Reference to developers using MAWI

Reference of predefined variables, and configuration files and variables of the MAWI system.

Conventions

The label before some vars and files mean:

Safe to omit or leave default value.
Safe to omit or leave default value most of times, but should be revised.
Can't be omited.


Note about bool vars: Every value not defined as FALSE, will be set as TRUE. False values are:
$var=''; $var=0; $var=false; or $var='0';

Configuration and default files

Every MAWI site must have at least the following files on conf directory:

error.php: As MAWI uses only virtual pages, not found pages error, normaly 404 errors, are directly managed by MAWI class. This page shows by default the "not found" error text stored in MAWI text system. You can personalized this page to show a custom page to your visitors.

login.php: Login form to initialize session on MAWI. It is the defalt HTML login form, you can make any custom changes on it to fit your own web design. If this file is deleted, the default MAWI form is inserted.

logout.php: This page shows by default the logout text stored in MAWI text system. You can personalized this page to show a custom page to your visitors.

mysql_data.php: Contain the info to connect to the database of the project.

Vars in conf_mysql.php

$mawi_db_connector['db_type'] (string): Connector type for ezSQL abstraction library for database. MAWI does not work without ezSQL initializad as $db.

(Default value: mysqli)
- MySQL: mysql | mysqli | pdo

Not tested:
- PostgreSQL: postgresql
- Oracle 8 & 9: oracle
- Microsoft SQL: mssql

$mawi_db_connector['db_host'] (string): Host or IP of your database. If omitted localhost is used by default.
$mawi_db_connector['db_name'] (string): Name of your database.
$mawi_db_connector['db_user'] (string): User name of database. Can be omitted if it is the same as $db_name.
$mawi_db_connector['db_pass'] (string): an encrypted version of your MySQL password to avoid plain text passwords on your virtual server. You can get the encrypted string using your Intervia's iCAP panel.

noacc.php: This page shows by default the "No access" text stored in MAWI text system. You can personalized this page to show a custom page to your visitors.
This page si show when a visitor does not have access to a restricted access page on MAWI.

vars_project.php: Custom vars for your project. Here you can add any var needed to your own project. The file can be left empty or deleted if not needed.

conf_framework.php: MAWI basic configuration vars. You can see a description of every var below.

Vars in conf_framework.php

Default values for $mawi_default array

$mawi_default['default_language'] (string): Two letters ISO-3166 code of default language. The language must be enabled in language panel to be used. Default value in owr servers is "es" (Spanish language).
$mawi_default['default_time_zone'] (string): Default time zone. Must be a valid timezone set to use in PHP date functions. Default value in owr servers is "Europe/Madrid".
$mawi_default['accman_host'] (string): Host to use in the URL to link the password recovery for user login.
$mawi_default['email_return'] Email used as return receipt and email validation $mawi_default['utf8_disable'] (bool): Set to TRUE to disable UTF-8 and use ISO char encodes. By default MAWI uses UTF-8 since version 1.0. When using UTF-8 the "Content-Type: text/html;" charset=utf-8 headers are sent with every page. Also, MAWI DB must be encoded as "COLLATE=utf8_unicode_ci", or any othe utf8 charset.
PLEASE NOTE: If UTF-8 is disabled, MAWI will be unable to handle double-byte char sets (DBCS), like chinese, japanese, korean, arabic, Croatian, cyrillic, greek, icelandic and others. MAWI databases must be in UTF-8 if this var is set to FALSE.
$mawi_default['panel_disable'] (string): Set to true to disable MAWI control panel
$mawi_default['panel_path'] (string): Alternative path to custom panel menu. By default MAWI generates a panel menu to manage basic fuctions, as create websites, pages, users, text and text blocks, if any aditional custom functions should be added you can create your own custom menu.
$mawi_default['panel_menu'] Optional panel custom menu file
$mawi_default['global_get'] (bool): If this var is set to TRUE, every GET var will be captured, like the old PHP register_globals, but all vars will be filtered to remove any programming language tags, included html, http or multi-line comment, so this vars can not be use for rich text forms. Furthermore, any predefined var don't will be captured.
$mawi_default['global_post'] (bool): If this var is set to TRUE, every POST var will be captured, like the old PHP register_globals, but all vars will be filtered to remove any programming language tags, included html, http or multi-line comment, so this vars can not be use for rich text forms. Furthermore, any predefined var don't will be captured.
$mawi_default['browser_allow_frame'] (bool): By default MAWI avoid that content can by inserted inside frames sendig a "X-Frame-Options: DENY" heder. If you need to insert pages inside a frame, set this var to TRUE.
$mawi_default['browser_default_time'] (int): Browser cache-control header in seconds (0 = no-cache)
$mawi_default['default_block_ws'] (int): If you have more than one websitte defined (domains), you can permit edition of text blocks only from one of them, putting the id of website in this var.


Cache headers options (browser cache)


$mawi_redir (array): Redirect 404 pages. Redirects old pages to new pages with a 301 redir. Array must contain an element by every page to be redirected in format 'oldpage.php' => 'newpage'
This redirects from http://domain.com/oldpage.php to http://domain.com/newpage
$mawi_cache_offset (int): cache-control max-age and expire headers, time in seconds (0 = no-cache)
It is the time that user's browser will keep cache of pages.
$mawi_default_time (int): Default GMT time zone offset to the cahe headers.
I.E. 1 to GMT +1.
$mawi_cache_offset_sfc (int): True to use "Same File Cache" value as cache offset. It is the same value of $mawi_cache_expire but using this switch, the non cacheable pages will send a 0 value to the browser.


MAWI cache options

NOTE: Never use file cache on restricted access pages or forms!

$mawi_cache (bool): Enable file cache.
$mawi_nocache_ids (array): IDs of non cacheable pages. Add here the IDs of non cacheable pages, like forms or restricted access pages.
$mawi_cache_ws (array): IDs of cacheable websites. I.E., you can activate cache to the production domain, and not activate it to development domain.
$mawi_cache_expire (int): Expire time in seconds of cached files. After this time, the cache file is deleted and refreshed with a new one.
$mawi_nocache_queries (array): List with the name of query strings. When one of this var names are sent by GET the file cache is disconnected to this page. It should be used is some GET value is used to modify the aspect or contents of a page.
$mawi_cache_cookies (array): List of cookie names that make pages to show different aspect or contents. I.E. if a cookie is used to change the font of pages, it should be included in the array so different cached versions of pages will be created. The setlang and lang cookies should be included ever if you intend to use file cache. Otherwise, only the first cached language page will be shown to users.

Control panel

Default control panel of MAWI system

$mawi_cpanel_enabled (bool): True to enable control panel.


Autogenerated control panel menus

This settings will not disable panel functions, only disable the navigation tabs.

$mawi_cpanel_text (bool): Enable text panel menu.
$mawi_cpanel_page (bool): Enable pages panel menu.
$mawi_cpanel_user (bool): Enable user panel menu.
$mawi_cpanel_conf (bool): Enable conf panel menu.
$mawi_cpanel_contacts (bool): Enable company panel menu.


MAWI libraries

If control panel is enabled, al required libraries will be enabled.

$mawi_basic_functions_enable (bool): Basic functions, required to panel.
$mawi_console_enable (bool): Search console, required to panel.
$mawi_contacts_enable (bool): Required to use MAWI company module.
$mawi_downloader_enable (bool): /Manage download files.
$mawi_email_validation_enable (bool): eMail validations, required to panel.
$mawi_form_parser_enable (bool): Form arrays of checkboxes parser.
$mawi_image_manipulator_enable (bool): Image resize and get image size.
$mawi_messages_enable (bool): Messages after db operations, required to panel.
$mawi_pager_enable (bool): Pager to large listings, required to panel.
$mawi_user_agent_enable (bool): Get user agent browser and OS from user_agent.


MAWI class vars and methods

$mawi->ws (int): Id of website in $db_files_ws.
$mawi_base (object): base files (header, footer, menu, etc) of selected website in $db_files_ws.
$mawi_base_dir (string): Path to MAWI base files in $mawi_base.
$mawi->pageId2Alias() (array): Return [page-id]=>page-alias of all enabled files of selected website.
$mawi->PageInfo->page_id (int): Id of current web page.
$mawi->PageInfo->arg (string): File name of current web page.
$mawi->pageInfo->page_title (string): Title of current web page in actual language.
$mawi->PageInfo->meta_description (string): META description of current web page in actual language.
$mawi->PageInfo->meta_keyword (string): META keywords of current web page in actual language.
$mawi->PageInfo->alias (string): Name alias of current web page.
$mawi->PageInfo->group (int): Id of the group in $db_files_groups of current file.
$mawi->PageInfo->group_top (int): Id of the upper level group in $db_files_groups of current file to make breadcrumbs.
$mawi->PageInfo->dir (string): Directory in web root to the current file in $mawi->pageInfo->file_name.
$mawi_text (array): Array containing all texts with key=>text.
$mawi->dirWSRoot (string): Mawi document root (same as $_SERVER['DOCUMENT_ROOT']).
$mawi->date (string): Actual date/time in yyyy-mm-dd hh:mm:ss format, for the timezone indicated on $mawi_default_time_zone.
$mawi->user_id (int): ID of user's session.
$mawi->user_name (string): Name of user's session.
$mawi->user_group (int): Group ID of user's session.
$mawi->user_group_name (string): Group name of user's session.
$db (object): ez_sql object class.
$mawi_lang (object): Contains all enabled country two code ISO-3166 from language panel. This object is used by MAWI to generate all the multi-language options.
$mawi->ip (strig): It is a filtered var with the visitor's IP. There is an advanced class to detect IP proxies also, you can find more about it in libraries section.
$mawi->ua (strig): A filtered var with the user's browser user_agent info.
$mawi->date (strig): Actual date and time in yy-mm-dd hh:mm:ss format (valid to be used with MySQL).
$mawi->dirWSRoot (strig): A filtered var with the web document root path on server's hard disk.
$mawi->fqdn (strig): The Full Qualified Domain Name called by the user without the www string, i.e. for the www.intervia.com domain, the var will contain "intervia.com".
$mawi_detected_lang (strig): The first, two code ISO-3166, detected browser language.
$mawi_language (strig): Two code ISO-3166 of MAWI installation default language.
$mawi_lang (array): Contains a list of two code ISO-3166 counties, with all enabled languages. This can be managed by the language tab in control panel.
$mawi->user_id (int): ID number of current user. If no user is logged in, it returns 0.
$mawi->user_name (strig): Name of current user. If no user is logged in, it returns the string "Guess".
$mawi->user_group (int): ID of the user's group. f no user is logged in, the var is empty.
$mawi->user_group_name (strig): Name of the user's group. f no user is logged in, the var is empty.
$mawi_email_return (strig): Default return receipt email used in forms and password recovery. Must be a valid email address or email validation class will fail.



GET/POST Values

Vars sent from the browser using POST or GET.

setlang (string): Two code ISO-3166 used to set the lang cookie. If you send this value, MAWI class will verify if the country code is in the list of enabled languages, is so, this language will be set to the lang cookie. The language will be set to this cookie value in further visits, unless you send the value lang to force another language.
lang (string): Two code ISO-3166 used to select actual language. If the value is sent and the language is enabled, the language wil be selected, even if there are a lang cookie set with another language. If no lang is specified, the cookie lang, browser lang or default lang will be used (in this order).


Special pages


logout: If logout page is called (domain.tld/logout), any user session will be closed by MAWI Loader. No POST or GET parameters are needed.


Predefined vars

$hash: Filtered string only alphanumeric 35 chars long. Used to send MD5 hashes.

$txt1, $txt2, $txt3: Filtered to avoid SQL inyection. Valid to use in HTML RTF forms.

$data_ISO: Filtered string only alphanumeric, no programming code, nor HTML. The var is captured to any enabled language using ISO codes. I.E. If you have enabled english and spanish, $data_en and $data_es will be captured and filtered.

$text_ISO: Filtered to avoid SQL inyection. Valid to use in HTML RTF forms. The var is captured to any enabled language using ISO codes. I.E. If you have enabled english and spanish, $data_en and $data_es will be captured and filtered.

NOTE: If $mawi_global_vars var is set to TRUE in vars_framework.php, every POST, GET and COOKIE will be captured, like the old PHP register_globals, but all vars will be filtered to remove any programming language tags, included html, http or multi-line comment, so this vars can not be use for rich text forms. Furthermore, any predefined var don't will be captured.

Although the auto captured vars are filtered in MAWI, it is not recommended to use this feature unless you are in the developing process. It is more secure if you capture every variable needed in vars_project.php file.