X-Git-Url: https://vcs.fsf.org/?p=squirrelmail.git;a=blobdiff_plain;f=config%2Fconfig_default.php;h=e52c821999c747e6ce2528240bc09ececaeb8514;hp=93b5fdac65cdba12c9e18c60fdc667edbdf04307;hb=c4faef335b2362c81b8ebf026d4066c12d70536c;hpb=93d67e0d5939181eb6c57f6141b9f1786d784233;ds=sidebyside diff --git a/config/config_default.php b/config/config_default.php index 93b5fdac..e52c8219 100644 --- a/config/config_default.php +++ b/config/config_default.php @@ -15,7 +15,7 @@ * passwords being leaked to e.g. other system users. Take extra care when * the webserver is shared with untrusted users. * - * @copyright © 2000-2006 The SquirrelMail Project Team + * @copyright 2000-2020 The SquirrelMail Project Team * @license http://opensource.org/licenses/gpl-license.php GNU Public License * @version $Id$ * @package squirrelmail @@ -23,7 +23,6 @@ */ /* Do not change this value. */ -global $version; global $config_version; $config_version = '1.5.0'; @@ -86,21 +85,23 @@ $frame_top = '_top'; /** * Provider name * - * Here you can set name of the link displayed on the right side of main page. + * Here you can set the text of the link displayed on the top-right + * of the message list. + * + * Defaults to empty (no link). * - * Link will be displayed only if you have $hide_sm_attributions - * option set to true. * @global string $provider_name */ -$provider_name = 'SquirrelMail'; +$provider_name = ''; /** * Provider URI * - * Here you can set URL of the link displayed on the right side of main page. - * When empty, this refers to the SquirrelMail About page. - * Link will be displayed only if you have $hide_sm_attributions - * option set to true. + * Here you can set URL of the link displayed on the top-right of + * the message list. + * + * Defaults to empty (no link). + * * @global string $provider_uri */ $provider_uri = ''; @@ -297,6 +298,15 @@ $smtp_sitewide_pass = ''; */ $imap_auth_mech = 'login'; +/** + * Show login error from the IMAP server (true) or show + * the traditional/generic "Unknown user or password + * incorrect" (false)? + * + * @global boolean $display_imap_login_error + */ +$display_imap_login_error = false; + /** * IMAP folder delimiter * @@ -321,6 +331,17 @@ $optional_delimiter = 'detect'; */ $pop_before_smtp = false; +/** + * POP before SMTP server address + * + * When using POP3 before SMTP, if the POP server address is + * not the same as the SMTP server address, specify it here. + * If this is left empty, the SMTP server address will be + * used by default. + * @global bool $pop_before_smtp_host + */ +$pop_before_smtp_host = ''; + /*** Folder Settings ***/ /** @@ -562,7 +583,7 @@ $default_use_priority = true; * SquirrelMail Attributions Control * * This option disables display of "created by SquirrelMail developers" - * strings and provider link + * strings and links. * @global bool $hide_sm_attributions * @since 1.2.0 */ @@ -580,15 +601,18 @@ $default_use_mdn = true; * Identity Controls * * If you don't want to allow users to change their email address - * then you can set $edit_identity to false, if you want them to + * then you can set $edit_identity to false; if you want them to * not be able to change their full name too then set $edit_name - * to false as well. $edit_name has no effect unless $edit_identity - * is false; + * to false as well. $edit_reply_to likewise controls users' ability + * to change their reply-to address. $edit_name and $edit_reply_to + * have no effect unless $edit_identity is false; * @global bool $edit_identity * @global bool $edit_name + * @global bool $edit_reply_to */ $edit_identity = true; $edit_name = true; +$edit_reply_to = true; /** * SquirrelMail adds username information to every sent email. @@ -661,6 +685,65 @@ $allow_advanced_search = 0; */ $session_name = 'SQMSESSID'; +/** + * Secure Cookies + * + * Only transmit cookies via a secure connection + * if the session was started using HTTPS/SSL? + * + * Highly recommended + * + * @global bool $only_secure_cookies + * @since 1.5.2 and 1.4.16 + */ +$only_secure_cookies = true; + +/** + * Secure Forms + * + * Disable security tokens used to authenticate the + * source of user data received by SquirrelMail? + * + * It is highly discouraged to enable this setting. + * + * @global bool $disable_security_tokens + * @since 1.5.2 and 1.4.20RC1 + */ +$disable_security_tokens = false; + +/** + * Check Page Referrer + * + * Enforces a safety check on page requests by checking + * that the referrer is the domain specified by this + * setting. If this setting is "###DOMAIN###", the + * current value of the $domain variable will be used + * for the check. + * + * If a browser doesn't send referrer data, this check + * will be silently bypassed. + * + * Examples: + * $check_referrer = 'example.com'; + * $check_referrer = '###DOMAIN###'; + * + * @global string $check_referrer + * @since 1.5.2 and 1.4.20RC1 + */ +$check_referrer = ''; + +/** + * Security Image Type + * + * Switches between using a transparent image + * and one that states "this image has been + * removed for security reasons" + * + * @global bool $use_transparent_security_image + * @since 1.5.2 and 1.4.23 + */ +$use_transparent_security_image = true; + /** * User Themes @@ -757,11 +840,26 @@ $icon_themes[3]['NAME'] = 'XP Style Icons'; * being used. (Must be the "ID" of the desired * template set) * + * $rpc_templateset sets the skin that will be used by default + * when a user is making an RPC request. This + * does not usually need to be changed, but + * can be used to change the RPC protocol that + * is used to respond to RPC requets. (Must be + * the "ID" of the desired template set and + * should NOT be a template set that is included + * in the $aTemplateSet list; PLEASE NOTE that + * new RPC template sets should always be named + * "_rpc", as SquirrelMail will assume + * any template sets ending in "_rpc" are intended + * for its RPC interface only) + * * @global string $templateset_default * @global string $templateset_fallback + * @global string $rpc_templateset */ $templateset_default = 'default'; $templateset_fallback = 'default'; +$rpc_templateset = 'default_rpc'; $aTemplateSet[0]['ID'] = 'default'; $aTemplateSet[0]['NAME'] = 'Default'; @@ -875,10 +973,10 @@ $motd = ""; /** * To install plugins, just add elements to this array that have * the plugin directory name relative to the /plugins/ directory. - * For instance, for the 'sqclock' plugin, you'd put a line like + * For instance, for the 'squirrelspell' plugin, you'd put a line like * the following. - * $plugins[] = 'sqclock'; - * $plugins[] = 'attachment_common'; + * $plugins[] = 'squirrelspell'; + * $plugins[] = 'listcommands'; */ // Add list of enabled plugins here @@ -897,13 +995,13 @@ $disable_plugins_user = ''; /*** Database ***/ /** - * Read doc/database.txt in order to get more information + * Read the administrator's manual in order to get more information * about these settings. */ /** * Database-driven private addressbooks * DSN (Data Source Name) for a database where the private - * addressbooks are stored. See doc/db-backend.txt for more info. + * addressbooks are stored. See the administrator's manual for more info. * If it is not set, the addressbooks are stored in files * in the data dir. * The DSN is in the format: mysql://user:pass@hostname/dbname @@ -1122,12 +1220,69 @@ $use_php_recode = false; $use_php_iconv = false; /** + * Output Buffering + * + * In some cases, buffering all output allows more complex functionality, + * especially for plugins that want to add headers on hooks that are beyond + * the point of output having been sent to the browser otherwise (although + * most plugins that need this feature will turn it on automatically by + * themselves). + * + * It is also possible to define a custom output handler as needed by special + * environments. If $buffered_output_handler is non-empty, a function named + * the same as the value of $buffered_output_handler should be defined in + * config_local.php. + * + */ +$buffer_output = false; +$buffered_output_handler = ''; + +/** + * Allow Remote configtest Access + * * Controls remote configuration checks * @global boolean $allow_remote_configtest * @since 1.5.1 */ $allow_remote_configtest = false; +/** + * SquirrelMail Debug Mode + * + * Various debugging levels can be enabled using this setting. + * More than one mode can be used at once by combining them + * with pipes ("|"). See the SM_DEBUG_MODE_* constants in + * include/constants.php + */ +$sm_debug_mode = SM_DEBUG_MODE_OFF; + +/** + * "Secured Configuration" Mode + * + * Enable/disable "Secured Configuration" mode, wherein certain + * security-sensitive configuration settings are made immutable + * by other code. + */ +$secured_config = true; + +/** + * HTTPS Port + * + * This is the HTTPS (SSL-secured HTTP) port. It can be left empty, + * in which case SquirrelMail will assume the standard port 443. + * Make sure to set this correctly when serving HTTPS on a non- + * standard port. + */ +$sq_https_port = 443; + +/** + * Ignore HTTP_X_FORWARDED_* headers? + * + * Whether or not HTTP_X_FORWARDED_* headers are respected by + * SquirrelMail (or plugins). + */ +$sq_ignore_http_x_forwarded_headers = true; + /** * Subscribe Listing Control * @@ -1149,3 +1304,15 @@ $no_list_for_subscribe = false; * @global integer $config_use_color */ $config_use_color = 2; + +/** + * Ask User for Personal Information on login + * + * When a user logs in that doesn't have an email address configured, + * redirect him/her to the options page with a request to fill in their + * personal information. + * + * @global bool $ask_user_info + */ +$ask_user_info = true; +