diff --git a/htdocs/admin/security_file.php b/htdocs/admin/security_file.php index 42ade68a31f..8337444a81c 100644 --- a/htdocs/admin/security_file.php +++ b/htdocs/admin/security_file.php @@ -105,7 +105,10 @@ if ($action == 'updateform') { $res5 = dolibarr_set_const($db, "MAIN_ANTIVIRUS_COMMAND", trim($antivircommand), 'chaine', 0, '', $conf->entity); $res6 = dolibarr_set_const($db, "MAIN_ANTIVIRUS_PARAM", trim($antivirparam), 'chaine', 0, '', $conf->entity); $res7 = dolibarr_set_const($db, "MAIN_FILE_EXTENSION_UPLOAD_RESTRICTION", GETPOST('MAIN_FILE_EXTENSION_UPLOAD_RESTRICTION', 'alpha'), 'chaine', 0, '', $conf->entity); - if ($res3 && $res4 && $res5 && $res6 && $res7) { + + $res8 = dolibarr_set_const($db, "MAIN_SECURITY_MAXFILESIZE_DOWNLOADED", GETPOST('MAIN_SECURITY_MAXFILESIZE_DOWNLOADED', 'alpha'), 'chaine', 0, '', $conf->entity); + + if ($res3 && $res4 && $res5 && $res6 && $res7 && $res8) { setEventMessages($langs->trans("RecordModifiedSuccessfully"), null, 'mesgs'); } } @@ -152,7 +155,7 @@ print '
'; print '
'; print ''; print ''; -print ''; +print ''; print ''; print ''; @@ -230,6 +233,34 @@ print ''; print '
'.$langs->trans("Parameters").''.$langs->trans("Upload").'
'; print '
'; + +print '
'; + + +// Download options + +print '
'; +print ''; +print ''; +print ''; +print ''; +print ''; + +print ''; +print ''; +print '"; +print ''; + +print '
'.$langs->trans("Download").'
'.$langs->trans("MAIN_SECURITY_MAXFILESIZE_DOWNLOADED").'
'; +//print ''.$langs->trans("MAIN_SECURITY_MAXFILESIZE_DOWNLOADED").''; +print '		'; +print ' '.$langs->trans("Kb"); +print "
'; +print '
'; + + + + print dol_get_fiche_end(); print $form->buttonsSaveCancel("Modify", ''); diff --git a/htdocs/admin/system/security.php b/htdocs/admin/system/security.php index 7fb0bcac859..1ab324800bc 100644 --- a/htdocs/admin/system/security.php +++ b/htdocs/admin/system/security.php @@ -544,6 +544,10 @@ print '
'; print '
'; +print ''.$langs->trans("MAIN_SECURITY_MAXFILESIZE_DOWNLOADED").' = '.getDolGlobalString('MAIN_SECURITY_MAXFILESIZE_DOWNLOADED', ''.$langs->trans("Undefined").'   ('.$langs->trans("Recommended").': < 100000)')."
"; +print '
'; + + $securityevent = new Events($db); $eventstolog = $securityevent->eventstolog; @@ -835,9 +839,6 @@ if ($execmethod == 2) { print '
'; print '
'; -print 'MAIN_SECURITY_MAXFILESIZE_DOWNLOADED = '.getDolGlobalString('MAIN_SECURITY_MAXFILESIZE_DOWNLOADED', ''.$langs->trans("Undefined").'   ('.$langs->trans("Recommended").': 100000000)')."
"; -print '
'; - print 'MAIN_RESTRICTHTML_ONLY_VALID_HTML = '.(getDolGlobalString('MAIN_RESTRICTHTML_ONLY_VALID_HTML') ? '1' : ''.$langs->trans("Undefined").''); print '   ('.$langs->trans("Recommended").": 1 - does not work on HTML5 with some old libxml libs)"; diff --git a/htdocs/core/lib/admin.lib.php b/htdocs/core/lib/admin.lib.php index f6e077217da..84875812f48 100644 --- a/htdocs/core/lib/admin.lib.php +++ b/htdocs/core/lib/admin.lib.php @@ -857,7 +857,7 @@ function ihm_prepare_head() */ function security_prepare_head() { - global $db, $langs, $conf, $user; + global $db, $langs, $conf; $h = 0; $head = array(); @@ -877,7 +877,7 @@ function security_prepare_head() $h++; $head[$h][0] = DOL_URL_ROOT."/admin/security_file.php"; - $head[$h][1] = $langs->trans("Files").' ('.$langs->trans("Upload").')'; + $head[$h][1] = $langs->trans("Files").' ('.$langs->trans("UploadName").' | '.$langs->trans("Download").')'; $head[$h][2] = 'file'; $h++; diff --git a/htdocs/core/lib/geturl.lib.php b/htdocs/core/lib/geturl.lib.php index 68f8d5faf3d..bb16e3cc418 100644 --- a/htdocs/core/lib/geturl.lib.php +++ b/htdocs/core/lib/geturl.lib.php @@ -123,10 +123,10 @@ function getURLContent($url, $postorget = 'GET', $param = '', $followlocation = // limit size of downloaded files. $maxsize = getDolGlobalInt('MAIN_SECURITY_MAXFILESIZE_DOWNLOADED'); if ($maxsize && defined('CURLOPT_MAXFILESIZE_LARGE')) { - curl_setopt($ch, CURLOPT_MAXFILESIZE_LARGE, $maxsize); // @phan-suppress-current-line PhanTypeMismatchArgumentNullableInternal + curl_setopt($ch, CURLOPT_MAXFILESIZE_LARGE, $maxsize * 1024); // @phan-suppress-current-line PhanTypeMismatchArgumentNullableInternal } if ($maxsize && defined('CURLOPT_MAXFILESIZE')) { - curl_setopt($ch, CURLOPT_MAXFILESIZE, $maxsize); + curl_setopt($ch, CURLOPT_MAXFILESIZE, $maxsize * 1024); } //curl_setopt($ch, CURLOPT_SAFE_UPLOAD, true); // PHP 5.5 diff --git a/htdocs/langs/en_US/admin.lang b/htdocs/langs/en_US/admin.lang index 7fdbda297f4..be4e4146655 100644 --- a/htdocs/langs/en_US/admin.lang +++ b/htdocs/langs/en_US/admin.lang @@ -2655,3 +2655,5 @@ Blocking=Blocking NoBlocking=No blocking MULTICURRENCY_APP_ENDPOINT=API endpoint URL to get live multicurrencies from a source currency NoWebsite=No website +UploadName=Upload +MAIN_SECURITY_MAXFILESIZE_DOWNLOADED=Max size of downloaded files diff --git a/htdocs/webportal/controllers/document.controller.class.php b/htdocs/webportal/controllers/document.controller.class.php index 6ea2e265d61..f252ae722bf 100644 --- a/htdocs/webportal/controllers/document.controller.class.php +++ b/htdocs/webportal/controllers/document.controller.class.php @@ -216,7 +216,7 @@ class DocumentController extends Controller $fileSizeMax = getDolGlobalInt('MAIN_SECURITY_MAXFILESIZE_DOWNLOADED'); if ($fileSizeMax && $fileSize > $fileSizeMax) { dol_syslog('ErrorFileSizeTooLarge: ' . $fileSize); - print 'ErrorFileSizeTooLarge: ' . $fileSize . ' (max ' . $fileSizeMax . ')'; + print 'ErrorFileSizeTooLarge: ' . $fileSize . ' (max ' . $fileSizeMax . ' Kb)'; exit; }