mirror of
https://github.com/wavelog/wavelog.git
synced 2026-03-22 10:24:14 +00:00
c70c2ec5cd
* feat[clubstations]: New DB structure
* feat[clubstations]: Add clubstationstable in user managment
* feat[clubstations]: Show last operator
* feat[clubstations]: Better solution for last operator. tnx for the hint @int2001
* feat[clubstations]: New Club Model and Controller
* feat[clubstations]: Add "Add User" and "Edit User" functionality
* docs[clubstations]: move comment
* feat[clubstations]: Add "Delete Member" functionality
* feat[clubstations]: some enhancements and javascript
* fix[clubstations]: Wrong message class for flashmessages
* feat[clubstations]: Added Switch in the Header menu (not functional yet)
* feat[clubstations]: clubswitch modal
* fix[clubstations]: Load encryption library if not already loaded
* fix[clubstations]: Prevent direct login attempts to clubstations and enhance impersonation authorization
* fix[clubstations]: Typo
* feat[clubstations]: Only show the operator dialog if there is something fishy
* fix[user]: little UI bug
* feat[impersonate]: Add source uid to session data
* fix[impersonate]: logic adjustment
* feat[clubstations]: Add manage button in header menu for club officers
* fix[clubstations]: typo in permission level check
* fix[clubstations]: Full rights for the admin
* feat[impersonate]: Custom sessiondata
* feat[impersonate]: Implement stop impersonation feature with modal confirmation; "the way back"
* fix(modal): Fix bug where modal was hidden when mouse leaved the browser content
* docs(config): Adjust config description for special callsigns and clubstations
* feat(club): Add club access check helper
* typo
* fix[impersonation]: Better text
* feat(club): Selectize for a efficient user search
* feat(clubstations): Restrict clubstations based on users permission level part 1/x
* adjustments for dev merge
* Adjusted club right for the advanced logbook
* feat[user]: Refactoring of the Action Buttons in the user table
* fix[club_permissions]: normal button instead small one for club permissions
* remove unnecessary line break in modal body
* feat[clubstations]: Add Club Mode badge to the header
* fix[clubstations]: fix maintenance mode
* allow switch back on http
* feat(simplefle): display operator input based on club_access
* small UI adjustments
* small UI adjustments
* moved api page to a index.php file and added support for clubstations
* removed unused stuff
* typo
* radios and api keys
* missed one binding
* fix qso view, even officers do just see their own radios in QSO logging
* omit the need for a relogin to see the changes as an admin
* Omit the need for relogin after club changes in general. It's a question of UX. It's better to accept a little higher DB load (if clubstations are enabled) then the need of an user to relogin. There is some room for improvement by changing user_model->get_by_id() and adding a join there. This can be done later if we see that the load is too high
* If the user is not the creator of the API key, it's likely a clubstation. In this case the callsign of the clubstation can not be the same as the callsign of the user (operator call provided by the user). If this is the case, we need to use the callsign of the creator of the API key
* remove debug messages
* better UI in header
* found a typo
* full access in clubstations for admins (if accessed via admin usertable)
* adjusted text
* adjusted text
* adjust text
* reduce required chars
* bugfix: missing the correct authentication in case the admin was not member of the club. he wasn't able to switch back
* reduce debug messages
* fixed UI bug related to tooltips
* load js in controller
* upps..
* some UI adjustments
* corrected permissions
* if user gets delete we need to remove data in club_permissions and also api keys which were created by this user
* Notify members about new memberships or changes in permission level
* add spinner to save button
* make login/logout process more bulletproof
* remove the relogin cookie after the attempt
* better strategy
* bug where switch back failed if user is no admin
* make api keys more secure
* mask not owned api keys
* removed annoying link
* if a user gets removed from a club we also should delete the corresponding api keys and cat radios
* adjusted wiki link
* Auto creation of logbook and location when new user is created
* store and display locator in uppercase
* same for callsign
* fixed a bug in user/club creation
* Revert "Auto creation of logbook and location when new user is created"
We found another solution to which will be addressed in a second PR
This reverts commit f05f4b7bf0.
* Optimized SQL for stats at userlist
* Source query for lastop "out", because mysql<9.0 can't handle Windowed functions
* adjust migration
* add new columns to users table to get created_at and modified_at
* added a partial down function
* add operator dropdown for clubstations
* fix mig version
* Add some backend restrictions in case a user wants to try something funny with the club
---------
Co-authored-by: Andreas Kristiansen <6977712+AndreasK79@users.noreply.github.com>
Co-authored-by: int2001 <joerg@dj7nt.de>
772 lines
26 KiB
PHP
772 lines
26 KiB
PHP
<?php
|
|
defined('BASEPATH') OR exit('No direct script access allowed');
|
|
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Install Options
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| 'app_name' Name of the App 'Wavelog'
|
|
| 'directory' directory where wavelog is installed eg "logger"
|
|
| 'callbook' Selects which Callbook lookup to use defaults "hamqth" but supports "qrz"
|
|
*/
|
|
|
|
$config['app_name'] = 'Wavelog';
|
|
$config['directory'] = 'logbook';
|
|
$config['callbook'] = 'hamqth'; // Options are hamqth, qrz or qrzcq
|
|
|
|
$config['datadir'] = null; // default to install directory
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Logbook Options
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| 'table_name' SQL table where log can be found
|
|
| 'locator' Default locator used to calculate bearings/distance
|
|
| 'display_freq' Show or Hide frequnecy info
|
|
*/
|
|
|
|
$config['table_name'] = 'TABLE_HRD_CONTACTS_V01';
|
|
$config['locator'] = '';
|
|
$config['display_freq'] = true;
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| QRZ Login Options
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| 'qrz_username' QRZ.com user login
|
|
| 'qrz_password' QRZ.com user password
|
|
| 'use_fullname' Get full names from QRZ, may not be GDPR compliant
|
|
*/
|
|
|
|
$config['qrz_username'] = '';
|
|
$config['qrz_password'] = '';
|
|
$config['use_fullname'] = false;
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| HamQTH Login Options
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| 'hamqth_username' HamQTH user login
|
|
| 'hamqth_password' HamQTH user password
|
|
*/
|
|
$config['hamqth_username'] = '';
|
|
$config['hamqth_password'] = '';
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| QRZcq Login Options
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| 'qrzcq_username' QRZcq.com user login
|
|
| 'qrzcq_password' QRZcq.com user password
|
|
*/
|
|
$config['qrzcq_username'] = '';
|
|
$config['qrzcq_password'] = '';
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Authentication
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| 'use_auth' False turns all authentication off, best used when setting up
|
|
| 'auth_table' MySQL Database Table defaults "users"
|
|
| 'auth_mode' Minimum user level required 0 = anonymous, 1 = viewer,
|
|
| 2 = editor, 3 = api user, 99 = owner
|
|
| 'auth_level[]' Defines level titles
|
|
*/
|
|
|
|
$config['use_auth'] = true;
|
|
$config['auth_table'] = 'users';
|
|
$config['auth_mode'] = '3';
|
|
|
|
$config['auth_level'][3] = 'Operator';
|
|
$config['auth_level'][99] = 'Administrator';
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Base Site URL
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| URL to your CodeIgniter root. Typically this will be your base URL,
|
|
| WITH a trailing slash:
|
|
|
|
|
| http://example.com/
|
|
|
|
|
| WARNING: You MUST set this value!
|
|
|
|
|
| If it is not set, then CodeIgniter will try guess the protocol and path
|
|
| your installation, but due to security concerns the hostname will be set
|
|
| to $_SERVER['SERVER_ADDR'] if available, or localhost otherwise.
|
|
| The auto-detection mechanism exists only for convenience during
|
|
| development and MUST NOT be used in production!
|
|
|
|
|
| If you need to allow multiple domains, remember that this file is still
|
|
| a PHP script and you can easily do that on your own.
|
|
|
|
|
*/
|
|
$config['base_url'] = 'http://localhost/logbook';
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Index File
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| Typically this will be your index.php file, unless you've renamed it to
|
|
| something else. If you are using mod_rewrite to remove the page set this
|
|
| variable so that it is blank.
|
|
|
|
|
*/
|
|
$config['index_page'] = 'index.php';
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| URI PROTOCOL
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| This item determines which server global should be used to retrieve the
|
|
| URI string. The default setting of 'REQUEST_URI' works for most servers.
|
|
| If your links do not seem to work, try one of the other delicious flavors:
|
|
|
|
|
| 'REQUEST_URI' Uses $_SERVER['REQUEST_URI']
|
|
| 'QUERY_STRING' Uses $_SERVER['QUERY_STRING']
|
|
| 'PATH_INFO' Uses $_SERVER['PATH_INFO']
|
|
|
|
|
| WARNING: If you set this to 'PATH_INFO', URIs will always be URL-decoded!
|
|
*/
|
|
$config['uri_protocol'] = 'REQUEST_URI';
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| URL suffix
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| This option allows you to add a suffix to all URLs generated by CodeIgniter.
|
|
| For more information please see the user guide:
|
|
|
|
|
| https://codeigniter.com/user_guide/general/urls.html
|
|
*/
|
|
$config['url_suffix'] = '';
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Default Character Set
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| This determines which character set is used by default in various methods
|
|
| that require a character set to be provided.
|
|
|
|
|
| See http://php.net/htmlspecialchars for a list of supported charsets.
|
|
|
|
|
*/
|
|
$config['charset'] = 'UTF-8';
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Enable/Disable System Hooks
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| If you would like to use the 'hooks' feature you must enable it by
|
|
| setting this variable to TRUE (boolean). See the user guide for details.
|
|
|
|
|
*/
|
|
$config['enable_hooks'] = TRUE;
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Class Extension Prefix
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| This item allows you to set the filename/classname prefix when extending
|
|
| native libraries. For more information please see the user guide:
|
|
|
|
|
| https://codeigniter.com/user_guide/general/core_classes.html
|
|
| https://codeigniter.com/user_guide/general/creating_libraries.html
|
|
|
|
|
*/
|
|
$config['subclass_prefix'] = 'MY_';
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Composer auto-loading
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| Enabling this setting will tell CodeIgniter to look for a Composer
|
|
| package auto-loader script in application/vendor/autoload.php.
|
|
|
|
|
| $config['composer_autoload'] = TRUE;
|
|
|
|
|
| Or if you have your vendor/ directory located somewhere else, you
|
|
| can opt to set a specific path as well:
|
|
|
|
|
| $config['composer_autoload'] = '/path/to/vendor/autoload.php';
|
|
|
|
|
| For more information about Composer, please visit http://getcomposer.org/
|
|
|
|
|
| Note: This will NOT disable or override the CodeIgniter-specific
|
|
| autoloading (application/config/autoload.php)
|
|
*/
|
|
$config['composer_autoload'] = FALSE;
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Allowed URL Characters
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| This lets you specify which characters are permitted within your URLs.
|
|
| When someone tries to submit a URL with disallowed characters they will
|
|
| get a warning message.
|
|
|
|
|
| As a security measure you are STRONGLY encouraged to restrict URLs to
|
|
| as few characters as possible. By default only these are allowed: a-z 0-9~%.:_-
|
|
|
|
|
| Leave blank to allow all characters -- but only if you are insane.
|
|
|
|
|
| The configured value is actually a regular expression character group
|
|
| and it will be executed as: ! preg_match('/^[<permitted_uri_chars>]+$/i
|
|
|
|
|
| DO NOT CHANGE THIS UNLESS YOU FULLY UNDERSTAND THE REPERCUSSIONS!!
|
|
|
|
|
*/
|
|
$config['permitted_uri_chars'] = 'a-z 0-9~%.:_\-';
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Enable Query Strings
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| By default CodeIgniter uses search-engine friendly segment based URLs:
|
|
| example.com/who/what/where/
|
|
|
|
|
| You can optionally enable standard query string based URLs:
|
|
| example.com?who=me&what=something&where=here
|
|
|
|
|
| Options are: TRUE or FALSE (boolean)
|
|
|
|
|
| The other items let you set the query string 'words' that will
|
|
| invoke your controllers and its functions:
|
|
| example.com/index.php?c=controller&m=function
|
|
|
|
|
| Please note that some of the helpers won't work as expected when
|
|
| this feature is enabled, since CodeIgniter is designed primarily to
|
|
| use segment based URLs.
|
|
|
|
|
*/
|
|
$config['enable_query_strings'] = FALSE;
|
|
$config['controller_trigger'] = 'c';
|
|
$config['function_trigger'] = 'm';
|
|
$config['directory_trigger'] = 'd';
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Allow $_GET array
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| By default CodeIgniter enables access to the $_GET array. If for some
|
|
| reason you would like to disable it, set 'allow_get_array' to FALSE.
|
|
|
|
|
| WARNING: This feature is DEPRECATED and currently available only
|
|
| for backwards compatibility purposes!
|
|
|
|
|
*/
|
|
$config['allow_get_array'] = TRUE;
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Error Logging Threshold
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| You can enable error logging by setting a threshold over zero. The
|
|
| threshold determines what gets logged. Threshold options are:
|
|
|
|
|
| 0 = Disables logging, Error logging TURNED OFF
|
|
| 1 = Error Messages (including PHP errors)
|
|
| 2 = Debug Messages
|
|
| 3 = Informational Messages
|
|
| 4 = All Messages
|
|
|
|
|
| You can also pass an array with threshold levels to show individual error types
|
|
|
|
|
| array(2) = Debug Messages, without Error Messages
|
|
|
|
|
| For a live site you'll usually only enable Errors (1) to be logged otherwise
|
|
| your log files will fill up very fast.
|
|
|
|
|
*/
|
|
$config['log_threshold'] = 0;
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Error Logging Directory Path
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| Leave this BLANK unless you would like to set something other than the default
|
|
| application/logs/ directory. Use a full server path with trailing slash.
|
|
|
|
|
*/
|
|
$config['log_path'] = '';
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| One Logfile (true) or daily logfile?
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| Leave this setted to false unless you would like to have one big logfile
|
|
| at application/logs/ directory.
|
|
|
|
|
| true == one big log
|
|
| false (or non-existant): daily logs
|
|
*/
|
|
$config['one_log'] = false;
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Log File Extension
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| The default filename extension for log files. The default 'php' allows for
|
|
| protecting the log files via basic scripting, when they are to be stored
|
|
| under a publicly accessible directory.
|
|
|
|
|
| Note: Leaving it blank will default to 'php'.
|
|
|
|
|
*/
|
|
$config['log_file_extension'] = '';
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Log File Permissions
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| The file system permissions to be applied on newly created log files.
|
|
|
|
|
| IMPORTANT: This MUST be an integer (no quotes) and you MUST use octal
|
|
| integer notation (i.e. 0700, 0644, etc.)
|
|
*/
|
|
$config['log_file_permissions'] = 0644;
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Date Format for Logs
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| Each item that is logged has an associated date. You can use PHP date
|
|
| codes to set your own date formatting
|
|
|
|
|
*/
|
|
$config['log_date_format'] = 'Y-m-d H:i:s';
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Error Views Directory Path
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| Leave this BLANK unless you would like to set something other than the default
|
|
| application/views/errors/ directory. Use a full server path with trailing slash.
|
|
|
|
|
*/
|
|
$config['error_views_path'] = '';
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Cache Directory Path
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| Leave this BLANK unless you would like to set something other than the default
|
|
| application/cache/ directory. Use a full server path with trailing slash.
|
|
|
|
|
*/
|
|
$config['cache_path'] = '';
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Cache Include Query String
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| Whether to take the URL query string into consideration when generating
|
|
| output cache files. Valid options are:
|
|
|
|
|
| FALSE = Disabled
|
|
| TRUE = Enabled, take all query parameters into account.
|
|
| Please be aware that this may result in numerous cache
|
|
| files generated for the same page over and over again.
|
|
| array('q') = Enabled, but only take into account the specified list
|
|
| of query parameters.
|
|
|
|
|
*/
|
|
$config['cache_query_string'] = FALSE;
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Encryption Key
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| Encryption Key is used to encrypt sensitive data. Choose a strong and secure key.
|
|
| Example: 'cnawuihp87f4g3ofb837rf93brlcve378rgf93be9837dgvzcl39rlzfbrzvc834lvvf83frgv83zrbzv'
|
|
|
|
|
|
|
|
*/
|
|
$config['encryption_key'] = 'flossie1234555541';
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Session Variables
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| 'sess_driver'
|
|
|
|
|
| The storage driver to use: files, database, redis, memcached
|
|
|
|
|
| 'sess_cookie_name'
|
|
|
|
|
| The session cookie name, must contain only [0-9a-z_-] characters
|
|
|
|
|
| 'sess_expiration'
|
|
|
|
|
| The number of SECONDS you want the session to last.
|
|
| Setting to 0 (zero) means expire when the browser is closed.
|
|
|
|
|
| 'sess_save_path'
|
|
|
|
|
| The location to save sessions to, driver dependent.
|
|
|
|
|
| For the 'files' driver, it's a path to a writable directory.
|
|
| WARNING: Only absolute paths are supported!
|
|
|
|
|
| For the 'database' driver, it's a table name.
|
|
| Please read up the manual for the format with other session drivers.
|
|
|
|
|
| IMPORTANT: You are REQUIRED to set a valid save path!
|
|
|
|
|
| 'sess_match_ip'
|
|
|
|
|
| Whether to match the user's IP address when reading the session data.
|
|
|
|
|
| WARNING: If you're using the database driver, don't forget to update
|
|
| your session table's PRIMARY KEY when changing this setting.
|
|
|
|
|
| 'sess_time_to_update'
|
|
|
|
|
| How many seconds between CI regenerating the session ID.
|
|
|
|
|
| 'sess_regenerate_destroy'
|
|
|
|
|
| Whether to destroy session data associated with the old session ID
|
|
| when auto-regenerating the session ID. When set to FALSE, the data
|
|
| will be later deleted by the garbage collector.
|
|
|
|
|
| Other session cookie settings are shared with the rest of the application,
|
|
| except for 'cookie_prefix' and 'cookie_httponly', which are ignored here.
|
|
|
|
|
*/
|
|
$config['sess_driver'] = 'files';
|
|
$config['sess_cookie_name'] = 'ci_wavelog';
|
|
$config['sess_expiration'] = 0;
|
|
$config['sess_save_path'] = '/tmp';
|
|
$config['sess_match_ip'] = FALSE;
|
|
$config['sess_time_to_update'] = 300;
|
|
$config['sess_regenerate_destroy'] = FALSE;
|
|
|
|
/*
|
|
* To make sure we do not collect infinite session we set some garbage collection settings
|
|
* see https://www.php.net/manual/en/session.configuration.php#ini.session.gc-probability
|
|
* and https://www.php.net/manual/en/session.configuration.php#ini.session.gc-divisor
|
|
* and https://osvaldas.info/enabling-codeigniters-garbage-collector/
|
|
*
|
|
* set the probability to 1/1000 to make sure we do not collect too often
|
|
*/
|
|
$config['sess_gc_probability'] = 1;
|
|
$config['sess_gc_divisor'] = 1000;
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Cookie Related Variables
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| 'cookie_prefix' = Set a cookie name prefix if you need to avoid collisions
|
|
| 'cookie_domain' = Set to .your-domain.com for site-wide cookies
|
|
| 'cookie_path' = Typically will be a forward slash
|
|
| 'cookie_secure' = Cookie will only be set if a secure HTTPS connection exists.
|
|
| 'cookie_httponly' = Cookie will only be accessible via HTTP(S) (no javascript)
|
|
|
|
|
| Note: These settings (with the exception of 'cookie_prefix' and
|
|
| 'cookie_httponly') will also affect sessions.
|
|
|
|
|
*/
|
|
$config['cookie_prefix'] = '';
|
|
$config['cookie_domain'] = '';
|
|
$config['cookie_path'] = '/';
|
|
$config['cookie_secure'] = FALSE;
|
|
$config['cookie_httponly'] = FALSE;
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Standardize newlines
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| Determines whether to standardize newline characters in input data,
|
|
| meaning to replace \r\n, \r, \n occurrences with the PHP_EOL value.
|
|
|
|
|
| WARNING: This feature is DEPRECATED and currently available only
|
|
| for backwards compatibility purposes!
|
|
|
|
|
*/
|
|
$config['standardize_newlines'] = FALSE;
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Global XSS Filtering
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| Determines whether the XSS filter is always active when GET, POST or
|
|
| COOKIE data is encountered
|
|
|
|
|
| WARNING: This feature is DEPRECATED and currently available only
|
|
| for backwards compatibility purposes!
|
|
|
|
|
*/
|
|
$config['global_xss_filtering'] = FALSE;
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Cross Site Request Forgery
|
|
|--------------------------------------------------------------------------
|
|
| Enables a CSRF cookie token to be set. When set to TRUE, token will be
|
|
| checked on a submitted form. If you are accepting user data, it is strongly
|
|
| recommended CSRF protection be enabled.
|
|
|
|
|
| 'csrf_token_name' = The token name
|
|
| 'csrf_cookie_name' = The cookie name
|
|
| 'csrf_expire' = The number in seconds the token should expire.
|
|
| 'csrf_regenerate' = Regenerate token on every submission
|
|
| 'csrf_exclude_uris' = Array of URIs which ignore CSRF checks
|
|
*/
|
|
$config['csrf_protection'] = FALSE;
|
|
$config['csrf_token_name'] = 'csrf_test_name';
|
|
$config['csrf_cookie_name'] = 'csrf_cookie_name';
|
|
$config['csrf_expire'] = 7200;
|
|
$config['csrf_regenerate'] = TRUE;
|
|
$config['csrf_exclude_uris'] = array();
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Output Compression
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| Enables Gzip output compression for faster page loads. When enabled,
|
|
| the output class will test whether your server supports Gzip.
|
|
| Even if it does, however, not all browsers support compression
|
|
| so enable only if you are reasonably sure your visitors can handle it.
|
|
|
|
|
| Only used if zlib.output_compression is turned off in your php.ini.
|
|
| Please do not use it together with httpd-level output compression.
|
|
|
|
|
| VERY IMPORTANT: If you are getting a blank page when compression is enabled it
|
|
| means you are prematurely outputting something to your browser. It could
|
|
| even be a line of whitespace at the end of one of your scripts. For
|
|
| compression to work, nothing can be sent before the output buffer is called
|
|
| by the output class. Do not 'echo' any values with compression enabled.
|
|
|
|
|
*/
|
|
$config['compress_output'] = FALSE;
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Master Time Reference
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| Options are 'local' or any PHP supported timezone. This preference tells
|
|
| the system whether to use your server's local time as the master 'now'
|
|
| reference, or convert it to the configured one timezone. See the 'date
|
|
| helper' page of the user guide for information regarding date handling.
|
|
|
|
|
*/
|
|
$config['time_reference'] = 'UTC';
|
|
date_default_timezone_set($config['time_reference']);
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Rewrite PHP Short Tags
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| If your PHP installation does not have short tag support enabled CI
|
|
| can rewrite the tags on-the-fly, enabling you to utilize that syntax
|
|
| in your view files. Options are TRUE or FALSE (boolean)
|
|
|
|
|
| Note: You need to have eval() enabled for this to work.
|
|
|
|
|
*/
|
|
$config['rewrite_short_tags'] = FALSE;
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Reverse Proxy IPs
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| If your server is behind a reverse proxy, you must whitelist the proxy
|
|
| IP addresses from which CodeIgniter should trust headers such as
|
|
| HTTP_X_FORWARDED_FOR and HTTP_CLIENT_IP in order to properly identify
|
|
| the visitor's IP address.
|
|
|
|
|
| You can use both an array or a comma-separated list of proxy addresses,
|
|
| as well as specifying whole subnets. Here are a few examples:
|
|
|
|
|
| Comma-separated: '10.0.1.200,192.168.5.0/24'
|
|
| Array: array('10.0.1.200', '192.168.5.0/24')
|
|
*/
|
|
$config['proxy_ips'] = '';
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Users Data Directory Options
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| 'userdata' Name of principal/centralized data folder
|
|
|
|
|
| If you are a contributor to Wavelog you perhaps should add this folder path to .gitignore
|
|
|
|
|
*/
|
|
|
|
$config['userdata'] = 'userdata';
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Disable Syncing to 3rd party-Services at UI
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| Here you can disable triggering the syncing-logics by Users.
|
|
| Helpful if u have a huge instance or active-users, because of preventing race-conditions between UI and Cron
|
|
|
|
|
*/
|
|
|
|
$config['disable_manual_lotw'] = false;
|
|
$config['disable_manual_eqsl'] = false;
|
|
$config['disable_manual_hrdlog'] = false;
|
|
$config['disable_manual_qrz'] = false;
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Disables QSL-Image-Feature
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| This disabled the whole QSL image feature if you don't need it and want to hide it.
|
|
| Set to true will hide all QSL image related stuff in Wavelog
|
|
|
|
|
*/
|
|
|
|
$config['disable_qsl'] = false;
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Disables OQRS-Feature
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| This disabled the whole OQRS feature if you don't need it and want to hide it.
|
|
| Set to true will hide all OQRS related stuff in Wavelog
|
|
|
|
|
*/
|
|
|
|
$config['disable_oqrs'] = false;
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Special Callsign Feature aka. Clubstations Support
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| This config switch is meant to use for Special Callsign operations or Clubstations.
|
|
| If this switch is set to true it enables a whole bunch of features to handle Special Callsigns and Club Callsigns.
|
|
| For more Information please visit the Wiki:
|
|
| https://github.com/wavelog/wavelog/wiki/Clubstations
|
|
|
|
|
| !!! Important !!!
|
|
| $config['disable_impersonate'] has to be set to false to use this feature.
|
|
|
|
|
*/
|
|
|
|
$config['special_callsign'] = false;
|
|
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Impersonate
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| This config switch disables the impersonate feature. This feauture is used to impersonate another user.
|
|
| Impersonate is enabled by default. To disable it, set the value to false. Also the special_callsign feature needs this to be false.
|
|
|
|
|
*/
|
|
|
|
$config['disable_impersonate'] = false;
|
|
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Cronmanager Allow Insecure
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| The cronmanager needs http or https with a valid certificate to work.
|
|
| If you want to use it with https and a self-signed certificate, you need to set this to true.
|
|
|
|
|
*/
|
|
|
|
$config['cron_allow_insecure'] = false;
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Update / version check
|
|
|--------------------------------------------------------------------------
|
|
|
|
| This config switch disables the check for newer releases on github and
|
|
| hides the banner to admin users if a newer release as published.
|
|
| Default ON.
|
|
*/
|
|
|
|
$config['disable_version_check'] = false;
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| trx-control Configuration
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| ***
|
|
| No Features implemented yet, Nothing is going to happen if you set this.
|
|
| ***
|
|
|
|
|
| This defines server and port of your personal trx-control server.
|
|
| If you don't have a trx-control server, you can ignore this.
|
|
|
|
|
| trxd_server_ip IP of your trx-control server
|
|
| trxd_server_port Port of your trx-control server
|
|
| trxd_connection_type Connection type of your trx-control server (ws, wss or plain)
|
|
| ws: normal websocket
|
|
| wss: secure websocket (requires a valid certificate on trx-control server)
|
|
| plain: plain tcp/ip socket connection
|
|
| trxd_ws_path Path of your trxd websocket server (only required for ws and wss)
|
|
| trxd_server_timeout Timeout before the connection to trx-control server is closed
|
|
|
|
|
| More Information about trx-control you can find here:
|
|
| https://github.com/hb9ssb/trx-control
|
|
|
|
|
|*/
|
|
|
|
// $config['trxd_server_ip'] = '10.0.0.10';
|
|
// $config['trxd_server_port'] = '14290';
|
|
// $config['trxd_connection_type'] = 'ws';
|
|
// $config['trxd_ws_path'] = '/trx-control';
|
|
// $config['trxd_timeout'] = 5;
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| eqsl.cc Massdownloa
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| The eqsl.cc mass download function is not threadsafe. So it is disabled by default.
|
|
| Please consider enabling this carefully. Not recommended for multi-user environments.
|
|
*/
|
|
|
|
$config['enable_eqsl_massdownload'] = false;
|