popufare/Documentation/API-Protocol.txt

  The following is a description of the proposed protocol for communication between the Client Web Server and the Back End DataBase.

  Optional items are enclosed in []'s, Manditory items are in ()'s, Alternative options are seperated by a |.

  <string> represents an arbitrary string (i.e. 'Abc Def'), <#> a number (i.e. '1234'), <date> a Date Time (i.e. '2004-01-01 15:33:01').  
Characters preceded by a \ are meant as a literal (i.e. \[ is meant as the '[' character).  All field items must be less than 256 characters.

  The only time this notation is abused is for requests that return multiple (variable number) of items, such as the GetPassesOnCard and GetCard functions.
When there is more than one item being returned, additional fields will have a [<i>] suffix, where <i> denotes the i'th item, starting at 1 from from the first
item using the [<i>] notation.  The order in which they are returned is arbitrary but fixed.

example:

A GetCard is sent, the following might be returned if there are 3 cards associated with the account:

Response=success
MagStripe=12345678
RFSite=0
RFID=0
Comment=test card
LastUsed=2010-01-01
FirstUsed=
Issued=2010-01-01
NCard=3
MagStripe[1]=12345679
RFSite[1]=0
RFID[1]=0
Comment[1]=test card
LastUsed[1]=2010-01-01
FirstUsed[1]=
Issued[1]=2010-01-01
MagStripe[2]=12345679
RFSite[2]=0
RFID[2]=0
Comment[2]=test card
LastUsed[2]=2010-01-01
FirstUsed[2]=
Issued[2]=2010-01-01



  A client wishing to make a transaction must send an initiate request and take the UserToken and ServerToken returned to create a TransactionToken and ServerTransactionToken respectively.
The TransactionToken and ServerTransactionToken can only be used once per transaction.


  '-->' denote messages FROM the (web) client TO the (db) server.
  '<--' denote messages TO the (web) client FROM the (db) server.
  

Transaction Initiation Request
------------------------------

-->
MessageType=initiate

<--
(
Response=fail
[Reason=<string>]  |
Response=success
[Reason=<string>]
UserToken=<string>
ServerToken=<string>
HashAlgorithm=(md5|sha1)
)


  Broadly speaking, there are two types of functions, 'user' functions and
'admin' functions, where the latter has a prefix of 'Admin' as can be seen
below in the function list.


Function List
-------------

AddUser
GetUser
SetUser
GetCard
GetCards
AddCard
RemoveCard
RemovePass
GetPassesOnCard
GetPass
TransferPass
AddPass
SendEmailVerification
SendEmailPasswordReset
PasswordReset
Log
GetCardPricePoints


AdminGetCard
AdminGetCards
AdminGetPass
AdminGetUser
AdminGetAdmin
AdminGetPassesOnCard
AdminGetPendingQueue
AdminProcessPendingQueue
AdminRemovePendingQueue
AdminCreateCardBlock
AdminCreateCard
AdminSetUser
AdminSetAdmin
AdminAddPass
AdminAddCard
AdminAddUser
AdminAddAdmin
AdminRemovePass
AdminRemovePasses
AdminRemoveCard
AdminRemoveUser
AdminRemoveAdmin
AdminTransferCard
AdminTransferPass
AdminGetPassOptions
AdminAddCardToUser
AdminRemoveCardFromUser
AdminGetAdminPermissions
AdminAddAdminPermissions
AdminRemoveAdminPermissions
AdminAddAdminApiPermissions
AdminRemoveAdminApiPermissions
AdminSetAdminApiPermissions
AdminGetCustomCard
AdminGetAdmins
AdminSearchCards
AdminSearchUsers
AdminSearchAdmins



Transaction Requests
-------------------



--> 
MessageType=request
Function=(AddUser|GetUser|SetUser|GetCard|GetCards|AddCard|RemoveCard|RemovePass|GetPassesOnCard|GetPass|TransferPass|AddPass|SendEmailVerification|SendEmailPasswordReset|PasswordReset|Log|GetCardPricePoints)
TransactionToken=<string>
ServerTransactionToken=<string>
<FUNCTION PAYLOAD>

<--
Response=(sucess|fail)
[Reason=<string>]
<RESPONSE PAYLOAD>


Comments:
  A client wishing to make a transaction/request must first send a POST message to the server with the MessageType set to 'initiate'.  
After receiving the UserToken, ServerToken and HashAlgorithm, the client must send back a ServerToken created from hashing the string 
produced by concatenating the ServePassword and the ServerToken.  i.e. ServerTransactionToken = hash( ServerPassword + ServerToken ).
The ServerPassword is the password shared by the two parties at the endpoints
of the API.
If the function is not one of 'AddUser', 'SendEmailVerification', 'SendEmailPasswordReset', 'PasswordReset' or 'Log', then the TransactionToken
must also be provided.  The TransactionToken is created from the hash of the
user's password as its stored in the database concatenated with the
UserToken.  i.e. TransactionToken = hash( hash(UserPassword) + UserToken ) if
the function is a user function.  If the Function is an admin function, then
the TransactionToken is created from teh hash of the admin's password as it is
stored in the database concatenated with the UserToken.  i.e. TransactionToken
= hash( hash(AdminPassword) + UserToken ).

The Transaction Token and Server Transaction Token
will only be valid for 2 minutes after the 'initiate' request.  The Transaction Token and Server Transaction Token cannot be re-used after
a transaction that has successfully iliicited a response (either 'success' or 'fail').  Any new request must go through another challenge response (request a token 
through an 'initiate', then provide a valid session token).



SHORTHANDS
----------

  Here are some commonly used shorthands:

CARD_CREDENTIAL=
(
  CardId=<#>                |
  (
    (MagTrack=<#>)
    MagStripe=<#>       |
    MagToken=<string>
  )                         |
  (
    [RFSite=<#>]
    RFID=<#>            |
    RFIDToken=<string>
  )                         |
  (
    (
      (MagTrack=<#>)
      MagStripe=<#>       |
      MagToken=<string>
    )
    (
      [RFSite=<#>]
      RFID=<#>            |
      RFIDToken=<string>
    )
  )
)
    

USER_CREDENTIAL=
(
  UserId=<#>          |
  UserName=<string>
)

ADMIN_CREDENTIAL=
(
  AdminUserId=<#>          |
  AdminUserName=<string>
)

GROUP_CREDENTIAL=
(
  GroupId=<#>         |
  GroupName=<string>
)


  For example, the card credential can consist of a CardId or a
MagStripe/MagToken, or a RFID/RFIDToken or a combination of
MagStripe/MagToken and RFID/RFIDToken.

  ADMIN_CREDENTIAL and USER_CREDENTIAL are the same but will look up their
values in different tables depending on context and are provided for clarity.
UserId will lookup the id in the admins table for admin functions whereas UserId will lookup
userid in the users table for user functions.



ACL
---

  All functions are under an access control list.  All requests are checked
for proper access and will be denied execution if the requesting user or admin
does not have proper permissions.  All subsequent create, read, update or
delete (crud) requests will fail if the user or admin does not have access to
the appropriate table.


  ACL tables are currently rlapi_aros, rlapi_acos and rlapi_aros_acos.

  
FUNCTIONS
---------



AddUser
-------


-->
MessageType=request
Function=AddUser
ServerTransactionToken=<string>
UserName=<username>
PasswordHash=<string>
RegistrationToken=<string>
[Firstname=<string>]
[Lastname=<string>]
[Phone=<string>]
[Email=<string>]
[Address=<string>]
[City=<string>]
[State=<string>]
[ZIP=<string>]
[ShippingFirstname=<string>]
[ShippingLastname=<string>]
[ShippingAddress=<string>]
[ShippingCity=<string>]
[ShippingState=<string>]
[ShippingZIP=<string>]
[Comment=<string>]

<--
(
Response=fail 
[Reason=<string>] |
Response=success
[Reason=<string>]
UserId=<#>
)


Comments:
  The request will fail if the UserName already exists.

  The RegistrationToken must be from a SendEmailVerification request.
 
  The RegistrationToken will only be valid for 1 day after the registration
request has been initiated.


GetUser
-------


-->
MessageType=request
Function=GetUser
TransactionToken=<string>
ServerTransactionToken=<string>
(
UserId=<#> |
UserName=<string>
)

<--
(
Response=fail
[Reason=<string>] |
Response=success
[Reason=<string>]
UserId=<#>
UserName=<string>
FirstName=<string>
LastName=<string>
Phone=<string>
Email=<string>
Address=<string>
City=<string>
State=<string>
ZIP=<string>
Comment=<string>
)

Comments:



SetUser
-------


-->
MessageType=request
Function=SetUser
TransactionToken=<string>
ServerTransactionToken=<string>
(
UserId=<#> |
UserName=<string>
)
[PasswordHash=<string>]
[FirstName=<string>]
[LastName=<string>]
[Phone=<string>]
[Email=<string>]
[Address=<string>]
[City=<string>]
[State=<string>]
[ZIP=<string>]
[ShippingFirstname=<string>]
[ShippingLastname=<string>]
[ShippingAddress=<string>]
[ShippingCity=<string>]
[ShippingState=<string>]
[ShippingZIP=<string>]
[Comment=<string>]

<--
Response=(success|fail)
[Reason=<string>]


Comments:
  PasswordHash is the sha1 digest of the user specified Password.



GetCard
-------


-->
MessageType=request
Function=GetCard
TransactionToken=<string>
ServerTransactionToken=<string>
(
UserId=<#> |
UserName=<string>
)
(
MagStripe=<string>  |
[RFSite=<#>]
RFID=<#>            |
CardId=<#>
)

<--
Response=fail
[Reason=<string>]         |
Response=success
[Reason=<string>]
MagStripe=(<#>|)
RFSite=(<#>|)
RFID=(<#>|)
CardId=<#>
Comment=<string>
LastUsed=<string>
Issued=<date>
FirstUsed=<date>

Comments:


GetCards
-------


-->
MessageType=request
Function=GetCards
TransactionToken=<string>
ServerTransactionToken=<string>
(
UserId=<#> |
UserName=<string>
)
[MaxCard=<#>]

<--
(
Response=fail
[Reason=<string>]         |
Response=success
[Reason=<string>]
NCard=<#> 
[
MagStripe=(<#>|)
RFSite=(<#>|)
RFID=(<#>|)
CardId=<#>
Comment=<string>
LastUsed=<string>
Issued=<date>
FirstUsed=<date>
]
[(
  MagStripe\[<i>\]=(<#>|)
  RFSite\[<i>\]=(<#>|)
  RFID\[<i>\]=(<#>|)
  CardId\[<i>\]=<#>
  Comment\[<i\]=<string>
  LastUsed\[<i\]=<date>
  Issued\[<i>\]=<date>
  FirstUsed\[<i>\]=<date>
){<ncard-1>}]
)


Comments:
  If there is more than one card associated with the supplied user, NCard will be set and
there will be NCard-1 extra MagStripe, RFSite, RFID, Comment, LastUsed, Issued and FirstUsed
field items, indexed by [<i>], starting at 1.

  If the MaxCard field is set in the Client to Server request, no more than MaxCard number of
Cards will be returned (NCard <= MaxCard).



AddCard
-------

-->
MessageType=request
Function=AddCard
TransactionToken=<string>
ServerTransactionToken=<string>
(
UserId=<#> |
UserName=<string>
)
(
MagStripe=(<#>|)      |
[RFSite=<#>]
RFID=<#>              |
MagStripe=<#>
[RFSite=<#>]
RFID=<#>              |
Issue=(fob|rfidsticker|magstripe)
)
[Type=<string>]
[Comment=<string>]

<--
Response=(success|fail)
[Reason=<string>]
CardId=<#>

Comments:
  The request will fail if the user tries to add a pre-existing card.

  If RFSite is not specified, a default value will be used.

  If Issue is set, an 'anonymous' card will be created that does not have
magstripe or rfsite/rfid credential information set and must be accessed
by its cardid.  On the back-end, this will generate a re-issue request whereby
a card will be shipped to the users shipping address and the appropriate
credential information will be filled in depending on what type of re-issue
request (magsripe for a magstripe request, rfsite/rfid for a fob/rfidsticker
request) by the person fulfilling the re-issue request.

  Type can be used as an extra field as an indicator for any special actions
or operations that need to be be performed when adding a card to the account.
i.e. that the MagStripe is really the
student id and one needs to do a fuzzy match to add the card to the students
account.



RemoveCard
----------

-->
MessageType=request
Function=RemoveCard
TransactionToken=<string>
ServerTransactionToken=<string>
(
UserId=<#> |
UserName=<string>
)
(
MagStripe=<#>   |
[RFSite=<#>]
RFID=<#>        |
CardId=<#>
)

<--
Response=(success|fail)
[Reason=<string>]

Comments:
  The request will fail if the user does not own a card with the specified
credentials or if there are any passes on the card.  One may only remove
a card with no non-expired passes.

  If RFSite is not specified, a default value will be used.


RemovePass
----------

-->
MessageType=request
Function=RemovePass
TransactionToken=<string>
ServerTransactionToken=<string>
(
UserId=<#> |
UserName=<string>
)
(
MagStripe=<#>   |
[RFSite=<#>]
RFID=<#>        |
CardId=<#>
)
PassId=<#>

<--
Response=(success|fail)
[Reason=<string>]

Comments:
  Remove a pass assicated with a card.

  If RFSite is not specified, a default value will be used.



GetPassesOnCard
---------------


-->
MessageType=request
Function=GetPassesOnCard
TransactionToken=<string>
ServerTransactionToken=<string>
(
UserId=<#> |
UserName=<string>
)
(
MagStripe=<#>   |
[RFSite=<#>]
RFID=<#>        |
CardId=<#>
)

<--
(
Response=fail
[Reason=<string>]         |
Response=success
[Reason=<string>]
NPass=<#> 
[
PassId=<#>
Active=<#>
Comment=<string>
LastUsed=<date>
Issued=<date>
FirstUsed=<date>
Type=(nday|nride|preactive|<company card>)
QueueOrder=<#>
Comment=<string>
NRideOrig=(<#>|)
NRideRemain=(<#>|)
NDayOrig=(<#>|)
NDayExpiration=(<date>|)
PayType=(cash|credit)
]
[(
  PassId\[<i>\]=<#>
  Active\[<i>\]=<#>
  Comment\[<i>\]=<string>
  LastUsed\[<i>\]=<date>
  Issued\[<i>\]=<date>
  FirstUsed\[<i>\]=<date>
  Type\[<i>\]=(nday|nride|preactive|<company card>)
  QueueOrder\[<i>\]=<#>
  Comment\[<i>\]=<string>
  NRideOrig\[<i>\]=(<#>|)
  NRideRemain\[<i>\]=(<#>|)
  NDayOrig\[<i>\]=(<#>|)
  NDayExpiration\[<i>\]=(<date>|)
  PayType\[<i>\]=(cash|credit)
){<NPass-1>}]
)

Comments:
  If there are multiple passes associated with the supplied card, NPass will be set and there will
be NPass-1 extra PassId, Comment, LastUsed, Issued, FirstUsed, Type, QueueOrder, Comment, NRideOrig, NrideRemain,
NDayOrig and NDayExpiration, indexed by [<i>], starting at 1.

  If RFSite is not specified, a default value will be used.



GetPass
-------

-->
MessageType=request
Function=GetPass
TransactionToken=<string>
ServerTransactionToken=<string>
(
UserId=<#> |
UserName=<string>
)
PassId=<#>

<--
(
Response=fail
[Reason=<string>] |
Response=success
[Reason=<string>]
Active=<#>
Issued=<date>
FirstUsed=<date>
LastUsed=<date>
Type=(nday|nride|preactive|<company card>)
QueueOrder=<#>
Comment=<string>
NRideOrig=(<#>|)
NRideRemain=(<#>|)
NDayOrig=(<#>|)
NDayExpiration=(<date>|)
PayType=(cash|credit)
)


Comment:
  The request will fail if the PassId is not associated with the user.



TransferPass
------------

-->
MessageType=request
Function=TransferPass
TransactionToken=<string>
ServerTransactionToken=<string>
(
UserId=<#> |
UserName=<string>
)
PassId=<#>
(
ToMagStripe=<#> |
[ToRFSite=<#>]
ToRFID=<#>      |
ToCardId=<#> 
)


<--
Response=(success|fail)
[Reason=<string>]


Comments:
  The request will fail if the To credential is taken or invalid.

  If ToRFSite is not specified, a default value will be used.

  Depending on permissions on the Server, the request might fail even if the
user provides a valid To credential.





AddPass
-------

-->
MessageType=request
Function=AddPass
TransactionToken=<string>
ServerTransactionToken=<string>
(
UserId=<#> |
UserName=<string>
)
(
MagStripe=<#>   |
[RFSite=<#>]
RFID=<#>        |
CardId=<#>
)
Comment=<string>
(
Type=<string>     |
Type=<nride-type>
NRide=<#>         |
Type=<nday-type>
NDay=<#>
[Expiration=<date>]
)
[Quantity=<#>]
[(PaymentType=cash
PaymentAmount=<#>               |
PaymentType=credit
AuthorizationCode=<string>
PaymentAmount=<#>)]

<--
(
Response=fail 
[Reason=<string>]
Response=success    |
[Reason=<string>]
PassId=<#>
[(PassId[<#>]=<#>]){<Quantity-1>}]
)


Comment:
  If RFSite is not specified, a default value will be used.

  Type must be one of the card types.  currently supported types are:
    <nday-type>:
        NDAYAC, N-day All County 
        NDAYTC, N-day Gov County 
        NDAYYSS(\d\d), N-day Youth Semester Spring for year 20XX
        NDAYYSF(\d\d), N-day Youth Semester Fall for year 20XX
        NDAYSF(\d\d), N-Day Summer Fun for year 20XX
    <nride-type>:
        NRIDEACA, N-Ride All County Adult
        NRIDEACH, N-Ride All County Half
        NRIDEACY, N-Ride All County Youth
        NRIDETCA, N-Ride Gov County Adult
        NRIDETCH, N-Ride Gov County Half
        NRIDETCY, N-Ride Gov County Youth
  If type is not nday or nride, it must be a billing domain.

  If type is set and not 'cash', AuthorizationCode should be the Authorization Code of the
transaction.  

  Quantity number of passes will be created.  Quantity assumed to be 1 if none specified.

  The PassId (and PassId[<#>] where appropriate) will contain the pass id's of
the newly inserted passes.  The PassId and indicies into the PassId array are 
_for this function only_ and do not reflect what indicies will be returned via
a call to any of the other functions (GetPassesOnCard etc.).

SendEmailVerification
----------------------

-->
MessageType=request
Function=SendEmailVerification
ServerTransactionToken=<string>
RedirectURL=<string>
Email=<string>

<--
(
Response=fail 
[Reason=<string>]
Response=success    |
[Reason=<string>]
)

Comment:

  Send an email to specified email address with a link back to the redirect
url with the following variables set:
action=register
registrationtoken=<token>

  The registration token must be given to the add user for it to successfully
complete.

  The RegistrationToken will only be valid for 1 day after the registration
request has been initiated.


SendEmailPasswordReset
----------------------

-->
MessageType=request
Function=SendEmailPasswordReset
ServerTransactionToken=<string>
UserName=<string>
RedirectURL=<string>
Email=<string>


<--
(
Response=fail 
[Reason=<string>]
Response=success    |
[Reason=<string>]
)

Comment:

  Send an email with a link back to the RedirectURL.  The following variables
will appear in the link back to the RedirectURL:

action=password_reset
username=<string>
passwordresettoken=<string>

  The token must be provided to the PasswordReset for it to successfully
complete.

  The option to reset a password will only be valid for 2 days after
the reset request has been sent.

  A maximum of 3 SendEmailPasswordReset attempts may be made before a
successful login or a successful PasswordReset request has completed.



PasswordReset
-------------

-->
MessageType=request
Function=PasswordReset
ServerTransactionToken=<string>
PasswordResetToken=<string>
PasswordHash=<string>

<--
(
Response=fail 
[Reason=<string>]
Response=success    |
[Reason=<string>]
)

Comment:

  PasswordResetToken must be the result of a password reset request
(SendEmailPasswordReset).  The PasswordReset request will fail if 
the PasswordResetToken is not the most recent active PasswordResetToken.
A PasswordResetToken will be inactivated upon a new PasswordResetToken
generation for a particular user or if the timeout has expired (2 days in this
case).

  Assuming that the PasswordResetToken is
set to the most recent SendEmailPasswordReset request, then the
user's password hash will be set to PasswordHash.  The user will be
the same as the UserName specified in the SendEmailPasswordReset.

  The option to reset a password will only be valid for 2 days after
the reset request has been sent.


Log
---

-->
MessageType=request
Function=Log
ServerTransactionToken=<string>
Log=<string>

<--
(
Response=fail 
[Reason=<string>]
Response=success    |
[Reason=<string>]
)

Comment:

  Put the string of text specified in Log into an internal log.



GetCardPricePoints
------------------

-->
MessageType=request
Function=GetCardPricePoints
TransactionToken=<string>
ServerTransactionToken=<string>
(
UserId=<#> |
UserName=<string>
)
PasswordHash=<string>
[
MagStripe=<#>   |
[RFSite=<#>]
RFID=<#>        |
CardId=<#>
]
Comment=<string>


<--
(
Response=fail
[Reason=<string>]         |
Response=success
[Reason=<string>]
NPricePoint=<#>
GroupName=<string>
GroupId=<string>
(
  Price=<#>|<#.#>
  Param=<#>
  Name=<string>
  Rule=<string>
  Type=<string>
  Description=<string>
  NumPriceOption=<#>
  PriceOption0=<string>
  PriceOption1=<string>
  PriceOption2=<string>
  PriceOption3=<string>
  [(
    Price=<#>|<#.#>
    Param=<#>
    Name=<string>
    Rule=<string>
    Type=<string>
    Description=<string>
    NumPriceOption=<#>
    PriceOption0=<string>
    PriceOption1=<string>
    PriceOption2=<string>
    PriceOption3=<string>
  ){<NPricePoint>-1}]
)
)
  
Comment:

  Returns a list of price points for a given card, restricted to the price
points available for that card (e.g. it's group).

  Price is in dollars

  Param is the number of rides for an NRide type, the number of days for an
NDay type and blank for an other type.

  Name is an identifier.  The current convention is to have the rule without
the preceeding groupname if it's an other.  If it's an NRide or NDay, the form
is:
    ORG\.(NRIDE|NDAY)\.ZON([12])\.([AHY])\.(\d+)

    where $1 is 'NRIDE' or 'NDAY' depending on which type it is, $2 is 1 or 2
depending on which zone it is, $3 is A for adult, H for half, Y for youth and
$4 is the parameter.

  Rule is the database rule without group name prefix

  Type is other, nride or nday

  Description is a string description of the pass type

  NumPriceOption is the number of PriceOption[0123] to use

  PriceOption[0123] are strings meant to help the web site build it's drop
down of options.  Currently the convention is:

  NDAY:  PriceOption0 is the zone identifier (e.g. 'Zone 1', 'Zone 2')
         PriceOption1 is the nday identifier (e.g. 'Single', 'Double', 'Month')

  NRide: PriceOption0 is the zone identifier
         PriceOption1 is the nride identifier
         PriceOption2 is the quantity identifier

  Other: PriceOption0 is the pass description (e.g. 'Semester Spring (k-12, 2012, Zone1)')


  

ADMIN FUNCTIONS
---------------




AdminGetCard
------------


-->
MessageType=request
Function=AdminGetCard
TransactionToken=<string>
ServerTransactionToken=<string>
ADMIN_CREDENTIAL
CARD_CREDENTIAL

<--
(
Response=fail
[Reason=<string>]         |
Response=success
[Reason=<string>]
MagStripe=(<#>|)
RFSite=(<#>|)
RFID=(<#>|)
CardId=<#>
Comment=<string>
LastUsed=<string>
Issued=<date>
FirstUsed=<date>
)

Comments:



AdminGetCards
-------------


-->
MessageType=request
Function=AdminGetCards
TransactionToken=<string>
ServerTransactionToken=<string>
ADMIN_CREDENTIAL
USER_CREDENTIAL

<--
(
Response=fail
[Reason=<string>]         |
Response=success
[Reason=<string>]
NCard=<#>
[
MagStripe=(<#>|)
RFSite=(<#>|)
RFID=(<#>|)
CardId=<#>
Comment=<string>
LastUsed=<string>
Issued=<date>
FirstUsed=<date>
]
[(
  MagStripe\[<i>\]=(<#>|)
  RFSite\[<i>\]=(<#>|)
  RFID\[<i>\]=(<#>|)
  CardId\[<i>\]=<#>
  Comment\[<i\]=<string>
  LastUsed\[<i\]=<date>
  Issued\[<i>\]=<date>
  FirstUsed\[<i>\]=<date>
){<ncard-1>}]
)


Comments:
  If there is more than one card associated with the supplied user, NCard will
be set and there will be NCard-1 extra MagStripe, RFSite, RFID, Comment, 
LastUsed, Issued and FirstUsed field items, indexed by [<i>], starting at 1.

  If the MaxCard field is set in the Client to Server request, no more than
MaxCard number of Cards will be returned (NCard <= MaxCard).



AdminGetPass
-------------


-->
MessageType=request
Function=AdminGetPass
TransactionToken=<string>
ServerTransactionToken=<string>
CardId=<#>
PassId=<#>
[UserId=<#>]
[Active=[01]]

<--
(
Response=fail
[Reason=<string>]         |
Response=success
[Reason=<string>]
Type=<string>
PassId=<#>
CardId=<#>
Issued=<date>
FirstUsed=<date>
LastUsed=<date>
Deactivated=<date>
Rule=<string>
NRideOrig=<#>
NRideRemain=<#>
NDayOrig=<#>
NDayExpiration=<date>
QueueOrder=<#>
Comment=<string>
Active=[01]
Expired=<date>
PaymentType=<string>
Comment=<string>


Comments:



AdminGetAdmin
-------------


-->
MessageType=request
Function=AdminGetAdmin
TransactionToken=<string>
ServerTransactionToken=<string>
ADMIN_CREDENTIAL
USER_CREDENTIAL

<--
(
Response=fail
[Reason=<string>]         |
Response=success
[Reason=<string>]


Comments:

  User here is an admin user and will look up the appropriate fields in the
admins table, not the users table.



AdminGetPassesOnCard
-------------


-->
MessageType=request
Function=AdminGetAdmin
TransactionToken=<string>
ServerTransactionToken=<string>
ADMIN_CREDENTIAL
CARD_CREDENTIAL

<--
(
Response=fail
[Reason=<string>]         |
Response=success
[Reason=<string>]
NPass=<#> 
[
PassId=<#>
Active=<#>
Comment=<string>
LastUsed=<date>
Issued=<date>
FirstUsed=<date>
Type=(nday|nride|preactive|<company card>)
QueueOrder=<#>
Comment=<string>
NRideOrig=(<#>|)
NRideRemain=(<#>|)
NDayOrig=(<#>|)
NDayExpiration=(<date>|)
PayType=(cash|credit)
]
[(
  PassId\[<i>\]=<#>
  Active\[<i>\]=<#>
  Comment\[<i>\]=<string>
  LastUsed\[<i>\]=<date>
  Issued\[<i>\]=<date>
  FirstUsed\[<i>\]=<date>
  Type\[<i>\]=(nday|nride|preactive|<company card>)
  QueueOrder\[<i>\]=<#>
  Comment\[<i>\]=<string>
  NRideOrig\[<i>\]=(<#>|)
  NRideRemain\[<i>\]=(<#>|)
  NDayOrig\[<i>\]=(<#>|)
  NDayExpiration\[<i>\]=(<date>|)
  PayType\[<i>\]=(cash|credit)
){<NPass-1>}]
)


Comments:


AdminGetGetPendingQueue
-------------


-->
MessageType=request
Function=AdminGetAdmin
TransactionToken=<string>
ServerTransactionToken=<string>
ADMIN_CREDENTIAL

<--
(
Response=fail
[Reason=<string>]         |
Response=success
[Reason=<string>]
NCard=<#>
[
CardId=<#>
Created=<date>
IssueType=<string>
UserId=<#>
  [(
  CardId\[<i>\]=<#>
  Created\[<i>\]=<date>
  IssueType\[<i>\]=<string>
  UserId\[<i>\]=<#>
  ){<NPass-2>}] 
]

Comments:



AdminCreateCard
---------------

-->
MessageType=request
Function=AdminCreateCard
TransactionToken=<string>
ServerTransactionToken=<string>
ADMIN_CREDENTIAL
USER_CREDENTIAL
CARD_CREDENTIAL
[IssueType=<string>]
[LastUsed=<date>}
[Issued=<date>}
[FirstUsed=<date>}
[Deactivated=[01]}
[Comment=<string>]

<--
Response=fail       
[Reason=<string>]     |
Response=success
[Reason=<string>]
CardId=<#>

Comments:

  Create a new user_card entry with the appropriate fields.  The default group
is currently set to 'ORG'.  If RFSite is not provided (without a MagToken) but a MagStripe
is, this will be taken to be the default of the group (taken from the
org_default_card_value table).



AdminAddCard
------------


-->
MessageType=request
Function=AdminAddCard
TransactionToken=<string>
ServerTransactionToken=<string>
ADMIN_CREDENTIAL
USER_CREDENTIAL
CARD_CREDENTIAL
[Type=<string>]
[Comment=<string>]

<--
Response=(success|fail)
[Reason=<string>]
CardId=<#>

Comments:
  Associates a pre-existing card to a user.



AdminGetAdmin
-------------


-->
MessageType=request
Function=AdminGetAdmin
TransactionToken=<string>
ServerTransactionToken=<string>
ADMIN_CREDENTIAL
USER_CREDENTIAL

<--
(
Response=fail
[Reason=<string>]         |
Response=success
[Reason=<string>]
GroupId=<#>
GroupName=<string>
UserId=<#>
UserName=<#>


Comments:

  USER_CREDENTIAL refers to the desired admin being looked up




AdminProcessPendingQueue
-------------


-->
MessageType=request
Function=AdminProcessPendingQueue
TransactionToken=<string>
ServerTransactionToken=<string>
ADMIN_CREDENTIAL
QueueId=<#>
CARD_CREDENTIAL

<--
(
Response=fail
[Reason=<string>]         |
Response=success
[Reason=<string>]
CardId=<#>


Comments:




AdminRemovePendingQueue
-------------


-->
MessageType=request
Function=AdminRemovePendingQueue
TransactionToken=<string>
ServerTransactionToken=<string>
ADMIN_CREDENTIAL
QueueId=<#>

<--
(
Response=fail
[Reason=<string>]         |
Response=success
[Reason=<string>]


Comments:




AdminCreateCardBlock
-------------


-->
MessageType=request
Function=AdminCreateCardBlock
TransactionToken=<string>
ServerTransactionToken=<string>
ADMIN_CREDENTIAL
CARD_CREDENTIAL
NCard=<#>
[PASS_CREDENTIAL]

<--
(
Response=fail
[Reason=<string>]         |
Response=success
[Reason=<string>]


Comments:

  Will add NCard cards in total starting at CARD_CREDENTIAL and incrementing
the appropriate field (RFID or MagStripe) adding a pass, PASS_CREDENTIAL,
to each or none if no PASS_CREDENTIAL is specified.

  A hard limit of 1000 is set and requests for more than 1000 at one time will
fail.




AdminSetUser
-------------


-->
MessageType=request
Function=AdminSetUser
TransactionToken=<string>
ServerTransactionToken=<string>
ADMIN_CREDENTIAL
USER_CREDENTIAL
[PasswordHash=<string>]
[FirstName=<string>]
[LastName=<string>]
[Phone=<string>]
[Email=<string>]
[Address=<string>]
[City=<string>]
[State=<string>]
[ZIP=<string>]
[ShippingFirstname=<string>]
[ShippingLastname=<string>]
[ShippingAddress=<string>]
[ShippingCity=<string>]
[ShippingState=<string>]
[ShippingZIP=<string>]
[Comment=<string>]


<--
(
Response=fail
[Reason=<string>]         |
Response=success
[Reason=<string>]
UserId=<#>


Comments:




AdminSetAdmin
-------------


-->
MessageType=request
Function=AdminSetAdmin
TransactionToken=<string>
ServerTransactionToken=<string>
ADMIN_CREDENTIAL
USER_CREDENTIAL
[PasswordHash=<string>]
[GroupName=<string>]
[GroupId=<#>]

<--
(
Response=fail
[Reason=<string>]         |
Response=success
[Reason=<string>]
UserId=<#>


Comments:




AdminAddPass
-------------


-->
MessageType=request
Function=AdminAddPass
TransactionToken=<string>
ServerTransactionToken=<string>
ADMIN_CREDENTIAL
CARD_CREDENTIAL
[Comment=<string>]
(
Type=<string>     |
Type=<nride-type>
NRide=<#>         |
Type=<nday-type>
NDay=<#>
[Expiration=<date>]
)
[Quantity=<#>]


<--
(
Response=fail
[Reason=<string>]         |
Response=success
[Reason=<string>]
PassId=<#>
[(
  PassId\[<i>\]=<#>
){Quantity-1}]


Comments:




AdminAddUser
-------------


-->
MessageType=request
Function=AdminAddUser
TransactionToken=<string>
ServerTransactionToken=<string>
ADMIN_CREDENTIAL
UserName=<string>
[PasswordHash=<string>]
[FirstName=<string>]
[LastName=<string>]
[Phone=<string>]
[Email=<string>]
[Address=<string>]
[City=<string>]
[State=<string>]
[ZIP=<string>]
[ShippingFirstname=<string>]
[ShippingLastname=<string>]
[ShippingAddress=<string>]
[ShippingCity=<string>]
[ShippingState=<string>]
[ShippingZIP=<string>]
[Comment=<string>]


<--
(
Response=fail
[Reason=<string>]         |
Response=success
[Reason=<string>]
UserId=<#>


Comments:




AdminAddAdmin
-------------


-->
MessageType=request
Function=AdminAddAdmin
TransactionToken=<string>
ServerTransactionToken=<string>
ADMIN_CREDENTIAL
UserName=<string>
PasswordHash=<string>
[GROUP_CREDENTIAL]

<--
(
Response=fail
[Reason=<string>]         |
Response=success
[Reason=<string>]
UserId=<#>


Comments:




AdminRemovePass
-------------


-->
MessageType=request
Function=AdminRemovePass
TransactionToken=<string>
ServerTransactionToken=<string>
ADMIN_CREDENTIAL
PassId=<#>

<--
(
Response=fail
[Reason=<string>]         |
Response=success
[Reason=<string>]


Comments:
  Expires pass.  If the pass was active it  deactivates it.  If the pass was activae and
another unexpired pass exists after it, will activate the next unexpired pass
in theq queue.




AdminRemovePasses
-------------


-->
MessageType=request
Function=AdminRemovePasses
TransactionToken=<string>
ServerTransactionToken=<string>
ADMIN_CREDENTIAL
NPass=<#>
PassId=<#>
[(
  PassId\[<i>\]=<#>
){Npass-1}]

<--
(
Response=fail
[Reason=<string>]         |
Response=success
[Reason=<string>]


Comments:
  Same as AdminRemovePass but will deactivate multiple passes at once




AdminRemoveCard
-------------


-->
MessageType=request
Function=AdminRemoveCard
TransactionToken=<string>
ServerTransactionToken=<string>
ADMIN_CREDENTIAL
CARD_CREDENTIAL

<--
(
Response=fail
[Reason=<string>]         |
Response=success
[Reason=<string>]


Comments:
  Deactivates card.




AdminRemoveUser
-------------


-->
MessageType=request
Function=AdminRemoveUser
TransactionToken=<string>
ServerTransactionToken=<string>
ADMIN_CREDENTIAL
USER_CREDENTIAL

<--
(
Response=fail
[Reason=<string>]         |
Response=success
[Reason=<string>]


Comments:
  Deactivates user




AdminRemoveAdmin
-------------


-->
MessageType=request
Function=AdminRemoveAdmin
TransactionToken=<string>
ServerTransactionToken=<string>
ADMIN_CREDENTIAL
USER_CREDENTIAL

<--
(
Response=fail
[Reason=<string>]         |
Response=success
[Reason=<string>]


Comments:
  Deactivates admin identified by USER_CREDENTIAL




AdminTransferCard
-------------


-->
MessageType=request
Function=AdminTransferCard
TransactionToken=<string>
ServerTransactionToken=<string>
ADMIN_CREDENTIAL
CARD_CREDENTIAL
[GROUP_CREDENTIAL]
(
  ToCardId=<#>                |
  (
    (ToMagTrack=<#>)
    ToMagStripe=<#>       |
    ToMagToken=<string>
  )                         |
  (
    [ToRFSite=<#>]
    ToRFID=<#>            |
    ToRFIDToken=<string>
  )                         |
)
[(
  ToGroupId=<#>         |
  ToGroupName=<string>
)]


<--
(
Response=fail
[Reason=<string>]         |
Response=success
[Reason=<string>]


Comments:
  Transfers card passes from CARD_CREDENTIAL to To(CardId|MagStripe|RFID)
credential.  Transfers userid as well, overwriting previous userid with the
new one.




AdminTransferPass
-------------


-->
MessageType=request
Function=AdminTransferPass
TransactionToken=<string>
ServerTransactionToken=<string>
ADMIN_CREDENTIAL
PassId=<#>
(
  ToCardId=<#>                |
  (
    (ToMagTrack=<#>)
    ToMagStripe=<#>       |
    ToMagToken=<string>
  )                         |
  (
    [ToRFSite=<#>]
    ToRFID=<#>            |
    ToRFIDToken=<string>
  )                         |
)
[(
  ToGroupId=<#>         |
  ToGroupName=<string>
)]




<--
(
Response=fail
[Reason=<string>]         |
Response=success
[Reason=<string>]


Comments:
  Transfers a single pass.  Note a new pass is not created and the
logical_card_id of the pass is changed to point to the new card.




AdminGetPassOptions
-------------


-->
MessageType=request
Function=AdminGetPassOptions
TransactionToken=<string>
ServerTransactionToken=<string>
ADMIN_CREDENTIAL
NGroup=<#>
GroupName=<string>
[(
  GroupName\[<i>\]=<string>
){NGroup-1}]

<--
(
Response=fail
[Reason=<string>]         |
Response=success
[Reason=<string>]
NPassOption=<#>
PassOptionId=<#>
GroupId=<#>
GroupName=<string>
Param=<string>
Name=<string>
Rule=<string>
Type=<string>
Description=<#>
Start=<date>
Expiration=<date>
DefaultNRide=<#>
DefaultNDay=<#>
NumPassOption=<#>
Option0=<string>
Option1=<string>
Option2=<string>
Option3=<string>
[(
  PassOptionId\[=<#>
  GroupId\[<i>\]=<#>
  GroupName\[<i>\]=<string>
  Param\[<i>\]=<string>
  Name\[<i>\]=<string>
  Rule\[<i>\]=<string>
  Type\[<i>\]=<string>
  Description\[<i>\]=<#>
  Start\[<i>\]=<date>
  Expiration\[<i>\]=<date>
  DefaultNRide\[<i>\]=<#>
  DefaultNDay\[<i>\]=<#>
  NumPassOption\[<i>\]=<#>
  Option0\[<i>\]=<string>
  Option1\[<i>\]=<string>
  Option2\[<i>\]=<string>
  Option3\[<i>\]=<string>
){NPassOption-1}]


Comments:
  NPassOption is the number of pass options returned.

  Param is the number of rides for an NRide type, the number of days for an
NDay type and blank for an other type.

  Name is an identifier.  The current convention is to have the rule without
the preceeding groupname if it's an other.  If it's an NRide or NDay, the form
is:
    ORG\.(NRIDE|NDAY)\.ZON([12])\.([AHY])\.(\d+)

    where $1 is 'NRIDE' or 'NDAY' depending on which type it is, $2 is 1 or 2
depending on which zone it is, $3 is A for adult, H for half, Y for youth and
$4 is the parameter.

  Rule is the database rule without group name prefix

  Type is other, nride or nday

  Description is a string description of the pass type

  (Start|Expiration) are the start and expiration of the pass, should it have
a start and expiration date.

  DefaultN(Ride|Day) are the default parameters for the passes

  NumPriceOption is the number of PriceOption[0123] to use

  PriceOption[0123] are strings meant to help the web site build it's drop
down of options.  Currently the convention is:

  NDAY:  PriceOption0 is the zone identifier (e.g. 'Zone 1', 'Zone 2')
         PriceOption1 is the nday identifier (e.g. 'Single', 'Double', 'Month')

  NRide: PriceOption0 is the zone identifier
         PriceOption1 is the nride identifier
         PriceOption2 is the quantity identifier

  Other: PriceOption0 is the pass description (e.g. 'Semester Spring (k-12, 2012, Zone1)')




AdminAddCardToUser
-------------


-->
MessageType=request
Function=AdminAddCardToUser
TransactionToken=<string>
ServerTransactionToken=<string>
ADMIN_CREDENTIAL
CARD_CREDENTIAL
USER_CREDENTIAL

<--
(
Response=fail
[Reason=<string>]         |
Response=success
[Reason=<string>]


Comments:
  Associates card to user




AdminRemoveCardFromUser
-------------


-->
MessageType=request
Function=AdminRemoveCardFromUser
TransactionToken=<string>
ServerTransactionToken=<string>
ADMIN_CREDENTIAL
CARD_CREDENTIAL
USER_CREDENTIAL

<--
(
Response=fail
[Reason=<string>]         |
Response=success
[Reason=<string>]


Comments:
  Dissassociates a card from a user (i.e. set userid=NULL for the user_card
entry)




AdminGetAdminPermissions
-------------


-->
MessageType=request
Function=AdminGetAdminPermissions
TransactionToken=<string>
ServerTransactionToken=<string>
ADMIN_CREDENTIAL
USER_CREDENTIAL

<--
(
Response=fail
[Reason=<string>]         |
Response=success
[Reason=<string>]
NPermission=<#>
PrimaryGroupName=<string>
PrimaryGroupId=<#>
Table=<string>
Permission=<string>
GroupName=<string>
[(
  Table=<string>
  Permission=<string>
  GroupName=<string>
){NPermission-1}]
  

Comments:
  Returns a list of tables the admin identified by USER_CREDENTIAL has access
to.  Permissions are of type 'create', 'read', 'update', 'delete' (crud).

  i.e. get all aro_aco entries for aro '/admins/<admin_name>' for aco subtree
'/org_db/'




AdminAddAdminPermissions
-------------


-->
MessageType=request
Function=AdminAddAdminPermissions
TransactionToken=<string>
ServerTransactionToken=<string>
ADMIN_CREDENTIAL
USER_CREDENTIAL
NPermission
Table=<string>
Permission=<string>
GroupName=<string>
[(
  Table=<string>
  Permission=<string>
  GroupName=<string>
){NPermission-1}]
  


<--
(
Response=fail
[Reason=<string>]         |
Response=success
[Reason=<string>]


Comments:
  adds aro_aco entry for aro '/admins/<admin_name>' and aco
'/org_db/<Table>/<Permission>' for admin identified by USER_CREDENTIAL

  note, admin identified by ADMIN_CREDENTIAL must have 'update' permissions
on the table in question




AdminRemoveAdminPermissions
-------------


-->
MessageType=request
Function=AdminRemoveAdminPermissions
TransactionToken=<string>
ServerTransactionToken=<string>
ADMIN_CREDENTIAL
USER_CREDENTIAL
NPermission
Table=<string>
Permission=<string>
GroupName=<string>
[(
  Table=<string>
  Permission=<string>
  GroupName=<string>
){NPermission-1}]
  


<--
(
Response=fail
[Reason=<string>]         |
Response=success
[Reason=<string>]


Comments:
  removes aro_aco entry for aro '/admins/<admin_name>' and aco
'/org_db/<Table>/<Permission>' for admin identified by USER_CREDENTIAL

  note, admin identified by ADMIN_CREDENTIAL must have 'delete' permissions
on the table in question




AdminAddAdminApiPermissions
-------------


-->
MessageType=request
Function=AdminAddAdminApiPermissions
TransactionToken=<string>
ServerTransactionToken=<string>
ADMIN_CREDENTIAL
UserName=<string>
NPermission=<#>
ApiFunction=<string>
[(
  ApiFunction\[<i>\]=<string>
){NPermission-1}]

<--
(
Response=fail
[Reason=<string>]         |
Response=success
[Reason=<string>]


Comments:
  Adds api function access to admin identified by 'UserName'.  i.e. adds a new
aro_aco entry for aro '/admins/<UserName>' and aco '/api/<ApiFunction>'.




AdminRemoveAdminApiPermissions
-------------


-->
MessageType=request
Function=AdminRemoveAdminApiPermissions
TransactionToken=<string>
ServerTransactionToken=<string>
ADMIN_CREDENTIAL
UserName=<string>
NPermission=<#>
ApiFunction=<string>
[(
  ApiFunction\[<i>\]=<string>
){NPermission-1}]


<--
(
Response=fail
[Reason=<string>]         |
Response=success
[Reason=<string>]


Comments:
  Removes api function access to admin identified by 'UserName'.  i.e.  removes
aro_aco entry for aro '/admins/<UserName>' and aco '/api/<ApiFunction>'.





AdminSetAdminApiPermissions
-------------


-->
MessageType=request
Function=AdminSetAdminApiPermissions
TransactionToken=<string>
ServerTransactionToken=<string>
ADMIN_CREDENTIAL
UserName=<string>
NPermission=<#>
ApiFunction=<string>
[(
  ApiFunction\[<i>\]=<string>
){NPermission-1}]


<--
(
Response=fail
[Reason=<string>]         |
Response=success
[Reason=<string>]


Comments:
  Removes all api access functions for admin <UserName> and adds the
<ApiFuncion[<i>]> in their place.




AdminGetCustomCard
-------------


-->
MessageType=request
Function=AdminGetCustomCard
TransactionToken=<string>
ServerTransactionToken=<string>
ADMIN_CREDENTIAL
(
[MagTrack=<#>]
MagStripe=<#>    |
MagToken=<#>
)


<--
(
Response=fail
[Reason=<string>]         |
Response=success
[Reason=<string>]
MagStripe=(<#>|)
RFSite=(<#>|)
RFID=(<#>|)
CardId=<#>
Comment=<string>
LastUsed=<string>
Issued=<date>
FirstUsed=<date>



Comments:

  The provided MagStripe should be the custom card id, without the
associated 'card number' (the last two digits as they exist on the magstripe).
This will only search custom cards.



AdminGetAdmins
-------------


-->
MessageType=request
Function=AdminGetAdmins
TransactionToken=<string>
ServerTransactionToken=<string>
ADMIN_CREDENTIAL
UserName=<string>

<--
(
Response=fail
[Reason=<string>]         |
Response=success
[Reason=<string>]
NUsers=<#>
UserName=<string>
[(
  UserName\[<i>\]=<string>
){NUsers-1}]


Comments:
  Returns a list of admins from the groups that the admin identified by
USER_CREDENTIAL has access to.



AdminSearchCards
-------------


-->
MessageType=request
Function=AdminSearchCards
TransactionToken=<string>
ServerTransactionToken=<string>
ADMIN_CREDENTIAL
SearchText=<string>

<--
(
Response=fail
[Reason=<string>]         |
Response=success
[Reason=<string>]
NItem=<#>
CardId=<#>
MagToken=<string>
RFIDToken=<string>
Comment=<string>
UserId=<#>
LastUsed=<date>
FirstUsed=<date>
GroupId=<#>
UserName=<string>
GropuName=<string>
[(
  CardId=<#>
  MagToken=<string>
  RFIDToken=<string>
  Comment=<string>
  UserId=<#>
  LastUsed=<date>
  FirstUsed=<date>
  GroupId=<#>
  UserName=<string>
  GropuName=<string>
){NItem-1}]
  

Comments:
  Returns a list of cards that match SearchText when a wildcard match (
'%<SearchText>%' done on :
  user_card.mag_token
  user_card.rfid_token
  user_card.comment
  user_card.issued
  user_card.lastused
  user_card.firstused
  user_card.username
  groups.group_name

  only active cards are returned.

  There is a hard limit of 100 results returned.




AdminSearchUsers
-------------


-->
MessageType=request
Function=AdminSearchUsers
TransactionToken=<string>
ServerTransactionToken=<string>
ADMIN_CREDENTIAL
SearchText=<string>

<--
(
Response=fail
[Reason=<string>]         |
Response=success
[Reason=<string>]
Address
City
Comment
Email
FirstName
LastName
NItem
Phone
ShippingAddress
ShippingCity
ShippingCountryCode
ShippingCountryName
ShippingName
ShippingState
ShippingZIP
State
UserId
UserName
ZIP
[(
  Address\[<i>\]
  City\[<i>\]
  Comment\[<i>\]
  Email\[<i>\]
  FirstName\[<i>\]
  LastName\[<i>\]
  NItem\[<i>\]
  Phone\[<i>\]
  ShippingAddress\[<i>\]
  ShippingCity\[<i>\]
  ShippingCountryCode\[<i>\]
  ShippingCountryName\[<i>\]
  ShippingName\[<i>\]
  ShippingState\[<i>\]
  ShippingZIP\[<i>\]
  State\[<i>\]
  UserId\[<i>\]
  UserName\[<i>\]
  ZIP\[<i>\]
){NItem-1}]


Comments:
  Returns a of users that match SearchText when a wildcard match (
'%<SearchText>%' done on :
    users.userid
    users.username
    users.first_name
    users.last_name
    users.phone
    users.email
    users.address
    users.city
    users.state
    users.zip
    users.comment
    users.shipping_name
    users.shipping_address
    users.shipping_city
    users.shipping_state
    users.shipping_zip
    users.shipping_country_code
    users.shipping_country_name
    groups.group_name


  only active users are returned.

  There is a hard limit of 100 results returned.





AdminSearchAdmins
-------------


-->
MessageType=request
Function=AdminSearchAdmins
TransactionToken=<string>
ServerTransactionToken=<string>
ADMIN_CREDENTIAL
SearchText=<string>

<--
(
Response=fail
[Reason=<string>]         |
Response=success
[Reason=<string>]
NItem=<#>
GroupId=<#>
GroupName=<#>
UserId=<#>
UserName=<#>
[(
  GroupId=<#>
  GroupName=<#>
  UserId=<#>
  UserName=<#>
){NItem-1}]
  

Comments:

  Returns a list of admins that match SearchText when a wildcard match (
'%<SearchText>%' done on :
  admins.username
  admins.userid
  admins.group_id

  only active admins are returned.

  There is a hard limit of 100 results returned.