• PHP Subscription Membership Script - Post Installation

  • PHP-SecureArea

    At this point you should have a working system in that you are able to log into the administration pages with the default admin username / password and are able to click through the various displays.

    This section describes how you test the subscription management system, creating subscribers, and show that the application works correctly with PayPal. This section does not go into the details of each administration display.

  • PHP-SecureArea

    Create a protected area

    The folders that you are going to protect can be given any name and placed anywhere within your web site. They may be called 'premiumcontent', 'securearea' and so on. There are the areas that your subscribers are going to subscribe to

    In the root of each of these folders, place a copy of the master .htaccess file. This file is located in the example folder called 'protected'.

    This is in fact just an empty file as all the settings are saved to the file by the application. Change the permissions on this .htaccess file to 666. On a Godaddy hosting installation, apparantly permissions of 606 should be used rather than 666.

    Now create a folder to store the .htpasswd files (you can call the folder anything you like but it is usual to call it 'htpasswd') and change the permissions on this folder to 777. You do not have to do anything else to this folder as the application will automatically create the .htpasswd files when it needs to.

    (Additional information : The application creates the htpasswd files automatically and they will be identified as htpasswd_x where x is a number matching the record id of the secure area. The htpasswd file will not exist until the first user is created).

    This folder is normally located outside the root of the web site. If this is not possible, make sure that the supplied htaccess file is also placed in this folder to protect it. It should look something like this:

    IndexIgnore *
    AuthGroupFile /dev/null
    AuthName Downloads
    AuthType Basic
    <Limit GET POST PUT>
    deny from all
    </Limit>

    Everything should now be set up for you to go to log on to the admin pages.

    Don't worry if you have not set up the file permissions correctly, because the application will check all these during later stages, and will display any error messages if problems are encountered.

    Login in to the admin displays which can be found at http://wwww.yourservername.com/phpsecurearea/admin/
    Default user name / password is:
    User name: admin@somewhere.com
    Password: admin

  • PHP-SecureArea

    General settings

    Once in the Admin section do the following :

    In the left hand menu, click on the 'Site Setup' page and enter :

    • your PayPal email address (assuming that you intend to use the application with Paypal, otherwise any valid email address)

    • your admin email address - this will be used as the 'from' address for emails and should have the same domain name that the site is installed on otherwise customers may not receive their emails.

    • the full url of the folder where you installed the application

    • the full folder path where the .htpasswd files are to be located

      This must be the full reference for this folder in the form /server/site1/public_html/passwords/

      For information on working out the folder path name refer to:
      https://www.withinweb/phpsecurearea/faq.php#digitalfiles

      You may have to create a new folder to hold the .htpasswd files. You can call it anything you like although it is normally called "htpasswd" or "passwords". The distribution .zip file does contain an htpasswd folder which you can use.

      Note that the folder must have permission of 777

      (Additional information : The application creates the htpasswd files automatically and they will be identified as htpasswd_x where x is a number matching the record id of the secure area. The htpasswd file will not exist until the first user is created).

    Note that you do not have to make any changes to you PayPal account to identify the PayPal IPN or anything like that.

  • PHP-SecureArea

    Setting up secure areas or subscription areas

    Now you are able to set up a secure area. Refer to the Secure Area page for instructions.

  • PHP-SecureArea

    Perform a manual subscription

    Once all the secure areas are set up you can do a manual subscription.

    Click on 'Manage Users' and then click on 'Create' button. This will allow you to create a user manually. Enter in a valid email address and choose a product from the drop down list. Tick the box to send the email to the customer.

    You may want to look at your web server folders to check that the htpasswd file and htaccess files have been created and modified as expected. In the folder where the htpasswd files are located you should see a file htpasswd_x where x is a number. In the folder that you are protecting you should see the htaccess file has been modified.

    When you click on 'Create new user' button, a user will be manually created for this secure area. If you now go to the email account you should see the email which will give the username / password. You should also see the new user in the list of users.

    If you are able to login to the secure area, this indicates that the emails and other parts of the application are working correctly.

    Note that it does not use the PayPal system and hence does not show that the PayPal side is working - you can only really test that with live purchases.

  • PHP-SecureArea

    Adding the Cron Job

    A Cron job is a scheduled task which is run at a defined interval for a particular task.

    The Cron job in PHP-SecureArea is a php script which control the created users. It is located in the folder /cron/.

    It looks for the users created manually or created automatically through the PayPal system and checks the subscription that they are subscribed to. If the subscription is not the type that recurs forever, it will check the "end of subscription date". If the date has expired, the Cron job will do the required processing to remove that user from the secure area.

    The purpose of the Cron job is really to control the manually created users. That is, users that are not controlled by the PayPal IPN system. However, it will also control the PayPal controlled users as well if for some reason the PayPal IPN did not come through to your site.

    You will have to set up the Cron job using your hosting web site control panel. To set up the cron job, set the time as to run at midnight and enter the full path (not the url) of the script in the form

    php -q /server/public_html/securearea/cron/cron.php

    or with advanced (lunix) style :

    0 0 * * * php -q /server/public_html/securearea/cron/cron.php

    This page has some good information about cron jobs

    http://www.adminschoice.com/docs/crontab.htm

    NOTE : Un-comment the last line of the cron.php file and modify the email to / from address so that the cron job sends an email each time it is run.