Password Management Setup

1      Introduction

If your business model is to buy access to one site and receive access to one site – or buy access to one site and receive access to multiple sites, but only use a single password file, then you should use the Single SegPay password management script below.

If your business model doesn’t fit the description above, or you are not sure which script best works with your business model, please contact SegPay tech support at: TechSupport@SegPay.com.

2      Installing the script on your server

If you don’t already have the sppwmgr.php and htpasswd.php scripts, please contact either your account manager or email TechSupport@SegPay.com. Please follow the directions below to install this script on your server. Contact tech support if you have any questions.

1. Open the sppwmgr.php script in notepad or any editor of your choice.

2. Locate the line that looks like this:

#### Toccata Key

$tocatta_key = 'abcdefg';   

Modify this line so that it reflects the key that will be used to access the commands of the script. This is a key created by you.

Example:

#### Toccata Key

$tocatta_key = 'myWeb$ite-345798237';

3. Locate and modify the line that looks like this:

#### Full path to your .htpasswd file (*Needs to be writable)

$full_path_to_htpasswd = '/var/www/html/testweb1/members/.htpasswd';

This path should be the location of your password file. This file should be an .htpasswd file. Encryption method should be Unixcrypt.

4. Save your file to your desktop.

5. Upload your completed sppwmgr.php, sppwmgr.log and the htpasswd.php file to your cgi-bin or a place where it can be executed over the web.

6. Change the permissions on the file to reflect 755.  Ownership should be according to the webservers permissions.

7. Open a browser and type in the address bar the following commands to test:

Description – add - adds the username and password specified to the .htpasswd file.


 

Description – delete - removes the username specified from the .htpasswd file, displays an error if the username is not present in the htpasswd file


 

Description – query - returns either "exists" if found or "does_not_exist" 


 

Description – list - lists the contents of the htpasswd file


 

Description – log - displays the log file (stored in .logfile) the number of lines displayed is controlled by a variable that is defined at the top of the script ($number_of_log_records_to_display)


 

3      CONFIGURING A POSTBACK NOTIFICATION PROFILE IN THE SEGPAY MERCHANT PORTAL

1. Login to https://mp.segpay.com.

2. Go to MY WEBSITES->MANAGE POSTBACKS.

3. Click ADD POSTBACK. Create a new postback profile. You can use whatever description you would like.

4. Enter the following:

          INQUIRY URL: www.yoursite.com/cgi-bin/sppwmgr.php?key=yourkey&action=query&username=<extra username>

          INQUIRY Expected Response:  does_not_exist

          ENABLE URL: www.yoursite.com/cgi-bin/sppwmgr.php?key=yourkey&action=add&username=<extra username>&password=<extra password>

          Enable Expected Response: added

          DISABLE URL: www.yoursite.com/cgi-bin/sppwmgr.php?key=yourkey&action=delete&username=<extra username>
          Disable Expected Response: deleted

NOTE: No need to enter http:// before any URL in the URL field. Our system will append this at the execution of the postback.

5. Click Save to submit all the information.

6. Go to MY WEBSITES -> MANAGE PACKAGES.

7. Edit the PACKAGE that you want to associate with a postback profile.

8. Go to the Postback dropdown menu and choose the Postback profile name that you want to associate with this PACKAGE.

9. Click Save.

10. Run a test transaction to verify all is working correctly.

4      TROUBLESHOOTING

If you get the following errors:

1. "Internal Server Error":

          A. Check your server logs for the error message.

          B. Check the permissions on the script so that they are set to 755.

          C. Check that the script has the proper permissions to be executed.

         

2. "Bad Key":

          A. Add to the end of the URL in your browsers address bar "&key=yourkey".

          B. Make sure that the key that you are using is the same as listed in the script.

3. "Unable to open password file /.htpasswd for reading/locking (No such file or directory)"

          A. Check the path in the script to the password file.

          B. This can be a relative or absolute path to the password file.

4. "Unable to open password file /etc/.htpasswd for reading/locking (Permission denied)"

          A. Check the permissions on the password file.  It should be set to at least 744.

If you are still having problems when installing this script, please email techsupport@segpay.com.  

  • 1
  • 15-Feb-2019
  • 25318 Views