file settings: let people set no more than upper boundary for file uploads, but they should can really go up to the limit

This commit is contained in:
Arthur Schiwon 2012-04-13 11:25:38 +02:00
parent 1bd27891e2
commit b95f561bf2
3 changed files with 15 additions and 6 deletions

View File

@ -54,6 +54,7 @@ OC_App::setActiveNavigationEntry( "files_administration" );
$tmpl = new OC_Template( 'files', 'admin' );
$tmpl->assign( 'htaccessWorking', $htaccessWorking );
$tmpl->assign( 'uploadMaxFilesize', $maxUploadFilesize);
$tmpl->assign( 'maxPossibleUploadSize', OC_Helper::humanFileSize(PHP_INT_MAX));
$tmpl->assign( 'allowZipDownload', $allowZipDownload);
$tmpl->assign( 'maxZipInputSize', $maxZipInputSize);
return $tmpl->fetchPage();

View File

@ -4,7 +4,7 @@
<fieldset class="personalblock">
<legend><strong><?php echo $l->t('File handling');?></strong></legend>
<?php if($_['htaccessWorking']):?>
<label for="maxUploadSize"><?php echo $l->t( 'Maximum upload size' ); ?> </label><input name='maxUploadSize' id="maxUploadSize" value='<?php echo $_['uploadMaxFilesize'] ?>'/><br/>
<label for="maxUploadSize"><?php echo $l->t( 'Maximum upload size' ); ?> </label><input name='maxUploadSize' id="maxUploadSize" value='<?php echo $_['uploadMaxFilesize'] ?>'/>(<?php echo $l->t('max. possible: '); echo $_['maxPossibleUploadSize'] ?>)<br/>
<?php endif;?>
<input type="checkbox" name="allowZipDownload" id="allowZipDownload" value="1" title="<?php echo $l->t( 'Needed for multi-file and folder downloads.' ); ?>"<?php if ($_['allowZipDownload']) echo ' checked="checked"'; ?> /> <label for="allowZipDownload"><?php echo $l->t( 'Enable ZIP-download' ); ?></label> <br/>
<fieldset class="personalblock">

View File

@ -317,14 +317,22 @@ class OC_Files {
/**
* set the maximum upload size limit for apache hosts using .htaccess
* @param int size filesisze in bytes
* @return mixed false on failure, size on success
* @return false on failure, size on success
*/
static function setUploadLimit($size){
//don't allow user to break his config -- upper boundary
if($size > PHP_INT_MAX) {
//max size is always 1 byte lower than computerFileSize returns
if($size > PHP_INT_MAX+1)
return false;
$size -=1;
} else {
$size=OC_Helper::humanFileSize($size);
$size=substr($size,0,-1);//strip the B
$size=str_replace(' ','',$size); //remove the space between the size and the postfix
}
//don't allow user to break his config
//don't allow user to break his config -- broken or malicious size input
if(intval($size) == 0) {
return false;
}