Merge pull request #17182 from owncloud/user_ini_upload_size

Update .user.ini when setting upload size limit

1 files changed, 57 insertions, 34 deletions

diff --git a/lib/private/files.php b/lib/private/files.php
index b61d09d8a0c..6268bf8a129 100644
--- a/lib/private/files.php
+++ b/lib/private/files.php
@@ -21,6 +21,7 @@
  * @author Thomas Müller <thomas.mueller@tmit.eu>
  * @author Valerio Ponte <valerio.ponte@gmail.com>
  * @author Vincent Petry <pvince81@owncloud.com>
+ * @author Robin McCorkell <rmccorkell@karoshi.org.uk>
  *
  * @copyright Copyright (c) 2015, ownCloud, Inc.
  * @license AGPL-3.0
@@ -268,58 +269,80 @@ class OC_Files {
 	 * set the maximum upload size limit for apache hosts using .htaccess
 	 *
 	 * @param int $size file size in bytes
+	 * @param array $files override '.htaccess' and '.user.ini' locations
 	 * @return bool false on failure, size on success
 	 */
-	static function setUploadLimit($size) {
+	public static function setUploadLimit($size, $files = []) {
 		//don't allow user to break his config
-		if ($size > PHP_INT_MAX) {
-			//max size is always 1 byte lower than computerFileSize returns
-			if ($size > PHP_INT_MAX + 1)
-				return false;
-			$size -= 1;
-		}
+		$size = intval($size);
 		if ($size < self::UPLOAD_MIN_LIMIT_BYTES) {
 			return false;
 		}
 		$size = OC_Helper::phpFileSize($size);
 
-		//don't allow user to break his config -- broken or malicious size input
-		if (intval($size) === 0) {
-			return false;
-		}
-
-		//suppress errors in case we don't have permissions for
-		$htaccess = @file_get_contents(OC::$SERVERROOT . '/.htaccess');
-		if (!$htaccess) {
-			return false;
-		}
-
 		$phpValueKeys = array(
 			'upload_max_filesize',
 			'post_max_size'
 		);
 
-		foreach ($phpValueKeys as $key) {
-			$pattern = '/php_value ' . $key . ' (\S)*/';
-			$setting = 'php_value ' . $key . ' ' . $size;
-			$hasReplaced = 0;
-			$content = preg_replace($pattern, $setting, $htaccess, 1, $hasReplaced);
-			if ($content !== null) {
-				$htaccess = $content;
+		// default locations if not overridden by $files
+		$files = array_merge([
+			'.htaccess' => OC::$SERVERROOT . '/.htaccess',
+			'.user.ini' => OC::$SERVERROOT . '/.user.ini'
+		], $files);
+
+		$updateFiles = [
+			$files['.htaccess'] => [
+				'pattern' => '/php_value %1$s (\S)*/',
+				'setting' => 'php_value %1$s %2$s'
+			],
+			$files['.user.ini'] => [
+				'pattern' => '/%1$s=(\S)*/',
+				'setting' => '%1$s=%2$s'
+			]
+		];
+
+		$success = true;
+
+		foreach ($updateFiles as $filename => $patternMap) {
+			// suppress warnings from fopen()
+			$handle = @fopen($filename, 'r+');
+			if (!$handle) {
+				\OCP\Util::writeLog('files',
+					'Can\'t write upload limit to ' . $filename . '. Please check the file permissions',
+					\OCP\Util::WARN);
+				$success = false;
+				continue; // try to update as many files as possible
 			}
-			if ($hasReplaced === 0) {
-				$htaccess .= "\n" . $setting;
+
+			$content = '';
+			while (!feof($handle)) {
+				$content .= fread($handle, 1000);
 			}
+
+			foreach ($phpValueKeys as $key) {
+				$pattern = vsprintf($patternMap['pattern'], [$key]);
+				$setting = vsprintf($patternMap['setting'], [$key, $size]);
+				$hasReplaced = 0;
+				$newContent = preg_replace($pattern, $setting, $content, 1, $hasReplaced);
+				if ($newContent !== null) {
+					$content = $newContent;
+				}
+				if ($hasReplaced === 0) {
+					$content .= "\n" . $setting;
+				}
+			}
+
+			// write file back
+			ftruncate($handle, 0);
+			rewind($handle);
+			fwrite($handle, $content);
+
+			fclose($handle);
 		}
 
-		//check for write permissions
-		if (is_writable(OC::$SERVERROOT . '/.htaccess')) {
-			file_put_contents(OC::$SERVERROOT . '/.htaccess', $htaccess);
+		if ($success) {
 			return OC_Helper::computerFileSize($size);
-		} else {
-			\OCP\Util::writeLog('files',
-				'Can\'t write upload limit to ' . OC::$SERVERROOT . '/.htaccess. Please check the file permissions',
-				\OCP\Util::WARN);
 		}
 		return false;
 	}