preferences.php

This lists all the settings in the preferences.php file, which is normally found in /opt/zendto/config/preferences.php. Do not change values in this file unless you need to, and then only after carefully reading the comments in the file.

If you want to change the text in the user interface, then edit /opt/zendto/config/zendto.conf and not this file. It is mostly self-explanatory.

The preferences.php settings you will need to change are:

File Locations & System

NSSDROPBOX_BASE_DIR
This is the location of the top of the directory tree containing the www, lib, template and so on directories.
NSSDROPBOX_LIB_DIR
This is the location of the ZendTo "lib" directory.
NSSDROPBOX_DATA_DIR
This is the location of the ZendTo data directories, containing the log file, SQLite database file and files contained in each drop-off.
ZTVERSION
The is the ZendTo version number as reported in the footer.tpl template that appears at the bottom of each web page.
MYZENDTO
This can be "TRUE" or "FALSE". It is normally FALSE unless you are using the "MyZendTo" application instead of the normal "ZendTo" application. If you set it to TRUE then you also need to change the "DocumentRoot" setting of your web site in your web server configuration to /opt/zendto/myzendto.www.
RRD_DATA_DIR
This is the location of the directory containing the statistics gathered about the usage of your ZendTo installation, which are viewable by any of your ZendTo administrators.
RRD_DATA
This is the location of the file containing the usage statistics.
RRDTOOL
This is the location of the rrdtool binary used by ZendTo to process its statistics into graphs.
dropboxDirectory
This is the directory where all the files dropped off are stored. Significant amounts of storage must be available here to hold the files that have been dropped off and have not yet been expired.
logFilePath
This is the location of the ZendTo log file. All transactions are logged here.

Database

SqlBackend
The can be "MySQL" or "SQLite". It defines which database back-end ZendTo is using. I would advise SQLite unless it is not available for use with PHP, which happens on RedHat Linux, CentOS Linux and other similar Linux distributions. SQLite is available on Ubuntu and Debian, for example, in which case I would advise you to use it as it requires no configuration. If you are going to use MySQL, then you will need to read /opt/zendto/sql/README.MySQL to configure it.
SQLiteDatabase
This sets the filename of the SQLite database, it SQLite is being used. If SQLite is not being used, this setting is ignored.
MySQLhost
This is the name of the server hosting the MySQL database. If MySQL is not being used, this setting is ignored.
MySQLuser
This is the username used to connect to the MySQL database server, if MySQL is being used.
MySQLpassword
This is the password used to connect to the MySQL database server, if MySQL is being used.
MySQLdb
This is the name of the MySQL database, if MySQL is being used.

Drop-off Properties

numberOfDaysToRetain
After a file has been dropped off, it will remain available for download until either it is deleted by the recipient (if there was only 1 recipient) or the sender, or until this number of days have passed. Increasing this number will require more drop-off storage.
showRecipsOnPickup
When a drop-off is being downloaded, should the list of recipients be displayed? Possible values are "TRUE" or "FALSE".
maxBytesForDropoff
The maximum total number of bytes that can be uploaded in the sum of all the files dropped off in 1 drop-off. This should be less than 2GB on any 32-bit ZendTo server. Allowing drop-offs larger than 2GB also causes a lot of upload problems with Microsoft web browsers.
maxBytesForFile
The maximum size of any 1 file in a drop-off. This should be less than 2GB on any 32-bit ZendTo server. Allowing files larger than 2GB also causes a lot of upload problems with Microsoft web browsers. You might want to limit this file size to dissuade users from uploading copyrighted material such as large video files.

Uploads & Requests

useRealProgressBar
When set to "TRUE" a progress bar will be displayed during file uploads indicating the true progress of the upload. When set to "FALSE" a simple animated image is used which, while letting the user know that something is happening, does not give any indication of the progress of the upload. The "real" progress bar has had problems at a few sites when very large files are being uploaded.
requestTTL
When the "Send a Request" feature has been used, this is the number of seconds the recipient has in which to respond by uploading some files. After this time, the Request expires and the request will have to be re-generated. 86400 seconds = 1 day.
requestTo
If this is set to anything other than the empty string, all drop-offs sent in response to Requests will be delivered to this email address, instead of the email address of the person who sent the Request in the first place. This can be used to force all files submitted in response to the "Send a Request" feature to go into a customer service ticketing system, rather than personally to the staff member who sent the Request.
maxSubjectLength
This is the maximum length of the "Subject:" line sent in the email when the "Send a Request" feature is being used.
maxNoteLength
This is the maximum length of the "Short Note" that can be added to all drop-offs.

Library of Files

usingLibrary
If you frequently send one or more of a small set of files to recipients, you don't want to have to upload each file to ZendTo every time. So this "Library of Files" feature allows you to have a directory of frequently-used files. When you come to choose what files to send to a recipient, you can choose to either upload a file or pick from a file already in the library. You can have a per-user library as well as a default one, and the library feature will only be presented to the user if there are files in their library. Also, the description used for each file is remembered, so when you next send a particular library file to a recipient, you won't even have to enter the description. To enable the library feature, set this to true.
libraryDirectory
This points to the directory used by the "Library of Files" feature. All files in this directory must be at least readable by the web server user. The default set of files presented to a user should be placed in this directory. Sub-directories of this are named after the username they correspond to, and contain the set of files available to that user. The per-user directory contents over-rides the default directory, it does not add to it. A good way for users to manage their library would be to create a WebDAV share that points to it, which is widely documented elsewhere.

Protection Against Robots

recaptchaPublicKey
recaptchaPrivateKey
The test to prove that ZendTo is being used by a person and not some automated spamming program is done using a test called "reCAPTCHA". To operate, this needs to have a public key and a private key. So go to reCAPTCHA and log in. Then "Add a New Site" and enter the full name of your ZendTo website (not the real hostname of the box hosting it). I advise you leave the "global key" box unticked. Then simply copy and paste the 2 long strings it generates into your preferences.php.
Note: I strongly advise against this, but if you must disable the "reCAPTCHA", set both of these to the string "disabled". Note that if you disable this, you will get spammed by malware and viruses being sent to your users.
recaptchaProxyHost
recaptchaProxyPort
If you have severe restrictions on what web sites can be accessed, and you need to use a proxy server to reach Google, then fill in the proxy's hostname and port number. These are normally left blank as most people have normal internet connections.
humanDownloads
This should normally be set to true to help protect your ZendTo server against distributed denial-of-service (DDoS) attacks. It forces any unauthenticated user to prove they are a real person before they can download any file from a drop-off. If the drop-off contains multiple files, they only have to pass the test once, regardless of how many files they download. If it is set to false then this protection is removed, but it is slightly quicker for people to use as they don't have to pass a CAPTCHA test.

Authentication & Administrators

authAdmins
This is the list of usernames who have administrative rights over your ZendTo server. They will be able to see statistics about the service's use, and they will be able to see and delete every drop-off.
authenticator
This sets the type of authentication your ZendTo will use. It must be one of "Local", "IMAP", "AD" or "LDAP". The available authentication systems, together with their configuration settings, are described here.

Domains & Usernames

defaultEmailDomain
Sometimes users forget to enter full email addresses and just enter the username. If that happens, this is the string added after an "@" to turn them into addresses for your organisation.
emailDomainRegexp
When a user has not logged in, they can only send files to users whose email addresses belong to your organisation. This setting can either be the full path to a file, or a regular expression.
If it is a file, then that file must be a plain text file listing your domain names, one per line. You do not need to list all your sub-domains, just your top-level domain, as as entry of "domain.com" will allow all addresses like "*@domain.com" and also "*@*.domain.com".
If it is a regular expression, then it must match everything to the right of the "@" symbol in your email addresses.
usernameRegexp
This defines what strings are valid usernames on the login page.
validEmailRegexp
This defines what are valid email addresses for anyone.
localIPSubnets
This lists all the IP address prefixes which are occupied by your own network. It will be used to change the appearance of the ZendTo home page to reflect whether users should be encouraged to login or not. Not yet used.

Logins & Sessions

loginFailMax
loginFailTime
These define how long a user is locked out of ZendTo if they repeatedly enter an incorrect password. This provides security against malicious programs trying to guess your users' passwords by repeatedly trying to log in to ZendTo. If a user fails to enter the correct password "loginFailMax" times in "loginFailTime" seconds, they are locked out completely for a further "loginFailTime" seconds. 86400 seconds = 1 day.
cookieName
This is the name of the cookie stored in each user's web browser to track their session.
cookieSecret
This is a secret string used to protect ZendTo from sessions being faked by malicious users. It should be generated by running "/opt/zendto/sbin/genCookieSecret.php".
cookieTTL
This sets the maximum length of a ZendTo user session.

Virus Scanning

clamdscan
This is the command used to call the virus scanner. You should use the "clamd" virus scanner daemon, which is part of ClamAV, an excellent free virus scanner. It runs very fast, and is used to scann all uploaded files for viruses. Any drop-off containing infected files is rejected and deleted immediately.
 
Copyright 2010 © Julian Field/ZendTo