diff options
author | Arthur Schiwon <blizzz@owncloud.com> | 2012-04-13 11:25:38 +0200 |
---|---|---|
committer | Arthur Schiwon <blizzz@owncloud.com> | 2012-04-13 11:25:38 +0200 |
commit | b95f561bf29094421b827bb1fcae96122ebf8f4a (patch) | |
tree | 765b4cafca1a7c658ff6d6df6f8ca443a3760ce8 | |
parent | 1bd27891e2d0f62f4ab9588dec9ca12b79e50030 (diff) | |
download | nextcloud-server-b95f561bf29094421b827bb1fcae96122ebf8f4a.tar.gz nextcloud-server-b95f561bf29094421b827bb1fcae96122ebf8f4a.zip |
file settings: let people set no more than upper boundary for file uploads, but they should can really go up to the limit
-rw-r--r-- | files/admin.php | 1 | ||||
-rw-r--r-- | files/templates/admin.php | 2 | ||||
-rw-r--r-- | lib/files.php | 18 |
3 files changed, 15 insertions, 6 deletions
diff --git a/files/admin.php b/files/admin.php index 04ef6a4e828..4ae3ee51236 100644 --- a/files/admin.php +++ b/files/admin.php @@ -54,6 +54,7 @@ OC_App::setActiveNavigationEntry( "files_administration" ); $tmpl = new OC_Template( 'files', 'admin' ); $tmpl->assign( 'htaccessWorking', $htaccessWorking ); $tmpl->assign( 'uploadMaxFilesize', $maxUploadFilesize); +$tmpl->assign( 'maxPossibleUploadSize', OC_Helper::humanFileSize(PHP_INT_MAX)); $tmpl->assign( 'allowZipDownload', $allowZipDownload); $tmpl->assign( 'maxZipInputSize', $maxZipInputSize); return $tmpl->fetchPage();
\ No newline at end of file diff --git a/files/templates/admin.php b/files/templates/admin.php index 730f55f2768..9bcc40e9361 100644 --- a/files/templates/admin.php +++ b/files/templates/admin.php @@ -4,7 +4,7 @@ <fieldset class="personalblock"> <legend><strong><?php echo $l->t('File handling');?></strong></legend> <?php if($_['htaccessWorking']):?> - <label for="maxUploadSize"><?php echo $l->t( 'Maximum upload size' ); ?> </label><input name='maxUploadSize' id="maxUploadSize" value='<?php echo $_['uploadMaxFilesize'] ?>'/><br/> + <label for="maxUploadSize"><?php echo $l->t( 'Maximum upload size' ); ?> </label><input name='maxUploadSize' id="maxUploadSize" value='<?php echo $_['uploadMaxFilesize'] ?>'/>(<?php echo $l->t('max. possible: '); echo $_['maxPossibleUploadSize'] ?>)<br/> <?php endif;?> <input type="checkbox" name="allowZipDownload" id="allowZipDownload" value="1" title="<?php echo $l->t( 'Needed for multi-file and folder downloads.' ); ?>"<?php if ($_['allowZipDownload']) echo ' checked="checked"'; ?> /> <label for="allowZipDownload"><?php echo $l->t( 'Enable ZIP-download' ); ?></label> <br/> <fieldset class="personalblock"> diff --git a/lib/files.php b/lib/files.php index 473be51fdd1..051cfd4b81c 100644 --- a/lib/files.php +++ b/lib/files.php @@ -317,14 +317,22 @@ class OC_Files { /** * set the maximum upload size limit for apache hosts using .htaccess * @param int size filesisze in bytes - * @return mixed false on failure, size on success + * @return false on failure, size on success */ static function setUploadLimit($size){ - $size=OC_Helper::humanFileSize($size); - $size=substr($size,0,-1);//strip the B - $size=str_replace(' ','',$size); //remove the space between the size and the postfix + //don't allow user to break his config -- upper boundary + if($size > PHP_INT_MAX) { + //max size is always 1 byte lower than computerFileSize returns + if($size > PHP_INT_MAX+1) + return false; + $size -=1; + } else { + $size=OC_Helper::humanFileSize($size); + $size=substr($size,0,-1);//strip the B + $size=str_replace(' ','',$size); //remove the space between the size and the postfix + } - //don't allow user to break his config + //don't allow user to break his config -- broken or malicious size input if(intval($size) == 0) { return false; } |