X-Git-Url: https://git.p6c8.net/jirafeau_mojo42.git/blobdiff_plain/9a9c9a8bf83241c193c5bef6361d41893e72dfd3..refs/merge-requests/53/merge:/lib/config.original.php?ds=sidebyside diff --git a/lib/config.original.php b/lib/config.original.php index a81b207..d8722ac 100644 --- a/lib/config.original.php +++ b/lib/config.original.php @@ -2,7 +2,7 @@ /* * Jirafeau, your web file repository * Copyright (C) 2008 Julien "axolotl" BERNARD - * Copyright (C) 2015 Jerome Jutteau + * Copyright (C) 2015 Jerome Jutteau * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as @@ -36,6 +36,7 @@ $cfg['var_root'] = ''; /* Language - choice between 'auto' or any language located in the /lib/locales/ folder. * The mode »auto« will cause the script to detect the user's browser information * and offer a matching language, and use »en« if it is not available. + * Forcing to a specific lang lightly reduce lang computation. */ $cfg['lang'] = 'auto'; @@ -84,6 +85,13 @@ $cfg['upload_password'] = array(); */ $cfg['upload_ip'] = array(); +/* List of IP allowed to upload a file without password. + * Elements of the list can be a single IP (e.g. "123.45.67.89") or + * an IP range (e.g. "123.45.0.0/16"). + * Note that CIDR notation is available for IPv4 only for the moment. + */ +$cfg['upload_ip_nopassword'] = array(); + /* Password for the admin interface. * An empty password will disable the password authentification. * The password is a sha256 hash of the original version. @@ -125,6 +133,11 @@ $cfg['availabilities'] = array( */ $cfg['availability_default'] = 'month'; +/* Give the uploading user the option to have the file + * deleted after the first download. + */ +$cfg['one_time_download'] = true; + /* Set maximal upload size expressed in MB. * »0« means unlimited upload size. */ @@ -139,7 +152,48 @@ $cfg['maximal_upload_size'] = 0; */ $cfg['proxy_ip'] = array(); +/* File hash + * In order to make file deduplication work, files can be hashed through different methods. + * By default, files are hashed through md5 but other methods are available. + * + * Possible values are 'md5', 'md5_outside' and 'random'. + * + * With 'md5' option, the whole file is hashed through md5. This is the default. + * With 'md5_outside', hash is computed using: + * - md5 of the first part of the file, + * - md5 of the last part of the file and + * - file's size. + * This method offer file deduplication at minimal cost but can be dangerous as files with the same partial hash can be mistaken. + * With 'random' option, file hash is set to a random value and file deduplication cannot work anymore but it is fast and safe. + */ +$cfg['file_hash'] = 'md5'; + +/* Work around that LiteSpeed truncates large files when downloading. + * Only for use with the LiteSpeed web server! + * An internal redirect is made using X-LiteSpeed-Location instead + * of streaming the file from PHP. + * Limitations: + * - The Jirafeau files folder has to be placed under the document root and should be + * protected from unauthorized access using rewrite rules. + * See https://www.litespeedtech.com/support/wiki/doku.php/litespeed_wiki:config:internal-redirect#protection_from_direct_access + * - Incompatible with server side encryption. + * - Incompatible with one time download. + */ +$cfg['litespeed_workaround'] = false; + +/* Store uploader's IP along with 'link' file. + * Depending of your legislation, you may have to adjust this parameter. + */ +$cfg['store_uploader_ip'] = true; + /* Required flag to test if the installation is already installed * or needs to start the installation script */ $cfg['installation_done'] = false; + +/* Enable this debug flag to allow eventual PHP error reporting. + * This is disabled by default permission misconfiguration might generate warnings or errors. + * Those warnings can break Jirafeau and also show path to var- folder in debug messages. + * var- folder should kept secret and accessing it may lead to data leak if unprotected. + */ +$cfg['debug'] = false;