Infra-Mirrors/PrivateBin
1
0
Fork 0
mirror of https://github.com/PrivateBin/PrivateBin.git synced 2025-06-04 13:09:05 -04:00
Code Issues Projects Releases Packages Wiki Activity

implement version 2 format validation, changing ID checksum algorithm, resolves #49

Browse source
This commit is contained in:
El RIDO 2019-05-03 23:03:57 +02:00
parent ed676acac3
commit 3338bd792e
No known key found for this signature in database
GPG key ID: 0F5C940A6BD81F92
12 changed files with 233 additions and 185 deletions
Download patch file Download diff file Expand all files Collapse all files

9
lib/Model/AbstractModel.php
View file

@ -15,7 +15,7 @@ namespace PrivateBin\Model;
use Exception;
use PrivateBin\Configuration;
use PrivateBin\Data\AbstractData;
use PrivateBin\Sjcl;
use PrivateBin\FormatV2;
use stdClass;
/**
@ -107,14 +107,13 @@ abstract class AbstractModel
*/
public function setData($data)
{
if (!Sjcl::isValid($data)) {
if (!FormatV2::isValid($data)) {
throw new Exception('Invalid data.', 61);
}
$this->_data->data = $data;
// We just want a small hash to avoid collisions:
// Half-MD5 (64 bits) will do the trick
$this->setId(substr(hash('md5', $data), 0, 16));
// calculate a 64 bit checksum to avoid collisions
$this->setId(hash('fnv1a64', $data['ct']));
}
/**

4
lib/Model/Comment.php
View file

@ -15,7 +15,7 @@ namespace PrivateBin\Model;
use Exception;
use Identicon\Identicon;
use PrivateBin\Persistence\TrafficLimiter;
use PrivateBin\Sjcl;
use PrivateBin\FormatV2;
use PrivateBin\Vizhash16x16;
/**
@ -183,7 +183,7 @@ class Comment extends AbstractModel
*/
public function setNickname($nickname)
{
if (!Sjcl::isValid($nickname)) {
if (!FormatV2::isValid($nickname)) {
throw new Exception('Invalid data.', 66);
}
$this->_data->meta->nickname = $nickname;

6
lib/Model/Paste.php
View file

@ -15,7 +15,7 @@ namespace PrivateBin\Model;
use Exception;
use PrivateBin\Controller;
use PrivateBin\Persistence\ServerSalt;
use PrivateBin\Sjcl;
use PrivateBin\FormatV2;
/**
* Paste
@ -195,7 +195,7 @@ class Paste extends AbstractModel
*/
public function setAttachment($attachment)
{
if (!$this->_conf->getKey('fileupload') || !Sjcl::isValid($attachment)) {
if (!$this->_conf->getKey('fileupload') || !FormatV2::isValid($attachment)) {
throw new Exception('Invalid attachment.', 71);
}
$this->_data->meta->attachment = $attachment;
@ -210,7 +210,7 @@ class Paste extends AbstractModel
*/
public function setAttachmentName($attachmentname)
{
if (!$this->_conf->getKey('fileupload') || !Sjcl::isValid($attachmentname)) {
if (!$this->_conf->getKey('fileupload') || !FormatV2::isValid($attachmentname)) {
throw new Exception('Invalid attachment.', 72);
}
$this->_data->meta->attachmentname = $attachmentname;