moved over from lib/plugin to simplify security

[SourceForge/phpwiki.git] / config / config-dist.ini

; This is the main configuration file for PhpWiki.
; Note that certain characters are used as comment char and therefore 
; these entries must be in double-quotes. Such as ":", ";", "," and "|"
;
; <?php die(); ?> for security
;
; This file is divided into eight parts. 
; Each one has different configuration settings you can
; change; in all cases the default should work on your system,
; however, we recommend you tailor things to your particular setting.
; Here undefined definitions get defined by config-default.ini settings.

;=========================================================================
; Part Zero: Latest Development and Tricky Options
;=========================================================================
;
; If PHP needs help in finding where you installed the rest of the PhpWiki
; code, you can set the include_path here.
;
; Override PHP's include path so that it can find some needed additional libraries.
; You shouldn't need to do this unless your system include_path esp. your 
; system pear libs are broken or oudated. The PHPWIKI_DIR is automatically 
; put to the front and the local lib/pear path is automatically added to the end.
; But if you define it, be sure to include either the system pear path or 
; the phpwiki/lib/pear path to override your Pear_DB.
; Note that on Windows-based servers, you should use ; rather than :
; as the path separator.
;INCLUDE_PATH = ".:/usr/local/httpd/phpwiki:/usr/share/pear"

; Set DEBUG to 1 to view the XHTML and CSS validator icons, page
; processing timer, and possibly other debugging messages at the
; bottom of each page. 2 for a more verbose level. See lib/config.php.
; Default: 0
;DEBUG = 1

; Enable the new method of handling WikiUsers.  This is currently an
; experimental feature, although it is considered fairly stable.  It's best
; to leave it on, and only disable it if you have problems with it.
; Servers with memory-limit problems might want to turn it off. It costs ~300KB
; Default: true
;ENABLE_USER_NEW = false

; I suspect ACL page permissions to degrade speed by 10%. Default: true
;ENABLE_PAGEPERM = false

; Graphical buttons on edit. Default: true
; Reportedly broken on MacOSX Safari
;ENABLE_EDIT_TOOLBAR = false

; Adds two additional buttons in EDIT_TOOLBAR, Search&Replace and Undo
; Default: true
;JS_SEARCHREPLACE = true

; Default: true
;ENABLE_DOUBLECLICKEDIT = false

; Needed for inlined SVG and MathM, but may conflict with document.write(). 
; Experimental. Default: false
;ENABLE_XHTML_XML = true

; Store DB query results in memory to avoid duplicate queries.
; Disable only for old php's with low memory or memory_limit=8MB.
; Default: true
;USECACHE = false

; Needs babycart installed. See http://phpwiki.org/SpamAssassinIntegration
; Optionally define BABYCART_PATH. Default: /usr/local/bin/babycart
;ENABLE_SPAMASSASSIN = true

; If GOOGLE_LINKS_NOFOLLOW is true, ref=nofollow is added to 
; all external links to discourage spam. You might want to turn it off,
; if you want to improve pageranks on external links.
;GOOGLE_LINKS_NOFOLLOW = false

; LiveSearch enables immediate title search results via XMLHttpRequest.
; Displays the results in a dropdown under the titlesearch inputbox
; while typing. (experimental, only with certain themes)
; You'll have to copy livesearch.js from http://blog.bitflux.ch/wiki/LiveSearch
; to themes/default/ and define ENABLE_LIVESEARCH in config.ini to true. 
; See themes/blog/themeinfo.php.
; Currently we use the bitflux.ch library, but we will change to 
; the russian acdropdown soon. http://momche.net/publish/article.php?page=acdropdown
;ENABLE_LIVESEARCH = true

;==========================================================================
; Part One: Authentication and security settings.
;
; See Part Three for more.
;==========================================================================
;
; The name of your wiki.
;
; This is used to generate a keywords meta tag in the HTML templates,
; in bookmark titles for any bookmarks made to pages in your wiki,
; and during RSS generation for the <title> of the RSS channel.
;
; To use your own logo and signature files, name them PhpWikiLogo.png
; and PhpWikiSignature.png and put them into themes/default/images
; (substituting "PhpWiki" in the filename with the name you define
; here).
;
; It is recommended this be a relatively short WikiWord like the
; InterWiki monikers found in the InterWikiMap. (For examples, see
; lib/interwiki.map).
WIKI_NAME = PhpWiki

; Visitor Hostname Lookup
;
; If set, reverse dns lookups will be performed to attempt to convert
; the user's IP number into a host name, in the case where the http
; server does not do this.
ENABLE_REVERSE_DNS = true

; Username and password of administrator.
;
; Set these to your preferences. For heaven's sake pick a good
; password and use the passencrypt.php tool to encrypt the password from
; prying eyes.
; http://wolfram.org/writing/howto/password.html
; 
; Logging into the wiki with the admin user and password allows you to lock,
; unlock, or remove pages and to perform other PhpWikiAdministration
; functions. On all other occasions you should simply log in with your
; regular WikiName.
; If your password contains special chars like ";" or ":" better quote it in double-quotes.
;ADMIN_USER = 
; ADMIN_PASSWD is ignored on HttpAuth
;ADMIN_PASSWD =

; It is recommended that you use the passencrypt.php utility to encode the
; admin password, in the event that someone gains ftp or ssh access to the
; server and directory containing phpwiki. Once you have pasted the
; encrypted password into ADMIN_PASSWD, uncomment this next line.
ENCRYPTED_PASSWD = true

; Private ZIP Dumps of All Wiki Pages
;
; If true, only the admin user can make zip dumps. Otherwise anyone
; may download all wiki pages as a single zip archive.
ZIPDUMP_AUTH = false

; The RawHtml plugin allows page authors to embed real, raw HTML into Wiki
; pages.  This is a possible security threat, as much HTML (or, rather,
; JavaScript) can be very risky.  If you are in a controlled environment,
; however, it could be of use.
ENABLE_RAW_HTML = true
; If this is set, only pages locked by the Administrator may contain the RawHtml plugin
ENABLE_RAW_HTML_LOCKEDONLY = true
; If this is set, all unsafe html code is stripped automatically (experimental!)
; See http://chxo.com/scripts/safe_html-test.php
ENABLE_RAW_HTML_SAFE = true

; If you define this to true, (MIME-type) page-dumps (either zip dumps,
; or "dumps to directory" will be encoded using the quoted-printable
; encoding.  If you're actually thinking of mailing the raw page dumps,
; then this might be useful, since (among other things,) it ensures
; that all lines in the message body are under 80 characters in length.
;
; Also, setting this will cause a few additional mail headers
; to be generated, so that the resulting dumps are valid
; RFC 2822 e-mail messages.
;
; Probably you can just leave this set to false, in which case you get
; raw ('binary' content-encoding) page dumps.
STRICT_MAILABLE_PAGEDUMPS = false

; Here you can change the default dump directories.
; (Can be overridden by the directory argument)
DEFAULT_DUMP_DIR = /tmp/wikidump
HTML_DUMP_DIR    = /tmp/wikidumphtml
; Filename suffix used for XHTML page dumps.
; If you don't want any suffix just comment this out.
HTML_DUMP_SUFFIX = .html

; The maximum file upload size, in bytes.
; The default, 16777216, is 16MB.
MAX_UPLOAD_SIZE = 16777216

; If the last edit is older than MINOR_EDIT_TIMEOUT seconds, the
; default state for the "minor edit" checkbox on the edit page form
; will be off.
; The default, 604800, is one week (7 days)
MINOR_EDIT_TIMEOUT = 604800

; Actions listed in this array will not be allowed.  The complete list
; of actions can be found in lib/main.php with the function
; getActionDescription.
; DISABLED_ACTIONS = "dumpserial : loadfile"

; If you enable this option every page is moderated by the ModeratedPage
; action page plugin. Changing a moderated page will be delayed to be 
; granted by a moderator by email.
; ENABLE_MODERATEDPAGE_ALL = true

; PhpWiki can generate an access_log (in "NCSA combined log" format)
; for you. If you want one, define this to the name of the log
; file. The server must have write access to the directory specified.
; Note that even you define ACCESS_LOG_SQL logs are written to this file also.
;ACCESS_LOG = /var/tmp/wiki_access_log

; PhpWiki can read and/or write mod_log_sql accesslog tables for faster
; abuse detection and referer lists.
; If defined (e.g. 1) read-access is done via SQL. 
; If flag 2 is set, phpwiki also writes. (Default on SQL or ADODB)
; This must use DATABASE_TYPE = SQL or ADODB
;ACCESS_LOG_SQL = 1 ; phpwiki reads, apache mod_log_sql writes
;ACCESS_LOG_SQL = 2 ; read + write

; By default PhpWiki will try to have PHP compress its output
; before sending it to the browser, if you have a recent enough
; version of PHP and the browser and action supports it.
; Define COMPRESS_OUTPUT to false to prevent output compression.
; Define COMPRESS_OUTPUT to true to force output compression,
; even if we think your version of PHP does this in a buggy
; fashion.
; Leave it undefined to leave the choice up to PhpWiki. (Recommended)
;
; WARNING: Compressing the output has been reported to cause problems
; when PHP is running on MacOSX or on redirected requests.
; This setting should now be correctly determined automatically.
;COMPRESS_OUTPUT = false

; This controls how PhpWiki sets the HTTP cache control
; headers (Expires: and Cache-Control:) 
;
; Choose one of:
;
; NO_CACHE: This is roughly the old (pre 1.3.4) behavior.  PhpWiki will
;       instruct proxies and browsers never to cache PhpWiki output.
;       This was previously called 'NONE', but NONE was treated specially 
;       by parse_ini_config().
;
; STRICT: Cached pages will be invalidated whenever the database global
;       timestamp changes.  This should behave just like NONE (modulo
;       bugs in PhpWiki and your proxies and browsers), except that
;       things will be slightly more efficient.
;
; LOOSE: Cached pages will be invalidated whenever they are edited,
;       or, if the pages include plugins, when the plugin output could
;       concievably have changed.
;
;       Behavior should be much like STRICT, except that sometimes
;       wikilinks will show up as undefined (with the question mark)
;       when in fact they refer to (recently) created pages.
;       (Hitting your browsers reload or perhaps shift-reload button
;       should fix the problem.)
;
; ALLOW_STALE: Proxies and browsers will be allowed to used stale pages.
;       (The timeout for stale pages is controlled by CACHE_CONTROL_MAX_AGE.)
;
;       This setting will result in quirky behavior.  When you edit a
;       page your changes may not show up until you shift-reload the
;       page, etc...
;
;       This setting is generally not advisable, however it may be useful
;       in certain cases (e.g. if your wiki gets lots of page views,
;       and few edits by knowledgable people who won't freak over the quirks.)
;
; The recommended default is currently LOOSE.
;
CACHE_CONTROL = LOOSE

; Maximum page staleness, in seconds.
;
; This only has effect if CACHE_CONTROL is set to ALLOW_STALE.
CACHE_CONTROL_MAX_AGE = 600

; PhpWiki normally caches a preparsed version (i.e. mostly
; converted to HTML) of the most recent version of each page.
; (Parsing the wiki-markup takes a fair amount of CPU.)
; Define WIKIDB_NOCACHE_MARKUP to true to disable the
; caching of marked-up page content.
; Note that you can also disable markup caching on a per-page
; temporary basis by addinging a query arg of '?nocache=1'
; to the URL to the page or by adding a NoCache plugin line. 
; Use '?nocache=purge' to completely discard the cached version of the page.
; You can also purge the cached markup globally by using the
; "Purge Markup Cache" button on the PhpWikiAdministration page.
; Enable only for old php's with low memory or memory_limit=8MB.
; Default: false
;WIKIDB_NOCACHE_MARKUP = true

COOKIE_EXPIRATION_DAYS = 365
; Default path for the wikiuser cookie. You need to specify this more explicitly
; if you want to enable different users on different wikis on the same host.
;COOKIE_DOMAIN = "/"

;======================================================================
; Part Two: Database Selection
;======================================================================

; Select the database type:
;
;       SQL:   access one of several SQL databases using the PEAR DB library.
;       ADODB: uses the ADODB library for data access.     (most general)
;       dba:   use one of the standard UNIX dbm libraries. (fastest)
;       file:  use a flat file database. (easiest)
;       cvs:   use a CVS server to store everything. (experimental, not recommended)
DATABASE_TYPE = dba
   
; prefix for filenames or table names
;
; Currently you MUST EDIT THE SQL file too (in the schemas/
; directory because we aren't doing on the fly sql generation
; during the installation.
; Note: This prefix is NOT prepended to the default DBAUTH_
;       tables user, pref and member!
;DATABASE_PREFIX = phpwiki_

; For SQL based backends, specify the database as a DSN (Data Source Name),
; a kind of URL for databases.
;
; The most general form of a DSN looks like:
;
;       dbtype(dbsyntax)://username:password@protocol+hostspec/database?option=value&option2=value2
;
; For a MySQL database, the following should work:
;
;       mysql://user:password@host/databasename
;
; To connect over a unix socket, use something like
;
;       mysql://user:password@unix(/path/to/socket)/databasename
;
; Valid values for dbtype are mysql, pgsql, or sqlite.
;
DATABASE_DSN = "mysql://guest@unix(/var/lib/mysql/mysql.sock)/test"

; Keep persistent connections: (mysql_pconnect, ...)
; Recommended is false for bigger servers, and true for small servers 
; with not so many connections. postgresql: Please leave it false. Default: false
; Should really be set as database option in the DSN above.
DATABASE_PERSISTENT = false

; A table to store session information.  Only needed by SQL backends.
;
; A word of warning - any prefix defined above will be prepended to whatever
; is given here.
DATABASE_SESSION_TABLE = session

; For the file and dba backends, this specifies where the data files will be
; located.  Ensure that the user that the webserver runs as has write access
; to this directory.
;
; WARNING: leaving this as the default of '/tmp' will almost guarantee that
; you'll lose your wiki data at some stage.
DATABASE_DIRECTORY = /tmp

; For the dba backend, this defines which DBA variant you wish to use.
;       gdbm - commonly available, Fedora not
;       db2 - Berkeley DB v2; not supported by modern versions of PHP
;       db3 - Berkeley DB v3; as per db2. The best on Windows
;       db4 - Berkeley DB v4; current version, however PHP has some issues
;               with it's db4 support.
;       dbm - Older dba handler; suffers from limits on the size of data
;               items
DATABASE_DBA_HANDLER = gdbm

; How long will the system wait for a database operation to complete?
; Specified in seconds.
DATABASE_TIMEOUT = 5

; If action=upgrade detects mysql problems, but has no ALTER permissions, 
; give here a user which has the necessary ALTER or CREATE permissions.
; Of course you can fix your database manually. See lib/upgrade.php for known issues.
;DBADMIN_USER = root
;DBADMIN_PASSWD = secret

; The login code now uses PHP's session support. Usually, the default
; configuration of PHP is to store the session state information in
; /tmp. That probably will work fine, but fails e.g. on clustered
; servers where each server has their own distinct /tmp (this is the
; case on SourceForge's project web server.) You can specify an
; alternate directory in which to store state information like so
; (whatever user your httpd runs as must have read/write permission
; in this directory):
;SESSION_SAVE_PATH = some_other_directory

;========================================================================
; Section 3a: Page revisions
;
; The next section controls how many old revisions of each page are
; kept in the database.
;========================================================================
;
; There are two basic classes of revisions: major and minor. Which
; class a revision belongs in is determined by whether the author
; checked the "this is a minor revision" checkbox when they saved the
; page.
; 
; There is, additionally, a third class of revisions: author
; revisions. The most recent non-mergable revision from each distinct
; author is an author revision.
;
; The expiry parameters for each of those three classes of revisions
; can be adjusted seperately. For each class there are five
; parameters (usually, only two or three of the five are actually
; set) which control how long those revisions are kept in the
; database.
;
;   MAX_KEEP: If set, this specifies an absolute maximum for the
;             number of archived revisions of that class. This is
;             meant to be used as a safety cap when a non-zero
;             min_age is specified. It should be set relatively high,
;             and it's purpose is to prevent malicious or accidental
;             database overflow due to someone causing an
;             unreasonable number of edits in a short period of time.
;
;   MIN_AGE:  Revisions younger than this (based upon the supplanted
;             date) will be kept unless max_keep is exceeded. The age
;             should be specified in days. It should be a
;             non-negative, real number,
;
;   MIN_KEEP: At least this many revisions will be kept.
;
;   KEEP: No more than this many revisions will be kept.
;
;   MAX_AGE:  No revision older than this age will be kept.
;
; Definitions of terms used above:
;
; Supplanted date: Revisions are timestamped at the instant that they
; cease being the current revision. Revision age is computed using
; this timestamp, not the edit time of the page.
;
; Merging: When a minor revision is deleted, if the preceding
; revision is by the same author, the minor revision is merged with
; the preceding revision before it is deleted. Essentially: this
; replaces the content (and supplanted timestamp) of the previous
; revision with the content after the merged minor edit, the rest of
; the page metadata for the preceding version (summary, mtime, ...)
; is not changed.
;
; Keep up to 8 major edits, but keep them no longer than a month.
MAJOR_MAX_AGE = 32
MAJOR_KEEP = 8

; Keep up to 4 minor edits, but keep them no longer than a week.
MINOR_MAX_AGE = 7
MINOR_KEEP = 4

; Keep the latest contributions of the last 8 authors up to a year.
; Additionally, (in the case of a particularly active page) try to
; keep the latest contributions of all authors in the last week (even
; if there are more than eight of them,) but in no case keep more
; than twenty unique author revisions.
AUTHOR_MAX_AGE = 365
AUTHOR_KEEP = 8
AUTHOR_MIN_AGE = 7
AUTHOR_MAX_KEEP = 20

;========================================================================
; Part Three: User Authentication
;========================================================================
;
; New user authentication configuration:
; We support three basic authentication methods and a stacked array 
; of advanced auth methods to get and check the passwords:
;
; ALLOW_ANON_USER         default true
; ALLOW_ANON_EDIT         default true
; ALLOW_BOGO_LOGIN        default true
; ALLOW_USER_PASSWORDS    default true

; allow anon users to view existing pages
ALLOW_ANON_USER = true
; allow anon users to edit pages
ALLOW_ANON_EDIT = true

; If ALLOW_BOGO_LOGIN is true, users are allowed to login (with
; any/no password) using any userid which: 
;  1) is not the ADMIN_USER, and
;  2) is a valid WikiWord (matches $WikiNameRegexp.)
; If true, users may be created by themselves. Otherwise we need seperate auth. 
; If such a user will create a so called HomePage with his userid, he will 
; be able to store his preferences and password there.
ALLOW_BOGO_LOGIN = true

; True User Authentication:
; To require user passwords:
;   ALLOW_ANON_USER = false
;   ALLOW_ANON_EDIT = false
;   ALLOW_BOGO_LOGIN = false,
;   ALLOW_USER_PASSWORDS = true.
; Otherwise any anon or bogo user might login without any or a wrong password.
ALLOW_USER_PASSWORDS = true

; Many different methods can be used to check user's passwords:
;   BogoLogin:     WikiWord username, with no *actual* password checking,
;                   although the user will still have to enter one.
;   PersonalPage:  Store passwords in the users homepage metadata (simple)
;   Db:            Use DBAUTH_AUTH_* (see below) with PearDB or 
;                   ADODB only.
;   LDAP:          Authenticate against LDAP_AUTH_HOST with LDAP_BASE_DN (experimental)
;   IMAP:          Authenticate against IMAP_AUTH_HOST (email account)
;   POP3:          Authenticate against POP3_AUTH_HOST (email account)
;   File:          Store username:crypted-passwords in .htaccess like files. 
;                  Use Apache's htpasswd to manage this file.
;   HttpAuth:      Use the protection by the webserver (.htaccess/.htpasswd)
;                  Enforcing HTTP Auth not yet. Note that the ADMIN_USER should exist also.
;                  Using HttpAuth disables all other methods and no userauth sessions are used.
;
; Several of these methods can be used together, in the manner specified by
; USER_AUTH_POLICY, below.  To specify multiple authentication methods,
; separate the name of each one with colons.
;USER_AUTH_ORDER = "PersonalPage : Db"
;USER_AUTH_ORDER = "BogoLogin : PersonalPage"

; For "security" purposes, you can specify that a password be at least a
; certain number of characters long.  This applies even to the BogoLogin
; method. Default: 0 (to allow immediate passwordless BogoLogin)
;PASSWORD_LENGTH_MINIMUM = 6
    
; The following policies are available for user authentication:
;       first-only: use only the first method in USER_AUTH_ORDER
;       old:        ignore USER_AUTH_ORDER and try to use all available 
;                       methods as in the previous PhpWiki releases (slow)
;       strict:     check if the user exists for all methods: 
;                       on the first existing user, try the password. 
;                       dont try the other methods on failure then
;       stacked:    check the given user - password combination for all
;                       methods and return true on the first success.
USER_AUTH_POLICY = stacked

; LDAP authentication options:
;
; The LDAP server to connect to.  Can either be a hostname, or a complete
; URL to the server (useful if you want to use ldaps or specify a different
; port number).
;LDAP_AUTH_HOST = "ldap://localhost:389"

; The organizational or domain BASE DN: e.g. "dc=mydomain,dc=com".
;
; Note: ou=Users and ou=Groups are used for GroupLdap Membership
; Better use LDAP_OU_USERS and LDAP_OU_GROUP with GROUP_METHOD=LDAP.
;LDAP_BASE_DN = "ou=Users,o=Development,dc=mycompany.com"

; Some LDAP servers need some more options, such as the Windows Active
; Directory Server.  Specify the options (as allowed by the PHP LDAP module)
; and their values as NAME=value pairs separated by colons.
; LDAP_SET_OPTION = "LDAP_OPT_PROTOCOL_VERSION=3:LDAP_OPT_REFERRALS=0"

; DN to initially bind to the LDAP server as. This is needed if the server doesn't 
; allow anonymous queries. (Windows Active Directory Server)
; LDAP_AUTH_USER = "CN=ldapuser,ou=Users,o=Development,dc=mycompany.com"

; Password to use to initially bind to the LDAP server, as the DN 
; specified in the LDAP_AUTH_USER option (above).
; LDAP_AUTH_PASSWORD = secret

; If you want to match usernames against an attribute other than uid,
; specify it here. Default: uid
; LDAP_SEARCH_FIELD = sAMAccountName

; If you have an organizational unit for all users, define it here.
; This narrows the search, and is needed for LDAP group membership (if GROUP_METHOD=LDAP)
; Default: ou=Users
; LDAP_OU_USERS = ou=Users

; If you have an organizational unit for all groups, define it here.
; This narrows the search, and is needed for LDAP group membership (if GROUP_METHOD=LDAP)
; The entries in this ou must have a gidNumber and cn attribute.
; Default: ou=Groups
; LDAP_OU_GROUP = ou=Groups


; IMAP authentication options:
;
; The IMAP server to check usernames from.  Defaults to localhost.
;
; Some IMAP_AUTH_HOST samples:
;   "localhost", "localhost:143/imap/notls", 
;   "localhost:993/imap/ssl/novalidate-cert" (SuSE refuses non-SSL conections)
; IMAP_AUTH_HOST = "localhost:143/imap/notls"

; POP3 authentication options:
;
; Host to connect to.
; POP3_AUTH_HOST = "localhost:110"

; Port to connect. Deprecated: Use POP3_AUTH_HOST:<port> instead
; POP3_AUTH_PORT = 110

; File authentication options:
;
; File to read for authentication information.
; Popular choices are /etc/shadow and /etc/httpd/.htpasswd
; AUTH_USER_FILE = /etc/shadow

; Defines whether the user is able to change their own password via PHPWiki.
; Note that this means that the webserver user must be able to write to the
; file specified in AUTH_USER_FILE.
; AUTH_USER_FILE_STORABLE = false

; Session Auth:
; Name of the session variable which holds the already authenticated username.
; Sample: "userid", "user[username]", "user->username"
; AUTH_SESS_USER = userid
; Which level will the user be? 1 = Bogo or 2 = Pass
; AUTH_SESS_LEVEL = 2

; Group membership.  PhpWiki supports defining permissions for a group as
; well as for individual users.  This defines how group membership information
; is obtained.  Supported values are:
;
;       "NONE"          Disable group membership (Fastest). Note the required quoting.
;       WIKIPAGE        Define groups as list at "CategoryGroup". (Slowest, but easiest to maintain)
;       DB              Stored in an SQL database. Optionally external. See USERS/GROUPS queries
;       FILE            Flatfile. See AUTH_GROUP_FILE below.
;       LDAP            LDAP groups. See "LDAP authentication options" above and 
;                       lib/WikiGroup.php. (experimental)
GROUP_METHOD = WIKIPAGE

; Page where all groups are listed. Default: Translation of "CategoryGroup"
; CATEGORY_GROUP_PAGE = CategoryGroup

; For GROUP_METHOD = FILE, the file given below is referenced to obtain
; group membership information.  It should be in the same format as the
; standard unix /etc/groups(5) file.
; AUTH_GROUP_FILE = /etc/groups

; External database authentication and authorization.
;
; If USER_AUTH_ORDER includes Db, or GROUP_METHOD = DB, the options listed
; below define the SQL queries used to obtain the information out of the
; database, and (in some cases) store the information back to the DB.
;
; The options appropriate for each query are currently undocumented, and
; you should not be surprised if things change mightily in the future.
;
; A database DSN to connect to.  Defaults to the DSN specified for the Wiki
; as a whole.
; DBAUTH_AUTH_DSN = "mysql://wikiuser:@localhost/phpwiki"
;
; USER/PASSWORD queries
;
; For USER_AUTH_POLICY=strict and the Db method this is required:
; DBAUTH_AUTH_USER_EXISTS = "SELECT userid FROM user WHERE userid='$userid'"
;
; Check to see if the supplied username/password pair is OK
;
; plaintext passwords:
; DBAUTH_AUTH_CHECK = "SELECT IF(passwd='$password',1,0) AS ok FROM user WHERE userid='$userid'"
;
; database-hashed passwords (more secure):
; DBAUTH_AUTH_CHECK = "SELECT IF(passwd=PASSWORD('$password'),1,0) AS ok FROM user WHERE userid='$userid'"
DBAUTH_AUTH_CRYPT_METHOD = plain

; If you want to use Unix crypt()ed passwords, you can use DBAUTH_AUTH_CHECK
; to get the password out of the database with a simple SELECT query, and
; specify DBAUTH_AUTH_USER_EXISTS and DBAUTH_AUTH_CRYPT_METHOD:
; DBAUTH_AUTH_CHECK = "SELECT passwd FROM user where userid='$userid'"
; DBAUTH_AUTH_CRYPT_METHOD = crypt
;
; Update the user's authentication credential.  If this is not defined but
; DBAUTH_AUTH_CHECK is, then the user will be unable to update their
; password.
;
; Plaintext passwords:
; DBAUTH_AUTH_UPDATE = "UPDATE user SET passwd='$password' WHERE userid='$userid'"
; Database-hashed passwords:
; DBAUTH_AUTH_UPDATE = "UPDATE user SET passwd=PASSWORD('$password') WHERE userid='$userid'"
;
; Allow the user to create their own account.
; DBAUTH_AUTH_CREATE = "INSERT INTO user SET passwd=PASSWORD('$password'),userid='$userid'"

; USER/PREFERENCE queries
;
; If you choose to store your preferences in an external database, enable
; the following queries.  Note that if you choose to store user preferences
; in the 'user' table, only registered users get their prefs from the database,
; self-created users do not.  Better to use the special 'pref' table.
;
; The prefs field stores the serialized form of the user's preferences array,
; to ease the complication of storage.
; DBAUTH_PREF_SELECT = "SELECT prefs FROM user WHERE userid='$userid'"
; DBAUTH_PREF_SELECT = "SELECT prefs FROM pref WHERE userid='$userid'"

; Update the user's preferences
; DBAUTH_PREF_UPDATE = "UPDATE user SET prefs='$pref_blob' WHERE userid='$userid'"
; Note that REPLACE works only with mysql and destroy all other columns!
; DBAUTH_PREF_UPDATE = "REPLACE INTO pref SET prefs='$pref_blob',userid='$userid'"

; USERS/GROUPS queries
;
; You can define 1:n or n:m user<=>group relations, as you wish.
;
; Sample configurations:
;  only one group per user (1:n):
;   DBAUTH_IS_MEMBER = "SELECT user FROM user WHERE user='$userid' AND group='$groupname'"
;   DBAUTH_GROUP_MEMBERS = "SELECT user FROM user WHERE group='$groupname'"
;   DBAUTH_USER_GROUPS = "SELECT group FROM user WHERE user='$userid'"
;  multiple groups per user (n:m):
;   DBAUTH_IS_MEMBER = "SELECT userid FROM member WHERE userid='$userid' AND groupname='$groupname'"
;   DBAUTH_GROUP_MEMBERS = "SELECT DISTINCT userid FROM member WHERE groupname='$groupname'"
;   DBAUTH_USER_GROUPS = "SELECT groupname FROM member WHERE userid='$userid'"

; A interim page which gets displayed on every edit attempt, if it exists.
;EDITING_POLICY = EditingPolicy

;========================================================================
; Part Four: Page appearance and layout
;========================================================================

; THEMES
;
; Most of the page appearance is controlled by files in the theme
; subdirectory.
;
; There are a number of pre-defined themes shipped with PhpWiki.
; Or you may create your own (e.g. by copying and then modifying one of
; stock themes.)
;
; The complete list of installed themes can be found by doing 'ls themes/'
; from the root of your PHPWiki installation.
; white on yellow with fat blue links:
THEME = default
; almost fully iconized classic grey MacOSX design:
;THEME = MacOSX
; as default, just some tricks to make the buttons smaller:
;THEME = smaller
; the popular Wordpress layout:
;THEME = Wordpress
; pure old-style c2wiki layout:
;THEME = Portland
; random heavy images:
;THEME = Hawaiian
; example with some sidebar boxes:
;THEME = Sidebar
; mozilla friendly, with lots of icons instead of buttons (i18n friendly):
;THEME = Crao
; wikipedia layout:
;THEME = MonoBook
; default + rateit navbar:
;THEME = wikilens
; blogger style, rounded:
;THEME = blog
; minimalistic:
;THEME = shamino_com
; heavy space-y layout:
;THEME = SpaceWiki

; Select a valid charset name to be inserted into the xml/html pages,
; and to reference links to the stylesheets (css). For more info see:
; <http://www.iana.org/assignments/character-sets>. Note that PhpWiki
; has been extensively tested only with the latin1 (iso-8859-1)
; character set.
;
; If you change the default from iso-8859-1 PhpWiki may not work
; properly and will require modifications in all existing pages. 
; At the very least you will have to convert the files in pgsrc 
; or locale/xx/pgsrc to match!
; Currently we support utf-8 for zh and ja, euc-jp for ja (not enabled)
; and iso-8859-1 for all other langs. Changing languages (UserPreferences) 
; from one charset to another will not work!
;
; Character sets similar to iso-8859-1 may work with little or no
; modification depending on your setup. The database must also
; support the same charset, and of course the same is true for the
; web browser. (Some work is in progress hopefully to allow more
; flexibility in this area in the future).
CHARSET = iso-8859-1

; Select your language/locale - Default language is "" for auto-detected.
; Available languages:
; English  "en" (English    - HomePage)
; Dutch    "nl" (Nederlands - ThuisPagina)
; Spanish  "es" (Español    - PáginaPrincipal)
; French   "fr" (Français   - PageAccueil))
; German   "de" (Deutsch    - StartSeite)
; Swedish  "sv" (Svenska    - Framsida)
; Italian  "it" (Italiano   - PaginaPrincipale)
; Japanese "ja" (Japanese   - ¥Û¡¼¥à¥Ú¡¼¥¸)
; Chinese  "zh" (Chinese    - ?)
;
; If you set DEFAULT_LANGUAGE to the empty string, the users 
; preferred language as determined by the browser setting will be used.
; Japanese requires CHARSET=euc-jp or utf-8 (not yet safe), Chinese CHARSET=utf-8
;DEFAULT_LANGUAGE = en

; WIKI_PGSRC -- specifies the source for the initial page contents of
; the Wiki. The setting of WIKI_PGSRC only has effect when the wiki is
; accessed for the first time (or after clearing the database.)
; WIKI_PGSRC can either name a directory or a zip file. In either case
; WIKI_PGSRC is scanned for files -- one file per page.
;WIKI_PGSRC = pgsrc

; DEFAULT_WIKI_PGSRC is only used when the language is *not* the
; default (English) and when reading from a directory: in that case
; some English pages are inserted into the wiki as well.
; DEFAULT_WIKI_PGSRC defines where the English pages reside.
;DEFAULT_WIKI_PGSRC = pgsrc
; These are ':'-seperated pages which will get loaded untranslated from DEFAULT_WIKI_PGSRC.
;DEFAULT_WIKI_PAGES = "ReleaseNotes:SteveWainstead:TestPage"

;=========================================================================
; Part Five: Mark-up options.
;=========================================================================
;
; allowed protocols for links - be careful not to allow "javascript:"
; URL of these types will be automatically linked.
; within a named link [name|uri] one more protocol is defined: phpwiki
; Separate each of the protocol names with a vertical pipe, and ensure there
; is no extraneous whitespace.
;ALLOWED_PROTOCOLS = "http|https|mailto|ftp|news|nntp|ssh|gopher"

; URLs ending with the following extension should be inlined as images.
; Specify as per ALLOWED_PROTOCOLS
;INLINE_IMAGES = "png|jpg|gif"

; Perl regexp for WikiNames ("bumpy words")
; (?<!..) & (?!...) used instead of '\b' because \b matches '_' as well
;WIKI_NAME_REGEXP = "(?<![[:alnum:]])(?:[[:upper:]][[:lower:]]+){2,}(?![[:alnum:]])"

; Defaults to '/', but '.' was also used.
;SUBPAGE_SEPARATOR = /

; InterWiki linking -- wiki-style links to other wikis on the web
;
; The map will be taken from a page name InterWikiMap.
; If that page is not found (or is not locked), or map
; data can not be found in it, then the file specified
; by INTERWIKI_MAP_FILE (if any) will be used.
;INTERWIKI_MAP_FILE = lib/interwiki.map

; Display a warning if the internal lib/interwiki.map is used, and 
; not the public InterWikiMap page. This file is not readable from outside.
;WARN_NONPUBLIC_INTERWIKIMAP = false

; Search term used for automatic page classification by keyword extraction.
;
; Any links on a page to pages whose names match this search 
; will be used keywords in the keywords html meta tag. This is an aid to
; classification by search engines. The value of the match is
; used as the keyword.
;
; The default behavior is to match Category* or Topic* links.
;KEYWORDS = "Category* OR Topic*"

; Author and Copyright Site Navigation Links
;
; These will be inserted as <link rel> tags in the html header of
; every page, for search engines and for browsers like Mozilla which
; take advantage of link rel site navigation.
;
; If you have your own copyright and contact information pages change
; these as appropriate.
;COPYRIGHTPAGE_TITLE = "GNU General Public License"
;COPYRIGHTPAGE_URL = "http://www.gnu.org/copyleft/gpl.html#SEC1"
; Other useful alternatives to consider:
; COPYRIGHTPAGE_TITLE = "GNU Free Documentation License"
; COPYRIGHTPAGE_URL = "http://www.gnu.org/copyleft/fdl.html"
; COPYRIGHTPAGE_TITLE = "Creative Commons License 2.0"
; COPYRIGHTPAGE_URL = "http://creativecommons.org/licenses/by/2.0/"
;  see http://creativecommons.org/learn/licenses/ for variations
;AUTHORPAGE_TITLE = The PhpWiki Programming Team
;AUTHORPAGE_URL = http://phpwiki.org/ThePhpWikiProgrammingTeam

; Allow full markup in headers to be parsed by the CreateToc plugin.
;
; If false you may not use WikiWords or [] links or any other markup in 
; headers in pages with the CreateToc plugin. But if false the parsing is 
; faster and more stable.
;TOC_FULL_SYNTAX = true

;==========================================================================
; Part Six: URL options.
;==========================================================================
;
; You can probably skip this section.

; The following section contains settings which you can use to tailor
; the URLs which PhpWiki generates.
;
; Any of these parameters which are left undefined will be deduced
; automatically. You need only set them explicitly if the
; auto-detected values prove to be incorrect.
;
; In most cases the auto-detected values should work fine, so
; hopefully you don't need to mess with this section.
;
; In case of local overrides of short placeholders, which themselves 
; include index.php, we check for most constants. See '/wiki'.
; We can override DATA_PATH and PHPWIKI_DIR to support multiple phpwiki 
; versions (for development), but most likely other values like 
; THEME, LANG and DbParams for a WikiFarm.

; Canonical name and httpd port of the server on which this PhpWiki
; resides.
;/
;SERVER_NAME = some.host.com
;SERVER_PORT = 80

; Relative URL (from the server root) of the PhpWiki
; script.
;SCRIPT_NAME = /some/where/index.php

; URL of the PhpWiki install directory.  (You only need to set this
; if you've moved index.php out of the install directory.)  This can
; be either a relative URL (from the directory where the top-level
; PhpWiki script is) or an absolute one.
;DATA_PATH = /home/user/phpwiki

; Path to the PhpWiki install directory.  This is the local
; filesystem counterpart to DATA_PATH.  (If you have to set
; DATA_PATH, your probably have to set this as well.)  This can be
; either an absolute path, or a relative path interpreted from the
; directory where the top-level PhpWiki script (normally index.php)
; resides.
;PHPWIKI_DIR = /home/user/public_html/phpwiki

; PhpWiki will try to use short urls to pages, eg 
; http://www.example.com/index.php/HomePage
; If you want to use urls like 
; http://www.example.com/index.php?pagename=HomePage
; then define 'USE_PATH_INFO' as false by uncommenting the line below.
; NB:  If you are using Apache >= 2.0.30, then you may need to to use
; the directive "AcceptPathInfo On" in your Apache configuration file
; (or in an appropriate <.htaccess> file) for the short urls to work:  
; See http://httpd.apache.org/docs-2.0/mod/core.html#acceptpathinfo
; 
; See also http://phpwiki.sourceforge.net/phpwiki/PrettyWiki for more ideas
; on prettifying your urls.
;
; Note that Google doesn't follow the default /index.php/PageName links.
; You must use either a PrettyWiki setup (see below), or force USE_PATH_INFO=false.
;
; Default: PhpWiki will try to divine whether use of PATH_INFO
; is supported in by your webserver/PHP configuration, and will
; use PATH_INFO if it thinks that is possible.
;USE_PATH_INFO = false

; VIRTUAL_PATH is the canonical URL path under which your your wiki
; appears. Normally this is the same as dirname(SCRIPT_NAME), however
; using, e.g. apaches mod_actions (or mod_rewrite), you can make it
; something different.
;
; If you do this, you should set VIRTUAL_PATH here.
;
; E.g. your phpwiki might be installed at at /scripts/phpwiki/index.php,
; but  * you've made it accessible through eg. /wiki/HomePage.
;
; One way to do this is to create a directory named 'wiki' in your
; server root. The directory contains only one file: an .htaccess
; file which reads something like:
;
;    Action x-phpwiki-page /scripts/phpwiki/index.php
;    SetHandler x-phpwiki-page
;    DirectoryIndex /scripts/phpwiki/index.php
;
; In that case you should set VIRTUAL_PATH to '/wiki'.
;
; (VIRTUAL_PATH is only used if USE_PATH_INFO is true.)
;/
;VIRTUAL_PATH = /SomeWiki

; In case your system has no idea about /tmp, TEMP or TMPDIR, 
; better provide it here. E.g. needed for zipdumps.
;TEMP_DIR = /tmp

;===========================================================================
; Part Seven: Miscellaneous settings
;===========================================================================

; Disable HTTP redirects.
; (You probably don't need to touch this.)
;
; PhpWiki uses HTTP redirects for some of it's functionality.
; (e.g. after saving changes, PhpWiki redirects your browser to
; view the page you just saved.)
; Some web service providers (notably free European Lycos) don't seem to
; allow these redirects.  (On Lycos the result in an "Internal Server Error"
; report.)  In that case you can set DISABLE_HTTP_REDIRECT to true.
; (In which case, PhpWiki will revert to sneakier tricks to try to
; redirect the browser...)
;DISABLE_HTTP_REDIRECT = true

; Enable random quotes from a fortune directory when adding a new page.
; Usually at /usr/share/fortune or /usr/share/games/fortune
; If empty no quotes are inserted.
;FORTUNE_DIR = /usr/share/fortune

; If you get a crash at loading LinkIcons you might want to disable 
; the getimagesize() function, which crashes on certain php versions and 
; and some external images (png's, ..). 
; getimagesize() is only needed for spam prevention.
;DISABLE_GETIMAGESIZE = true

; Experimental: For using the Google API
;GOOGLE_LICENSE_KEY = "..."

; Optional: administrative SQL DB access (for action=upgrade)
;DBADMIN_USER = 
;DBADMIN_PASSWD = 

; Optional: external PDF executable, %s is the xhtml filename
;USE_EXTERNAL_HTML2PDF = "htmldoc --quiet --format pdf14 --no-toc --no-title %s"

; Optional: SPAMASSASSIN wrapper. Only used if ENABLE_SPAMASSASSIN = true
BABYCART_PATH = /usr/local/bin/babycart

; If true don't use UserName/Blog/day/time pagenames for the ADMIN_USER, but 
; Blog/day/time only. Convenience for a single-user blog theme.
;BLOG_DEFAULT_EMPTY_PREFIX = true

;===========================================================================
; Part Eight: PLUGINCACHED Pear/Cache Settings
;===========================================================================

; Cache_Container storage class: 'file' is the fastest. See pear/Cache/Container/
;PLUGIN_CACHED_DATABASE = file

; This is only used if database is set to file.
; The webserver must have write access to this dir!
;PLUGIN_CACHED_CACHE_DIR = /tmp/cache
; Every file name in the cache begins with this prefix
;PLUGIN_CACHED_FILENAME_PREFIX = phpwiki

; The maximum total space in bytes of all files in the cache. When
; highwater is exceeded, a garbage collection will start.  It will
; collect garbage till 'lowwater' is reached.  Default: 4 * Megabyte
;PLUGIN_CACHED_HIGHWATER = 4194304
; Default: 3 * Megabyte
;PLUGIN_CACHED_LOWWATER  = 3145728

; If an image has not been used for maxlifetime remove it from the
; cache. (Since there is also the highwater/lowwater mechanism and an
; image usually requires only 1kb you don't have to make it very
; small, I think.)  
; Default: 30 * Day (30 * 24*60*60)
;PLUGIN_CACHED_MAXLIFETIME = 2592000

; Number of characters allowed to be send as 
; parameters in the url before using sessions
; vars instead. 
; Usually send plugin arguments as URL, but when they become
; longer than maxarglen store them in session variables.
; Setting it to 3000 worked fine for me, 30000 completely
; crashed my linux, 1000 should be safe.
;PLUGIN_CACHED_MAXARGLEN = 1000

; Actually use the cache (should be always true unless you are
; debugging). If you want to avoid the usage of a cache but need
; WikiPlugins that nevertheless rely on a cache you might set
; 'PLUGIN_CACHED_USECACHE' to false. You still need to set
; 'PLUGIN_CACHED_CACHE_DIR' appropriately to allow image creation and
; you should set 'PLUGIN_CACHED_FORCE_SYNCMAP' to false.
;PLUGIN_CACHED_USECACHE = true

; Will prevent image creation for an image map 'on demand'. It is a
; good idea to set this to 'true' because it will also prevent the
; html part not to fit to the image of the map.  If you don't use a
; cache, you have to set it to 'false', maps will not work otherwise
; but strange effects may happen if the output of an image map
; producing WikiPlugin is not completely determined by its parameters.
; (As it is the case for a graphical site map.)
;PLUGIN_CACHED_FORCE_SYNCMAP = true

; If ImageTypes() does not exist (PHP < 4.0.2) allow the
; following image formats (IMG_PNG | IMG_GIF | IMG_JPG | IMG_WBMP)
; In principal all image types which are compiled into php: 
;   libgd, libpng, libjpeg, libungif, libtiff, libgd2, ...
;PLUGIN_CACHED_IMGTYPES = "png|gif|gd|gd2|jpeg|wbmp|xbm|xpm"