config.pod - documents BSE configuration file options
BSE historically used Constants.pm to keep most configuration information. The plan is to make sure any new configuration is kept in bse.cfg, and to slowly move most configuration information into bse.cfg.
Keeping configuration information in Constants.pm makes it difficult to perform upgrades and makes it impossible to use tools such as mod_perl, at least if you want more than one site on the machine.
bse.cfg is read as a utf-8 encoded file.
Contains URL configuration for the site.
The normal URL for the non-secure parts of the site.
The secure URL for the shop, products and other portions of the site that should use SSL. This isn't checked to make sure it is https.
Used as the site "name" in a few places.
If set, this is used as the base URL for accessing the administrative functions of your site.
Ignored if adminurl is set.
If this is true then secureurl is used as the base URL for
accessing the administrative functions of your site, otherwise url
is used as the base URL. Default: false (url's value is used)
Configure the IP address of one or more front-end proxies. This can
be a regular expression except that . is translated to \. and
* is tranlated to .* to give more glob() like matching.
If the reqesting host matches then admin site URL matching is done against HTTP_X_FORWARDED_SERVER instead of SERVER_NAME.
Default: no front-end server configured.
A secret used (currently) for hashing cookie values passed between the secure and non-secure parts of the site. This must be set. A suitable value can be created with:
openssl rand -base64 32
Contains various file system paths.
This is where the files uploads with the file wizard are stored. It must be writable by the web server user.
Directory containing administrative templates. Note: this is not completely implemented for now, so assume the default. Default: admin directory under $TMPLDIR.
Directory base for most templates. This can contain references like $(section/key) to other configuration entries. Split on the systems PATH separators (run: perl -V:path_sep)
Local Directory base for templates. This is searched before the templates directory. This can contain references like $(section/key) to other configuration entries. Split on the system's PATH separator.
Web server document root. Static pages are generated under this directory. Default: $CONTENTBASE.
Where uploaded images are stored. This is not yet completely implemented. Default: $IMAGEDIR.
Local search path for BSE::Custom, or the class configured by
custom_class in [basic].
The directory where cached versions of scaled thumbnails are stored. Defaults to [paths].images/scaled. This must be in the document tree. If you set this you should also set [uri].scalecache.
Where uploaded siteuser images are stored. This must be set in the config file. The default bse.cfg include an entry to use the current values of [paths].downloads
Pregenerated dynamic article pages are stored here. This must be defined if you site contains any dynamicly generated pages.
The directory to store public BSE::TB::File content in (currently used for application specific files.)
This section is used by the file wizard to map uploaded file extensions to MIME content types. This can be used to extend BSE::FileEditor's internal extension map. It cannot override that map.
The key for each entry is the extension, without the leading '.'.
eg.
xls = application/msexcel
Used for translating symbolic template names into full names under the template directory.
In each case the default is the name with a .tmpl extension.
user logon page
user registration page
Used for translating the names of administration templates into filenames.
In each case the default is the name with a .tmpl extension.
article file wizard
Catalog editor page. Default admin/edit_catalog.tmpl
Article edit pages. Default admin/edit_<number>.tmpl
Step child/parent management page. Default admin/edit_steps.tmpl
Minor html items.
The value of the charset keyword when outputting HTML from a script. Set to the empty string to suppress the charset keyword. Default: iso-8859-1.
If this is a non-zero number, then all but mailto links are redirected
to nuser.pl/redirect so you can display a diclaimer. If this
contained alphabetics it's treated as a comma separated list of url
schemes that should be handled via nuser.pl/redirect. If 0 or not
present, no redirection is done.
The redirect URL includes a hash of the url, title and the redirect salt to prevent using this mechanism by external sites for cookie stealing attacks.
The salt used in generating the has for redirect_links. Default: an empty string.
If non-zero then any HTML output is validated with HTML::Tidy. Validation errors and warnings are sent to the audit log. See [html tidy].
If this is true then the user/group/permissions database is used to control access to the system. Default: False.
If this is true, then the drop-down lists of possible parents on the newsletter edit pages are filtered for access control. Default: False.
If this is true, then the drop-down lists of possible stepparents and stepchildren on the article edit pages are filtered for access control. Default: False.
The prefix applied to articles that use a linkAlias url. This should start with a /.
If this is non-zero then the link is formed by the alias_prefix,
followed by slash (/) separated aliases from the ancestors starting
from the section, followed by the alias_suffix. You may need to
change your redirect handling if you enable this. Default: Off.
If this is non-zero then the title is cleaned up (all but alphanumerics removed) and appended to the alias URL generated.
If true then all articles are treated as dynamic. Default: false.
By default, if the author doesn't use any image tags, BSE will insert
any unnamed article images into the body text of an article. You can
disable this on a per-article basis in the image tool, or disable it
globally by setting auto_images to 0.
An alternative is to set imagePos in [article defaults] to
xx which will default articles to not auto-inserting images.
If true, BSE will cache compiled templates using the configured BSE cache, if any. Depending on the configured cache this may slow things down. Default: disabled.
If true, BSE will cache compiled templates in memory. This may significantly improve performance but may increase memory use. Default: disabled.
If set to zero the results of the thumbimage/gthumbimage body/template tags will not be cached. Default: 1 (caching is enabled).
This overrides the domain value set for cookies. This is useful if you allow the site to run under both example.com and www.example.com, if you set cookie_domain to example.com then a user visiting www.example.com will still have their cookies when they visit example.com.
The expiry time for cookies. This should be in the form supported by CGI.pm for the -expires parameter. Typically you want a plus ('+'), a number, and a time character (s - seconds, m - minutes, h - hours, d - days, M - months). Default: +3h
This overrides the cookie name used to store the session id. Default: sessionid. This is useful when you have 2 sites under the same top-level domain, and helps disambiguate the cookie returned by the browser.
The name of the custom class for your site. This is currently only used for article editing customizations. This class should derive from BSE::CustomBase. Default: BSE::Custom.
This is the default popup image class for the popimage[] and gpopimage[] tags. Default: popup.
If set to 0, dynamic article iterators will no access control filter their results. Default: 1.
If this is non-zero, the default, the session cookie sent to the
browser has the HttpOnly attribute set. This can prevent session
cookie hijacking. Default: 1.
This should be the path to a file to be updated with the list of users
and crypt() versions of their passwords. If this is set then the
security system will check for a user set by the browser before
attempting a form based logon. Default: None.
The name of the file to generate for static articles when the link is
terminated by "/". Default: index.html.
If this is true, then pre-generation for dynamic pages will be delayed until the page is displayed to a user. Default: off.
If this is true then the links to your articles within BSE will be followed by a / and then by a simplified version of the article title. The aim is to include at least some title information in the URL without modifying the name of the HTML file. Default: False.
If this is non-zero, the default, then when the site member logs in, a
javascript visible cookie, userid will be set that contains the
login name of the user. BSE's back-end doesn't use this cookie, its
only use is for Javascript to enable/disable user interface elements.
Default: 1.
Minimum password length in characters. Default: 4.
If non-zero, the default, dynamic responses will include a
Cache-Control: no-cache header. This can be overridden for
articles via , article flags, [template
templatename].no_cache_dynamic and [article].no_cache_dynamic.
Default: 1.
Preload the named template, searching the template search part. Any text that would normally be produced by the preloaded template is ignored. This can be useful for common definitions and variables for use in many templates. Default: none.
Device to read random data from. This device should not block when it runs out of entropy.
If true then page.pl will 301 redirect (Moved Permanently) requests for an article by its id to the generated link if the article has a link alias. Default: false. Must only be used with use_alias true.
If this is non-zero then the session cookie sent to the browser has
the Secure attribute set. This means that the cookie will only be
visible over https. This is only useful when the only URL the site is
visited over is a https URL. Default: 0.
Set this to non-zero to enable authentication via server authentication (usually Basic Authentication.) You should normally set this if you set htusers below. Default: 0 (disabled)
If this is true then the encrypted messages containing the customer's credit card number are sent to the shop owner signed. To avoid keeping a passphrase and signing key on the server you can set this to false (0). This has the effect that anyone could send you an unsigned message encrypted with your public key, though this may not be a security threat. Default: True.
If true, the ifAjax and ajax tags will be active for static pages.
If true and cache_thumbnails is true then thumbnails for the thumbnail
cache will be generated when a static page is regenerated, and the
link from the page will link to the image in the cache rather than to
thumb.pl. Default: 1 (static thumbnails enabled).
If this is non-zero, and a cache is configured (see [cache]), file uploads are tracked in entries in the cache.
The fileprogress.pl script can be called by Ajax to display file upload progress information to the user. The upload state is updated a maximum of once a second.
If this is non-zero then an article with linkAlias set will use an alias url instead of the "real" url. You will need to configure a RewriteRule or ErrorDocument to page.pl to direct the user to the correct URL. Default: 1.
Some obsolete tags will warn to stderr if this is non-zero. Default: don't warn.
This section controls how BSE sends email.
The host or IP address of your mail server. If this is not set
sendmail will be used instead. If this is set you must also set
helo.
The name that BSE uses to identify itself when sending mail via SMTP. Required if smtp_server is set.
The path to the sendmail binary. Default: /usr/lib/sendmail
The options supplied to sendmail. Default: -t -oi
You may want to add the -odq option to this if you want mail queued rather than sent immediately.
If true, we add an Errors-To header set to the same as the From header. Default: true.
If non-zero then emails sent via the compose mail system that aren't being sent to a member record, will be sent as HTML, if the HTML template is available.
If this is style (the default) then use CSS::Inliner to attempt to
inline CSS in mail if the text "<style" is found in the generated
HTML.
If this is force then we always attempt to inline CSS.
If this is any other value then don't inline CSS.
A comma separated list of flags to supply to CSS::Inliner->new().
Reasonable flags are strip_attrs to strip id and class
attributes, and leave_style to leave the HTML style block in place.
Default: no flags.
If this is true and CSS inlining fails, log an error to the audit log. This is intended for use in debugging and should be disabled in production. Default: false (disabled)
Where id is the identifier for an article.
the name of the default template for children of the given parent
a comma-separated list of extra directories under $TMPLDIR to search for templates that can be used for children of the given parent article.
Where id is the identifier of an article.
A comma-separated list of extra directories under $TMPLDIR to search for templates that can be used for children of the given parent article.
A comma-separated list of extra templates under $TMPLDIR that can be used for the given article.
The default template for this level of article, assuming it hasn't been set in the [children of article id] section.
A comma-separated list of extra directories under $TMPLDIR to search for templates that can be used for articles at the given level.
The default template for catalogs.
The default template for products.
A comma separated list of extra templates that can be used for products.
This can be used to control translation of error messages. Each key has a prefix identifying the module that uses the error, followed by '/' followed by a specific identifier for the message.
Message parameters, expressed as $digit, are replaced with the
parameters passed to the message. $$ is replaced with $.
Each message identifier below is documented with the id, when it occurs, the default message, and any parameters.
the user attempted to logon without entering a logon name. Default: "Please enter a logon name". No parameters.
the user attempted to logon without entering a password. Default: "Please enter your password." No parameters.
the user's logon name or password was not found or did not match. Default: "Invalid user or password". No parameters.
the user attempted to logoff while not logged on. Default: "You aren't logged on". No parameters.
the user entered a new password on the options page without entering their old password. Default: "You need to enter your old password to change your password". No parameters.
Displayed if the user attempts to checkout when [shop].require_logon is true.
if non-zero, the order must be marked as paid for before the file can be downloaded.
if non-zero the order must be marked as filled before the files can be downloaded.
if non-zero the user must be registered/logged on to download any file.
if non-zero, downloads of userfiles will be logged. Default: 0
the maximum age of entries in the user file download log, in days. Default: 30.
Control over confirmation emails.
The subject of email confirmation emails. Default: Subcription Confirmation.
The from field for the email. Default: $SHOP_FROM
Control over subscription messages.
The from field for the email. Default: $SHOP_FROM.
Default for the "Test Name" field for sending test subscription messages.
Default for the "Test Email" field for sending test subscription messages.
Set to 1 if you want the "Test Text Only" box checked by default for sending test subscription messages.
Set to 0 to disable display of the test subscription messages portions of the subscriptions send form.
Set to format links as they appear in the text version of emails.
$1 is replaced with the title, $2 with the URL and $3 with
the index. $$ is replaced with '$'. Default: $1 [$3]
Set to format links as they appear at the footer of the body text. If
this is set to the empty string then no list appears. $1, $2,
$3, $$ are replaced as for text_link_inline and $n is
replaced with newline. Default: [$3] $2
A line of text produced above the list of URLs if there is one.
Default: -----. $n in this is replaced with newlines.
For example, if the configuration is:
text_link_inline="$1" ($3) text_link_list_prefix=$n$n------- text_link_list=($3) "$1"$n => $2
and the body text is:
doclink[3] link[http://www.example.com/|Example]
the result will be:
"The Shop" (1)
"Example" (2)
-------
(1) "The Shop"
=> http://www.yoursite.com/shop/index.html
(2) "Example"
=> http://www.example.com/
If this is true then partial matches will be highlight in search result excerpts. Default: True
If this is true then resulting articles that can't be accessed by the user are listed in the search results. Default: false.
The default regular expression used to match words in text during indexing. Default: \w+
The field specific word match regular expression for the built-in
search indexer. Default: the value of wordre.
Module used to build the search index. Default: BSE::Index::BSE.
For BSE::Index::BSE, the optimization priority. The default of
speed builds the index in memory and is very fast, but can consume
a lot of memory. Otherwise, set this to memory to reduce memory
usage.
memory priority index building requires that the DBM::Deep
module be installed.
Articles with a higher level than this are indexed as their ancestor.
Default: $SEARCH_LEVEL which defaults to 5.
Sets the prefix and suffix used for highlighting matches for different fields.
These are used by the highlight_result, excerpt, pageTitle, author, keywords and matchFile tags.
Each field has a prefix and suffix entry. The key is fieldname_prefix or fieldname_suffix. For file fields this is file_fieldname_prefix and file_fieldname_suffix.
The default prefix is <b>. The default suffix is </b>.
For example you can do:
[search highlight] body_prefix=<span class="searchfound"> body_suffix=</span>
Used by some templates to check if the shop is enabled. Set this to 1 to enable the shop, or 0 to disable it.
If this is false then shop articles will not use the secureurl as their baseurl. Default: True
If true the customer is required to register before checkout if there are any for sale files attached to products in the cart. Default: True
If true the customer is required to be logged on before checkout, whether or not for sale files are attached to products in the cart. Default: False.
A comma-separated list of acceptable payment types. Default: 0
The possible payment types are:
0 - the user enters a credit card number, name and expiry date
1 - the customer will send a cheque
2 - contact customer for details
4 - paypal - see paypal.pod
Other types can be added by adding entries to the [payment type names] and [payment type descs] sections.
These are used by various shop templates to present an address that a cheque payment should be sent to.
From email address for emails sent by the shop. Overides $SHOP_FROM in Constants.pm
To name for emailed orders sent by the shop. Overrides $SHOP_TO_NAME in Constants.pm
To email for emailed orders sent by the shop. Overrides $SHOP_TO_EMAIL in Constants.pm
BCC email address for order confirmation emails sent to the customer. Default: No bcc.
If this is true then orders sent to you by the shop will not be
encrypted. Enabling this disabled acceptance of credit card orders,
and the default for payment_types will become 1 instead or 0.
Please realize that other potentially commercially sensitive information is being sent in the clear to a central location, unencrypted.
If true, then the order is email to to_email, possibly with credit card information included. Default: $SHOP_EMAIL_ORDER.
Used to translate the stored order field name into a presentation name suitable for error messages.
The name of a class to load to process credit card transactions online.
Currently this can be either DevHelp::Payments::Test or DevHelp::Payments::Inpho.
Name of the encryption module to use. Default: $SHOP_CRYPTO.
Id of the key to sign the order email with. If this is non-empty then the email is signed even if [basic].sign is false. Default: $SHOP_SIGNING_ID.
Path to the GnuPG program. Default: $SHOP_GPG
Passphrase of the key used to sign the email. Default: $SHOP_PASSPHRASE.
If true, request the card type when requesting credit card information. Default: False.
Maximum number of entries in the cart. This limits the number of distinct products (with options) in the cart, not the total quantities. Default: Unlimited.
The shop currency as a 3-letter currency code. Default: AUD. Currencies other than "AUD" aren't supported by most of the system.
Set to non-zero if you're using country codes in the order country field. If this is set then the delivCountry is supplied as is to various parts of the system, otherwise it is translated from a country name to a country code. Default: 0.
A comma separated list of extra fields to require during checkout. This is in addition to the usual fields required during checkout. Default: none.
If true, and the need_delivery CGI parameter is true, treat the
following delivery fields as required during checkout: delivFirstName,
delivLastName, delivStreet, delivSuburb, delivPostCode and delivCountry.
Default: true.
If require_delivery is true, and the need_delivery CGI parameter
is true, add the comma separated fields listed here to the required
checkout fields list. Default: none.
A space-separated list of modules under Courier::, e.g. "Fastway::Road AustraliaPost::Air". These will be made available as shipping methods on the checkout page.
If true then a default "Quote shipping charges later" shipping method will be added to the shipping methods list.
The post code from which products are shipped.
The name of the Fastway franchisee used to ship products from the sourcepostcode.
The Fastway franchisee code for the customer, if any.
This section can contain extra order validation information, including specifying required fields, display names and extra validation rules.
The maximum length of the article title field. Default: 255. Should not be set higher than this unless you change the database schema.
Controls the interest.pl script.
Email address that is notified of the interest. Defaults to $SHOP_FROM.
Used for debugging.
When a user logs on, and the site url is different to the secure url BSE attempts to refresh to the other "side" of the site to set the same cookie.
BSE does some simple comparisons to attempt to determine whether the logon form was triggered on the secure side of the site (possibly from the shop) or on the insecure side. Since CGI doesn't necessarily give us all the information required, it's possible it will guess wrong.
Setting this option to 1 will enable debugging information sent to standard error, which will be sent to the error log on Apache. This probably isn't useful on IIS.
Reports errors to STDERR (hence to the error log on Apache) if there is a problem deleting the actual file when an attached file is removed.
Reports debugging information to standard error while encrypting your mail.
Reports cookies received from the browser and sent to the browser to STDERR (hence to the error log on Apache.)
If nonzero the session hash is dumped to STDERR after it is retrived from the database.
If non-zero then subscription expiry date calculations are dumped to STDERR.
If non-zero then information about jit_dynamic_regen is sent to STDERR.
If non-zero then the ifUserCan tag will output some trace information to STDERR.
Enables some trace messages from tags that return an ENOIMPL exception. This can be useful for tracking down why a tag isn't being replaced. This will produce a lot of output during page regeneration.
Contains various URIs.
This is underused, so don't rely on it yet.
The URI to the CGI directory. Default: /cgi-bin
The URI where images included with BSE can be found.
This includes images such as trans_pixel.gif and admin/error.gif.
Default: /images
The URI where managed images are kept which should correspond to
images in [paths].
Default: /images (from $Constants::IMAGES_URI)
The URL to the directory represented by scalecache. Defaults to [uri].images/scaled.
The URL to the directory configured as [paths].public_files.
This will provide translations from symbolic names to article ids.
Currently this is used for converting article ids in the access control code, and for looking up the id of the shop.
If the user supplies a template name to printable.pl then you can use a different content type by adding an entry to this section. The key is the template name, and the value is the full content type.
This section is used when generating the search index to override the default scores for each field in the articles.
The default scores are:
Field Score Notes ----- ----- ----- title 5 body 3 keyword 4 pageTitle 5 author 4 summary 0 description 0 Products only product_code 0 Products only file_displayName 2 displayName for files file_description 2 description for files file_notes 1 notes for files
Flags that can be set for articles, products and catalogs respectively. Note that flags for articles are also visible in products and catalogs.
All flag Ids are single letters or digits. Uppercase letters are reserved for use by BSE internally, leaving lower-case letters and digits for your own use.
Use the id of the flag as the key, and a description of the flag as it's value.
Each key is an article id, the values are base URIs to store the HTML form of those articles and their children under.
The keys are ids of articles that shouldn't have their link field overwritten. The value should be a true value, but is otherwise ignored.
The recipient for the data dump email sent by datadump.pl. Default: $DATA_EMAIL.
the From for the data dump email sent by datadump.pl. Default: $SHOP_FROM.
Configuration for site users.
If this is set to true then no passwords are required during registration, a confirmation email is sent immediately upon registration and that confirmation email contains a link the user can use to manage their details.
This option has some security concerns since it can leave links to the user's information in the browser history. This option is not recommended.
You cannot use this to control access to the shop.
Set these to true to require the corresponding field during registration, and to keep it required after modification. Default: false.
If you enable any of these, you should enable info_on_register as
well, or modify the registration template to include the given fields.
Controls how the given field is displayed in error messages. If you change the field names on the registration and/or options forms you should probably change them here too. Default: internal field name with the first character converted to upper-case.
If this is set then the user info is prompted for during user registration. The information still isn't required unless the appropriate require_field option is set. Default: false.
The default URL to refresh to on completing registration if no r parameter is supplied.
If this is set then the subcription checkboxes are all checked on registration by default. Default: false.
The user will only receive the subscriptions if they leave them checked and follow the link in the confirmation email.
Where id is the number identifying a subscription. If this is set then the subscription checkbox for that subscription will be checked by default on the registration form. Default: false.
The user will only receive the subscriptions if they leave it checked and follow the link in the confirmation email.
You can get the id of a subcription by looking at the Edit link on the subscriptions management page, the number after "id=" is the id.
If set to zero then user billing options will be managed on a separate page. This is controlled by the user/options_base.tmpl template.
If set to zero then users cannot register themselves. Default: true, allowing users to register themselves.
If true then an email is sent when a new user registers on your site. The email address sent to is the first set of [site users].notify_register_email, [shop].from or $SHOP_FROM from Constants.pm
No email is sent if a new user is created from the administration user interface.
See also: notify_register_email, notify_register_subject.
The email to sent the registration notification too. See notify_register above.
The subject of the notification email sent when a new user registers. Any {field} is replaced with the given field from the registered user. See notify_register above.
Default: New user {userId} registered
If non-zero then email id notify_register_customer will be sent to
new user on registration. By default this uses template
user/email_register, subject "Thank you for registering" which can be
overridden in [email notify_register_customer] or via the
set_subject tag.
If non-zero then the behaviour described for
notify_register_customer will take place when a new member is added
by an administrator. Defaults to the value of
notify_register_customer.
This section and [payment type descs] are used to configure new paymeny type ids.
The key is the integer representing the payment type. The value is the name used in tags for checking the payment type.
You can also add a description (currently unused) to [payment type descs].
You should use numbers starting from 10 to avoid conflicts with future BSE payment types.
See [payment type names].
Set the key given by the payment type id to a value of a comma-separated list of fields required for that payment type.
This type of configuration section is used to set values for a style
of help icon. Only the template and prefix values are used
directly by the code, the others are used by the default helpicon
templates.
The URI to the help files for this style. Default: /help/ in style "user", /admin/help/ in style "admin".
The template used to produce the icon. Default: helpicon in style user, admin/helpicon in style "admin".
URI to the help icon image. Default: /images/admin/help.gif
The width of the help icon image. Default: 16
The height of the help icon image. Default: 16
If you just want to change the help icon image for user help icons you might do:
[help style user] icon=/images/help.gif
A semi-colon (;) separated list of referer domains that are allowed to
link to the a_set target of the affiliate.pl manpage.
If the user's browser supplies a referer header then it will be checked against this list.
If this is set then the a_set target of the affiliate.pl manpage will
require that the user's browser supply a Referer header.
If no r parameter is supplied to the a_set target of
the affiliate.pl manpage then this is used as the default refresh.
Default: the site base url.
This is either the numeric or text of a subscription for which the affiliate must have an active subscription.
A single letter flag which the site administrator must set for the affiliate page to be displayed for the given member.
If this is set then affiliate.pl will set the named cookie to the affiliate id.
This is a comma-separated list of other cookies that should be set by the a_set target. The values for the cookies should be passed to the a_set target. For example with:
[affiliate] other_cookies=alpha,beta
if the url:
http://your.site.com/cgi-bin/affiliate.pl?a_set=1&id=someid&alpha=1&beta=2&gamme=3
is accessed, then the cookie alpha is set to "1", beta is set to "2". The cookie gamma will not be set since it's not listed.
Used as the link base URL for the afflink.tmpl side bar template when an affiliate id is set. Default: example.com
Used at the text of the link for the afflink.tmpl side bar template when an affiliate id is set. Default: Your Site.
Used as the link URL for the afflink.tmpl side bar template when an affiliate id is not set. Default: example.com
Used as the text of the link for the afflink.tmpl side bar template when an affiliate id is not set. Default: Our site
Each key is the id of a member image, with a corresponding [BSE Siteuser Image image_id] section. The values are ignored.
Provides information about a single member image "template".
Short description on the image, like "Logo". Used in error messages.
Longer description of the image. Accessible with the member_image tag.
The minimum and maximum dimensions of the image.
Error messages displayed in the when the image is outside the configured dimensions.
Default error messages for the above.
Maximum storage the image can use in bytes. Default: 1000000.
Error message displayed if the image uses too much storage.
Various editor settings.
If this is non-zero the system will attempt to load the configured thumbnail class, and put thumbnail images on the image manager page rather than full-size images. Default: off
The name of a perl class that implement's BSE's thumbnail API. At this point the only class that implements that is BSE::Thumb::Imager, supplied with BSE. Default: None
URI to the default thumbnail image. This is presented when the runtime production of a thumbnail image fails.
Dimensions of the default thumbnail image.
Alt text for the default thumbnail image.
If this is true then BSE will check the value of the lastModified parameter passed against the value in the article. If these don't match the article isn't saved and is redisplayed with an error message. This provides simple protection against one user saving changes over those made by another.
Default values for the thumbimage tag.
Each value is used as the relative or absolute name of a file or directory to load more configuration data from.
The keywords must remain unique.
Only the [includes] section from bse.cfg itself is used to locate more configuration data.
If the value references a directory, all files with an extension of
.cfg are read for configuration data.
The order the files are read (which later files overriding older files) is:
bse.cfg is read
the entries in [includes] are sorted alphabetically (or rather asciily), so an entry with key "A" is read before one with key "B", one with key "01" is read before "02", but key "10" would be read before key "2".
if an entry is a file then that is read and the values merged.
if an entry is a directory, then that is scanned and the files found read alphabetically as above.
This is used to configure the error icon displayed next to fields that fail validation.
URI to the image file.
The width and height of the error icon image.
Flags that can be set for site users.
All flag Ids are single letters or digits. Uppercase letters are reserved for use by BSE internally, leaving lower-case letters and digits for your own use.
Use the id of the flag as the key, and a description of the flag as it's value.
These sections contain defaults values for the corresponding article types.
Each key is the name of a column for the article type.
If an entry is not found in [catalog defaults] then [article defaults] is also checked.
If an entry is not found in [product defaults] then [article defaults] is also checked.
These sections are checked after the [children of id] and
[level level] sections.
These defaults are used when creating an article where no value is supplied, they can also be accessed via the <:default name:> tag.
Contains criteriaindex entries starting from criteria1, then
criteria2, etc.
Each entry consists of a filter class name, followed by a ; followed by data passed to that filter.
; user the original SQL based filter, configured from ; section [foo] criteria1=BSE::NLFilter::SQL;foo
See the documentation for each filter to configure the filters.
The key of each entry is the numeric identifier of a query group, the values are the name of the query group. For example:
[query groups] 1=some name
[query group some name] sql=select id from bse_siteusers where id = ? and name1 like '%some%'
Each entry also has a corresponding [Query Group name] section.
This section corresponds to an entry in [Query Groups].
This is an SQL statement. One placeholder is required and is passed the siteuser id (primary key) of the user to be checked. If this query returns any rows then the user is considered part of the group.
Each key is a template name, the value is the content type to be used when displaying the template dynamically.
Each key is a template name, the value is a description used in the template dropdown for that template.
This section defines CSS class names for BSE's body text link tags. The key is the tag name, the value is the CSS class to be used.
By default the class used is the same as the name of the tag, but you can switch this off by adding an entry setting the class to the empty string, for example:
; no class attribute for any of the links [body class] link= poplink= doclink= popdoclink=
You can set p here too to set the class for paragraphs generated as body text. By default no class is set.
Controls the behaviour of the window displayed by the popimage[] body text tag. If the Javascript for this has been customized then this may not apply.
Extra width and height for the window beyond the size of the image. Default: no extra width or height.
If set to non-zero popimage[] will attempt to centre the popup within the current window. Default: 0.
This is used to configure the DevHelp::Payments::Inpho module.
If this is set then the test parameters are used instead of the product values.
The URL to process requests through.
Inpho supplied user name.
Inpho supplied password.
The URL to process test requests through.
The user to supply to test requests.
The password to supply to test requests.
This section controls whether some custom class methods are called:
If this is non-zero then siteuser_saveopts is called.
Where level is the article level at which the defined menu options will be available. Configure each menu value and description as key and value.
For example:
[level1 menus] 0=Default 1=Sidebar 2=Footer
To create a menus using such values, use the "allkids_of" iterator "filter" option.
For example:
<:iterator begin allkids_of -1 filter: [menu] == 2 :>
Enable the "titleAlias" article field and set which level it will be available.
Where level is the article "level" for which the "titleAlias" field should be enabled. To enable set the value to non-zero.
For example:
[title alias] level1=1
The "titleAlias" can be used as an alternate "short" title for the given article, especially useful for space critical iterated menus. A template conditional can be used to display the "titleAlias" in place of the article "title" when appropriate.
Each key represents a geometry identifier for use by the thumbimage[], gthumbimage[] body text tags and the <:thumbimage ...:>, <:gthumbimage ...:>, <:dthumbimage ...:> template tags.
The key is the geometry identifier, the value is the geometry string as follows.
The geometry string consists of:
dimensions
crop flag - if present
optional fill
The dimensions can be in any of the following forms:
<width>x<height> - the desired maximum width and height. eg 200x150
<width>x - the desired width, with the height calculated proportionally based on the source image size
x<height> - the designed height, with the width calculated proportionally based on the source image size.
<size> - the desired maximum size in both directions. so "200" is equivalent to "200x200"
The crop flag is a single letter "c", if present then the image should be scaled so the smaller dimension matches the requested size, and the longer dimension will be cropped to fit.
The fill if present is: fill(color) where color is a color recognized by the underlying graphics implementation. This should be at least hex web colors without the #, eg fill(FF0000) will fill with red.
Each key represents a geometry identifier for use by the thumbimage[], gthumbimage[] body text tags and the <:thumbimage ...:>, <:gthumbimage ...:>, <:dthumbimage ...:> template tags.
The value is used as the class for the generated img tag.
Each value represents a handler or script name for the <:dyntarget script target ...:> tag.
Each key has a TARGET version and a no-TARGET version, with the key
suffixed with _n.
The default nuser target is /cgi-bin/nuser.pl/user/TARGET. The
default no-target nuser is /cgi-bin/nuser.pl/user.
For other targets the default is
/cgi-bin/script.pl?a_TARGET=1 and
/cgi-bin/script.pl.
The string TARGET is replaced with the target specified in the
dyntarget tag.
This, along with dyntarget is intended to allow a more "Web 2.0" type of access to BSE. eg. you might set:
[targets] shop=/xshop/TARGET shop_x=/xshop/
and have a rewrite rule:
RewriteRule ^/xshop/(.*)$ /cgi-bin/nuser.pl/shop/$1 [PT]
This defines the settings for a class of images generated by the
popimage[] and gpopimage[] body text markup tags. For example, the
settings for popimage[imageid|foo] can be found in section
[popimage class foo].
The html generated for this class. Tags of the form
{identifier} are replaced, where identifier can be
inline_ or outline_ followed by an image field name, for example
inline_src is the URL to the inline image.
Default: <a href="{outline_src}" rel="lightbox[id]" target="_blank"><img src="{inline_src}" alt="{inline_alt}" width="{inline_width}" height="{inline_height}" border="0" /></a>
The default may be tuned as needed.
The inline image geometry. Default: editor (the value used for thumbnails on the admin side)
The outline image geometry. If no value is supplied then the original image values are used.
Each key is the identifier of a file that can be attached to BSE::ComposeMail emails. The value is comma separated filename, content type, inline status.
The files are searched for through the template search mechanism, so the filename can be relative to either the master or local templates directories.
If the content type is not supplied, if the filename end in gif, png or jpg the appropriate content type is used, otherwise application/octet-stream.
If the inline status is not supplied then images are considered inline, and other files arent.
Each key represents a message id from attempts to checkout. Except the all key which covers all cases.
If the all key or the message id key is non-zero then the checkout
page will redirect to registration instead of login if the cart or
configuration requires that the user be logged in.
Settings for articles based on a particular template.
Controls whether a cache-control: no-cache header will be produced. Can be overridden with the A and B article flags. If not set the value of [article].no_cache_dynamic is used.
Global settings for articles.
Controls whether a cache-control: no-cache header will be produced. Can be overridden with the A and B article flags or [template template-name].no_cache_dynamic. If not set the value of [basic].no_cache_dynamic is used.
For the <:recaptcha:> tag currently only used for fmail.pl.
The public and private key you receive when you register with reCAPTCHA.
Replace the error message for the given error_code where error_code is the reCAPTCHA error code (eg. "incorrect-captcha-sol") with dash replaced by underscore.
eg.
error_incorrect_captch_sol=VERY BAD INPUT
Each key represents an item of metadata for files attached to articles.
The values are ignored.
For each key, extra information is defined in the [file metadata name] section.
Definition for the file metadata item name.
title - descriptive name of the metadata. Defaults to name.
rules - validation rules, separated by ;. Custom rules can be defined in [file metadata validation].
ro - if non-zero the metadata cannot be modified directly by the admin (applications can still generate it). Default: writable.
type - the data type of the metadata, any of string, text, enum, integer, real, image. If this is enum values must be defined and labels should be. Default: string.
The types are:
string - single line of text
text - one or more lines of text
integer - whole number
real - number with decimal points
enum - select from a list of possible values.
image - image file.
values - semi-colon separated list of values for this metadata.
labels - semi-colon separated list of labels for the values
help - help html to display for the metadata
data_name - (images only) the key to use to store the image data. Default: name_data.
width_name - (images only) the key to use to store the image width. Default: name_width.
height_name - (images only) the key to use to store the image height. Default: name_height.
cond - a perl expression indicating whether the metadata should be prompted for, for this file. $file is the file object. Default: 1.
unit - text displayed after the entry box for the metadata. Default: empty. Useful for including a unit ("pixels") or format help ("hh:mm").
Controls the processing of the bse_session_clean.pl script.
days - the minimum age in days of sessions to be removed. Default: 30.
per - the number of records to remove per SQL delete request. Default: 1000.
count - the number of SQL delete requests to perform, maximum. Default: 1000.
optimize - whether to perform a table optimization after deleting records. Default: 1 (set to 0 to skip optimization)
Controls the bse_nightly.pl script.
jobs - a comma separated list of BSE background processes to run when bse_nightly.pl is run. Default: bse_session_clean
other keys - each key is a sort key, and the value is a single background task name. This allows add-ons to setup extra tasks without overwriting each other. The sugessted key format is:
99 - two digit priority - 00 is executed first, 99 last package-name - name of package the task is for unique - extra text to make the key unique, if necessary
Parameters controlling where cached information - eg. file upload progress is stored.
class - the BSE::Cache compatible cache class. See the documentation of BSE::Cache::Cache, BSE::Cache::CHI or BSE::Cache::Memcached.
Database connection parameters. These override the settings in Constants.pm which are deprecated.
dsn - the DBI dsn used to connect to the database. Default: $Constants::DSN.
user - the logon to the database. Default: $Constants::UN
password - the password for the user. Default: $Constants::PW.
dbopts - a perl expression that should evaluate to a hash reference. Default: $Constants::DBOPTs, or an empty hashref.
class - the database wrapper class to use. Default: BSE::DB::Mysql. No other values are currently supported.
Defines extra configuration to be returned from the BSE system configuration.
Each key is the keyword in the returned JSON object. If the key already exists it is not overwritten.
Each value is the name of a section in the BSE configuration. The strings "{level}", "{generator}", "{parentid}", "{template}" are replaced with their values from the article that config is being requested for.
So:
[extra a_config]
menu=level{level} menu
[level1 menu] alpha=One beta=Two
will include:
menu: { alpha: "One", beta: "Two" }
in the returned configuration
This section maps BSE's default cookie names to alternate names. This can be useful if you have two BSE sites under the same domain and need to ensure they use different cookies.
eg.
[cookie names] userid=altuserid
Each key identifies an update specification for userupdate.pl, the value is a description of the specification.
See [siteuser update specid] for the rest of the import specification.
Currently contains only a single key:
fields - a semi-colon separated list of fields to import. Must
contain one of id or userId which is used as a key to identify
the user to update. An x entry is a field to ignore. Some fields,
such as confirmed may not appear in this list.
Configuration for BSE's PayPal integration.
It shouldn't be necessary to change any of the URLs.
test - if true, then the PayPal sandbox is used, and the configuration
entries starting in test_ are used. If false, PayPal is live, and
configuration entries starting in live_ are used. Default: 1.
test_api_username, test_api_password, test_api_signature - API credentials for test mode. Required in test mode.
live_api_username, live_api_password, live_api_signature - API credentials for live mode. Required for live mode.
test_ws_url - URL to make NVP requests through in test mode. Default: https://api-3t.sandbox.paypal.com/nvp
test_refresh_url - PayPal URL to refresh to in test mode. Default: https://www.sandbox.paypal.com/webscr
live_ws_url - URL to make NVP requests through in live mode. Default: https://api-3t.paypal.com/nvp
live_refresh_url - PayPal URL to refresh to in live mode. Default: https://www.paypal.com/cgibin/webscr
Extra parameters supplied to the SetExpressCheckout API. See the Express Checkout Advanced Features Guide (from PayPal) for details.
Some settings that may be useful:
PAGESTYLE - the style of payment page to use from those listed in your account profile.
HDRIMG - https URL to an image to use in the payment page header.
HDRBACKCOLOR - a 6 hex digit color to use as the background of the payment page header.
HDRBORDERCOLOR - a 6 hex digit color to use as the border of the payment page header.
mail - if non-zero any emails sent through BSE::ComposeMail are logged in the audit log. Default: 0.
mail_max_dump - if non-zero this is the size limit of the dump stored in the audit log when [audit log].mail is enabled.
Most commonly [audit log bse]. Controls whether given events or
families of events are logged.
The key is one of:
:module:module:functionwith the longer keys overriding the shorter keys, and defaulting to all actions being logged.
This enables sent when an event is logged in the audit log. Warning: for common events this will result in large amounts of email.
to - the email address to send the email to
emerg, alert, crit, error, warning, notice, info, debug - if present
and true then events at these levels result in an email. If the value
contains an @ then the value is used as the recipient address.
facility-component
facility-component-module
facility-component-module-function
Controls sending an email for specific events or families of events.
If the value is true, send an email for that event. If the value
contains an @ then the value is used as the recipient address.
with the longer keys overriding the shorter keys, and defaulting to all actions being logged.
Contains options to pass to HTML::Tidy. Anything not listed below is passed directly to HTML::Tidy->new.
ignore_types - types of message to ignore separated by commas, any, all or none of info, warning, error.
ignore_text_key - messages to ignore, key is not used, just the value.
Controls emails sent via cgi-bin/admin/sendemail.pl.
template - plain text template
html_template - HTML template (defaults to the value of template
followed by _html
subject - subject of the email, can be overridden with the
set_subject tag.
from - from email address, defaults to the shop from address
from_name - from name
allow_html - controls whether HTML is allowed. By default this is based on the user's settings.
daily_limit - the number of recovery attempts permitted per day. Default: 3.
age_limit - the id included in the email is valid for this many days. Default: 7.
For formatted text, this is a list of URL prefixes to replace.
The key is a sort key, replacements are checked in alphabetical order.
The value is the original prefix, followed by ";", followed by the replacement.
Replacement is performed case-insenitively. Regexp metacharacters
ids - a comma separated list of category ids. There are (currently) no restrictions on the contents of these ids, but alphanumerics are recommended to simplify templates.
id - a description for a particular category id. Overridden by the
name key in [article category id]. Default: ucfirst of
the id.
name - name of the article category.
Other keys may be used as desired, eg. to make it simpler to configure article behaviour based on the category.
This section can be used to add new menu items to the menu displayed on article edit pages.
The keys are used for sorting only.
The value is comma-separated:
target script name
target identifier, to be set to 1 on making a request to the script.
the label for the item in the menu.
eg.
sample,a_foo,Sample Item
will generate a link like:
<a href="/cgi-bin/admin/sample.pl?id=10&a_foo=1">Sample Item</a>
where 10 is the id of the article being edited.
Keys with a prefix of bse_ are reserved for BSE internal use.
Keys are the ids of articles that may not be deleted.
This applies if the value of the entry is a true perl value.
[undeletable articles] 1=home page 2=more home page ; article 3 is deletable 3=
Configures extra shipping methods only selectable from the order detail page.
Entries are sorted by value.
If the value contains a comma the text up to the comma is removed and the remains used as the label, otherwise the key is used as the label.
These can be used to define article, product and catalog custom fields respectively, in a similar manner to the formmail manpage.
The field names are predefined, customDate1, customDate2,
customInt1, customInt2, customInt3, customInt4,
customStr1 and customStr2, but are only active if a description
is defined for the field:
[article custom fields] customInt1_description=Stock Level
Tony Cook <tony@develop-help.com>