source: branches/1.1dev/config/defaults.inc.php @ 570

Last change on this file since 570 was 570, checked in by anonymous, 8 years ago

Added missing default config values. Removed unused auth config.
File size: 6.7 KB
Line 
1<?php
2/* defaults.inc.php
3 * code by strangecode :: www.strangecode.com :: this document contains copyrighted information. */
4
5
6/*
7 * This file contains global configration variables that apply to the underlying
8 * codebase framework. These values can be overwritten in a site-specific config
9 * file to customize values for a specific site.
10 */
11
12
13// $CFG is the object we store all global codebase configuration variables in.
14if (!isset($CFG)) {
15    $CFG = new stdClass;
16}
17
18
19/******************************************************************************
20 * DEBUGGERY SETTINGS
21 *****************************************************************************/
22
23// The level of error reporting. Don't set this to 0 to suppress messages, use display_errors to control display.
24setDefault($CFG->error_reporting, E_ALL & ~E_NOTICE & ~E_STRICT);
25error_reporting($CFG->error_reporting);
26
27// Location to store log files.
28setDefault($CFG->log_directory, realpath(SITE_BASE . '/../log'));
29
30// Don't display errors, but do log them to a file.
31setDefault($CFG->display_errors, false);
32
33// Database debugging.
34setDefault($CFG->db_debug, false); // TRUE = display db errors.
35setDefault($CFG->db_die_on_failure, true); // TRUE = script stops on db error.
36setDefault($CFG->db_always_debug, false); // TRUE = display all SQL queries.
37
38// Logging priority can be any of the following, or null to deactivate:
39// LOG_EMERG     system is unusable
40// LOG_ALERT     action must be taken immediately
41// LOG_CRIT      critical conditions
42// LOG_ERR       error conditions
43// LOG_WARNING   warning conditions
44// LOG_NOTICE    normal, but significant, condition
45// LOG_INFO      informational message
46// LOG_DEBUG     debug-level message
47setDefault($CFG->log_file_priority, LOG_DEBUG);
48setDefault($CFG->log_email_priority, LOG_WARNING);
49setDefault($CFG->log_sms_priority, false);
50setDefault($CFG->log_screen_priority, false);
51
52// Email address to receive log event emails.
53setDefault($CFG->log_to_email, 'log@strangecode.com');
54
55// SMS Email address to receive log event SMS messages
56setDefault($CFG->log_to_sms, 'sms@strangecode.com');
57
58// General error log for the applications.
59setDefault($CFG->log_filename, 'app_error_log');
60
61/******************************************************************************
62 * CODEBASE FEATURES
63 *****************************************************************************/
64
65// Use mysql database?
66setDefault($CFG->enable_mysql, true);
67
68// Use php sessions?
69setDefault($CFG->enable_session, true);
70
71// Use mysql-based sessions?
72setDefault($CFG->enable_mysql_session_handler, false);
73
74/******************************************************************************
75 * USER LOGIN SETTINGS
76 *****************************************************************************/
77
78// The maximum amount of time a user is allowed to be logged in.
79// They will be forced to login again if they expire.
80// This applies to admins and users. In seconds.
81// 21600 seconds = 6 hours.
82setDefault($CFG->login_timeout, 21600);
83
84// The maximum amount of time a user is allowed to be idle before
85// their session expires. They will be forced to login again if they expire.
86// This applies to admins and users. In seconds.
87// 3600 seconds = 1 hour.
88setDefault($CFG->idle_timeout, 3600);
89
90/******************************************************************************
91 * ACCOUNT ABUSE SETTINGS
92 *****************************************************************************/
93
94// The period of time to compare login abuse attempts. If a threshold of
95// logins is reached in this amount of time the account is blocked.
96// Days and hours, like this: 'DD:HH'
97$CFG->login_abuse_timeframe = '04:00'; // 4 days
98
99// The number of warnings a user will receive (and their password reset each
100// time) before their account is completely blocked.
101$CFG->login_abuse_warnings = 3;
102
103// The maximum number of IP addresses a user can login with over the
104// timeout period before their account is blocked.
105$CFG->login_abuse_max_ips = 5;
106
107// The IP address subnet size threshold. Uses a CIDR notation
108// network mask. Any integar between 0 and 32 is permitted. Setting this
109// to '24' permits any address in a class C network (255.255.255.0)
110// to be considered the same. Setting to '32' compares each IP absolutely.
111// Setting to '0' ignores all IPs.
112$CFG->login_abuse_ip_bitmask = 32;
113
114// Array of IP addresses or hostnames that are to be granted relaxed auth access.
115// Specifically, these will be networks that fall behind shifting proxy server
116// and because the client IP would change between requests auth would fail.
117setDefault($CFG->trusted_networks, array());
118
119// Array of usernames which are exempt from abuse detection.
120setDefault($CFG->login_abuse_exempt_usernames, array());
121
122// Array of usernames which are exempt from remote_ip matching. Users behind
123// proxy servers should be appended to this array so their shifting remote IP
124// will not log them out.
125setDefault($CFG->match_remote_ip_exempt_usernames, array());
126
127/******************************************************************************
128 * SESSION CONFIGURATION
129 *****************************************************************************/
130
131// Session name.
132setDefault($CFG->session_name, '_session');
133
134// If not using cookies, will pass session ID by URL.
135setDefault($CFG->session_use_cookies, true);
136
137// Skip session for some user agents.
138if (preg_match('/Atomz|ApacheBench|Wget/i', getenv('HTTP_USER_AGENT'))) {
139    $CFG->enable_session = false;
140}
141
142// The maximum byte size that the session cache will hold.
143// Used in SessionCache.inc.php
144define('SESSION_CACHE_SIZE_BYTES', 204800); // 200 Kilobytes.
145
146
147/******************************************************************************
148 * ET CETERA
149 *****************************************************************************/
150
151setDefault($CFG->site_email, '');
152
153setDefault($CFG->site_url, sprintf('%s://%s', ('on' == getenv('HTTPS') ? 'https' : 'http'), getenv('HTTP_HOST')));
154setDefault($CFG->admin_url, sprintf('%s/admin/', $CFG->site_url));
155
156// Used as the fifth parameter to mail() to set the return address for sent messages. Requires safe_mode off.
157setDefault($CFG->envelope_sender_address, "-f $CFG->site_email");
158
159// Character set for page output. Used by App::oTxt(), boot.inc.php sends a Content-Type header, and header.ihtml should have <meta content-type> tag.
160setDefault($CFG->character_set, 'ISO-8859-1');
161
162// A key for calculating simple cryptographic signatures.
163if (!empty($_SERVER['SIGNING_KEY'])) {
164    $CFG->signing_key = $_SERVER['SIGNING_KEY'];
165} else {
166    $CFG->signing_key = 'change me please';
167}
168
169// The human-readable format used to display dates.
170setDefault($CFG->date_format, 'd M Y');
171setDefault($CFG->time_format, 'h:i:s A');
172setDefault($CFG->mysql_date_format, '%e %b %Y');
173setDefault($CFG->mysql_time_format, '%k:%i');
Note: See TracBrowser for help on using the repository browser.