Visit our Facebook Page!Visit our Instagram page!Follow us on Twitter!Subscribe to our YouTube page!Follow us on LinkedIn!Follow us on TikTok!

eLease Financial CRM Solution


CRM Outline and Functionality document: 




Canadian Enterprise Hosting:

  • Two hosting accounts Development & Production

  • 50GB Disk Space




Back-end Administration Security

OSM has a hardened and trusted security platform which it will use to form the base of this platform so that a completely new security system does not have to be crafted within this project. At the request of the client and in order to ensure portability of this solution, this security toolset is being sold and not licensed in this case. Licensing Option is also available which includes support and maintenance.


Security Feature List

  • User Password protected PHP session based security. Any unauthorized requests redirected to login screen.

  • User Password obfuscation/encryption (SIN #s and any other confidential data can also be obfuscated for DB storage)

  • Automatic password expiration - force a password change after X number of days since the last password change.

  • Brute force protection - Failed logins will be tracked, storing the IP Address, User Name and date. Visitors with the specified number of consecutive failed attempts will be blocked from logging in until the conditional time period has passed.

  • Any documents desired to be stored outside of publicly accessible directories to ensure no outside access possible (with exception any images to be displayed in emails/HTML content). This may limit some technical options in referencing documents outside of the system.

  • Software firewall - ConfigServer Security & Firewall (csf) - this works to block any malicious requests as well as maintain a blacklist of offenders.

  • ModSecurity - A huge driving force for server security. Mod Security has a huge database of

rules/violations and checks every and all server requests against the database and blocks any

requests that hit on a rule/violation. We also have added our own custom rules that completely

prevent an attacker from uploading PHP executable code of any kind across the board (such as PHP shells). Also, Mod Security works in conjunction with the software firewall to automatically block suspect IP addresses after a few rule violations. 

  • cPanel/WHM Fully Managed hosting keeps server OS/software current and updated automatically. 

  • SSL secured connection (HTTPS) 

  • Maintain best practices in programming and design

Database Administration


  • Translate documented schema into working database.

  • Analyze and improve where necessary.

  • Maintain documentation of database schema for future reference.

  • Ensure DB schema is efficient as possible to provide speedy query results and ability to handle larger record volume over time.

  • Leverage MySQL Views

  • Ongoing over course of project as each area is developed

User Management


  • Add/Edit/Delete users (unlimited users)

  • Password minimum strength enforcement

  • Settings to manage brute force protections

  • Settings to manage password expiration frequency

  • User login tracking and reporting

  • UI Development

Login screen


  • Brute force protection

  • Forgot password - enter email address to receive single use link to reset password

  • Password reset (after requesting forgot password)

  • User login processing

  • UI Design and Development

Admin Navigation

  • Quick access menu to conveniently navigate around CRM

  • Hamburger menu slide out

General Technicals


  • URL Beautification

  • No index/follow to discourage search engines indexing the CRM

  • Maintain database of file extensions and MIME types

  • Logic to prevent re-submitting forms upon page refresh

  • PHP 7.3, MariaDB 10

Home/Landing Page


  • Simple easy to use interface to organize submitted applications/transactions by status tabs.

  • Filter options to search transactions in selected tab by Vendor, Funder, Individual, Business as well as Date From/To (date pickers).

  • Total asset cost shown per tab

  • Quick stats indicated to show number of transactions/applications Submitted, In Review, Approved and Declined.

  • Links to CRM settings, user management, “Submit Application”, View Vendors, View Funders, internal documents.

  • Generate Invoice to be possibly detailed at a later date.

  • Link to Reports

  • Each transaction/application record to have shortcuts to open Vendor, Funder information respectively when appropriate (as demonstrated in 4.1, 4.2, 5.1).

  • UI Design and Development


Home - Reports Mode


  • Show comprehensive filter/search form to display all funded transactions by all possible metrics and statuses (this should cover most initial reporting visibility mentioned via email).
    Ex: Search form to contain
    Vendor: [List of vendors]
    Funder: [List of Funders]
    Representative: [List of reps]
    Business: [List of businesses]
    Province: [List of provinces]
    Date range
    Search button


    • Display funded by Vendors, Funders, businesses etc.

    • Any special “grouping” of data could be handled by building additional reports

    • Total Funded amount clearly indicated at top of report

Submit/Create Application


  • Customer Details

    • Types: Corporation, Individual

    • Selection of Type determines form fields visible

    • Ability to dynamically add and remove applicant blocks

    • Field input masking to ensure data uniformity where possible (phone numbers, postal codes)

    • Ability to pre-fill fields for an individual/corporation by browsing existing records. Form would track when an existing customer ID is being used to skip submission “customer already exists” validation checks.

  • Transaction Details

    • Dynamically add/remove asset blocks

    • Specially formatted text fields to show $ inside the box

    • Vendor selection

      • Opens pop up to view Vendors for selection

      • Ability to add Vendor

      • Pick Vendor and return to application

    • Funder selection

      • Opens pop up to view Funders for selection

      • Ability to add Funder

      • Pick Funder and return to application

  • Documents

    • Vendor, Funder documents can be automatically added to “attached documents” upon Vendor/Funder selection

    • Ability to upload documents

      • Note this may present challenges to handle uploading/queing documents for an application which may not exist at the time of uploading.

  • Form Submission

    • Validate required form fields are entered (heavily dynamic depending on which types of applicants chosen)

    • If a customer/business manually entered (not selected from existing database)

      • Search appropriate database tables dynamically according to types of applicants chosen to determine if there is an existing customer.

      • Indication if there is a similar or exact match.

      • If match found, present confirmation to proceed or return to form

  • Processing/Saving of all submitted data

  • Significant detailed javascript logic

  • Javascript logic to confirm leaving page

  • UI Design and development


Credit Worksheet (Editing an Application/Transaction)


  • 3 tab display: Credit sheet, Submission Documents, and Credit Write Up

  • Credit Sheet tab interface similar to Submit Application

    • No validation for adding new customers (editing existing).

    • No “Add from existing”

    • Header details about date/time submitted, submission ID, representative

    • Transaction status - One per asset or should this be one per application?

    • Re-use same vendor/funder features from Submit Application

    • “Print Credit Sheet”

      • Dynamic PDF document generation (download prompt) summarizing all “saved” information entered on the credit sheet. Perhaps require save worksheet prior to PDF generation.

  • Submission Documents tab

    • Show dynamically attached documents from Vendors/Funders

    • Removing auto-attached documents just removes the association.

    • Printing documents initiated by javascript may not be possible

    • Ability to download

    • Copy to Other Submission

      • Multi-select checkboxes per document

      • New window appears to filter/select existing applications to assign files to.

  • Credit Write Up

    • Integrate/configure base version of CKEditor 5 (free, locally hosted and open source, we use it in SiteApex).

    • Image handling may require extra solutioning and cost depending on desired level of use. I believe CKEditor can provide some basic image importing support by default.

    • Transaction Summary

      • Unless we save the Credit sheet when leaving the tab, we will need to build dynamic javascript logic to display real time information based on form fields for applicants and assets on the Credit Sheet tab

  • Javascript logic to confirm leaving page if unsaved changes exist



  • List Vendors with search filtering

  • New Vendor button - Opens overlay window for Add Vendor

  • Add/Edit Vendors in overlay window - All form fields indicated in 4.1 and 4.2 Wireframes. File attachments. Valid/Invalid status. Re-Validate Date picker.

  • Add Vendor - logic to confirm if a vendor exists or matches an existing vendor and present confirmation to proceed.

  • UI Design and development



  • List Funders with search filtering

  • New Funder button - Opens overlay window for Add Funder

  • Add/Edit Funder in overlay window - All form fields indicated in 5.1 Wireframe. File attachments.

  • Add Funder - logic to confirm if a funder exists or matches an existing funder and present confirmation to proceed.

  • UI Design and development

Internal Documents


  • Directory traversal with breadcrumb trail

  • List files in each folder

  • Upload files - Uploads to current folder

  • Download files

  • Delete files - confirmation step

  • Create folder

  • Delete folders - confirmation step if files within folder



  • Maintain comments in coding to add definition and context to programming logic.

  • Maintain document detailing all system files and folders

  • Ongoing over the project

Client Communication & Feedback


  • Work with the client on pre-established intervals to ensure direction of development stays on course with desired vision.

  • Work with client to build/confirm final solutions in detail

  • Expect client review and feedback of every feature and interface.

  • Allowance for scope variance as desired solutions may evolve/mature as development progresses.
    Note: new additions/features may require additional estimates/costs.

  • Communication



  • Initialize Change Control process to launch CRM from development to production site.

  • Ensure/test production site ready for use

Quoting Process

  • Analyze, interpret and build specifications.

  • Consulting operations and support team members.

  • Project time to develop.