You are using an unsupported browser. Please update your browser to the latest version on or before July 31, 2020.
We have a new home for our Segpay Knowledge Base articles! Check out:
announcement close button
Home > Integrate with Segpay > Password Management Setup
Password Management Setup
print icon

1      Introduction

If your business model is to buy access to one site and receive access to one site – or buy access to one site and receive access to multiple sites, but only use a single password file, then you should use the Single SegPay password management script below.


If your business model doesn’t fit the description above, or you are not sure which script best works with your business model, please contact SegPay tech support at: [email protected].


2      Installing the script on your server

If you don’t already have the sppwmgr.php and htpasswd.php scripts, please contact either your account manager or email [email protected]. Please follow the directions below to install this script on your server. Contact tech support if you have any questions.


1. Open the sppwmgr.php script in notepad or any editor of your choice.


2. Locate the line that looks like this:


#### Toccata Key

$tocatta_key = 'abcdefg';   


Modify this line so that it reflects the key that will be used to access the commands of the script. This is a key created by you.



#### Toccata Key

$tocatta_key = 'myWeb$ite-345798237';


3. Locate and modify the line that looks like this:


#### Full path to your .htpasswd file (*Needs to be writable)

$full_path_to_htpasswd = '/var/www/html/testweb1/members/.htpasswd';


This path should be the location of your password file. This file should be an .htpasswd file. Encryption method should be Unixcrypt.


4. Save your file to your desktop.


5. Upload your completed sppwmgr.php, sppwmgr.log and the htpasswd.php file to your cgi-bin or a place where it can be executed over the web.


6. Change the permissions on the file to reflect 755.  Ownership should be according to the webservers permissions.


7. Open a browser and type in the address bar the following commands to test:


Description – add - adds the username and password specified to the .htpasswd file.


Description – delete - removes the username specified from the .htpasswd file, displays an error if the username is not present in the htpasswd file


Description – query - returns either "exists" if found or "does_not_exist" 


Description – list - lists the contents of the htpasswd file


Description – log - displays the log file (stored in .logfile) the number of lines displayed is controlled by a variable that is defined at the top of the script ($number_of_log_records_to_display)



1. Login to




3. Click ADD POSTBACK. Create a new postback profile. You can use whatever description you would like.


4. Enter the following:

          INQUIRY URL:<extra username>

          INQUIRY Expected Response:  does_not_exist

          ENABLE URL:<extra username>&password=<extra password>

          Enable Expected Response: added

          DISABLE URL:<extra username>
          Disable Expected Response: deleted


NOTE: No need to enter http:// before any URL in the URL field. Our system will append this at the execution of the postback.


5. Click Save to submit all the information.




7. Edit the PACKAGE that you want to associate with a postback profile.


8. Go to the Postback dropdown menu and choose the Postback profile name that you want to associate with this PACKAGE.


9. Click Save.


10. Run a test transaction to verify all is working correctly.



If you get the following errors:


1. "Internal Server Error":

          A. Check your server logs for the error message.

          B. Check the permissions on the script so that they are set to 755.

          C. Check that the script has the proper permissions to be executed.


2. "Bad Key":

          A. Add to the end of the URL in your browsers address bar "&key=yourkey".

          B. Make sure that the key that you are using is the same as listed in the script.


3. "Unable to open password file /.htpasswd for reading/locking (No such file or directory)"

          A. Check the path in the script to the password file.

          B. This can be a relative or absolute path to the password file.


4. "Unable to open password file /etc/.htpasswd for reading/locking (Permission denied)"

          A. Check the permissions on the password file.  It should be set to at least 744.


If you are still having problems when installing this script, please email [email protected].  

213 out of 342 found this helpful


scroll to top icon