2015-09-26 21:03:55 -04:00
|
|
|
<?php
|
|
|
|
/**
|
2016-07-11 05:58:15 -04:00
|
|
|
* PrivateBin
|
2015-09-26 21:03:55 -04:00
|
|
|
*
|
|
|
|
* a zero-knowledge paste bin
|
|
|
|
*
|
2016-07-11 05:58:15 -04:00
|
|
|
* @link https://github.com/PrivateBin/PrivateBin
|
2015-09-26 21:03:55 -04:00
|
|
|
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
|
2016-07-19 07:56:52 -04:00
|
|
|
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
|
2015-11-09 15:39:42 -05:00
|
|
|
* @version 0.22
|
2015-09-26 21:03:55 -04:00
|
|
|
*/
|
|
|
|
|
2016-07-21 11:09:48 -04:00
|
|
|
namespace PrivateBin\model;
|
|
|
|
|
|
|
|
use Exception;
|
|
|
|
use PrivateBin\sjcl;
|
|
|
|
use PrivateBin\trafficlimiter;
|
|
|
|
use PrivateBin\vizhash16x16;
|
|
|
|
|
2015-09-26 21:03:55 -04:00
|
|
|
/**
|
|
|
|
* model_comment
|
|
|
|
*
|
2016-07-11 05:58:15 -04:00
|
|
|
* Model of a PrivateBin comment.
|
2015-09-26 21:03:55 -04:00
|
|
|
*/
|
2016-07-21 11:09:48 -04:00
|
|
|
class comment extends AbstractModel
|
2015-09-26 21:03:55 -04:00
|
|
|
{
|
|
|
|
/**
|
|
|
|
* Instance's parent.
|
|
|
|
*
|
|
|
|
* @access private
|
|
|
|
* @var model_paste
|
|
|
|
*/
|
|
|
|
private $_paste;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Get comment data.
|
|
|
|
*
|
|
|
|
* @access public
|
|
|
|
* @throws Exception
|
2016-07-06 08:58:06 -04:00
|
|
|
* @return stdClass
|
2015-09-26 21:03:55 -04:00
|
|
|
*/
|
|
|
|
public function get()
|
|
|
|
{
|
|
|
|
// @todo add support to read specific comment
|
|
|
|
$comments = $this->_store->readComments($this->getPaste()->getId());
|
|
|
|
foreach ($comments as $comment) {
|
|
|
|
if (
|
2015-10-18 08:37:58 -04:00
|
|
|
$comment->parentid == $this->getParentId() &&
|
|
|
|
$comment->id == $this->getId()
|
2015-09-26 21:03:55 -04:00
|
|
|
) {
|
|
|
|
$this->_data = $comment;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return $this->_data;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Store the comment's data.
|
|
|
|
*
|
|
|
|
* @access public
|
|
|
|
* @throws Exception
|
|
|
|
* @return void
|
|
|
|
*/
|
|
|
|
public function store()
|
|
|
|
{
|
|
|
|
// Make sure paste exists.
|
|
|
|
$pasteid = $this->getPaste()->getId();
|
2016-07-26 02:19:35 -04:00
|
|
|
if (!$this->getPaste()->exists()) {
|
2015-09-26 21:03:55 -04:00
|
|
|
throw new Exception('Invalid data.', 67);
|
2016-07-26 02:19:35 -04:00
|
|
|
}
|
2015-09-26 21:03:55 -04:00
|
|
|
|
|
|
|
// Make sure the discussion is opened in this paste and in configuration.
|
2016-07-26 02:19:35 -04:00
|
|
|
if (!$this->getPaste()->isOpendiscussion() || !$this->_conf->getKey('discussion')) {
|
2015-09-26 21:03:55 -04:00
|
|
|
throw new Exception('Invalid data.', 68);
|
2016-07-26 02:19:35 -04:00
|
|
|
}
|
2015-09-26 21:03:55 -04:00
|
|
|
|
|
|
|
// Check for improbable collision.
|
2016-07-26 02:19:35 -04:00
|
|
|
if ($this->exists()) {
|
2015-09-26 21:03:55 -04:00
|
|
|
throw new Exception('You are unlucky. Try again.', 69);
|
2016-07-26 02:19:35 -04:00
|
|
|
}
|
2015-09-26 21:03:55 -04:00
|
|
|
|
|
|
|
$this->_data->meta->postdate = time();
|
|
|
|
|
|
|
|
// store comment
|
|
|
|
if (
|
|
|
|
$this->_store->createComment(
|
|
|
|
$pasteid,
|
|
|
|
$this->getParentId(),
|
|
|
|
$this->getId(),
|
|
|
|
json_decode(json_encode($this->_data), true)
|
|
|
|
) === false
|
2016-07-26 02:19:35 -04:00
|
|
|
) {
|
|
|
|
throw new Exception('Error saving comment. Sorry.', 70);
|
|
|
|
}
|
2015-09-26 21:03:55 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Delete the comment.
|
|
|
|
*
|
|
|
|
* @access public
|
|
|
|
* @throws Exception
|
|
|
|
* @return void
|
|
|
|
*/
|
|
|
|
public function delete()
|
|
|
|
{
|
|
|
|
throw new Exception('To delete a comment, delete its parent paste', 64);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Test if comment exists in store.
|
|
|
|
*
|
|
|
|
* @access public
|
|
|
|
* @return bool
|
|
|
|
*/
|
|
|
|
public function exists()
|
|
|
|
{
|
|
|
|
return $this->_store->existsComment(
|
|
|
|
$this->getPaste()->getId(),
|
|
|
|
$this->getParentId(),
|
|
|
|
$this->getId()
|
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Set paste.
|
|
|
|
*
|
|
|
|
* @access public
|
|
|
|
* @param model_paste $paste
|
|
|
|
* @throws Exception
|
|
|
|
* @return void
|
|
|
|
*/
|
2016-07-21 11:09:48 -04:00
|
|
|
public function setPaste(paste $paste)
|
2015-09-26 21:03:55 -04:00
|
|
|
{
|
|
|
|
$this->_paste = $paste;
|
|
|
|
$this->_data->meta->pasteid = $paste->getId();
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Get paste.
|
|
|
|
*
|
|
|
|
* @access public
|
|
|
|
* @return model_paste
|
|
|
|
*/
|
|
|
|
public function getPaste()
|
|
|
|
{
|
|
|
|
return $this->_paste;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Set parent ID.
|
|
|
|
*
|
|
|
|
* @access public
|
|
|
|
* @param string $id
|
|
|
|
* @throws Exception
|
|
|
|
* @return void
|
|
|
|
*/
|
|
|
|
public function setParentId($id)
|
|
|
|
{
|
2016-07-26 02:19:35 -04:00
|
|
|
if (!self::isValidId($id)) {
|
|
|
|
throw new Exception('Invalid paste ID.', 65);
|
|
|
|
}
|
2015-09-26 21:03:55 -04:00
|
|
|
$this->_data->meta->parentid = $id;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Get parent ID.
|
|
|
|
*
|
|
|
|
* @access public
|
|
|
|
* @return string
|
|
|
|
*/
|
|
|
|
public function getParentId()
|
|
|
|
{
|
2016-07-26 02:19:35 -04:00
|
|
|
if (!property_exists($this->_data->meta, 'parentid')) {
|
|
|
|
$this->_data->meta->parentid = '';
|
|
|
|
}
|
2015-09-26 21:03:55 -04:00
|
|
|
return $this->_data->meta->parentid;
|
|
|
|
}
|
|
|
|
|
2015-11-09 15:39:42 -05:00
|
|
|
/**
|
|
|
|
* Set nickname.
|
|
|
|
*
|
|
|
|
* @access public
|
|
|
|
* @param string $nickname
|
|
|
|
* @throws Exception
|
|
|
|
* @return void
|
|
|
|
*/
|
2015-09-26 21:03:55 -04:00
|
|
|
public function setNickname($nickname)
|
|
|
|
{
|
2016-07-26 02:19:35 -04:00
|
|
|
if (!sjcl::isValid($nickname)) {
|
|
|
|
throw new Exception('Invalid data.', 66);
|
|
|
|
}
|
2015-09-26 21:03:55 -04:00
|
|
|
$this->_data->meta->nickname = $nickname;
|
|
|
|
|
2016-07-26 02:19:35 -04:00
|
|
|
if ($this->_conf->getKey('vizhash')) {
|
2016-07-18 04:14:38 -04:00
|
|
|
// Generation of the anonymous avatar (Vizhash):
|
|
|
|
// If a nickname is provided, we generate a Vizhash.
|
|
|
|
// (We assume that if the user did not enter a nickname, he/she wants
|
|
|
|
// to be anonymous and we will not generate the vizhash.)
|
|
|
|
$vh = new vizhash16x16();
|
|
|
|
$pngdata = $vh->generate(trafficlimiter::getIp());
|
2016-07-26 02:19:35 -04:00
|
|
|
if ($pngdata != '') {
|
2016-07-18 04:14:38 -04:00
|
|
|
$this->_data->meta->vizhash = 'data:image/png;base64,' . base64_encode($pngdata);
|
|
|
|
}
|
|
|
|
// Once the avatar is generated, we do not keep the IP address, nor its hash.
|
2015-09-26 21:03:55 -04:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|