Overview
ProcessMaker uses the configuration file env.ini for global settings that aren't available in the Admin panel.
Editing the env.ini File
Use a plain text editor to edit the configuration file located at:
- <INSTALL-DIRECTORY>/workflow/engine/config/env.ini
- In Linux/UNIX:
- /opt/processmaker/workflow/engine/config/env.ini
- In Windows:
- C:\Users\USERNAME\AppData\Roaming\ProcessMaker-3_X_X\processmaker\workflow\engine\config\env.ini
The default content in the env.ini file is the following:
Most of the settings can be enabled by setting them to 1 and disabled by setting them to 0. Settings which are strings should be enclosed in double quotation marks. Lines beginning with ";" (semicolons) are treated as comments and are ignored. Remove the semicolon to uncomment the setting.
Available Settings
default_lang = "LANG"
default_lang = "en"
Sets the default language of ProcessMaker at the login screen. When the web browser is directed tohttp://IP-ADDRESS
, it will automatically be redirected tohttp://IP-ADDRESS/sysworkflow/LANG/SKIN/login/login
. If not set, then the default language is"en"
(English).default_skin = "SKIN"
Sets the default skin of ProcessMaker at the login screen. When the web browser is directed tohttp://IP-ADDRESS
, it will automatically be redirected tohttp://IP-ADDRESS/sysworkflow/LANG/SKIN/login/login
. If not set, then the default skin is"neoclassic"
.debug_sql = 0|1
Set to1
to log all SQL queries to the wf_<WORKSPACE> database in MySQL and view SQL error messages in the__ERROR__
system variable in the Debugger. Default is0
. For more information, see the MySQL Logging section.debug_calendar = 0|1
Set to 1 to log information about calendars. Default is0
.wsdl_cache = 0|1
Set to0
to disable the caching of WSDL (Web Services Description Language) function calls. The default is 1, so WSDL function calls are cached for up to 24 hours, which increases the reliability (especially if there are connection problems), but is a problem if immediate execution for debugging is necessary.memory_limit = "XM"
Warning: As of ProcessMaker 3.5.0, the memory_limit
setting is removed. Edit the php.ini file instead.system_utc_time_zone = 0|1
Set to 1 to enable the multi time zone. Default is0
.
For best practices regarding using this parameter, see Time Zone best practices.time_zone = "zone"
Set the time zone of the ProcessMaker server. This setting determines the time zone used for all timestamps in ProcessMaker, such as the starting and ending time for cases. By default, the time zone is set to "America/New_York". A list of available timezones can be found at: http://php.net/manual/en/timezones.phpsession_block = 0|1
Set to 1 to block the use of multiple browser instances of ProcessMaker. Default is0
. For more details, go to blocking multiple browser instances.enable_blacklist = 0|1
Set to 1 to activate the Plugin/Trigger Code Security Scanner feature. For more information go here.mobileNotifications = true|false
Set to false to deactivate notifications in ProcessMaker Mobile.
mobileNotifications = false; By default, mobile notifications are enabled. If this setting is not found in the env.ini file, the default value is "true".
Document Download Restriction
The disable_download_documents_session_validation flag has been implemented to allow the download of Input Documents, Output Documents and attached files by unauthorized users in version 3.1.3 and later. This is useful if needing to include links to documents in emails and Output Documents or accessing documents through web services or REST, so that the recipient isn't forced to login to ProcessMaker to access the document.
If the disable_download_documents_session_validation flag is set to 0
or is not included in the env.ini file, documents can only be downloaded by users who have a valid login session and are allowed to access the document either as the currently assigned user to a task containing the document or through process permissions to the Input Document, Ouput Document or task containing a Dynaform with a Multiple File field.
This restriction affects:
- Input Document direct links.
- Input Documents set as steps in tasks.
- Documents uploaded using the Multiple File Uploader control.
- Documents uploaded using the File control.
- URLs to documents returned by the inputDocumentList() and outputDocumentList() web services.
- Downloading files using GET /cases/{app_uid}/input-document/{app_doc_uid}/file?v={app_doc_version}
- The
app_doc_link
property returned by GET /cases/{app_uid}/output-document/{app_doc_uid}
Remember that this restriction is enabled by default. If the user is not allowed to download the file, a "403 Access denied" error message will be displayed:
If this setting is not enabled and the user doesn't have an open login session, then clicking on a link to download an Input or Output Document file will redirect to the ProcessMaker login screen. After login, the web browser will be redirected to the URL to download the file.
This setting is often enabled when needing to include links to files in emails and Output Documents or when accessing ProcessMaker files remotely via REST or web services. However, keep in mind that enabling this setting is a security hole, since it allows files to be downloaded using their file IDs and version numbers without verifying that the downloader is a valid ProcessMaker user and has permissions to access the file. If needing to guarantee that the files saved in ProcessMaker can only be accessed by authorized users, then do NOT enable this setting.
MySQL Logging
If the debug_sql option is set to 1 (or debug is set to 1), then every SQL query to the wf_<WORKSPACE> database (which is named wf_workflow by default) will be written in the following log file:
Each line in the log file records SQL actions in the following format:
For example, here is the shared/log/propel.log file for the admin user's login from the IP address 192.168.0.168:
04:55:05.1668|dani3018|192.168.0.90|546286|executeUpdate|0.00035500526428223|INSERT INTO BLACKLISTTRY (Name, DNI) VALUES (\'Daniela\', 167)]\";s:15:\"__VAR_CHANGED__\";N;}',`APP_DRIVE_FOLDER_UID` = '' WHERE APPLICATION.APP_UID='86281452856f37325e5c2a8033826603'|app.php:61:include()->sysGeneric.php:1022:require_once()->cases_Step.php:241:updateCase()->class.case.php:1046:update()->Application.php:448:save()->BaseApplication.php:1004:doSave()->BaseApplication.php:1041:doUpdate()->BaseApplicationPeer.php:480:doUpdate()->BasePeer.php:420:executeUpdate()->PreparedStatementCommon.php:356:executeUpdate()->|GET|/sysdani3018/en/neoclassic/cases/cases_Step?TYPE=DYNAFORM&UID=80263955456d8ab9949a783019937009&POSITION=1&ACTION=EDIT|TYPE=DYNAFORM UID=80263955456d8ab9949a783019937009 POSITION=1 ACTION=EDIT
05:13:32.4765|dani3018|192.168.0.90|604648|executeUpdate|0.00020098686218262|UPDATE PMT_BLACKLISTTRY SET Name = 'Dani123' where DNI = 167|app.php:61:include()->sysGeneric.php:1022:require_once()->cases_Step.php:196:executeTriggers()->class.case.php:3575:execute()->class.pmScript.php:349:executeAndCatchErrors()->class.pmScript.php:208:eval()->class.pmScript.php(208) : eval()'d code:2:executeQuery()->class.pmFunctions.php:317:executeUpdate()->|GET|/sysdani3018/en/neoclassic/cases/cases_Step?TYPE=DYNAFORM&UID=80263955456d8ab9949a783019937009&POSITION=1&ACTION=EDIT|TYPE=DYNAFORM UID=80263955456d8ab9949a783019937009 POSITION=1 ACTION=EDIT
Logging will noticeably slow down ProcessMaker's performance, so it is not suggested to use this option except for debugging. The log file is not automatically deleted, so it will continue to append new information until the file system runs out of space. If SQL logging is enabled for long periods of time, it is a good idea to periodically delete the log file so it doesn't occupy too much hard drive space.
Note that the processing time is in seconds and milliseconds, so a time of 1.309 means 1 second and 309 milliseconds.
Blocking Multiple Browser instances
Available Version: 3.0.1.8 on.
Set the setting session_block
to 1 in the env.ini file to disallow the use of multiple browser instances of ProcessMaker. If this setting is not found in the env.ini file, the default value is 0.
This restriction affects the following tabs: Home, Designer, Dashboards, KPIs, Admin and any of the options inside them. Whenever trying to open multiple instances, the following warning page will display:
For the restriction to take effect, it is strongly recommended to log out of ProcessMaker and clear the cache of the browser.
Note: This restriction does not affect Dynaforms or Processes on the Designer tab that are automatically opened in other tabs in Internet Explorer 11 on.