From da576baab92535c612899a22e530ad494088cad0 Mon Sep 17 00:00:00 2001 From: Andreas Schneider Date: Wed, 10 Jul 2019 18:25:54 +0200 Subject: [PATCH 1/4] Allow to upload bigger files Signed-off-by: Andreas Schneider --- .htaccess.disabled | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.htaccess.disabled b/.htaccess.disabled index e2c8374..5a3abe4 100644 --- a/.htaccess.disabled +++ b/.htaccess.disabled @@ -2,3 +2,11 @@ RewriteEngine on RewriteCond !%{HTTP_USER_AGENT} "Let's Encrypt validation server" [NC] RewriteCond %{HTTP_USER_AGENT} ^.*(bot|spider|crawl|https?://|WhatsApp|SkypeUriPreview|facebookexternalhit) [NC] RewriteRule .* - [R=403,L] + + +php_value max_execution_time 30 +php_value post_max_size 10M +php_value upload_max_size 10M +php_value upload_max_filesize 10M +php_value max_file_uploads 100 + From 5c5de860e23f85425cf5dd1e3831f580c39f5d15 Mon Sep 17 00:00:00 2001 From: Andreas Schneider Date: Fri, 12 Jul 2019 10:03:59 +0200 Subject: [PATCH 2/4] INSTALL: Creata a mediumblob for data in a paste This allows to upload bigger pastes and pastes with attachments in the v2 paste format. Fixes #456 --- INSTALL.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/INSTALL.md b/INSTALL.md index 4ce24d4..81f8903 100644 --- a/INSTALL.md +++ b/INSTALL.md @@ -139,7 +139,7 @@ For reference or if you want to create the table schema for yourself to avoid ha ```sql CREATE TABLE prefix_paste ( dataid CHAR(16) NOT NULL, - data BLOB, + data MEDIUMBLOB, postdate INT, expiredate INT, opendiscussion INT, From 5c0012cf51a926f84a0f16c0be536ee370de9ebe Mon Sep 17 00:00:00 2001 From: El RIDO Date: Fri, 20 Sep 2019 06:57:54 +0200 Subject: [PATCH 3/4] adding database migration to increase data to MEDIUMBLOB on MySQL by default --- lib/Data/Database.php | 27 ++++++++++++++++++++++----- 1 file changed, 22 insertions(+), 5 deletions(-) diff --git a/lib/Data/Database.php b/lib/Data/Database.php index 4b31983..1aacbae 100644 --- a/lib/Data/Database.php +++ b/lib/Data/Database.php @@ -597,6 +597,8 @@ class Database extends AbstractData /** * get the data type, depending on the database driver * + * PostgreSQL uses a different API for BLOBs then SQL, hence we use TEXT + * * @access private * @static * @return string @@ -609,6 +611,8 @@ class Database extends AbstractData /** * get the attachment type, depending on the database driver * + * PostgreSQL uses a different API for BLOBs then SQL, hence we use TEXT + * * @access private * @static * @return string @@ -628,16 +632,17 @@ class Database extends AbstractData { list($main_key, $after_key) = self::_getPrimaryKeyClauses(); $dataType = self::_getDataType(); + $attachmentType = self::_getAttachmentType(); self::$_db->exec( 'CREATE TABLE ' . self::_sanitizeIdentifier('paste') . ' ( ' . "dataid CHAR(16) NOT NULL$main_key, " . - "data $dataType, " . + "data $attachmentType, " . 'postdate INT, ' . 'expiredate INT, ' . 'opendiscussion INT, ' . 'burnafterreading INT, ' . 'meta TEXT, ' . - 'attachment ' . self::_getAttachmentType() . ', ' . + "attachment $attachmentType, " . "attachmentname $dataType$after_key );" ); } @@ -710,7 +715,8 @@ class Database extends AbstractData */ private static function _upgradeDatabase($oldversion) { - $dataType = self::_getDataType(); + $dataType = self::_getDataType(); + $attachmentType = self::_getAttachmentType(); switch ($oldversion) { case '0.21': // create the meta column if necessary (pre 0.21 change) @@ -722,7 +728,7 @@ class Database extends AbstractData // SQLite only allows one ALTER statement at a time... self::$_db->exec( 'ALTER TABLE ' . self::_sanitizeIdentifier('paste') . - ' ADD COLUMN attachment ' . self::_getAttachmentType() . ';' + " ADD COLUMN attachment $attachmentType;" ); self::$_db->exec( 'ALTER TABLE ' . self::_sanitizeIdentifier('paste') . " ADD COLUMN attachmentname $dataType;" @@ -732,7 +738,7 @@ class Database extends AbstractData if (self::$_type !== 'sqlite') { self::$_db->exec( 'ALTER TABLE ' . self::_sanitizeIdentifier('paste') . - ' ADD PRIMARY KEY (dataid), MODIFY COLUMN data $dataType;' + " ADD PRIMARY KEY (dataid), MODIFY COLUMN data $dataType;" ); self::$_db->exec( 'ALTER TABLE ' . self::_sanitizeIdentifier('comment') . @@ -754,6 +760,17 @@ class Database extends AbstractData self::_sanitizeIdentifier('comment') . '(pasteid);' ); // no break, continue with updates for 0.22 and later + case '1.3': + // SQLite doesn't support MODIFY, but it allows TEXT of similar + // size as BLOB and PostgreSQL uses TEXT, so there is no need + // to change it there + if (self::$_type !== 'sqlite' && self::$_type !== 'pgsql') { + self::$_db->exec( + 'ALTER TABLE ' . self::_sanitizeIdentifier('paste') . + " MODIFY COLUMN data $attachmentType;" + ); + } + // no break, continue with updates for 1.3.1 and later default: self::_exec( 'UPDATE ' . self::_sanitizeIdentifier('config') . From d5aeba60ca61fce1a4f7c20de3b049e68330aaba Mon Sep 17 00:00:00 2001 From: El RIDO Date: Fri, 20 Sep 2019 07:04:26 +0200 Subject: [PATCH 4/4] increase default size limit to 10 MiB, documenting change --- CHANGELOG.md | 1 + cfg/conf.sample.php | 4 ++-- lib/Configuration.php | 2 +- 3 files changed, 4 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index c4a4d54..45e3a58 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,7 @@ * CHANGED: Improved mobile UI - obscured send button and hard to click shortener button (#477) * CHANGED: Enhanced URL shortener integration (#479) * CHANGED: Improved file upload drag & drop UI (#317) + * CHANGED: Increased default size limit from 2 to 10 MiB, switch data from BLOB to MEDIUMBLOB in MySQL (#458) * CHANGED: Upgrading libraries to: DOMpurify 2.0.1 * FIXED: Enabling browsers without WASM to create pastes and read uncompressed ones (#454) * FIXED: Cloning related issues (#489, #491, #493, #494) diff --git a/cfg/conf.sample.php b/cfg/conf.sample.php index 0f2d50d..91616b8 100644 --- a/cfg/conf.sample.php +++ b/cfg/conf.sample.php @@ -29,8 +29,8 @@ defaultformatter = "plaintext" ; (optional) set a syntax highlighting theme, as found in css/prettify/ ; syntaxhighlightingtheme = "sons-of-obsidian" -; size limit per paste or comment in bytes, defaults to 2 Mebibytes -sizelimit = 2097152 +; size limit per paste or comment in bytes, defaults to 10 Mebibytes +sizelimit = 10485760 ; template to include, default is "bootstrap" (tpl/bootstrap.php) template = "bootstrap" diff --git a/lib/Configuration.php b/lib/Configuration.php index 67ecc23..d0258e1 100644 --- a/lib/Configuration.php +++ b/lib/Configuration.php @@ -45,7 +45,7 @@ class Configuration 'burnafterreadingselected' => false, 'defaultformatter' => 'plaintext', 'syntaxhighlightingtheme' => null, - 'sizelimit' => 2097152, + 'sizelimit' => 10485760, 'template' => 'bootstrap', 'notice' => '', 'languageselection' => false,