diff --git a/.htaccess.disabled b/.htaccess.disabled index e2c8374f..5a3abe46 100644 --- a/.htaccess.disabled +++ b/.htaccess.disabled @@ -2,3 +2,11 @@ RewriteEngine on RewriteCond !%{HTTP_USER_AGENT} "Let's Encrypt validation server" [NC] RewriteCond %{HTTP_USER_AGENT} ^.*(bot|spider|crawl|https?://|WhatsApp|SkypeUriPreview|facebookexternalhit) [NC] RewriteRule .* - [R=403,L] + + +php_value max_execution_time 30 +php_value post_max_size 10M +php_value upload_max_size 10M +php_value upload_max_filesize 10M +php_value max_file_uploads 100 + diff --git a/CHANGELOG.md b/CHANGELOG.md index c4a4d54d..45e3a587 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,7 @@ * CHANGED: Improved mobile UI - obscured send button and hard to click shortener button (#477) * CHANGED: Enhanced URL shortener integration (#479) * CHANGED: Improved file upload drag & drop UI (#317) + * CHANGED: Increased default size limit from 2 to 10 MiB, switch data from BLOB to MEDIUMBLOB in MySQL (#458) * CHANGED: Upgrading libraries to: DOMpurify 2.0.1 * FIXED: Enabling browsers without WASM to create pastes and read uncompressed ones (#454) * FIXED: Cloning related issues (#489, #491, #493, #494) diff --git a/INSTALL.md b/INSTALL.md index 4ce24d4b..81f89037 100644 --- a/INSTALL.md +++ b/INSTALL.md @@ -139,7 +139,7 @@ For reference or if you want to create the table schema for yourself to avoid ha ```sql CREATE TABLE prefix_paste ( dataid CHAR(16) NOT NULL, - data BLOB, + data MEDIUMBLOB, postdate INT, expiredate INT, opendiscussion INT, diff --git a/cfg/conf.sample.php b/cfg/conf.sample.php index 0f2d50d5..91616b84 100644 --- a/cfg/conf.sample.php +++ b/cfg/conf.sample.php @@ -29,8 +29,8 @@ defaultformatter = "plaintext" ; (optional) set a syntax highlighting theme, as found in css/prettify/ ; syntaxhighlightingtheme = "sons-of-obsidian" -; size limit per paste or comment in bytes, defaults to 2 Mebibytes -sizelimit = 2097152 +; size limit per paste or comment in bytes, defaults to 10 Mebibytes +sizelimit = 10485760 ; template to include, default is "bootstrap" (tpl/bootstrap.php) template = "bootstrap" diff --git a/lib/Configuration.php b/lib/Configuration.php index 67ecc234..d0258e12 100644 --- a/lib/Configuration.php +++ b/lib/Configuration.php @@ -45,7 +45,7 @@ class Configuration 'burnafterreadingselected' => false, 'defaultformatter' => 'plaintext', 'syntaxhighlightingtheme' => null, - 'sizelimit' => 2097152, + 'sizelimit' => 10485760, 'template' => 'bootstrap', 'notice' => '', 'languageselection' => false, diff --git a/lib/Data/Database.php b/lib/Data/Database.php index 4b319836..1aacbae6 100644 --- a/lib/Data/Database.php +++ b/lib/Data/Database.php @@ -597,6 +597,8 @@ class Database extends AbstractData /** * get the data type, depending on the database driver * + * PostgreSQL uses a different API for BLOBs then SQL, hence we use TEXT + * * @access private * @static * @return string @@ -609,6 +611,8 @@ class Database extends AbstractData /** * get the attachment type, depending on the database driver * + * PostgreSQL uses a different API for BLOBs then SQL, hence we use TEXT + * * @access private * @static * @return string @@ -628,16 +632,17 @@ class Database extends AbstractData { list($main_key, $after_key) = self::_getPrimaryKeyClauses(); $dataType = self::_getDataType(); + $attachmentType = self::_getAttachmentType(); self::$_db->exec( 'CREATE TABLE ' . self::_sanitizeIdentifier('paste') . ' ( ' . "dataid CHAR(16) NOT NULL$main_key, " . - "data $dataType, " . + "data $attachmentType, " . 'postdate INT, ' . 'expiredate INT, ' . 'opendiscussion INT, ' . 'burnafterreading INT, ' . 'meta TEXT, ' . - 'attachment ' . self::_getAttachmentType() . ', ' . + "attachment $attachmentType, " . "attachmentname $dataType$after_key );" ); } @@ -710,7 +715,8 @@ class Database extends AbstractData */ private static function _upgradeDatabase($oldversion) { - $dataType = self::_getDataType(); + $dataType = self::_getDataType(); + $attachmentType = self::_getAttachmentType(); switch ($oldversion) { case '0.21': // create the meta column if necessary (pre 0.21 change) @@ -722,7 +728,7 @@ class Database extends AbstractData // SQLite only allows one ALTER statement at a time... self::$_db->exec( 'ALTER TABLE ' . self::_sanitizeIdentifier('paste') . - ' ADD COLUMN attachment ' . self::_getAttachmentType() . ';' + " ADD COLUMN attachment $attachmentType;" ); self::$_db->exec( 'ALTER TABLE ' . self::_sanitizeIdentifier('paste') . " ADD COLUMN attachmentname $dataType;" @@ -732,7 +738,7 @@ class Database extends AbstractData if (self::$_type !== 'sqlite') { self::$_db->exec( 'ALTER TABLE ' . self::_sanitizeIdentifier('paste') . - ' ADD PRIMARY KEY (dataid), MODIFY COLUMN data $dataType;' + " ADD PRIMARY KEY (dataid), MODIFY COLUMN data $dataType;" ); self::$_db->exec( 'ALTER TABLE ' . self::_sanitizeIdentifier('comment') . @@ -754,6 +760,17 @@ class Database extends AbstractData self::_sanitizeIdentifier('comment') . '(pasteid);' ); // no break, continue with updates for 0.22 and later + case '1.3': + // SQLite doesn't support MODIFY, but it allows TEXT of similar + // size as BLOB and PostgreSQL uses TEXT, so there is no need + // to change it there + if (self::$_type !== 'sqlite' && self::$_type !== 'pgsql') { + self::$_db->exec( + 'ALTER TABLE ' . self::_sanitizeIdentifier('paste') . + " MODIFY COLUMN data $attachmentType;" + ); + } + // no break, continue with updates for 1.3.1 and later default: self::_exec( 'UPDATE ' . self::_sanitizeIdentifier('config') .