Send Password
Enables a check box on the login page to send the user their password (E-mail component
must be set up)
Values : True / False
Use cookies
Cookies are used to recall the Users login and (if Auto login, their password) to prevent
having to fill the form
Values : True / False
Clear Cookies
Enables a link to clear previously set cookies
Values : True / False
Auto Login
If cookies are in use, Users are automatically logged in to secure pages
Register.asp will automatically use cookies after registering, so that those users will be logged in immediately.
Values : True / False
NT Auth
NT Authentication can be used if necessary (Servervariables("LOGON_USER)
It assumes you have a database containing a list of users login codes in the
Username
database column
Passwords are not required as the user has already been authenticated.
The web must be set as Authenticate and not Anonymous to access this server variable.
Values : True / False
Add to Mail list
Add the users e-mail to your mailing list
The user is presented with a check box when they register, to ask if they wish to join your mail list.
Values : True / False
Allow Updates
Users can modify their profile.
A link is required to enable the user to update :
register.asp?UserUpdate=True
The user must be logged in already before making the change.
Values : True / False
Input length
Used to set the minimum length for a password or login name
A minimum value of 1 is applied
Values : 1-10
Authenticate (via e-mail)
When a user first registers, an e-mail activation link is sent to their supplied e-mail
address. They must access the web the first time with this link to activate the account.
If updates are allowed, any change in e-mail address will require re-activating the
account
This guarantees an e-mail address that is correct.
* You may also choose to send a random password instead.
Otherwise, registration will allow immediate entry.
Manual Authenticate
The administrator must activate the account manuallySettings
Authenticate + ManualValues : True / False
Notify of registration
An e-mail is sent to the site admin when a new registration is successfully entered
Values : True / False
From Name
The "From" address used in any e-mail correspondence
Values : Your domain e-mail address (Required)
Subject Line
The subject line for e-mails, sent on registering and to send the user their password
Values : What ever subject line text you wish
Server name
Some e-mail components require a server address
Values : smtp.yourdomain.com (or any valid host supplied address)
Extended Fields
You can select which fields in the extended information list you wish to
display.
Selections can be made with the mouse and CTRL key.
Selections can be made "required" if necessary
A drop down list included, is "Userfound"
This is so the user can enter information about how they came about your site.
The options for this list are stored in "a_config.asp".
You can edit
these as you see fit.
Values : As selected
Extended Information
Additional fields can be selected to display on the "registration"
page.
Selecting "Yes" activates the select box.
Values : On / Off
Send confirmation
A confirmation email can be sent to the person registering containing their Login and password
This applies only to new registrations in a non-authenticated login
Values : On / Off
Settings password
If you wish to restrict other Admin users access to changing the settings, set your personal "Access Level" in the users
database to exactly the same password as "Settings password" here.
Your information in "Users" will be hidden from all other users except you so the password is not exposed.
Values : Alpha Numeric - max 10
Required Fields
Required fields can be set and enforced for register.asp and for the administration pages.
Username and Password are enforced by default. E-mail is forced when Authentication is
required.
(Hold CTRL to select individual fields)
Values : As selected
Redirect on Login Success
Instead of using the default "success.asp" page, you can choose your own page to access on a successful login
Some redirection still occurs to success.asp for send password and email errors
If you wish to fully customise the page, I recommend you edit success.asp and follow the existing "case" format
Values : Path relative to the server - eg : /directory/pagename.asp
Unique Redirection
If Unique redirect is selected, the Users Access Level will be amended to the
URL, providing a unique "home" page.
eg :
Unique Address = unique.asp
This will be amended to unique123.asp when a user with "AccessLevel"
= 123 logs on.
If the user has no set Access Level, then the user will be directed to unique.asp
You can also use alphanumeric characters (up to 10) like "_spooky"
This will redirect to unique_spooky.asp
NOTE : If you wish to secure each page for each user, then you will need to
use a security script (from the examples) that will check the
Session("AccessLevel") variable.
Leaving Unique Address blank will send the user to [AccessLevel].asp
3 redirect Settings exist in a_config.asp. They are PAGE, URL and FOLDER
FOLDER redirects to "/Access Level/"
PAGE redirects to "Access Level" + .asp depending on unique settings
URL redirects to the Login unique http address. If unique is also selected, the
page name will be modified the same as PAGE
Redirect on Register Success
Instead of using the default "success.asp" page, you can choose your own page to access on a successful login
If you wish to fully customise the page, its recommended you edit success.asp and follow the existing "case" format
The reason for this, is that some information is carried in the query string between pages.
This information is required to tell the user the result of their registration
Values : Path relative to the server - eg : /directory/pagename.asp
Refering ID - How the user was referred to your web site.
A refering ID may be saved so that you are able to record who referred the user when they first register.
Querystring must contain : register.asp?RefId=AlphaNumeric
No settings are required.
Max length =
Use Authorize.net - Not recommended for general use yet. (Leave unselected)
A response from Authorize.net can be used to "pre-fill" the registration fields for a paid subscription site.
Some experience with x_response codes is necessary
Transaction ID / Authorization code - If the register page was entered after a
successful C/C transaction, you may save the
resulting transaction ID's for reference (Authorize.net)
Fields must be selected as "show field" in system setup. The fields however, are a hidden form input and not editable in register.asp
They are editable in admin_users
User Id - Random number generated in conjunction with user name
Used with an Authenticated login (Sent via email)
Two stage form - This function splits the registration page into 2 steps, firstly for the Username / Password, secondly for the extended information
At least 1 extended field must be selected.
Track user - Show which users have currently logged on to your web.
Does NOT keep track after user leaves the login page.
Visits time out after 10 minutes. This can be changed in a_config.asp by
modifying the l_log_timeout setting
Enabling this function will increase database usage when a visitor hits the login page only.
To enable continuous tracking, the function would need to be added to each page and would still time out after 10 minutes of inactivity.
Retain User login history - A table in the database (active_users)
stores a history of login times.
A record of each login is kept.
To keep only a single record of when each user last logged (to keep data size down) you can
set the variable l_retain_all (in a_config) to False
Records are kept as long as the 'l_retain_hist_len' setting in a_config.asp.
The current setting is month.
Track user must be turned on for this to work.
Allow single Username per session - If you wish to restrict access to
only one distinct username per session, select this option
If multiple users have access to a single Username / Password combo and you will
only allow 1 active at a time, when the second user logs in, their IP address is
matched with the currently logged in user.
If they don't match, the second user is not permitted access till the first user
has timed out.
Track user must be turned on for this to work. This function (track user) is not recommended if you are concerned about database overuse
It is not a concern on SQL serverAllow Users to register - Enables registration form so that users can self-register.
If disabled, users can still update their registered details if updates are allowed.
User Name - Generic Username. Used as a session variable.
Unique values can only be used as this is required for "send password via email"
A minimum string length is required (as set in the system configuration)
Min length = Max length =
Password - A minimum string length is required (as set in the system configuration)
These special characters are disallowed !,#%$^&*()+= :;<>?~{}Min length = Max length =
First name and last name. Not currently used other than as identification. Could be used in those email components that support it.
FN max length =
LN max length =
E-mail - Checked via a server side regular expression when entered or required.
Max length =
Web site - User can enter their current web site as part of their personal information
Max length =
Company - Users company name
Max length =
Phone - Users Phone number
Max length =
Fax - Users Fax number
Max length =
Address - Users address
Max length =
City - Users City address name
Max length =
Zip - Users zip code
Max length =
State - Users State
Values are listed in a_app_list.asp
Country - Users country of residence
Values are listed in a_app_list.asp
Found Web - How the user came across your web site.
Used as extra information to help understand demographics.
Values are set in a_config.asp
Remote Address - IP address of original registration
Max length =
Show E-mail - Whether the user wants their e-mail address displayed. To be utilised, if necessary, in other display code (not included)
Account Active - If the account is inactive the user will not gain
access with this login.
In an authenticated login, this is false until the user accesses their login for the first
time using the URL mailed to them.
A user can also be inactive if their account has expired (Even though the account is listed here as active)
Account Open - When the registration was filled in
Account expires - A date can be used to expire the user. By default it is blank.
A default may be entered in a_config that applies to all new users.Account Updated - When the user was modified by an Administrator, or the user. Also relates to when the user last logged in.
Login Count - Number of times the user has logged in or attempted to login
Administrator - You must be listed as an administrator to access these pages
Be careful removing yourself as an administrator!!! :)
Access Level - Optional access level that can be used to further restrict page access
or can be used as Unique login variable (This is one of the available session variables)
It can also be used as an admin password to restrict access to system pages. An identical password must be entered in the system setup
A select box of 'group' access levels can be enabled by activating "Access Level list" in the settings page and following the instructions there.
Values : AlphaNumeric
Max length =
Extended fields - Make all fields available when logging in
This enables cookies to store additional fields of information if enabled.
If not required, leave off as there is a small cost in performance.
Search
Locate any number of users based on your input.
The wildcard is '%'
e.g. Username = a% will return all users starting with 'a'
Username = %a will return all users ending with 'a'
Add New
You can manually add new users.
Email Users
Email users via bulk email. You can send to All, Active or Expired users
Additional Help
May be found by clicking on the text heading beside each input
Admin defined Access level
A preset selection of Access levels is presented in admin_users.asp
This allows set access levels to be used. Default is 1-5
The Access levels can be changed in a_app_list.asp and are reset when the menu "Reset" link is clicked.
Show all US States
A list of US States is presented in a list box when selecting addresses
This allows set State names to be used.
The States can be changed in a_app_list.asp and are reset when the menu "Reset" link is clicked.
Unique Email
Only allow new registrations to use a unique email address
An error will occur if the email has been used before, and a link offered to send the existing password (If site email is enabled)
Random Password
When a user registers, a unique text password is sent via email so the user can gain access.
If not selected, the user can select their own password, and a link is emailed to them to activate their account.
No information