1 files changed, 140 insertions, 4 deletions
diff --git a/application/config/config.php b/application/config/config.php
index 10315220e..e120beaf6 100644
--- a/application/config/config.php
+++ b/application/config/config.php
@@ -158,7 +158,11 @@ $config['composer_autoload'] = FALSE;
 | DO NOT CHANGE THIS UNLESS YOU FULLY UNDERSTAND THE REPERCUSSIONS!!
 |
 */
-$config['permitted_uri_chars'] = 'a-z 0-9~%.:_\-';
+if (php_sapi_name() == "cli") {
+	$config['permitted_uri_chars'] = '';
+} else {
+	$config['permitted_uri_chars'] = 'a-z 0-9~%.:_\-';
+}
 
 /*
 |--------------------------------------------------------------------------
@@ -377,10 +381,10 @@ $config['encryption_key'] = '';
 | except for 'cookie_prefix' and 'cookie_httponly', which are ignored here.
 |
 */
-$config['sess_driver'] = 'files';
+$config['sess_driver'] = 'database';
 $config['sess_cookie_name'] = 'ci_session';
 $config['sess_expiration'] = 7200;
-$config['sess_save_path'] = NULL;
+$config['sess_save_path'] = "ci_sessions";
 $config['sess_match_ip'] = FALSE;
 $config['sess_time_to_update'] = 300;
 $config['sess_regenerate_destroy'] = FALSE;
@@ -448,7 +452,7 @@ $config['global_xss_filtering'] = FALSE;
 | 'csrf_regenerate' = Regenerate token on every submission
 | 'csrf_exclude_uris' = Array of URIs which ignore CSRF checks
 */
-$config['csrf_protection'] = FALSE;
+$config['csrf_protection'] = FALSE; // our controller enables this later
 $config['csrf_token_name'] = 'csrf_test_name';
 $config['csrf_cookie_name'] = 'csrf_cookie_name';
 $config['csrf_expire'] = 7200;
@@ -521,3 +525,135 @@ $config['rewrite_short_tags'] = FALSE;
 | Array:		array('10.0.1.200', '192.168.5.0/24')
 */
 $config['proxy_ips'] = '';
+
+/*
+|--------------------------------------------------------------------------
+| FileBin
+|--------------------------------------------------------------------------
+ */
+
+// This address will be used as the sender for emails (like password recovery mails).
+$config['email_from'] = "webmaster@example.invalid";
+
+// upload_path should NOT be readable/served by the server, but only by the script
+$config['upload_path'] = FCPATH.'data/uploads';
+
+// Make sure to adjust PHP's limits (post_max_size, upload_max_filesize) if necessary
+$config['upload_max_size'] = 256*1024*1024; // 256MiB
+
+// Files smaller than this will be highlit, larger ones will simply be downloaded
+// even if requested to be highlit.
+$config['upload_max_text_size'] = 2*1024*1024; // 2MiB
+
+// Files older than this will be deleted by the cron job or when accessed.
+// 0 disables deletion.
+$config['upload_max_age'] = 60*60*24*5; // 5 days
+
+// Action keys (invitions, password resets) will be deleted after this time by
+// the cron job.
+$config['actions_max_age'] = 60*60*24*5; // 5 days
+
+// Files smaller than this won't be deleted (even if they are old enough)
+$config['small_upload_size'] = 1024*10; // 10KiB
+
+// Maximum size for multipaste tarballs. 0 disables the feature
+$config['tarball_max_size'] = 1024*1024*50; // 50MiB
+
+// Multipaste tarballs older than this will be deleted by the cron job
+// Changing this is not recommended
+$config['tarball_cache_time'] = 60*5; // 5 minutes
+
+// The maximum number of active invitation keys per account.
+$config['max_invitation_keys'] = 3; //3 keys
+
+
+// Possible values:
+// - apc: needs the apc module and is only useful on long running php processes
+// - file: you will have to clean up the cache directory yourself (./application/cache/)
+//         example cronjob:
+//         */15 * * * * find ./application/cache/ -mtime +0.5 -not \( -name .htaccess -or -name index.html \) -delete
+// - memcached: config in application/config/memcached.php; you need the memcached module (with the D)
+// - dummy: disables caching
+//
+// It is highly suggested to enable the cache.
+$config['cache_backend'] = "dummy";
+
+
+// For possible drivers look into ./application/libraries/Duser/drivers/
+$config['authentication_driver'] = 'db';
+
+// This is only used it the driver is set to ldap
+if (extension_loaded("ldap")) {
+	$config['auth_ldap'] = array(
+		"host" => 'ldaps://ldap.example.com',
+		"port" => 636,
+		"basedn" => "dc=example,dc=com",
+		"scope" => "one", // possible values: base, one, subtree
+		"options" => array(
+			// key/values pairs for ldap_set_option
+			// http://php.net/manual/en/function.ldap-set-option.php
+			LDAP_OPT_PROTOCOL_VERSION => 3
+		),
+		// Please note that php-ldap converts attributes to lowercase
+		"userid_field" => "uidnumber", // This has to be a unique integer
+		"username_field" => "uid", // This is the value the user supplies on the login form
+		// Optional parameters
+		// "bind_rdn" => "uid=search-user,cn=users,dc=example,dc=com", // This is the user used to authenticate for searches
+		// "bind_password" => "***", // This is the password for the search user
+		// You can optionally filter the LDAP users who are allowed to log in using any valid LDAP filter. %s will be replaced
+		// by the user name.
+		// "filter" => "(&(uid=%s)(memberOf=cn=FileBinUsers,cn=groups,dc=example,dc=com))",
+	);
+}
+
+// This is only used if the driver is set to fluxbb
+$config['auth_fluxbb'] = array(
+	'database' => 'fluxbb'
+);
+
+// This is only used if the driver is set to db. Changes to these settings will be
+// applied when users sucessfully log in with their password.
+// For information about these values refer to https://secure.php.net/manual/en/function.password-hash.php
+$config['auth_db'] = array(
+	'hashing_options' => array(
+		'cost' => 10,
+	),
+	'hashing_algorithm' => PASSWORD_DEFAULT,
+);
+
+
+// Possible values: production, development
+// "development" enables features like profiling and display of SQL queries.
+$config['environment'] = "production";
+
+
+// This sets the download implementation. Possible values are php, nginx and lighttpd.
+// The nginx and lighttpd drivers make use of the server's sendfile feature.
+//
+// The lighttpd driver requires the following directive to be set in your fastcgi.server configuration:
+//	"allow-x-send-file" => "enable"
+// See http://redmine.lighttpd.net/projects/lighttpd/wiki/Docs_ModFastCGI#X-Sendfile
+//
+// When using the nginx download driver you need to define an internal location
+// from which nginx will serve your uploads:
+//	location ^~ /protected-uploads/ {
+//		internal;
+//		alias <upload_path>/;
+//	}
+// See http://wiki.nginx.org/X-accel
+$config['download_driver'] = 'php';
+
+$config['download_nginx_location'] = '/protected-uploads';
+
+if (file_exists(APPPATH.'config/config-local.php')) {
+	include APPPATH.'config/config-local.php';
+}
+
+if (getenv("ENVIRONMENT") === "testsuite" && isset($_SERVER['SERVER_PORT'])) {
+	$config['base_url'] = 'http://127.0.0.1:'.$_SERVER['SERVER_PORT'].'/';
+}
+
+if (getenv("ENVIRONMENT") === "testsuite") {
+	$config['upload_path'] = FCPATH.'testsuite-tmp';
+	$config['auth_db']['hashing_options']['cost']  = 5;
+}