From f514381aa573fa5de2e35e1ec641395860cc68e4 Mon Sep 17 00:00:00 2001 From: rugk Date: Wed, 19 Apr 2017 00:09:41 +0200 Subject: [PATCH 01/13] Correct license We do not use the acknowledge version. Cf.: Without ack.: https://spdx.org/licenses/Zlib.html#licenseText With ack.: https://spdx.org/licenses/zlib-acknowledgement.html#licenseText --- composer.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/composer.json b/composer.json index 4248b5f4..2a363a66 100644 --- a/composer.json +++ b/composer.json @@ -4,7 +4,7 @@ "type": "project", "keywords": ["private", "secure", "end-to-end-encrypted", "e2e", "paste", "pastebin", "zero", "zero-knowledge", "encryption", "encrypted", "AES"], "homepage": "https://github.com/PrivateBin", - "license":"zlib-acknowledgement", + "license":"zlib", "support": { "issues": "https://github.com/PrivateBin/PrivateBin/issues", "wiki": "https://github.com/PrivateBin/PrivateBin/wiki", From fa2dde0b1f59fdfbd07c1d3a3bfe5a4c47002a6e Mon Sep 17 00:00:00 2001 From: rugk Date: Wed, 19 Apr 2017 00:49:59 +0200 Subject: [PATCH 02/13] Use SQL highlighting --- INSTALL.md | 62 ++++++++++++++++++++++++++++-------------------------- 1 file changed, 32 insertions(+), 30 deletions(-) diff --git a/INSTALL.md b/INSTALL.md index b627bc9e..8132bb8d 100644 --- a/INSTALL.md +++ b/INSTALL.md @@ -64,7 +64,7 @@ process (see also > #### PATH Example > Your PrivateBin installation lives in a subfolder called "paste" inside of > your document root. The URL looks like this: -> http://example.com/paste/ +> https://example.com/paste/ > > The full path of PrivateBin on your webserver is: > /home/example.com/htdocs/paste @@ -118,32 +118,34 @@ For reference or if you want to create the table schema for yourself (replace `prefix_` with your own table prefix and create the table schema with phpMyAdmin or the MYSQL console): - CREATE TABLE prefix_paste ( - dataid CHAR(16) NOT NULL, - data BLOB, - postdate INT, - expiredate INT, - opendiscussion INT, - burnafterreading INT, - meta TEXT, - attachment MEDIUMBLOB, - attachmentname BLOB, - PRIMARY KEY (dataid) - ); - - CREATE TABLE prefix_comment ( - dataid CHAR(16), - pasteid CHAR(16), - parentid CHAR(16), - data BLOB, - nickname BLOB, - vizhash BLOB, - postdate INT, - PRIMARY KEY (dataid) - ); - CREATE INDEX parent ON prefix_comment(pasteid); - - CREATE TABLE prefix_config ( - id CHAR(16) NOT NULL, value TEXT, PRIMARY KEY (id) - ); - INSERT INTO prefix_config VALUES('VERSION', '1.1'); +```sql +CREATE TABLE prefix_paste ( + dataid CHAR(16) NOT NULL, + data BLOB, + postdate INT, + expiredate INT, + opendiscussion INT, + burnafterreading INT, + meta TEXT, + attachment MEDIUMBLOB, + attachmentname BLOB, + PRIMARY KEY (dataid) +); + +CREATE TABLE prefix_comment ( + dataid CHAR(16), + pasteid CHAR(16), + parentid CHAR(16), + data BLOB, + nickname BLOB, + vizhash BLOB, + postdate INT, + PRIMARY KEY (dataid) +); +CREATE INDEX parent ON prefix_comment(pasteid); + +CREATE TABLE prefix_config ( + id CHAR(16) NOT NULL, value TEXT, PRIMARY KEY (id) +); +INSERT INTO prefix_config VALUES('VERSION', '1.1'); +``` From 0ae952e63f37d0d4d44f49b80ff7012888c75895 Mon Sep 17 00:00:00 2001 From: rugk Date: Thu, 4 May 2017 16:49:16 +0200 Subject: [PATCH 03/13] Add note about PostgreSQL see https://github.com/PrivateBin/PrivateBin/issues/227 --- INSTALL.md | 3 +++ vendor/composer/autoload_classmap.php | 1 + vendor/composer/autoload_static.php | 1 + 3 files changed, 5 insertions(+) diff --git a/INSTALL.md b/INSTALL.md index 8132bb8d..ffd5d39a 100644 --- a/INSTALL.md +++ b/INSTALL.md @@ -149,3 +149,6 @@ CREATE TABLE prefix_config ( ); INSERT INTO prefix_config VALUES('VERSION', '1.1'); ``` + +In PostgreSQL the attachment column needs to be TEXT and not BLOB or MEDIUMBLOB. + diff --git a/vendor/composer/autoload_classmap.php b/vendor/composer/autoload_classmap.php index ceb98f99..8f36d522 100644 --- a/vendor/composer/autoload_classmap.php +++ b/vendor/composer/autoload_classmap.php @@ -23,6 +23,7 @@ return array( 'PrivateBin\\Model\\Comment' => $baseDir . '/lib/Model/Comment.php', 'PrivateBin\\Model\\Paste' => $baseDir . '/lib/Model/Paste.php', 'PrivateBin\\Persistence\\AbstractPersistence' => $baseDir . '/lib/Persistence/AbstractPersistence.php', + 'PrivateBin\\Persistence\\DataStore' => $baseDir . '/lib/Persistence/DataStore.php', 'PrivateBin\\Persistence\\PurgeLimiter' => $baseDir . '/lib/Persistence/PurgeLimiter.php', 'PrivateBin\\Persistence\\ServerSalt' => $baseDir . '/lib/Persistence/ServerSalt.php', 'PrivateBin\\Persistence\\TrafficLimiter' => $baseDir . '/lib/Persistence/TrafficLimiter.php', diff --git a/vendor/composer/autoload_static.php b/vendor/composer/autoload_static.php index 001a248f..bc6ffd2f 100644 --- a/vendor/composer/autoload_static.php +++ b/vendor/composer/autoload_static.php @@ -52,6 +52,7 @@ class ComposerStaticInitDontChange 'PrivateBin\\Model\\Comment' => __DIR__ . '/../..' . '/lib/Model/Comment.php', 'PrivateBin\\Model\\Paste' => __DIR__ . '/../..' . '/lib/Model/Paste.php', 'PrivateBin\\Persistence\\AbstractPersistence' => __DIR__ . '/../..' . '/lib/Persistence/AbstractPersistence.php', + 'PrivateBin\\Persistence\\DataStore' => __DIR__ . '/../..' . '/lib/Persistence/DataStore.php', 'PrivateBin\\Persistence\\PurgeLimiter' => __DIR__ . '/../..' . '/lib/Persistence/PurgeLimiter.php', 'PrivateBin\\Persistence\\ServerSalt' => __DIR__ . '/../..' . '/lib/Persistence/ServerSalt.php', 'PrivateBin\\Persistence\\TrafficLimiter' => __DIR__ . '/../..' . '/lib/Persistence/TrafficLimiter.php', From c23c65f1f4f4c8e28c69e5c8a9fc99b43f48c10a Mon Sep 17 00:00:00 2001 From: Angristan Date: Wed, 10 May 2017 22:06:19 +0200 Subject: [PATCH 04/13] Corrections and missing translations --- i18n/fr.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/i18n/fr.json b/i18n/fr.json index 10c36a4e..5ac34244 100644 --- a/i18n/fr.json +++ b/i18n/fr.json @@ -1,7 +1,7 @@ { "PrivateBin": "PrivateBin", "%s is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted in the browser using 256 bits AES. More information on the project page.": - "%s est un 'pastebin' (ou gestionnaire d'extraits de texte et de code source) minimaliste et open source, dans lequel le serveur n'a aucune connaissance des données envoyées. Les données sont chiffrées/déchiffrées dans le navigateur par un chiffrage AES 256 bits. Plus d'informations sur la page du projet.", + "%s est un 'pastebin' (ou gestionnaire d'extraits de texte et de code source) minimaliste et open source, dans lequel le serveur n'a aucune connaissance des données envoyées. Les données sont chiffrées/déchiffrées dans le navigateur par un chiffrement AES 256 bits. Plus d'informations sur la page du projet.", "Because ignorance is bliss": "Parce que l'ignorance c'est le bonheur", "en": "fr", @@ -123,7 +123,7 @@ "Could not create paste: %s": "Impossible de créer le paste : %s", "Cannot decrypt paste: Decryption key missing in URL (Did you use a redirector or an URL shortener which strips part of the URL?)": - "Impossible de déchiffrer le paste : Clé de déchiffrage manquante dans l'URL (Avez-vous utilisé un redirecteur ou un site de réduction d'URL qui supprime une partie de l'URL ?)", + "Impossible de déchiffrer le paste : Clé de déchiffrement manquante dans l'URL (Avez-vous utilisé un redirecteur ou un site de réduction d'URL qui supprime une partie de l'URL ?)", "B": "o", "KiB": "Kio", "MiB": "Mio", @@ -156,8 +156,8 @@ "Enter password": "Entrez le mot de passe", "Loading…": "Chargement…", - "Decrypting paste…": "Decrypting paste…", - "Preparing new paste…": "Preparing new paste…", + "Decrypting paste…": "Déchiffrement du paste…", + "Preparing new paste…": "Préparation du paste…", "In case this message never disappears please have a look at this FAQ for information to troubleshoot.": "Si ce message ne disparaîssait pas, jetez un oeil à cette FAQ pour des idées de résolution (en Anglais).", "+++ no paste text +++": "+++ no paste text +++" From ddd51287766a71537e44c205a5b86d87e748a10d Mon Sep 17 00:00:00 2001 From: Jake Cozart Date: Sat, 20 May 2017 15:08:17 -0700 Subject: [PATCH 05/13] Updated bootstrap.php to fix a display issue The text "password (recommended)" on the password field was being truncated to "password (recommen" because of a size issue. --- tpl/bootstrap.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tpl/bootstrap.php b/tpl/bootstrap.php index 6fc01bd1..7993e431 100644 --- a/tpl/bootstrap.php +++ b/tpl/bootstrap.php @@ -269,7 +269,7 @@ if ($PASSWORD): ?>
  • Date: Sun, 28 May 2017 15:16:23 -0400 Subject: [PATCH 06/13] README: Fix some minior grammar mistakes Fixes a few more minor grammar mistakes --- README.md | 34 +++++++++++++++++----------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/README.md b/README.md index a259cb5d..488f8065 100644 --- a/README.md +++ b/README.md @@ -12,13 +12,13 @@ **PrivateBin** is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. -Data is encrypted/decrypted in the browser using 256bit AES in [Galois Counter mode](https://en.wikipedia.org/wiki/Galois/Counter_Mode). +Data is encrypted and decrypted in the browser using 256bit AES in [Galois Counter mode](https://en.wikipedia.org/wiki/Galois/Counter_Mode). This is a fork of ZeroBin, originally developed by -[Sébastien Sauvage](https://github.com/sebsauvage/ZeroBin). It was refactored -to allow easier and cleaner extensions and has now many more features than the -original. It is however still fully compatible to the original ZeroBin 0.19 -data storage scheme. Therefore such installations can be upgraded to this fork +[Sébastien Sauvage](https://github.com/sebsauvage/ZeroBin). ZeroBin was refactored +to allow easier and cleaner extensions. PrivateBin has many more features than the +original ZeroBin. It is however still fully compatible to the original ZeroBin 0.19 +data storage scheme. Therefore, such installations can be upgraded to PrivateBin without losing any data. ## What PrivateBin provides @@ -38,14 +38,14 @@ without losing any data. ## What it doesn't provide -- As a user you have to trust the server administrator, your internet provider - and any country the traffic passes not to inject any malicious javascript code. - For a basic security the PrivateBin installation *has to provide HTTPS*! +- As a user you have to trust the server administrator, your internet provider, + and any country the traffic passes through not to inject any malicious javascript code. + For basic security, the PrivateBin installation *has to provide HTTPS*! Additionally it should be secured by [HSTS](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) and ideally by [HPKP](https://en.wikipedia.org/wiki/HTTP_Public_Key_Pinning) using a - certificate either validated by a trusted third party (check the certificate - when first using a new PrivateBin instance) or self-signed by the server + certificate, either validated by a trusted third party (check the certificate + when first using a new PrivateBin instance), or self-signed by the server operator, validated using a [DNSSEC](https://en.wikipedia.org/wiki/Domain_Name_System_Security_Extensions) protected @@ -53,22 +53,22 @@ without losing any data. record. - The "key" used to encrypt the paste is part of the URL. If you publicly post - the URL of a paste that is not password-protected, everybody can read it. - Use a password if you want your paste to be private. In this case make sure to - use a strong password and do only share it privately and end-to-end-encrypted. + the URL of a paste that is not password-protected, anyone can read it. + Use a password if you want your paste to be private. In this case, make sure to + use a strong password and only share it privately and end-to-end-encrypted. - A server admin might be forced to hand over access logs to the authorities. PrivateBin encrypts your text and the discussion contents, but who accessed it first might still be disclosed via such access logs. - In case of a server breach your data is secure as it is only stored encrypted - on the server. However the server could be misused or the server admin could + on the server. However, the server could be misused or the server admin could be legally forced into sending malicious JavaScript to all web users, which - grabs the decryption key and send it to the server when a user accesses a + grabs the decryption key and sends it to the server when a user accesses a PrivateBin. - Therefore do not access any PrivateBin instance if you think it has been + Therefore, do not access any PrivateBin instance if you think it has been compromised. As long as no user accesses this instance with a previously - generated URL, the content can''t be decrypted. + generated URL, the content can't be decrypted. ## Options From 674ebbc6fb3697ec034e79175d4f5aa0a55f9605 Mon Sep 17 00:00:00 2001 From: rugk Date: Thu, 6 Jul 2017 19:14:49 +0200 Subject: [PATCH 07/13] Remove bullet point It is just useless here. --- .github/ISSUE_TEMPLATE.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/ISSUE_TEMPLATE.md b/.github/ISSUE_TEMPLATE.md index f8363e8b..55fbca68 100644 --- a/.github/ISSUE_TEMPLATE.md +++ b/.github/ISSUE_TEMPLATE.md @@ -35,5 +35,4 @@ If you have access to the server log files, also copy them here. **PrivateBin version:** -* I can reproduce this issue on : Yes / No - +I can reproduce this issue on : Yes / No From 53a8449674293cf977c35b5c60146cb2983bf6a9 Mon Sep 17 00:00:00 2001 From: rugk Date: Thu, 10 Aug 2017 21:51:10 +0200 Subject: [PATCH 08/13] Update HTTPS part of Readme Do not advise against CAs, make clear HTTPS protects against some enumerated threats. --- README.md | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 488f8065..cac0e321 100644 --- a/README.md +++ b/README.md @@ -17,7 +17,7 @@ Data is encrypted and decrypted in the browser using 256bit AES in [Galois Count This is a fork of ZeroBin, originally developed by [Sébastien Sauvage](https://github.com/sebsauvage/ZeroBin). ZeroBin was refactored to allow easier and cleaner extensions. PrivateBin has many more features than the -original ZeroBin. It is however still fully compatible to the original ZeroBin 0.19 +original ZeroBin. It is, however, still fully compatible to the original ZeroBin 0.19 data storage scheme. Therefore, such installations can be upgraded to PrivateBin without losing any data. @@ -38,15 +38,14 @@ without losing any data. ## What it doesn't provide -- As a user you have to trust the server administrator, your internet provider, - and any country the traffic passes through not to inject any malicious javascript code. +- As a user you have to trust the server administrator. For basic security, the PrivateBin installation *has to provide HTTPS*! - Additionally it should be secured by + Otherwise you would also have to trust your internet provider, and any country + the traffic passes through not to inject any malicious javascript code. + Additionally the instance should be secured by [HSTS](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) and ideally by [HPKP](https://en.wikipedia.org/wiki/HTTP_Public_Key_Pinning) using a - certificate, either validated by a trusted third party (check the certificate - when first using a new PrivateBin instance), or self-signed by the server - operator, validated using a + certificate. It can use traditional certificate authorities and/or use [DNSSEC](https://en.wikipedia.org/wiki/Domain_Name_System_Security_Extensions) protected [DANE](https://en.wikipedia.org/wiki/DNS-based_Authentication_of_Named_Entities) @@ -58,8 +57,8 @@ without losing any data. use a strong password and only share it privately and end-to-end-encrypted. - A server admin might be forced to hand over access logs to the authorities. - PrivateBin encrypts your text and the discussion contents, but who accessed it - first might still be disclosed via such access logs. + PrivateBin encrypts your text and the discussion contents, but who accessed a + paste (first) might still be disclosed via access logs. - In case of a server breach your data is secure as it is only stored encrypted on the server. However, the server could be misused or the server admin could From 92f2d27cb7269da54f61ae200a5ff98ee6682a78 Mon Sep 17 00:00:00 2001 From: rugk Date: Thu, 10 Aug 2017 21:54:38 +0200 Subject: [PATCH 09/13] Improve Readme --- README.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index cac0e321..802942cc 100644 --- a/README.md +++ b/README.md @@ -38,10 +38,11 @@ without losing any data. ## What it doesn't provide -- As a user you have to trust the server administrator. +- As a user you have to trust the server administrator not to inject any malicious + javascript code. For basic security, the PrivateBin installation *has to provide HTTPS*! Otherwise you would also have to trust your internet provider, and any country - the traffic passes through not to inject any malicious javascript code. + the traffic passes through. Additionally the instance should be secured by [HSTS](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) and ideally by [HPKP](https://en.wikipedia.org/wiki/HTTP_Public_Key_Pinning) using a From 70b80b5bca76350d504de52a9d5a1166299a0b16 Mon Sep 17 00:00:00 2001 From: rugk Date: Thu, 10 Aug 2017 22:01:20 +0200 Subject: [PATCH 10/13] Deduplicate installation instructions Maintaining them in two places is bad and just creates problems. As they can & should be improved by the community, let's now use the wiki. --- INSTALL.md | 155 +---------------------------------------------------- 1 file changed, 1 insertion(+), 154 deletions(-) diff --git a/INSTALL.md b/INSTALL.md index ffd5d39a..7e5fa31f 100644 --- a/INSTALL.md +++ b/INSTALL.md @@ -1,154 +1 @@ -# Installation - -**TL;DR:** Download the -[latest release archive](https://github.com/PrivateBin/PrivateBin/releases/latest) -and extract it in your web hosts folder where you want to install your PrivateBin -instance. We try to provide a safe default configuration, but we advise you to -check the options and adjust them as you see fit. - -## Basic installation - -### Requirements - -- PHP version 5.4 or above -- _one_ of the following sources of cryptographically safe randomness is required: - - PHP 7 or higher - - [Libsodium](https://download.libsodium.org/libsodium/content/installation/) and it's [PHP extension](https://paragonie.com/book/pecl-libsodium/read/00-intro.md#installing-libsodium) - - open_basedir access to `/dev/urandom` - - mcrypt extension - - com_dotnet extension - - Mcrypt needs to be able to access `/dev/urandom`. This means if `open_basedir` is set, it must include this file. -- GD extension -- some disk space or (optional) a database supported by [PDO](https://secure.php.net/manual/book.pdo.php) -- ability to create files and folders in the installation directory and the PATH -- A web browser with javascript support - -### Configuration - -In the file `cfg/conf.ini` you can configure PrivateBin. A `cfg/conf.ini.sample` -is provided containing all options and default values. You can copy it to -`cfg/conf.ini` and adapt it as needed. The config file is divided into multiple -sections, which are enclosed in square brackets. - -In the `[main]` section you can enable or disable the discussion feature, set -the limit of stored pastes and comments in bytes. The `[traffic]` section lets -you set a time limit in seconds. Users may not post more often then this limit -to your PrivateBin installation. - -More details can be found in the -[configuration documentation](https://github.com/PrivateBin/PrivateBin/wiki/Configuration). - -## Further configuration - -After (or before) setting up PrivateBin, also set up HTTPS, as without HTTPS -PrivateBin is not secure. ( -[More information](https://github.com/PrivateBin/PrivateBin/wiki/FAQ#how-should-i-setup-https)) - -If you want to use PrivateBin behind Cloudflare, make sure you disabled Rocket -loader and unchecked "Javascript" for Auto Minify, found in your domain settings, -under "Speed". (More information -[in this FAQ entry](https://github.com/PrivateBin/PrivateBin/wiki/FAQ#user-content-how-to-make-privatebin-work-when-using-cloudflare-for-ddos-protection)) - -## Advanced installation - -### Changing the path - -In the index.php you can define a different `PATH`. This is useful to secure your -installation. You can move the configuration, data files, templates and PHP -libraries (directories cfg, doc, data, lib, tpl, tst and vendor) outside of your -document root. This new location must still be accessible to your webserver / PHP -process (see also -[open_basedir setting](https://secure.php.net/manual/en/ini.core.php#ini.open-basedir)). - -> #### PATH Example -> Your PrivateBin installation lives in a subfolder called "paste" inside of -> your document root. The URL looks like this: -> https://example.com/paste/ -> -> The full path of PrivateBin on your webserver is: -> /home/example.com/htdocs/paste -> -> When setting the path like this: -> define('PATH', '../../secret/privatebin/'); -> -> PrivateBin will look for your includes / data here: -> /home/example.com/secret/privatebin - -### Web server configuration - -A `robots.txt` file is provided in the root dir of PrivateBin. It disallows all -robots from accessing your pastes. It is recommend to place it into the root of -your web directory if you have installed PrivateBin in a subdirectory. Make sure -to adjust it, so that the file paths match your installation. Of course also -adjust the file if you already use a `robots.txt`. - -A `.htaccess.disabled` file is provided in the root dir of PrivateBin. It blocks -some known robots and link-scanning bots. If you use Apache, you can rename the -file to `.htaccess` to enable this feature. If you use another webserver, you -have to configure it manually to do the same. - -### Using a database instead of flat files - -In the configuration file the `[model]` and `[model_options]` sections let you -configure your favourite way of storing the pastes and discussions on your -server. - -`Filesystem` is the default model, which stores everything in files in the -data folder. This is the recommended setup for most sites. - -Under high load, in distributed setups or if you are not allowed to store files -locally, you might want to switch to the `Database` model. This lets you -store your data in a database. Basically all databases that are supported by -[PDO](https://secure.php.net/manual/en/book.pdo.php) may be used. Automatic table -creation is provided for `pdo_ibm`, `pdo_informix`, `pdo_mssql`, `pdo_mysql`, -`pdo_oci`, `pdo_pgsql` and `pdo_sqlite`. You may want to provide a table prefix, -if you have to share the PrivateBin database with another application or you want -to use a prefix for -[security reasons](https://security.stackexchange.com/questions/119510/is-using-a-db-prefix-for-tables-more-secure). -The table prefix option is called `tbl`. - -> #### Note -> The `Database` model has only been tested with SQLite, MySQL and PostgreSQL, -> although it would not be recommended to use SQLite in a production environment. -> If you gain any experience running PrivateBin on other RDBMS, please let us -> know. - -For reference or if you want to create the table schema for yourself (replace -`prefix_` with your own table prefix and create the table schema with phpMyAdmin -or the MYSQL console): - -```sql -CREATE TABLE prefix_paste ( - dataid CHAR(16) NOT NULL, - data BLOB, - postdate INT, - expiredate INT, - opendiscussion INT, - burnafterreading INT, - meta TEXT, - attachment MEDIUMBLOB, - attachmentname BLOB, - PRIMARY KEY (dataid) -); - -CREATE TABLE prefix_comment ( - dataid CHAR(16), - pasteid CHAR(16), - parentid CHAR(16), - data BLOB, - nickname BLOB, - vizhash BLOB, - postdate INT, - PRIMARY KEY (dataid) -); -CREATE INDEX parent ON prefix_comment(pasteid); - -CREATE TABLE prefix_config ( - id CHAR(16) NOT NULL, value TEXT, PRIMARY KEY (id) -); -INSERT INTO prefix_config VALUES('VERSION', '1.1'); -``` - -In PostgreSQL the attachment column needs to be TEXT and not BLOB or MEDIUMBLOB. - +For installation instructions, see [our wiki](https://github.com/PrivateBin/PrivateBin/wiki/Installation). From 18adcca66e4f1cb5388ec4d5dab5679b921093ba Mon Sep 17 00:00:00 2001 From: Quent-in Date: Fri, 8 Sep 2017 10:15:02 +0200 Subject: [PATCH 11/13] Correction typo + new strings --- i18n/oc.json | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/i18n/oc.json b/i18n/oc.json index 90478768..cf0939e3 100644 --- a/i18n/oc.json +++ b/i18n/oc.json @@ -1,9 +1,9 @@ { "PrivateBin": "PrivateBin", "%s is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted in the browser using 256 bits AES. More information on the project page.": - "%s es un 'pastebin' (o gestionari d'extrachs de tèxte e còdi font) minimalista e open source, dins lo qual lo servidor a pas cap de coneissença de las donadas mandadas. Las donadas son chifradas/deschifradas dins lo navigator per un chiframent AES 256 bits. Mai informacions sus la pagina del projècte.", + "%s es un 'pastebin' (o gestionari d’extrachs de tèxte e còdi font) minimalista e open source, dins lo qual lo servidor a pas cap de coneissença de las donadas mandadas. Las donadas son chifradas/deschifradas dins lo navigator per un chiframent AES 256 bits. Mai informacions sus la pagina del projècte.", "Because ignorance is bliss": - "Perque l'ignorància es bonaür", + "Perque lo es l’ignorància", "en": "oc", "Paste does not exist, has expired or has been deleted.": "Lo tèxte existís pas, a expirat, o es estat suprimit.", @@ -32,11 +32,11 @@ "Paste was properly deleted.": "Lo tèxte es estat correctament suprimit.", "JavaScript is required for %s to work.
    Sorry for the inconvenience.": - "JavaScript es requesit per far foncionar %s.
    O planhèm per l'inconvenient.", + "JavaScript es requesit per far foncionar %s.
    O planhèm per l’inconvenient.", "%s requires a modern browser to work.": "%s necessita un navigator modèrn per foncionar.", "Still using Internet Explorer? Do yourself a favor, switch to a modern browser:": - "Encora sus Internet Explorer ? Fasètz-vos una favor, passatz a un navigator modèrn :", + "Encora sus Internet Explorer ? Fasètz-vos una favor, passatz a un navigator modèrn :", "New": "Nòu", "Send": @@ -67,7 +67,7 @@ "Never": "Jamai", "Note: This is a test service: Data may be deleted anytime. Kittens will die if you abuse this service.": - "Nota : Aquò es un servici d'espròva : las donadas pòdon èsser suprimidas a cada moment. De catons moriràn s'abusatz d'aqueste servici.", + "Nota : Aquò es un servici d’espròva : las donadas pòdon èsser suprimidas a cada moment. De catons moriràn s’abusatz d’aqueste servici.", "This document will expire in %d seconds.": ["Ce document expirera dans %d seconde.", "Aqueste document expirarà dins %d segondas."], "This document will expire in %d minutes.": @@ -79,21 +79,21 @@ "This document will expire in %d months.": ["Ce document expirera dans %d mois.", "Aqueste document expirarà dins %d meses."], "Please enter the password for this paste:": - "Picatz lo senhal per aqueste tèxte :", + "Picatz lo senhal per aqueste tèxte :", "Could not decrypt data (Wrong key?)": - "Impossible de deschifrar las donadas (marrida clau ?)", + "Impossible de deschifrar las donadas (marrida clau ?)", "Could not delete the paste, it was not stored in burn after reading mode.": "Impossible de suprimir lo tèxte, perque es pas estat gardat en mòde \"Escafar aprèp lectura\".", "FOR YOUR EYES ONLY. Don't close this window, this message can't be displayed again.": "PER VÒSTRES UÈLHS SOLAMENT. Tampetz pas aquesta fenèstra, aqueste tèxte poirà pas mai èsser afichat.", "Could not decrypt comment; Wrong key?": - "Impossible de deschifrar lo comentari ; marrida clau ?", + "Impossible de deschifrar lo comentari ; marrida clau ?", "Reply": "Respondre", "Anonymous": "Anonime", "Avatar generated from IP address": - "Avatar anonime (Vizhash de l'adreça IP)", + "Avatar anonime (Vizhash de l’adreça IP)", "Add comment": "Apondre un comentari", "Optional nickname…": @@ -105,25 +105,25 @@ "Comment posted.": "Comentari mandat.", "Could not refresh display: %s": - "Impossible d'actualizar l'afichatge : %s", + "Impossible d’actualizar l’afichatge : %s", "unknown status": "Estatut desconegut", "server error or not responding": "Lo servidor respond pas o a rencontrat una error", "Could not post comment: %s": - "Impossible de mandar lo comentari : %s", + "Impossible de mandar lo comentari : %s", "Please move your mouse for more entropy…": "Mercés de bolegar vòstra mirga per mai entropia…", "Sending paste…": "Mandadís del tèxte…", "Your paste is %s (Hit [Ctrl]+[c] to copy)": - "Vòstre tèxte es disponible a l'adreça %s (Picatz sus [Ctrl]+[c] per copiar)", + "Vòstre tèxte es disponible a l’adreça %s (Picatz sus [Ctrl]+[c] per copiar)", "Delete data": "Supprimir las donadas del tèxte", "Could not create paste: %s": - "Impossible de crear lo tèxte : %s", + "Impossible de crear lo tèxte : %s", "Cannot decrypt paste: Decryption key missing in URL (Did you use a redirector or an URL shortener which strips part of the URL?)": - "Impossible de deschifrar lo tèxte : Clau de deschiframent absenta de l'URL (Avètz utilizat un redirector o un site de reduccion d'URL que suprimís una partida de l'URL ?)", + "Impossible de deschifrar lo tèxte : Clau de deschiframent absenta de l’URL (Avètz utilizat un redirector o un site de reduccion d’URL que suprimís una partida de l’URL ?)", "B": "o", "KiB": "Kio", "MiB": "Mio", @@ -139,14 +139,14 @@ "Markdown": "Markdown", "Download attachment": "Telecargar la pèça junta", "Cloned: '%s'": "Clonar: '%s'", - "The cloned file '%s' was attached to this paste.": "The cloned file '%s' was attached to this paste.", + "The cloned file '%s' was attached to this paste.": "Aqueste fichièr clonat '%s' es estat ajustat a aqueste tèxte.", "Attach a file": "Juntar un fichièr ", "Remove attachment": "Levar la pèca junta", "Your browser does not support uploading encrypted files. Please use a newer browser.": - "Vòstre navigator es pas compatible amb lo mandadís de fichièrs chifrats. Mercés d'emplegar un navigator mai recent.", + "Vòstre navigator es pas compatible amb lo mandadís de fichièrs chifrats. Mercés d’emplegar un navigator mai recent.", "Invalid attachment.": "Pèça junta invalida.", "Options": "Opcions", - "Shorten URL": "Acorchir l'URL", + "Shorten URL": "Acorchir l’URL", "Editor": "Editar", "Preview": "Previsualizar", "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.": @@ -159,6 +159,6 @@ "Decrypting paste…": "Decrypting paste…", "Preparing new paste…": "Preparing new paste…", "In case this message never disappears please have a look at this FAQ for information to troubleshoot.": - "Se per cas aqueste messatge quita pas de s'afichar mercés de gaitar aquesta FAQ per las solucions (en Anglés).", + "Se per cas aqueste messatge quita pas de s’afichar mercés de gaitar aquesta FAQ per las solucions (en Anglés).", "+++ no paste text +++": "+++ no paste text +++" } From c42e7fdd03d25a2e9ff67ed84d815ea057bb45e8 Mon Sep 17 00:00:00 2001 From: Quent-in Date: Fri, 8 Sep 2017 10:17:03 +0200 Subject: [PATCH 12/13] Update oc.json missing word --- i18n/oc.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/i18n/oc.json b/i18n/oc.json index cf0939e3..c934916c 100644 --- a/i18n/oc.json +++ b/i18n/oc.json @@ -3,7 +3,7 @@ "%s is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted in the browser using 256 bits AES. More information on the project page.": "%s es un 'pastebin' (o gestionari d’extrachs de tèxte e còdi font) minimalista e open source, dins lo qual lo servidor a pas cap de coneissença de las donadas mandadas. Las donadas son chifradas/deschifradas dins lo navigator per un chiframent AES 256 bits. Mai informacions sus la pagina del projècte.", "Because ignorance is bliss": - "Perque lo es l’ignorància", + "Perque lo bonaür es l’ignorància", "en": "oc", "Paste does not exist, has expired or has been deleted.": "Lo tèxte existís pas, a expirat, o es estat suprimit.", From 5cdd1f480f49b15b5d3927040d4a62d035b6bc7d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alfredo=20Fabi=C3=A1n=20Altamirano=20Tena?= Date: Tue, 12 Sep 2017 17:27:51 -0500 Subject: [PATCH 13/13] Updated spanish translation --- i18n/es.json | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/i18n/es.json b/i18n/es.json index 427f90dc..7d8de7ad 100644 --- a/i18n/es.json +++ b/i18n/es.json @@ -93,7 +93,7 @@ "Anonymous": "Anónimo", "Avatar generated from IP address": - "Avatar anónimo (Vizhash de la dirección IP)", + "Avatar generado a partir de la dirección IP", "Add comment": "Añadir comentario", "Optional nickname…": @@ -130,7 +130,7 @@ "Markdown": "Markdown", "Download attachment": "Descargar adjunto", "Cloned: '%s'": "Clonado: '%s'.", - "The cloned file '%s' was attached to this paste.": "The cloned file '%s' was attached to this paste.", + "The cloned file '%s' was attached to this paste.": "El archivo clonado '%s' ha sido adjuntado a este texto.", "Attach a file": "Adjuntar archivo", "Remove attachment": "Remover adjunto", "Your browser does not support uploading encrypted files. Please use a newer browser.": @@ -147,9 +147,9 @@ "Enter password": "Ingrese contraseña", "Loading…": "Cargando…", - "Decrypting paste…": "Decrypting paste…", - "Preparing new paste…": "Preparing new paste…", + "Decrypting paste…": "Descifrando texto…", + "Preparing new paste…": "Preparando texto nuevo…", "In case this message never disappears please have a look at this FAQ for information to troubleshoot.": "En caso de que este mensaje nunca desaparezca por favor revise este FAQ para obtener información para solucionar problemas.", - "+++ no paste text +++": "+++ no paste text +++" + "+++ no paste text +++": "+++ sin texto +++" }