############################################################################
#
# userbase_prefs.cgi - user preferences file for UserBase.
# Edit the settings in this file to customize UserBase for your needs.
#
############################################################################



############################################################################
# Database settings: to get UserBase running, the one configuration item
# that you absolutely must adjust is the database settings.  Set the
# $PREF{database_name} setting to the name of your database; on most servers
# that's sufficient, but some servers require that you also include a colon
# followed by the database hostname.
#
# Then you must create the 2 files specified by the $PREF{tmpfl1} and 
# $PREF{tmpfl2} settings.  By default, these files are named p.cgi and
# u.cgi and are placed in your website's cgi-bin directory.  These are
# plain text files, each containing a single item: p.cgi must contain
# your MySQL password, and u.cgi must contain your MySQL username.
#
# The files are probably in your DOCROOT, but if you'd rather specify them
# with absolute or relative paths (relative to this script, that is), then
# disable the _in_docroot PREF.
#
# The database user you specify must have these MySQL privileges:
# Select, Insert, Update, Delete, Create.
#
$PREF{database_name}					= 'dbname:dbhost.mysite.com';
$PREF{tmpfl1}						= '/cgi-bin/p.cgi';
$PREF{tmpfl2}						= '/cgi-bin/u.cgi';
$PREF{tmpfls_are_in_docroot}				= 'yes';
#
# The following settings usually don't need to be adjusted.  If you're
# using PostgreSQL instead of MySQL, then just make sure you have the
# DBD::Pg Perl module installed, then change the dbi_connection_string
# to "dbi:Pg:dbname=%%dbname%%".
#
$PREF{user_table_name}					= 'ub_users_trl';
$PREF{group_table_name}					= 'ub_groups_trl';
$PREF{pwreset_table_name}				= 'ub_pwreset_trl';
$PREF{dbi_connection_string}				= "dbi:mysql:%%dbname%%";



############################################################################
# We'll detect your server's document-root automatically, but on some
# servers you may need to uncomment this and specify it manually.  IIS users
# may need to set it like this:
#
#	$PREF{DOCROOT} = 'c:\inetpub\wwwroot';
#
#$PREF{DOCROOT}						= $ENV{DOCUMENT_ROOT};



############################################################################
# This is where UserBase stores its data files.  It must be world-readable
# and world-writable, aka "chmod a+rwx" or "chmod 0777".
#
# On most servers this will be in the DOCROOT, in which case we'll prepend
# your DOCROOT to whatever you set userbase_data_dir to.  If for some
# reason you want to specify it with an absolute path, or a path that's
# relative to the current directory instead of the DOCROOT, then set the 
# ...is_in_docroot PREF to no.
#
$PREF{userbase_data_dir}				= 'ubdata';
$PREF{userbase_data_dir_is_in_docroot}			= 'no';



############################################################################
# Specify the URL to UserBase on your server. The default value is:
#
#	$PREF{login_url}		= $ENV{SCRIPT_NAME};
#
# If you have a short login URL set up on your server (see UserBase
# homepage for instructions), then use that instead:
#
#	$PREF{login_url}		= '/login/';
#
$PREF{login_url}					= $ENV{SCRIPT_NAME};



############################################################################
# This is what you call your site.  It's used in various places, like
# Subject: fields and From: fields on some emails that the scripts will 
# send you.  It should probably be your domain name, though it doesn't
# have to be.
#
$PREF{name_of_site}					= 'MySite';



############################################################################
# Email options.
#
$PREF{email_webmaster_on_failed_logins}			= 'no';
$PREF{webmaster_name}					= 'Webmaster';
$PREF{webmaster_email_address}				= 'webmaster@mysite.com'; # recipient.
$PREF{login_script_email_address}			= 'userbase@mysite.com'; # sender.
$PREF{smtp_server}					= 'localhost';
$PREF{path_to_sendmail}					= '/usr/sbin/sendmail';
$PREF{smtp_port}					= 25; # usually 25 or 587.
$PREF{smtp_auth_username}				= '';
$PREF{smtp_auth_password}				= '';



############################################################################
# Specify title and options.
#
$PREF{title_for_page_body}				= 'UserBase';
$PREF{title_for_window_titlebar}			= 'UserBase';
$PREF{include_hostname_in_window_titlebar}		= 'yes';
$PREF{include_hostname_in_page_body_title}		= 'no';



############################################################################
# Leave this set to yes until you've got UserBase working properly on your
# server, then disable it.
#
$PREF{show_userbase_errors_in_browser}			= 'yes';



############################################################################
# Set options for various permissible actions.
#
# The prefs that start with "groups_" must be lists of groupnames separated
# by spaces and/or commas.  In addition to your actual existing groupnames
# you can use the special groupnames "self", "public", and "member" here.
#
# The reserved groupname "self" indicates that permission should be granted
# if the user trying to perform the action is the same user who will be 
# affected by it -- for example each user should be allowed to modify their 
# own personal info (real name, email address, etc) but not the personal 
# info of other users.  Note that the "self" group does not apply to all
# actions.
#
# The special groupname "public" automatically includes all users, even
# those who do not have an account, i.e. any old internet passer-by.  You
# can change the name of this group, but if you do then you'll have to
# manually create the new group.
#
# The special groupname "member" automatically includes all users who do
# have an account in the system; it does NOT include strangers.  You
# can change the name of this group, but if you do then you'll have to
# manually create the new group.
#
# Note that the special "admin" group has automatic privileges for all
# these actions, so it does not need to be explicitly listed here.
#
$PREF{groups_allowed_to_edit_user_info}			= 'self';
$PREF{groups_allowed_to_edit_group_info}		= '';
$PREF{groups_allowed_to_change_usernames}		= '';
$PREF{groups_allowed_to_change_groupnames}		= '';
$PREF{groups_allowed_to_create_new_accounts}		= '';
$PREF{groups_allowed_to_create_new_groups}		= '';
$PREF{usernames_are_immutable_once_created}		= 'yes';
$PREF{groupnames_are_immutable_once_created}		= 'yes';
$PREF{public_group_name}				= 'public';
$PREF{member_group_name}				= 'member';
$PREF{admin_group_name}					= 'admin';



############################################################################
# Set min/max lengths for strings.
#
$PREF{max_groupname_length}				= 30;
$PREF{max_username_length}				= 30;
$PREF{max_realname_length}				= 50;
$PREF{max_emailaddr_length}				= 90;
$PREF{max_password_length}				= 50;
$PREF{max_hashedpw_length}				= 50;
$PREF{max_group_description_length}			= 2000;
$PREF{min_password_length}				= 8;



############################################################################
# User info options.
#
$PREF{realname_field_required}				= 'yes';
$PREF{email_field_required}				= 'yes';
$PREF{default_bgcolor_for_required_fields}		= '#ffffff';
$PREF{default_textcolor_for_required_fields}		= '#000';
$PREF{bgcolor_for_unfilled_required_fields}		= '#ffdd00';
$PREF{textcolor_for_unfilled_required_fields}		= '#000';



############################################################################
# You can choose to prevent a user from being logged in from 2 different
# locations (browsers) at the same time.  If you enable this, you should
# also enable the idle timeout, to prevent a user from locking himself out
# by accidentally staying logged in at another location.
#
# You can also set an idle timeout that automatically expires the user's
# login session (i.e. automatically logs him out) after a certain number of
# idle seconds.  Set the timeout to zero to disable it.
#
# The "Remember Me" checkbox is approximately an inverse of the idle
# timeout: instead of automatically logging the user out after a period of
# inactivity, we automatically remember the user for X number of days, even
# if they close their browser, reboot their computer, etc.
#
$PREF{prevent_multiple_simultaneous_logons_per_username}= 'no';
$PREF{idle_timeout}					= 60 * 0; # in seconds.



############################################################################
# Various security options.
#
$PREF{num_seconds_to_sleep_on_failed_login}		= 1;
$PREF{lock_account_after_N_failed_logins}		= 5; # null to disable.
$PREF{failed_logins_within_N_secs_count_towards_lock}	= 600; # null to disable (then all failures count).
$PREF{lock_lasts_until_admin_removes_it}		= 'no';
$PREF{account_locked_message}				= qq`<h2>Error</h2><p>Account locked.</p>`;
$PREF{account_disabled_message}				= qq`<h2>Error</h2><p>Account disabled.</p>`;
$PREF{enable_password_reset}				= 'yes';
$PREF{pwreset_should_lie_about_nonexistent_accounts}	= 'yes'; # For security purposes, don't print "username not found"; just act like it was found.



############################################################################
# If you're embedding UserBase into an existing layout, then you probably
# don't want UB to print out full HTML tags.  So you can disable that here.
# In that case you must also put the following lines into the <head> section 
# of your website:
#
#	<script type="text/javascript" src="/cgi-bin/userbase.cgi?js"></script>
#	<link rel="stylesheet" type="text/css" media="all" href="/cgi-bin/userbase.cgi?css">
#
# Note that the CSS output may have conditional comments at the bottom that
# you'll need to copy directly into the <head> section of your site.
#
# If you are not going to use print_full_html_tags, then ideally you'll be
# calling UserBase from a file like /login/index.shtml that contains
# something pretty similar to this:
#
#	<!--#include virtual="/header.shtml" -->
#	<!--#include virtual="/cgi-bin/userbase.cgi?$QUERY_STRING" -->
#	<!--#include virtual="/footer.shtml" -->
#
# ...where header.shtml and footer.shtml contain your site-wide standard
# HTML code that each page is wrapped in.  Or, if your header/footer are
# in PHP, then your /login/index.php might look like this:
#
#	<? virtual("/header.php"); ?>
#	<? virtual("/cgi-bin/userbase.cgi?" + $_SERVER['QUERY_STRING']); ?>
#	<? virtual("/footer.php"); ?>
#
# However, if you are on a brain-dead server (which is to say, IIS6+) which
# does not support any decent way to call a CGI script that includes the
# proper server environment variables, and your server does not have PHP
# installed, and you still want to include a standard header/footer with
# UserBase, you can set default_sitewide_header_file and _footer_file
# here.  The contents of these files will then be included in UserBase's
# output.  Note that no server-side processing (PHP, SSI, etc) will be done
# on the contents of these files; however you can specify a title within
# the header file by inserting the string %%title%% (for example, as in
# <title>%%title%%</title>) and we'll replace that with your value for the
# title_for_sitewide_header variable (or in some cases, an internally-set
# title).  You can also specify %%css%% and %%js%% which we'll replace with
# a call to our internal CSS/JS output.
#
$PREF{print_full_html_tags}				= 'yes';
$PREF{default_sitewide_header_file}			= '';
$PREF{default_sitewide_footer_file}			= '';
$PREF{title_for_sitewide_header}			= '';



############################################################################
# If you're using print_full_html_tags (above), you can also specify your
# own CSS code here.
#
$PREF{custom_css_section}				= ' ';



############################################################################
# You probably don't want to change these.
#
$PREF{outer_container}					= '<div id="ubbody">';
$PREF{outer_container_end}				= '</div>';



############################################################################
# These will appear as links on the login page, once a user is logged in.
# The name can be whatever you want, and the link can be absolute or
# relative.  You can have as many of them as you want (or none).  Note that
# these do NOT set or alter any permissions; they merely control which links
# get displayed on the login page for members and administrators.
#
#$PREF{admin_only_page_1_name}				= 'Top Secret Program';
#$PREF{admin_only_page_1_link}				= '/secret/';
#
#$PREF{admin_only_page_2_name}				= 'SomeOtherApp';
#$PREF{admin_only_page_2_link}				= '/some/other/app.html';
#
$PREF{members_only_page_1_name}				= 'Upload Files';
$PREF{members_only_page_1_link}				= '/cgi-bin/filechucker.cgi';
#
#$PREF{members_only_page_2_name}			= 'You get the idea...';
#$PREF{members_only_page_2_link}			= '/duh/';



############################################################################
# By default, upon successful login, we either:
#
#	a) send the user back to the page they came from, if they accessed
#	   this script by clicking some kind of "Login" link on another
#	   page; or:
#
#	b) display a default UserBase landing page showing the links you
#	   specify (see above), if the user accessed the script directly.
#
# Similarly, upon logout, we either:
#	
#	a) send the user back to the page they came from, if they accessed
#	   this script by clicking a "Logout" link on another page; or:
#
#	b) display the default UserBase login form, if the user accessed
#	   the script directly.
#
# However, you can override this behavior here.  Specify the URL to go to
# for each situation.  Each URL must be a fully-qualified domain name, i.e.
# it must start with http:// or https://.
#
# You can also specify that when a user visits the script, even if he's not
# in the process of logging in or logging out, we'll still redirect him to
# a different URL.  To enable this, set the "always_redirect" PREFs.
#
# Note that you can include %%username%% as a variable in these URLs, to
# insert the visitor's username, sending each user to a unique URL.
#
$PREF{on_member_login_redirect_to}			= '';
$PREF{on_member_logout_redirect_to}			= '';

$PREF{on_admin_login_redirect_to}			= '';
$PREF{on_admin_logout_redirect_to}			= '';

$PREF{on_failed_login_redirect_to}			= '';

$PREF{always_redirect_members_to}			= '';
$PREF{always_redirect_admins_to}			= '';



############################################################################
# Customizable messages.
#
$PREF{invalid_username_message}				= qq`Username invalid: must contain only letters, numbers, and underscores; must start with a letter; and must be 4 characters long.`;
$PREF{invalid_realname_message}				= qq`Realname invalid: must contain only letters, numbers, spaces, dots, dashes, and quotes; must start with a letter; and must be less than $PREF{max_realname_length} characters.`;
$PREF{invalid_password_message}				= qq`Password invalid: must be 4 characters long.`;
$PREF{invalid_groupname_message}			= qq`Groupname invalid: must contain only letters, numbers, and underscores; must start with a letter; and must be less than $PREF{max_groupname_length} characters.`;
$PREF{invalid_groupdesc_message}			= qq`Group description invalid: must be less than $PREF{max_group_description_length} characters.`;