X-Git-Url: https://git.p6c8.net/jirafeau_mojo42.git/blobdiff_plain/208418c2e083ff46b0de2e5db64844db68112cc1..3e84a5debe0984bea841016ba587b109031a7816:/lib/config.original.php diff --git a/lib/config.original.php b/lib/config.original.php index 736790a..365b5aa 100644 --- a/lib/config.original.php +++ b/lib/config.original.php @@ -2,7 +2,7 @@ /* * Jirafeau, your web file repository * Copyright (C) 2008 Julien "axolotl" BERNARD - * Copyright (C) 2015 Jerome Jutteau + * Copyright (C) 2015 Jerome Jutteau * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as @@ -25,7 +25,7 @@ * rename it to »config.local.php« and adapt the parameters. **/ -/* URL of installation, with traling slash (eg. »https://exmaple.com/jirafeau/«) +/* URL of installation, with trailing slash (eg. »https://example.com/jirafeau/«) */ $cfg['web_root'] = ''; @@ -33,10 +33,10 @@ $cfg['web_root'] = ''; */ $cfg['var_root'] = ''; -/* Language - choice between 'auto' or any language located in the /lib/locales/ folder. +/* Language - choose between 'auto' or any language located in the /lib/locales/ folder. * The mode »auto« will cause the script to detect the user's browser information - * and offer a matching language, and use »en« if it is not available. - * Forcing to a specific lang lightly reduce lang computation. + * and offer a matching language, or use »en« if it is not available. + * Forcing a specific lang will slightly reduce computation time. */ $cfg['lang'] = 'auto'; @@ -70,7 +70,7 @@ $cfg['enable_crypt'] = false; $cfg['link_name_length'] = 8; /* Upload password(s). - * An empty array will disable the password authentification. + * An empty array will disable password authentication. * $cfg['upload_password'] = array(); // No password * $cfg['upload_password'] = array('psw1'); // One password * $cfg['upload_password'] = array('psw1', 'psw2'); // Two passwords @@ -93,7 +93,7 @@ $cfg['upload_ip'] = array(); $cfg['upload_ip_nopassword'] = array(); /* Password for the admin interface. - * An empty password will disable the password authentification. + * An empty password will disable password authentication. * The password is a sha256 hash of the original version. */ $cfg['admin_password'] = ''; @@ -112,8 +112,9 @@ $cfg['admin_http_auth_user'] = ''; * 'hour': file available for one hour * 'day': file available for one day * 'week': file available for one week + * 'fortnight': file is available for two weeks * 'month': file is available for one month - * 'quarter': file is available for three month + * 'quarter': file is available for three months * 'year': file available for one year * 'none': unlimited availability */ @@ -122,6 +123,7 @@ $cfg['availabilities'] = array( 'hour' => true, 'day' => true, 'week' => true, + 'fortnight' => true, 'month' => true, 'quarter' => false, 'year' => false, @@ -155,15 +157,45 @@ $cfg['proxy_ip'] = array(); /* File hash * In order to make file deduplication work, files can be hashed through different methods. * By default, files are hashed through md5 but other methods are available. - * Possible values are 'md5' and 'md5_outside'. + * + * Possible values are 'md5', 'md5_outside' and 'random'. + * * With 'md5' option, the whole file is hashed through md5. This is the default. - * With 'md5_outside', md5 is used to hash the first part of the file, the last part of the file. This method offer file deduplication at minimal cost but can be dangerous as files with the same partial hash can be mistaken. - * With 'random', file hash not set to a random value and file deduplication cannot work anymore but it is fast and safe. - * and the file's size. This method is fast for large files but cannot be perfect. + * With 'md5_outside', hash is computed using: + * - md5 of the first part of the file, + * - md5 of the last part of the file and + * - file's size. + * This method offer file deduplication at minimal cost but can be dangerous as files with the same partial hash can be mistaken. + * With 'random' option, file hash is set to a random value and file deduplication cannot work anymore but it is fast and safe. */ $cfg['file_hash'] = 'md5'; +/* Work around that LiteSpeed truncates large files when downloading. + * Only for use with the LiteSpeed web server! + * An internal redirect is made using X-LiteSpeed-Location instead + * of streaming the file from PHP. + * Limitations: + * - The Jirafeau files folder has to be placed under the document root and should be + * protected from unauthorized access using rewrite rules. + * See https://www.litespeedtech.com/support/wiki/doku.php/litespeed_wiki:config:internal-redirect#protection_from_direct_access + * - Incompatible with server side encryption. + * - Incompatible with one time download. + */ +$cfg['litespeed_workaround'] = false; + +/* Store uploader's IP along with 'link' file. + * Depending of your legislation, you may have to adjust this parameter. + */ +$cfg['store_uploader_ip'] = true; + /* Required flag to test if the installation is already installed * or needs to start the installation script */ $cfg['installation_done'] = false; + +/* Enable this debug flag to allow eventual PHP error reporting. + * This is disabled by default permission misconfiguration might generate warnings or errors. + * Those warnings can break Jirafeau and also show path to var- folder in debug messages. + * var- folder should kept secret and accessing it may lead to data leak if unprotected. + */ +$cfg['debug'] = false;