file settings: let people set no more than upper boundary for file uploads, but they should can really go up to the limit
This commit is contained in:
parent
1bd27891e2
commit
b95f561bf2
|
@ -54,6 +54,7 @@ OC_App::setActiveNavigationEntry( "files_administration" );
|
||||||
$tmpl = new OC_Template( 'files', 'admin' );
|
$tmpl = new OC_Template( 'files', 'admin' );
|
||||||
$tmpl->assign( 'htaccessWorking', $htaccessWorking );
|
$tmpl->assign( 'htaccessWorking', $htaccessWorking );
|
||||||
$tmpl->assign( 'uploadMaxFilesize', $maxUploadFilesize);
|
$tmpl->assign( 'uploadMaxFilesize', $maxUploadFilesize);
|
||||||
|
$tmpl->assign( 'maxPossibleUploadSize', OC_Helper::humanFileSize(PHP_INT_MAX));
|
||||||
$tmpl->assign( 'allowZipDownload', $allowZipDownload);
|
$tmpl->assign( 'allowZipDownload', $allowZipDownload);
|
||||||
$tmpl->assign( 'maxZipInputSize', $maxZipInputSize);
|
$tmpl->assign( 'maxZipInputSize', $maxZipInputSize);
|
||||||
return $tmpl->fetchPage();
|
return $tmpl->fetchPage();
|
|
@ -4,7 +4,7 @@
|
||||||
<fieldset class="personalblock">
|
<fieldset class="personalblock">
|
||||||
<legend><strong><?php echo $l->t('File handling');?></strong></legend>
|
<legend><strong><?php echo $l->t('File handling');?></strong></legend>
|
||||||
<?php if($_['htaccessWorking']):?>
|
<?php if($_['htaccessWorking']):?>
|
||||||
<label for="maxUploadSize"><?php echo $l->t( 'Maximum upload size' ); ?> </label><input name='maxUploadSize' id="maxUploadSize" value='<?php echo $_['uploadMaxFilesize'] ?>'/><br/>
|
<label for="maxUploadSize"><?php echo $l->t( 'Maximum upload size' ); ?> </label><input name='maxUploadSize' id="maxUploadSize" value='<?php echo $_['uploadMaxFilesize'] ?>'/>(<?php echo $l->t('max. possible: '); echo $_['maxPossibleUploadSize'] ?>)<br/>
|
||||||
<?php endif;?>
|
<?php endif;?>
|
||||||
<input type="checkbox" name="allowZipDownload" id="allowZipDownload" value="1" title="<?php echo $l->t( 'Needed for multi-file and folder downloads.' ); ?>"<?php if ($_['allowZipDownload']) echo ' checked="checked"'; ?> /> <label for="allowZipDownload"><?php echo $l->t( 'Enable ZIP-download' ); ?></label> <br/>
|
<input type="checkbox" name="allowZipDownload" id="allowZipDownload" value="1" title="<?php echo $l->t( 'Needed for multi-file and folder downloads.' ); ?>"<?php if ($_['allowZipDownload']) echo ' checked="checked"'; ?> /> <label for="allowZipDownload"><?php echo $l->t( 'Enable ZIP-download' ); ?></label> <br/>
|
||||||
<fieldset class="personalblock">
|
<fieldset class="personalblock">
|
||||||
|
|
|
@ -317,14 +317,22 @@ class OC_Files {
|
||||||
/**
|
/**
|
||||||
* set the maximum upload size limit for apache hosts using .htaccess
|
* set the maximum upload size limit for apache hosts using .htaccess
|
||||||
* @param int size filesisze in bytes
|
* @param int size filesisze in bytes
|
||||||
* @return mixed false on failure, size on success
|
* @return false on failure, size on success
|
||||||
*/
|
*/
|
||||||
static function setUploadLimit($size){
|
static function setUploadLimit($size){
|
||||||
|
//don't allow user to break his config -- upper boundary
|
||||||
|
if($size > PHP_INT_MAX) {
|
||||||
|
//max size is always 1 byte lower than computerFileSize returns
|
||||||
|
if($size > PHP_INT_MAX+1)
|
||||||
|
return false;
|
||||||
|
$size -=1;
|
||||||
|
} else {
|
||||||
$size=OC_Helper::humanFileSize($size);
|
$size=OC_Helper::humanFileSize($size);
|
||||||
$size=substr($size,0,-1);//strip the B
|
$size=substr($size,0,-1);//strip the B
|
||||||
$size=str_replace(' ','',$size); //remove the space between the size and the postfix
|
$size=str_replace(' ','',$size); //remove the space between the size and the postfix
|
||||||
|
}
|
||||||
|
|
||||||
//don't allow user to break his config
|
//don't allow user to break his config -- broken or malicious size input
|
||||||
if(intval($size) == 0) {
|
if(intval($size) == 0) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue