Overview

ProcessMaker uses the configuration file env.ini for global settings that aren't available in the Admin panel.

Editing the env.ini File

Use a plain text editor to edit the configuration file located at:

<INSTALL-DIRECTORY>/workflow/engine/config/env.ini
In Linux/UNIX:
/opt/processmaker/workflow/engine/config/env.ini
In Windows:
C:\Users\USERNAME\AppData\Roaming\ProcessMaker-3_X_X\processmaker\workflow\engine\config\env.ini

The default content in the env.ini file is the following:

;Setting default_lang - Created by System on Fri 16 Dec, 2016 16:20:43 default_lang = "en" ;Setting default_skin - Created by System on Fri 16 Dec, 2016 16:20:43 default_skin = "neoclassic"

Most of the settings can be enabled by setting them to 1 and disabled by setting them to 0. Settings that are strings should be enclosed in double quotation marks. Lines beginning with ";" (semicolons) are treated as comments and are ignored. Remove the semicolon to uncomment the setting.

Available Settings

  • debug = 0|1
    Set to 1 to log PHP debugging information when running ProcessMaker. Default is 0.
  • debug_sql = 0|1
    Set to 1 to log all SQL queries to the wf_<WORKSPACE> database in MySQL. Default is 0. For more information, see the MySQL Logging section.
  • debug_calendar = 0|1
    Set to 1 to log information about calendars. Default is 0.
  • default_lang = "LANG"
    default_lang = "en"
    Sets the default language of ProcessMaker at the login screen. When the web browser is directed to http://IP-ADDRESS, it will automatically be redirected to http://IP-ADDRESS/sysworkflow/LANG/SKIN/login/login. If not set, then the default language is "en" (English).
  • default_skin = "SKIN"
    default_lang = "en"
    Sets the default skin of ProcessMaker at the login screen. When the web browser is directed to http://IP-ADDRESS, it will automatically be redirected to http://IP-ADDRESS/sysworkflow/LANG/SKIN/login/login. If not set, then the default skin is "neoclassic".
  • disable_download_documents_session_validation = 0|1
    Set to 1 to enable the download of input or output documents without restrictions. This means that is not neccesary to have a valid session or the right user permissions to download the document. If set to 0, the user must have a valid session and the correct user permissions to download the input or output document. If not set, then the default value is 0. For more information, read the Input Documents Download Restriction section.
  • disable_php_upload_execution = 0|1
    Set to 1 to disable the upload and execution of PHP files. By default the value is set to 0. This flag can be set for the whole ProcessMaker installation or individually for eack workspace. If the flag is active and a user tries to upload a PHP file, an alert message with "phpUpload" type will be recorded in the ProcessMaker Standard Log. This restriction includes: inputs documents, public files, documents, BPMN and classic dynaforms and files uploaded through the file and multiple file uploader control.
  • enable_blacklist = 0|1
    Set to 1 to activate the Plugin/Trigger Code Security Scanner feature. For more information go here.
  • load_headers_ie = 0|1
    Set to 1 to disable the 2.x compatibility mode. If not set or set to 0, code and headers that are used only in 2.x processes will be set to maintain 2.x compatibility mode.
  • memory_limit = "XM"
    Set the maximum amount of memory available for each login session in ProcessMaker. Use "M" for megabytes, "K" for kilobytes and "G" for gigabytes. It is not recommended to set this value to less than "100M", which is the default. If generating large Output Documents, it may be necessary to increase this value.
  • mobileNotifications = true|false
    Set to false to deactivate notifications in ProcessMaker Mobile.
    mobileNotifications = false; By default, mobile notifications are enabled. If this setting is not found in the env.ini file, the default value is "true".

  • redirect_to_mobile = 0|1
    Set to 1 to open the direct case link directly in the ProcessMaKer Mobile app. Set to O, to open the link in the device's browser. Default is 0.
  • session_block = 0|1
    Set to 1 to block the use of multiple browser instances of ProcessMaker. Default is 0. For more details, go to blocking multiple browser instances.
  • time_zone = "zone"
    Set the time zone of the ProcessMaker server. This setting determines the time zone used for all timestamps in ProcessMaker, such as the starting and ending time for cases. By default, the time zone is set to "America/New_York". A list of available timezones can be found at: http://php.net/manual/en/timezones.php
  • wsdl_cache = 0|1
    Set to 0 to disable the caching of WSDL (Web Services Description Language) function calls. The default is 1, so WSDL function calls are cached for up to 24 hours, which increases the reliability (especially if there are connection problems), but is a problem if immediate execution for debugging is necessary.

Input Document Download Restriction

As of ProcessMaker 3.2 and on, the disable_download_documents_session_validation flag has been implemented to prevent the download of input documents from unauthorized users. If the disable_download_documents_session_validation flag is set to "0" or is not included in the env.ini file, users will be restricted from downloading input documents. Therefore, if the user is not the one who uploaded the documents, he/she will need an Input Document process permission to download input documents.

This restriction affects:

Remember that this restriction is enabled by default. If the user is not allowed to download the file, a "403 Access denied" error message will be displayed:

MySQL Logging

If the debug_sql option is set to 1 (or debug is set to 1), then every SQL query to the wf_<WORKSPACE> database (which is named wf_workflow by default) will be written in the following log file:

<INSTALL-DIRECTORY>/shared/log/propel.log

Each line in the log file records SQL actions in the following format:

time(HH:MM:SS.mmm) | workspace | address-of-user | #### | Type | Processing-time | SQL-query | [URL-path -> code-file.php:line-number:function() -> ...]

For example, here is the shared/log/propel.log file for the admin user's login from the IP address 192.168.0.168:

04:54:03.4044|dani3018|192.168.0.90|413862|executeQuery|0.00016093254089355|SELECT PMT_BLACKLISTTRY.ID, PMT_BLACKLISTTRY.NAME, PMT_BLACKLISTTRY.DNI FROM PMT_BLACKLISTTRY LIMIT 20|app.php:61:include()->sysGeneric.php:1018:call()->class.httpProxyController.php:97:dataView()->pmTablesProxy.php:509:getAllData()->AdditionalTables.php:479:eval()->AdditionalTables.php(479) : eval()'d code:1:doSelectRS()->BasePmtBlacklisttryPeer.php:278:doSelect()->BasePeer.php:467:executeQuery()->PreparedStatementCommon.php:334:executeQuery()->|GET|/sysdani3018/en/neoclassic/pmTablesProxy/dataView?id=61419351656f372b9924b29018254312&_dc=1458766640428|id=61419351656f372b9924b29018254312  _dc=1458766640428

04:55:05.1668|dani3018|192.168.0.90|546286|executeUpdate|0.00035500526428223|INSERT INTO BLACKLISTTRY (Name, DNI) VALUES (\'Daniela\', 167)]\";s:15:\"__VAR_CHANGED__\";N;}',`APP_DRIVE_FOLDER_UID` = '' WHERE APPLICATION.APP_UID='86281452856f37325e5c2a8033826603'|app.php:61:include()->sysGeneric.php:1022:require_once()->cases_Step.php:241:updateCase()->class.case.php:1046:update()->Application.php:448:save()->BaseApplication.php:1004:doSave()->BaseApplication.php:1041:doUpdate()->BaseApplicationPeer.php:480:doUpdate()->BasePeer.php:420:executeUpdate()->PreparedStatementCommon.php:356:executeUpdate()->|GET|/sysdani3018/en/neoclassic/cases/cases_Step?TYPE=DYNAFORM&UID=80263955456d8ab9949a783019937009&POSITION=1&ACTION=EDIT|TYPE=DYNAFORM  UID=80263955456d8ab9949a783019937009    POSITION=1      ACTION=EDIT

05:13:32.4765|dani3018|192.168.0.90|604648|executeUpdate|0.00020098686218262|UPDATE PMT_BLACKLISTTRY SET Name = 'Dani123' where DNI = 167|app.php:61:include()->sysGeneric.php:1022:require_once()->cases_Step.php:196:executeTriggers()->class.case.php:3575:execute()->class.pmScript.php:349:executeAndCatchErrors()->class.pmScript.php:208:eval()->class.pmScript.php(208) : eval()'d code:2:executeQuery()->class.pmFunctions.php:317:executeUpdate()->|GET|/sysdani3018/en/neoclassic/cases/cases_Step?TYPE=DYNAFORM&UID=80263955456d8ab9949a783019937009&POSITION=1&ACTION=EDIT|TYPE=DYNAFORM   UID=80263955456d8ab9949a783019937009    POSITION=1      ACTION=EDIT

Logging will noticeably slow down ProcessMaker's performance, so it is not suggested to use this option except for debugging. The log file is not automatically deleted, so it will continue to append new information until the file system runs out of space. If SQL logging is enabled for long periods of time, it is a good idea to periodically delete the log file so it doesn't occupy too much hard drive space.

Note that the processing time is in seconds and milliseconds, so a time of 1.309 means 1 second and 309 milliseconds.

Blocking Multiple Browser Instances

Set the setting session_block to 1 in the env.ini file to disallow the use of multiple browser instances of ProcessMaker. If this setting is not found in the env.ini file, the default value is 0.

session_block = 1;

This restriction affects the following tabs: Home, Designer, Dashboards, KPIs, Admin and any of the options inside them.
Whenever trying to open multiple instances, the following warning page will display:

For the restriction to take effect, it is strongly recommended to log out of ProcessMaker and clear the cache of the browser.

Note: This restriction does not affect Dynaforms or Processes in the Designer tab that are automatically opened in other tabs in Internet Explorer 11 and later.