Test

Page 1

XUD v3.x Administrator’s Guide User Database and Account Management System for XCENT Web Server Applications


XUD v3.x Administrator's Guide

Š Copyright 2003-2008 XCENT, All rights reserved. No part of this document may be reproduced or distributed in any form by any means without prior written authorization of XCENT. XCENT, XUD, xcAuction, xcBanner, xcCart, xcClassified, xcDirectory, xcNews, xcNewsPlus, XcInfoBase, xcStoreFront and their respective logos are trademarks of XCENT.


XUD v3.x Administrator's Guide

Table of Contents 1

Introduction ...................................................................................................................... 1

2

Requirements ................................................................................................................... 2 2.1 2.2

3

Upgrading from a Previous Version of XUD .................................................................. 6 3.1 3.2

4

Most Common Application Settings ......................................................................... 25 Upload Component .................................................................................................. 26 Imaging Component ................................................................................................. 26 Template .................................................................................................................. 27 Layout and Design Settings ..................................................................................... 28 System Language Customization............................................................................. 28 Detailed Configuration Options ................................................................................ 29

User Interface Features ................................................................................................. 30 6.1 6.2 6.3 6.4 6.5 6.6 6.7 6.8 6.9 6.10 6.11

7

Downloading the Software ....................................................................................... 10 Extracting the Software ............................................................................................ 10 Configuring the Database Connection ..................................................................... 10 Uploading Files to the Web Server........................................................................... 13 Log Into the Administrator Interface ......................................................................... 14 Basic Configuration Options..................................................................................... 19 Conclusion................................................................................................................ 24

Additional Installation Options ..................................................................................... 25 5.1 5.2 5.3 5.4 5.5 5.6 5.7

6

Upgrading a JET Database ........................................................................................ 7 Upgrade a SQL Server Database .............................................................................. 8

Basic Step By Step Installation..................................................................................... 10 4.1 4.2 4.3 4.4 4.5 4.6 4.7

5

Web Server ................................................................................................................ 2 Database .................................................................................................................... 4

Registration .............................................................................................................. 30 Edit Registration ....................................................................................................... 32 Logging In................................................................................................................. 32 User Profiles ............................................................................................................. 33 User Message Base ................................................................................................. 34 Edit Billing Information.............................................................................................. 36 View Bill .................................................................................................................... 36 View Website Fees................................................................................................... 37 Your Password ......................................................................................................... 37 Mailing Lists.............................................................................................................. 38 Securing Private Areas on Your Own Site ............................................................... 38

Administrator Interface Features.................................................................................. 40 7.1 7.2 7.3

System ..................................................................................................................... 40 Maintain.................................................................................................................... 41 Lists .......................................................................................................................... 55 i


XUD v3.x Administrator's Guide

7.4 7.5 7.6 7.7 7.8 7.9 8

Security ........................................................................................................................... 87 8.1 8.2 8.3 8.4

9

Mailing Lists.............................................................................................................. 59 Billing ........................................................................................................................ 65 Config & Templates.................................................................................................. 80 Tools......................................................................................................................... 83 Reports..................................................................................................................... 85 Help .......................................................................................................................... 86

SSL........................................................................................................................... 87 Securing the Web Server ......................................................................................... 87 FileSystem Permissions ........................................................................................... 87 Test Scripts .............................................................................................................. 88

Online Processing Modules .......................................................................................... 89 9.1 9.2 9.3 9.4

How and Why the Online Processing Module Is Used............................................. 90 Requirements ........................................................................................................... 91 Installation and Configuration of the Online Processing Module.............................. 94 Using The Online Billing Module ............................................................................ 100

10

Troubleshooting..................................................................................................... 102

11

Appendix A – Configuration Options................................................................... 105

12

Appendix B – CSS Definitions .............................................................................. 126

13

Appendix C – User Capabilities............................................................................ 127

14

Appendix D – Alternate Connection Strings ....................................................... 129

15

Appendix E – Updates and Upgrades .................................................................. 130 15.1 Upgrades................................................................................................................ 131

16

Appendix F – Automating Processes .................................................................. 132 16.1 Scheduled Tasks.................................................................................................... 132

ii


XUD v3.x Administrator's Guide

Figures & Tables Tables Table 4-1 URL and Description Settings ................................................................................. 20 Table 4-2 Email Component Include File Settings .................................................................. 21 Table 4-3 Email Component Test Scripts................................................................................ 23 Table 7-1 Mailing List Message Macros .................................................................................. 63 Table 7-2 Valid Card Codes .................................................................................................... 66 Table 7-3 Valid PayPal Currency Codes ................................................................................. 67 Table 11-1 Configuration Options: Misc Settings .................................................................. 105 Table 11-2 XUD Configuration Options: Message Base Settings ......................................... 112 Table 11-3 XUD Configuration: Billing System Settings........................................................ 114 Table 11-4 XUD Configuration: Registration Fields............................................................... 115 Table 11-5 XUD Configuration: User Profile Fields ............................................................... 117 Table 11-6 XUD Configuration: Email Settings ..................................................................... 120 Table 11-7 XUD Configuration: Font Settings ....................................................................... 121 Table 11-8 XUD Configuration: Color Settings...................................................................... 122 Table 11-9 XUD Configuration: Advanced Settings .............................................................. 123 Table 11-10 XUD Configuration: Database related settings in the XUDdb.asp file............... 125 Table 12-1 CSS Definitions ................................................................................................... 126 Table 13-1 User Capabilities ................................................................................................. 127

iii


XUD v3.x Administrator's Guide

1 Introduction XUD is the centralized part of several XCENT web server applications and it provides a feature rich user managements and account database application. The copy of XUD that you have received can be uploaded to an IIS Server and be up and running within minutes. Since everyone has different needs and preferences, XUD is very configurable. Colors, fonts, sizes, messages, labels, and so on, are easily customizable. At first glance, the configuration options may seem a bit overwhelming, but we have organized configuration settings into groups so that you can quickly and easily find the items you want to customize. If you have any questions about what a particular setting means, where it gets applied, or what it does, this documentation is the place to look. If you cannot find the answer here, please consult our FAQ database at http://www.xcent.com/faq/. Critical: Be sure to fully read the enclosed license agreement document before you install or run this application (XUD). By installing or using any of the enclosed files, you agree to be bound to the terms and conditions of the license agreement. When you received XUD from XCENT, you were sent the most recent version available. However, from time to time, there will be minor updates released. These minor updates may include bug fixes, feature enhancements, or completely new features. All minor updates (i.e.: 1.0.0 to 1.0.1) are free to registered users who have already licensed the same major version number (i.e. 1.x). You can always check to see if you have the current version by clicking on the Check Version feature in the administration menu. If you have an older version, and have not received the update notice, please contact support at http://www.xcent.com/support. We hope you enjoy using XUD, and we hope that it can become a valuable part of your web site. We are always looking to make improvements and add value to our products and your feedback is very important to us. Please feel free to contact us with your comments and suggestions at http://www.xcent.com/contact. Ideas for products that you would like to see us develop are also welcome.

1


XUD v3.x Administrator's Guide

2 Requirements Before you install XUD on your server, you should be familiar with its requirements. If an ISP hosts your web site and you are not sure if the web server meets the requirements, you may want to ask your ISP directly, or contact XCENT support at http://www.xcent.com/support. If you wish to confirm that your ISP has the required components installed and meets the application’s requirements, you can download and run the free diagnostic utility, XcDiag.ASP from the XCENT web site at http://www.xcent.com/downloads/. Most ISP's or web hosts that have experience hosting interactive web server applications should easily meet most of these requirements. However, it is always a good practice to verify the requirements so you don't have any surprises once you have started your site.

2.1

Web Server

The sections below detail the minimum web server requirements necessary to support XUD.

2.1.1

Microsoft IIS

The application needs to be hosted on a Microsoft Windows web server capable of running Internet Information Server (IIS) 4.0 or later. XUD can be installed on a Windows 2003 Server; Windows 2000 Server; or on a Windows NT Server with Option Pack 1 installed. Older servers may need critical components upgraded for best performance and reliability, so please be sure to read through all the following requirements and recommendations completely. Critical: XUD cannot be run on a Linux/ Unix server. Be sure that you are using a Microsoft Windows Server with IIS web server.

2.1.2

VBScript Engine

The system must have at least version 5.1 or later of the Microsoft Scripting Engine. It is recommend that you install version 5.5 or greater. The scripting engine is a central component of the IIS ASP web server. This is what actually allows the IIS web server to execute the ASP application. Tip: You can download updates to the scripting engine used in ASP and WSH directly from Microsoft at the URL shown below. http://www.microsoft.com/msdownload/vbscript/scripting.asp

2


XUD v3.x Administrator's Guide

2.1.3

Installable Components

Tip: A component is a program that needs to be installed and registered on the web server to provide advanced functionality to an ASP application. Since components need to be installed directly on the web server, this is not normally something that you would need to do yourself if your site is hosted with an ISP. Most ISP’s that provide suitable hosting for ASP applications will already have a selection of components installed and available for your use. The components supported by XCENT web server applications are provided by their respective vendors and have no relation to XCENT. Licensing and support for these components is not provided by XCENT. Licensing and support for these components are provided by the respective vendor of the component.

File System Object The Microsoft File System Object, which comes with IIS (and other Microsoft software), is required and needs to be installed on the web server. Email Component An Email Component allows a web server application to be able to send email messages from the web server to any email address. Several different Email Components are supported. You will need to be able to use any one of the following supported components:

CDONTS Email Component from Microsoft (included with IIS) CDOSYS Email Component from Microsoft (included with IIS replacement for CDONTS in Windows 2003 versions) ASPEmail from Persists.com ASPMail from ServerObjects.com ASPQMail from ServerObjects.com ASPSmartMail from ASPsmart.com Bamboo.smtp Jmail from Dimac.com SMTPMail from SoftArtisans.com

Tip: For a current list of Email Components that may have been added or updated since this document was prepared, please consult the following article in our FAQ database. http://www.xcent.com/FAQ/XcIBViewItem.asp?id=18

Tip: CDONTS, CDOSYS Pickup Folder library, and ASPQMail are “Queuing” email components. This allows these components to handle large numbers of email messages more efficiently without adversely affecting the performance of your site.

3


XUD v3.x Administrator's Guide

Upload Component An Upload Component allows the web server to be able to efficiently process a file uploaded from an end user's browser and saves the file on the web site. In XUD, this is used if you want to allow end users to be able to attach files to messages sent from one user to another using the user to user message base. XUD supports any of the following Upload Components:

AspUpload from www.persits.com SA-FileUp from www.softartisans.com AspSimpleUpload from www.asphelp.com AspSmartUpload from www.aspsmart.com ABCUpload from http://www.websupergoo.com Dundas' DundasUpload from http://www.dundas.com

Tip: For a current list of the most up to date Upload Components supported by XCENT web server applications, please consult the following FAQ article: http://www.xcent.com/FAQ/XcIBViewItem.asp?id=12

Imaging XUD has a feature called AntiBot Protection that creates an image during certain functions that may be sensitive to abuse via scripting bots, such as registration of new accounts. This technique works due to the fact that it is easy for a human to read text in a graphical image, but it is much more computationally difficult for a computer to read text within an embedded image. This feature requires an online imaging component in order to generate the image that is displayed to the user with the random text in it. XUD supports any of the following Imaging components.

ASPImage from http://www.serverobjects.com ASPJPeg from http://www.persits.com aspSmartImage from http://www.aspsmart.com

Tip: The above imaging components provide XUD with the same functionality. In terms of the features utilized by XUD no component is better than another.

2.2

Database

The database is an essential element of XUD and all XCENT web server applications. XUD needs to be used with either a JET or a Microsoft SQL Server database. The web server applications use the Microsoft Data Access Components (MDAC/ADO) to communicate with either database type. In order to be sure that XUD will run smoothly on your web server, we recommend that the web server have at least version 2.5 (or later) of the Microsoft MDAC/ADO components installed. Tip: The current versions of the Microsoft MDAC/ADO components can be downloaded free from the Microsoft web site at www.microsoft.com/data/.

4


XUD v3.x Administrator's Guide

2.2.1

JET

A Microsoft JET database is a type of database known as a flat file database. This simply means that all of the components of the database are contained in a single file. This is the MDB file that is included with the application by default. JET databases are suitable for small web sites that will not be receiving a high amount of activity in the application or will be limiting the amount of data in the database. In addition to the above, these are the requirements that are specific to running the application when using a JET database: The web server must have the JET database drivers installed in order for it to be able to use the JET database file. Tip: JET is the term for the database engine technology. This is the same database technology used by Microsoft Access. However Microsoft Access is not required at all and does not need to be installed at all. The JET drivers are not included with the Microsoft MDAC/ADO components after version 2.5. To make sure you have the most recent versions of the JET drivers installed on your web server, download and install the current Microsoft JET Service Pack available at www.microsoft.com/data/. When installing software on a web server, sometimes an older version of the JET drivers may be installed on the server also. In the event of difficulties with a JET database, it is recommend to reinstall the current Microsoft JET Service Pack. See the following FAQ article for additional details: http://www.xcent.com/FAQ/XcIBViewItem.asp?id=336

2.2.2

SQL Server

A Microsoft SQL Server database is very different from flat file database technologies like JET. A SQL Server is a high performance and high reliability database engine that is specifically built for robust and continuous data access. This makes it suitable for larger web sites, where performance is important, or the utmost in reliability is required. In addition to the above, these are the requirements that are specific for running the software using a Microsoft SQL Server database: ƒ ƒ

Microsoft SQL Server 7.0; Microsoft SQL Server 2000 or later. A SQL Server database with a minimum database size of 10 megabytes.

Tip: If you anticipate that you will have a large site or one with heavy traffic, we recommend using a SQL Server database.

5


XUD v3.x Administrator's Guide

3 Upgrading from a Previous Version of XUD If you are installing XUD for the first time, you can skip this section and proceed to the next section (Basic Step By Step Installation). If you are going to be upgrading a previous version of XUD to this release (pre 3.x), you will need to reinstall the application. However, you will want to upgrade your database to the current release rather than setting up a new blank database. This allows you to migrate your existing XUD data to the new version. Instructions for Users Updating From Version 3.5.0 through 3.6.0 of XUD While not a new major version release, the 3.7 release of XUD requires some changes to the database schema in addition to the usual update procedures. For more information on this procedure, please carefully follow the steps in the sections labeled for updating from earlier v3.x installations. Instructions for Users Updating From Version 3.0.0 through 3.2.0 of XUD While not a new major version release, the 3.5 release of XUD requires some changes to the database schema in addition to the usual update procedures. For more information on this procedure, please carefully follow the steps in the sections labeled for updating from earlier v3.x installations. Instructions for Users Upgrading From Version 1.x.x of XUD Backup your configuration file before installing XUD 3.0. This will allow you to quickly setup your new installation of XUD by being able to refer to your previous configuration settings. The original configuration file is named XUDConfig.asp. We recommend printing out a copy of your previous configuration file so you may use it as a quick reference when configuring your XUD 3.0 installation. There are a number of new settings, and a number of old settings have been removed or renamed. So do not attempt to just reuse your old configuration file. Use the new configuration file and update it with your old matching settings to be certain you do not miss anything. Backup your template file before installing XUD 3.0. This will allow you to quickly modify your existing template for faster setup of this new release. The original template file is named XUDTemplate.htm by default. If you have customized your template, it may be named differently (check the gsPageHeader setting in your configuration file to see if you are using a template file with a different filename). You should also backup any Email Template, Html Template, or any other files that you have modified. This will make it easier to apply your customizations to XUD 3.0.

6


XUD v3.x Administrator's Guide

3.1

Upgrading a JET Database

Before you begin to migrate any existing data, be sure to backup your database. When using a JET database file, just make a copy of the .MDB file on your site. To actually upgrade your JET database to the new database version, you will need to run the JET Upgrade Tool, which is located in a folder within the original ZIP archive. Specific instructions for its use are also located in the same folder.

3.1.1

Upgrading JET databases from versions older than 3.0.0

See the JET Upgrade tools located in the folder named JET Upgrade Tool\1.x to 3.x. Once this step is completed successfully, then run the upgrade tools located in the folder named JET Upgrade Tool\3.x to 3.5.

3.1.2

Upgrading JET databases from versions 3.0.0 through 3.2.0

See the JET Upgrade tools located in the folder named JET Upgrade Tool\3.x to 3.5. Do not run the 1.x to 3.x upgrade tool on your database if you have already upgraded to a v3.x release, only run the version listed in this section.

3.1.3

Upgrading JET databases from versions 3.5.0 through 3.6.0

See the JET upgrade tools located in the folder named JET Upgrade Tool\3.5 to 3.7. If you are upgrading from a 3.x release earlier than 3.5.0, please first run the 3.x to 3.5 upgrade tool before running the 3.5 to 3.7 tool. If you have already upgraded to 3.5.0 or 3.6.0, you do not need to run the 3.x to 3.5 tool again, only this newer 3.5 to 3.7 tool.

7


XUD v3.x Administrator's Guide

3.2

Upgrade a SQL Server Database

Before you begin to migrate any existing data, we recommend to backup your database. When using a Microsoft SQL Server database, you will probably need to contact your SQL Server Administrator and make sure you have a backup of your data. If your site is hosted on shared ISP servers, then you should contact your ISP to confirm they are backing up your data. You may need to ask them to perform a backup for you just before you begin your data migration. If you do not have access to the SQL Enterprise Manager, or some other equivelent tool for executing SQL batch scripts on your database, you will need to contact your SQL Server administrator, or ISP/web host for assistance on how to run the script on their database server. Most hosts will just run the script for you if you supply them with a copy. Note: When upgrading an existing database be sure not to run the build script (XUD37Build.sql) on your database or it will delete your existing data! If you don't care about existing data, then you can run the build script again to completely reset the database back to its original empty configuration and wipe out all data. This might be done when you initially setup a test configuration and wish to remove all your test data.

3.2.1

3.2.2

3.2.3 •

Upgrading SQL Server databases from versions older than 3.0.0 When using a SQL Server database, run the SQL conversion script XUD1_to_XUD3.sql on the SQL Server. The conversion script is run on your SQL database the same way you originally created the database with using the Microsoft Enterprise Manager tool. Continue with the next update script in the following section.

Upgrading SQL Server databases from versions 3.0.0 through 3.2.0 When using a SQL Server database, run the SQL conversion script XUD35UpgradeFromV3.sql on the SQL Server. The conversion script is run on your SQL database the same way you originally created the database with using the Microsoft Enterprise Manager tool. Continue with the next update script in the following section.

Upgrading SQL Server databases from versions 3.5.0 through 3.6.0 When using a SQL Server database, run XUD37UpgradeFromV35.sql on the SQL Server.

the

SQL

conversion

script

When done running the SQL conversion script, you may need to run the permissions script (XUD37Permission.sql) if the conversion script was run from a SQL login different from the login used by your web server. If you are unsure, run the permissions script anyway. It will not cause any ill effect. When running the permissions script, be sure to specify the SQL account name to assign proper permissions. The default is 'webserver' which will need to be changed for most sites. For more information on running SQL scripts on an SQL Server database, please refer to the SQL Server Setup Scripts document.

8


XUD v3.x Administrator's Guide

9


XUD v3.x Administrator's Guide

4 Basic Step By Step Installation The step-by-step guide in this section is designed to provide the essential steps necessary to install and configure XUD. Once you have completed the steps below, XUD should be operational on your site. This section only deals with the most essential configuration options; additional options for customizing the program for your site are described in later sections and may be referenced within Appendix A – Configuration Options. Critical: Be sure to completely read this guide and install and configure XUD before installing any other XCENT web server applications that interface with the XUD system. Since most other XCENT web server applications are dependant on the XUD User Database for operation, XUD must be installed and configured completely before they will operate correctly. An important point to realize is that XUD and the various dependant web server applications are actually all separate applications that work together as a single system All of the applications must be setup and configured independently before they will work together as a single system. When installing multiple XCENT web server applications that use the XUD user management system, you will only need to install XUD once. You will not need to re-install XUD for each additional XCENT web server application that you are adding to your site. At most, for each additional web server application that you add which uses XUD, you will simply change a few existing configuration settings to have XUD work with the additional application you are adding. This will be the same whether you are installing all the applications at the same time, or adding on another application to your existing installation.

4.1

Downloading the Software

When you order your XCENT software license, you will be sent an email containing a URL where you can download the software from the XCENT web site. You will need to enter the email address you used to place the order as well as the unique download key sent to you and contained within the email. Each download key may only be used once.

4.2

Extracting the Software

You will receive XUD within a single ZIP file. The ZIP file is a compressed archive file that contains the entire application and all it's supporting materials. The files contained within the ZIP archive need to be extracted (or unzipped) before you can begin working with them. To do this, you need a utility such as WinZip (available at www.winzip.com ). When extracting the files from the ZIP archive, be sure you keep the directory structure intact by having it recreate the folders contained within the archive. In WinZip, this means you want to have the Use Folder Names options checked when extracting file.

4.3

Configuring the Database Connection

The first step in configuring XUD is setting up the database that you want to use, and setting the database connection string so that XUD knows where to find the database and how to communicate with it. In order to setup the database connection settings, you will need to edit 10


XUD v3.x Administrator's Guide

the database configuration file, XUDdb.asp. You can edit this file by opening it in any plain text editor such as NotePad. Critical: You need to use the same database for all XCENT web server applications that will be sharing the XUD user management system. If the other XCENT web server applications and XUD and not pointing to the same database, the system may keep trying to continuously prompt end users to login.

4.3.1

Configuring for JET Databases

Set Up If you are using a JET database, you can use the .MDB database provided. This is the XUD3.mdb file that is located in the Data folder. This file will need to be uploaded to your web site. Some ISP’s will provide a special folder within your site which should be used to hold databases. If this is the case with your ISP, you will want to upload the .MDB file into that folder. Typically this might be a folder named Data, or Database. Tip: If you upload the application to your web server using the exact same folder structure that it defaulted to when extracted from the ZIP archive, it will already be configured to use the included JET database file located in the Data folder.

Security Concerns If you leave the MDB file located in the default directory as the XUD software, anyone can download your MDB database file by simply typing in the URL to the MDB file. For example, if you installed XUD in the root of your website, and the URL to your site looked like http://www.your-site-url.com/ then anyone could download your entire database file by using the URL http://www.your-site-url.com/data/XUD3.mdb. Therefore for the security of your users and your site, it is extremely important that you do not leave your database permanently setup in the default configuration. The MDB file can be located anywhere on the web server, as long as the web server’s anonymous user account can read and write to the database file. The web server anonymous user account is the account the web server uses to access all files stored on your web site. The MDB file must have Read/Write privileges by the IIS server's anonymous user account, and should have full access permissions for the folder that the MDB file is located within. If your site is hosted by an ISP, some ISP's may not provide a more secure location for you to store your database files. This typically means your only choice for proper functionality is that the MDB file be located in the same place that XUD is installed. In installations like this, your best chance for a secure database is to give the MDB file a new filename that is very difficult to guess. For example, you could rename XUD3.MDB to have a name like XUDDB-j4ndf83js89j3hw78hs.mdb. With a filename like that, it is unlikely someone will be able to retrieve a copy of your MDB database file because they are not likely to be able to guess the correct URL. Ideally it would be best to put your MDB file in a secure location rather than just giving it an obscure name. Moving the MDB file to a location that is not accessible to the browser through a URL is always your best choice for securing your MDB database. Some ISP’s allow you to do that by providing you with a space to store files located above the root of your web site.

11


XUD v3.x Administrator's Guide

Files stored above the root of your web site are not accessible to users via their browsers. When you login via FTP to your web site, if you have a folder you need to put files within in order for them to appear on your site, then most likely your ISP has provided a location for you to securely store your database files. Most times the folder for your site root will be named something like: webroot; html; public; or public_html. Configuration Settings The default settings in the XUDdb.asp file should be correct if you are using a JET database and you have not renamed or moved the database file. However, if you ever move or rename the database, you will need to update your settings. If you open the XUDdb.asp file, there are two important settings you should pay attention to. The first is the gsConnect setting. This is what tells XUD where to find the database. The default setting is (all on one line): gsConnect = "Driver={Microsoft Access Driver (*.mdb)};DBQ=" & Server.MapPath("../Data/XUD3.mdb")

If you used the renaming example above, your gsConnect string should look like: gsConnect = "Driver={Microsoft Access Driver (*.mdb)};DBQ=" & Server.MapPath("../Data/ XUDDB-j4ndf83js89j3hw78hs.mdb ")

If you move the MDB file to another location on the web server, you should specify the full path to the MDB file. For example: gsConnect = "Driver={Microsoft Access Driver (*.mdb)};DBQ=C:\MyDatabases\ XUD3.mdb"

Another important setting is the giDBType. This tells XUD what type of database you are using. The default value for giDBType, shown below, should be used for JET databases. giDBType = 0

Tip: For alternate connection string methods refer to Appendix D – Alternate Connection Strings.

4.3.2

Configuring for SQL Server Databases

Set Up To use a SQL Server database, the first thing you will need to do is to create the database using the setup scripts that have been provided in the Data folder. If you are not familiar with SQL Server, you should first consult the included SQL Server Setup Scripts document. That document explains some necessary basic steps in more detail in order to get a SQL Server database prepared for use. If you are familiar with managing a SQL Server database, the SQL scripts must be run against your SQL database in order to build all the database objects that XUD needs. There are two scripts that need to be run. The first simply builds all the database objects needed by the application. This build script is the XUD37Build.sql file located in the Data folder. The second SQL script is called, XUD37Permissions.sql. This is used to assign permissions to a specific SQL Server account. If you ran the build script under a SQL account that is different from the account that the web server will use to access the database, you must also run the permissions script. If you are unsure, run the permissions script also.

12


XUD v3.x Administrator's Guide

The build script can simply be run against the SQL Server database as it is. The permissions script must be updated to reflect the proper SQL login you want to use. By default it will try to assign this to a SQL account named webserver, but your SQL account name is probably different from that. So, be sure to follow the steps in the SQL Server Setup Scripts document to run the permissions script on your SQL database. Configuration settings You will need to update the settings in the XUDdb.asp file in order to run your site using a SQL Server database. Remember that the default settings will connect to the included .MDB database file. You will need to modify the database configuration line to contain the settings with the correct parameters specific to your SQL Server database. The line with the variable gsConnect in the configuration file tells the web server how to find and talk to the database. Here is an example of a connection string for using SQL Server (this should be all one line): gsConnect = "DRIVER=SQL Server;SERVER=10.20.30.40;UID=SqlLogin;PWD=SqlPassword;DATABASE=XUD3"

In the example above, you will see four parameters that make up the connection information. The first is the SQL Server’s IP Address (the SERVER= part). In this example, the IP Address is 10.20.30.40. You should change this to the IP Address of your SQL Server. The second parameter is UID. This is the SQL Server login account (this will be provided by your SQL Server administrator or ISP). In the example, the UID variable is set to SqlLogin. The third parameter is PWD. This should be set to the password for the SQL Server login, which is set to SqlPassword in our example. The fourth parameter, DATABASE, is the database name that will be used in the connection. Since a single SQL Server can actually host and run many databases, it must know the name of your database In our example this setting is set to XUD3. Again, your SQL Server administrator or ISP will provide the database name. The database name does not need to be the same as this default. Another important setting is the giDBType. This tells XUD what type of database you are using. As shown below, this should be set to the number one (1) to indicate that you are using a SQL Server database: giDBType = 1

4.4

Uploading Files to the Web Server

You are now ready to begin uploading the files to your web server. You should upload all the files to your site using FTP or some other file transfer method. You should avoid using Microsoft FrontPage to upload your web server application and database files, because FrontPage normally sets the file modes to Read-Only. Some files (especially the MDB file and the templates) must be set to Read-Write mode. For easiest installation, you should upload the files using the same directory structure as was used in the ZIP file containing XUD. Tip: XUD will not be operational until you completely finish the Basic Step by Step Configuration.

13


XUD v3.x Administrator's Guide

4.5

Log Into the Administrator Interface

Once the files are uploaded, you should be able to type the URL of your XUD installation to get to the administrator page. The entry point for this is the XUDAdmin.asp page. If you uploaded XUD to a folder named Membership on your web site, the URL to the administrator for XUD on your site would look something like this: HTTP://WWW.YOUR-SITE-URL.COM/MEMBERSHIP/XUDADMIN.ASP.

Of course, you will need to replace www.your-site-url.com with your site’s domain name. When this is done correctly, you should see a screen similar to the one shown below. The first time you do this on a new database, the system will automatically prompt you for your registration code. Be sure not to confuse your registration code with download keys or any other unique numbers that might be provided. The registration screen should show you an example of what the registration code will look like. XUD will accept any valid application registration code.

Critical: If you are not seeing something like the image above, then there may be something wrong with your database connection. See Troubleshooting

4.5.1

Enter Registration Code

Enter the registration code that was provided in the Email that included your download key.

14


XUD v3.x Administrator's Guide

Tip: If you receive an error message when you try to enter your registration code or if it keeps asking you to enter it, first be sure that you are entering the correct code. You may want to cut and paste directly from the email that you received containing your registration information in order to make sure there is not a typographical error and be sure not to accidentally use a download key in place of your registration code. If you are still encountering a problem, refer to the Troubleshooting section for information about issues regarding permissions.

4.5.2

Log Into the Admin Area

After successfully entering the registration code, you should see the admin login screen, which should look something like the image below:

The default login name for the administrator is admin and the default password is blank (leave the password box empty). Once you have the correct username and password entered and press login, you will see a message that looks like this:

15


XUD v3.x Administrator's Guide

Tip: All XCENT web server applications that integrate with XUD will share the same administrative login information as XUD.

4.5.3

View Check Version Page

Go to the Help menu and click on the Check Version option after logging in. XCENT will normally send notifications automatically to registered users to keep you aware of updates to the application as well as any major version upgrades. However, if for some reason you do not receive that notice, you can check this page on occasion for information about the installed version of the system and for up to data notice of updates and upgrades. If your registered email address is going to change, be sure to contact support before you change it so we can update your registration and you do not miss any update notices.

16


XUD v3.x Administrator's Guide

4.5.4

Visit XcDiag.asp Page

Included with all the XCENT web server applications is the XcDIAG diagnostic utility. This can be used to help diagnose problems you might encounter during installation, as well as tell you some valuable information about your web server that you might need during installation. If you select the Run Diagnostics option from the admin menu, you will see a page like the one shown below. This page displays important information about your web server and can help you identify which optional components are installed and available on your web server. If you find the need to contact XCENT support about a problem you are having, you should try to either provide support for the URL to your site so that they can run XcDIAG on your server, or else include the output from XcDIAG in your email message to support. Do not be concerned if you do not understand everything on the page. Not everything here will apply to all installations.

17


XUD v3.x Administrator's Guide

4.5.5

File Permissions and Read/Write test

In order for the application to be 100% functional, it must be able to read and write to certain important files on the web server. For example, if you are using XUD with the JET database file, the web server must be able to read and write to the MDB file. It will read from the MDB file as users are browsing posts on the site. Then when a user posts a new message, it will need to be able to write data to the database file. In order for the web server to be able to do that, it must have the proper FileSystem permissions. So, in order to make sure your web server has the proper permissions set in critical folders for the application, the Read/Write Test can be used to verify if the web server has proper permissions defined for the application. To do this, go to the Tools menu and select the Read/Write Test option from the admin menu, and you will see a screen like the one shown below. This should show your system has all of the proper permissions necessary to utilize all of the features in XUD.

If the results for your web server look like the one shown above and every test is successful, then your permissions are already set properly. If it reports that any tests are not successful, however, you will need to change your FileSystem permissions so the application can have read and write access in the folders tested. If your site is hosted with an ISP, you may have to contact your ISP to see if they can set your permissions. Most ISP's that have experience hosting web server applications will either do this upon request, or may provide an online tool for you to do that yourself. If your ISP provides an online Control Panel for your site, you may be able to setup the permissions right from there without having to wait for your ISP to set them up for you. For more information on permissions, see the section on Troubleshooting.

18


XUD v3.x Administrator's Guide

4.6

Basic Configuration Options

The next step is to edit the system configuration file, XUDConfig.asp, also referred to in this document as the config or configuration file. If all of your filesystem permissions are set properly, you can edit the configuration file online by selecting System Templates from the Config & Templates menu on the administrator menu. The settings described below are the minimal settings necessary to get the system operational. For information on all the possible settings available, see Appendix A – Configuration Options.

4.6.1

URL Settings

There are certain URL settings that are essential to ensure that XUD knows where it is located and where other installed XCENT web server applications installed on your site are located. The gsXUDURL setting should be set to the correct URL location of the XUD installation on your web site. The URL settings should end in a forward slash, as shown in the examples below: gsXUDURL = "http://www.your-site-url.com/Membership/" gsAUCURL = "http://www.your-site-url.com/Auction/" gsCADURL = "http://www.your-site-url.com/Classified/" gsNPURL = "http://www.your-site-url.com/News/" gsDIRURL = "http://www.your-site-url.com/Directory/" gsMSGURL = "http://www.your-site-url.com/Forum/"

The various URL settings control what other XCENT web server applications you will also be installing on your site. You do not need to configure these yet as part of the initial XUD system, but if you know where you will be installing the other applications on your site, you can setup these settings now. Below is a list of the settings you want to configure when connecting the XUD system into the other installable XCENT web server applications.

19


XUD v3.x Administrator's Guide Table 4-1 URL and Description Settings

Setting

Applies To

Description

gsXUDURL

XUD

URL of the installed location of the XUD Membership system on your site.

gsAUCURL

xcAuction

URL of the installed location of xcAuction on your site. Leave as-is if you will not be installing xcAuction also

gsAUCDesc

xcAuction

Text description of the auction system on your site. If you are unsure, lease this as-is.

gsCADURL

xcClassified

URL of the installed location of xcClassified on your site. Leave as-is if you will not be installing xcClassified also.

gsCADDesc

xcClassified

Text description of the classified system on your site. If you are unsure, lease this as-is.

gsNPURL

xcNewsPlus

URL of the installed location of xcNewsPlus on your site.

gsNPDesc

xcNewsPlus

Text description of the news system on your site. If you are unsure, lease this as-is.

gsDIRURL

xcDirectory

URL of the installed location of xcDirectory on your site.

gsDIRDesc

xcDirectory

Text description of the directory system on your site. If you are unsure, lease this as-is.

gsMSGURL

xcForum

URL of the installed location of xcForum on your site.

gsMSGDesc

xcForum

Text description of the forum system on your site. If you are unsure, lease this as-is.

20


XUD v3.x Administrator's Guide

4.6.2

Email settings

These are settings that are related to the email functionality of the system and their proper configuration is required in order for the software to work properly. Email Component An include file listed at the top of the XUDConfig.asp configuration file tells XUD what Email Component that you are using. You should set this depending on the Email Component that is installed on your web server (see the section entitled Visit XcDiag.asp Page if you are not sure which Email Components are installed on your web server). Look for a line like the one below toward the top of the MSGConfig.asp file: <!--#include file="XcCDONTSLib.asp"-->

Tip: By default, the application comes configured to use the Microsoft CDONTS Email Component. CDONTS is an included component of the Microsoft IIS web server. However, CDONTS is not operational on most web servers until it has been configured for use. If CDONTS is installed, but does not seem to send email, it is simply not configured for use. It will not generate any error messages if it has not been configured. The email messages will simply not be sent anywhere. This is the line that you will want to modify depending on the Email Component that you are using. See the chart below for a list of additional available supported Email Components. For a list of the most current supported Email Components, check the Downloads section of the XCENT web site, or see FAQ article #18. Table 4-2 Email Component Include File Settings

Email Component

Include File Setting

CDONTS

<!--#include file="XcCDONTSLib.asp"-->

CDOSYS

<!--#include file="XcCDOSYSLib.asp"-->

CDOSYS – using the pickup folder on the server.

<!--#include file="XcCDOSYSPickupLib.asp"-->

ASPEmail

<!--#include file="XcASPEmailLib.asp"-->

ASPMail

<!--#include file="XcASPMailLib.asp"-->

ASPQMail

<!--#include file="XcASPQmailLib.asp"-->

ASPSmartMail

<!--#include file="XcSmartmailLib.asp"-->

BambooSmtp

<!--#include file="XcBambooSMTPLib.asp"-->

JMail

<!--#include file="XcJmailLib.asp"-->

SMTPMail

<!--#include file="XcSmtpMailLib.asp"-->

21


XUD v3.x Administrator's Guide

Note: CDOSYS is a replacement for CDONTS in Windows 2000 versions and later. CDONTS still exists in Windows 2000, but is completely deprecated in Windows 2003 versions. There are two versions of CDOSYS included with XCENT applications. The first version XcCDOSYSLib.asp is intended to work as an email component connecting to a third party email server. This library requires the gsMailHost setting to be configured. The other version included with XCENT applications, XcCDOSYSPickupLib.asp uses the SMTP services of IIS and sends mail through the pickup folder on the server. If you are unsure which one to use please contact XCENT technical support for assistance.

Options There are two configuration settings that are necessary for email functionality to work properly within the application. These are located within the Email Related Settings section of the configuration file. The gsAdminEmail setting is used to define the “From� email address used for all emails sent from the program. This should typically be set to an email address that is local to your site. That is, it should look like the example below, only substitute your domain name for your-siteurl.com: gsAdminEmail = "myname@your-site-url.com"

Tip: Since most ISP's will filter all outbound email that does not look like it is valid for any of the networks/domains that they host, you probably must use a valid email address for the gsAdminEmail setting. If this is set to an invalid value, most ISP's will block the outgoing message and it will appear as if your web site is not able to send any email messages. The gsMailHost setting should contain the address of the mail server that you will be using to send email. If your site is hosted by an ISP, you will need to ask them for the mail server address if they have not already provided it when you signed up for hosting. If you are using the Microsoft CDONTS or CDOSYS (pickup folder library) component, for sending email, this setting is not actually required. gsMailHost

= "mail.your-site-url.com"

Important Note: If you are hosting on your own equipment, the mail server you point to with this setting must be configured to forward email for the web server.

How To Test To test the ability for the web server to send email based on your configuration settings, you can use the Send Single Email option on the Tools menu of the administrator interface. This will test the ability of the application to send an email message based on how you have configured it via the above settings. If you want to test the ability of the web server to send an email message using a specific Email Component, then within the application folder there are several test scripts that you can

22


XUD v3.x Administrator's Guide

use to interactively try various settings. In the table below there is a list of the test scripts for all the available Email Components at the time of this writing. Using the Email Component test scripts, you can determine if your web server is able to properly send an email message. When the test script, or the application, sends an email message using a particular Email Component, the component is actually responsible for getting the message to the configured email server. If the email sent from your web server is not being delivered, it is most likely due to the email server you are pointing the component to is not allowing mail to be forwarded through it from the web server. If this is occurring, you need to ask your ISP for the mail server you can forward mail through from your web server. If you are running your own mail server, you need to configure your mail server to accept forwarding from your web server. Table 4-3 Email Component Test Scripts

Email Component

Test Script

CDONTS

XcTestCDONTS.asp

CDOSYS

XcTestCDOSYS.asp

CDOSYS – using the pickup folder on the server.

XcTestCDOSYSPickup.asp

ASPEmail

XcTestASPEmail.asp

ASPMail

XcTestASPMail.asp

ASPQMail

XcTestASPQmail.asp

ASPSmartMail

XcTestASPSmartmail.asp

BambooSmtp

XcTestBambooSMTP.asp

JMail

XcTestJmail.asp

SMTPMail

XcTestSmtpMail.asp

23


XUD v3.x Administrator's Guide

4.7

Conclusion

You have now completed the initial set up for XUD, and the application should be functional at this point. Consult the sections below for further information on the additional configuration options and features that are available for you to further customize XUD to better fit your specific site and needs. If you encounter any problems during the installation of XUD, please refer to the Troubleshooting section found later in this document. Most of the major obstacles encountered during installation will be outlined in additional detail there. If that does not answer your question, see the FAQ database on the XCENT web site at http://www.xcent.com/FAQ. The FAQ database contains the most up to date information on known issues and ways to resolve them. If you see an error message, try searching the FAQ database for portions of the error message or the number that might be displayed in the error message. If you are still unable to resolve your issue, you can contact XCENT technical support by using the support form at http://www.xcent.com/support/. If submitting a request to support for the first time, please be sure to include your registration code if you are not responding under the email address your application is registered under, and a complete description of the problem you are encountering. For example, if you are getting an error message, be sure to include the text of the error message in your email in order to help the technician respond to you as quickly as possible.

24


XUD v3.x Administrator's Guide

5 Additional Installation Options Below is a list of additional installation options that are not required for the basic operation of the software.

5.1

Most Common Application Settings

This section details some of the most important settings to consider within the XUDconfig.asp config file. To view the complete list of settings that are available to you, please refer to Appendix A – Configuration Options

5.1.1

Moderating Registrations

One of the decisions you need to make is whether you want users to be enabled as soon as they register a new account on your site, or whether you want to validate new user registrations before the end user has access to your site. If you choose the latter option, then users will not be able to login to the site until you have manually approved their registrations (see User Management). The configuration option that controls this option is giRegNewUserEnable. Be sure this is set to TRUE if you want users to be enabled immediately or set to FALSE if you want to manually validate all registrations. If you are moderating registrations, you may want to set giNotifyAdminNewReg to TRUE. Doing so means that you will be sent an email the first time a new user has registered since the last time you logged into the admin area. This setting is ignored if you are not moderating registrations. Only one email notice will be sent to the administrator email address on the first new user registration. Subsequent registrations will not send any more email notices until the administrator logs into the site again. After the administrator has logged into the site, the next new user registration will cause a notice to be sent to the administrator address again.

5.1.2

Billing Information

Another important concern is whether or not you want to collect user billing information at the time of registration. Be careful if you decide to require billing information at the time of registration as this may discourage users from registering if you do not prove to them that you have extremely compelling content on your site. The setting that controls this option is the gbGetBillingAtReg setting. Set this to TRUE if you want to require users to enter billing information at the time of registration and FALSE if you don’t. Tip: If you are using the billing functionality within any of the integrated XCENT applications, the system will automatically check and prompt the user for their billing information when they attempt any operation that would result in a charge to their account. If the user has not entered billing information at the time of registration, then that user will not be able to access any billable features until they enter their billing information. This makes it perfectly safe to set gbGetBillingAtReg to False even if you do charge fees for certain portions or features of your site. The applications will automatically prompt for and adjust individual user accounts when it is needed.

25


XUD v3.x Administrator's Guide

5.2

Upload Component

XUD includes the built-in capability to upload files through the browser. In order to take advantage of this functionality, you need to have an upload component installed on your web server. In order to configure the site to use an upload component, you need to set the value for the giUploadHandler in the configuration file to the value corresponding with the upload component that is installed on your web server. Tip: You can check what upload component is installed on your web server by looking at the XcDiag page (see Visit XcDiag.asp Page) or by asking the ISP that hosts your site. If you are unsure whether or not you have a compatible upload component installed, contact XCENT support and include the URL of your site. XUD uses an upload component to allow users to attach files to messages sent through the MessageBase (see Composing Messages). In order to allow users the option to include attachments with their MessageBase messages, the configuration setting gbMBAllowAttach must be set to True. There are also additional configuration settings that control the options available for MessageBase attachments. For more details on these settings, see Appendix A – Configuration Options.

5.2.1

How to test functionality

To test the ability of the web server to handle file uploads for MessageBase attachments, you can use the Upload Test function under the Tools menu. The upload test asks for you to upload a graphic image and then will attempt to show you the image you uploaded. If an error is encountered or the image does not display, then there is a problem with the installed or configured Upload Component. Most likely causes are you either have not configured an Upload Component, or your web server does not have proper filesystem permissions and cannot save the uploaded file.

5.3

Imaging Component

The XUD requires an imaging component to be installed in order for it to utilize the functionality of the AntiBot Protection features or enforcing image size constraints on user

26


XUD v3.x Administrator's Guide

uploaded profile images. For the AntiBot features, this component is responsible for generating the image file that contains the random code for the AntiBot Protection features. You need to configure the giImagingHandler setting in the XUDConfig.asp file to correspond with the imaging component you have available on your system. For more information about this setting and other settings related to the AntiBot Protection feature, please see Appendix A – Configuration Options. Tip: You can check what imaging component is installed on your web server by looking at the XcDiag page (see Visit XcDiag.asp Page) or by asking the ISP that hosts your site. If you are unsure whether or not you have a compatible imaging component installed, contact XCENT support and include the URL of your site.

5.4

Template

XUD uses a template system to create the look and feel of the application. The template is a plain static HTML file that acts as a container for the dynamic XUD content. By modifying the template file or by creating your own template, you can control the look and feel of the XUD application and visually integrate it with the rest of your site. Critical: The template file is a static hmtl file that is never processed by the web server directly (it is only read by the application). Even if you rename the template as an .asp file, it will not execute any server side processing. If you need to include dynamic server side content, it must be done by using other methods. The template itself can include html code as well as client-side processing languages, such as JavaScript. JavaScript is typically how banner content would be included in your template. Your banner management tool must have a method for displaying banners on plain static HTML pages. Most full featured banner tools will have this as a standard feature. The default HTML Template file, XUDTemplate.htm, is located within the HtmlTxt folder. The XUDTemplate.htm file is a plain HTML file that formats the content output that XUD generates. To create your own specialized template file, just take the HTML source from any page in your site and remove all the content from it that you do not want to be displayed on your membership pages. Then, where you want the membership content to appear within your template, you simply insert the macro tag %CONTENT% in the source. This macro tag must not have any breaks or spaces within it in order for XUD to see it properly. Also, if your template utilizes HTML tables at all, be sure all your table tags are 100% correct. Malformed table tags can prevent the output of XUD from displaying properly (especially nested tables in Netscape Navigator). If you are creating your own template, you should be sure to include the CSS definitions that are used in XUD. These are the settings that are contained in the xcXUD.css file in the XUDHtmlTxt folder. To include this file in your template, be sure to use the following line of code: <LINK href="XUDHtmlTxt/xcXud.css" type=text/css rel=StyleSheet>

CSS definitions used within XUD can be found in Appendix B – CSS Definitions. You can modify the CSS definitions to suit the look and layout of your site design.

27


XUD v3.x Administrator's Guide

Critical: If you want change the name or location of the template file, you will need to update the gsPageHeader setting in the configuration file.

5.5

Layout and Design Settings

It is easy to control the colors and fonts that are used within XUD. This allows you to more fully integrate XUD within an existing site. The colors and fonts used within XUD are controlled through CSS settings that are included within the default template. You can modify the CSS definitions in order to suit the needs of your site. See Appendix B – CSS Definitions. Critical: If XUD is not displaying with any font or color definitions, check and be sure that all of the CSS definitions used within XUD are included in your template.

5.6

System Language Customization

XUD is designed to be customizable to suit the needs of your site. Whether you want to change a few words here and there to suit your target audience or you want to translate the entire application to another language, the following sections will help you.

5.6.1

Language File

The XUDLangUSEng.asp file is the language file that contains all the short text used throughout the program, and the XUDAdmLangUSEng.asp file contains the short text used throughout the administrator interface. The language file contains mostly single words or short text messages such as form field names, error messages, titles, and so on. There is no documentation for the individual settings in the language file, and any translation should be a literal translation of the text within the file. The language file is arranged so that all settings for one file are grouped together. If you need to change the text or the style of text in a particular spot, find the part of the language file containing the settings for that page, and make any necessary changes. The language file and the .HTM files contain a mixture of text and HTML. These files should only be edited with a plain text editor by someone with an understanding of basic HTML syntax (to ensure that no critical HTML code embedded within the text is changed). Tip: If you customize the language file for your locale, you should rename it and configure the include line in your configuration file accordingly. Otherwise updates to the language file from XCENT can overwrite any changes that you have made.

5.6.2

Html files

Larger blocks of text used within the application are contained in .htm or .txt files within the XUDHtmlTxt folder. Any of these files that are related to the user interface areas are directly editable online through the admin area of XUD by selecting the HTML Templates option.

28


XUD v3.x Administrator's Guide

Important Note: Except for the main system's HTML template file, all the other HTML templates are actually fragments. They do not contain a complete HTML document. As such, be careful if you edit the other HTML templates with an HTML layout tool like Microsoft FrontPage or Macromedia Dreamweaver.

5.6.3

Email files

The folder XUDEmailTemplates contain templates for email messages that the system can send out to your site users. All of the email templates are plain text files that can be edited with any plain text editor or the template editor by clicking the Email Templates option from the Config & Templates menu in the administrator interface. The template editor contains a description of all the email template files and their uses. Many of the email templates contain embedded macros. The embedded macros look like a percentage character (%) surrounding some macro name, like %MACRO%. The places these appear at will be replaced by appropriate values when the email message is generated. If you edit your email templates, be careful not to disturb the macros or else the correct information may not be included in the email message. Not all macros are used in all messages (macros you see in one message cannot just be used in any other message). One email template is actually a special template and is appended to all outgoing email messages sent via the XUD membership system. This is the XUDEmailFooter template. You can edit the email footer to include any specific information about your site that you want in all messages sent to users. Examples might be copyright notices, special promotional messages, or simply your site's URL.

5.7

Detailed Configuration Options

For a more detailed list of configuration options refer to Appendix A – Configuration Options. Tip: Here are some tips you may want to keep in mind when editing the configuration file. The XUDConfig.asp file is an ASP file so it has special syntax: If you want to include quotation marks within a setting that is already enclosed within double-quotes, you will need to type the double-quotes twice. This technique is called "escaping the character". Example: gsSetting = "Here's a quote mark "" - this is how it looks."

Any lines that start with an apostrophe (‘) are comments which are ignored by the application. Sometimes XCENT configuration files include more than one version of a setting for easy reference. Only the one that does not start with an apostrophe is the one that is being used.

29


XUD v3.x Administrator's Guide

6 User Interface Features This area describes some of the User Interface Features available in XUD.

6.1

Registration

Users will need to register before they can access certain features of your site. Registration consists of entering information and creating a user account in the XUD user database. Depending on the configuration options you set, users may not have to go through all of the separate steps shown below.

6.1.1

User Agreement

The user must check the box at the bottom of the page to indicate agreement with your site terms. Tip: You should edit the XUDUserAgreement.htm file to reflect the terms of your site. What you enter should be specific to your site’s needs.

6.1.2

General Information

This page asks for certain pieces of information regarding the user who is registering. The site admin can configure which of these fields are displayed as well as which are required. (See Appendix A – Configuration Options) If a user clicks on the question mark next to each field, a pop up window will open which will explain the field. The text in these pop-up windows is editable through the admin area so you can customize it to language appropriate to your site.

6.1.3

Subscriptions

If you have configured your site to use subscriptions by setting gbShowSubscriptions to True, this is where the user will be able to choose a subscription option.

6.1.4

Billing Information

If you have set gbGetBillingAtReg to True, or if the user has selected a subscription that will incur a signup fee, then the user will be prompted to set up their billing information as part of the registration process.

30


XUD v3.x Administrator's Guide

6.1.5

Register Account

The final step in registration allows the user to choose their user name. If you have set gbUserPickPassword to True, then the user will also have the option to choose a password at this time. Otherwise, a random password will be chosen and emailed to them. The later is the default technique XUD uses for new account registrations. Tip: If you are concerned about security or receiving many bogus user accounts, set gbUserPickPassword to False. This will ensure that anyone who registers must supply a valid email address in order to access the site since the user will be unable to log in until he receives the password via the email address that has been supplied.

6.1.6

AntiBot Protection

During the process of choosing an account name, if the gbAntiBotRegProtect setting is configured to True, the user will be prompted to type in the letters that appear in a randomly generated image from the system. This feature requires that an Imaging component be installed on the server and configured for the application. The user will be prompted with an image that contains random characters based on the characters that are in the gsAntiBotChars configuration setting. The user will then need to enter in each character exactly as it is displayed in the image to continue through the registration process. Below is an example of the screen that a registrant would see if you had the AntiBot Protection enabled.

In order to complete the registration process in this scenario, the user needs to enter 8LF7B1 into the box beneath the AntiBot image. This feature is case sensitive, so those characters that are uppercase need to be uppercase to complete the process. This feature helps prevent automated scripts from registering users on your site. The requirement of viewing the image and entering the characters exactly separates real registrants from automated scripts.

6.1.7

Point of Sale Billing

XUD contains the ability to collect charges for certain actions within the application at the time that the action occurs. This feature is similar to a real time billing schema in that it provides

31


XUD v3.x Administrator's Guide

the application with enough power to suspend registration until the appropriate charges can be collected. Point of Sale Billing in XUD currently only applies to users who select a subscription that is not free. If you have not enabled subscriptions on your site, then there will be no Point of Sale billing during the registration process. Credit Cards The Point of Sale Billing functionality built into XUD can collect subscription charges via credit card before their registration is completed. If the charge is declined, the user will be prompted to check and edit billing information, and the user can try to register again after editing this information. Important: If you are going to implement Point of Sale Billing and you are accepting credit cards, be sure that your site is configured to collect credit card payments through a supported Merchant Gateway. For more information regarding online credit card processing, please refer to the section entitled Installation and Configuration of the Online Processing Module PayPal/ NOCHEX The Point of Sale Billing system for XUD has only limited support for PayPal and NOCHEX. If a user has selected either of these payment options and you have turned on Point of Sale billing, the user will be prompted to continue to the appropriate site to submit their payment. However, their registration will not be blocked if they fail to do so. If your site is collecting PayPal payments, it is recommended that you utilize the IPN feature for PayPal for this greatly simplifies the process of Point of Sale Billing. If you are not using the IPN feature, you will have to manually post a credit to the user’s account when you receive their PayPal payment. Note: The Point of Sale Billing system can be enabled and disabled through the gbCollectFeeAtPos setting in the Billing Options section of the configuration file.

6.2

Edit Registration

Once a user has a valid account, they can update their account information any time by editing it in the membership area with the Edit Your Registration option.

6.3

Logging In

In order to access features within the XUD and within the other integrated web server applications, the end user will need to log in by entering their user name and password.

32


XUD v3.x Administrator's Guide

Tip: If you can log in through XUD but you are unable to access features within another XCENT web server application, it is possible that those other applications are not configured and connected to the same database as XUD is. Check your database connection files in all the installed XCENT web server applications and be sure that they are pointing to the same database.

6.4

User Profiles

User Profiles are an optional feature of XUD that allow you to create an added sense of community within your site. User Profiles contain a number of pre-defined fields that you can choose to use: Name, Locale, Email Address, Website URL, Image URL, and Comments. You can also define up to 16 of your own fields- this allows you to display information that is specific to your site. For example, if you are running a sports themed site, you may want to designate a field to allow a user to display his favorite sport. The following rules apply to the fields that you can customize:

Field1, Field2, Field3, and Field4 can be used for short text of a maximum length of 20 characters. These may be appropriate for

Field5, Field6, Field7, and Field8 can be used for longer text of a maximum length of 80 characters.

Field9, Field10, Field11, and Field12 can be used for integer (whole number) values.

Field13, Field14, Field15 and Field16 can be used for decimal values.

See Appendix A – Configuration Options for more information on choosing which fields you use and on other settings related to user profiles.

6.4.1

Creating/Editing a Profile

Tip: If you are using any of the customizable fields, the text that is used for them can be defined in the language file, XUDLangUSEng.asp. If User Profiles are enabled, you can click on the Edit User Profile link on the XUD home page (XUD.asp) to create or edit you profile. You will see prompts for all the fields that have been enabled in the config file. Just enter appropriate values for each field and click on the button at the bottom of the page to save your changes. Note that since profiles are publicly viewable, you should be careful about what information you include and what information you, as an admin, ask your users to submit.

6.4.2

Viewing a User Profile

You can click on links from within other XCENT applications to view a user’s profile. Alternately, you can click on the “View a User Profile” option from the main XUD page and then enter a user name.

33


XUD v3.x Administrator's Guide

Tip: The template that controls the language and layout of the User Profile page is XUDUserProfile.htm This is the file you can edit to change the labels for the various fields, to remove fields from view, or to tweak the page layout to better suit your style preferences.

6.5

User Message Base

The User Message Base System is a way to allow your site users to communicate with each other without having to reveal their email addresses. Since all messages are stored within the database and can only be retrieved by going to the XUD area of your site, the Message Base system is also an excellent way to encourage users to frequent your website. The User Message Base System is also utilized by applications that are integrated with XUD. Tip: There is a configuration option that you can set if you want users to receive MessageBase Emails directly instead of listing them on the site. This is the gbMBSendAsEmail setting. If this is set to True, most of the capabilities listed below will be turned off. Users will still be able to compose messages, but they will not be able to upload files, and they will not have an Inbox or a Sentbox.

6.5.1

Composing Messages

XUD can be configured to allow only registered users to send Message Base Messages, or it can be configured to allow anyone to do so. This is controlled by the gbMBAllowNonReg setting in the config file. In some cases, it might be advantageous to allow non-registered users to send messages. For example, if you are using xcClassified Pro, restricting Message Base usage to registered users might result in fewer responses to ad items. If a user is registered and logged in, their user name will already be filled in and they will not be prompted to enter their Email address. If you allow unregistered users to compose messages, they will be required to enter a Name and Email address. If a user has clicked on an external link to bring them to the compose page, the To field will typically be filled in already. Otherwise, they will have to type in the user name to whom they want to send a message. All users are required to enter a Subject and Message. After clicking the button at the bottom of the page, the user will be brought to the message preview screen. If you have configured an Upload component (see Upload) and set gbMBAllowAttach to True in the config file, then users will have an option to attach a file to the message by clicking the Add Files button at the bottom of the page. As the admin, you can restrict the file types that can be attached through the gsMBAllowedTypes configuration setting. Click on the Browse button to locate a file on your hard drive that you want to upload. You can also enter a description in the File Description box. When you are ready, click the Upload button at the bottom of the page. Note that it can take awhile to upload a file especially if it is a large file or if you are using a slow Internet connection.

34


XUD v3.x Administrator's Guide

Once the file has been uploaded, you will see it added to the list of files that you have uploaded. You can continue uploading more files until you have reached the setting for giMBMaxFiles. When you are done uploading files, click the Finished button. You will then be able to preview the message again before hitting the Send button to finish the process.

6.5.2

Your Inbox

Your Inbox is where you can see private messages that other users have sent to you. Tip: You will get an email notifying you of a new message the first time that you get a message in your message base inbox. You will not get another notification email until after the next time that you check your Inbox. So, you may have more than one new message the next time you check. Each row in the inbox signifies a message that you have received. The first item in each row is a Checkbox. You can use this to delete messages from your inbox. Just check the boxes of all messages you want to delete and then click on the Delete button at the bottom of the page. Next to the checkbox is some visual information about the message you have received. You will see either a closed envelope, signifying a message that you have not yet read, or an open envelope to signify a message that you have already read. If your message contains attachments, you will see a paperclip icon as well. The next column contains information about the user whom the message is From. If the message is from a registered user, this column will display their user name. If not, it will display the name they entered when sending a message as well as a special icon that denotes the fact that the message is not from a registered user. The Received column displays the date that the message was sent. The System column will specify whether the message came through one of the systems that is integrated with XUD (such as xcForum, xcAuction, etc.) Tip: If the message is in response to an item located in another XCENT web server application, you can click on the icon in this column to see the item in regards to which the message was sent. The Subject column contains the subject that the user entered when sending the message. You can click on this subject or on the icon at the beginning of the row in order to display the message detail. When you are viewing a message, you can choose to Reply to it or to Delete it. If there are any files attached, they will be listed at the bottom of the page. You can click on a file and it will be displayed within a pop up window.

6.5.3

Your Sentbox

Your Sentbox is where you can see messages that you have sent to other users. Each row signifies a message that you have sent. You will see either a closed envelope, signifying a message that has not yet been read by the recipient, or an open envelope to signify a

35


XUD v3.x Administrator's Guide

message that has already been read. If your message contains attachments, you will see a paperclip icon as well. The next column contains the user name of the person who you sent the message To. The Sent column displays the date when the message was sent. The Read column displays the date on which the message was read. The System column will specify whether the message came through one of the systems that is integrated with XUD (such as xcForum, xcAuction, etc.) The Subject column contains the subject that the user entered when sending the message. You can click on this subject or on the icon at the beginning of the row in order to display the message detail.

6.6

Edit Billing Information

This is the page that users can go to if they want to update their billing information. Depending on the billing option that is selected, certain fields will be required in order to continue. Any options that are not credit card types will not require the user to enter a credit card number. Tip: Some of the fields displayed on this page will be disabled depending on what payment method is selected from the drop down box.

6.7

View Bill

If you are using your site for any billable features, this is where users can keep track of their charges. Tip: If you are not billing for any features within XUD, you may want to remove the View Bill link from the template file and from the XUD.htm file which displays on the main page. This will help avoid confusion amongst your users. By default, the View Bill page shows the charges for the current month. Users can change the month that is displayed through the Choose Billing Date box at the top of the page. Lower on the page is a detailed list of transactions for the billing period. This list works similarly to viewing a checkbook. The first column is a Reference column, which will display a general description of the transaction. The System column will display the system to which the transaction applies, if applicable. Below are some of the values you will see in the System column:

AUC – xcAuction related transactions.

CAD – xcClassified related transactions.

DIR – xcDirectory related transactions.

SYS – XUD Related transactions including automated payments as well as manual adjustments.

36


XUD v3.x Administrator's Guide

The Description column will display a link to the item for which the charge was incurred, if applicable; otherwise, it will display a description. The Transaction Date will display the date on which the transaction was posted. If the transaction is one in which a user paid money to the site or one in which the amount a user owes was reduced, then an amount will appear in the Credit column and this amount has been subtracted from the amount that user owes. If the transaction is one in which the user incurred a charge- such as posting an auction item- then an amount will be displayed in the Debit column and this amount has been added to the amount the user owes. The final column, the Balance, displays the user’s current total. There may be buttons at the bottom of the page to allow user to pay their balance at the time they view their bill. Currently, buttons will be displayed for PayPal and for NOCHEX if you have enabled either of these as valid payment options.

6.8

View Website Fees

This is the page where you can display the fees that are charged for your site so that your users will have easy access to them. Tip: The files that are used to display fees are located in the XUDHtmlTxt folder and can also be edited online. To update the Classifieds listing fees, edit the XUDCADListingFees.htm file; to update the Auction listing fees, edit the XUDAUCListingFees.htm file; to update the Directory listing fees, edit the XUDDIRListingFees.htm file. The listing fees info needs to be manually updated by the site admin in order to stay correct.

6.9 6.9.1

Your Password Changing the Password

You can change your password at any time by choosing the Change Password option from the XUD home page. You will need to enter your current username and password. You will also have to enter your new password and confirm it- this is to ensure that you have not made a typo. After you change your password, you can use the new password the next time you log in.

6.9.2

Lost Password

If you can’t remember your password, just click on the Lost Password link on either the login form or the XUD home page. You will need to enter the Email address with which you have registered. The system will immediately generate a random password and Email it to you. Depending on your ISP, it may take awhile to actually receive the Email. Once you log in with your new password, you can change it to something that is easier to remember.

37


XUD v3.x Administrator's Guide

6.10 Mailing Lists Tip: To disable mailing lists completely, set gbMailingListEnable to False in the configuration file. You may also want to edit the XUD.htm and the template file so that these menu options do not appear. You can offer users the option to join mailing lists through your site- this will let you inform them easily of any announcements related to your site. You can define as many or as few lists as you want through the admin area. If you have set gbMailingListRegUsersOnly to False, then this will allow anyone to join the mailing lists using any Email address they enter. So the first page a user will see is a page in which they can enter the email address they want to use. Otherwise, users will only be allowed to view the mailing list options using the Email address with which they registered, so they will not see this screen. Important: This option can allow anyone to add any email address to a Mailing List. If you enable this option be careful to monitor your mailing list membership closely so that someone is not adding email addresses maliciously to your lists. The next page will display the list of mailing lists and it will notate whether or not the email address is currently subscribed to the list. This is the page where a user can decide to subscribe or unsubscribe to specific lists. The box next to any list to which the user wants to be subscribed should be checked, and the box next to any lists where the user does not want to be subscribed should be unchecked. After hitting the Save button, the subscription information is updated.

6.11 Securing Private Areas on Your Own Site Not only is XUD a common user account and registration database for XCENT products, but you can also use it to secure content that you create yourself. XUD makes it easy for you to secure your own content by using simple include files. You can protect your own web files so that all users who are logged in can view them, or you can further restrict it so that only logged in users with certain capabilities can view them. XUD comes configured by default with three example user capabilities that you can assign to a subset of your users if you want a page on your site viewable by certain users. These capabilities are: PA1, PA2 and PA3 (PA = Protected Access). For details on how to set up these user capabilities, see the section entitled Groups. XUD includes three example files that demonstrate the flexibility that you have in using XUD to secure your own content. These example files are located in the Membership folder with all the other XUD files. The first one is called SampleFile1.asp. Note: This method will not work to protect any ASP.NET (.aspx) files. ASP.NET does not process server side scripts in files that are included via a Server Side Include.

38


XUD v3.x Administrator's Guide

Any plain HTML files that you want to protect must be renamed as ASP files. You can safely rename your HTML files as ASP files without any ill effect. Once your HTML file has the .ASP extension on the file name, the server will know how to process the include file line you will add to your HTML page. It will not affect your HTML file in any other way. Notice the first line at the top of the sample file. This is the include statement you will need to add to your HTML pages to protect them. This include statement protects the rest of the content in this file from being seen by a site visitor, unless they are logged into your site. If they are not logged in, they will be redirected to your login screen or requested to register on your site. By adding the following text: <!-- #include file="XUDpa.asp" -->

we have turned a plain HTML file into protected content. The next file is SampleFile2.asp. In this example, we have made one small change. We have changed our include reference to point to a file called XUDpa1.asp instead of XUDpa.asp as we did above. This file restricts access to logged in users who are members of a group that has a specific user capability defined. User Capabilities allow you to define groups of users that do or do not have access to certain content. In this example the user capability is called “PA1�, for protected access #1. Users who do not have that capability will not be able to see content protected with this include file. If you need multiple groups to define content for, we have also provided two additional include files called XUDpa2.asp and XUDpa3.asp. These two files will protect content from users that do not have the PA2 or PA3 capabilities assigned to them respectively. The final example file is SampleFile3.asp. As you can see in this example, this file now has other ASP code in it instead of just plain HTML. This shows that you can also use XUD to protect any active content you might be creating yourself using ASP technology by using a single include statement as we did above. Tip: If you want to use this system to protect files in a different directory from your XUD installation, be sure the path used in the include line points to the correct location of the included file on your site.

39


XUD v3.x Administrator's Guide

7 Administrator Interface Features This section will describe the functionality in the Administrator Interface by describing the menu options that are available. Note for Advanced Users: The administrative interface relies on the Session settings in IIS. If you have done anything to override the default settings for Session Management on your site's server, this may affect the operation of the administrative interface. This means that if you are using the system in a web server farm, where the actual server in use can potentially change during a session, you should try to use a URL that can work from the same server throughout the entire administrative session. In some configurations, this means you should use one of the server's static IP addresses instead of the fully qualified domain name. If you do not have a means around that, the system will not malfunction, but the administrator page may log out periodically, causing you to login again to the system to finish your maintenance. The user interface does not use the IIS Session object at all and is not subject to this.

7.1

System

These options allow you to switch easily between the XUD admin area and the admin area of any XUD integrated applications that you have installed. Critical: If you click a link to an application that you have installed and do not see the page you expected, your URL settings in the configuration file probably need to be updated so that XUD knows the correct URL for the applications installed on your site. There is also an option to Logout, which you can use when you are done using the admin options.

40


XUD v3.x Administrator's Guide

7.2 7.2.1

Maintain Reminders

This section allows you to create reminders that will be displayed in case there is something you may want to remember for a later date for running or maintaining your site. Reminders are useful for periodic maintenance schedules. If more than one administrator is using the site, the Reminders section can be used to coordinate maintenance tasks. The top part of this section displays some statistics about your site users. The next section will display Active Reminders if you have any set. The bottom section allows you to Add A New Reminder.

7.2.2

User Management

This section is where you can manage information about specific users who have registered on your site.

7.2.2.1 Searching For Users The main page contains a powerful search form that you can use to search for particular users. You can search by any combination of the following: UserName, Full Name, Email Address, City, State, Postal Code, Phone Number, Registration Date (earliest and/or most recent) and Most Recent Login Date (earliest and/or most recent). You can also narrow your search to only show All Enabled Users or All Disabled Users. If your site is configured to require new accounts to be validated before the end user has access to your site, then you can check the box saying Only Show Unvalidated Registrations in order to validate new accounts to allow these users to have access to the site. This option will not be useful if you are not manually approving new registrations. Tip: If you click on the search button without entering any criteria, you will see an unfiltered list of all registered users.

41


XUD v3.x Administrator's Guide

7.2.2.2 Search Results Once you have chosen your method of searching, you will see a results page that consists of a list of users who meet your criteria. This list will contain some quick information about each user, including their User Name, Full Name, Email Address, the Registration Date and their Most Recent Login Date. You can change the sort order of the results by clicking on a column header. There are two Actions you can select from by clicking on buttons at the end of the row. The Edit button will bring you to the user information page for that user- for more information, see User Info. The Account button will bring you to the page detailing the user’s account activity- for more information, see User Account Activity.

7.2.2.3 User Info The User Information section consists of several sections. You can switch sections by clicking on the tabs at the top of the page. If you want to go back to your search results, you can click on the Search Results tab.

42


XUD v3.x Administrator's Guide

The top of each section contains some basic information that is displayed for your reference. This includes the User Name, Full Name and Email Address. The Created column displays the date on which the user registered. The Updated column displays the date when their registration information was last updated. The Last Activity column displays the most recent date when the user has logged into the site. The Account Balance displays the user’s current account balance on the site; if this is a negative number, that means the user has a credit on his account. Click tabs to switch between sections Current section

User Overview

The top box on this page contains some basic information that you can change. The first line allows you to Verify a user. You will see the user’s current verification status as well as a checkbox you can click on to change that status. Any users who are verified will have a special icon displayed next to their user name throughout the system. This can allow you to distinguish certain users as being more trustworthy than other users. If you want to use the verification feature, you can decide what criteria you will use in order to decide whether or not to verify a user. You can also set the verification to expire after a certain period, or to remain forever. The next line will display information regarding whether the user is Enabled or Disabled. Clicking the checkbox on this row will allow you to enable the user if the account is currently disabled or disable the account if it is currently enabled. Disabled users are unable to log in and therefore unable to access any parts of the system, which require users to be logged in.

43


XUD v3.x Administrator's Guide

The final line in this box is a textbox in which you can attach your own Notes to a user’s account. This information is not displayed anywhere to the user, so you can feel free to type whatever you want. It is meant to be used in case there is a piece of information about a user that you want to remember. For example, if you have disabled a user, you may want to enter the reason you did so. To save the information you have entered, you can click the Update button at the bottom of this section. You will also see a Delete User button which can be used to completely remove a user from the system. Do not use this option unless you are completely sure that you want to delete the user. This button will bring you to a confirmation screen, so you will be able to change your mind if you hit the button by accident. Tip: You cannot delete any users who have open auctions, open classified ads, bids on open auctions, or current directory links. Those items must either first be removed from the respective database or assigned to another account (where applicable). The User Statistics section at the bottom of the page will give you some quick information about your user’s activity within integrated applications. Clicking on a heading on this section will bring you to the search results page for the application as if you had manually performed a search for that user name. Tip: If you have upgraded from an edition of XUD that is less than version 3.0, please note that there was no mechanism in place to track statistics in previous editions. Therefore, any statistics will start from the time that you have installed version 3.x. Registration Information

At the top of the page, you can change the user’s password. This can be helpful if they have forgotten their password. The user will automatically be notified by email of their new password.

44


XUD v3.x Administrator's Guide

The bottom section of the page allows you to edit the user’s registration information. Click the Update button in order to save your changes. Subscription Information

The top of this page will display the user’s current subscription information. At the bottom of the page, you can change their current subscription information. You can select any Subscription you have defined. You can also enter the Subscription Expire Date for the subscription you have selected. You may override the values that have been defined for that subscription. You can also select to Autorenew this subscription when it expires. Tip: The Subscription Information tab will only be displayed if you have enabled subscriptions on your site.

45


XUD v3.x Administrator's Guide

Edit User’s Billing Info.

This page allows you to update the billing information for a user.

Account Activity This page displays information on the charges a user has accumulated on the site. For more details, please refer to the section on User Account Activity. Search Results Clicking on this tab will bring you back to the list of users that was generated from your original search.

46


XUD v3.x Administrator's Guide

7.2.3

Groups

The Groups section is a powerful tool to allow you to manage the capabilities defined for your site users. You can create an unlimited number of overlapping groups to allow for various ways of defining what your users are permitted to do. For example, you may want to define a power users group that grants extra capabilities and incentives to your most active site users. For a table that illustrates the list of capabilities that can be defined for your users, see Appendix C – User Capabilities. The first screen on the group administration page lists the groups that you have defined.

Tip: The groups are listed in ascending order of priority. This means the lowest priority is at the top of the group list, and the highest priority is at the bottom of the group list. When the application is trying to decide if a user has a certain capability and that user belongs to multiple groups, the application will look for the capability that is defined in the group with the highest priority. Therefore, it is very important that you pay attention to the order in which your groups are displayed on this page. The first group listed is the Everyone group. This is the group to which all users are assigned by default at the time of registration. Because this is the group that is used to define default user capabilities, you cannot disable or delete this group. You do not normally want to move this group from the top row (lowest priority). Each row displays certain information about a single user group. Then Enabled column shows whether or not you are currently using that user group. This property allows you, for example, to define a group that may be used for a seasonal special and then to simply enable it whenever you want that special to apply and disable it at the end of the special. The Count field displays the number of users who are assigned to the group. The Group Name field allows you to create a short descriptive name that will remind you of the purpose of the group. Examples of groups you may want to create include: Power Users, Free Users, Special Contributors etc. The name you use is only important as an aid to allow you to keep track of the groups you have defined.

47


XUD v3.x Administrator's Guide

The Action column allows you to perform certain functions related to the group. Clicking the up and down arrows allow you to change the priority of your groups. Keep in mind that any group capabilities defined in lower rows on the page override those defined higher up on the page for users who are members of more than one group. So if you want to create a Power Users group for some of your best users and a Special Power Users group for a select few of these same users, you would want to be sure that the Special Power Users group is displayed on a row beneath the Power Users group. Clicking the Edit button allows you to change the Group Name and whether or not it is enabled. The Delete button allows you to remove the group completely. Clicking the Members button allows you to manage the group members; more details on this process will be covered below in the section entitled Group Members. Clicking the Caps button at the end of the row will bring you to the page where you can define the capabilities for the user group. Once you click that button, you will see a screen like the one displayed below:

The first two columns are where you set the Capability and the Value for that capability. A full list of capabilities is available at Appendix C – User Capabilities. These capabilities allow you to define permissions including whether or not users can access certain features of other XCENT web server applications or whether or not they can post items within the other applications. There are also capabilities that will allow you to define groups whose members are not charged site fees or whose members are charged reduced fees. Some of the user capabilities are application specific and they will not apply unless you have also installed the corresponding application. To add a new capability, just type the capability and value in the empty boxes at the bottom of the page and then click on the Update button. To change an existing capability, click the corresponding Edit button- that capability will be brought into the boxes at the bottom of the page so that you can edit it. To totally remove a capability, click on the Delete button. Tip: There are certain capabilities for the Everyone group that you are not allowed to delete. These capabilties are important for running the application.

48


XUD v3.x Administrator's Guide

To return to the main Groups page, click on the word Groups in the navigation tree at the top of the page. To see a list of all members of a group, find the Members button next to the group name and you will be able to browse through a list of all user accounts assigned to that group.

Note: If you are using subscriptions, accounts that inherit the capabilities defined for a specific group will not show in the group membership. Group memberships only show user accounts that have been directly added to that group.

7.2.4

Group Members

This section contains the details on how you assign users to the groups that you have defined in the Groups section above. If you select the Group Members option from the admin menu, it will give you two options.

The table at the bottom lists all the groups that you have defined. Clicking on the Members button will allow you to manage the group’s membership.

49


XUD v3.x Administrator's Guide

The Find User box at the top of the page allows you to filter the list of groups, which is displayed. Choosing this option will only display the groups to which a user is a member. This option can be useful if you are trying to figure out why a user’s capabilities are not working the way you want them to. Remember- the lower the group is displayed on this page, the higher priority its settings will be. Once you click the Members button, you will see the Group Membership screen again, that lets you manage the membership for that group. The top row can be used to filter the display to search for a specific user. This can be helpful if you want to quickly see if a specific user is already a member of the group. To determine whether or not a filter is currently being applied, you can check the color of the filter button. If the filter button is red, this indicates that the list you are seeing has been filtered. The information for existing users includes their UserName, Name and Email Address. To remove a user from the group, click on the Remove button at the end of the corresponding row. The empty boxes at the bottom of the page allow you to add a new user. You only need to fill in ONE of these boxes and if there is a user account whose information is an exact match for what you entered, that user will be added. Note: The Group Members page will only display users whom you have manually entered into a group. It will not list users who have subscriptions that are associated with that group. Subscriptions allow a user to fully inherit the capabilities of a group as if that user was a member of that group without actually adding them to the group.

7.2.5

Subscriptions

This page allows you to define subscriptions that users can select for using your site. Subscriptions can work in conjunction with the User Groups functionality mentioned above. This allows you to have a lot of power in controlling your subscription features.

50


XUD v3.x Administrator's Guide

Each subscription contains a number of properties. The Enabled column tells you whether you are currently offering the subscription as an option to users. The Description field should be a brief word or phrase that will identify the subscription. You should use phrases that will make sense to the user and convey some sense of meaning. For example, you could offer a “Basic” subscription package as well as an “Enhanced” subscription package. The Signup Price is the amount that the user will be charged upon subscribing when they are creating a new account. The Signup Period establishes the length of time that must elapse before the subscription expires and needs to renew for the first time. The Renew Price is the amount that the user will be charged when the subscription is renewed for all subsequent renewals for the chosen subscription; the Renew Period calculates the length of time during which the renewal is valid. You can define a variety of subscription methods that implement varying signup and renewal prices and terms. The Group column displays which user group, if any, is associated with a subscription. Associating a subscription with a user group is what allows you to give extra capabilities to users who have paid for premium subscriptions. Each user who has subscribed inherits the capabilities of whichever group is associated with the subscription, just as if you had assigned the user directly into that group. You can create new groups that you will use only with your subscriptions, or you can use any pre-existing groups with your subscriptions. A subscription does not need to be assigned to a group at all. Remember that if that all accounts will be part of the Everyone group, so that if a subscription is not assigned to any additional groups, the user will still have the capabilities that are defined by the Everyone group. When subscriptions are enabled, all accounts must choose a defined subscription. If you want to offer free access levels to your site as well as paid content, you would simply need to create a "free" subscription and not assign it to any group, because all accounts will inherit the capabilities of the Everyone group automatically. Because of the way that subscriptions are defined, it is possible to allow a user to pay a charge for a subscription that will allow them to have access to your site’s features and not pay individual fees (example, auction listing or closing fees). To do this, you would associate the subscription with a user group that has the capability NOFEE defined. This means that users who have chosen this subscription option will not be charged any other site related fees for the length of the subscription. Because of the large variety of group capabilities that you can define, you can tailor the subscriptions you offer to the needs of your specific site. The Action column allows you to perform certain actions on existing subscriptions. The up and down arrows allow you to change the order in which subscriptions are viewed on the page. The Edit button allows you to edit an existing subscription option. The Delete button allows you to delete an option.

7.2.6

Process Subscription Renewals

This page allows you to run the process to renew any user subscriptions that have expired. This process will analyze all of the users registered in XUD and for those users that have a renewal subscription, XUD will charge their account the appropriate fee and renew their subscription for the corresponding period of time. If a user has selected no subscription when their current subscription period is completed the system will notify them that their subscription has expired and once they login again, they will be prompted to select a new subscription.

51


XUD v3.x Administrator's Guide

This process can take some time to complete depending on the number of users that are registered on your system. Be patient while this process completes. The browser will indicate when the process is finished when the animated logo in the top right hand corner becomes still and is no longer animated.

7.2.7

Currency Conversions

This page allows you to maintain currency conversion rates so that users will be able to see the approximate prices for items posted within xcAuction and xcClassified in an alternate currency, which they may have selected in their registration. Tip: If you do not want to display multiple currencies on your site, you should not create any entries in this section.

The Enabled column indicates whether or not you currently want to be using a particular conversion rate on your site. The Source Currency column is used for the money symbol of the currency which will be converted. Currently, applications using XUD support using only one source currency throughout the application. This will be the main currency you are using to display fees and prices. The Dest Currency column is used to indicate the money symbol of the currency to which you will be converting to. This is also used to define the possible values that a user can define for their preferred currency. Tip: If you are using two currencies that use the same symbol, such as $, you should distinguish them in some way- i.e. USD$ or CAD$ to avoid any possible confusion. The Conversion Factor column is used to indicate the conversion rate. This value should be updated by the admin periodically or if there is a large fluctuation in the conversion rate that is defined. This number should be what you would use to multiply an amount from the source currency in order to get an equivalent value in the destination currency. If you are not sure if you are entering the correct value, click in another box once you have entered this number. 52


XUD v3.x Administrator's Guide

Then the Example column will be updated to show you an example conversion using this rate. Once you are satisfied that you are entering the correct values, then click on the Save or Add button to apply your changes. To edit the values for any existing currency conversion rate, you can click on the Edit button at the end of the row. To delete a currency conversion rate, click on the Del button. For information about conversion rates, a good resource to consult is the site: http://www.xe.com

53


XUD v3.x Administrator's Guide

7.2.8

Remove User Message Base Messages

This page allows the administrator to remove old User Message Base messages from the system to free up space. This function also removes the associated attachments to the User Message Base messages that are deleted. This page is very simple to use. Select the date you wish to remove all User Message Base messages and attachments that were posted before that date and click the Delete Messages button. The system will then calculate the number of messages that will be removed and display that number on a confirmation page. Click the Delete button to remove the messages and attachments from the system. Note: Once the messages are removed from the system there is no way to retrieve the message or the attached file(s). Be careful to remove messages that are sufficiently old enough to be sure that any user who would want to read his or her message has had a chance to do so.

54


XUD v3.x Administrator's Guide

7.3 7.3.1

Lists Countries

This is the page you can use to maintain the list of the countries that are used in drop down lists in various places within the application, including the registration form.

The first column allows you to modify the display name used for the country. You can also control various properties for each country. The Enabled field controls whether or not the country is included as an option in the drop down display for Country fields. The Banned and Alert fields are not currently used as of this writing. The Default Country column allows you to select one country that will be the country selected by default when users are registering. You should set this to the country you envision as being the most popular native country for your target users. Once you have set the properties for the countries on the page you are viewing, you can hit the Save button at the bottom of the page.

55


XUD v3.x Administrator's Guide

7.3.2

Blocked Email Addresses

This page allows you to manage the list of Email addresses that are blocked from registering on the site. Any users whose Email addresses match the list on this page will not be allowed to register for your site.

There are two possible ways of entering an Email Address to block. If you just want to block a single email address, then you just enter that email address. However, it is also possible to block all users from a specific domain by entering an asterisk (*) before the domain. For example, if you do not want to allow any users with hotmail email accounts to register, you can enter *@hotmail.com. In the Reason field, you should enter a brief description to remind yourself as to why you have banned that email address or domain. The Date field is a display only field, which shows the date on which you blocked the address. You can remove a block at any time by clicking on its Delete button.

7.3.3

Blocked Credit Card #

This page allows you to manage the list of Credit Card numbers that users cannot use. Any users who try to enter a credit card number matching the list on this page will receive a message indicating the block.

56


XUD v3.x Administrator's Guide

In the first field, you can enter the Credit Card Account Number you wish to block. In the Reason field, you should enter a brief description to remind yourself as to why you have banned that credit card number. The Date field is a display only field, which shows the date on which you blocked the address. You can remove a block at any time by clicking on its Delete button.

7.3.4

Blocked IP Addresses

This page allows you to manage the list of IP addresses that are blocked from registering on the site. Any users whose IP addresses match the list on this page will not be allowed to register for your site.

In the first field, you can enter the IP Address you wish to block. This will look something like 127.0.0.1 In the Reason field, you should enter a brief description to remind yourself as to why you have banned that IP address. The Date field is a display only field, which shows the date on which you blocked the address.

57


XUD v3.x Administrator's Guide

You can also choose to block a range of IP Addresses. The range block feature allows you to block a range of Class A, B, or C IP Addresses. To block a range of IP Addresses, you would put an asterisk (*) in the ending octets for the address range. For example, to block a Class C range, you might use 10.3.4.*. To block a Class B range, you might use 10.3.*.*. To block a Class A range, you might use 10.*.*.*. You can remove a block at any time by clicking on its Delete button. Tip: You need to be very careful if you use the IP Blocking feature. Almost all ISP's use Dynamic IP Addresses for their users. For dialup users this means that a user will almost always be assigned a different IP every time they log on. For cable-modem, DSL and other broadband users, it means that a particular user's IP will probably change from time to time. The likelihood of that depends on the ISP's lease expiration window for dynamically assigned addresses. If you block an IP that is assigned dynamically, that could end up blocking different people who use the same ISP and the original problem user will still be able to connect next time they log on. Also, some ISP's or companies use Proxy servers or other devices that might make multiple users seem to come from a single, or a handful of, IP addresses. If you block these IP's, then all the users from that ISP or company will be blocked. Unless you are sure that a problem user's IP will not change, you should probably periodically remove older blocked IP addresses or ranges.

7.3.5

Reserved Usernames

This page allows you to maintain a list of user names which you do not want users to select during registration. Any users who try to register with a username matching the list on this page will receive a message indicating that the Username is reserved and they will need to enter another username. You can remove a username from this list at any time by clicking on the delete button.

58


XUD v3.x Administrator's Guide

Tip: You may want to add names to this list in order to block users from choosing usernames that make them sound like they are officially associated with your site.

7.3.6

User Profiles

This page lists all the user profiles that have been created on your site. You can view a profile by clicking on the Username. The profile will open in a new window. To delete a profile, you can click on the “Delete” button. A Profile can only be edited by the user who created it.

Tip: If users created profiles and you decide to disable profiles on your site, you can use this page to delete the existing profiles so that the “Profile” button will not show up beside their listings in integrated applications.

7.4

Mailing Lists

Mailing lists can be used as a tool to communicate with your site users and keep them informed of any new or exciting changes to your site. You can use mailing lists to send the same message to multiple users. Note that these lists are announcement lists where a message is sent from the admin to one or more users; these are not the kind of mailing lists in which users can discuss issues amongst themselves. Tip: If you do not want to use mailing lists on your site, set gbMailingListEnable To FALSE in the config file.

59


XUD v3.x Administrator's Guide

7.4.1

List Maintenance

This section is used to define the mailing lists that are used on your site.

The Description field should contain a brief phrase that will allow your users to easily understand the purpose of the list so that they will know whether or not they will want to subscribe to it. For example, if you are running a sports themed site, it is possible that you may want to define a Tennis Scores list that users can subscribe to in order to get scores from tennis matches. You would of course have to take on the responsibility of sending out list messages when the situation warrants it. The benefit of using mailing lists is that they will remind users of your site and therefore generate more traffic to it. The Subscribers column indicates the total number of users who are currently subscribed to the list. The Last Sent column indicates the last date on which you sent a message to the list, if applicable. If the Selected box is checked, then that indicates that this mailing list option is checked by default when a user reaches the mailing list page after registering. To change a Description or the Selected property of a list, just click on the existing Description. The Actions column contains buttons that allow you to perform various functions. The Export button will allow you to export the content of the mailing list to a text file that you can save on your computer. The Del button will allow you to completely remove the list.

60


XUD v3.x Administrator's Guide

Adding Users The Import button will allow you to add a large number of users to an existing list. This might be useful if you have an existing mailing list from a previous site or other application. Clicking on this button will bring you to a screen where you can either type in email addresses or cut and paste Email addresses that you may have from an existing list.

Tip: Be sure that each line includes only one email address. The email address can be quotes delimited, but it is not necessary

List Membership To manage the list of users subscribed to a list, click on the Members button. You will be brought to a screen listing the current users that are subscribed to that particular list.

This page shows the Email Address and Name of each user. It also shows the Date they signed up for the list as well as the IP Address of the computer they used at the time they signed up for the list.

61


XUD v3.x Administrator's Guide

If you want to delete any subscribers, you can click on the Delete button at the end of the row. This will bring you to a screen where you will be able to confirm that you want to delete the subscriber.

7.4.2

Send Message to List

This is the page where you can actually send a message to any of the mailing lists that you have defined.

You will have up to 3 options available to you for the List to which you want to send a message:

All Registered Users- you will always have this option which will allow you to send an Email to all current registered users who are enabled on your site

List- If you have defined mailing lists for your site, you will see a list of those here. (see also List Maintenance)

Group- This will allow you to select from any user group you have defined for your site (see also Groups)

Tip: Selecting a group will send the Email to users you have manually entered into the group, as well as to users who have subscriptions associated with that group. The Sender field is the Email address from which the message will be sent. By default, this will display the Email address that you have defined as in the gsAdminEmail configuration setting. You can change the address that is used. However it should still be something that is a real and local address for your site. Remember that many ISP's filter outgoing messages if the sending email address does not appear to be local to their network. So, if you replace this with a non existent email address, your message may not be sent. The Subject field is used for the subject line that your users will see. The Message field is where you can type in the main body of the message that you are sending. Within your

62


XUD v3.x Administrator's Guide

message, there are certain macros that you can use in order to dynamically generate content that will be unique for each individual user on the list: Table 7-1 Mailing List Message Macros

Macro

Description

%DATETIME%

This will insert the current date and time the message is sent.

%EMAIL%

This will insert the recipient's email address.

%URL%

This will insert the URL for your site.

Tip: All messages sent to a Mailing List include a special message footer, which typically includes information on how to unsubscribe from the list. You can edit the content of the footer by editing the XUDMailingListFooter.txt file- see Email Templates. Messages sent to a Group or to All Registered Users do not include this footer since the unsubscribe instructions do not apply to them. When you have finished composing your message, click on the Send button. You will then have a chance to preview your message and edit it if you are not happy with it.

Once you click on the Send button, you will be brought to a page that displays the status of sending the email messages. The status bar at the bottom of the page will be filled in more and more as more messages are sent. If you have a large number of users on an email list, it may take quite awhile for this process to complete so please be patient and do not hit the stop or refresh buttons on your browser.

63


XUD v3.x Administrator's Guide

7.4.3

Message Management

This pages displays information regarding each time that you have sent a message to a mailing list.

The Sent column displays the date on which you sent a particular message to the list. The # column displays the total number of users to whom the message was sent. The List column displays the name of the mailing list used to send the message. The Subject column displays the subject you entered for the message. There are two buttons in the Action column. The Resend button allows you to view the message and send it again. You will be able to fully edit it before sending again. The Delete button allows you to completely delete a message from the database. Once you delete a message, it will no longer be displayed on the Message Management page and you will have no way to retrieve information regarding it.

64


XUD v3.x Administrator's Guide

7.5

Billing

If you will not be using the billing functionality in XUD or the associated XCENT web server applications, you can skip this section. Like the general user account database, the billing functionality for XCENT web server applications are also based around XUD. XUD automatically keeps a running tab of fees that are owed by each individual user account that are generated by both XUD (i.e. subscriptions) and the various XCENT web server applications that have billing capabilities (i.e. Listing fees in xcAuction, etc.). Any charges, such as auction closing fees, are added to this running total for each user account. Any credits, such as payments or discounts, are subtracted from the user’s account total. The actual process of billing users for the amounts that they owe is managed through the various options listed in this section.

7.5.1

Card and Payment Types

This is where you define the methods of payment that you want to present to your site users. These are the methods of payment that the site will accept. These will be included in the choices the user sees when entering or editing billing details when either registering a new account, or when an end user is managing their existing account.

The User Enabled column indicates whether this card type will be among the options that are displayed to the user. If you need to remove a payment option, then it must be disabled and then end users will need to update their billing information. Once all user accounts have selected other payment types, the disabled type can be permanently deleted. The Card Display Name is the text that the user will see when choosing from amongst the various payment type options.

65


XUD v3.x Administrator's Guide

The Card Code is a code that is used internally by the system to determine how the payment option is handled. The possible values for this field are: Table 7-2 Valid Card Codes

Code

Used For

AMEX

American Express

DISC

Discover

MC

Mastercard

VISA

Visa cards

MOD10

All other MOD10 credit cards

PAYPAL

PayPal

NOCHEX

NOCHEX

EMAIL

Email Invoices

ECHECK

Electronic Check

To edit an existing card type option, click on the Card Display Name or Card Code for it. The Card Code setting controls various associated options in the system automatically. For example, all the credit card codes (AMEX, DISC, MC, VISA, MOD10), will require the end user to supply the credit card billing information (mailing address). Other types do not require the address fields (like PAYPAL). The Card Codes you use are also dependant on the interfaces you use for actually collecting payments from end users. When defining payment options, you are not only defining the options you want XUD to make available to the end user for accepting payment. You are also collecting information on how you will be processing those payments. In order to actually process a payment, you must have a method in place to collect the payment. This means for credit card, you need a merchant account or account with a support Online Processing gateway.

7.5.1.1 Credit Card Integration When defining payment options, if you want to accept payments by credit card, you will need to do a few things. 1.

Setup a merchant account, or an account with a supported Online Processing gateway.

2.

Setup the option types for the various cards that you want to support. Your merchant account or Online Processing gateway account must be able to accept that card type.

3.

If using an Online Processing gateway, install the corresponding Online Gateway module. See the section titled Online Processing Modules when you have your merchant account and are ready to start processing payment transactions.

66


XUD v3.x Administrator's Guide

7.5.1.2 PayPal Integration PayPal can also be offered as a billing type to users. This feature requires a PayPal account to accept payments from users. Regardless of how the end users are funding their payment to you, the XUD system only needs to know you want to accept payments via PayPal. If you will accept credit card payments through PayPal, you do not need to configure credit card payment options in addition to the PayPal type. The PayPal payment option operates similarly to the EMAIL type. The links to PayPal are automatically created in the user interface when you define this payment type. To configure the PayPal functionality, the “PAYPAL” Card Code must be selected and the email address used to log into your PayPal account must be entered into the Login field. Since PayPal can default to a currency that is different from the default currency you are using on your site, you may need to also fill in the Currency Code field. By entering the appropriate currency code in this field, XUD will tell PayPal that payments need to be transacted in the specified currency (overriding PayPal's default behavior). Enter one of the codes listed in the table below to select the currency for PayPal. Table 7-3 Valid PayPal Currency Codes

Code

Currency Type

USD

US Currency

GBP

Pounds Sterling Currency

EUR

Euro Currency

YEN

Yen Currency

Important: If XUD is configured for particular currency type, PayPal must be configured to for that same currency. You cannot run your site in Euros and have PayPal collect the payments in US Dollars. PayPal does not convert currency, you must tell it what currency your transactions are in.

PayPal IPN XUD supports the PayPal IPN feature. This allows PayPal to send information regarding payments initiated by XUD back to the XUD system where the system will then automatically apply the appropriate credit to the user’s account. This feature takes some of the added administrator maintenance away from processing payments received via PayPal. When a user has successfully placed a payment through XUD to PayPal, they will receive a receipt for their payment from the system. XUD will also generate a receipt of the transaction and send it to the administrator for his or her records. To use the PayPal IPN feature, the administrator must have a verified PayPal account. This is a PayPal requirement. This is the only way a PayPal allows an IPN transaction to occur. See the PayPal site for more information for obtaining a validated PayPal account at www.paypal.com. The XUD needs to communicate with PayPal via HTTP. ASP pages require a component to properly form HTTP requests. In the XUDConfig.asp file there is a setting that controls what HTTP component the XUD will use. The setting giHTTPComponent controls what HTTP

67


XUD v3.x Administrator's Guide

component will be used with the PayPal IPN. Most servers usually have a default HTTP component already installed on them. For a list of the supported HTTP components and their corresponding values, see the giHTTPComponent listing in Table 11-1 Configuration Options: Misc Settings. This setting must be given a value in order for PayPal IPN to work correctly. If left at the default 0 PayPal will still process the payment, but the XUD will not be notified and the database will not be automatically updated. Important: If your PayPal account is configured to send IPN notifications to XUD, then PayPal will try to send all the payments that PayPal receives for your account, even those that were not initiated by XUD. If XUD receives a notification from PayPal via IPN of a payment that it did not initiate, it will notify the administrator with an email notification. So, you can use a single account with PayPal for both handling of your payments for fees in the XUD system, as well as have users send funds directly to your PayPal account.

7.5.1.3 NOCHEX integration XUD supports NOCHEX payments for user accounts. NOCHEX is similar to PayPal in that the end user and the administrator must have NOCHEX accounts in order to exchange money. To configure XUD to accept NOCHEX payments, the administrator needs to add a new Card Type to the list. Select the NOCHEX option from the Card Code drop down box and enter a description to be displayed to the user. The administrator also needs to enter the email address used to log into NOCHEX in the Login field. Once this basic information is supplied click the Save button to record the changes. NOCHEX APC XUD supports the NOCHEX APC interface. This interface allows NOCHEX to send payment information to the XUD system so it can record the payments automatically for users who have made successful payments on their accounts through the configured NOCHEX account. Configuration of the NOCHEX APC functionality is not handled in the XUD payment types. The administrator will need to apply for the APC functionality with NOCHEX in order to have that added to his or her account. Once this is done, the NOCHEX account will need to be configured to send APC transactions to XUD. This means that the location of XUD will need to be configured in the NOCHEX account configuration. To configure the NOCHEX APC the administrator will need to do the following:

Login to the NOCHEX account Select the “Edit Automatic Payment Confirmation Details” menu option Enter the location of the XUD NOCHEX APC script (http://www.your-siteurl.com/membership/XUDNochexAPC.asp replace www.your-site-url.com with the domain where XUD is located). Click the “Save Changes” button to record your changes.

The XUD needs to communicate with NOCHEX via HTTP. ASP pages require a component to properly form HTTP requests. In the XUDConfig.asp file there is a setting that controls what HTTP component the XUD will use. The setting giHTTPComponent controls what HTTP component will be used with the NOCHEX APC. Most servers usually have a default HTTP component already installed on them. For a list of the supported HTTP components 68


XUD v3.x Administrator's Guide

and their corresponding values, see the giHTTPComponent listing in Table 11-1 Configuration Options: Misc Settings. This setting must be given a value in order for NOCHEX APC to work correctly. If left at the default 0 NOCHEX will still process the payment, but the XUD will not be notified and the database will not be automatically updated.

7.5.2

Period Summary

The Period Summary shows a summary of charges that you have billed to user accounts during a specified period. It can be used as a quick way to track the gross revenue that is being generated by your site.

The Choose Billing Date option at the top of the page allows you to specify the period that is being displayed. By default, the page will display the summary for the current month and year. The bottom of the page displays the summary for the period selected. The summary is broken down into 4 parts:

Site Charges- these are any charges that have been billed to end user accounts through the site Site Credits and Discounts- this includes any discounts that you have defined as well as any credit that you have defined for newly registered users Payments Received- this includes any manual or automatic payments that have been received Manual Adjustments- this includes any manual adjustments made through the admin area.

This Period includes the total amount for the month that is selected. The No. Transactions column displays a total of the number of times that type of transaction has occurred during the month. The Outstanding Periods column displays the total amount that they have accumulated in months prior to the month selected. The No. Transactions column at the end of the row displays the total number of applicable transactions that have occurred in months prior to the month selected.

7.5.3

Rollup Transaction History

Use this function to rollup your user transaction history. The user transaction history keeps a record of all of the billable activity that each user has performed on your site. If your site has a significant amount of user activity, this can become quite a bit of data. Once this data has 69


XUD v3.x Administrator's Guide

reached a certain age, its relevance to the end user starts to decline rapidly. Most sites find it more than adequate to only keep the transactions for up to 90 or 180 days. If you want to keep your database requirements more manageable, you may want to rollup the user transaction history. Rolling up transaction history will simply replace all the individual activity records over a certain age with a single transaction carrying the user's balance or credit forward. When you specify a cutoff date, all transactions that occur previous to that date will be rolled up. The individual transaction history previous to the rollup date will no longer be available to the end users. Critical: Once the user transaction history is rolled up, it cannot be recovered, so make absolutely sure that you want to perform this operation. The first screen on this page will allow you to specify the cut off date that you want to use for rolling up transactions.

Once you have entered the date, you will see a screen asking you to confirm that you want to roll up the transactions and the number of transaction records that will be affected.

70


XUD v3.x Administrator's Guide

Once you click on the Run button, you will be brought to a page that displays the status of the transaction rollup process. The status bar at the bottom of the page will be filled in more and more as more transactions are rolled up. If you have a large number of transactions that are being rolled up, it may take quite awhile for this process to complete so please be patient and do not hit the stop or refresh buttons on your browser.

7.5.4

Export Billing Data

This function is used if you are exporting your billing data from XUD in order to process it in an external credit card processing application or other external billing system or service. If you will be interfacing your XUD installation to a gateway service via an Online Processing module, you will not need to use this feature. Tip: This function will not export data for any users who have selected any of the payment options of the following types: EMAIL, PAYPAL, NOCHEX. To bill these users, see the section entitled Email Invoices. This function is also not necessary if you are using an integrated online processing module- if that is the case, see Process Billing Online to run your billing. The first screen on this page will allow you to pick the period for which you would like to export data. Normally you would always just leave the period set to the default in order to export the current billing data. You can pick previous periods if you need to examine data in an earlier period.

Once you have selected a period, the application will create an export file containing data for all user accounts with an outstanding balance due. Most browsers will automatically prompt you for saving the export file to your local PC. If you have a significant amount of billing data and are downloading it over a slow network connection, please be patient while the data file downloads. You must let this run to completion.

71


XUD v3.x Administrator's Guide

The exported information will contain one line for each user. By default, this information will include the current period, the credit card account number, the credit card expiration date, the total balance, the account postal code, the account street address and the account holder name.

Tip: To customize the formatting of the data that is displayed so that it will work with the software that you are using, you can edit the XUDAdmBillingExp.TXT file. When you receive or process payments manually from users via an external system, you will need to apply the payments to their accounts. To do that, see the section entitled Enter Manual Payments .

72


XUD v3.x Administrator's Guide

7.5.5

Email Invoices

This option is used to send a request for payment to end users by email. This is used if you offer any of the following payment options: EMAIL, PAYPAL, NOCHEX. When you run this process, the users that have selected one of those payment options will be sent an email notice with their current balance due information. By default, they will be prompt to come to the site to make payment or remit payment to your address. You will want to edit the XUDEmailInvoices.txt email template to update the description for remitting payments that you will be sending to end users. Tip: You do not need to use this function if you are only offering credit cards via a merchant services account or Online Processing gateway, as payment options for your site. The first screen on this page will allow you to pick the period for which you would like to send invoices. Once you have selected a period and you have clicked on the Run button, you will be brought to a page that displays the status of the process. The status bar at the bottom of the page will be filled in more and more as more invoices are sent. If you have a large number of users to whom invoices need to be sent, it may take quite awhile for this process to complete so please be patient and do not hit the stop or refresh buttons on your browser.

Tip: To customize the text sent, you can edit the XUDEmailInvoices.txt file. When you receive payments from users who manually remitting payments requested via the Email Invoices option, you will need to apply the payment to their account in order to reflect the amount they have paid. To do this, see the section entitled Enter Manual Payments .

73


XUD v3.x Administrator's Guide

7.5.6

Process Billing Online

XUD supports several modules that allow you to interface your billing process to an Online Payment gateway. This allows you collect and apply payments directly from end user credit cards with a simple press of a button. When you are running the Process Billing feature, XUD will attempt to charge all user accounts with an outstanding balance. If the charge is successful, the user’s account will be automatically credited for that amount. If not, the user will receive an email message stating that the charge did not go through. Charges may not go through for various reasons. Most often this is due to an end user's card expiring and simply requires them to update their billing data with their new card information. For the Process Billing Online feature to work, XUD needs to be interfaced to a supported Online Processing gateway. A gateway is an online system that allows your site to submit payment requests and receive approval or not of the request at that moment. Most gateways provide a variety of services and online management tools. XUD interfaces to the gateway to request and process the payments. XUD does not directly allow you to manage your gateway account. You must still do that through whatever tools your chosen gateway provides. You can always find a list of supported Online Processing gateways and corresponding modules in our FAQ database article located at http://www.xcent.com/FAQ/XcIBViewItem.asp?id=338 At the time of this publication, XUD supports online processing modules for the following vendors:

AuthorizeNet Bank of America eStores (discontinued) Bank of America CyberSource Cybersource DirectOne Echo (OpenEcho) eProcessingNetwork IonGate iTransact Linkpoint SecPay Verisign PayFlowPro

For information on configuring your site to use an online processing module, see the section below titled Online Processing Modules

74


XUD v3.x Administrator's Guide

7.5.7

Enter Manual Payments

This is where you would go if/when you want to manually apply a payment received to a user’s account in order to indicate that they have paid you. This step is necessary if you are not using an integrated online processing module and are accepting payments remitted manually. This would be true if you want to accept any manual checks by mail, PayPal without the IPN feature, Nochex without the APC feature, or are exporting billing data to an external credit card processing system and receiving payment approvals manually.

The top of the screen gives you the option to Search for a particular user account in order to find it quickly. You can search on any of the following: Username, Account Holder Name, Street Address used for billing, or Full Name. Just type in any partial information you know. For example, if you type in JACKSON, then it will show you any accounts with an outstanding balance where the end user account has "jackson" anywhere in the Username, Full Name or Account Holder fields. Only accounts that have a balance due will show up here or in these search results. If you do not enter any search criteria, the page will display information on all users that have an outstanding balance due. Tip: If any users are not displayed through the Enter Payments functionality, this means that they are paid in full and do not owe any money, or they may have credit available on their account towards future payments.

75


XUD v3.x Administrator's Guide

The box at the bottom of the screen is where you record the payments and it also displays some useful information. If you click on the User Name, you will be able to see a detailed record of the user’s account activity (see User Account Activity). You will also see their Account Type and Account Number (or email address if they are not using a credit card). Clicking on any credit card number will open a pop up window that displays more of the user’s billing details. The Amount Due shows the current balance of the user’s charges. The Amount Paid column is where you should enter the amount which you have received from the user you are applying to payment to. Do not use currency symbols, just enter the number. The Reference column allows you to add extra information to describe the transaction. This can be a credit card approval number, a check number, or any other information that you would find helpful to identify the transaction. Once you hit the Apply Credits button, the amount that you have entered for each user will be credited towards the balance owed by that user.

7.5.8

User Account Activity

This section is where you would go in order to see detailed information about a user’s transactions, or if you want to manually issue a debit or credit on their account. The first screen on this page allows you to search for a user by either User Name or Email Address.

76


XUD v3.x Administrator's Guide

Once you have navigated to the user activity for a specific user, the page will be divided into three sections.

General User Info This section displays the same quick information about a user that is displayed on other user maintenance pages, including their Current Balance, which is the amount they owe to date. Tip: If a user’s balance is zero or below, that means that they do not have any outstanding charges.

Insert an Adjustment Transaction This section is where you can manually enter a single transaction for a user. You will probably not need to use this section very often. However, there might be a case where you want to issue a credit to a user for a particular reason. Regardless of which XCENT web server applications that you are using, there can be a variety of situations in which you may manually want to charge or credit a user account. If you want to exactly credit a particular transaction, it would be best to use the Offset transaction feature mentioned in the next section. To insert a transaction, the first thing you need to do is to enter an Amount. This should always be a positive numeric value. Then you need to choose whether this transaction will be a Debit or a Credit. You should choose the Debit option if you want to charge the user. Choose the Credit option if you want to refund the specified amount. The Reference field allows you to add some extra information to describe the transaction. This can be a credit card approval number, a check number, or any other information that you would find helpful to identify the transaction. The Description field allows you to specify the text that the user will see when viewing their bill. Use this to enter something that will help the user to understand why you have manually

77


XUD v3.x Administrator's Guide

inserted the transaction. Clicking on the Save button will insert this transaction into the user’s account activity. Account Activity This section displays details about each transaction that is related to the user’s account. The most recent transactions are listed first. The System column lets you know where the transaction occurred. This will either be the code for an XUD integrated application or it will be the abbreviation “SYS” which stands for a system transaction. For example, if the transaction originated from xcAuction, this would display "AUC"; if it originated from xcClassified, it would display "CAD". The next column displays Transaction Code and Transaction Type. There are several possible transaction types:

D stands for any debit transaction that occurred within the system. This typically includes any fees charged by the site C stands for any credit transaction that has occurred within the system. This typically includes discounts or new registration credits P stands for any payments made by the user. This includes manual payment processing as well as automated processing. A stands for any adjustments made by the admin; this includes any of the transactions inserted through the “Insert an Adjustment Transaction” section on this page. R stands for a rollup transaction. This would be displayed when the transaction history previous to the date shown in the record has been removed from the system database.

The transaction code displays a little more detail about the specific nature of the transaction. If the transaction is associated with a specific item within another system, for example posting an auction or ad, a number will be displayed in the ID column. You can click on this number to view the item that incurred the charge. In these cases, the Description field will display the title of the auction or ad. Otherwise, it will display a short description of the transaction. The Date Inserted displays the date of the transaction. The Reference field will display reference information, if applicable. The Feature Details column is usually used for charges that occur through integrated applications and it will include codes that represent details associated with a transaction. For example, if a user has selected some options that incur a additional charge, then codes for these options will be listed here. If you want to zero out any transaction for a user, then you can click on the Offset button at the end of the row. This will place an exact offsetting adjustment transaction. Once an offset transaction has been applied, the option will no longer be present for the transaction this was applied to. Perhaps an auctioneer has complained that the winning bidder for their auction has not followed through on payment, and you want to issue a credit for the closing fees that had been charged to the auctioneer as an act of good will. This is a good way to apply that to that specific transaction, as it prevents you from accidentally applying it more than once.

7.5.9

Manage CVT Payments

This section allows control over the CVT (Cash Value Transfer i.e. PayPal and NOCHEX) payments submitted through the Point of Sale Billing systems in the various applications. From here, a transaction can be approved or deleted and the appropriate application notified of the status. There are several pieces of information presented to the administrator on this

78


XUD v3.x Administrator's Guide

page including the User who posted the transaction, the Description of the transaction that includes the amount along with the System or application that the transaction originated from and the Date/Time the transaction was created. These pieces of information can assist in confirming a completed transaction based on email confirmations received from PayPal or NOCHEX. If the PayPal or NOCHEX account registered in the Card and Payment Types page utilize the PayPal IPN or NOCHEX APC features, the Manage CVT Payments page will simply be a holding section for transactions that will automatically be verified through the corresponding IPN or APC systems. Note: Currently, the Point of Sale Billing systems in the applications only support PayPal for non gateway transactions and thus only PayPal transactions will be displayed on this page.

Post CVT Transaction By clicking on the "Post" button next to a transaction, you will force the system to approve the CVT Transaction and notify the corresponding application submit the item it has been holding awaiting approval. Once the "Post" button is clicked the XUD will notify the corresponding application and that corresponding application will complete the process that was paused while awaiting verification of the CVT payment. This process is handled automatically if you have the PayPal IPN or NOCHEX APC systems configured. Delete CVT Transaction By clicking the "Del" button next to a transaction, you will force the XUD to delete the stored information for that particular transaction as well as notifying the corresponding application to release any stored information for that particular transaction.

79


XUD v3.x Administrator's Guide

Important: Once a transaction is deleted, it cannot be recovered. Both the transaction information will be removed as well as the stored information in the corresponding application.

7.6

Config & Templates

The Config & Templates menu option in the administrator interface is where you can manage the various configuration and template files used throughout the XUD membership system. This allows you to edit these files online, right from within the administrator interface. When editing a particular file, you will have plain text editor that allows you to make changes to the file you are editing. If you want to save any changes you make to the file, just click the Save button at the bottom of the edit window. If you wish to abort any changes, click the Cancel button at the bottom of the edit window to be returned to the list of configuration and template files.

7.6.1

Email Templates

This page allows you to customize email template files that are used throughout the XUD application. When editing email templates, there are a couple of points to realize. All email templates except for the footer template, will have the email Subject for the first line of the template. So, the first line of the template will appear to the end-user as the subject of the email message when they receive it. Most of the email templates contain embedded macros. Macros will appear as the macro name surrounded by percentage (%) characters. For example, %EMAIL% might be a macro that denotes the end user's email address. The macros will be replaced by the corresponding value when the message is sent to the end user. The macros are not universal to all messages. The email footer template is called XUDEmailFooter.txt. The footer is text that is appended to all outgoing email messages sent by the XUD user membership system. This is a good place to put any site wide disclaimers or information you might want to include. A complete explanation of where the other email templates are used is included in the online editor.

80


XUD v3.x Administrator's Guide

Tip: Only the macros included in the default templates are valid for that template. The only macro that is global to all email templates is %DATETIME%, which is the date and time that the message was sent.

7.6.2

System Templates

This page allows you to edit important system templates online. These files include:

XUDConfig.asp- the system configuration file for XUD.

XUDdb.asp- the file that controls database related settings for XUD.

XUDDirtyWords.txt- the file that defines a list of dirty words or phrases that you do not want to allow within messages.

XUDAdmBillingExp.txt- the file that you can edit to customize the formatting of the file used to export billing information (see also Export Billing Data)

7.6.3

HTML Templates

This page allows you to customize HTML template files that are used to display longer text throughout the XUD application. 81


XUD v3.x Administrator's Guide

7.6.4

Help Templates

This page allows you to customize the text used for the popup Help windows that are used throughout the XUD application.

7.6.5

Change Admin Password

This page allows you to change the admin login name and password. Tip: The same admin login name and password is used for all XCENT web server applications that are integrated with the XUD user membership system. To change your password, you will need to enter the current admin login information, as well as the new login information.

82


XUD v3.x Administrator's Guide

7.7 7.7.1

Tools Send Single Email

This page allows you to verify that your XUS system email configuration settings are correct. If the email messages that you send through this page do not reach their intended destination and you are sure that your email server is functioning properly, then you probably need to update your email related configuration settings.

7.7.2

Edit DB Params

This page contains some important information that is used within XUD. You should not normally need to edit or delete any of these values except for the items listed below. ƒ

NEWREGCREDIT- this should be set to a number indicating the amount of credit you wish to issue for users when they register. For example, if you want all of your site users to receive a $10.00 credit towards your fees when they register, you can set this to 10. You may need to add this setting if it is not already there. If you do not want to issue credits, it is ok to delete this setting. You can always add it later if you change your mind.

ƒ

TOTALNOUSERS- this is the total number of users that are registered on your site. You should not delete this setting.

This is also the page where you will need to add your configuration settings if you are using an online processing module to process your billing. If you will need to configure an online processing module, see the document Online Processing Modules.

83


XUD v3.x Administrator's Guide

7.7.3

Read/Write Test

This page is a tool that tests the permissions on your web server, as discussed in the earlier section on File Permissions and Read/Write test.

7.7.4

Run Diagnostics

This is the diagnostic script, which can tell you what components are installed on your system. It is also a helpful diagnostic tool if you ever need to contact XCENT support.

84


XUD v3.x Administrator's Guide

7.8 7.8.1

Reports New Registrations

This page allows you to see a list of new registrations broken down by date. You can specify the number of days that you want to go back in checking for new registrations.

7.8.2

Recent Logins

This page allows you to specify the number of the most recent user logins that you want displayed. Note that each user’s information will only include the most recent time that user has logged in; so if a single user has logged in more than once during the period displayed, only the most recent login time will be displayed.

7.8.3

User Account Balances

This page allows you to generate a report in one of three possible ways:

7.8.4

Enter a threshold number and see all users who owe more money than the amount you’ve entered View all users whose accounts are exactly even- that is, they do now owe any charges and the site does not owe them any credits. (note that this will not display any users who have never owed any money to the site) View all users whose accounts are below zero; this will include users who have received a new registration credit or users to whom you have manually added an adjustment which is greater than their current balance due.

Verified Users

This page will list all users that have been verified through the admin area. (See User Info) You can click on the following column headings to change the order in which the list is sorted: User Name, Full Name, Verified On, and Verification Expires.

7.8.5

Subscriptions

This page allows you to select a subscription and then see a list of users who have that subscription. You can see some general information about the user, as well as the subscription details for each user.

85


XUD v3.x Administrator's Guide

7.9 7.9.1

Help Check Version

This page displays important system information. This is where you can check to be sure the most current version of XUD installed.

7.9.2

FAQ

This menu option links to XCENT’s online FAQ database. If you are having a problem with your installation of XUD or if you have a question about a certain feature, this is the best place to check first. This page lists common problems and questions, so you can have immediate access to the most helpful information 24 hours a day.

86


XUD v3.x Administrator's Guide

8 Security 8.1

SSL

Secure Sockets Layer, or SSL, is used on web sites when an end user may be transmitting sensitive information. When using SSL, the web server and the user's browser will encrypt the communications occurring between them so that other users that might be able to intercept the network traffic will not be able to read the information the end user is trying to send to your web site. If you will be collecting and using billing information on your site, then you should be using SSL to protect your site visitors. SSL is enabled for a site by the installation of a Security Certificate on the web server. A Security Certificate is specific to your internet domain name. To get a Security Certificate, your ISP or web host must generate a Certificate Request for your site. The Certificate Request must then be forwarded to a Certificate Authority, which will then approve the Certificate Request. Once the Certificate Authority does this, they will digitally sign the request and send this back to you as your Security Certificate. Once you receive this, your ISP will need to install the Security Certificate on your site. Most ISP's do not provide a method for you to do this yourself, so you need their assistance in obtaining your SSL Security Certificate. We highly recommend the use of a dedicated SSL certificate for your own domain. The use of shared certificates may cause other undesirable effects that can interfere with the smooth operation of your site by displaying warnings and alerts to end users as well as other limitations. If you are running your own web server equipment, and need to do these steps yourself to get a Security Certificate, you can usually find a tutorial online for how to do this for your specific web server. Once you get your Security Certificate, you simply install it on your site to allow the site as a whole to process HTTPS requests. You should not bind the certificate specifically to the folder(s) the application is installed in. If you want to find a suitable Certificate Authority (CA), doing a search online for the phrase "Certificate Authority" will turn up quite a number of resources. For the purposes of SSL in encrypting your site's traffic, one vendor's certificate is no better or worse than another vendor's certificate of the same key length.

8.2

Securing the Web Server

If you are managing your own web server, you should be aware of ongoing security issues related to operating a publicly accessible server. There are many great resources available online that provides up to date information on a variety of issues for all kinds of servers and server applications. Please see FAQ Article #327 for a list of some current resources.

8.3

FileSystem Permissions

When a user requests a page from your web site, the user's browser submits a request to the web server for a specific page. The web server reads this page and then sends it to the user. In web server applications, the page is actually a program that runs on the web server, and this program generates the page and sends it to the user's browser. During this process the web server acts on behalf of the end user to process these requests. For most web server configurations, this is done using a specific system account on the server itself. This is known 87


XUD v3.x Administrator's Guide

as the Anonymous User Account. The Anonymous User Account is used by the web server to access all the public content a visitor can see on your site. This is true for the application's user interface as well as for its administrative interface. Web server applications need to be able to do perform much more than a static web site built only using plain HTML files. A web server application needs to be able to read and write information in order to create an interactive application. To do this, the web server's anonymous user account must be able to read and write to files and databases on the web server. This is normal and typical for all web server applications. To do this, the web server usually uses an account on the server called IUSR_MachineName, where the "MachineName" part is actually the network name of the server (the NetBios name). This account must have read, write and modify access to certain folders within the application. So, if a user posts a new item on the site, the web server can write to the database or update other dependent files on the site. In the administrator interface, when you edit configuration files or templates, the web server must be able to write those files in order to save your changes. Important Note: FileSystem Permissions are not the same as the Site Permissions. FileSystem Permissions control what is allowed "inside" the HTTP request. By having write permissions in the FileSystem, you are not enabling any users to anonymously upload files to your site. That is controlled using the Site Permissions which are accessed via the IIS Management Tool. The FileSystem Permissions are normally managed using the Security tab of the properties page of a drive or folder in Windows Explorer or in the Computer Management tool under Disk Management.

8.4

Test Scripts

There are a number of test scripts included with the application that are normally used for setting up the application. These are used to help diagnose any issues you may encounter while trying to configure the application for your site. Once you have successfully setup the site, we recommend deleting the test scripts from your site in order to make sure they are not used by others for malicious purposes. Any ASP files starting with the name "XcTest" should be removed from all the application folders (XcTest*.ASP). These will normally only be located in the root of the application folders (the Auction folder for xcAuction, the Forum folder for xcForum, the Membership folder for XUD, etc.).

88


XUD v3.x Administrator's Guide

9 Online Processing Modules The Online Processing Module is an optional add-in module for use with XCENT web server applications that interface with the XUD user management system. The online processing module will allow XCENT applications to perform billing processes online, directly from the web server via an online processing gateway. This module will permit applications to perform billing functions online, instead of the default offline batch processing procedure that normally requires several manual steps on the part of the system administrator. This provides you with the one of the most powerful, secure and easy to use ways of performing billing features for your site. The role of the Online Processing Module is to create the communications link between your web server and the Merchant Gateway Provider. Merchant Gateways are provided by a wide variety of vendors. The following document details the requirements and information about the various supported gateways.

89


XUD v3.x Administrator's Guide

9.1

How and Why the Online Processing Module Is Used

The Online Processing Module is used to coordinate the communications of billing transactions between your web server and your merchant processor’s online gateway. Your merchant processor is the organization that accepts a transaction request from you, and informs you if the transaction was approved or declined. The connectivity diagram below shows how this is communicated between the various servers. Activity on your site will initiate some process that will bill a user for some transaction. The browser window in the diagram below represents how this occurs. The web server then initiates a connection from the web server, directly to your selected gateway using a secure communications method (usually SSL). The gateway then contacts the cardholder's bank for authorization to perform the requested transaction. Once the bank approves or denies the transaction, the information is reported all the way back to the web server, which then processes the information directly. All this happens within a second or two "behind the scenes" and does not redirect the user's browser from site to site. This makes this process very secure and reliable for your site's end users.

How An Individual Transaction Request Is Processed

90


XUD v3.x Administrator's Guide

9.2

Requirements

Since the Online Processing Module is an add-in module, it requires another XCENT application in order to provide any level of functionality. It will work with current versions of xcAuction Pro Edition, xcClassified Pro Edition, xcDirectory Pro Edition and the XUD user management system. See the chart below for application versions that are required for use with the online processing modules. All of these modules will require some method to allow your web server to communicate directly with the merchant gateway. Most modules will simply require any one of the supported HTTP Components to be configured within the application and will use that to communicate with the gateway service, while some Online Processing Modules (Verisign) will require the use of a vendor supplied component or other installable software to do this. All of the respective gateways, vendor supplied software and services are provided by that respective vendor. These are provided by that respective organization and are not connected to nor endorsed by XCENT. You must have a valid account with the respective vendor in order to use their gateway service. Most gateway services charge a variety of fees, so be sure to research which gateways will best meet your needs.

Application

Minimum Version Required for OP Support

xcAuction

Version 2.5 and later

xcClassified

Version 2.0.2 and later

xcDirectory

Version 2.0.0 and later

XUD

Version 1.0.2 and later

9.2.1

AuthorizeNet

The online processing module for AuthorizeNet communicates with the merchant gateway using any of the supported HTTP components that are installed and configured in the application in order to communicate with the gateway. For the most up to date information on the AuthorizeNet module, see the FAQ article below: http://www.xcent.com/FAQ/XcIBViewItem.asp?ID=350

9.2.2

Bank of America CyberSource

This online processing module for Bank of America works using the CyberSource gateway. It requires that the CyberSource client be installed on the web server. The CyberSource client includes several components that are used in transaction processing. Note: Bank of America has discontinued their eStores service. For the most up to date information on the Bank of America module, see the FAQ article below: http://www.xcent.com/FAQ/XcIBViewItem.asp?ID=352

91


XUD v3.x Administrator's Guide

9.2.3

DirectOne

The online processing module for DirectOne provides the interface between the application and the DirectOne gateway. This module uses any of the supported HTTP Components that are installed and configured in the application in order to communicate with the gateway. For the most up to date information on the DirectOne module, see the FAQ article below: http://www.xcent.com/FAQ/XcIBViewItem.asp?ID=359

9.2.4

ECHOCom

This online processing module uses a vendor specific component provided by ECHO. This component is known as the ECHOCom component. This is available freely from ECHO and must be installed on the web server. This component can be detected with the XcDiag.ASP diagnostic script (versions 3.2.0 and later). Current versions of the XcDiag diagnostic script can be downloaded directly from the XCENT web site. If this component is not already installed, see the FAQ database article at the URL below for current information on where to download the component from. http://www.xcent.com/FAQ/XcIBViewItem.asp?ID=388 Note: ECHOCom requires WinHTTP 5.1 be installed on the server. WinHTTP 5.1 is or will be included in the following Windows operating system updates: Windows 2000 Service Pack (SP) 3 (for all versions except Datacenter Server) Windows XP SP1 (and Windows XP Embedded SP1) Windows Server 2003

9.2.5

eProcessingNetwork

The online processing module for eProcessingNetwork communicates with the merchant gateway using any of the supported HTTP components that are installed and configured in the application in order to communicate with the gateway. For the most up to date information on the eProcessingNetwork module, see the FAQ article below: http://www.xcent.com/faq/XcIBViewItem.asp?ID=367

9.2.6

IonGate

The online processing module for IonGate provides the interface between the application and the IonGate gateway. This module uses any of the supported HTTP Components that are installed and configured in the application in order to communicate with the gateway. For the most up to date information on the IonGate module, see the FAQ article below: http://www.xcent.com/FAQ/XcIBViewItem.asp?ID=351

92


XUD v3.x Administrator's Guide

9.2.7

iTransact

The online processing module for iTransact provides the interface between the application and the iTransact gateway. This module must use the MicrosoftXMLHTTP component in order to communicate with the iTransact gateway. This must be your configured HTTP component in the application. Your iTransact account must be configured to: 1)

Accept XML transaction processing. You must contact your iTransact account representative to enable this.

2)

Accept transactions from your web server. Under the Fraud Control section in your iTransact account configuration settings, select IP FILTER and add your web server’s default WAN IP address to this setting. Your web host or ISP will be able to provide you with the correct IP address, as this may differ from your web site’s IP address.

9.2.8

LinkPointCOM

This online processing module for LinkPoint utilizes a vendor specific component provided by the vendor. This component is known as the LinkPoint COM API. This is freely available from the vendor and must be installed on the web server. This component can be detected with the XcDiag.ASP diagnostic script (versions 3.X.X and later). Current versions of the XcDiag diagnostic script can be downloaded directly from the XCENT web site. If this component is not already installed, see the FAQ database article at the URL listed below for the most current information on where to download the component from. Note that this is the same component and used for YourPay and the setup and installation for both gateways is the same. http://www.xcent.com/FAQ/XcIBViewItem.asp?ID=372

9.2.9

SecPay

The online processing module for SecPay provides the interface between the application and the SecPay gateway. This module uses any of the supported HTTP Components that are installed and configured in the application in order to communicate with the gateway. For the most up to date information on the SecPay module, see the FAQ article below. http://www.xcent.com/FAQ/XcIBViewItem.asp?ID=374

9.2.10 Verisign PayProFlow This online processing module uses a vendor specific component provided by Verisign. This component is known as the PayFlowPro component. This is available freely from Verisign and must be installed on the web server. This component can be detected with the XcDiag.ASP diagnostic script (versions 3.0.2 and later). Current versions of the XcDiag diagnostic script can be downloaded directly from the XCENT web site. If this component is not already installed, see the FAQ database article at the URL below for current information on where to download the component from. http://www.xcent.com/FAQ/XcIBViewItem.asp?ID=346

93


XUD v3.x Administrator's Guide

9.2.11 YourPay To use the YourPay service, see the information on the LinkPontCOM module. YourPay utilizes the same module for their service as LinkPoint. See section 9.2.7. http://www.xcent.com/FAQ/XcIBViewItem.asp?ID=373

9.3

Installation and Configuration of the Online Processing Module

If the web server you are running your site on does not have the proper component installed to allow communication between the web server and the merchant gateway, one will need to be installed. The requirements section listed any components that would be required for the specific merchant gateway. If your web site is hosted on an ISP’s shared server and the required component(s) are not already installed, you will need to contact your ISP to have them installed. Installation of components or other server-side executable code cannot be done remotely on a machine that you do not have complete administrator access to. You can use the XCENT XcDiag.ASP application to verify what components are installed. Most ISP’s will install these components if they do not already have them. To actually install a third-party component on your own web server, be sure to completely follow the installation instructions that the vendor provides. The vendor will usually provide a way for you to test the successful installation of their components. Be sure to test the operation of any vendor-supplied components before continuing with installing the Online Processing Module.

9.3.1

Supported HTTP Components

Most of the Online Processing Modules will use the HTTP Component that is configured in the application in order to communicate with your merchant processor’s gateway. For current information on the supported HTTP Components, see the FAQ article at http://www.xcent.com/faq/XcIBViewItem.asp?id=353.

9.3.2

Vendor Specific Components And Software

Some Online Processing Modules will require the use of installable components or software that must be installed on the web server. Modules that rely upon a vendor specific component or software application are listed in the Requirements section and the associated FAQ article in the online FAQ database contains the most up to date information on how to acquire and install or use the component. These vendor specific components and software will need to be installed first, before you can install and use the associate online processing module. For example, the Verisign PayProFlow gateway requires a component provided by Verisign to be installed on the web server before the online processing module can be installed and setup. This component is provided for free from Verisign for their customers. Most ISP's will either already have the Verisign component installed and available for you to use, or will install it at your request.

94


XUD v3.x Administrator's Guide

9.3.3

Install An Online Processing Module

The various Online Processing modules are provided in the Online Processing folder included with the application (or with XUD). Within the Online Processing folder are individual folders for each of the supported merchant gateways. Each of these folders contains a version of the file named XcOPLib.ASP. This file is the installable Online Processing Module, which will allow the XCENT applications to perform the online billing functions. To install the desired Online Processing Module on your web site, you just need to copy the respective XcOPLib.ASP file to the membership folder on your web site from the respectively named gateway vendor folder. The membership folder contains the XUD user management system. Once this is copied to your server, the XUD user management system will automatically recognize it and be able to use it. However, before the system can really utilize the installed module, it must be configured for use with your gateway account. For this step, you will need your account information provided by the merchant gateway vendor that you have chosen. First you will need to login to the XUD administrator interface. Once logged in, go to the Edit DB Params function under the Tools menu in XUD version 3.0 and later. You will now need to add one or more new parameters to the database. These are listed in the sections below for each respective merchant gateway. For each parameter you perform the following steps. In the first text box you enter the text in the parameter column. In the second text box you will need to type in the information described in the value column. This will typically be some information provided by the merchant gateway vendor. Then click the ADD button. Once these parameters have been added, you will be ready to start using the online processing functions of the application. Some additional steps may be necessary to configure your merchant account before the gateway will accept transactions from your web site, so be sure to consult the documentation the gateway vendor may have provided to you.

9.3.3.1 AuthorizeNet Note: As of 2007, new Authorize.net accounts need to use a Transaction Key instead of a Password. Parameter

Value

OPMERCHLOGIN

Type in your AuthorizeNet login name- this should be set to the API Login, if applicable, not to your main login.

OPMERCHPASSWORD

For older accounts not setup to use a Transaction Key, type in your AuthorizeNet password. Otherwise this value should be left blank.

OPMERCHACCOUNT

For newer accounts that have a Transaction Key defined, type in your AuthorizeNet transaction key here.

OPMERCHREFERER

Type in the Fully Qualified Domain Name (FQDN) of your web site. Be sure to configure the settings in your AuthorizeNet account with the same value. This is found in the “Settings / General Connection Setup / Referrer URLs� section of the AuthorizeNet

95


XUD v3.x Administrator's Guide

administrative interface. Example: http://www.your-site-url.com/ Note: In your AuthorizeNet online configuration settings, under General Connection Setup, make sure that the Referrer URLs section contains an entry that matches the OPMERCHREFERER setting you defined above. One of the configured URL settings must exactly match with the XUD’s configured setting or it will not be able to process payments.

9.3.3.2 Bank of America CyberSource Parameter

Value

OPMERCHLOGIN

Type in the user name provided by CyberSource.

OPMERCHACCOUNT

Type in the path to the security key on your web server. i.e. D:\SITES\YOUR-SITE-URL.COM\DATA

Note: This gateway requires a client side security key to be installed on the web server. To create this key, you can log into your account at the CyberSource Business Center. The security key is simply a file that must be uploaded to the web server. The setting above that points to the folder in which the security key is located on the web server must use an absolute path; you cannot use a relative path to point to the security key nor can you use a URL path.

9.3.3.3 DirectOne Parameter

Value

OPMERCHLOGIN

Type in your DirectOne account name.

OPMERCHPASSWORD

Type in the password for your DirectOne account.

Note: You must configure your DirectOne account to accept transactions from your web server. To do this, you must know the default public IP Address of your web server (may sometimes be referred to as the server’s WAN address). Your ISP should be able to provide this information to you. This IP address is not necessarily the same IP address as your web site. This will almost always be true if your site is hosted on a shared server. So be sure to check with your ISP to get the correct IP Address. Once you have your web server’s default public IP Address, you need to configure your DirectOne account with this information. You put this in the account settings by logging into the DirectOne Member Access site. Click on Account Settings, then Shopping Carts. Then put your server’s default IP Address in the Server IP Address field and save your changes.

96


XUD v3.x Administrator's Guide

9.3.3.4 ECHOCom Parameter

Value

OPMERCHLOGIN

Type in your Echo ID #.

OPMERCHPASSWORD

Type in your PIN #.

9.3.3.5 eProcessingNetwork Parameter

Value

OPMERCHLOGIN

Type in your eProcessingNetwork login name.

OPMERCHPASSWORD

Type in your eProcessingNetwork password.

9.3.3.6 IonGate Parameter OPMERCHLOGIN

Value Type in your Iongate login name.

9.3.3.7 iTransact Parameter

Value

OPMERCHLOGIN

Type in your iTransact gateway ID.

OPMERCHPASSWORD

Type in your iTransact password.

OPMERCHACCOUNT

Type in the display URL for your web site, leave off any “http” or other prefix information. i.e. WWW.YOUR-SITE-URL.COM

97


XUD v3.x Administrator's Guide

9.3.3.8 LinkPointCOM Parameter

Value

OPMERCHLOGIN

Type in your LinkPoint (YourPay) Store Number.

OPMERCHACCOUNT

Type in the full absolute path to the certificate file (PEM file) on your web server. i.e. D:\SITES\YOUR-SITE-URL.COM\DATA\MYSTORE.PEM

Note: This gateway requires a client side certificate to be installed on the web server. The information on creating the certificate file, known as the PEM file, is provided in the account setup information provided by LinkPoint. The setting above that points to the PEM file must use an absolute path; you cannot use a relative path to point to the PEM file nor can you use a URL path.

9.3.3.9 SecPay Parameter

Value

OPMERCHLOGIN

Type in your SecPay login name.

OPMERCHPASSWORD

Type in your SecPay VPN password.

Note: The Password required here is the VPN Password. This is separate from your general account password. To set the VPN Password for your account, you can log into SecPay’s Merchant Area and then click on the button that says “Change Remote Password” There are several passwords you can set from this area, so be sure you select “VPN”. Also, in order to be able to process live transactions, you will need to have a Terminal ID (TID) set up for your account. In order to set up your TID, you need to email admin@secpay.com with your user name and also include the explicit statement that you want to go live with the bank. It may take up to 2 business days for this process to be completed.

98


XUD v3.x Administrator's Guide

9.3.3.10 Verisign PayProFlow Parameter

Value

OPMERCHLOGIN

Type in your Verisign login name.

OPMERCHPASSWORD

Type in your Verisign password.

OPMERCHPARTNER

Type in your Verisign partner. If you are unsure of what this value should be, type in “VERISIGN” (without the quotes).

OPMERCHVENDOR

Type in your Verisign vendor. If you are unsure of what this value should be, leave it blank.

9.3.3.11 YourPay 9.3.3.12 This gateway uses the same exact module and configuration as the LinkPointCOM module. See section 9.3.3.7 iTransact Parameter

Value

OPMERCHLOGIN

Type in your iTransact gateway ID.

OPMERCHPASSWORD

Type in your iTransact password.

OPMERCHACCOUNT

Type in the display URL for your web site, leave off any “http” or other prefix information. i.e. WWW.YOUR-SITE-URL.COM

LinkPointCOM for details.

99


XUD v3.x Administrator's Guide

9.4

Using The Online Billing Module

When you are ready to perform your periodic billing cycle, you will login to the XUD administrator interface. You can perform your billing cycle on any regular basis that is appropriate for your site. Most sites may only run their billing cycle monthly. Some may want to run it weekly. To run the billing process, go to the Process Online Billing function under the Billing menu of the XUD administrator’s interface. When you confirm that you want to run this process, the system will automatically attempt to process all of the outstanding charges that are due on each user’s account through the configured gateway. This sums up all of the charges that are due on each individual’s account and attempts to process them as a single transaction for each user on your merchant account. Email notices are automatically sent to your site users to inform them of the charges that you processed. Accounts that have been declined will receive an email notice to either alert the user to a problem with their account and direct them to update their billing information. You can customize the text of these messages by editing the XUDBillCharged.txt and/or the XUDBillUncollected.txt files in the Email Template folder of the XUD system.

The Process Billing Screen

When processing billing, if you have a number of users, it is not unusual for some transactions to fail (be declined). This can occur for a variety of reasons. For example, the user may be over their credit limit, or their issuing bank may be temporarily offline and unable to approve transactions at that moment. If a transaction fails for a particular user, they are notified by email, so that they can either provide alternate or updated payment arrangements (in case they closed that account and need to enter a new one), or submit an alternate form of payment. Failed transactions are no cause for alarm, unless all your transactions are failing. If 100


XUD v3.x Administrator's Guide

all transactions are failing, then there is probably a configuration error with your gateway account, or some other problem has occurred with the interface between your site and your gateway provider. If your gateway connection was working previously, and seems to be failing all of a sudden, contact your gateway support department for assistance first. They should be able to tell you if there is any problems with the gateway services at that time, or if any other situations may be the cause. For example, from time to time, certain gateways may update their services (their API) and this may cause the application from being able to communicate with them.

101


XUD v3.x Administrator's Guide

10 Troubleshooting Most of the problems that people encounter during setup are the same for nearly everyone. The most common issues are outlined below. Many other items are listed in the XCENT online FAQ database. The FAQ is accessible on the XCENT web site at http://www.xcent.com/FAQ/.

ƒ

When I click on a button or a link I receive one of the following errors:

[Microsoft][ODBC Microsoft Access Driver] Could not delete from specified tables. [Microsoft][ODBC Microsoft Access Driver] Operation must use an updateable query.

This message usually occurs for one of a couple reasons. The most common is the MDB file is set to read-only mode. This file must have read/write access. This occurs frequently with users who use Microsoft FrontPage to upload the files to their web site. If you do not know how to reset file read/write permissions, you will need to ask your ISP for assistance. This can also occur if the IIS server's anonymous user account does not have the proper permissions for the MDB file (or the folder the file is in). The anonymous user account is the NT server account the user is connecting as (typically the IUSR_MACHINENAME account). If this is the case, you will typically need to contact your ISP to have them enable the proper permissions for your website. The folder the MDB file is located in must have FULL ACCESS permissions for this account. These permissions are NTFS permissions, not the access rights that are defined in the IIS management tool. This must be done for the folder that the MDB file is located in, not just the file itself. If you have difficulty assigning the rights to the anonymous user account, you may need to assign FULL ACCESS rights to the NT account group EVERYONE.

ƒ

When I visit my site I receive the following message:

General error Unable to open registry key 'Temporary (volatile) Jet DSN

The first thing you should do is to double check that the database connection string you are using has the correct path to your database. This setting is typically named gsConnect and it is typically located in a file named XXdb.asp (where XX is the prefix used in the naming convention of the application you are using). If you are sure that your connection string is correct, this message could indicate your web server does not have the proper version of Jet installed for the database version you are attempting to use. You may need to perform one of the following steps: Install the current version of the Microsoft Data Access Components Library (MDAC). The current version can be downloaded from the Microsoft web site at http://www.microsoft.com/data. Convert your MDB file to the current version of JET by using Microsoft Access. You can do this by opening the MDB file in Access and follow the prompt/directions for converting the database.

102


XUD v3.x Administrator's Guide

Whenever I click on a link on the site I receive a “Page Cannot Be Found” message.

This may have something to do with your configuration settings. Each of the XCENT applications use settings to identify their web address within the software. These settings are used to create links within the application as well as links to other XCENT applications. The setting you will probably want to look at is the gsXUDURL and any url settings for the other integrated applications you are using (all using the gsXXXURL format). Make sure that all of these settings have the proper web address for your site. Additionally, make sure that you have entered values for all of the web server applications that you have installed. Make sure that you include the http:// before your domain name also. When you are modifying any of these URL settings, make sure that you add the “/” to the end of the setting. If your domain name is www.your-site-url.com, the gsXUDURL setting would look like this if you were to upload the folders to the root folder of your site: http://www.your-site-url.com/membership/

You can see the “membership” folder in this address as well as the trailing “/”. Also check you’re the configuration settings for all of your integrated applications and be sure that all your URL settings are correct there as well. See the Administrator’s Guide of each application for more details.

Whenever I login to the site, I never seem to be fully logged in and I am prompted to keep logging in.

There are several possible solutions to this problem. 1-

This problem can be related to cookies and generally is a result of the XUD Membership system not being on the same domain or virtual folder as your other integrated application. All folders that came in the zip package need to be located on the same domain for your users to be able to log in and use the functionality correctly. Since web server applications use cookies to maintain login information, the cookie needs to be written for the same domain as the application that is reading it.

2-

This problem can occur if XUD and your other integrated applications are configured to use different databases. Check the database configuration file, XUDdb.asp in the membership folder and the corresponding database configuration files in your other installed XCENT web server applications. The database configuration file will always be in the format XXdb.asp ; where XX is the prefix used for that application. Be sure that all the database configuration files are configured to use the same database.

3-

If your site is using frames, and the XUD content is embedded within a frame that is using a different domain than your main page frame (for example, the top frame is at http://www.your-site-url.com and the XUD frame is at http://www.example.com), this can cause a problem in most browsers. See our FAQ article for more information at: http://www.xcent.com/faq/XcIBViewItem.asp?id=342

When I try to upload images as Message Base attachments I receive a Server.CreateObject failed message.

Generally this occurs when you have configured the system to use an upload component that is not installed on your server. Make sure you review our diagnostic script, XcDiag.asp to see 103


XUD v3.x Administrator's Guide

a list of the components we support and whether or not they are installed on your site. You can view this script by typing in the address where the XUD software is installed and after the auction folder type the filename XcDiag.asp. The URL would look similar to this: http://www.your-site-url.com/auction/XcDiag.asp. For more information about configuring the Upload component see the Upload Component section in this document.

When I try to enter the registration code the first time I visit the administrator interface in XUD, the system will not take it. I am just repeatedly returned to the same page.

First, be sure that you are entering the correct registration code exactly how it is typed in the confirmation email- this code should start with XXX3 where XXX is the prefix used for the application you purchased. Cut and paste directly from the email to be sure you are entering the code accurately. If you still cannot enter it, this is another issue with file permissions. The database file needs to have FULL ACCESS permissions in order to function properly. For more information on file permissions for XUD see the File Permissions and Read/Write test section in this document. .

I would like to change the “Powered By XCENT” message at the bottom of the screen to contain my own company’s name. How do I do that?

The “Powered by XCENT” message is contained in a configuration setting found in the XUDConfig.asp file. You can edit this file by going to the XUD administrator interface and selecting the System Templates option from the top menu bar under the Config & Templates menu option. When you have selected the System Templates option, you will see the XUDConfig.asp file listed there. Click on this filename and scroll through the file until you find the gsPageFooter setting. This setting contains the information output at the bottom of the page. Make whatever changes you like to this setting and click the save button at the bottom of the text box.

Emails are not being sent from XUD, but are being sent correctly from other applications. Why is this?

XUD and its integrated applications each have their own independent email configuration options. If you have configured the options correctly for another web server application, you should apply the same configurations to XUD’s email settings. Take a look at the section Email settings in this documentation for more information about configuring the email settings.

Whenever I use the online tools to edit the templates for XUD, the changes don’t seem to save.

This is another file permissions problem. The folders and files of XUD need to have the correct permissions in order to allow the online editing tools to work properly. See the section File Permissions and Read/Write test for more information about configuring the proper file permissions.

104


XUD v3.x Administrator's Guide

11 Appendix A – Configuration Options Table 11-1 Configuration Options: Misc Settings

Setting

Description

gsEmbeddedCode

This setting contains the special tag that is used on the HTML template to insert the dynamic content that is generated by XUD. This tag needs to be placed in the HTML template (defined by gsPageHeader) to position XUD among the other content in the template. The default value for this setting is “%CONTENT%”. This value is used on the default template that is shipped with XUD. If this tag conflicts with something on a template you want to use, you can change this setting, but be sure to use something unique that will not normally appear in regular HTML or in your site’s normal content. Typically, you will not need to change this setting. Default: "%CONTENT%"

gsPageHeader

This setting contains the path to the file that will be used as the HTML template throughout the system. Default: Server.MapPath(".\XUDHtmlTxt\XUDTemplate.htm")

gsPageFooter

This is the text that is output at the bottom of every page in the system. Default: "<P><P><CENTER><FONT SIZE=""1""><EM>Transmitted: " & DispShortDateTime(Now) & " " & "</EM></FONT>"

gsURL

The location of your XUD installation Note: Be sure to include the “/” at the end of the link.

gsAUCURL

The location of your xcAuction installation, if applicable Note: Be sure to include the “/” at the end of the link. Default: “”

gsAUCDesc

The Description of xcAuction (if installed on your site). Default: “Auctions”

gsCADURL

The location of your xcClassified installation, if applicable Note: Be sure to include the “/” at the end of the link. Default: “”

gsCADDesc

The Description of xcClassified (if installed on your site). Default: “Classifieds”

gsDIRURL

The location of your xcDirectory installation, if applicable Note: Be sure to include the “/” at the end of the link. Default: “”

gsDIRDesc

The Description of xcDirectory (if installed on your site). Default: "Directory"

105


XUD v3.x Administrator's Guide

gsNPURL

The location of your xcNewsPlus installation, if applicable Note: Be sure to include the “/” at the end of the link. Default: “”

gsNPDesc

The Description of xcNewsPlus (if installed on your site). Default: "News"

gsMSGURL

The location of your xcForum installation, if applicable Note: Be sure to include the “/” at the end of the link. Default: “”

gsMSGDesc

The Description of xcForum (if installed on your site). Default: "Forum"

gbEnabled

This setting controls whether XUD is enabled. You may wish to disable the application if you are doing maintenance on the database Default: True

gbRegNewUserEnable

This setting controls whether or not new users are enabled at the time of registration. If this setting is set to False, then the admin will have to manually approve each registration before the user will be able to view the site. Default: True

gbRegNewUserAutoLogin

This setting controls whether or not new users are automatically logged in after registering. This setting will only be used if gbRegNewUserEnable is set to True. Default: False

gbNotifyAdminNewReg

This setting determines whether or not the admin receives a notification email when there are new registrations that need approval. This setting is only used if giRegNewUserEnable is set to False. Default: False

giHelpWindowHeight

The height of the JavaScript popup window that is used to display help on various form fields. Default: 300

giHelpWindowWidth

The width of the JavaScript popup window that is used to display help on various form fields. Default: 300

gsDefLoginURL

This setting allows you to determine the page that users are sent to by default after registering and after logging in. If you do not set this value, the program will send them to the XUD.asp main page by default. Default: “”

gsDefLogoutURL

You can use this setting to redirect users to a specific page after they have logged out. If you do not set this value, then the program will just display a message that the user has been logged out, along with a link to log in. Default: “”

106


XUD v3.x Administrator's Guide

gbAllowLoginMemory

This setting determines whether or not the user has the option to allow the system to keep them logged in so that they will not have to log in again every time they open their browsers. Note: It could be a security risk to maintain the user’s logged in status, especially if your site is storing their credit card details. Default: False

gsTableWidth

The width of content tables within the XUD application Default: “650”

giItemsPerPage

The number of items on one page; if there are more items, additional items will be on the next page. This number is used for listing Message Base messages in the Inbox and Sentbox. Default: 5

gbShowNavBar

This setting determines whether or not XUD will display a navigation bar at the bottom of the content Default: True

gbShowNavBarProfile

This setting determines whether or not Profile links are displayed on the navigation bar. Default: True

gbShowNavBarHelp

This setting determines whether or not the Help link is displayed on the navigation bar. Default: True

gbShowNavBarMessageBase

This setting determines whether or not the Message Base link is displayed on the navigation bar. Default: True

gbShowNotLoginOnMain

This setting determines whether users who are not logged in see limited content on the XUD.asp page. To edit this content, you would edit the XUDNotLogin.htm file. Default: True

gbShowSystemsOnMain

This setting determines whether or not the content relating to your integrated applications (Auction/ Classifieds/ Forum/ etc) is displayed on the XUD.asp page. If gbShowNotLoginOnMain is set to true, this content will only be displayed if a user is logged in. Default: True

gbUserToUserHideSender

This setting determines whether or not users will be forced to use the XUD Message Base when sending messages rather than emailing to users directly. If you set this setting to True user email addresses will be hidden when viewed on the site. Note: Most sites have this setting set to True to protect their users’ email addresses from being spidered by email spamming scripts. Default: True

gbTAFEditSubject

This setting determines whether the end user can edit the subject field on the general Tell A Friend form. Default: True

107


XUD v3.x Administrator's Guide

gbTAFSubjectAlwaysShow

This setting determines whether the subject is shown to the end user if the gbTAFEditSubject setting is set to False. Default: True

gbUserPickPassword

This setting determines whether or not you let users choose their initial password at the time of registration. If this is set to False, then the system will generate a random password and send it to the user. The benefit in this method is that it ensures that all users have supplied a valid Email address. Default: False

gbUniqueEmailAtReg

This setting determines whether you want to restrict registrations so that new users cannot register using an Email address that has already been used by another registered user. Default: True

gbUniqueEmailAtEdit

This setting determines whether you want to restrict registered users so that they cannot edit their registration information to use an Email address that has already been used by another registered user. Default: True

gbShowRatings

This setting determines if user ratings will be available on the site. If this setting is set to False no ratings will be available throughout the site. Default: True

gsRatingsMode

This setting determines how ratings will be handled on the site. There are 2 options: “S” – Scalar ratings. Ratings are on a scale of 1-5 stars.

“P” – Polar ratings. Ratings are Positive/ Neutral/ Negative

Default: “S” gsMoneySymbol

This setting is used to override the regional currency settings on your installed web server. For most sites, you would not need to change this setting unless your site is displaying a default currency different from the currency you want to use on your site. Configuring this setting for the proper character for your currency will display all currency values with this currency symbol. Default: “” – (Not Configured; will use the server’s default currency setting)

gvMoneySymbolLeading

This setting is used to override the formatting of the regional currency settings on your installed web server. For most sites, you would not need to change this setting unless your site using a currency setting different from the web server's default currency setting. By specifying a value, you can force your site to alternate how it displays currency symbols. If you want to force a leading currency symbol - the currency is displayed before the value, set this to TRUE. If you want to force a trailing currency symbol - the currency is displayed after the value, set this to FALSE. By default, it is set to NULL so that it will inherit whatever method the web server is configured for. Default: NULL 108


XUD v3.x Administrator's Guide

giUploadHandler

This setting controls which upload component will be used when users upload files to XUD. Here is a list of the acceptable values: 0 – The upload system is disabled.

1 – Persits ASPUpload component will be used for uploads.

2 – Software Artisans’ SA File-UP component will be used for uploads.

3 – ASPHelp’s ASPSimpleUpload component will be used for uploads.

4 – ASPSmart’s ASPSmartUpload component will be used for uploads.

5 – WebSupergoo’s ABCUpload component will be used for uploads.

Default: 0 giHTTPComponent

This setting controls what HTTP component will be used when XUD needs to make HTTP requests to other pages. This is generally used during online processing of payments. Below is a list of acceptable values. 0 – None.

1 – Microsoft’s XML HTTP component.

2 – Microsoft’s Server XML HTTP component.

3 – ASPHTTP.

4 – ASPTear.

Default: 0 giImagingHandler

This setting controls the Imaging Handler that will be used for the AntiBot protection features and for resizing images uploaded for a user’s profile. If this setting is not configured, the AntiBot Protection will be disabled and images uploaded to users’ profiles will not be able to be resized. 0 – None.

1 – ASPImage.

2 – ASPJpeg.

3 – ASPSmartImage.

Default: 0 gbDisplayFeesPublic

This setting determines whether or not your Site Fees page is publicly viewable. If this is set to False, then only registered users who are logged in will be permitted to view the page. Default: True

109


XUD v3.x Administrator's Guide

gsAucTypesAllowed

This setting is only used if you are using XUD with xcAuction. This setting should be set the same as the gsAUCURL setting in your xcAuction configuration file. It determines which closing fees tables are shown on the Site Fees page. The value for this field should include the symbol for every auction type that you are using from among these possible values: S – Standard Auction

D – Multiple Quantity Auction

R – Reverse Auction

B – Blind Auction

Q – RFQ Auction

L – Linked Auction

T – Barter Auction Consult the xcAuction documentation for more information regarding the various auction types. Default: "SDRBQLT" gbMailingListEnable

This setting determines whether or not users will have the option to subscribe to mailing lists on your site. Default: True

gbMailingListRegUsersOnly

This setting determines whether or not mailing list subscriptions will be restricted to registered users. Default: False

gbMailingListingListAtReg

This setting determines if when a new user registers on your site, if they should be directed to the mailing list option at the time of signup. If the above mailing list options are turned off, this setting is ignore. Default: False

gbAntiBotRegProtect

This setting determines if the AntiBot protection feature is enabled during the registration process. Default: False

gbAntiBotPasswordProtect

This setting determines if the AntiBot protection feature is enabled on the user functions for Lost Passwords. Default: False

gsAntiBotTestCodeImagePath

This setting controls where the AntiBot protection feature images are created and stored for users on the site. This setting generally does not need to be changed. Default: "XUDAntiBotTest"

gsAntiBotImgFont

This setting controls the font that is used to create the AntiBot protection image. Default: "Courier New"

glAntiBotImgColor

This setting contains the hexadecimal value of the color of the letters in the AntiBot protection image displayed to users. Default: &h505050

110


XUD v3.x Administrator's Guide

gsAntiBotChars

This setting contains the characters that will be randomly selected to generate an AntiBot protection image to be displayed for users. By default, no vowels are included in the AntiBot list of characters. Leaving out vowels will prevent potential generation of real words which has two benefits. First, it makes the AntiBot feature harder for an actual bot because current OCR techniques also rely on understanding the language in order to correctly interpret individual letters. And second, it expands on the first idea because it prevents the potential for accidentally generating a real word. Default: "BCFGHJLMNPQRSTVWXZ123456789"

gbLogEvents

When this is set to True, XUD will attempt to log some activities. This is a global setting that overrides all other log settings when disabled. By setting this to False; no general or specific logs will be generated regardless of any other settings. Default: False

gsLogPath

This setting controls where XUD stores log files, if logging is turned on. Default: Server.MapPath(".") & "\XUDLogs\"

gbLogLogins

If this is set to True, then every time a user logs in, XUD will log their user name, IP address and time of login. Default: False

gbLogLostPW

If this is set to True, then when a user tries to retrieve a new password for their account with the Lost Password feature, the event will be logged. Default: False

gbLogChangePW

If this is set to True, then when a user attempts to changes their password for their account, the event will be logged. Default: False

111


XUD v3.x Administrator's Guide

Table 11-2 XUD Configuration Options: Message Base Settings

Setting

Description

gbMBAllowNonReg

This setting determines whether or not you allow nonregistered users to send messages through the Message Base. If this is set to False, only registered users who are logged in will be able to send messages. Default: True

gbMBSendAsEmail

This setting determines how the MessageBase is used. The typical setup will set this value to False to take advantage of the online MessageBase system to allow users to communicate directly on the site. Users will receive an Email alerting them to check their online Inbox the first time they get a new message since they last checked.

If this setting is set to True, then all MessageBase messages will be sent as Emails directly to the recipient. This will disable the Inbox and Sentbox and also prevent sending any file attachments.

Default: False gbMBUseSenderAddress

This setting determines the “From” address that will be used for sending MessageBase emails if gbMBSendAsEmail is set to True. If this is set to True and the user has entered an Email address, then the system will use the Email address specified by the user. If it is set to False or the user has not entered an Email address, then the system will use the admin Email address. Note that for most servers, you should set this to False since most Email servers are configured such that they will only send emails if the “From” Email is a local address. If you set this to True, you need to be sure that your Email server can handle sending Emails when the return address is not a local Email address. Default: False

gbMBSendAdvMessage

This setting configured the Message Base to send a message to both the recipient user's inbox in the Message Base as well as an email to the user's registered email address. Default: False

gbMBCopyAdmin

If this is set to True, the admin will receive an Emailed copy of every message that is sent through the MessageBase Default: False

gbMBAllowAttach

This setting determines whether or not users will be allowed to upload attachments to their Message Base messages. Note: Sending attachments also require configuring a valid value for the giUploadHandler setting. Default: False

glMBMaxAttachSize

The maximum file size allowed for files attached with Message Base messages (in bytes) Default: 25000

giMBMaxFiles

The maximum number of files that can be attached to any

112


XUD v3.x Administrator's Guide

single Message Base message. Default: 5 gsMBAllowedTypes

This setting is a string of all the allowed file types (file name extensions) that you want users to be able to attach to Message Base messages. This should be a list of the file extensions separated by a semicolon. Do not include the "." for the filename extension. Default: "jpg;jpeg;gif;png;pdf;doc;rtf;txt;"

gsMBFileFolder

This setting is for the folder on your site in which Message Base attachment files will be uploaded Default: "XUDMessageBaseFiles"

gsMBFileViewWindowParams

These are the JavaScript parameters used to open the pop up window that is used to view Message Base attachments. Unless you are strong in JavaScript, we do not recommend changing this setting.

113


XUD v3.x Administrator's Guide

Table 11-3 XUD Configuration: Billing System Settings

Setting

Description

gbGetBillingAtReg

This setting determines whether you require users to supply billing information at the time they register. If you do not require them to submit billing information at this time, they will be prompted to enter it if they try to access any site features for which you are charging. Default: False

gbCopyEmailInvToAdmin

This setting determines whether the admin receives a copy of all Email Invoices that are sent to users through the program. Default: True

gbShowBillFieldBankName

This setting determines whether the Bank Name field will be displayed on the form where the user enters or edits billing information. Default: True

gbShowBillFieldVerifyCode

This setting determines whether the Verification/ ABA Code field will be displayed on the form where the user enters or edits billing information. Default: True

gbShowSubscriptions

This setting determines whether you will offer subscriptions to users who register for your site. When the subscription option is enabled, all accounts must choose a subscription option. Note: the gbGetBillingAtReg option must also be enabled in order to automatically prompt a new registration for a subscription. Default: False

gbEmailUserSubRenewal

If subscriptions are enabled, and this is set to True, subscribers will be sent an email notice when their subscription is renewed. Default: True

gbCollectFeeAtPos

Turn the real time payment processing system on and off with this setting. The real time payment processing system depends on the XUD Online Processing configuration. This setting also pertains to collecting real time payments from users who have a CVT (i.e. PayPal) payment method selected. This setting is currently used with subscription fees that are charged as part of the registration process. Default: False

Tip: XUD allows you to customize settings regarding which fields are displayed as well as settings regarding which fields are required. Do not set a field as required unless you have also set it to be displayed. If you configure a particular field to be required, but configure the field to not be displayed, the end user will not be able to see the error message that the field is missing, because you do not have the field displayed.

114


XUD v3.x Administrator's Guide

Table 11-4 XUD Configuration: Registration Fields

Setting

Description

gsUserNameValidChars

This setting consists of the list of characters that are valid within a user name. (case insensitive) Default: "ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"

gbRegFldShowGuardEmail

This setting determines if the Guardian Email field is displayed on the registration and edit registration pages. Default: True

gbRegFldShowGovernCode

This setting determines if the GovernCode field is displayed on the registration for and edit pages. Default: True

gbRegFldShowBirthDate

This setting determines if the Birth Date field is displayed on the registration and edit registration pages. Default: True

gbRegFldShowAdultFlag

This setting is not currently used Default: True

gbRegFldShowCompany

This setting determines if the Company field is displayed on the registration and edit registration pages. Default: True

gbRegFldShowPhone

This setting determines if the Phone Number field is displayed on the registration and edit registration pages. Default: True

gbRegFldShowMobilePhone

This setting determines if the Mobile Phone Number field is displayed on the registration and edit registration pages. Default: True

gbRegFldShowAltPhone

This setting determines if the Alternate Phone Number field is displayed on the registration and edit registration pages. Default: True

gbRegFldShowFax

This setting determines if the Fax Number field is displayed on the registration and edit registration pages. Default: True

gbRegFldShowAddress

This setting determines if the Street Address fields are displayed on the registration and edit registration pages. Default: True

gbRegFldShowCity

This setting determines if the City field is displayed on the registration and edit registration pages. Default: True

gbRegFldShowState

This setting determines if the State field is displayed on the registration and edit registration pages. Default: True

gbRegFldShowPostal

This setting determines if the Fax Number field is displayed on the registration and edit registration pages. Default: True

115


XUD v3.x Administrator's Guide

gbRegFldShowCounty

This setting determines if the County field is displayed on the registration and edit registration pages. Default: True

gbRegFldShowCountry

This setting determines if the Country field is displayed on the registration and edit registration pages. Default: True

gbRegFldShowReference

This setting determines if the Reference # field is displayed on the registration and edit registration pages. Default: True

gbRegFldShowDuns

This setting determines if the DUNS # field is displayed on the registration and edit registration pages. Default: True

gbRegFldShowwebSite

This setting determines if the Web Site URL field is displayed on the registration and edit registration pages. Default: True

gbRegFldShowCurrency

This setting determines if the Default Currency field is displayed on the registration and edit registration pages. Default: True

gbRegFldReqGovernCode

This setting determines if the GovernCode field is required on the registration and edit pages. Default: False

gbRegFldReqBirthDate

This setting determines if the Birth Date field is required on the registration and edit registration pages. Default: False

gbRegFldReqCompany

This setting determines if the Company field is required on the registration and edit registration pages. Default: False

gbRegFldReqPhone

This setting determines if the Phone Number field is required on the registration and edit registration pages. Default: False

gbRegFldReqMobilePhone

This setting determines if the Mobile Phone Number field is required on the registration and edit registration pages. Default: False

gbRegFldReqAltPhone

This setting determines if the Alternate Phone Number field is required on the registration and edit registration pages. Default: False

gbRegFldReqFax

This setting determines if the Fax Number field is required on the registration and edit registration pages. Default: False

gbRegFldReqAddress

This setting determines if the Address field is required on the registration and edit registration pages. Default: False

gbRegFldReqCity

This setting determines if the City field is required on the registration and edit registration pages. Default: False

gbRegFldReqState

This setting determines if the State field is required on the registration and edit registration pages. Default: False

116


XUD v3.x Administrator's Guide

gbRegFldReqPostal

This setting determines if the Postal Code field is required on the registration and edit registration pages. Default: False

gbRegFldReqCountry

This setting determines if the Country field is required on the registration and edit registration pages. Default: False

gbRegFldReqReference

This setting determines if the Reference field is required on the registration pages. Default: False

gbRegFldReqDuns

This setting determines if the Duns field is required on the registration pages. Default: False

gbRegFldReqWebSite

This setting determines if the Website field is required on the registration pages. Default: False

giRegMinimumAge

This registration setting controls the minimum age required for users to register on your site. Note that this setting can only be used if gbRegFldShowBirthDate and gbRegFldReqBirthDate are both set to True. Default: 0

giRegGuardEmailMin

This setting controls the minimum age that the user must be at time of registration otherwise the Guardian's Email Address field will be required. This feature also requires the Birthdate field to be enabled if used. Default: 18

gsRegFldPtrnGovernCode

This setting is for advanced users only. You must understand how to properly form Regular Expressions in order to use this feature. This setting controls what pattern of characters in the field must match in order to be considered a valid entry. Default: Empty string.

gbRegAgeAlertEmail

This setting controls if the age alert feature is enabled. When enabled, the system will send an administrative alert by email when a new registrant tries to first create a new account that would be under the giRegMinimumAge value, then later go back and try to change the birth date to a value that would allow them to complete the registration. This allows the administrator to quickly review any potential accounts that might actually be under the minimum age but the user later entered a fake birth date in order to gain entry. Default: True

Table 11-5 XUD Configuration: User Profile Fields

Setting gbShowProfiles

Description This setting determines whether or not user profiles will be used on your site Default: True

117


XUD v3.x Administrator's Guide

gbShowProfFullName

This setting determines whether or not you will be using the Full Name field for user profiles. Default: True

gbShowProfLocale

This setting determines whether or not you will be using the Locale field for user profiles. Default: True

gbShowProfEmail

This setting determines whether or not you will be using the Email Address field for user profiles. Default: True

gbShowProfWebsite

This setting determines whether or not you will be using the Website URL field for user profiles. Default: True

gbShowProfGender

This setting determines whether or not you will be using the Gender field for user profiles. Default: True

gbShowProfImage

This setting determines whether or not you will be using the Image URL field for user profiles. Default: True

gbShowProfComments

This setting determines whether or not you will be using the Comments field for user profiles. Default: True

gbShowProfField1

This setting determines whether or not you will be using Optional Field 1 for user profiles. This field can be used for short text, with a maximum of 20 characters. Default: True

gbShowProfField2

This setting determines whether or not you will be using Optional Field 2 for user profiles. This field can be used for short text, with a maximum of 20 characters. Default: True

gbShowProfField3

This setting determines whether or not you will be using Optional Field 3 for user profiles. This field can be used for short text, with a maximum of 20 characters. Default: True

gbShowProfField4

This setting determines whether or not you will be using Optional Field 4 for user profiles. This field can be used for short text, with a maximum of 20 characters. Default: True

gbShowProfField5

This setting determines whether or not you will be using Optional Field 5 for user profiles. This field can be used for longer text, with a maximum of 80 characters. Default: True

gbShowProfField6

This setting determines whether or not you will be using Optional Field 6 for user profiles. This field can be used for longer text, with a maximum of 80 characters. Default: True

gbShowProfField7

This setting determines whether or not you will be using Optional Field 7 for user profiles. This field can be used for longer text, with a maximum of 80 characters. Default: True

118


XUD v3.x Administrator's Guide

gbShowProfField8

This setting determines whether or not you will be using Optional Field 8 for user profiles. This field can be used for longer text, with a maximum of 80 characters. Default: True

gbShowProfField9

This setting determines whether or not you will be using Optional Field 9 for user profiles. This field can be used for integer (whole number) values. Default: True

gbShowProfField10

This setting determines whether or not you will be using Optional Field 10 for user profiles. This field can be used for integer (whole number) values. Default: True

gbShowProfField11

This setting determines whether or not you will be using Optional Field 11 for user profiles. This field can be used for integer (whole number) values. Default: True

gbShowProfField12

This setting determines whether or not you will be using Optional Field 12 for user profiles. This field can be used for integer (whole number) values. Default: True

gbShowProfField13

This setting determines whether or not you will be using Optional Field 13 for user profiles. This field can be used for decimal values. Default: True

gbShowProfField14

This setting determines whether or not you will be using Optional Field 14 for user profiles. This field can be used for decimal values. Default: True

gbShowProfField15

This setting determines whether or not you will be using Optional Field 15 for user profiles. This field can be used for decimal values. Default: True

gbShowProfField16

This setting determines whether or not you will be using Optional Field 16 for user profiles. This field can be used for decimal values. Default: True

gbShowProfUserStats

This setting determines whether or not you will be using User Statistics will be displayed within user profiles. Default: True

gbProfileUploadImage

This setting determines whether or not a user can upload an image to your server for their profile Note: This setting depends on gbShowProfImage being set to true, and a supported upload component being configured properly through the giUploadHandler setting Default: False

gsProfileAllowedTypes

This setting controls what types of files are allowed to be uploaded to a user’s profile. This is a list of the allowed file extensions separated by a semicolon. Default: "jpg;jpeg;gif;png"

119


XUD v3.x Administrator's Guide

giProfileMaxX

This setting specifies the maximum width in pixels a compatible uploaded image will be resized to when uploaded to a user’s profile. If an image is uploaded with a width larger than this setting that image will be resized to this width while maintaining the proper proportions. Note: Requires Imaging Component Default: 600

giProfileMaxY

This setting specifies the maximum height in pixels a compatible uploaded image will be resized to when uploaded to a user’s profile. If an image is uploaded with a height larger than this setting that image will be resized to this height while maintaining the proper proportions. Note: Requires Imaging Component Default: 400

Tip: To edit the fields that are displayed within profiles, be sure to also edit the XUDUserProfile.htm template file.

Table 11-6 XUD Configuration: Email Settings

Setting

Description

gsAdminEmail

The email address of the administrator

gsMailHost

The Fully Qualified Domain Name or the IP address of the SMTP (Email) server for your internet site. The configured mail host must be able to deliver mail for the domain of the email address you specify by the gsAdminEmail setting. In an attempt to control unsolicited email, most ISP’s will block sending outbound email for messages that do not appear to be originating on local domains.

120


XUD v3.x Administrator's Guide

Table 11-7 XUD Configuration: Font Settings

Setting

Description

gsFont

The default font that is used within the application Default: "Tahoma, Arial, Sans-Serif"

gsPlainTextOpen gsPlainTextClose

The opening and closing font tags used for general purpose text within the application.

gsFormTextOpen gsFormTextClose

The opening and closing font tags used for form prompts within the application.

gsTabTextOpen gsTabTextClose

The opening and closing font tags used for heading tabs within the application.

gsSelectedTabTextOpen gsSelectedTabTextClose

These settings control the formatting of the text displayed in the selected tab in the Message Base section of XUD.

gsUnSelectedTabTextOpen gsUnSelectedTabTextClose

These settings control the formatting of the text displayed in the unselected tab in the Message Base section of XUD.

gsColumnHeadOpen gsColumnHeadClose

The opening and closing font tags used for the top row in tables within the application.

gsNavBarOpen gsNavBarClose

The open and closing font tags used for the bottom navigation bar. (Note: to customize the colors of the link text, please also refer to the section entitled Appendix B – CSS Definitions)

gsSectionTitleOpen gsSectionTitleClose

These settings control the formatting of the titles above sections in the forms throughout XUD.

121


XUD v3.x Administrator's Guide

Table 11-8 XUD Configuration: Color Settings

Setting

Description

gsPageBGColor

The default background color for XUD content Default: "#FFFFFF"

gsLineColor

The color of the thin lines surrounding the navigation bar Default: "#000080"

gsTitleCellColor

The background color used for the top cell in a table Default: "#C0C0C0"

gsAltColorOne

The first of 2 alternating background colors used for table rows Default: "#FFFFFF"

gsAltColorTwo

The second of 2 alternating background colors used for table rows Default: "#E9E9E9"

gsTabColor

The background color for the title tab at the top of pages Default: "#4B96D3"

gsRegularBoxColor

The color used for the thin box that surrounds table cells Default: "#4B96D3"

gsEmptyColor

The space to the right of the title tab; can be set to the same color as gsRegularCellColor if you do not want to use a tabbed look Default: "#FFFFFF"

gsNavBarColor

The background color of the bottom navigation bar Default: "#4B96D3"

gsMainTabColor

The background color for the active tab at the top of pages with multiple tabs Default: "#4B96D3"

gsBackTabColor

The background color for the inactive tab at the top of pages with multiple tabs Default: "#C0C0C0"

122


XUD v3.x Administrator's Guide

Table 11-9 XUD Configuration: Advanced Settings

Setting

Description

gbUseSSL

If set to True, XUD will turn ON or OFF the SSL mode in the user’s browser when necessary (i.e. when user editing billing information). Note: A security certificate must be installed on your web server for your URL to allow SSL to function on your site. For details, you should contact your ISP or web host. Default: False

gbUseSSLOnLogin

If set to True (and above is enabled), XUD will switch to SSL mode when performing user logins. Default: False

gsSSLURL

The URL to XUD on your site for SSL mode. For example you might use a setting like “https://:www.your-site-url.com/membership/” Default: “”

gsSSLPageHeader

This setting contains the path to the file that will be used as the HTML template on any pages accessed while the user interface is in SSL mode. Leave this blank if you are not using SSL or if you want to use the same template as when you are not in SSL mode. If you use externally linked banners in your templates, the end user's browser will normally warn the user there is unencrypted linked content on your web pages. You can use the SSL template to remove these problem banners if the banner host does not provide an SSL enabled URL to their banner content. Default: “”

giEncodingMethod

The data encoding method. Currently not used. Default: 0

gsNumReplaceCode

Encoding code, do not repeat any characters, and do not use any numbers. Do not change once billing system is enabled. This controls how certain information gets encrypted within the database. You can change this setting once before you begin collecting credit card numbers from your users. Important: This setting must be 10 characters in length. Setting it to a shorter length will cause problems within the system. Default: "tEfcJq[pO@"

glLongProcTimeout

The setting used for the server’s timeout value when executing processes that may take a long time. You will typically not need to change this value Default: 9999

gbDemoMode

This setting determines whether XUD runs in demo mode. This should not be changed under normal circumstances as many functions are partially disabled or are emulated when demo mode is turned on. Default: False

giDeltaTime

If your web server is not displaying the local time you want to be displayed on the site, you can set the giDeltaTime to the value that you want to use to offset the display time. If your local time is later than the display time, you would want to set giDeltaTime to a 123


XUD v3.x Administrator's Guide

positive value. If your local time is earlier than the display time, you would want to set giDeltaTime to a negative value. Default: 0 gsQueueStreamFolder

The location, which holds temporary files containing information for CVT transactions. This folder needs to have Full Access permission for the web server’s anonymous user account. You should typically not need to change this setting from the default. Default: Server.MapPath(".\XUDQueueStream")

124


XUD v3.x Administrator's Guide

Table 11-10 XUD Configuration: Database related settings in the XUDdb.asp file

Tag

Description

gsConnect

The system database connection string- for additional options see Appendix D – Alternate Connection Strings

giDBType

A numeric value which tells the system which type of database you are using. Possible values are: 0- Use for JET databases

1- User for SQL Server databases

Default: 0 gsSQLDateDelimiter

This setting can be set to one of 2 possible values that are used when passing dates to the database: Chr(39) – Use for most servers

Chr(35) – Use for some older JET database drivers

Default: Chr(39) gsSQLWildCardChar

The wild card character used by the SQL parsing engine. This can be set to 2 possible values: Chr(37) – Use for most servers

Chr(42) – Use for some older JET database drivers

Default: Chr(37) giSQLDateFormat

This setting is used control the formatting that is used when date are passed from the server to the database; it does not have any affect on how dates are displayed on the site. The possible values are: 0 – Default System Format

1 – SC-SQL Format

2 – SC-JET-MDY Format

3 – SC-JET-DMY Format

Default: 0

125


XUD v3.x Administrator's Guide

12 Appendix B – CSS Definitions XUD uses a number of Cascading Style Sheet definitions within the template to control the color and behavior of text links. The settings that pertain to the xcClassified application are contained within the xcXud.css file in the XUDHtmlTxt folder. The versatility of Cascading Style Sheets allow for a more centralized configuration of the text and formatting that is displayed on your site. With the majority of browsers supporting the use of Style Sheets, they are a very powerful feature that can be used to control the look and feel of your website. Note: There are additional CSS settings contained in the example template, CPTemplate.htm. These settings are specific to the layout of the template file itself and you need not include them within your own template. Since these settings are not used within the body of the xcClassified application, they are not documented here. For more information on style sheet http://www.htmlhelp.com/reference/css/

syntax

and

usage,

you

can

consult:

Table 12-1 CSS Definitions

Tag

Description

XUDNavBar

The bottom navigation bar Usage: system wide (if gbNavBar is set to True)

XUDNavTree

The navigation tree used at the top of pages to tell you where you are within the system Usage: Message Base

XUDTabText

Text in the title tab at the top of pages Usage: system wide

XUDSelectedTabText

Selected tab link on the Message Base tab menu. Usage: Message Base page

XUDUnselectedTabText

Unselected tab link on the Message Base tab menu. Usage: Message Base page

XcBtn

Form submittal buttons Usage: system wide

XUDPlainText

General text displayed throughout XUD. Usage: system wide

XUDFormText

Form prompts displayed throughout XUD. Usage: system wide

XUDSectionTitle

Text displayed above a boxed out section of a page. Usage: system wide

XUDColTitle

Text displayed at the top of column in a table. Usage: system wide

126


XUD v3.x Administrator's Guide

13 Appendix C – User Capabilities The following table lists the built-in capabilities that can be defined for your user groups. Table 13-1 User Capabilities

User Capability

Description

NOFEE

A Y/N value. A Y value indicates that the user will not be charged any site fees.

DISCFEE

A numeric value from 1 to 100. The percentage discount applied to all fees charged to user account.

AUCPOST

A Y/N value. A Y value indicates the user will be allowed to POST AUCTIONS.

AUCMARKET

A Y/N value. A Y value indicates the user will be allowed to have a listing in the MARKETPLACE.

AUCRFQBID

A Y/N value. A Y value indicates the user will be allowed to bid on RFQ auctions.

AUCWATCHADD

A Y/N value. A Y value indicates the user will be allowed to use the Auction Watch feature.

AUCWATCHBROWSE

A Y/N value. A Y value indicates the user will be allowed to browse active Auction Watches.

NOAUCBASEFEE

A Y/N value. A Y value indicates the user will be not be charged a BASE FEE for listing an auction.

NOAUCLISTFEE

A Y/N value. A Y value indicates the user not be charged ANY fees for listing an auction.

MAXAUCITEMS

A numeric value indicating the maximum number of active auctions allowed by the user.

BULKUPLOAD

A Y/N value. A Y values indicates that a user can use the Bulk Uploading feature.

CADPOST

A Y/N value. A Y value indicates the user will be allowed to POST CLASSIFIEDS.

CADWATCHADD

A Y/N value. A Y value indicates the user will be allowed to use the Ad Watch feature.

CADWATCHBROWSE

A Y/N value. A Y value indicates the user will be allowed to browse active Ad Watches.

NOCADBASEFEE

A Y/N value. A Y value indicates the user will be not be charged a BASE FEE for listing an ad.

NOCADLISTFEE

A Y/N value. A Y value indicates the user not be charged ANY fees for listing an ad.

MAXCADITEMS

A numeric value indicating the maximum number of active classified ads allowed by the user.

MSGPOST

A Y/N value. A Y value indicates that the user will be allowed to POST FORUM MESSAGES.

MSGVIEW

A Y/N value. A Y value indicates the user will be allowed to VIEW PRIVATE FORUMS.

127


XUD v3.x Administrator's Guide

NPPOST

A Y/N value. A Y value indicates the user will be allowed to POST NEWS ARTICLES.

NPVIEW

A Y/N value. A Y value indicates the user will be allowed to VIEW PRIVATE NEWS ARTICLES.

PA1

A Y/N value. An example capability, not used internally by any XCENT web server applications. A Y value indicates the user will be allowed to access protected content - group 1.

PA2

A Y/N value. An example capability, not used internally by any XCENT web server applications. A Y value indicates the user will be allowed to access protected content - group 2.

PA3

A Y/N value. An example capability, not used internally by any XCENT web server applications. A Y value indicates the user will be allowed to access protected content - group 3.

128


XUD v3.x Administrator's Guide

14 Appendix D – Alternate Connection Strings The database connection string is used to tell XUD how to communicate with it's database. The connection string is located in the XUDdb.ASP file. Depending on the type of database you use, or if you need to relocate the database to another file, name or server, you will need to change the connection string from it's default. By default, XUD uses a setting like shown below for the connection string. Note: This is all on one line in the file. gsConnect = "Driver={Microsoft Access Driver (*.mdb)};DBQ=" & Server.MapPath("..\Data\XUD3.mdb")

This connection string points to a JET database named XUD3.mdb which is located in the DATA folder above the location where the application is installed. Since some web servers may be configured to not allow relative paths, this may need to be changed to an absolute path. If this is the case, you will need your ISP to tell you the absolute filesystem path to your web site. You can also use the XcDiag.ASP utility to determine this. As example JET database connection using an absolute path would look something like this (again, all on one line): gsConnect = "Driver={Microsoft Access Driver (*.mdb)};DBQ=d:\websites\yoursite-url.com\data\XUD3.mdb"

If you are going to use the application with a SQL Server database, you need to point the application to your SQL Server. Remember, the database objects must be created first using the SQL Setup Scripts, see the section "Configuring the Database Connection" on doing this. Once the SQL database has been prepared, you can point the application to it by changing the connection string so that it looks like this (again, all on one line): gsConnect = "DRIVER=SQL Server;SERVER=10.20.30.40;UID=SQLLogin;PWD=SQLPassword;DATABASE=XUD3"

The part after SERVER= is either the IP Address or Fully Qualified Domain Name (FQDN) of the SQL Server. So, this can also look like: gsConnect = "DRIVER=SQL Server;SERVER=sql.your-siteurl.com;UID=SQLLogin;PWD=SQLPassword;DATABASE=XUD3"

The part after UID= is the SQL Server login. The part after PWD= is the password for the SQL Server login. The part after the DATABASE= is the name of the SQL Server database. Your ISP or database administrator will provide all of these values. Also, do not forget that if you change your database type, that the giDBType setting must be set to zero (0) if you are using a JET database. Or is must be set to one (1) if you are using a SQL Server database. If you would prefer to use a DSN, you can change your connection string to utilize the DSN also. The DSN must be a System DSN in order for the web server to be able to see it. If you create it as a User DSN, the web server will not be able to utilize the DSN. The giDBType setting must be set correctly for the type of database the DSN points to. The basic DSN connection will look like: gsConnect = "DSN=MyDatabase"

In this example, you would change the part after DSN= to the DSN name you want to use.

129


XUD v3.x Administrator's Guide

15 Appendix E – Updates and Upgrades From time to time, XCENT will release minor version updates to our products. These updates may include bug fixes as well as revisions and additions to the functionality of the program. Any of these updates within the same major version are free to registered users of that major version. For example, if you have XUD version 3.0.0, if an update is available to go to version 3.0.1 or 3.1.0, then this is a free update. Notice, the major version number does not change (only the Minor version number, or the Release number changes for minor updates). When you receive an update from XCENT, what you will receive is a ZIP archive file that contains the latest version of all the files used within the entire application. This is the same as a new registration. However, you do not need to reinstall the application from scratch for a minor update. In order to know which files you need to upload, you need to be familiar with which version of the application is currently running on your site. If you aren't sure, you should use the Check Version option in your administrator interface. Within the Documentation folder of the ZIP archive file that you downloaded, are one or more Updates documents. The Updates documents are your guides to knowing which application files need to updated in between updates. When you view an Updates document, you will see that it is organized by the application version, with the most recent one on top down to the oldest for that major version. Each version and each application has its own table of files that have been updated. This includes the file name and a brief description on what has been updated. You only need to install the files listed for versions newer than the version you are already running on your site. For example, if the current release is version 3.5.4 and your site is running version 3.5.2, you would need to upload all the files listed for version 3.5.4 and also those listed for version 3.5.3. Tip: XUD updates will be included in the updates you receive for any integrated applications. When you receive an update, you should always check both for updates to the specific application as well as updates to XUD. We anticipate that many of our users make changes to the Configuration and Language files associated with our applications. If we've updated these files, the Updates file will list the settings we've added to those specific files. You can then just add these settings to your existing file. If you have made customizations to any other files, the best thing to do is to save a backup version of each file and then reapply the customizations to the updated file. However, if you have updated any Email Templates or HTML Templates, you may want to look at the new versions of these files to see if you want to incorporate any changes that have been made.

130


XUD v3.x Administrator's Guide

15.1 Upgrades When significant functionality is added to one of our products, we may issue a major version upgrade. A major version upgrade is when the major version number changes. For example, going from version 2.x.x to version 3.x.x. While major version upgrades are not free, registered users will be provided an upgrade path that is significantly less than the cost of a new license for the new version. Installing a major version upgrade usually requires a complete fresh install of the various .asp, .htm, .txt etc files that are used within the application. However, XCENT will provide tools to upgrade your database if necessary. So you will be able to transition to the new version without losing any data from the previous version. The layout and names of the folders for the v3.x releases have changed significantly from previous releases. Due to the magnitude of and number of changes in this release, we only support a re-installation of all XUD files in order to make sure that the application is installed correctly (as nearly all of the files of XUD have been changed in some manner).

131


XUD v3.x Administrator's Guide

16 Appendix F – Automating Processes Certain features require periodic maintenance functions to be run by the administrator, using the administrative interface. Using scripts that XCENT has provided with the XUD, you can easily automate these regular tasks and save time in your overall site maintenance. Automating these processes is done in various ways, depending upon the particulars of your site and services offered by your ISP or web host. Most ISP's will allow a means to schedule processes using primarily one of two different techniques. These are outlined in the following sections.

16.1 Scheduled Tasks One option to use for scheduling a task that you wish to automate is to use the included WSH scripts, which will run at a specified time in order to trigger the maintenance functions. These scripts are included in the WSH folder with the application. They can be scheduled to run using any method that allows the execution of WSH scripts at a specific time. The built in Scheduled Tasks feature that is present in Windows ME and later can be used for this. The machine using the included WSH scripts to schedule these tasks must have Microsoft Internet Explorer 5.0 or later installed. The Scheduled Tasks function is normally found in the Control Panel under Settings from your Start Menu. This technique can be used on the web server itself, or on any Internet connected machine. To schedule a task and automate it, you must first find the corresponding WSH file for the task you wish to automate, then edit that WSH file using a plain text editor, such as NotePad. In each of these files is a configuration section with three important settings. The first is your site's URL to the installation of XUD (the gsURL setting). This setting needs to be configured to your site's URL and membership path (i.e. http://www.your-site-url.com/membership/). If your site has an SSL certificate installed, and you are scheduling remotely, you may specify HTTPS in the URL to keep all traffic SSL encrypted for the maintenance function. The next two settings are the administrator login and password to your site. These are the gsAdminName, and the gsAdminPassword settings. Set these to the corresponding administrator login and password for your site's administrative interface. Once you save these changes to the file, you can now schedule the task to be run. Copy the WSH files to the machine that will be scheduling the tasks. This can be the actual web server, but it can be any Internet connected machine. This is possible since these scripts simulate you, as the administrator, logging into your site and running the respective task through the administrative interface. The tasks can actually be scheduled on a remote machine if your ISP does not provide you with any options for scheduling tasks. To add a task, open the Scheduled Tasks applet on the machine you want to use. This is under the Start Menu -> Settings -> Control Panel -> Scheduled Tasks menu. Click on Add Scheduled Task and then Next to begin. The Scheduled Tasks Wizard should now prompt you for the item you want to run. Click the Browse button and locate the WSH file on the machine/server. Once you select the WSH file you want to schedule, you will be asked for a descriptive name and how frequently you want to run the task. You can give it any descriptive name you wish. If this is on your own dedicated machine or server, we recommend leaving it as the default name provided. If you are hosting multiple sites, you might want to prefix the Scheduled Task name with the website name. Next, you can select how often you want to schedule the task. Typically you can choose from Daily, Weekly, or Monthly occurrences.

132


XUD v3.x Administrator's Guide

Note: You do not want to run maintenance functions more often than is necessary. For example, most sites do not need to schedule subscription renewals to occur any more often than once per day at most. When you have completed selecting the recurrence of your Scheduled Tasks, click Next and you will now be allowed to chose the exact time of day you want to schedule the task to run, and how often you wish to repeat it. We suggest trying to pick off-peak times for most maintenance functions. Once you click the Next button, you will be prompted for the account you want to run the script under. If this were on your own machine, typically you would use your administrator login. If the script were scheduled on an ISP's server, this would typically be your login that you use to access the server. Otherwise, your ISP may actually setup a special account for task scheduling. When finished typing in the account to use, click the Next button. You should now see the summary information about the task you just scheduled and provided with a check box to view the Advanced Properties of the task. Check the Advanced Properties box and click Finish. You will now see the property window for the scheduled task with several tabs at the top for modifying any properties of the task. By default, it will probably be set to stop the task if it runs for more than 72 hours. We suggest changing this to two (2) hours and then click OK to save the changes. For additional tasks, repeat the above instructions for each task that you wish to schedule. Below, you will find a list of the files in the WSH folder that can be scheduled using the above method along with descriptions of what processes they perform. Table 16-1 WSH Files and Descriptions

Filename XUDProcessRenewals.vbs

Description This file automates the task of renewing subscriptions on the site. For more information about subscription renewals, refer to the section Process Subscription Renewals in this document.

133


Turn static files into dynamic content formats.

Create a flipbook
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.