ezUserManager v2.0.1 (12. march 2007)

ezUserManager homepage: http://www.ezUserManager.com/

CONTENTS:

1. System requirements
2. Copyright/license
3. Language support
4. Installation
  a) New installation
  b) Upgrade installation
5. How to protect files/folders
  a) .htaccess
  b) Web-login
6. Security
7. Thanks to
8. Revision history

1. SYSTEM REQUIREMENTS

PHP4/PHP5
MySQL
Access to give writting permission on files.

2. COPYRIGHT/LICENSE

Copyright 2004-2007 Sven-Ove Bjerkan. All rights reserved.
You are free to use this script for free i non-commercial use as long as you keep the "Powered By ezUserManager"-messages visible.

Use of this script by companies or on commercial web site requires a PRO
license. For PRO license details and costs, please visit: http://www.ezUserManager.com/download.php

This script may be edited/changed as long as you don't remove/modify any copyright-statements and "Powered By ezUserManager" messages.
By using this script you agree to take full responsibility for it. Sven-Ove Bjerkan will take no responibility for any damage caused.

Reselling or distributing this code without prior written consent is expressly forbidden.

3. LANGUAGE SUPPORT

Look in language-support.txt.
If you're upgrading from a lower version, please run /admin/language_install.php to make sure all languages are installed.

4. INSTALLATION

a) New installation: (or upgrading Basic/Free version)
1. CHMOD the following files to 777 so that the script has writing-permission for it:
   a) Your .htpasswd-file
   b) config/form.config.php
   c) config/mysql.config.php
   d) config/general.config.php
   e) config/lang.config.php
   f) config/terms.txt
(click here for a detailed description)
2. Create the table using ezUserManager.sql (remember to set table-name in it if you don't want to use "ezusermanager")
(click here for a detailed description)
3. Add any extra field(s) you want in the table (remember the field-names, you'll need them later).
(click here for a detailed description)
4. Run admin/config.php in your browser and enter default password ("letmein").
5. Follow the configuration-wizard.

Then you are ready to go! :)

b) Upgrade from earlier version of ezUserManager: (ONLY PRO-VERSION!)
It is advised to take a backup of all files first, just to be on the safe-side and DON'T overwrite the files in the config-folder.
1. Extract the files and overwrite all files EXCEPT those in the /config-folder
2. CHMOD the following files to 777 so that the script has writing-permission for it:
   a) Your .htpasswd-file
   b) config/form.config.php
   c) config/mysql.config.php
   d) config/general.config.php
   e) config/lang.config.php
   f) config/terms.txt
(click here for a detailed description)
3. Run admin/config.php in your browser and enter your password.
4. Follow the configuration-wizard.
5. Click "update .htpasswd-file" at the bottom of the admin-overview

Then you are ready to go! :)

If you want to change the style/apperance of ezUserManager you may edit the "stylesheet.css"-file in the ezUserManager-folder.
Also, you may edit header.inc.php and footer.inc.php to modify the HTML at top and bottom of your script.

5. HOW TO PROTECT FILES/FOLDERS

You may do this in 2 ways: .htaccess or Web-login.

.htaccess:
Limitation: Your server must support the use of .htaccess
Note: You may not be able to use this if you're using MS Frontpage to upload/update your website, use at own risk.

a) Folders:
See if there is a file called .htaccess in the directory you want to protect. If it is append the following to it, if not create a new one containing the following: 
AuthUserFile /complete/path/to/ezusermanager/.htpasswd
AuthGroupFile /dev/null
AuthName "ezUserManager"
AuthType Basic

require valid-user

<Files .htaccess>
    order allow,deny
    deny from all
</Files>
Remember to replace the "/complete/path/to/ezusermanager/" with the correct path. Your host have this info.

b) Single files:
See if there is a file called .htaccess in the directory where the file you want to protect is located. If it is append the following to it, if not create a new one containing the following: 
<Files .htaccess>
    order allow,deny
    deny from all
</Files>

<Files filename.htm>
  AuthUserFile /complete/path/to/ezusermanager/.htpasswd
  AuthGroupFile /dev/null
  AuthName "ezUserManager"
  AuthType Basic

  require valid-user
</Files>
Remember to replace the "/complete/path/to/ezusermanager/" with the correct path. Your host have this info. Also replace the "filename.htm" with the filename you want to protect.

Web-login:
Limitation: ONLY to protect PHP-files!

Place the PHP-files you want to protect in the /members-folder and add this at the top of all of them:
session_start(); // MUST BE PLACED AT THE VERY TOP!
define("IN_ezUserManager"true);

// Relative or full path to the ezUserManager-folder (remember ending "/")
$ezUserManager_Path "../";
require_once($ezUserManager_Path "ezusermanager_core.inc.php";

// CHECK LOGIN
require_once ($ezUserManager_Path "check_login.php");

session_checker();

6. Security

As with all human-made software, security-issues may arise.
So far, there have only been found one such issue since the initial release of ezUserManager, and a fixed version was then published within 24 hours.
To improve security even more, the script now automatically check for new versions on a regular basis, informing the admin if a newer version has been released.
Also an external programmer, Alexander Wilhelm (www.x128.net), made a thorough security check of v1.8.0 without finding any securityholes.
All this combined makes ezUserManager rather secure, but as with all software we can give no guarantee that the script is "bug-free".

7. Thanks to

I want to thank the following people for adding new translations to ezUserManager:
Lic. Claudio E. Segretin
Sidney G. Cury (Khoury)
Siegfried-Angel Gevatter (Rainbow2)
Nina Ingris
Jens Henrik
Achim Below
Roger Koukerjinian
Dian F. N.
Paolo M. Scarpa
Henk
Roel Collignon
Stefan D Forsberg
Pawel Bragoszewski

I would also like to thank all the BETA-testers for taking their time to test and report bugs to me before public release!

Thank you all!

8. REVISION HISTORY (See changelog.txt for details)

2.0.1 - 12th March, 2007
2.0.0beta - 1th February, 2007
1.8.1beta - 15th August, 2006
1.8.0 - 27th June, 2006
1.7b - 17th May, 2006
1.7 - 17th May, 2006
1.6 - 24th February, 2006
1.5b - 28th November, 2005
1.5 - 22th November, 2005
1.4c - 8th September, 2005
1.4b - 7th July, 2005
1.4 - 30th May, 2005
1.3 - 21th March, 2005
1.2 - 10th January, 2005
1.1 - 1th January, 2005
1.0 - 14th December, 2004