<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE overlay PUBLIC "-//EGroupware GmbH//eTemplate 2//EN" "http://www.egroupware.org/etemplate2.dtd">
<!-- $Id$ -->
<overlay>
	<template id="admin.config.general" template="" lang="" group="0" version="18.1">
		<grid width="100%" class="admin-config egwGridView_grid">
			<columns>
				<column width="70%"/>
				<column/>
			</columns>
			<rows>
				<row>
					<description value="Should the login page include a language selectbox (useful for demo-sites) ?" label="%s:"/>
					<select id="newsettings[login_show_language_selection]">
						<option value="">No</option>
						<option value="True">Yes</option>
					</select>
				</row>
				<row>
					<description value="How should EMail addresses for new users be constructed?" label="%s:"/>
					<vbox>
						<select id="newsettings[email_address_format]">
							<option value="first-dot-last">{Firstname}.{Lastname}@domain.com</option>
							<option value="first-last">{Firstname}{Lastname}@domain.com</option>
							<option value="first-underscore-last">{Firstname}_{Lastname}@domain.com</option>
							<option value="initial-last">{Initial}{Lastname}@domain.com</option>
							<option value="initial-dot-last">{Initial}.{Lastname}@domain.com</option>
							<option value="last-dot-first">{Lastname}.{Firstname}@domain.com</option>
							<option value="last-first">{Lastname}{Firstname}@domain.com</option>
							<option value="last-underscore-first">{Lastname}_{Firstname}@domain.com</option>
							<option value="last">{Lastname}@domain.com</option>
							<option value="first">{Firstname}@domain.com</option>
							<option value="account">{Username}@domain.com</option>
							<option value="none">Do not generate EMail addresses</option>
						</select>
						<checkbox label="Lowercase EMail addresses" id="newsettings[email_address_lowercase]" value="true"/>
					</vbox>
				</row>
				<row>
					<description value="Enter the VFS-Path where additional images, icons or logos can be placed (and found by EGroupwares applications). The path MUST start with /,and be readable by all users" label="%s:"/>
					<textbox id="newsettings[vfs_image_dir]" size="40"/>
				</row>
				<row>
					<description value="Log user-agent and action of changes in history-log of entries" label="%s:"/>
					<select id="newsettings[log_user_agent_action]">
						<option value="">No</option>
						<option value="True">Yes</option>
					</select>
				</row>
				<row>
					<description value="Offer to installing EGroupware as mail-handler" label="%s:"/>
					<select id="newsettings[install_mailto_handler]">
						<option value="">Yes - {Default}</option>
						<option value="disabled">{No}</option>
					</select>
				</row>
				<!-- remove currently not supported/necessary development option debug_minify
				<row>
					<description value="Disable minifying of javascript and CSS files" label="%s:"/>
					<select id="newsettings[debug_minify]">
						<option value="">{No} - {Default}</option>
						<option value="True">Yes</option>
					</select>
				</row -->
				<row>
					<description value="Encryption" span="all" class="subHeader"/>
				</row>
				<row>
					<description value="Disable PGP encryption (Mailvelope)" label="%s:"/>
					<select id="newsettings[disable_pgp_encryption]">
						<option value="">{No} - {Default}</option>
						<option value="True">Yes</option>
					</select>
				</row>
			</rows>
		</grid>
	</template>
	<template id="admin.config.appearance" template="" lang="" group="0" version="18.1">
		<grid width="100%" class="admin-config egwGridView_grid">
			<columns>
				<column width="70%"/>
				<column/>
			</columns>
			<rows>
				<row>
					<description value="Enter the title for your site" label="%s:"/>
					<textbox id="newsettings[site_title]"/>
				</row>
				<row>
					<description value="Upload your logo or enter the URL" label="%s:"/>
					<vbox>
						<taglist-thumbnail id="newsettings[login_logo_file]" width="100%" allowFreeEntries="true" maxSelection="1" />
						<file onchange="egw.json('admin.admin_config.ajax_upload_anon_images',[widget.get_value(), []], function(_data){widget._parent._children[0].set_value(_data)}).sendRequest()" width="100%" label="upload"/>
					</vbox>
				</row>
				<row>
					<description value="Upload your header logo or enter the URL (leave it empty if it is the same as login logo)" label="%s:"/>
					<vbox>
						<taglist-thumbnail id="newsettings[login_logo_header]" width="100%"  allowFreeEntries="true" maxSelection="1"/>
						<file onchange="egw.json('admin.admin_config.ajax_upload_anon_images',[widget.get_value(), []], function(_data){widget._parent._children[0].set_value(_data)}).sendRequest()" width="100%" label="upload"/>
					</vbox>
				</row>
				<row>
					<description value="Enter the url where your logo should link to" label="%s:"/>
					<textbox id="newsettings[login_logo_url]" width="100%"/>
				</row>
				<row>
					<description value="Enter the title of your logo" label="%s:"/>
					<textbox id="newsettings[login_logo_title]" width="100%"/>
				</row>
				<row>
					<vbox>
						<description value="Upload your background image or enter the URL" label="%s:"/>
						<description value="If you wish to have randomly selected images you may upload multiple images."/>
					</vbox>
					<vbox>
						<taglist-thumbnail id="newsettings[login_background_file]" width="100%" allowFreeEntries="true" empty_label="Upload your background image or enter the URL"/>
						<file width="100%" label="upload" onchange="app.admin.login_background_update"/>
					</vbox>
				</row>
				<row>
					<description value="Upload your favicon or enter the URL" label="%s:"/>
					<vbox>
						<taglist-thumbnail id="newsettings[favicon_file]" class="et2_fullWidth"/>
						<file width="100%" label="upload" onchange="egw.json('admin.admin_config.ajax_upload_anon_images',[widget.get_value(), []], function(_data){widget._parent._children[0].set_value(_data)}).sendRequest()"/>
					</vbox>
				</row>
				<row>
					<description value="How big should thumbnails for linked images be (maximum in pixels) ?" label="%s:"/>
					<textbox id="newsettings[link_list_thumbnail]" size="5"/>
				</row>
				<!-- disable spellcheck config in favor to always use browser native spellchecker
				<row>
					<description value="Enable spellcheck in rich text editor" label="%s:"/>
					<select id="newsettings[enabled_spellcheck]">
						<option value="">{No} - {more secure}</option>
						<option value="True">Yes</option>
						<option value="YesNoSCAYT">Yes, but no SCAYT</option>
						<option value="YesBrowserBased">{Yes, use browser based spell checking engine} - {more secure}</option>
						<option value="YesUseWebSpellCheck">Yes, use WebSpellChecker</option>
					</select>
				</row> -->
				<row>
					<description value="Applications available on mobile devices" label="%s:"/>
					<select-app id="newsettings[fw_mobile_app_list]" multiple="true" tags="true" other=",enabled:home;groupdav;sitemgr-link;sitemgr;developer_tools;etemplate;stylite;archive;importexport;activesync;notifications;esyncpro;preferences;registration" width="100%"/>
				</row>
			</rows>
		</grid>
	</template>
	<template id="admin.config.security" template="" lang="" group="0" version="18.1">
		<grid width="100%" class="admin-config egwGridView_grid">
			<columns>
				<column width="70%"/>
				<column/>
			</columns>
			<rows>
				<row>
					<description value="2-Factor-Authentication" span="all" class="subHeader"/>
				</row>
				<row>
					<description value="2-Factor-Authentication for interactive login" label="%s:"/>
					<select id="newsettings[2fa_required]">
						<option value="">show as optional, but required once user has it setup</option>
						<option value="required">show as required, but only once user has it setup</option>
						<option value="strict">strictly required, user can not login without</option>
						<option value="disabled">disabled, do not show on login page</option>
					</select>
				</row>
				<row>
					<vbox>
						<description value="Allow user to set 'Remember me' token" label="%s:"/>
						<description value="Requires 'OpenID / OAuth2 Server' app." label="(%s)"/>
					</vbox>
					<vbox>
						<select id="newsettings[remember_me_token]">
							<option value="">allowed just as second factor</option>
							<option value="always">direct login without password or second factor</option>
							<option value="disabled">disabled, do not show on login page</option>
						</select>
						<description value="If disabled existing tokens immediatly stop working." label="(%s)"/>
					</vbox>
				</row>
				<row>
					<description value="Lifetime of 'Remember me' token" label="%s:"/>
					<select id="newsettings[remember_me_lifetime]">
						<option value="">{default of currently} {1 month}</option>
						<option value="P1W">1 week</option>
						<option value="P2W">2 weeks</option>
						<option value="P1M">1 month</option>
						<option value="P2M">2 month</option>
						<option value="P3M">3 month</option>
						<option value="P6M">6 month</option>
						<option value="P1Y">1 year</option>
						<option value="user">User choice</option>
					</select>
				</row>

				<row>
					<description value="Blocking after wrong password" span="all" class="subHeader"/>
				</row>
				<row>
					<description value="After how many unsuccessful attempts to login, an account should be blocked (default 3) ?" label="%s:"/>
					<textbox id="newsettings[num_unsuccessful_id]" size="5"/>
				</row>
				<row>
					<description value="After how many unsuccessful attempts to login, an IP should be blocked (default 15) ?" label="%s:"/>
					<textbox id="newsettings[num_unsuccessful_ip]" size="5"/>
				</row>
				<row>
					<description value="Comma-separated IP addresses white-listed from above blocking (:optional number of attempts)"/>
					<textbox id="newsettings[unsuccessful_ip_whitelist]" size="64" blur="X.X.X.X[:N], ..."
						validator="/^(((\\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))\.(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))\.(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))\.(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))(:\d+)?)(, ?((\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))\.(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))\.(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))\.(\d|[1-9]\d|1\d\d|2([0-4]\d|5[0-5]))(:\d+)?))*)?$/"/>
				</row>
				<row>
					<description value="How many minutes should an account or IP be blocked (default 1) ?" label="%s:"/>
					<textbox id="newsettings[block_time]" size="5"/>
				</row>

				<row>
					<description value="Sessions" span="all" class="subHeader"/>
				</row>
				<row>
					<vbox>
						<description value="check ip address of all sessions"/>
						<description value="switch it off, if users are randomly thrown out" label="%s:"/>
						<description value="Your session could not be verified."/>
					</vbox>
					<select id="newsettings[sessions_checkip]">
						<option value="True">{Yes} - {more secure}</option>
						<option value="">No</option>
					</select>
				</row>
				<row>
					<description value="Use secure cookies (transmitted only via https)"/>
					<select id="newsettings[insecure_cookies]">
						<option value="">{Yes} - {more secure}</option>
						<option value="insecure">No</option>
					</select>
				</row>
				<row>
					<description value="SameSite cookie attribute (send cookie if browser addressbar show a different domain)"/>
					<select id="newsettings[cookie_samesite_attribute]">
						<option value="">{Do not set attribute} - {current default}</option>
						<option value="Lax">"Lax" - {allowed for get requests, default in modern browsers, if attribute is not set}</option>
						<option value="Strict">"Strict" - {do not send cookie} - {more secure}</option>
						<option value="None">"None" - {required to embed EGroupware via iframe eg. for LTI}</option>
					</select>
				</row>
				<row>
					<description value="Cookie path (allows multiple eGW sessions with different directories, has problemes with SiteMgr!)" label="%s:"/>
					<select id="newsettings[cookiepath]">
						<option value="">Document root (default)</option>
						<option value="egroupware">EGroupware directory</option>
					</select>
				</row>
				<row>
					<description value="Cookie domain (default empty means use full domain name, for SiteMgr eg. &quot;.domain.com&quot; allows to use the same cookie for egw.domain.com and www.domain.com)" label="%s:"/>
					<textbox id="newsettings[cookiedomain]"/>
				</row>

				<row>
					<description value="Passwords" span="all" class="subHeader"/>
				</row>
				<row>
					<description value="Force users to change their password regularily?(empty for no,number for after that number of days" label="%s:"/>
					<textbox id="newsettings[change_pwd_every_x_days]" size="5"/>
				</row>
				<row>
					<description value="Warn users about the need to change their password? The number set here should be lower than the value used to enforce the change of passwords every X days. Only effective when enforcing of password change is enabled. (empty for no,number for number of days before they must change)" label="%s:"/>
					<textbox id="newsettings[warn_about_upcoming_pwd_change]" size="5"/>
				</row>
				<row>
					<description value="Passwords require a minimum number of characters" label="%s:"/>
					<select id="newsettings[force_pwd_length]">
						<option value="">None</option>
						<option value="6">6</option>
						<option value="7">7</option>
						<option value="8">8</option>
						<option value="10">10</option>
						<option value="12">12</option>
						<option value="14">14</option>
						<option value="16">16</option>
					</select>
				</row>
				<row>
					<vbox>
						<description value="Passwords requires this number of different character classes"/>
						<description value="Uppercase, lowercase, number, special char" label="(%s)"/>
					</vbox>
					<select id="newsettings[force_pwd_strength]">
						<option value="">None</option>
						<option value="2">2</option>
						<option value="3">3</option>
						<option value="4">4</option>
					</select>
				</row>
				<row>
					<description value="Reject passwords containing part of username or full name (3 or more characters long)" label="%s:"/>
					<select id="newsettings[passwd_forbid_name]">
						<option value="no">No</option>
						<option value="yes">Yes</option>
					</select>
				</row>

				<row>
					<description value="Other security configuration" span="all" class="subHeader"/>
				</row>
				<row>
					<description value="Deny all users access to grant other users access to their entries ?" label="%s:"/>
					<select id="newsettings[deny_user_grants_access]">
						<option value="">No</option>
						<option value="True">Yes</option>
					</select>
				</row>
				<!--
				<row>
					<description value="Default file system space per user"/>
					<textbox id="newsettings[vfs_default_account_size_number]" type="text" size="7"/>

     <td>{Default_file_system_space_per_user}/{group_?}:</td>
     <td>
      <input type="text" name="newsettings[vfs_default_account_size_number]" size="7" value="{value_vfs_default_account_size_number}">&nbsp;&nbsp;
      <select name="newsettings[vfs_default_account_size_type]">
       <option value="gb"{selected_vfs_default_account_size_type_gb}>GB</option>
       <option value="mb"{selected_vfs_default_account_size_type_mb}>MB</option>
       <option value="kb"{selected_vfs_default_account_size_type_kb}>KB</option>
       <option value="b"{selected_vfs_default_account_size_type_b}>B</option>
      </select>
     </td>
    				</row> -->
				<row>
					<description value="How many days should entries stay in the access log, before they get deleted (default 90) ?" label="%s:"/>
					<textbox id="newsettings[max_access_log_age]" size="5"/>
				</row>
				<row>
					<description value="Admin email addresses (comma-separated) to be notified about the blocking (empty for no notify)" label="%s:"/>
					<textbox id="newsettings[admin_mails]" size="40"/>
				</row>
				<!-- not used at the moment RalfBecker 2007/05/17
				<row>
					<description value="Disable &quot;auto completion&quot; of the login form " label="%s:"/>
					<select id="newsettings[autocomplete_login]">
						<option value="">No</option>
						<option value="True">Yes</option>
					</select>
				</row> -->
				<row>
					<vbox>
						<description value="How many entries should non-admins be able to export (empty = no limit, no = no export)"/>
						<description value="This controls exports and merging."/>
					</vbox>
					<textbox id="newsettings[export_limit]" size="5"/>
				</row>
				<row>
					<description value="Group excepted from above export limit (admins are always excepted)" label="%s:"/>
					<select-account id="newsettings[export_limit_excepted]" account_type="groups" multiple="true" tags="true" width="100%"/>
				</row>
				<row>
					<vbox>
						<description value="Allow remote administration from following install ID's (comma separated)"/>
						<description id="newsettings[install_id]" label="Own install ID:"/>
					</vbox>
					<textbox id="newsettings[allow_remote_admin]" size="40"/>
				</row>
				<row>
					<description value="Should exceptions contain a trace (including function arguments)" label="%s:"/>
					<select id="newsettings[exception_show_trace]">
						<option value="">{No} - {more secure}</option>
						<option value="True">Yes</option>
					</select>
				</row>
				<row>
					<description value="Google recaptcha" span="all" class="subHeader"/>
				</row>
				<row>
					<vbox>
						<description value="Google recaptcha secret key" label="%s:"/>
						<description value="This secret key used for communication between your site and Google. Be sure to keep it a secret."/>
					</vbox>
					<textbox id="newsettings[recaptcha_secret]" size="60"/>
				</row>
				<row>
					<vbox>
						<description value="Google recaptcha site key" label="%s:"/>
						<description value="This key used in the HTML code your site serves to users." />
					</vbox>
					<textbox id="newsettings[recaptcha_site]" size="60"/>
				</row>
			</rows>
		</grid>
	</template>
	<template id="admin.config" template="" lang="" group="0" version="18.1">
		<tabbox id="tabs" width="100%">
			<tabs>
				<tab id="general" label="General"/>
				<tab id="appearance" label="Appearance"/>
				<tab id="security" label="Security"/>
			</tabs>
			<tabpanels>
				<template id="admin.config.general"/>
				<template id="admin.config.appearance"/>
				<template id="admin.config.security"/>
			</tabpanels>
		</tabbox>
	</template>
</overlay>