File: readme.txt
Script Name: vSignup 1.0
Author: Vincent Ryan Ong
Email: support@beanbug.net

Description:
vSignup is a member registration script which utilizes vAuthenticate
for its security handling. This handy script features email verification,
sending confirmation email message, restricting email domains that are 
allowed for membership, and much more.

This script is a freeware but if you want to give donations,
please send your checks (coz cash will probably be stolen in the
post office) them to:

Vincent Ryan Ong
Rm. 440 Wellington Bldg.
655 Condesa St. Binondo, Manila
Philippines, 1006


==============================
 vAuthenticate 1.1 README FILE
==============================

Contents:
  * Introduction
  * Package content
  * Requirements
  * Installation
  * Administration
  * Usage

~~~~~~~~~~~~~~~~~~~~~~~

* INTRODUCTION

  vSignup is an offshoot of what vAuthenticate can do. It provides a 
  member-signup form which integrates well with vAuthenticate to 
  create a powerful signup-and-authentication system for your site.

    FEATURES:
    1. Speed
	= vSignup uses the dynamic-duo of PHP and MySQL which enables
	  blazing fast transactions where only your server speed dictates 
	  the limit.
    
    2. Compactness
	= vSignup is very small thus takes up little space allowing 
	  you more room to enhance your site's other features.

	3. Email Verification
	= vSignup provides a standard email verification function to
		ensure that the email address specified in the field is 
		valid in terms of format.
	
	4. Email Confirmation Message
	= vSignup sends out a confirmation email to the visitor who
		signed up to make sure that the email address he/she
		specified is really his/hers.
	
	5. Restriction on Email Domains
	= vSignup allows you to restrict the people who signs up for
		membership by validating that their email address is in
		your list of allowable domains.


* PACKAGE CONTENT
  * denotes vAutenticate files

  readme.txt - this file
  signup.php - signup form
  process.php - error checking and record insertion page
  confirm.php - member confirmation page
  signupconfig.php - vSignup configuration file
  signup-createdb.sql - table creation for vSignup table
  members/test.php - test page to check for authentication against direct access method
  
  auth.php - authentication class *
  authconfig.php - file and database configuration file *
  createdb.sql - database creation file *
  failed.php - page to display when login is incorrect *
  login.php - login interface *
  check.php - file to include on top part of pages to secure. *
  vAuthenticate.php - result file that is opened after loging in. this file calls
		either the success or failed page upon login. *
  AuthClass.txt - Detailed class description for auth.php*
  members/index.php - page to display when login is successful*
  admin/authgroup.php - group administration file *
  admin/authuser.php - user administration file *
  admin/index.php - administration home page *


* REQUIREMENTS

  OS: Linux, Windows NT/2000/XP Server Family, Unix
  WEB SERVER: Apache (latest release)
  SCRIPTING: PHP 4 (latest stable release)
  DB: MySQL (latest stable release)
  DB MANAGEMENT: phpMyAdmin or any similar types of db manager
  BROWSER: Cookie-Enabled


* INSTALLATION

  1. Open your DB Manager and execute createdb.sql. You are not required to 
	include createdb.sql in your online folder since it is only needed
	once, during database creation.
	
  2. Open your DB Manager and execute signup-createdb.sql. You are not 
  	required to include createdb.sql in your online folder since it is 
	only needed	once, during database creation.

  3. Edit authconfig.php and set the values to reflect your host's
    configuration. 

  4. Edit signupconfig.php and set the values to reflect your host's
    configuration. 

  5. Edit auth.php and edit the lines with var such that it reflects 
	that of your web host. Note that this is the same with the 
	DB Settings in authconfig.php

  6. If you are going to change the look of login.php, take note of the ff:  	
	a. The file where your login page (the one with the username and 
	   password text box) should contain the include statement similar
	   to the ones found in login.php.
	b. The form action should also be the same with that of login.php
	   (which is vAuthenticate.php) because this calls the results page 
	   which in turn calls and makes use of the auth.php class
	c. The username text box MUST have name="username" and the password
	   textbox should have name="password". Take note of the case. All
	   names are in small caps. vAuthenticate will NOT work if you set 
	   the name of the username and password fields to any other name.

  7. If you are going to change the look of signup.php, take note of the ff:  	
	a. The file where your signup page (the one with the username and 
	   password text box) should contain the include statement similar
	   to the ones found in signup.php.
	b. The form action should also be the same with that of signup.php
	   (which is vAuthenticate.php) because this calls the results page 
	   which in turn calls and makes use of the auth.php class
	c. ALL the required fields must exist in the new design you have for 
		signup.php including the names of the textboxes. You will encounter
		problems if this is not met.
	
  8. It is worthwhile to note that since we use server side includes in 
	the results page (default: vAuthenticate.php), the success and
	failed pages might have to be edited to conform to the page call
	since it would be executing on the same directory with vAuthenticate.

  9. All files under the admin folder must remain that way. The admin folder
	itself MUST reside inside the folder where vAuthenticate is located. 
	Although you can change this in authconfig.php, it is not recommended
	to change the line unless you know a great deal about server side
	includes and pathname resolution.

  10. OPTIONAL: Edit check.php so that you can customize the look of the error
	message to display when an illegal access using direct method is used
	on files. Be sure to change only the HTML part of the file unless you know
	what you are doing.

  11. Upload in ASCII all files (see Package Content for details) in any 
	directory.


* ADMINISTRATION

  After installation, 3 new tables named "authuser", "authgroup", and
  "signup" should have been created including the built-in users and groups.
  Follow the instructions below to administer vAuthenticate (which also means
  administering vSignup).

    LOGGING IN AS ADMINISTRATOR:
    1. Go the the login page of the website.

    2. Login as "sa" and enter the password. (Upon installation, the 
	password of user "sa" is a blank (not "blank").

    ADDING USERS
    1. After loggin in, click on Users in the top menu of the admin
	home page.
    2. Enter the details. Take note of messages which would be given
	by the system regarding your entry.
    3. If you have already entered a user or modified one but still
	want to enter another, click on the "Add New" button.

    MODIFYING USERS
    1. Click on the desired username on the user list found at the 
	right side of the user administration area
    2. Modify the information 
    3. Press Modify button to save changes

    DELETING USERS
    1. Click on the desired username on the user list found at the 
	right side of the user administration area
    2. Press Delete button to remove user
	 
    ADDING A NEW TEAM
    1. Either:
	a. Click on the link named Add beside the team drop-down list
	   in the user administration area
	
	OR

	b. In the admin home interface, click on the link Groups.
    2. Enter the info needed. 

    MODIFYING A TEAM
    1. Click on the desired team name on the team list found at the 
	right side of the team administration area
    2. Modify the information 
    3. Press Modify button to save changes
    4. Making a team inactive automatically makes ALL users in the 
	team to be inactivated

    DELETE A TEAM
    1. Click on the desired team name on the team list found at the 
	right side of the team administration area
    2. Press Delete button remove the group.
    3. Deleting a team automatically makes all members of the team 
	a member of Ungrouped.


* USAGE

  ALL records in the authuser table contains the following info:
	1. id (use $detail["id"] to get the unique id) - this is used for sorting
	   purposes only and can be used as an alternative primary key
	2. username (use $detail["uname"] to get the username) - this is the 
	   username of the member
	3. password (use $detail["passwd"] to get the passwd) - this is the 
	   password of the member
	4. team (use $detail["team"] to get the taem name) - this is the 
	   teamname of the member
	5. level (use $detail["level"] to get the level) - this is the 
	   level of the member
	6. status (use $detail["status"] to get the status) - this is the 
	   status of the member which can either be active or inactive
	7. lastlogin (use $detail["lastlogin"] to get the last login date and time) - 
	  this is a timestamp on the last lagin date and time of a member.
	8. logincount (use $detail["logincount"] to get count) - this is a 
	  counter which increments everytime a member/admin logs in.

  To secure pages, you would need to add the following lines on top of the pages
	you want to secure:
	
	<?
		include ("path/to/auth.php");
		include ("path/to/authconfig.php");
		include ("path/to/check.php");	
	?>

	where path/to/ refers to the path of the files relative to the current
	directory of the file being secured. For an example, please see 
	page2.php. If you haven' logged in yet or have logged in using a
	wrong username and password, you will get an Illegal Access 
	error on page2.php. However, if you have logged in successfully
	and without closing the browser, you tried accessing page2.php, 
	you'll notice that you can see the message (2 to 3 lines) in the file.

  One thing to note: Usernames of level 1 cannot browse secured pages. To be
   	be able to do this, it is recommended to create a new group called Browsers
	with new usernames that the admin users can use for browsing secured pages.
	vAuthenticate was made such that admin usernames are made specifically for
	security administration.

  TO TEST AUTHENTICATION:
	Access members/test.php directly and notice that if you have not logged in or if
	you did not login successfully, you will see an error. BUT if you have logged 
	in successfully, you can access this file using direct access method.

	
  IMPORTANT:
  	vSignup USES A SLIGHTLY MODIFIED VERSION OF vAuthenticate. IF YOU WANT TO USE
	vSignup IN YOUR SITE BUT YOU ALREADY HAVE vAuthenticate INSTALLED, YOU WOULD
	HAVE TO REMOVE THE CURRENT INSTALL OF vAuthenticate before installing 
	vSignup. AFTER YOU INSTALL vSignup, YOU CAN THEN USE THE vAuthenticate THAT
	COMES WITH IT.

***********************
THAT's IT!
email support@beanbug.net for support.
***********************
