Squiz Matrix  4.12.2
 All Data Structures Namespaces Functions Variables Pages
system_config.inc
1 <?php
17 require_once SQ_LIB_PATH.'/config/config.inc';
18 
30 class System_Config extends Config
31 {
32 
33 
39  public $config_vars = Array(
40  'SQ_CONF_PEAR_PATH' => Array('editable' => 0, 'default' => ''),
41  'SQ_CONF_BACKEND_SUFFIX' => Array('editable' => 1, 'default' => '_admin'),
42  'SQ_CONF_LIMBO_SUFFIX' => Array('editable' => 1, 'default' => '_edit'),
43  'SQ_CONF_LOGIN_SUFFIX' => Array('editable' => 1, 'default' => '_login'),
44  'SQ_CONF_NOCACHE_SUFFIX' => Array('editable' => 1, 'default' => '_nocache'),
45  'SQ_CONF_RECACHE_SUFFIX' => Array('editable' => 1, 'default' => '_recache'),
46  'SQ_CONF_PERFORMANCE_SUFFIX' => Array('editable' => 1, 'default' => '_performance'),
47  'SQ_CONF_PERFORMANCE_TIMING_SUFFIX' => Array('editable' => 1, 'default' => '_performance_timing'),
48  'SQ_CONF_PERFORMANCE_RESULT_SUFFIX' => Array('editable' => 1, 'default' => '_performance_result'),
49  'SQ_CONF_ASSET_TREE_BASE' => Array('editable' => 0, 'default' => 64),
50  'SQ_CONF_ASSET_TREE_SIZE' => Array('editable' => 0, 'default' => 4),
51  'SQ_CONF_ASSET_CACHE_SIZE_WEB' => Array('editable' => 0, 'default' => -1),
52  'SQ_CONF_ASSET_CACHE_SIZE_CLI' => Array('editable' => 0, 'default' => -1),
53  'SQ_CONF_ROLLBACK_ENABLED' => Array('editable' => 1, 'default' => '0'),
54  'SQ_CONF_DEBUG' => Array('editable' => 1, 'default' => 0),
55  'SQ_CONF_SYSTEM_NAME' => Array('editable' => 1, 'default' => 'The System'),
56  'SQ_CONF_SYSTEM_OWNER' => Array('editable' => 1, 'default' => ''),
57  'SQ_CONF_SYSTEM_ROOT_URLS' => Array('editable' => 1, 'default' => ''),
58  'SQ_CONF_SYSTEM_PARENT_DOMAINS' => Array('editable' => 1, 'default' => ''),
59  'SQ_CONF_STATIC_ROOT_URL' => Array('editable' => 1, 'default' => ''),
60  'SQ_CONF_WEB_PATH_SEPARATOR' => Array('editable' => 1, 'default' => '-'),
61  'SQ_CONF_REDIRECT_URL_WITH_TRAILING_SLASH' => Array('editable' => 1, 'default' => '1'),
62  'SQ_CONF_STATIC_ROOT_HTTP' => Array('editable' => 1, 'default' => TRUE),
63  'SQ_CONF_STATIC_ROOT_HTTPS' => Array('editable' => 1, 'default' => FALSE),
64  'SQ_CONF_DEFAULT_EMAIL' => Array('editable' => 1, 'default' => ''),
65  'SQ_CONF_TECH_EMAIL' => Array('editable' => 1, 'default' => ''),
66  'SQ_CONF_MAX_LOGIN_ATTEMPTS' => Array('editable' => 1, 'default' => 3),
67  'SQ_CONF_REFRESH_INTERVAL' => Array('editable' => 1, 'default' => 120),
68  'SQ_CONF_LOCK_LENGTH' => Array('editable' => 1, 'default' => 600),
69  'SQ_CONF_ASSET_MAP_ASSET_LIMIT' => Array('editable' => 1, 'default' => 50),
70  'SQ_CONF_ASSET_MAP_ASSET_DISPLAY_NAME' => Array('editable' => 1, 'default' => '%asset_short_name%'),
71  'SQ_CONF_SEND_CACHEABLE_HEADER' => Array('editable' => 1, 'default' => '0'),
72  'SQ_CONF_SEND_LAST_MODIFIED_HEADER' => Array('editable' => 1, 'default' => '0'),
73  'SQ_CONF_SEND_NOT_MODIFIED_HEADER' => Array('editable' => 1, 'default' => '0'),
74  'SQ_CONF_SEND_NO_CACHE_HEADER' => Array('editable' => 1, 'default' => '0'),
75  'SQ_CONF_SEND_404_CACHEABLE_HEADER' => Array('editable' => 1, 'default' => '0'),
76  'SQ_CONF_USE_HTTP_X_FORWARDED_FOR' => Array('editable' => 1, 'default' => '0'),
77  'SQ_CONF_FORWARDED_IP_PROXY_LIST' => Array('editable' => 1, 'default' => ''),
78  'SQ_CONF_ERRORS_LOG_TO_SYSLOG' => Array('editable' => 1, 'default' => FALSE),
79  'SQ_CONF_ERRORS_SYSLOG_FACILITY' => Array('editable' => 1, 'default' => 'user'),
80  'SQ_CONF_ERRORS_HIDE_FRONTEND' => Array('editable' => 1, 'default' => FALSE),
81  'SQ_CONF_DEFAULT_FRONTEND_LANGUAGE' => Array('editable' => 1, 'default' => 'en'),
82  'SQ_CONF_DEFAULT_BACKEND_LOCALE' => Array('editable' => 1, 'default' => 'en_AU'),
83  'SQ_CONF_DEFAULT_CHARACTER_SET' => Array('editable' => 1, 'default' => 'utf-8'),
84  'SQ_CONF_USE_LANG_CHAR_MAP' => Array('editable' => 1, 'default' => FALSE),
85  'SQ_CONF_ALLOW_IP_CHANGE' => Array('editable' => 1, 'default' => '0'),
86  'SQ_CONF_ALLOW_HTTP_LOGIN' => Array('editable' => 1, 'default' => '0'),
87  'SQ_CONF_ENABLE_HTTP_LOGIN' => Array('editable' => 1, 'default' => '0'),
88  'SQ_CONF_ENABLE_EXTERNAL_AUTH_SYSTEMS' => Array('editable' => 1, 'default' => TRUE),
89  'SQ_CONF_HTTP_LOGIN_VAR' => Array('editable' => 1, 'default' => 'REMOTE_USER'),
90  'SQ_CONF_ACCEPT_HTTP_CREDS' => Array('editable' => 1, 'default' => '0'),
91  'SQ_CONF_COMMIT_BUTTON_TEXT' => Array('editable' => 1, 'default' => 'Commit'),
92  'SQ_CONF_CONFIRM_SAVE_CHANGES' => Array('editable' => 1, 'default' => '1'),
93  'SQ_CONF_LOG_EXTENSION' => Array('editable' => 0, 'default' => '.log'),
94  'SQ_CONF_LOG_FILE_SYSTEM' => Array('editable' => 0, 'default' => 'system'),
95  'SQ_CONF_LOG_FILE_ERROR' => Array('editable' => 0, 'default' => 'error'),
96  'SQ_CONF_LOG_ERRORS' => Array('editable' => 1, 'default' => TRUE),
97  'SQ_CONF_LOCKING_METHOD' => Array('editable' => 0, 'default' => 'default'),
98  'SQ_CONF_SESSION_HANDLER' => Array('editable' => 0, 'default' => ''),
99  'SQ_CONF_SESSION_GC_MAXLIFETIME' => Array('editable' => 1, 'default' => 604800),
100  'SQ_CONF_EDITING_TIME' => Array('editable' => 0, 'default' => 3600),
101  'SQ_CONF_NUM_DATA_DIRS' => Array('editable' => 0, 'default' => 20),
102  'SQ_CONF_FORCE_SECURE_LOGIN_URLS' => Array('editable' => 1, 'default' => ''),
103  'SQ_CONF_WEB_MEMORY_LIMIT' => Array('editable' => 1, 'default' => 64),
104  'SQ_CONF_CRON_MEMORY_LIMIT' => Array('editable' => 1, 'default' => 64),
105  'SQ_CONF_USE_DEFAULT_SESSION_SAVE_PATH' => Array('editable' => 1, 'default' => FALSE),
106  'SQ_CONF_CUSTOM_SESSION_SAVE_PATH' => Array('editable' => 1, 'default' => ''),
107  'SQ_CONF_ENABLE_ROLES_PERM_SYSTEM' => Array('editable' => 1, 'default' => FALSE),
108  'SQ_CONF_ENABLE_ROLES_WF_SYSTEM' => Array('editable' => 1, 'default' => FALSE),
109  'SQ_CONF_ENABLE_GLOBAL_ROLES' => Array('editable' => 1, 'default' => FALSE),
110  'SQ_CONF_NO_ASSET_SELF_LINKS' => Array('editable' => 1, 'default' => FALSE),
111  'SQ_CONF_TIMEZONE' => Array('editable' => 1, 'default' => 'Australia/Sydney'),
112  'SQ_CONF_FORCE_LOWERCASE_USERNAME' => Array('editable' => 0, 'default' => FALSE),
113  'SQ_LICENCE_INSTALL_KEY' => Array('editable' => 1, 'default' => ''),
114  'SQ_LICENCE_WARRANTY_KEY' => Array('editable' => 1, 'default' => ''),
115  'SQ_CONF_COOKIE_OPTION_HTTP_ONLY' => Array('editable' => 1, 'default' => FALSE),
116  'SQ_CONF_COOKIE_OPTION_SECURE' => Array('editable' => 1, 'default' => FALSE),
117  'SQ_CONF_USE_SECURITY_TOKEN' => Array('editable' => 0, 'default' => TRUE),
118  );
119 
125  // TODO: TRANSLATE: these need to be either moved somewhere else, or implement some sort of global code
126  private $debug_options = Array(
127  1 => 'Show File and Line number in error messages',
128  2 => 'Show Stack Trace in error messages',
129  4 => 'Show additional information about memory and performance',
130  );
131 
132 
139  function __construct()
140  {
141  parent::__construct();
142  $this->config_file = SQ_DATA_PATH.'/private/conf/main.inc';
143 
144  }//end constructor
145 
146 
158  public function save($vars, $backup_existing=FALSE, $send_message=TRUE)
159  {
160  if (isset($GLOBALS['SQ_SYSTEM'])) {
161  if ($GLOBALS['SQ_SYSTEM']->runLevelEnables(SQ_SECURITY_PERMISSIONS)) {
162 
163  $is_root = $GLOBALS['SQ_SYSTEM']->userRoot();
164  $is_admin = ($is_root || $GLOBALS['SQ_SYSTEM']->userSystemAdmin());
165 
166  // if we dont have access, go away
167  if (!$is_admin) {
168  trigger_localised_error('SYS0267', E_USER_WARNING, $this->name);
169  return FALSE;
170  }
171  } else {
172  $is_root = TRUE;
173  $is_admin = TRUE;
174  }//end if checking permissions
175 
176  if ($GLOBALS['SQ_SYSTEM']->runLevelEnables(SQ_SECURITY_DATA_VALIDATION)) {
177 
178  // now just make sure they aren't trying to set anything that they shouldn't
179  if (!$is_root) {
180  unset($vars['SQ_CONF_MAX_LOGIN_ATTEMPTS']);
181  unset($vars['SQ_CONF_LOG_ERRORS']);
182  unset($vars['SQ_CONF_ERRORS_HIDE_FRONTEND']);
183  unset($vars['SQ_CONF_ERRORS_LOG_TO_SYSLOG']);
184  unset($vars['SQ_CONF_BACKEND_SUFFIX']);
185  unset($vars['SQ_CONF_LIMBO_SUFFIX']);
186  unset($vars['SQ_CONF_LOGIN_SUFFIX']);
187  unset($vars['SQ_CONF_ROLLBACK_ENABLED']);
188  unset($vars['SQ_CONF_WEB_MEMORY_LIMIT']);
189  unset($vars['SQ_CONF_CRON_MEMORY_LIMIT']);
190  }
191 
192  if (isset($vars['SQ_CONF_FORCE_SECURE_LOGIN_URLS'])) {
193  if(empty($vars['SQ_CONF_FORCE_SECURE_LOGIN_URLS'])) {
194  $vars['SQ_CONF_FORCE_SECURE_LOGIN_URLS'] = '';
195  }
196  else {
197  $vars['SQ_CONF_FORCE_SECURE_LOGIN_URLS'] = implode("\n", $vars['SQ_CONF_FORCE_SECURE_LOGIN_URLS']);
198  }
199  }
200 
201  if (isset($vars['SQ_CONF_STATIC_ROOT_URL']) && substr($vars['SQ_CONF_STATIC_ROOT_URL'], -1) == '/') {
202  $vars['SQ_CONF_STATIC_ROOT_URL'] = substr($vars['SQ_CONF_STATIC_ROOT_URL'], 0, strlen($vars['SQ_CONF_STATIC_ROOT_URL']) -1);
203  }
204  foreach (Array('SQ_CONF_REFRESH_INTERVAL', 'SQ_CONF_LOCK_LENGTH') as $var_name) {
205  if (isset($vars[$var_name])) {
206  $vars[$var_name] = max(60, (int) $vars[$var_name]);
207  }
208  }
209  if (isset($vars['SQ_LICENCE_WARRANTY_KEY'])) {
210  $vars['SQ_LICENCE_WARRANTY_KEY'] = trim($vars['SQ_LICENCE_WARRANTY_KEY']);
211  }
212  }//end if validating values
213 
214  }//end if SQ_SYSTEM is set
215 
216  return parent::save($vars, $backup_existing, $send_message);
217 
218  }//end save()
219 
220 
231  protected function _paintConfigVar($var_name, $value, $var_export=TRUE)
232  {
233  switch ($var_name) {
234  case 'SQ_CONF_PEAR_PATH' :
235  // if this looks like a plain value and it starts with the system root, then put the system root constant in
236  if ($var_export && substr($value, 0, strlen(SQ_SYSTEM_ROOT)) == SQ_SYSTEM_ROOT) {
237  if (!parent::_paintConfigVar($var_name, 'SQ_SYSTEM_ROOT.'.var_export(substr($value, strlen(SQ_SYSTEM_ROOT)), TRUE), FALSE)) {
238  return FALSE;
239  }
240  } else {
241  if (!parent::_paintConfigVar($var_name, $value, $var_export)) {
242  return FALSE;
243  }
244  }
245  if ($value) {
246  $sep = (substr(PHP_OS, 0, 3) == 'WIN') ? ';' : ':';
247 
248  // basically, if the first entry is '.' (ie the current directory) leave that,
249  // and insert the pear path just after that, otherwise just right at the front of the
250  // include path
251  echo "\$inc_dir = ini_get('include_path');\n";
252  echo "\$inc_dir = (substr(\$inc_dir, 0, 2) == '.".$sep."') ? '.".$sep."'.SQ_CONF_PEAR_PATH.'".$sep."'.substr(\$inc_dir, 2) : SQ_CONF_PEAR_PATH.'".$sep."'.\$inc_dir;\n";
253  echo "ini_set('include_path', \$inc_dir);\n\n";
254  }
255  return TRUE;
256  break;
257 
258 
259  case 'SQ_CONF_LOG_ERRORS' :
260  if (!parent::_paintConfigVar($var_name, $value, $var_export)) {
261  return FALSE;
262  }
263  // NOTE: if they don't want to log errors we will leave
264  // them with whatever their PHP settings are
265  if ($value) echo "ini_set('log_errors', '1');\n";
266 
267  return TRUE;
268  break;
269 
270 
271  case 'SQ_CONF_LOG_FILE_ERROR' :
272  $value = trim($value);
273  // NOTE: we're not checking if the error file can be created or written to
274  // this is because the full filename is dynamic, and on first run the value of
275  // SQ_CONF_LOG_EXTENSION is unknown so we cannot create a proper name for testing
276  // persmissions of SQ_LOG_PATH should make sure that dir can be written to
277 
278  // NOTE: if the value is given as "logname.log", the resulting logname will be
279  // "logname.log.log" because users do not have control over file extension
280 
281  // the following call is used as a basic prevention mechanism to stop anyone
282  // from specifying paths with directories
283  $value = basename($value);
284  if (!empty($value)) {
285  $value = $this->config_vars[$var_name]['default'];
286  }
287 
288  if (!parent::_paintConfigVar($var_name, $value, $var_export)) {
289  return FALSE;
290  }
291 
292  echo "ini_set('error_log', SQ_LOG_PATH.'/'.SQ_CONF_LOG_FILE_ERROR.SQ_CONF_LOG_EXTENSION);\n";
293  return TRUE;
294  break;
295 
296 
297  case 'SQ_CONF_SYSTEM_ROOT_URLS' :
298  case 'SQ_CONF_STATIC_ROOT_URL' :
299  case 'SQ_CONF_FORWARDED_IP_PROXY_LIST' :
300  return parent::_paintConfigVar($var_name, trim($value), $var_export);
301  break;
302 
303  case 'SQ_CONF_SESSION_GC_MAXLIFETIME' :
304  if (!parent::_paintConfigVar($var_name, $value, $var_export)) {
305  return FALSE;
306  }
307  echo "ini_set('session.gc_maxlifetime', $value);\n";
308  return TRUE;
309  break;
310 
311  default :
312  return parent::_paintConfigVar($var_name, $value, $var_export);
313 
314  }//end switch
315 
316  }//end _paintConfigVar()
317 
318 
326  public function canAcquireLock()
327  {
328  // need to be root or a sys admin
329  return ($GLOBALS['SQ_SYSTEM']->userRoot() || $GLOBALS['SQ_SYSTEM']->userSystemAdmin());
330 
331  }//end canAcquireLock()
332 
333 
340  public function writeAccess()
341  {
342  if (!parent::writeAccess()) return FALSE;
343  if (!isset($GLOBALS['SQ_SYSTEM'])) return TRUE;
344  if (!$GLOBALS['SQ_SYSTEM']->runLevelEnables(SQ_SECURITY_PERMISSIONS)) {
345  return TRUE;
346  }
347 
348  // need to be root or a sys admin
349  return ($GLOBALS['SQ_SYSTEM']->userRoot() || $GLOBALS['SQ_SYSTEM']->userSystemAdmin());
350 
351  }//end writeAccess()
352 
353 
366  public function paintBackend(&$o)
367  {
368  parent::paintBackend($o);
369 
370  $write_access = $this->writeAccess();
371 
372  $is_root = $GLOBALS['SQ_SYSTEM']->userRoot();
373 
374  $class = get_class_lower($this);
375 
376  $o->openSection(translate('system_settings'));
377 
378  $o->openField(translate('system_name'));
379  if ($write_access) {
380  text_box($class.'[SQ_CONF_SYSTEM_NAME]', SQ_CONF_SYSTEM_NAME, 30);
381  } else {
382  echo SQ_CONF_SYSTEM_NAME;
383  }
384  $o->closeField();
385 
386  $o->openField(translate('system_owner'));
387  if ($write_access) {
388  text_box($class.'[SQ_CONF_SYSTEM_OWNER]', SQ_CONF_SYSTEM_OWNER, 30);
389  } else {
390  echo SQ_CONF_SYSTEM_OWNER;
391  }
392  $o->closeField();
393 
394  $o->openField(translate('system_backend_suffix'));
395  if ($write_access) {
396  text_box($class.'[SQ_CONF_BACKEND_SUFFIX]', SQ_CONF_BACKEND_SUFFIX, 15);
397  } else {
398  echo nl2br(SQ_CONF_BACKEND_SUFFIX);
399  }
400 
401  $o->openField(translate('system_simple_edit_suffix'));
402  if ($write_access) {
403  text_box($class.'[SQ_CONF_LIMBO_SUFFIX]', SQ_CONF_LIMBO_SUFFIX, 15);
404  } else {
405  echo nl2br(SQ_CONF_LIMBO_SUFFIX);
406  }
407 
408  $o->openField(translate('system_login_suffix'));
409  if ($write_access) {
410  text_box($class.'[SQ_CONF_LOGIN_SUFFIX]', SQ_CONF_LOGIN_SUFFIX, 15);
411  } else {
412  echo nl2br(SQ_CONF_LOGIN_SUFFIX);
413  }
414 
415  $o->openField(translate('system_nocache_suffix'));
416  if ($write_access) {
417  text_box($class.'[SQ_CONF_NOCACHE_SUFFIX]', SQ_CONF_NOCACHE_SUFFIX, 15);
418  } else {
419  echo nl2br(SQ_CONF_NOCACHE_SUFFIX);
420  }
421 
422  $o->openField(translate('system_recache_suffix'));
423  if ($write_access) {
424  text_box($class.'[SQ_CONF_RECACHE_SUFFIX]', SQ_CONF_RECACHE_SUFFIX, 15);
425  } else {
426  echo nl2br(SQ_CONF_RECACHE_SUFFIX);
427  }
428 
429  $o->openField(translate('system_performance_suffix'));
430  if ($write_access) {
431  text_box($class.'[SQ_CONF_PERFORMANCE_SUFFIX]', SQ_CONF_PERFORMANCE_SUFFIX, 15);
432  } else {
433  echo nl2br(SQ_CONF_PERFORMANCE_SUFFIX);
434  }
435 
436  $o->openField(translate('system_timezone'));
437  if ($write_access) {
438  text_box($class.'[SQ_CONF_TIMEZONE]', SQ_CONF_TIMEZONE, 15);
439  } else {
440  echo nl2br(SQ_CONF_TIMEZONE);
441  }
442  $o->closeSection();
443 
444  $o->openSection(translate('system_urls'));
445 
446  require_once SQ_ATTRIBUTES_PATH.'/option_list/option_list.inc';
447 
448  $option_list = new Asset_Attribute_Option_List(0, NULL, SQ_OPTION_LIST_DELIMITER_UNIX);
449  $option_list->setEditParam('width', 60);
450 
451  $o->openField(translate('system_root_urls'));
452  if ($write_access) {
453  $option_list->value = SQ_CONF_SYSTEM_ROOT_URLS;
454  $option_list->paint('SQ_CONF_SYSTEM_ROOT_URLS');
455  } else {
456  echo nl2br(SQ_CONF_SYSTEM_ROOT_URLS);
457  }
458  $o->closeField();
459 
460  $o->openField(translate('system_parent_domains'));
461  if ($write_access) {
462  $option_list->value = SQ_CONF_SYSTEM_PARENT_DOMAINS;
463  $option_list->paint('SQ_CONF_SYSTEM_PARENT_DOMAINS');
464  } else {
465  if (SQ_CONF_SYSTEM_PARENT_DOMAINS == '') {
466  echo translate('none');
467  } else {
468  echo nl2br(SQ_CONF_SYSTEM_PARENT_DOMAINS);
469  }
470  }
471  $o->note(translate('system_parent_domains_note'));
472  $o->closeField();
473 
474  $o->openField(translate('system_static_url'));
475  if ($write_access && $is_root) {
476  text_box($class.'[SQ_CONF_STATIC_ROOT_URL]', SQ_CONF_STATIC_ROOT_URL, 80);
477  } else {
478  if (SQ_CONF_STATIC_ROOT_URL == '') {
479  echo translate('not_set');
480  } else {
481  echo SQ_CONF_STATIC_ROOT_URL;
482  }
483  }
484  $o->note(translate('system_static_url_note'));
485  $o->closeField();
486 
487  $o->openField(translate('system_static_url_http'));
488  if ($write_access && $is_root) {
489  combo_box($class.'[SQ_CONF_STATIC_ROOT_HTTP]', Array('1' => translate('yes'), '0' => translate('no')), FALSE, SQ_CONF_STATIC_ROOT_HTTP);
490  } else {
491  echo (SQ_CONF_STATIC_ROOT_HTTP) ? translate('yes') : translate('no');
492  }
493  $o->closeField();
494 
495  $o->openField(translate('system_static_url_https'));
496  if ($write_access && $is_root) {
497  combo_box($class.'[SQ_CONF_STATIC_ROOT_HTTPS]', Array('1' => translate('yes'), '0' => translate('no')), FALSE, SQ_CONF_STATIC_ROOT_HTTPS);
498  } else {
499  echo (SQ_CONF_STATIC_ROOT_HTTPS) ? translate('yes') : translate('no');
500  }
501  $o->closeField();
502 
503  $o->openField(translate('system_web_path_separator'));
504  if ($write_access) {
505  text_box($class.'[SQ_CONF_WEB_PATH_SEPARATOR]', SQ_CONF_WEB_PATH_SEPARATOR, 1, 1);
506  } else {
507  echo nl2br(SQ_CONF_WEB_PATH_SEPARATOR);
508  }
509  $o->closeField();
510 
511  $o->openField(translate('system_redirect_url_with_trailing_slash'));
512  if ($write_access && $is_root) {
513  combo_box($class.'[SQ_CONF_REDIRECT_URL_WITH_TRAILING_SLASH]', Array('1' => translate('yes'), '0' => translate('no')), FALSE, SQ_CONF_REDIRECT_URL_WITH_TRAILING_SLASH);
514  } else {
515  echo (SQ_CONF_REDIRECT_URL_WITH_TRAILING_SLASH) ? translate('yes') : translate('no');
516  }
517  $o->note(translate('system_redirect_url_with_trailing_slash_note'));
518  $o->closeField();
519 
520  $o->closeSection();
521 
522  $o->openSection(translate('rollback_settings'));
523 
524  $o->openField(translate('rollback_enabled'));
525  echo (SQ_CONF_ROLLBACK_ENABLED) ? translate('yes') : translate('no');
526  $o->note(translate('must_enable_rollback'));
527  $o->closeField();
528 
529  $o->closeSection();
530 
531  $o->openSection(translate('email_settings'));
532 
533  $o->openField(translate('default_email'));
534  if ($write_access) {
535  text_box($class.'[SQ_CONF_DEFAULT_EMAIL]', SQ_CONF_DEFAULT_EMAIL, 50);
536  } else {
537  echo SQ_CONF_DEFAULT_EMAIL;
538  }
539  $o->closeField();
540 
541  $o->openField(translate('tech_email'));
542  if ($write_access) {
543  text_box($class.'[SQ_CONF_TECH_EMAIL]', SQ_CONF_TECH_EMAIL, 50);
544  } else {
545  echo SQ_CONF_TECH_EMAIL;
546  }
547  $o->closeField();
548 
549  $o->closeSection();
550 
551  $o->openSection(translate('login/session_settings'));
552 
553  $o->openField(translate('force_secure_login_urls'));
554  $root_urls = explode("\n", SQ_CONF_SYSTEM_ROOT_URLS);
555  $force_secure_urls = explode("\n", SQ_CONF_FORCE_SECURE_LOGIN_URLS);
556  ?>
557  <table class="sq-backend-table" style="width: auto">
558  <thead>
559  <tr>
560  <th><?php echo translate('url'); ?></th>
561  <th><?php echo translate('require_secure_login'); ?></th>
562  </tr>
563  </thead>
564  <tbody>
565  <?php
566  foreach ($root_urls as $i => $url) {
567  ?>
568  <tr>
569  <td><?php echo $url; ?></td>
570  <td>
571  <?php
572  if ($write_access) {
573  check_box($class.'[SQ_CONF_FORCE_SECURE_LOGIN_URLS][]', $url, in_array($url, $force_secure_urls));
574  } else {
575  $filename = in_array($url, $force_secure_urls) ? 'tick' : 'cross';
576  echo '<img src="'.sq_web_path('lib').'/web/images/'.$filename.'.gif" />';
577  }
578  ?>
579  </td>
580  </tr>
581  <?php
582  }
583  ?>
584  </tbody>
585  </table>
586  <?php
587  $o->note(translate('force_secure_login_urls_note'));
588 
589  $o->openField(translate('max_login_attempts'));
590  if ($write_access && $is_root) {
591  text_box($class.'[SQ_CONF_MAX_LOGIN_ATTEMPTS]', SQ_CONF_MAX_LOGIN_ATTEMPTS, 5, 5);
592  } else {
593  echo SQ_CONF_MAX_LOGIN_ATTEMPTS;
594  }
595  $o->note(translate('0_is_unlimited_attempts'));
596 
597  $o->openField(translate('allow_ip_change'));
598  if ($write_access && $is_root) {
599  combo_box($class.'[SQ_CONF_ALLOW_IP_CHANGE]', Array('1' => translate('yes'), '0' => translate('no')), FALSE, SQ_CONF_ALLOW_IP_CHANGE);
600  } else {
601  echo (SQ_CONF_ALLOW_IP_CHANGE) ? translate('yes') : translate('no');
602  }
603  $o->note(translate('allow_user_ip_to_fluctuate'));
604 
605  $o->openField(translate('process_php_credentials'));
606  if ($write_access && $is_root) {
607  combo_box($class.'[SQ_CONF_ACCEPT_HTTP_CREDS]', Array('1' => translate('yes'), '0' => translate('no')), FALSE, SQ_CONF_ACCEPT_HTTP_CREDS);
608  } else {
609  echo (SQ_CONF_ACCEPT_HTTP_CREDS) ? translate('yes') : translate('no');
610  }
611  $o->note(translate('process_php_credentials_note'));
612 
613  $o->openField(translate('enable_http_authentication'));
614  if ($write_access && $is_root) {
615  combo_box($class.'[SQ_CONF_ENABLE_HTTP_LOGIN]', Array('1' => translate('yes'), '0' => translate('no')), FALSE, SQ_CONF_ENABLE_HTTP_LOGIN);
616  } else {
617  echo (SQ_CONF_ENABLE_HTTP_LOGIN) ? translate('yes') : translate('no');
618  }
619  $o->note(translate('enable_http_authentication_note'));
620 
621  $o->openField(translate('allow_single_sign_in'));
622  if ($write_access && $is_root) {
623  combo_box($class.'[SQ_CONF_ALLOW_HTTP_LOGIN]', Array('1' => translate('yes'), '0' => translate('no')), FALSE, SQ_CONF_ALLOW_HTTP_LOGIN);
624  } else {
625  echo (SQ_CONF_ALLOW_HTTP_LOGIN) ? translate('yes') : translate('no');
626  }
627  $o->note(translate('allow_single_sign_in_note'));
628 
629  $o->openField(translate('http_login_var'));
630  if ($write_access && $is_root) {
631 
632  $server = array_keys($_SERVER);
633 
634  ?>
635 
636  <script language="JavaScript" type="text/javascript">
637  //<![CDATA[
638  function toggle_http_login_var() {
639  list = document.getElementById('sq-conf-http-login-var-list');
640  txt = document.getElementById('sq-conf-http-login-var-toggle');
641  if (txt && list) {
642  list.style.display = (list.style.display == 'none' ? 'block' : 'none');
643  txt.innerHTML = js_translate('http_login_var_' + (list.style.display == 'none' ? 'show' : 'hide') + '_server_var');
644  }
645  }// end set_conf_debug
646  //]]>
647  </script>
648 
649  <?php
650  text_box($class.'[SQ_CONF_HTTP_LOGIN_VAR]', SQ_CONF_HTTP_LOGIN_VAR, 40, '', FALSE , 'id="sq-conf-http-login-var"');
651  ?>
652 
653  <br />
654  <span id="sq-conf-http-login-var-toggle" class="clickable" onclick=toggle_http_login_var();><?php echo translate('http_login_var_show_server_var');?></span>
655  <div id="sq-conf-http-login-var-list" style="display:none;">
656  <table class="sq-backend-table" width="400">
657  <tr>
658  <th colspan="2">
659  <?php echo translate('http_login_var_list_header');?>
660  </th>
661  </tr>
662  <tr>
663  <td>
664  <?php
665  if (!empty($server)) {
666  ?><ul><?php
667  for ($i=0; $i < sizeof($server); $i++) {
668  // make the second column
669  if ($i == round(sizeof($server)/2)) {
670  echo '</ul></td><td ><ul>';
671  }
672  ?><li>
673  <span class="clickable" onclick="elt=document.getElementById('sq-conf-http-login-var'); if(elt) elt.value='<?php echo $server[$i];?>';">
674  <?php echo $server[$i];?>
675  </span>
676  </li><?php
677  }
678  ?></ul><?php
679  }
680  ?>
681  </td>
682  </tr>
683  </table>
684  </div>
685  <?php
686  } else {
687  echo SQ_CONF_HTTP_LOGIN_VAR;
688  }
689 
690  $o->openField(translate('enable_external_auth_systems'));
691  if ($write_access && $is_root) {
692  combo_box($class.'[SQ_CONF_ENABLE_EXTERNAL_AUTH_SYSTEMS]', Array('1' => translate('yes'), '0' => translate('no')), FALSE, SQ_CONF_ENABLE_EXTERNAL_AUTH_SYSTEMS);
693  } else {
694  echo (SQ_CONF_ENABLE_EXTERNAL_AUTH_SYSTEMS) ? translate('yes') : translate('no');
695  }
696  $o->note(translate('enable_external_auth_systems_note'));
697 
698  $o->openField(translate('choose_session_save_path'));
699  if ($write_access && $is_root) {
700  combo_box($class.'[SQ_CONF_USE_DEFAULT_SESSION_SAVE_PATH]', Array('1' => translate('true'), '0' => translate('false')), FALSE, SQ_CONF_USE_DEFAULT_SESSION_SAVE_PATH);
701  } else {
702  echo (SQ_CONF_USE_DEFAULT_SESSION_SAVE_PATH) ? translate('true') : translate('false');
703  }
704  $o->note(translate('choose_session_save_path_note', session_save_path()));
705 
706  $o->closeSection();
707 
708  $o->openSection(translate('intervals'));
709 
710  $o->openField(translate('refresh_interval'));
711  if ($write_access) {
712  text_box($class.'[SQ_CONF_REFRESH_INTERVAL]', SQ_CONF_REFRESH_INTERVAL, 5, 5);
713  } else {
714  echo SQ_CONF_REFRESH_INTERVAL;
715  }
716  $o->note(translate('header_frame_mail_lock'));
717 
718  $o->openField(translate('lock_length'));
719  if ($write_access) {
720  text_box($class.'[SQ_CONF_LOCK_LENGTH]', SQ_CONF_LOCK_LENGTH, 5, 5);
721  } else {
722  echo SQ_CONF_LOCK_LENGTH;
723  }
724  $o->closeField(translate('lock_length_time'));
725 
726  $o->closeSection();
727 
728  $o->openSection(translate('php_config_settings'));
729 
730  $o->openField(translate('php_config_web_memory_limit'));
731  if ($write_access && $is_root) {
732  int_text_box($class.'[SQ_CONF_WEB_MEMORY_LIMIT]', SQ_CONF_WEB_MEMORY_LIMIT, FALSE, 5, NULL, NULL, 3);
733  echo ' MB';
734  } else {
735  echo SQ_CONF_WEB_MEMORY_LIMIT.'MB';
736  }
737  $o->note(translate('php_config_web_memory_limit_note'));
738  $o->closeField();
739 
740  $o->openField(translate('php_config_cron_memory_limit'));
741  if ($write_access && $is_root) {
742  int_text_box($class.'[SQ_CONF_CRON_MEMORY_LIMIT]', SQ_CONF_CRON_MEMORY_LIMIT, FALSE, 5, NULL, NULL, 3);
743  echo ' MB';
744  } else {
745  echo SQ_CONF_CRON_MEMORY_LIMIT.'MB';
746  }
747  $o->note(translate('php_config_cron_memory_limit_note'));
748  $o->closeField();
749 
750  $o->closeSection();
751 
752 
753  $o->openSection(translate('error/debug_settings'));
754 
755  $o->openField(translate('log_errors'));
756  if ($write_access && $is_root) {
757  combo_box($class.'[SQ_CONF_LOG_ERRORS]', Array('1' => translate('yes'), '0' => translate('no')), FALSE, SQ_CONF_LOG_ERRORS);
758  } else {
759  echo (SQ_CONF_LOG_ERRORS) ? translate('yes') : translate('no');
760  }
761  $o->closeField();
762 
763  $o->openField(translate('hide_errors_on_the_frontend'));
764  if ($write_access && $is_root) {
765  combo_box($class.'[SQ_CONF_ERRORS_HIDE_FRONTEND]', Array('1' => translate('yes'), '0' => translate('no')), FALSE, SQ_CONF_ERRORS_HIDE_FRONTEND);
766  } else {
767  echo (SQ_CONF_ERRORS_HIDE_FRONTEND) ? translate('yes') : translate('no');
768  }
769  $o->closeField();
770 
771  $o->openField(translate('log_errors_to_syslog'));
772  if ($write_access && $is_root) {
773  combo_box($class.'[SQ_CONF_ERRORS_LOG_TO_SYSLOG]', Array('1' => translate('yes'), '0' => translate('no')), FALSE, SQ_CONF_ERRORS_LOG_TO_SYSLOG);
774  } else {
775  echo (SQ_CONF_ERRORS_LOG_TO_SYSLOG) ? translate('yes') : translate('no');
776  }
777  $o->note(translate('log_errors_to_syslog_note'));
778  $o->closeField();
779 
780  $o->openField(translate('log_errors_syslog_facility'));
781  // We only provide the common
782  $options = Array(
783  'user' => translate('syslog_facility_user'),
784  'local0' => translate('syslog_facility_local', 0),
785  'local1' => translate('syslog_facility_local', 1),
786  'local2' => translate('syslog_facility_local', 2),
787  'local3' => translate('syslog_facility_local', 3),
788  'local4' => translate('syslog_facility_local', 4),
789  'local5' => translate('syslog_facility_local', 5),
790  'local6' => translate('syslog_facility_local', 6),
791  'local7' => translate('syslog_facility_local', 7),
792  );
793  if ($write_access && $is_root) {
794  combo_box($class.'[SQ_CONF_ERRORS_SYSLOG_FACILITY]', $options, FALSE, SQ_CONF_ERRORS_SYSLOG_FACILITY);
795  } else {
796  echo $options[SQ_CONF_ERRORS_SYSLOG_FACILITY];
797  }
798 
799  $o->openField(translate('debug_settings'));
800  if ($write_access && $is_root) {
801  ?>
802  <script language="JavaScript" type="text/javascript">
803  <!--
804  function set_conf_debug(adding, bit) {
805 
806  var current_debug = parseInt(get_form_element_value("<?php echo $class; ?>[SQ_CONF_DEBUG]"), 10);
807  if (isNaN(current_debug)) return;
808  // are we adding this bit to the list, or removing it ?
809  if (adding) {
810  current_debug |= bit;
811  } else {
812  current_debug &= ~bit;
813  }
814 
815  set_hidden_field("<?php echo $class; ?>[SQ_CONF_DEBUG]", current_debug);
816 
817  }// end set_conf_debug
818 
819  //-->
820  </script>
821  <?php
822  hidden_field($class.'[SQ_CONF_DEBUG]', SQ_CONF_DEBUG);
823  foreach ($this->debug_options as $bit => $desc) {
824  check_box($class.'_SQ_CONF_DEBUG_'.$bit, $bit, (bool)(SQ_CONF_DEBUG & $bit), 'set_conf_debug(this.checked, '.$bit.');');
825  echo $desc, "<br />\n";
826  }
827  } else {
828  foreach ($this->debug_options as $bit => $desc) {
829  ?>
830  <img src="<?php echo sq_web_path('lib'); ?>/web/images/<?php echo (SQ_CONF_DEBUG & $bit) ? 'tick' : 'cross'; ?>.gif" width="15" height="15" />
831  <?php
832  echo $desc, "<br />\n";
833  }
834 
835  }
836 
837  $o->closeSection();
838 
839  $o->openSection(translate('internationalisation_settings'));
840 
841  $o->openField(translate('default_frontend_language'));
842  require SQ_FUDGE_PATH.'/standards_lists/languages.inc';
843  if ($write_access) {
844  combo_box($class.'[SQ_CONF_DEFAULT_FRONTEND_LANGUAGE]', $standards_lists_languages, FALSE, SQ_CONF_DEFAULT_FRONTEND_LANGUAGE);
845  } else {
846  echo $standards_lists_languages[SQ_CONF_DEFAULT_FRONTEND_LANGUAGE];
847  }
848 
849  $o->openField(translate('default_backend_locale'));
850  require SQ_FUDGE_PATH.'/standards_lists/locales.inc';
851  // default to English (Australia) in upgraded systems
852  $current_locale = !defined('SQ_CONF_DEFAULT_BACKEND_LOCALE') ? 'en_AU' : SQ_CONF_DEFAULT_BACKEND_LOCALE;
853  if ($write_access) {
854  combo_box($class.'[SQ_CONF_DEFAULT_BACKEND_LOCALE]', $standards_lists_locales, FALSE, $current_locale);
855  } else {
856  echo $standards_lists_locales[$current_locale];
857  }
858 
859  $o->openField(translate('default_character_set'));
860  require SQ_FUDGE_PATH.'/standards_lists/character_sets.inc';
861  if ($write_access) {
862  combo_box($class.'[SQ_CONF_DEFAULT_CHARACTER_SET]', $standards_lists_character_sets, FALSE, SQ_CONF_DEFAULT_CHARACTER_SET);
863  } else {
864  echo $standards_lists_character_sets[SQ_CONF_DEFAULT_CHARACTER_SET];
865  }
866 
867  $o->openField(translate('use_lang_character_map'));
868  if ($write_access) {
869  $options = Array(
870  '0' => translate('no'),
871  '1' => translate('yes'),
872  );
873  combo_box($class.'[SQ_CONF_USE_LANG_CHAR_MAP]', $options, FALSE, !defined('SQ_CONF_USE_LANG_CHAR_MAP') ? '0' : SQ_CONF_USE_LANG_CHAR_MAP);
874  } else {
875  echo (SQ_CONF_USE_LANG_CHAR_MAP) ? translate('yes') : translate('no');
876  }
877 
878  $o->closeSection();
879 
880  $o->openSection(translate('editing_interface_settings'));
881 
882  $o->openField(translate('commit_button_text'));
883  if ($write_access) {
884  text_box($class.'[SQ_CONF_COMMIT_BUTTON_TEXT]', !defined('SQ_CONF_COMMIT_BUTTON_TEXT') ? 'Commit' : SQ_CONF_COMMIT_BUTTON_TEXT, 30);
885  } else {
886  echo !defined('SQ_CONF_COMMIT_BUTTON_TEXT') ? 'Commit' : SQ_CONF_COMMIT_BUTTON_TEXT;
887  }
888  $o->note(translate('rename_commit_button'));
889  $o->closeField();
890 
891  $o->openField(translate('confirm_save_changes'));
892  if ($write_access) {
893  $options = Array(
894  '0' => translate('no'),
895  '1' => translate('yes'),
896  );
897  combo_box($class.'[SQ_CONF_CONFIRM_SAVE_CHANGES]', $options, FALSE, !defined('SQ_CONF_CONFIRM_SAVE_CHANGES') ? '1' : SQ_CONF_CONFIRM_SAVE_CHANGES);
898  } else {
899  if (defined('SQ_CONF_CONFIRM_SAVE_CHANGES')) {
900  ?> &nbsp;
901  <img src="<?php echo sq_web_path('lib'); ?>/web/images/<?php echo (SQ_CONF_CONFIRM_SAVE_CHANGES) ? 'tick' : 'cross'; ?>.gif" width="15" height="15" />
902  <?php
903  } else {
904  echo translate('not_set');
905  }//end if
906  }//end if
907  $o->note(translate('confirm_save_changes_msg'));
908  $o->closeField();
909 
910  $o->closeSection();
911 
912  $o->openSection(translate('asset_map_settings'));
913 
914  $o->openField(translate('asset_limit_per_node'));
915  if ($write_access) {
916  text_box($class.'[SQ_CONF_ASSET_MAP_ASSET_LIMIT]', !defined('SQ_CONF_ASSET_MAP_ASSET_LIMIT') ? '50' : SQ_CONF_ASSET_MAP_ASSET_LIMIT, 30);
917  } else {
918  echo !defined('SQ_CONF_ASSET_MAP_ASSET_LIMIT') ? '50' : SQ_CONF_ASSET_MAP_ASSET_LIMIT;
919  }
920  $o->note(translate('asset_limit_per_node_note'));
921  $o->closeField();
922 
923  $o->openField(translate('asset_display_name'));
924  if ($write_access) {
925  text_box($class.'[SQ_CONF_ASSET_MAP_ASSET_DISPLAY_NAME]', !defined('SQ_CONF_ASSET_MAP_ASSET_DISPLAY_NAME') ? $this->config_vars['SQ_CONF_ASSET_MAP_ASSET_DISPLAY_NAME']['default'] : SQ_CONF_ASSET_MAP_ASSET_DISPLAY_NAME, 50);
926  } else {
927  echo !defined('SQ_CONF_ASSET_MAP_ASSET_DISPLAY_NAME') ? $this->config_vars['SQ_CONF_ASSET_MAP_ASSET_DISPLAY_NAME']['default'] : SQ_CONF_ASSET_MAP_ASSET_DISPLAY_NAME;
928  }
929  $o->note(translate('asset_display_name_note'));
930  $o->closeField();
931 
932  $o->closeSection();
933 
934  $o->openSection(translate('http_header_section_name'));
935 
936  $o->openField(translate('http_header_cacheable_field'));
937  if ($write_access && $is_root) {
938  combo_box($class.'[SQ_CONF_SEND_CACHEABLE_HEADER]', Array('1' => translate('yes'), '0' => translate('no')), FALSE, SQ_CONF_SEND_CACHEABLE_HEADER);
939  } else {
940  echo (SQ_CONF_SEND_CACHEABLE_HEADER) ? translate('yes') : translate('no');
941  }
942  $o->note(translate('http_header_cacheable_field_note'));
943  $o->closeField();
944 
945  $o->openField(translate('http_header_last_modified_field'));
946  if ($write_access && $is_root) {
947  combo_box($class.'[SQ_CONF_SEND_LAST_MODIFIED_HEADER]', Array('1' => translate('yes'), '0' => translate('no')), FALSE, SQ_CONF_SEND_LAST_MODIFIED_HEADER);
948  } else {
949  echo (SQ_CONF_SEND_LAST_MODIFIED_HEADER) ? translate('yes') : translate('no');
950  }
951  $o->note(translate('http_header_last_modified_field_note'));
952  $o->closeField();
953 
954  $o->openField(translate('http_header_not_modified_field'));
955  if ($write_access && $is_root) {
956  combo_box($class.'[SQ_CONF_SEND_NOT_MODIFIED_HEADER]', Array('1' => translate('yes'), '0' => translate('no')), FALSE, SQ_CONF_SEND_NOT_MODIFIED_HEADER);
957  } else {
958  echo (SQ_CONF_SEND_NOT_MODIFIED_HEADER) ? translate('yes') : translate('no');
959  }
960  $o->note(translate('http_header_not_modified_field_note'));
961  $o->note(translate('http_header_conditional_note'));
962  $o->closeField();
963 
964  $o->openField(translate('http_header_send_no_cache_header_field'));
965  if ($write_access && $is_root) {
966  combo_box($class.'[SQ_CONF_SEND_NO_CACHE_HEADER]', Array('1' => translate('yes'), '0' => translate('no')), FALSE, SQ_CONF_SEND_NO_CACHE_HEADER);
967  } else {
968  echo (SQ_CONF_SEND_NO_CACHE_HEADER) ? translate('yes') : translate('no');
969  }
970  $o->note(translate('http_header_send_no_cache_header_field_note'));
971  $o->closeField();
972 
973  $o->openField(translate('http_header_send_404_cacheable_header_field'));
974  if ($write_access && $is_root) {
975  combo_box($class.'[SQ_CONF_SEND_404_CACHEABLE_HEADER]', Array('1' => translate('yes'), '0' => translate('no')), FALSE, SQ_CONF_SEND_404_CACHEABLE_HEADER);
976  } else {
977  echo (SQ_CONF_SEND_404_CACHEABLE_HEADER) ? translate('yes') : translate('no');
978  }
979  $o->note(translate('http_header_send_404_cacheable_header_field_note'));
980  $o->closeField();
981 
982  $o->openField(translate('http_header_use_http_x_forwarded_for'));
983  if ($write_access && $is_root) {
984  combo_box($class.'[SQ_CONF_USE_HTTP_X_FORWARDED_FOR]', Array('1' => translate('yes'), '0' => translate('no')), FALSE, SQ_CONF_USE_HTTP_X_FORWARDED_FOR);
985  } else {
986  echo (SQ_CONF_USE_HTTP_X_FORWARDED_FOR) ? translate('yes') : translate('no');
987  }
988  $o->note(translate('http_header_use_http_x_forwarded_for_note'));
989 
990  $option_list->setEditParam('width', 30);
991  if ($write_access) {
992  $option_list->value = SQ_CONF_FORWARDED_IP_PROXY_LIST;
993  $option_list->paint('SQ_CONF_FORWARDED_IP_PROXY_LIST');
994  } else {
995  if (SQ_CONF_FORWARDED_IP_PROXY_LIST == '') {
996  echo translate('none');
997  } else {
998  echo nl2br(SQ_CONF_FORWARDED_IP_PROXY_LIST);
999  }
1000  }
1001  $o->closeField();
1002 
1003  $o->openField(translate('http_header_cookie_http_only_field_name'));
1004  if ($write_access && $is_root) {
1005  combo_box($class.'[SQ_CONF_COOKIE_OPTION_HTTP_ONLY]', Array('1' => translate('yes'), '0' => translate('no')), FALSE, SQ_CONF_COOKIE_OPTION_HTTP_ONLY);
1006  } else {
1007  echo (SQ_CONF_COOKIE_OPTION_HTTP_ONLY) ? translate('yes') : translate('no');
1008  }
1009  $o->note(translate('http_header_cookie_http_only_note'));
1010 
1011  $o->closeField();
1012 
1013  $o->openField(translate('http_header_cookie_secure_option_field_name'));
1014  if ($write_access && $is_root) {
1015  combo_box($class.'[SQ_CONF_COOKIE_OPTION_SECURE]', Array('1' => translate('yes'), '0' => translate('no')), FALSE, SQ_CONF_COOKIE_OPTION_SECURE);
1016  } else {
1017  echo (SQ_CONF_COOKIE_OPTION_SECURE) ? translate('yes') : translate('no');
1018  }
1019  $o->note(translate('http_header_cookie_secure_option_note'));
1020 
1021  $o->closeField();
1022 
1023 
1024  $o->closeSection();
1025 
1026 
1027  $o->openSection(translate('roles_configuration_section_name'));
1028 
1029  $o->openField(translate('roles_configuration_enable_roles_perm_system'));
1030  if ($write_access && $is_root) {
1031  combo_box($class.'[SQ_CONF_ENABLE_ROLES_PERM_SYSTEM]', Array('1' => translate('yes'), '0' => translate('no')), FALSE, SQ_CONF_ENABLE_ROLES_PERM_SYSTEM);
1032  } else {
1033  echo (SQ_CONF_ENABLE_ROLES_PERM_SYSTEM) ? translate('yes') : translate('no');
1034  }
1035  $o->closeField();
1036 
1037  $o->openField(translate('roles_configuration_enable_roles_wf_system'));
1038  if ($write_access && $is_root) {
1039  combo_box($class.'[SQ_CONF_ENABLE_ROLES_WF_SYSTEM]', Array('1' => translate('yes'), '0' => translate('no')), FALSE, SQ_CONF_ENABLE_ROLES_WF_SYSTEM);
1040  } else {
1041  echo (SQ_CONF_ENABLE_ROLES_WF_SYSTEM) ? translate('yes') : translate('no');
1042  }
1043  $o->closeField();
1044 
1045  if ( ((defined('SQ_CONF_ENABLE_ROLES_PERM_SYSTEM') && (SQ_CONF_ENABLE_ROLES_PERM_SYSTEM == '1')) || (defined('SQ_CONF_ENABLE_ROLES_WF_SYSTEM') && (SQ_CONF_ENABLE_ROLES_WF_SYSTEM == '1')) ) || (!defined('SQ_CONF_ENABLE_ROLES_PERM_SYSTEM') && !defined('SQ_CONF_ENABLE_ROLES_WF_SYSTEM') )) {
1046  $o->openField(translate('roles_configuration_enable_global_roles'));
1047  if ($write_access && $is_root) {
1048  combo_box($class.'[SQ_CONF_ENABLE_GLOBAL_ROLES]', Array('1' => translate('yes'), '0' => translate('no')), FALSE, SQ_CONF_ENABLE_GLOBAL_ROLES);
1049  } else {
1050  echo (SQ_CONF_ENABLE_GLOBAL_ROLES) ? translate('yes') : translate('no');
1051  }
1052  $o->closeField();
1053  }
1054 
1055  $o->closeSection();
1056 
1057  $o->openSection(translate('search_engine_optimizations'));
1058 
1059  $o->openField(translate('remove_self_links'));
1060  if ($write_access) {
1061  $options = Array(
1062  '0' => translate('no'),
1063  '1' => translate('yes'),
1064  );
1065  combo_box($class.'[SQ_CONF_NO_ASSET_SELF_LINKS]', $options, FALSE, !defined('SQ_CONF_NO_ASSET_SELF_LINKS') ? '0' : SQ_CONF_NO_ASSET_SELF_LINKS);
1066  } else {
1067  echo (SQ_CONF_NO_ASSET_SELF_LINKS) ? translate('yes') : translate('no');
1068  }
1069  $o->note(translate('remove_self_links_note'));
1070  $o->closeField();
1071 
1072  $o->closeSection();
1073 
1074  $o->openSection(translate('install_and_warranty_key'));
1075 
1076  $o->openField(translate('install_key'));
1077  echo SQ_LICENCE_INSTALL_KEY;
1078  $o->note(translate('system_config_install_key_note'));
1079  $o->closeField();
1080 
1081  $o->openField(translate('warranty_key'));
1082  if ($write_access) {
1083  text_box($class.'[SQ_LICENCE_WARRANTY_KEY]', !defined('SQ_LICENCE_WARRANTY_KEY') ? '' : SQ_LICENCE_WARRANTY_KEY, 30);
1084  } else {
1085  echo SQ_LICENCE_WARRANTY_KEY;
1086  }
1087  $o->closeField();
1088 
1089  $o->closeSection();
1090 
1091  if ($write_access) $o->commitButton('', TRUE);
1092 
1093  }//end paintBackend()
1094 
1095 
1105  public function processBackend(&$o)
1106  {
1107  $write_access = $this->writeAccess();
1108  if (!$write_access) return parent::processBackend($o);
1109 
1110  $class = get_class_lower($this);
1111 
1112  require_once SQ_ATTRIBUTES_PATH.'/option_list/option_list.inc';
1113  $option_list = new Asset_Attribute_Option_List(0, NULL, SQ_OPTION_LIST_DELIMITER_UNIX);
1114 
1115  $list_settings = Array(
1116  'SQ_CONF_SYSTEM_ROOT_URLS',
1117  'SQ_CONF_SYSTEM_PARENT_DOMAINS',
1118  'SQ_CONF_FORWARDED_IP_PROXY_LIST'
1119  );
1120 
1121  foreach ($list_settings as $list_setting) {
1122  $option_list->process($list_setting);
1123  $_POST[$class][$list_setting] = $option_list->value;
1124  }
1125 
1126  $roles_changed = (isset($_POST['system_config']['SQ_CONF_ENABLE_ROLES_PERM_SYSTEM']) || isset($_POST['system_config']['SQ_CONF_ENABLE_ROLES_WF_SYSTEM']) || isset($_POST['system_config']['SQ_CONF_ENABLE_GLOBAL_ROLES']));
1127 
1128  $enable_roles_perm_system_setting = SQ_CONF_ENABLE_ROLES_PERM_SYSTEM;
1129  $enable_roles_wf_system_setting = SQ_CONF_ENABLE_ROLES_WF_SYSTEM;
1130  $enable_global_roles_setting = SQ_CONF_ENABLE_GLOBAL_ROLES;
1131 
1132  if ($roles_changed) {
1133  $enable_roles_perm_system_setting = (isset($_POST['system_config']['SQ_CONF_ENABLE_ROLES_PERM_SYSTEM'])) ? $_POST['system_config']['SQ_CONF_ENABLE_ROLES_PERM_SYSTEM'] : $enable_roles_perm_system_setting;
1134  $enable_roles_wf_system_setting = (isset($_POST['system_config']['SQ_CONF_ENABLE_ROLES_WF_SYSTEM'])) ? $_POST['system_config']['SQ_CONF_ENABLE_ROLES_WF_SYSTEM'] : $enable_roles_wf_system_setting;
1135 
1136  $enable_global_roles_setting = (isset($_POST['system_config']['SQ_CONF_ENABLE_GLOBAL_ROLES'])) ? $_POST['system_config']['SQ_CONF_ENABLE_GLOBAL_ROLES'] : $enable_global_roles_setting;
1137  }
1138 
1139  if (($enable_global_roles_setting != SQ_CONF_ENABLE_GLOBAL_ROLES) || ($enable_roles_perm_system_setting != SQ_CONF_ENABLE_ROLES_PERM_SYSTEM) || $enable_roles_wf_system_setting != SQ_CONF_ENABLE_ROLES_WF_SYSTEM) {
1140  $enabled = ($enable_roles_perm_system_setting || $enable_roles_wf_system_setting);
1141  $this->configureRoleTables($enabled, $enable_global_roles_setting);
1142  }
1143 
1144  if(!isset($_POST['system_config']['SQ_CONF_FORCE_SECURE_LOGIN_URLS'])) {
1145  // if not set, it means it should be blanked out
1146  $_POST['system_config']['SQ_CONF_FORCE_SECURE_LOGIN_URLS'] = '';
1147  }
1148  return parent::processBackend($o);
1149 
1150  }//end processBackend()
1151 
1152 
1162  public function configureRoleTables($enable_roles_system=TRUE, $enable_global_roles=TRUE)
1163  {
1164  require_once SQ_LIB_PATH.'/db_install/db_install.inc';
1165  $roles_changed = FALSE;
1166 
1167  $GLOBALS['SQ_SYSTEM']->changeDatabaseConnection('db2');
1168 
1169  $db = MatrixDAL::getDb();
1170  $db_type = MatrixDAL::getDbType();
1171 
1172  /*
1173  * Default behaviour is to retain the standard Matrix Roles View unless modified, in which case we will define a simpler view
1174  * 1. Modify Roles View to remove Global Role associations
1175  * 2. Modify Permissions View to disable the Roles System entirely
1176  */
1177  $create_role_view_sql = $this->_getCommonViewDefinition('views_roles', $db_type, 'sq_vw_ast_role '.((!$enable_global_roles) ? 'Disabled ' : '').'View');
1178  $create_perm_view_sql = $this->_getCommonViewDefinition('views_roles', $db_type, 'sq_vw_ast_perm '.((!$enable_roles_system) ? 'Disabled ' : '').'View');
1179 
1180  // Let's start a transaction for safety
1181  $GLOBALS['SQ_SYSTEM']->doTransaction('BEGIN');
1182 
1183  $drop_success = FALSE;
1184 
1185  // Attempt "DROP VIEW ... IF EXISTS" for PostGres, "DROP VIEW" for Oracle
1186  try {
1187  if ($db_type == 'pgsql') {
1188  // Drop the views first
1189  // If we can't drop or create views accordingly then we'll roll back the transaction in the "catch" block
1190  MatrixDAL::executeSql('DROP VIEW IF EXISTS sq_vw_ast_perm');
1191  MatrixDAL::executeSql('DROP VIEW IF EXISTS sq_vw_ast_role');
1192 
1193  $drop_success = TRUE;
1194  } else if ($db_type == 'oci') {
1195  // find out first if the view exists or else oracle will
1196  // throw warning oci_execute(): ORA-00942: table or view does not exist
1197  $perm_sql = "SELECT VIEW_NAME FROM ALL_VIEWS WHERE VIEW_NAME = 'SQ_VW_AST_PERM'";
1198  $role_sql = "SELECT VIEW_NAME FROM ALL_VIEWS WHERE VIEW_NAME = 'SQ_VW_AST_ROLE'";
1199 
1200  $perm_vw_query = MatrixDAL::preparePdoQuery($perm_sql);
1201  $role_vw_query = MatrixDAL::preparePdoQuery($role_sql);
1202 
1203  $perm_vw_exists = MatrixDAL::executePdoAssoc($perm_vw_query);
1204  $role_vw_exists = MatrixDAL::executePdoAssoc($role_vw_query);
1205 
1206  if (isset($perm_vw_exists['0']['view_name']) && $perm_vw_exists['0']['view_name'] == 'SQ_VW_AST_PERM') {
1207  MatrixDAL::executeSql('DROP VIEW sq_vw_ast_perm');
1208  }
1209 
1210  if (isset($role_vw_exists['0']['view_name']) && $role_vw_exists['0']['view_name'] == 'SQ_VW_AST_ROLE') {
1211  MatrixDAL::executeSql('DROP VIEW sq_vw_ast_role');
1212  }
1213 
1214  $drop_success = TRUE;
1215  }
1216  } catch (Exception $e) {
1217  // Don't let the world know, just keep on keeping on - we'll create the view in a sec
1218  $GLOBALS['SQ_SYSTEM']->doTransaction('ROLLBACK');
1219 
1220  // A new transaction
1221  $GLOBALS['SQ_SYSTEM']->doTransaction('BEGIN');
1222  }
1223 
1224  // If the "DROP VIEW ... IF EXISTS" failed under PostGres, then maybe we are running PostGres 8.1.
1225  // In this case, give it another go
1226  if (!$drop_success && ($db_type == 'pgsql')) {
1227  try {
1228  MatrixDAL::executeSql('DROP VIEW sq_vw_ast_perm');
1229  MatrixDAL::executeSql('DROP VIEW sq_vw_ast_role');
1230 
1231  $drop_success = TRUE;
1232  } catch (Exception $e) {
1233  // Que sera, sera
1234  $GLOBALS['SQ_SYSTEM']->doTransaction('ROLLBACK');
1235 
1236  // A new transaction
1237  $GLOBALS['SQ_SYSTEM']->doTransaction('BEGIN');
1238  }
1239  }
1240 
1241  // Assume that the views have been dropped, so let's re-create them again
1242  try {
1243  // Then create the new views
1244  MatrixDAL::executeSql($create_role_view_sql);
1245  MatrixDAL::executeSql($create_perm_view_sql);
1246 
1247  $roles_changed = TRUE;
1248  } catch (Exception $e) {
1249  $GLOBALS['SQ_SYSTEM']->doTransaction('ROLLBACK');
1250  $GLOBALS['SQ_SYSTEM']->restoreDatabaseConnection();
1251  throw $e;
1252  }
1253 
1254  // All is good, commit the transaction
1255  $GLOBALS['SQ_SYSTEM']->doTransaction('COMMIT');
1256  $GLOBALS['SQ_SYSTEM']->restoreDatabaseConnection();
1257 
1258  // Allow the secondary user to operate (select, update etc.) with the Roles views
1259  grant_secondary_user_perms(FALSE);
1260 
1261  return $roles_changed;
1262 
1263  }//end configureRoleTables()
1264 
1265 
1277  private function _getCommonViewDefinition($relations, $db_type, $display_name, $package=NULL)
1278  {
1279  $sql = NULL;
1280 
1281  if (is_null($package)) {
1282  $subdir = 'install';
1283  } else {
1284  $subdir = 'packages/'.$package;
1285  }
1286  $fns_file = SQ_SYSTEM_ROOT.'/'.$subdir.'/'.$db_type.'_'.$relations.'.xml';
1287 
1288  // if the file does not exist, check to see if there is a common file
1289  // for all database types
1290  if (!file_exists($fns_file)) {
1291  $fns_file = SQ_SYSTEM_ROOT.'/'.$subdir.'/common_'.$relations.'.xml';
1292  }
1293  if (file_exists($fns_file)) {
1294 
1295  try {
1296  // Load stored relations file as SimpleXML
1297  $root = new SimpleXMLElement($fns_file, LIBXML_NOCDATA, TRUE);
1298  } catch (Exception $e) {
1299  throw new Exception('Could not parse stored relations file: '.$e->getMessage());
1300  }
1301 
1302  if ($root->getName() != 'sql') {
1303  throw new Exception('Cannot install stored relations file: expected root element "sql", found "'.$root->getName().'".');
1304  return FALSE;
1305  }
1306 
1307  $display_names = Array();
1308 
1309  foreach ($root->children() as $sql_element) {
1310  $element_name = $sql_element->getName();
1311  if ($sql_element->getName() != 'sql_element') {
1312  throw new Exception('Cannot install stored relations file: expected element "sql_element", found "'.$sql_element->getName().'".');
1313  }
1314 
1315  $display_names[] = isset($sql_element->attributes()->{'display_name'}) ? $sql_element->attributes()->{'display_name'} : '<Unknown Element>';
1316  if ($sql_element->attributes()->{'display_name'} == $display_name) {
1317  $sql = trim(xml_entity_decode((string)$sql_element));
1318  }
1319  }
1320  }
1321 
1322  return $sql;
1323 
1324  }//end _getCommonViewDefinition()
1325 
1326 
1327 }//end class
1328 
1329 ?>