diff options
| author | Arthur Schiwon <blizzz@owncloud.com> | 2012-04-13 11:25:38 +0200 |
|---|---|---|
| committer | Arthur Schiwon <blizzz@owncloud.com> | 2012-04-13 11:25:38 +0200 |
| commit | b95f561bf29094421b827bb1fcae96122ebf8f4a (patch) | |
| tree | 765b4cafca1a7c658ff6d6df6f8ca443a3760ce8 /lib/files.php | |
| parent | 1bd27891e2d0f62f4ab9588dec9ca12b79e50030 (diff) | |
| download | nextcloud-server-b95f561bf29094421b827bb1fcae96122ebf8f4a.tar.gz nextcloud-server-b95f561bf29094421b827bb1fcae96122ebf8f4a.zip | |
file settings: let people set no more than upper boundary for file uploads, but they should can really go up to the limit
Diffstat (limited to 'lib/files.php')
| -rw-r--r-- | lib/files.php | 18 |
1 files changed, 13 insertions, 5 deletions
diff --git a/lib/files.php b/lib/files.php index 473be51fdd1..051cfd4b81c 100644 --- a/lib/files.php +++ b/lib/files.php @@ -317,14 +317,22 @@ class OC_Files { /** * set the maximum upload size limit for apache hosts using .htaccess * @param int size filesisze in bytes - * @return mixed false on failure, size on success + * @return false on failure, size on success */ static function setUploadLimit($size){ - $size=OC_Helper::humanFileSize($size); - $size=substr($size,0,-1);//strip the B - $size=str_replace(' ','',$size); //remove the space between the size and the postfix + //don't allow user to break his config -- upper boundary + if($size > PHP_INT_MAX) { + //max size is always 1 byte lower than computerFileSize returns + if($size > PHP_INT_MAX+1) + return false; + $size -=1; + } else { + $size=OC_Helper::humanFileSize($size); + $size=substr($size,0,-1);//strip the B + $size=str_replace(' ','',$size); //remove the space between the size and the postfix + } - //don't allow user to break his config + //don't allow user to break his config -- broken or malicious size input if(intval($size) == 0) { return false; } |