source: branches/1.1dev/config/defaults.inc.php @ 754

Last change on this file since 754 was 754, checked in by anonymous, 2 years ago

Minor backporting

File size: 7.1 KB
Line 
1<?php
2/* defaults.inc.php
3 * code by strangecode :: www.strangecode.com :: this document contains copyrighted information. */
4
5
6/*
7 * This file contains global configuration variables that apply to the underlying
8 * codebase framework. These values can be overwritten in a site-specific config
9 * file to customize values for a specific site.
10 */
11
12
13// $CFG is the object we store all global codebase configuration variables in.
14if (!isset($CFG)) {
15    $CFG = new stdClass;
16}
17
18
19/******************************************************************************
20 * DEBUGGERY SETTINGS
21 *****************************************************************************/
22
23// The level of error reporting. Don't set this to 0 to suppress messages, use display_errors to control display.
24setDefault($CFG->error_reporting, E_ALL & ~E_NOTICE & ~E_STRICT);
25error_reporting($CFG->error_reporting);
26
27// Location to store log files.
28setDefault($CFG->log_directory, realpath(SITE_BASE . '/../log'));
29
30// Don't display errors, but do log them to a file.
31setDefault($CFG->display_errors, false);
32
33// Database debugging.
34setDefault($CFG->db_debug, false); // TRUE = display db errors.
35setDefault($CFG->db_die_on_failure, true); // TRUE = script stops on db error.
36setDefault($CFG->db_always_debug, false); // TRUE = display all SQL queries.
37
38// Logging priority can be any of the following, or null to deactivate:
39// LOG_EMERG     system is unusable
40// LOG_ALERT     action must be taken immediately
41// LOG_CRIT      critical conditions
42// LOG_ERR       error conditions
43// LOG_WARNING   warning conditions
44// LOG_NOTICE    normal, but significant, condition
45// LOG_INFO      informational message
46// LOG_DEBUG     debug-level message
47setDefault($CFG->log_file_priority, LOG_DEBUG);
48setDefault($CFG->log_email_priority, LOG_WARNING);
49setDefault($CFG->log_sms_priority, false);
50setDefault($CFG->log_screen_priority, false);
51
52// Email address to receive log event emails.
53setDefault($CFG->log_to_email, 'log@strangecode.com');
54
55// SMS Email address to receive log event SMS messages
56setDefault($CFG->log_to_sms, 'sms@strangecode.com');
57
58// General error log for the applications.
59setDefault($CFG->log_filename, 'app_error_log');
60
61// Should we avoid logging repeated logMsg() events? You might want to set this false if you need to see more accurate logging, particularly for long-running scripts.
62setDefault($CFG->log_ignore_repeated_events, true);
63
64/******************************************************************************
65 * CODEBASE FEATURES
66 *****************************************************************************/
67
68// Use mysql database?
69setDefault($CFG->enable_mysql, true);
70
71// Use php sessions?
72setDefault($CFG->enable_session, true);
73
74// Pass the session-id through URLs if cookies are not enabled?
75// Disable this to prevent session ID theft.
76setDefault($CFG->session_use_trans_sid, false);
77
78// Use mysql-based sessions?
79setDefault($CFG->enable_mysql_session_handler, false);
80
81/******************************************************************************
82 * USER LOGIN SETTINGS
83 *****************************************************************************/
84
85// The maximum amount of time a user is allowed to be logged in.
86// They will be forced to login again if they expire.
87// This applies to admins and users. In seconds.
88// 21600 seconds = 6 hours.
89setDefault($CFG->login_timeout, 21600);
90
91// The maximum amount of time a user is allowed to be idle before
92// their session expires. They will be forced to login again if they expire.
93// This applies to admins and users. In seconds.
94// 3600 seconds = 1 hour.
95setDefault($CFG->idle_timeout, 3600);
96
97/******************************************************************************
98 * ACCOUNT ABUSE SETTINGS
99 *****************************************************************************/
100
101// The period of time to compare login abuse attempts. If a threshold of
102// logins is reached in this amount of time the account is blocked.
103// Days and hours, like this: 'DD:HH'
104$CFG->login_abuse_timeframe = '04:00'; // 4 days
105
106// The number of warnings a user will receive (and their password reset each
107// time) before their account is completely blocked.
108$CFG->login_abuse_warnings = 3;
109
110// The maximum number of IP addresses a user can login with over the
111// timeout period before their account is blocked.
112$CFG->login_abuse_max_ips = 5;
113
114// The IP address subnet size threshold. Uses a CIDR notation
115// network mask. Any integar between 0 and 32 is permitted. Setting this
116// to '24' permits any address in a class C network (255.255.255.0)
117// to be considered the same. Setting to '32' compares each IP absolutely.
118// Setting to '0' ignores all IPs.
119$CFG->login_abuse_ip_bitmask = 32;
120
121// Array of IP addresses or hostnames that are to be granted relaxed auth access.
122// Specifically, these will be networks that fall behind shifting proxy server
123// and because the client IP would change between requests auth would fail.
124setDefault($CFG->trusted_networks, array());
125
126// Array of usernames which are exempt from abuse detection.
127setDefault($CFG->login_abuse_exempt_usernames, array());
128
129// Array of usernames which are exempt from remote_ip matching. Users behind
130// proxy servers should be appended to this array so their shifting remote IP
131// will not log them out.
132setDefault($CFG->match_remote_ip_exempt_usernames, array());
133
134/******************************************************************************
135 * SESSION CONFIGURATION
136 *****************************************************************************/
137
138// Session name.
139setDefault($CFG->session_name, '_session');
140
141// If not using cookies, will pass session ID by URL.
142setDefault($CFG->session_use_cookies, true);
143
144// Skip session for some user agents.
145if (preg_match('/Atomz|ApacheBench|Wget/i', getenv('HTTP_USER_AGENT'))) {
146    $CFG->enable_session = false;
147}
148
149// The maximum byte size that the session cache will hold.
150// Used in SessionCache.inc.php
151define('SESSION_CACHE_SIZE_BYTES', 204800); // 200 Kilobytes.
152
153
154/******************************************************************************
155 * ET CETERA
156 *****************************************************************************/
157
158setDefault($CFG->site_email, '');
159
160setDefault($CFG->site_url, sprintf('%s://%s', ('on' == getenv('HTTPS') ? 'https' : 'http'), getenv('HTTP_HOST')));
161setDefault($CFG->admin_url, sprintf('%s/admin/', $CFG->site_url));
162
163// Used as the fifth parameter to mail() to set the return address for sent messages. Requires safe_mode off.
164setDefault($CFG->envelope_sender_address, "-f $CFG->site_email");
165
166// Character set for page output. Used by App::oTxt(), boot.inc.php sends a Content-Type header, and header.ihtml should have <meta content-type> tag.
167setDefault($CFG->character_set, 'ISO-8859-1');
168
169// A key for calculating simple cryptographic signatures.
170if (!empty($_SERVER['SIGNING_KEY'])) {
171    $CFG->signing_key = $_SERVER['SIGNING_KEY'];
172} else {
173    $CFG->signing_key = 'change me please';
174}
175
176// The human-readable format used to display dates.
177setDefault($CFG->date_format, 'd M Y');
178setDefault($CFG->time_format, 'h:i:s A');
179setDefault($CFG->mysql_date_format, '%e %b %Y');
180setDefault($CFG->mysql_time_format, '%k:%i');
Note: See TracBrowser for help on using the repository browser.