

2.7 Administrator Control

Administrator Control provides the super administrator and “ordinary” administrators (if they have a required privilege level) the ability to manage administrators. This part of the manual covers the functions available in the Administrator Control section.

Add Administrator

To add a new administrator you’ll have to specify the following information:

Administrator’s Username. For security reasons, this field is set to contain no less than 4 characters.
Valid Email address.
Password. While you enter the password, the system automatically detects its security level, varying from “Bad protection” to “Excellent protection”. The most reliable password should have digits, letters of lower and upper case, special chars and must have sufficient length. The script can also be told to generate a reliable password automatically, by ticking the Generate password checkbox;
Access Level. This dropdown menu contains the list of available predefined access level settings which can be assigned to the administrator (see Level List to learn more).

Administrator List

The section contains the list of all registered NeedSecure 2 system administrators. The table has several columns: Username, Level, Last Login, Action respectively. The Action column is interactive and has two functions:

Edit Admin.
Delete Admin. Once this button is pressed, the administrator will be permanently deleted from the system.

Level List

Via the Level List menu the super administrator can add/modify/delete predefined privilege levels. Any of these levels can be assigned to the newly added or already existing administrators.

The Access Category column includes the names of script’s categories to which this level grants access. In the Email newsletter you can see the list of available notifications the administrator with this access level will be able to receive to his mailbox. The Action column allows modifying and deleting the access levels.

Use the Add level button to create a new access level with specific name, access categories and e-mail notifications settings.

Back to the Top

2.8 Activity Logging

Administrator Log

In this section all the activities performed by an administrator are displayed. One can view the administrator’s activity log with the possibility to single out related data with the help of the Search panel and such filters as Action, Person and Date. The sorting of the table by any column value is available. Every set of data can be deleted from the Administrator Log. The data is delivered in 5 columns:

Person – displays the administrator’s username;
Admin action – names the exact administrators action (clicking this line will show the additional information about the action which may be hidden by clicking again);
IP – this is the IP address from which the administrator is logged in;
Time – the time when the action occurred;
Action – allows deleting logged administrator actions.

Protection Errors

This subsection provides the information about protection errors. There is a Search panel, “per page” and “page” dropdown menus to facilitate the data sorting. The subsection presents data in 4 columns:

Admin action – this is an administrator action which led to a protection error;
IP – the IP address of the logged in administrator;
Time – the time when the error took place;
Action – makes it possible to delete the registered errors from the list.

User Log

User Log stores the data related to Users activities. There are sorting options at the top of the page which help to display the most adequate search results. The table consists of 5 columns:

Time – this is the time when the logged action occurred;
Person – a member’s username;
URL – the URL of the page where the logged action occurred;
IP – the IP address of the logged-in user;
Referrer – the URL of the page from which the user came to the page where the logged action occurred.

Back to the Top

3. Members management configuration

Before starting to explore the website a visitor can choose the Language of the interface at the top right part of the window.

When a visitor comes to the website there are some pages available without registration like News, Products, and some Custom pages. Since a Member has an account in the system he or she can log in and use the functionalities of NeedSecure 2. A user-friendly interface makes surfing the website easy and pleasant.

The majority of important actions of any member are followed by e-mail notifications (payment issues, subscription or member status changes, member information changes etc.).

The user may buy various subscription types depending on his/her own needs.

Any member may acquire different statuses: Approved, Activated, Suspended, Unsuspended, Expired, Deleted, Temporary blocked.

After the registration a new member may receive an e-mail with an activation link automatically or has to wait until an administrator approval to become Activated, depending on the settings. It is necessary to follow the activation link in the e-mail to make a member account Activated.

The user should be aware of protection mechanisms applied in NeedSecure 2. There is a breaking in prevention which results in the users IP address temporary block. There is also a Password sharing prevention system, which may not allow accessing one and the same account from different IP addresses. The administrator can ban unwanted IP addresses.

Members should mind that the administrator may change the system status from Online to Offline any time to make necessary configurations or fix any bugs. If a member was logged in at the moment when the system status was set Offline he/she continues to stay logged in but is not able to surf the site. A member is going to see an offline message set by an administrator on each page.

The Login page may contain Custom pages and pages in the Site Info section which are available for any even unregistered user.

Registration process

A user may register an account passing to the Registration form. The required fields in this form are marked with asterisk. In case some registration information is invalid then the notifications in red letters appear beside the corresponding field. It is necessary to agree to TOS (Terms of service) to register an account. The text of TOS may be edited by the administrator.

If a member has lost or forgotten the password he/she can use the “Remind password” function on the Login page.

To log into the system the activated member must enter the correct Login name and Password. If wrong data is entered the member will see an error notification in the red field above the login form. If wrong data is entered more times than the system settings allow a CAPTCHA field is added above the other login fields.

After the member is logged in, he/she is redirected to the page indicated in the Redirect after login field. It should not necessarily be a NeedSecure 2 page. It is possible to redirect the member to any desired web page. The administrator can also set the page for redirecting members after logout in the Redirect after logout field. To redirect members after logout the administrator can also choose any web page.

It should be mentioned that available Menu elements and system action possibilities differ for authorized and unauthorized users.

Back to the Top

3.1 Join Us

Account Information

The registered Member can modify some personal data in the Account Information any time. Username itself cannot be changed, but the data like First and Last Name and other fields are available for editing.

Change Password

Members can also change password to their choice or generate a random password with a high protection level. Besides, to change the password members must enter the current one.

Active Products

In this section members can see all the products they are subscribed to and the corresponding information including the subscription name, period and links. Members can also cancel subscriptions here.

Paid Invoices

In this section one can view a table consisting of the products which are paid for, date of payment, details of transactions, subscription type and the price. The table can be sorted by any column values. Active subscriptions are marked red.

Back to the Top

3.2 Site Info

News

This section consists of the latest news headlines, descriptions and links to the full news.

Products

The set of all available products is shown in this section. They can be filtered by product group at the top part of the section. For some products one can choose the type of subscription from the dropdown menu (one time or recurring), subscription period, trial duration etc. Please note that for some payment systems which do not support recurring subscriptions, the “recurring” option from the dropdown menu will be equal to the “one time” subscription. Products

When ordering a product a member goes to the Shopping Cart by pressing the Order button. One can enter a Discount Coupon number and press the Recalculate button to lessen the payment sum, choose a payment system from the dropdown menu and finally checkout. Please note that after the member enters the Discount coupon number, presses the Recalculate button, checks out and finally enters the payment system, the Discount coupon code is registered as “used” even if the member changed mind and didn’t buy the product after entering the payment system form. Shopping Cart

Afterwards if the Force user to input billing info when making order option is enabled the Registration order form must be filled in. If all the data is correct the member is redirected to the page with the confirmation information displayed. After this, the product that was just subscribed to can be seen in the Active Products section.

There is no the Recalculate button, Payment system choice menu and it is impossible to enter a Discount Coupon number for free products.

Custom Pages

The NeedSecure 2 administrator can create additional menu fields or custom pages which are available even for users not having members’ accounts. They may be entered from the login page where they are displayed under the Site Info section. When the registered member logs into the system, custom pages are also displayed under the Site Info. TOS

Back to the Top

NeedSecure 2 - Security itself

NeedSecure 2 - the next generation web site protection system

1. Welcome to NeedSecure 2

1.1 About NeedSecure 2

1.2 About this guide

1.3 System requirements

1.4 NeedSecure 2 Installation

1.4.1 NeedSecure 2 Uninstallation

1.5 Contacting Conkurent LLC

1.6 Quick overview

1.7 Using the help system

1.8 NeedSecure 2 Interface elements

1.8.1 Menus, tabs

1.8.2 Filters

1.8.3 Page view

1.8.4 Confirmation or error messages

1.8.5 Tooltips

1.8.6 Errors in data validation

1.8.7 Sorting of data

1.8.8 Date picker

1.8.9 Importing data

1.9 Design Management

2. Administration management configuration

2.1 Product

2.2 Member Control

2.3 Statistics

2.4 Newsletter

2.5 Coupon

2.6 System Configuration

2.7 Administrator Control

2.8 Activity Logging

3. Members management configuration

3.1 Join Us

3.2 Site Info

Documentation/Screenshots

Overview

Basic principles of the template system

Global special tags

Syntax of special NS tags

Templates of NS major pages