Table of Contents

Configuration Options

Access Levels

This features is accessed in the Admin » General Settings » Access Levels section.

A typical access levels page is shown in the figure below:

On the first column (Level Code) - marked with "1" in the figure - we have the levels used in the application. Every page of the site is using one of these levels. For example, on the page where the profile of a member is displayed, the 'profile_view' level is used. The application compares the membership of the visitor looking at this page with the rights we assign to the 'profile_view' level. If the membership of the visitor is one of the checked ones on the 'profile_view' line then the visitor is allowed to view the profile of the member, otherwise they are either asked to login or upgrade their membership. You can think of levels as actions members can do on the site (view a profile, send a message, read a message, etc).

In the figure above, non members (simple visitors) and paid members are allowed to view profiles but not free members.
Obviously, it doesn't make much sense to allow non-members to see a profile but not a member (free). This is just an example.

In the header of the table (marked with "2" in the figure) we have the list of all available memberships. A membership could be best explained as a set of actions members are allowed to do. "Free Members" membership allows some actions, "Paid Members" membership allows some other actions and so on. It is your duty to set the actions for every membership to persuade visitors to join your site and members to upgrade their memberships. A member can upgrade from "Free Members" membership to any other custom membership with subscriptions or auto-subscriptions. It is also possible for members to move from one subscription to another. See the subscriptions documentation for more details.

The "Non Members" and "Free Members" memberships are hardcoded in the application and cannot be removed. All other memberships, including the one called "Paid Members" in the figure, can be removed by clicking the X icon next to their name in the header of the table (marked with "4" in the figure). You can also add more memberships by clicking the right pointing arrow in the header (marked with "3" in the figure) and providing a name for the new membership.

For example, you could remove the "Paid Members" membership and add "Silver Members" and "Gold Members" memberships. It is up to you what actions you assign to the 2 new memberships.
If you want to have a totally free site you could remove the "Paid Members" membership, select all checkboxes on the "Free Members" column, all or some on the "Non Members" column and click save.

It's recommended that you don't allow non-members (visitors) to write comments which allows them to post comments on member's profiles, photos, and blogs. This just opens your site up for potential spam, especially by bots who have the ability to get past Captchas. Therefore to only allow members to post comments make sure that "write comments" is unchecked under the non-members column:



It's important to understand the function of the "message_write" in the access levels. For example if you disable (uncheck) this function for free members, this will prevent them from being able to write and send "new" messages to members, however they will still be able to reply to messages unless you also uncheck "message_reply" as well. The "message_write" and the "message_reply" are totally separate functions.

It would be best to allow free members to read messages as it's a good teaser as they won't be able to reply to the messages or send the member a new message if you have unchecked both of these functions in the access levels.

NOTE - where it says "Add new (for advanced users only)", adding new access levels is primarily for developers who create a new feature and code it so it can be included in access levels. The present default access levels are mostly for restricting access to the page where a particular feature exists, not the actual function itself or restricting access to only just certain sections of a page.


Rate Limiter

The rate limiter feature is a powerful tool to fight against spammers and hackers but also to customize the memberships to a finer detail than the access levels can offer. This feature allows you to impose a limit of how many times a member can do a certain action in a predefined amount of time. By certain action we actually mean "level code" as defined in the access levels page. For example, when a member looks at another member's profile he/she does a 'profile_view' action. When the member sends a message to another member, he/she does a 'message_send' action. The maximum amount of time that can be used by the rate limiter is 31 days (one month).

To prevent hackers to bruteforce your site's passwords you could limit the login action to say 3 per minute. If someone has tried to login more than 3 times in the last minute, it is likely that his intentions are not good. Of course, if you feel 3/min is too low you could increase the limit to whatever value you want.

Example Setup to Prevent Brutforce Attacks

Go to the Etano Admin » General Settings » Rate Limiter.

Then click the "Add new" link:

Then set it up as follows:


Text for the Error Message: Sorry, you have exceeded the number of login attempts permitted within a 10 minute span. Please try again later.

Since you can specify what to in case a limit is reached, you could also impose multiple limits on the same action:

  1. if a member has tried to login more than 3 times in the last minute tell him that he has to wait a minute until he can try again AND
  2. if a member has tried to login more than 10 times in the last minute prevent him from accessing the site anymore (ban) - he's a hacker for sure.
You can also prevent spammers from sending spam messages: limit the number of messages a member can send in a minute or in a 5 minutes interval. Obviously, no one can write 5 messages per minute…
You can see the banned members in the "Content Management → Banned Members" section of your admin panel. There you can also remove a ban, allowing a member to access the site again if needed.


As stated above, the rate limiter could also be used to customize a membership to a finer detail than the access levels can do. An access level will only allow full access or no access at all to an action. For example you can either send a message or you can't. The rate limiter can make it so you can send only 5 messages per month if you are a free member. Or you can see 10 member profiles then you are asked to upgrade your membership if you are a free member and try to look at another profile again.

Note that some access levels are used twice for an action. For example, the "message_write" level is used once to display the page where the member can write the message and then it is used again when the actual sending takes place (when he/she clicks on the send button).

The action to be taken when a limit is reached is defined when you add or edit a limit (the "punishment" field):

  1. Sorry page - this will display a page with an error message. No other action is taken. The action the member was trying to do will not happen.
  2. Membership upgrade options - this will display a page with membership upgrade options and possible subscriptions. The action the member was trying to do will not happen.
  3. Ban user - an error message is displayed to the member. The username the member was using is added to the ban list. Member will not be able to access the site with the same username as long as the ban is in effect.
  4. Ban IP - an error message is displayed to the member. The IP address the member was using is added to the ban list. Member will not be able to access the site with the same IP address as long as the ban is in effect.
Note that in case of the "Ban user" punishment the member will still be able to access the site if he/she logs in with another username and in case of the "Ban IP" punishment the member will still be able to access the site from another IP address. Also, if there are more users coming from the same IP address, a ban on IP will prevent ALL members using that IP address from accessing the site.



Features and Options

This is one of the most important pages of your Etano admin interface. You can set here all parameters needed for your site to function correctly. This is also the first page you need to pay attention to once you have installed a new site. Every installed module might have some parameters which you can set from here. The default installed modules with their options are explained below:

Basic Features

The basic feature options control general options used by the whole site. Most of the options are pretty much self explanatory but some of them need special attention:

Default User Preferences

The options here are used as the defaults for all members. Even the admin panel uses some of these options (date/time related). Members can customize these options for themselves (per member).

The auto detect feature of the timezone select option is not working in admin panel but it works for members.

Advanced Features

Blogs

Blog-related options.

Photo Album

For each photo a member uploads, 3 versions are created:

  1. the smallest one is used in result lists, blog posts next to the member's name, on the profile page, etc. This will have the size defined by The width in pixels of the smallest thumbnail generated for each user photo option.
  2. a slightly larger one to be displayed in the "photo view" page or in all other pages with one photo per page. This will have the size defined by The width in pixels of the larger thumbnail generated for each user photo option.
  3. the largest photo which is meant to be shown when someone clicks on the larger photo to view a bigger version. This will have the size defined by The maximum width in pixels of any picture uploaded by a member option.

Important: You should decide if you want borders early on because if you change the setting later on it will only effect new photos being uploaded, the border will remain on photos that were uploaded prior to the setting being changed. The border is added during the upload process and is part of the actual image, therefore there's nothing you can do to remove or add the border to existing photos.

Payment: Paypal

In order to use Paypal to receive payments on your site you need to set up your Paypal account to send payment notifications to your site (and, obviously, a business or premier account on Paypal). You need to make 2 modifications to your Paypal account:

  1. first login into your paypal account at http://www.paypal.com
  2. activate IPN notifications:
    • Go to the "Profile" subtab.
    • Click on the "Instant Payment Notification Preferences" link in the "Selling Preferences" column.
    • Click Edit.
    • Check the box and enter the URL at which you would like to receive your IPN Notifications. It is not too important what you enter here, what is important is to have the box checked but since you cannot leave this field empty you could enter http://www.yoursite.com/processors/ipn.php?p=paypal . If this field was already filled with another value (and the box checked) you can leave the field unchanged.
    • Click Save.
  3. activate Payment Data Transfer:
    • Click the Profile subtab.
    • Click "Website Payment Preferences" in the "Seller Preferences" column.
    • Under Auto Return for Website Payments, click the On radio button.
    • For the Return URL, enter the URL on your site that will receive the transaction ID posted by PayPal after a customer payment. It is not too important what you enter here, what is important is to have the Auto Return On box checked but since you cannot leave this field empty you could enter http://www.yoursite.com/thankyou.php?p=paypal . If this field was already filled with another value (and the box checked) you can leave the field unchanged.
    • Under Payment Data Transfer, click the On radio button.
    • Click Save.
    • Click "Website Payment Preferences" in the "Seller Preferences" column.
    • Scroll down to the Payment Data Transfer section of the page to view your PDT identity token. It is a very long string of seemingly random digits and letters.

Then go to Admin –> General Settings –> Features and Options –> Payment: Paypal

You need to copy the PDT identity token and enter it in the Payment Data Transfer Identity Token: field. Make sure Enable test mode? Don't enable this on a live site! option is unchecked otherwise member payments will not reach your account.

Payment: 2CheckOut

Go to Admin –> General Settings –> Features and Options –> Payment: 2CheckOut

Fraud Manager: Maxmind

Etano can use "MaxMind GeoIP Country Web Service" to identify possible payment frauds. For more details about "MaxMind GeoIP Country Web Service" see http://www.maxmind.com/app/web_services


Flirts

You can create 2 types of flirts, an "Initial flirt" or a "Reply" flirt.

An "Initial flirt" is one that's initially sent to a user.

A "Reply" flirt is one that can be used to reply to an initial flirt.

You can create/add either an "Initial flirt" or a "Reply" as a text or image flirt.

In your Admin panel under "General Settings" click on the "Flirts" link in the menu.

To create a new flirt, click the "Add new flirt" link.


To create a text flirt, simply add the text for your flirt in the textarea field, then select "Flirt type" "Initial flirt" or a "Reply", then click "Save".


To create an image flirt, this is a bit complicated and confusing for some. The easiest way is to upload your flirt images to a folder on your server, such as the images/custom/ folder.

Then you can use a URL to link to them like this: http://www.yousite.com/images/custom/flirt_01.gif.

Click the "Insert/edit image" icon as shown above, then a window will popup, add the URL into the "Image URL" field, that links to one of the images you uploaded. You don't have to fill in the other fields unless you want to.

Then select "Flirt type" "Initial flirt" or a "Reply", then click "Save".

If you want to edit or delete a flirt, click the "X" or "Pencil" icon from the list of flirts »


Site News

This feature allows you to create news bulletins which are displayed on the member's "Home" page. Handy for creating important announcements such as, changes or updates to your site, special offers, etc.

Creating a news bulletin is fairly simple and straight forward. In your Admin panel under "General Settings" click on the "Site News" link in the menu, then simply click the "Add news" link. You will then be presented with a standard WYSIWYG editor which allows to enter and format your text.

Managing News

Once you create news bulletins they are displayed in a list which allows you to delete and edit each one.

By default the system only displays the 3 most recently created news bulletins. You change the number of news bulletins to be displayed by opening the skins_site/def/home.html file and change the total number in the following snip of code:

<!–widget="site_news_feed(array('total'⇒3))"–>

You can display more or fewer news bulletins but it's really not recommended to display more than 3 or 4 as it can be an annoyance to your members, depending on the length of your news bulletins it could require them to scroll down the page too much in order to view any info provided below the news.

You should also delete older news so it's easier to manage, exceptions might be things like specials that you may run from time to time, then they can be used to copy from when you create a new one.


Banned Words

Banned words prevents certain words from being viewed on your site. This is site wide, when a user fills in a field for their profile, posts a blog, or leaves a comment, it will be replaced or switched out and become '####'

You can add more banned words if you want, but use some caution and don't get carried away by adding too many words to be banned or the result could be negative. Some words can be included in other common words. For example, if you decided to ban the word "ass", there are hundreds of common words that include this word, such as:

assist
associated
assure
brass
bypass
class
classic
mass
pass
password

Which would appear on your site something like this:
###ist
###ociated
###ure
br###
byp###
cl###
cl###ic
m###
p###
p###word

You can check words included in other words by using this service: scrabblefinder.com