diff --git a/.eslintrc b/.eslintrc index 97437c73..e2a42cc7 100644 --- a/.eslintrc +++ b/.eslintrc @@ -15,7 +15,9 @@ globals: # http://eslint.org/docs/rules/ rules: # Possible Errors - comma-dangle: [2, never] + comma-dangle: + - error + - never no-cond-assign: 2 no-console: 0 no-constant-condition: 2 @@ -31,7 +33,9 @@ rules: no-extra-parens: 0 no-extra-semi: 2 no-func-assign: 2 - no-inner-declarations: [2, functions] + no-inner-declarations: + - error + - functions no-invalid-regexp: 2 no-irregular-whitespace: 2 no-negated-in-lhs: 2 @@ -47,7 +51,9 @@ rules: # Best Practices accessor-pairs: 2 block-scoped-var: 0 - complexity: [2, 6] + complexity: + - error + - 20 consistent-return: 0 curly: 0 default-case: 0 @@ -99,7 +105,7 @@ rules: no-with: 2 radix: 2 vars-on-top: 0 - wrap-iife: 2 + wrap-iife: 0 yoda: 0 # Strict @@ -152,7 +158,9 @@ rules: max-len: 0 max-nested-callbacks: 0 max-params: 0 - max-statements: [2, 30] + max-statements: + - error + - 60 new-cap: 0 new-parens: 0 newline-after-var: 0 diff --git a/.gitignore b/.gitignore index e476e383..a752f8cc 100644 --- a/.gitignore +++ b/.gitignore @@ -1,6 +1,7 @@ # Ignore server files for safety .htaccess .htpasswd +cfg/conf.ini # Ignore data/ data/ @@ -30,6 +31,7 @@ vendor/**/build_phar.php # Ignore local node modules, unit testing logs, api docs and eclipse project files js/node_modules/ tst/log/ +tst/ConfigurationCombinationsTest.php .settings .buildpath .project diff --git a/.travis.yml b/.travis.yml index 0185aa31..79987186 100644 --- a/.travis.yml +++ b/.travis.yml @@ -7,6 +7,7 @@ php: - '7.0' - '7.1' +# as this is a php project, node.js v4 (for JS unit testing) isn't installed install: - rm -rf ~/.nvm && git clone https://github.com/creationix/nvm.git ~/.nvm && (cd ~/.nvm && git checkout `git describe --abbrev=0 --tags`) && source ~/.nvm/nvm.sh && nvm install 4 @@ -18,7 +19,7 @@ before_script: - cd .. script: - - cd tst && phpunit + - cd tst && ../vendor/bin/phpunit - cd ../js && mocha after_script: diff --git a/CHANGELOG.md b/CHANGELOG.md index 2dc2e3c7..964d4ee5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,8 +1,10 @@ # PrivateBin version history * **next (not yet released)** - * ADDED: Translations for Spanish, Occitan and Norwegian + * ADDED: Translations for Spanish, Occitan, Norwegian and Portuguese * ADDED: Option in configuration to change the default "PrivateBin" title of the site + * CHANGED: Minimum required PHP version is 5.4 (#186) + * CHANGED: Shipped .htaccess files were updated for Apache 2.4 (#192) * CHANGED: Cleanup of bootstrap template variants and moved icons to `img` directory * **1.1 (2016-12-26)** * ADDED: Translations for Italian and Russian diff --git a/CREDITS.md b/CREDITS.md index dfb2d83e..1c7ec3cc 100644 --- a/CREDITS.md +++ b/CREDITS.md @@ -35,3 +35,4 @@ Sébastien Sauvage - original idea and main developer * Alfredo Fabián Altamirano Tena - Spanish * Quent-in - Occitan * idarlund - Norwegian +* Tulio Leao - Portuguese diff --git a/INSTALL.md b/INSTALL.md index 5dbc5095..b627bc9e 100644 --- a/INSTALL.md +++ b/INSTALL.md @@ -10,7 +10,7 @@ check the options and adjust them as you see fit. ### Requirements -- PHP version 5.3 or above +- PHP version 5.4 or above - _one_ of the following sources of cryptographically safe randomness is required: - PHP 7 or higher - [Libsodium](https://download.libsodium.org/libsodium/content/installation/) and it's [PHP extension](https://paragonie.com/book/pecl-libsodium/read/00-intro.md#installing-libsodium) diff --git a/README.md b/README.md index 0086f461..a259cb5d 100644 --- a/README.md +++ b/README.md @@ -16,10 +16,10 @@ Data is encrypted/decrypted in the browser using 256bit AES in [Galois Counter m This is a fork of ZeroBin, originally developed by [Sébastien Sauvage](https://github.com/sebsauvage/ZeroBin). It was refactored -to allow easier and cleaner extensions and has now much more features than the +to allow easier and cleaner extensions and has now many more features than the original. It is however still fully compatible to the original ZeroBin 0.19 data storage scheme. Therefore such installations can be upgraded to this fork -without loosing any data. +without losing any data. ## What PrivateBin provides diff --git a/cfg/.gitignore b/cfg/.gitignore deleted file mode 100644 index 69db0209..00000000 --- a/cfg/.gitignore +++ /dev/null @@ -1 +0,0 @@ -/conf.ini diff --git a/cfg/.htaccess b/cfg/.htaccess index b584d98c..b66e8088 100644 --- a/cfg/.htaccess +++ b/cfg/.htaccess @@ -1,2 +1 @@ -Allow from none -Deny from all +Require all denied diff --git a/composer.json b/composer.json index b92f4629..4248b5f4 100644 --- a/composer.json +++ b/composer.json @@ -18,13 +18,14 @@ } ], "require": { - "php": "^5.3.0 || ^7.0", + "php": "^5.4.0 || ^7.0", "paragonie/random_compat": "2.0.4", "yzalis/identicon": "1.1.0" }, "require-dev": { "codacy/coverage": "dev-master", - "codeclimate/php-test-reporter": "dev-master" + "codeclimate/php-test-reporter": "dev-master", + "phpunit/phpunit": "^4.6 || ^5.0" }, "autoload": { "psr-4": { diff --git a/css/bootstrap/privatebin.css b/css/bootstrap/privatebin.css index 381f72d7..ded82590 100644 --- a/css/bootstrap/privatebin.css +++ b/css/bootstrap/privatebin.css @@ -17,6 +17,10 @@ body.navbar-spacing { padding-top: 70px; } +body.loading { + cursor: wait; +} + .buttondisabled { opacity: 0.3; } @@ -102,6 +106,12 @@ body.navbar-spacing { border-left: 1px solid #ccc; padding: 5px 0 5px 10px; white-space: pre-wrap; + transition: background-color 0.75s ease-out; +} + +.comment.highlight { + background-color: #ffdd86; + transition: background-color 0.2s ease-in; } footer h4 { diff --git a/i18n/de.json b/i18n/de.json index 87f55ccb..7974d773 100644 --- a/i18n/de.json +++ b/i18n/de.json @@ -7,8 +7,8 @@ "en": "de", "Paste does not exist, has expired or has been deleted.": "Diesen Text gibt es nicht, er ist abgelaufen oder wurde gelöscht.", - "%s requires php 5.3.0 or above to work. Sorry.": - "%s benötigt PHP 5.3.0 oder höher, um zu funktionieren. Sorry.", + "%s requires php %s or above to work. Sorry.": + "%s benötigt PHP %s oder höher, um zu funktionieren. Sorry.", "%s requires configuration section [%s] to be present in configuration file.": "%s benötigt den Konfigurationsabschnitt [%s] in der Konfigurationsdatei um zu funktionieren.", "Please wait %d seconds between each post.": @@ -83,25 +83,25 @@ "Could not decrypt data (Wrong key?)": "Konnte Daten nicht entschlüsseln (Falscher Schlüssel?)", "Could not delete the paste, it was not stored in burn after reading mode.": - "Konnte den Text nicht löschen, er wurde nicht im Einmal-Modus gespeichert.", + "Konnte das Paste nicht löschen, es wurde nicht im Einmal-Modus gespeichert.", "FOR YOUR EYES ONLY. Don't close this window, this message can't be displayed again.": - "DIESER TEXT IST NUR FÜR DICH GEDACHT. Schliesse das Fenster nicht, diese Nachricht kann nur einmal geöffnet werden.", + "DIESER TEXT IST NUR FÜR DICH GEDACHT. Schließe das Fenster nicht, diese Nachricht kann nur einmal geöffnet werden.", "Could not decrypt comment; Wrong key?": "Konnte Kommentar nicht entschlüsseln; Falscher Schlüssel?", "Reply": "Antworten", "Anonymous": "Anonym", - "Anonymous avatar (Vizhash of the IP address)": - "Anonymer Avatar (Vizhash der IP-Addresse)", + "Avatar generated from IP address": + "Avatar (generiert aus der IP-Adresse)", "Add comment": "Kommentar hinzufügen", - "Optional nickname...": - "Optionales Pseudonym...", + "Optional nickname…": + "Optionales Pseudonym…", "Post comment": "Kommentar absenden", - "Sending comment...": - "Sende Kommentar...", + "Sending comment…": + "Sende Kommentar…", "Comment posted.": "Kommentar gesendet.", "Could not refresh display: %s": @@ -112,24 +112,25 @@ "Fehler auf dem Server oder keine Antwort vom Server", "Could not post comment: %s": "Konnte Kommentar nicht senden: %s", - "Sending paste (Please move your mouse for more entropy)...": - "Sende Text (Bitte bewege Deine Maus um die Entropie zu erhöhen)...", - "Sending paste...": - "Sende Text...", + "Please move your mouse for more entropy…": + "Bitte bewege Deine Maus um die Entropie zu erhöhen…", + "Sending paste…": + "Sende Paste…", "Your paste is %s (Hit [Ctrl]+[c] to copy)": - "Dein Text ist unter %s zu finden (Drücke [Strg]+[c] um den Link zu kopieren)", + "Dein Paste ist unter %s zu finden (Drücke [Strg]+[c] um den Link zu kopieren)", "Delete data": "Lösche Daten", "Could not create paste: %s": - "Konnte Text nicht erstellen: %s", + "Konnte Paste nicht erstellen: %s", "Cannot decrypt paste: Decryption key missing in URL (Did you use a redirector or an URL shortener which strips part of the URL?)": - "Konnte Text nicht entschlüsseln: Der Schlüssel fehlt in der Adresse (Hast du eine Umleitung oder einen URL-Verkürzer benutzt, der Teile der Adresse entfernt?)", + "Konnte Paste nicht entschlüsseln: Der Schlüssel fehlt in der Adresse (Hast du eine Umleitung oder einen URL-Verkürzer benutzt, der Teile der Adresse entfernt?)", "Format": "Format", "Plain Text": "Nur Text", "Source Code": "Quellcode", "Markdown": "Markdown", "Download attachment": "Anhang herunterladen", - "Cloned file attached.": "Kopierte Datei angehängt.", + "Cloned: '%s'": "Geklont: '%s'", + "The cloned file '%s' was attached to this paste.": "Die geklonte Datei '%s' wurde angehängt.", "Attach a file": "Datei anhängen", "Remove attachment": "Anhang entfernen", "Your browser does not support uploading encrypted files. Please use a newer browser.": @@ -146,6 +147,10 @@ "Enter password": "Passwort eingeben", "Loading…": "Lädt…", + "Decrypting paste…": "Entschlüssle Paste…", + "Preparing new paste…": "Bereite neues Paste vor…", "In case this message never disappears please have a look at this FAQ for information to troubleshoot.": - "Wenn diese Nachricht nicht mehr verschwindet, schau bitte in die FAQ (englisch), um zu sehen, wie der Fehler behoben werden kann." + "Wenn diese Nachricht nicht mehr verschwindet, schau bitte in die FAQ (englisch), um zu sehen, wie der Fehler behoben werden kann.", + "+++ no paste text +++": + "+++ kein Paste-Text +++" } diff --git a/i18n/es.json b/i18n/es.json index 61b15409..e957c8f8 100644 --- a/i18n/es.json +++ b/i18n/es.json @@ -7,10 +7,10 @@ "en": "es", "Paste does not exist, has expired or has been deleted.": "El texto no existe, ha caducado o ha sido eliminado.", - "%s requires php 5.3.0 or above to work. Sorry.": - "%s requiere php 5.3.0 o superior para funcionar. Lo siento.", + "%s requires php %s or above to work. Sorry.": + "%s requiere php %s o superior para funcionar. Lo siento.", "%s requires configuration section [%s] to be present in configuration file.": - "%s requiere que la sección de configuración [% s] esté presente en el archivo de configuración.", + "%s requiere que la sección de configuración [%s] esté presente en el archivo de configuración.", "Please wait %d seconds between each post.": "Por favor espere %d segundos entre cada publicación.", "Paste is limited to %s of encrypted data.": @@ -96,12 +96,12 @@ "Avatar anónimo (Vizhash de la dirección IP)", "Add comment": "Añadir comentario", - "Optional nickname...": - "Seudónimo opcional...", + "Optional nickname…": + "Seudónimo opcional…", "Post comment": "Publicar comentario", - "Sending comment...": - "Enviando comentario...", + "Sending comment…": + "Enviando comentario…", "Comment posted.": "Comentario publicado.", "Could not refresh display: %s": @@ -112,10 +112,10 @@ "Error del servidor o el servidor no responde", "Could not post comment: %s": "No fue posible publicar comentario: %s", - "Sending paste (Please move your mouse for more entropy)...": - "Enviando texto (Por favor, mueva el ratón para mayor entropía)...", - "Sending paste...": - "Enviando texto...", + "Sending paste (Please move your mouse for more entropy)…": + "Enviando texto (Por favor, mueva el ratón para mayor entropía)…", + "Sending paste…": + "Enviando texto…", "Your paste is %s (Hit [Ctrl]+[c] to copy)": "Su texto está en %s (Presione [Ctrl]+[c] para copiar)", "Delete data": diff --git a/i18n/fr.json b/i18n/fr.json index 89a45049..35cfd659 100644 --- a/i18n/fr.json +++ b/i18n/fr.json @@ -7,8 +7,8 @@ "en": "fr", "Paste does not exist, has expired or has been deleted.": "Le paste n'existe pas, a expiré, ou a été supprimé.", - "%s requires php 5.3.0 or above to work. Sorry.": - "Désolé, %s nécessite php 5.3.0 ou supérieur pour fonctionner.", + "%s requires php %s or above to work. Sorry.": + "Désolé, %s nécessite php %s ou supérieur pour fonctionner.", "%s requires configuration section [%s] to be present in configuration file.": "%s a besoin de la section de configuration [%s] dans le fichier de configuration pour fonctionner.", "Please wait %d seconds between each post.": @@ -96,12 +96,12 @@ "Avatar anonyme (Vizhash de l'adresse IP)", "Add comment": "Ajouter un commentaire", - "Optional nickname...": - "Pseudonyme optionnel...", + "Optional nickname…": + "Pseudonyme optionnel…", "Post comment": "Poster le commentaire", - "Sending comment...": - "Envoi du commentaire...", + "Sending comment…": + "Envoi du commentaire…", "Comment posted.": "Commentaire posté.", "Could not refresh display: %s": @@ -112,10 +112,10 @@ "Le serveur ne répond pas ou a rencontré une erreur", "Could not post comment: %s": "Impossible de poster le commentaire : %s", - "Sending paste (Please move your mouse for more entropy)...": - "Envoi du paste (Merci de bouger votre souris pour plus d'entropie)...", - "Sending paste...": - "Envoi du paste...", + "Sending paste (Please move your mouse for more entropy)…": + "Envoi du paste (Merci de bouger votre souris pour plus d'entropie)…", + "Sending paste…": + "Envoi du paste…", "Your paste is %s (Hit [Ctrl]+[c] to copy)": "Votre paste est disponible à l'adresse %s (Appuyez sur [Ctrl]+[c] pour copier)", "Delete data": @@ -149,12 +149,12 @@ "Editor": "Éditer", "Preview": "Prévisualiser", "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.": - "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.", + "%s requiert que le PATH se termine dans un \"%s\". Veuillez mettre à jour le PATH dans votre index.php.", "Decrypt": - "Decrypt", + "Déchiffrer", "Enter password": "Entrez le mot de passe", - "Loading…": "Loading…", + "Loading…": "Chargement…", "In case this message never disappears please have a look at this FAQ for information to troubleshoot.": - "In case this message never disappears please have a look at this FAQ for information to troubleshoot (in English)." + "Si ce message ne disparaîssait pas, jetez un oeil à cette FAQ pour des idées de résolution (en Anglais)." } diff --git a/i18n/it.json b/i18n/it.json index 24b79ec9..dc56fa75 100644 --- a/i18n/it.json +++ b/i18n/it.json @@ -7,8 +7,8 @@ "en": "it", "Paste does not exist, has expired or has been deleted.": "Questo messaggio non esiste, è scaduto o è stato cancellato.", - "%s requires php 5.3.0 or above to work. Sorry.": - "%s richiede PHP 5.3.0 o superiore.", + "%s requires php %s or above to work. Sorry.": + "%s richiede php %s o superiore per funzionare. Ci spiace.", "%s requires configuration section [%s] to be present in configuration file.": "%s richiede la presenza della sezione [%s] nei file di configurazione.", "Please wait %d seconds between each post.": @@ -67,7 +67,7 @@ "Never": "Mai", "Note: This is a test service: Data may be deleted anytime. Kittens will die if you abuse this service.": - "Nota: questo è un servizio di prova, i dati possono essere cancellati in qualsiasi momento. Ti preghiamo di non abusare di questo servizio, grazie.", + "Nota: questo è un servizio di prova, i messaggi salvati possono essere cancellati in qualsiasi momento. Moriranno dei gattini se abuserai di questo servizio.", "This document will expire in %d seconds.": ["Questo documento scadrà tra un secondo.", "Questo documento scadrà in %d secondi."], "This document will expire in %d minutes.": @@ -87,21 +87,21 @@ "FOR YOUR EYES ONLY. Don't close this window, this message can't be displayed again.": "FOR YOUR EYES ONLY. Non chiudere questa finestra, il messaggio non può essere visualizzato una seconda volta.", "Could not decrypt comment; Wrong key?": - "Non riesco a decifrari il commento (Chiave errata?)", + "Non riesco a decifrare il commento (Chiave errata?)", "Reply": "Rispondi", "Anonymous": "Anonimo", "Anonymous avatar (Vizhash of the IP address)": - "Avatar Anonino (Vizhash dell'indirizzo IP)", + "Avatar Anonimo (Vizhash dell'indirizzo IP)", "Add comment": "Aggiungi un commento", - "Optional nickname...": - "Nickname opzionale...", + "Optional nickname…": + "Nickname opzionale…", "Post comment": "Invia commento", - "Sending comment...": - "Commento in fase di invio...", + "Sending comment…": + "Commento in fase di invio…", "Comment posted.": "Commento inviato.", "Could not refresh display: %s": @@ -112,10 +112,10 @@ "errore o mancata risposta dal server", "Could not post comment: %s": "Impossibile inviare il commento: %s", - "Sending paste (Please move your mouse for more entropy)...": - "Invio messaggio (Muovi il mouse in modo casuale, per generare maggior entropia)...", - "Sending paste...": - "Messaggio in fase di invio...", + "Sending paste (Please move your mouse for more entropy)…": + "Invio messaggio (Muovi il mouse in modo casuale, per generare maggior entropia)…", + "Sending paste…": + "Messaggio in fase di invio…", "Your paste is %s (Hit [Ctrl]+[c] to copy)": "Il tuo messaggio è qui: %s ([CTRL | CMD]+[C] per copiare il link)", "Delete data": @@ -147,5 +147,5 @@ "Inserisci la password", "Loading…": "Loading…", "In case this message never disappears please have a look at this FAQ for information to troubleshoot.": - "In case this message never disappears please have a look at this FAQ for information to troubleshoot (in English)." + "Nel caso questo messaggio non scompaia, controlla questa FAQ per trovare informazioni su come risolvere il problema (in Inglese)." } diff --git a/i18n/no.json b/i18n/no.json index 1408b811..fd56583d 100644 --- a/i18n/no.json +++ b/i18n/no.json @@ -7,8 +7,8 @@ "en": "no", "Paste does not exist, has expired or has been deleted.": "Innlegget eksisterer ikke, er utløpt eller har blitt slettet.", - "%s requires php 5.3.0 or above to work. Sorry.": - "Beklager, %s krever php 5.3.0 eller nyere for å kjøre.", + "%s requires php %s or above to work. Sorry.": + "Beklager, %s krever php %s eller nyere for å kjøre.", "%s requires configuration section [%s] to be present in configuration file.": "%s krever konfigurasjonsdel [%s] å være til stede i konfigurasjonsfilen .", "Please wait %d seconds between each post.": @@ -96,12 +96,12 @@ "Anonym avatar (Vizhash av IP adressen)", "Add comment": "Legg til kommentar", - "Optional nickname...": - "Valgfritt kallenavn...", + "Optional nickname…": + "Valgfritt kallenavn…", "Post comment": "Send kommentar", - "Sending comment...": - "Sender Kommentar...", + "Sending comment…": + "Sender Kommentar…", "Comment posted.": "Kommentar sendt.", "Could not refresh display: %s": @@ -112,10 +112,10 @@ "server feilet eller svarer ikke", "Could not post comment: %s": "Kunne ikke sende kommentar: %s", - "Sending paste (Please move your mouse for more entropy)...": - "Sender innlegg (Flytt musen for mere entropi)...", - "Sending paste...": - "Sender innlegg...", + "Sending paste (Please move your mouse for more entropy)…": + "Sender innlegg (Flytt musen for mere entropi)…", + "Sending paste…": + "Sender innlegg…", "Your paste is %s (Hit [Ctrl]+[c] to copy)": "Ditt innlegg er %s (Trykk [Ctrl]+[c] for å kopiere)", "Delete data": diff --git a/i18n/oc.json b/i18n/oc.json index efbb9b21..b6b449de 100644 --- a/i18n/oc.json +++ b/i18n/oc.json @@ -7,8 +7,8 @@ "en": "oc", "Paste does not exist, has expired or has been deleted.": "Lo tèxte existís pas, a expirat, o es estat suprimit.", - "%s requires php 5.3.0 or above to work. Sorry.": - "O planhèm, %s necessita php 5.3.0 o superior per foncionar.", + "%s requires php %s or above to work. Sorry.": + "O planhèm, %s necessita php %s o superior per foncionar.", "%s requires configuration section [%s] to be present in configuration file.": "%s fa besonh de la seccion de configuracion [%s] dins lo fichièr de configuracion per foncionar.", "Please wait %d seconds between each post.": @@ -96,12 +96,12 @@ "Avatar anonime (Vizhash de l'adreça IP)", "Add comment": "Apondre un comentari", - "Optional nickname...": - "Escais opcional...", + "Optional nickname…": + "Escais opcional…", "Post comment": "Mandar lo comentari", - "Sending comment...": - "Mandadís del comentari...", + "Sending comment…": + "Mandadís del comentari…", "Comment posted.": "Comentari mandat.", "Could not refresh display: %s": @@ -112,10 +112,10 @@ "Lo servidor respond pas o a rencontrat una error", "Could not post comment: %s": "Impossible de mandar lo comentari : %s", - "Sending paste (Please move your mouse for more entropy)...": - "Mandadís del tèxte (Mercés de bolegar vòstra mirga per mai entropia)...", - "Sending paste...": - "Mandadís del tèxte...", + "Sending paste (Please move your mouse for more entropy)…": + "Mandadís del tèxte (Mercés de bolegar vòstra mirga per mai entropia)…", + "Sending paste…": + "Mandadís del tèxte…", "Your paste is %s (Hit [Ctrl]+[c] to copy)": "Vòstre tèxte es disponible a l'adreça %s (Picatz sus [Ctrl]+[c] per copiar)", "Delete data": diff --git a/i18n/pl.json b/i18n/pl.json index 2757439b..99554981 100644 --- a/i18n/pl.json +++ b/i18n/pl.json @@ -7,8 +7,8 @@ "en": "pl", "Paste does not exist, has expired or has been deleted.": "Wklejka nie istnieje, wygasła albo została usunięta.", - "%s requires php 5.3.0 or above to work. Sorry.": - "%s wymaga PHP w wersji 5.3.0 lub nowszej, sorry.", + "%s requires php %s or above to work. Sorry.": + "%s wymaga PHP w wersji %s lub nowszej, sorry.", "%s requires configuration section [%s] to be present in configuration file.": "%s wymaga obecności sekcji [%s] w pliku konfiguracyjnym.", "Please wait %d seconds between each post.": @@ -96,12 +96,12 @@ "Anonimowy avatar (Vizhash z adresu IP)", "Add comment": "Dodaj komentarz", - "Optional nickname...": - "Opcjonalny nick...", + "Optional nickname…": + "Opcjonalny nick…", "Post comment": "Wyślij komentarz", - "Sending comment...": - "Wysyłanie komentarza...", + "Sending comment…": + "Wysyłanie komentarza…", "Comment posted.": "Wysłano komentarz.", "Could not refresh display: %s": @@ -112,10 +112,10 @@ "bląd serwera lub brak odpowiedzi", "Could not post comment: %s": "Nie udało się wysłać komentarza: %s", - "Sending paste (Please move your mouse for more entropy)...": - "Wysyłanie wklejki (proszę poruszać myszą aby uzyskać większą entropię)...", - "Sending paste...": - "Wysyłanie wklejki...", + "Sending paste (Please move your mouse for more entropy)…": + "Wysyłanie wklejki (proszę poruszać myszą aby uzyskać większą entropię)…", + "Sending paste…": + "Wysyłanie wklejki…", "Your paste is %s (Hit [Ctrl]+[c] to copy)": "Twoja wklejka to %s (wciśnij [Ctrl]+[c] aby skopiować)", "Delete data": diff --git a/i18n/pt.json b/i18n/pt.json new file mode 100644 index 00000000..06f72c51 --- /dev/null +++ b/i18n/pt.json @@ -0,0 +1,151 @@ +{ + "PrivateBin": "PrivateBin", + "%s is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted in the browser using 256 bits AES. More information on the project page.": + "%s é um serviço minimalista e de código aberto do tipo \"pastebin\", em que o servidor tem zero conhecimento dos dados copiados. Os dados são cifrados e decifrados no navegador usando 256 bits AES. Mais informações na página do projeto.", + "Because ignorance is bliss": + "Porque a ignorância é uma benção", + "en": "pt", + "Paste does not exist, has expired or has been deleted.": + "A cópia não existe, expirou ou já foi excluída.", + "%s requires php %s or above to work. Sorry.": + "%s requer php %s ou superior para funcionar. Desculpa.", + "%s requires configuration section [%s] to be present in configuration file.": + "%s requer que a seção de configuração [% s] esteja no arquivo de configuração.", + "Please wait %d seconds between each post.": + "Por favor espere %d segundos entre cada publicação.", + "Paste is limited to %s of encrypted data.": + "A cópia está limitada a %s de dados cifrados.", + "Invalid data.": + "Dados inválidos.", + "You are unlucky. Try again.": + "Você é azarado. Tente novamente", + "Error saving comment. Sorry.": + "Erro ao salvar comentário. Desculpa.", + "Error saving paste. Sorry.": + "Erro ao salvar cópia. Desculpa.", + "Invalid paste ID.": + "ID de cópia inválido.", + "Paste is not of burn-after-reading type.": + "Cópia não é do tipo \"queime após ler\".", + "Wrong deletion token. Paste was not deleted.": + "Token de remoção inválido. A cópia não foi excluída.", + "Paste was properly deleted.": + "A cópia foi devidamente excluída.", + "JavaScript is required for %s to work.
Sorry for the inconvenience.": + "JavaScript é necessário para que %s funcione.
Pedimos desculpas pela inconveniência.", + "%s requires a modern browser to work.": + "%s requer um navegador moderno para funcionar.", + "Still using Internet Explorer? Do yourself a favor, switch to a modern browser:": + "Ainda usando Internet Explorer? Faça-se um favor, mude para um navegador moderno:", + "New": + "Novo", + "Send": + "Enviar", + "Clone": + "Clonar", + "Raw text": + "Texto sem formato", + "Expires": + "Expirar em", + "Burn after reading": + "Queime após ler", + "Open discussion": + "Discussão aberta", + "Password (recommended)": + "Senha (recomendada)", + "Discussion": + "Discussão", + "Toggle navigation": + "Mudar navegação", + "%d seconds": ["%d segundo", "%d segundos"], + "%d minutes": ["%d minuto", "%d minutos"], + "%d hours": ["%d hora", "%d horas"], + "%d days": ["%d dia", "%d dias"], + "%d weeks": ["%d semana", "%d semanas"], + "%d months": ["%d mês", "%d meses"], + "%d years": ["%d ano", "%d anos"], + "Never": + "Nunca", + "Note: This is a test service: Data may be deleted anytime. Kittens will die if you abuse this service.": + "Nota: Este é um serviço de teste. Dados podem ser perdidos a qualquer momento. Gatinhos morrerão se você abusar desse serviço.", + "This document will expire in %d seconds.": + ["Este documento irá expirar em um segundo.", "Este documento irá expirar em %d segundos."], + "This document will expire in %d minutes.": + ["Este documento irá expirar em um minuto.", "Este documento irá expirar em %d minutos."], + "This document will expire in %d hours.": + ["Este documento irá expirar em uma hora.", "Este documento irá expirar em %d horas."], + "This document will expire in %d days.": + ["Este documento irá expirar em um dia.", "Este documento irá expirar em %d dias."], + "This document will expire in %d months.": + ["Este documento irá expirar em um mês.", "Este documento irá expirar em %d meses."], + "Please enter the password for this paste:": + "Por favor, digite a senha para essa cópia:", + "Could not decrypt data (Wrong key?)": + "Não foi possível decifrar os dados (Chave errada?)", + "Could not delete the paste, it was not stored in burn after reading mode.": + "Não foi possível excluir a cópia, ela não foi salva no modo de \"queime após ler\".", + "FOR YOUR EYES ONLY. Don't close this window, this message can't be displayed again.": + "APENAS PARA SEUS OLHOS. Não feche essa janela, essa mensagem não pode ser exibida novamente.", + "Could not decrypt comment; Wrong key?": + "Não foi possível decifrar o comentário; Chave errada?", + "Reply": + "Responder", + "Anonymous": + "Anônimo", + "Avatar generated from IP address": + "Avatar gerado à partir do endereço IP", + "Add comment": + "Adicionar comentário", + "Optional nickname…": + "Apelido opcional…", + "Post comment": + "Publicar comentário", + "Sending comment…": + "Enviando comentário…", + "Comment posted.": + "Comentário publicado.", + "Could not refresh display: %s": + "Não foi possível atualizar a tela: %s", + "unknown status": + "Estado desconhecido", + "server error or not responding": + "Servidor em erro ou não responsivo", + "Could not post comment: %s": + "Não foi possível publicar o comentário: %s", + "Please move your mouse for more entropy…": + "Por favor, mova o mouse para maior entropia…", + "Sending paste…": + "Enviando cópia…", + "Your paste is %s (Hit [Ctrl]+[c] to copy)": + "Sua cópia é %s (Pressione [Ctrl]+[c] para copiar)", + "Delete data": + "Excluir dados", + "Could not create paste: %s": + "Não foi possível criar cópia: %s", + "Cannot decrypt paste: Decryption key missing in URL (Did you use a redirector or an URL shortener which strips part of the URL?)": + "Não foi possível decifrar a cópia: chave de decriptografia ausente na URL (Você utilizou um redirecionador ou encurtador de URL que removeu parte dela?)", + "Format": "Formato", + "Plain Text": "Texto sem formato", + "Source Code": "Código fonte", + "Markdown": "Markdown", + "Download attachment": "Baixar anexo", + "Cloned: '%s'": "Clonado: '%s'", + "Attach a file": "Anexar um arquivo", + "Remove attachment": "Remover anexo", + "Your browser does not support uploading encrypted files. Please use a newer browser.": + "Seu navegador não permite subir arquivos cifrados. Por favor, utilize um navegador mais recente.", + "Invalid attachment.": "Anexo inválido.", + "Options": "Opções", + "Shorten URL": "Encurtar URL", + "Editor": "Editor", + "Preview": "Visualizar", + "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.": + "%s requer que o PATH termine em \"%s\". Por favor, atualize o PATH em seu index.php.", + "Decrypt": + "Decifrar", + "Enter password": + "Digite a senha", + "Loading…": "Carregando…", + "In case this message never disappears please have a look at this FAQ for information to troubleshoot.": + "Caso essa mensagem nunca desapareça, por favor veja este FAQ para saber como resolver os problemas." +} diff --git a/i18n/ru.json b/i18n/ru.json index de7ad051..ca4c707b 100644 --- a/i18n/ru.json +++ b/i18n/ru.json @@ -7,8 +7,8 @@ "en": "ru", "Paste does not exist, has expired or has been deleted.": "Запись не существует, просрочена или была удалена.", - "%s requires php 5.3.0 or above to work. Sorry.": - "Для работы %s требуется PHP 5.3.0 или выше. Извините.", + "%s requires php %s or above to work. Sorry.": + "Для работы %s требуется php %s или выше. Извините.", "%s requires configuration section [%s] to be present in configuration file.": "%s необходимо наличие секции [%s] в конфигурационном файле.", "Please wait %d seconds between each post.": @@ -32,7 +32,7 @@ "Paste was properly deleted.": "Запись была успешно удалена.", "JavaScript is required for %s to work.
Sorry for the inconvenience.": - "Для работы %s требуется включенный JavaScript.
Приносим извинения за неудобства..", + "Для работы %s требуется включенный JavaScript.
Приносим извинения за неудобства.", "%s requires a modern browser to work.": "Для работы %s требуется более современный браузер.", "Still using Internet Explorer? Do yourself a favor, switch to a modern browser:": @@ -96,26 +96,26 @@ "Анонимный аватар (Vizhash IP адреса)", "Add comment": "Добавить комментарий", - "Optional nickname...": - "Опциональный никнейм...", + "Optional nickname…": + "Опциональный никнейм…", "Post comment": "Отправить комментарий", - "Sending comment...": - "Отправка комментария...", + "Sending comment…": + "Отправка комментария…", "Comment posted.": "Комментарий опубликован.", - "Could not refresh display: %s": - "Невозможно обновить данные: %s", "unknown status": "неизвестная причина", "server error or not responding": "ошибка сервера или нет ответа", + "unknown error": + "неизвестная ошибка", "Could not post comment: %s": "Не удалось опубликовать комментарий: %s", - "Sending paste (Please move your mouse for more entropy)...": - "Отправка записи (Пожалуйста двигайте мышкой для большей энтропии)...", - "Sending paste...": - "Отправка записи...", + "Please move your mouse for more entropy…": + "Пожалуйста двигайте мышкой для большей энтропии…", + "Sending paste…": + "Отправка записи…", "Your paste is %s (Hit [Ctrl]+[c] to copy)": "Ссылка на запись %s (Нажмите [Ctrl]+[c] чтобы скопировать ссылку)", "Delete data": @@ -138,7 +138,10 @@ "Source Code": "Исходный код", "Markdown": "Язык разметки", "Download attachment": "Скачать прикрепленный файл", - "Cloned file attached.": "Дубль файла прикреплен.", + "Cloned file attached.": "Дубликат файла прикреплен.", + "Cloned: '%s'": "Дублировано: '%s'", + "The cloned file '%s' was attached to this paste.": + "Дубликат файла '%s' был прикреплен к этой записи.", "Attach a file": "Прикрепить файл", "Remove attachment": "Удалить вложение", "Your browser does not support uploading encrypted files. Please use a newer browser.": @@ -155,5 +158,12 @@ "Enter password": "Введите пароль", "Uploading paste… Please wait.": - "Отправка записи... Пожалуйста подождите." + "Отправка записи… Пожалуйста подождите.", + "Loading…": "Загрузка…", + "Decrypting paste…": "Расшифровка записи…", + "Preparing new paste…": "Подготовка новой записи…", + "In case this message never disappears please have a look at this FAQ for information to troubleshoot.": + "Если данное сообщение не исчезает длительное время, посмотрите этот FAQ с информацией о возможном решении проблемы (на английском).", + "+++ no paste text +++": + "+++ в записи нет текста +++" } diff --git a/i18n/sl.json b/i18n/sl.json index 4cf3d5a1..00b09702 100644 --- a/i18n/sl.json +++ b/i18n/sl.json @@ -7,8 +7,8 @@ "en": "sl", "Paste does not exist, has expired or has been deleted.": "Prilepek ne obstaja, mu je potekla življenjska doba, ali pa je izbrisan.", - "%s requires php 5.3.0 or above to work. Sorry.": - "Oprosti, %s za delovanje potrebuje vsaj php 5.3.0.", + "%s requires php %s or above to work. Sorry.": + "Oprosti, %s za delovanje potrebuje vsaj php %s.", "%s requires configuration section [%s] to be present in configuration file.": "%s potrebuje sekcijo konfiguracij [%s] v konfiguracijski datoteki.", "Please wait %d seconds between each post.": @@ -96,12 +96,12 @@ "Anonimen avatar (Vizhash IP naslova)", "Add comment": "Dodaj komentar", - "Optional nickname...": + "Optional nickname…": "Uporabniško ime (lahko izpustiš)", "Post comment": "Objavi komentar", - "Sending comment...": - "Pošiljam komentar ...", + "Sending comment…": + "Pošiljam komentar …", "Comment posted.": "Komentar poslan.", "Could not refresh display: %s": @@ -112,10 +112,10 @@ "napaka na strežniku, ali pa se strežnik ne odziva", "Could not post comment: %s": "Komentarja ni bilo mogoče objaviti : %s", - "Sending paste (Please move your mouse for more entropy)...": - "Pošiljam prilepek (prosim premakni svojo miško za več entropije) ...", - "Sending paste...": - "Pošiljam prilepek...", + "Sending paste (Please move your mouse for more entropy)…": + "Pošiljam prilepek (prosim premakni svojo miško za več entropije) …", + "Sending paste…": + "Pošiljam prilepek…", "Your paste is %s (Hit [Ctrl]+[c] to copy)": "Tvoj prilepek je dostopen na naslovu: %s (Pritisni [Ctrl]+[c] ali [Cmd] + [c] in skopiraj)", "Delete data": diff --git a/i18n/zh.json b/i18n/zh.json index a1a9b960..5fcaf3db 100644 --- a/i18n/zh.json +++ b/i18n/zh.json @@ -7,8 +7,8 @@ "en": "zh", "Paste does not exist, has expired or has been deleted.": "粘贴不存在,已过期或者已被删除。", - "%s requires php 5.3.0 or above to work. Sorry.": - "%s需要工作于PHP 5.3.0及以上版本,抱歉。", + "%s requires php %s or above to work. Sorry.": + "%s需要工作于PHP %s及以上版本,抱歉。", "%s requires configuration section [%s] to be present in configuration file.": "%s需要设置配置文件中 [%s] 的部分。", "Please wait %d seconds between each post.": @@ -92,16 +92,16 @@ "回复", "Anonymous": "匿名", - "Anonymous avatar (Vizhash of the IP address)": - "匿名头像 (由IP地址生成Vizhash)", + "Avatar generated from IP address": + "由IP生成的头像", "Add comment": "添加评论", - "Optional nickname...": - "可选昵称...", + "Optional nickname…": + "可选昵称…", "Post comment": "评论", - "Sending comment...": - "评论发送中...", + "Sending comment…": + "评论发送中…", "Comment posted.": "评论已发送。", "Could not refresh display: %s": @@ -112,10 +112,10 @@ "服务器错误或无回应", "Could not post comment: %s": "无法发送评论: %s", - "Sending paste (Please move your mouse for more entropy)...": - "粘贴提交中 (请移动鼠标以产生更多熵)...", - "Sending paste...": - "粘贴提交中...", + "Please move your mouse for more entropy…": + "请移动鼠标增加随机性…", + "Sending paste…": + "粘贴提交中…", "Your paste is %s (Hit [Ctrl]+[c] to copy)": "您的粘贴的链接是%s (按下 [Ctrl]+[c] 以复制)", "Delete data": @@ -129,7 +129,8 @@ "Source Code": "源代码", "Markdown": "Markdown", "Download attachment": "下载附件", - "Cloned file attached.": "已附加克隆的文件", + "Cloned: '%s'": "克隆: '%s'", + "The cloned file '%s' was attached to this paste.": "克隆文件 '%s' 已附加到此粘贴。", "Attach a file": "添加一个附件", "Remove attachment": "移除附件", "Your browser does not support uploading encrypted files. Please use a newer browser.": @@ -137,15 +138,18 @@ "Invalid attachment.": "无效的附件", "Options": "选项", "Shorten URL": "缩短链接", - "Editor": "編輯", - "Preview": "預習", + "Editor": "编辑", + "Preview": "预览", "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.": - "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.", + "%s 的 PATH 变量必须结束于 \"%s\"。 请修改你的 index.php 中的 PATH 变量。", "Decrypt": - "Decrypt", + "解密", "Enter password": - "Enter password", - "Loading…": "Loading…", + "输入密码", + "Loading…": "载入中…", + "Decrypting paste…": "正在解密", + "Preparing new paste…": "正在准备新的粘贴", "In case this message never disappears please have a look at this FAQ for information to troubleshoot.": - "In case this message never disappears please have a look at this FAQ for information to troubleshoot (in English)." + "如果这个消息一直不消失,请参考 这里的 FAQ 进行故障排除 (英文版)。", + "+++ no paste text +++": "+++ 没有粘贴内容 +++" } diff --git a/js/privatebin.js b/js/privatebin.js index 34a00f12..c55a0271 100644 --- a/js/privatebin.js +++ b/js/privatebin.js @@ -11,7 +11,6 @@ * @namespace */ -'use strict'; /** global: Base64 */ /** global: FileReader */ /** global: RawDeflate */ @@ -25,23 +24,62 @@ // Immediately start random number generator collector. sjcl.random.startCollectors(); +// main application start, called when DOM is fully loaded +jQuery(document).ready(function() { + // run main controller + $.PrivateBin.Controller.init(); +}); + jQuery.PrivateBin = function($, sjcl, Base64, RawDeflate) { + 'use strict'; + /** - * static helper methods + * static Helper methods * - * @name helper + * @name Helper * @class */ - var helper = { + var Helper = (function () { + var me = {}; + + /** + * character to HTML entity lookup table + * + * @see {@link https://github.com/janl/mustache.js/blob/master/mustache.js#L60} + * @name Helper.entityMap + * @private + * @enum {Object} + * @readonly + */ + var entityMap = { + '&': '&', + '<': '<', + '>': '>', + '"': '"', + "'": ''', + '/': '/', + '`': '`', + '=': '=' + }; + + /** + * cache for script location + * + * @name Helper.baseUri + * @private + * @enum {string|null} + */ + var baseUri = null; + /** * converts a duration (in seconds) into human friendly approximation * - * @name helper.secondsToHuman + * @name Helper.secondsToHuman * @function * @param {number} seconds * @return {Array} */ - secondsToHuman: function(seconds) + me.secondsToHuman = function(seconds) { var v; if (seconds < 60) @@ -67,84 +105,68 @@ jQuery.PrivateBin = function($, sjcl, Base64, RawDeflate) { } v = Math.floor(seconds / (60 * 60 * 24 * 30)); return [v, 'month']; - }, + } + + /** + * checks if a string is valid text (and not onyl whitespace) + * + * @name Helper.isValidText + * @function + * @param {string} string + * @return {bool} + */ + me.isValidText = function(string) + { + return (string.length > 0 && $.trim(string) !== '') + } /** * text range selection * * @see {@link https://stackoverflow.com/questions/985272/jquery-selecting-text-in-an-element-akin-to-highlighting-with-your-mouse} - * @name helper.selectText + * @name Helper.selectText * @function - * @param {string} element - Indentifier of the element to select (id="") + * @param {HTMLElement} element */ - selectText: function(element) + me.selectText = function(element) { - var doc = document, - text = doc.getElementById(element), - range, - selection; + var range, selection; // MS - if (doc.body.createTextRange) - { - range = doc.body.createTextRange(); - range.moveToElementText(text); + if (document.body.createTextRange) { + range = document.body.createTextRange(); + range.moveToElementText(element); range.select(); - } - // all others - else if (window.getSelection) - { + } else if (window.getSelection){ selection = window.getSelection(); - range = doc.createRange(); - range.selectNodeContents(text); + range = document.createRange(); + range.selectNodeContents(element); selection.removeAllRanges(); selection.addRange(range); } - }, + } /** - * set text of a DOM element (required for IE), - * this is equivalent to element.text(text) + * set text of a jQuery element (required for IE), * - * @name helper.setElementText + * @name Helper.setElementText * @function - * @param {Object} element - a DOM element + * @param {jQuery} $element - a jQuery element * @param {string} text - the text to enter */ - setElementText: function(element, text) + me.setElementText = function($element, text) { // For IE<10: Doesn't support white-space:pre-wrap; so we have to do this... if ($('#oldienotice').is(':visible')) { - var html = this.htmlEntities(text).replace(/\n/ig, '\r\n
'); - element.html('
' + html + '
'); + var html = me.htmlEntities(text).replace(/\n/ig, '\r\n
'); + $element.html('
' + html + '
'); } // for other (sane) browsers: else { - element.text(text); + $element.text(text); } - }, - - /** - * replace last child of element with message - * - * @name helper.setMessage - * @function - * @param {Object} element - a jQuery wrapped DOM element - * @param {string} message - the message to append - */ - setMessage: function(element, message) - { - var content = element.contents(); - if (content.length > 1) - { - content[content.length - 1].nodeValue = ' ' + message; - } - else - { - this.setElementText(element, message); - } - }, + } /** * convert URLs to clickable links. @@ -155,26 +177,26 @@ jQuery.PrivateBin = function($, sjcl, Base64, RawDeflate) { * http://user:example.com@localhost:8800/zero/?6f09182b8ea51997#WtLEUO5Epj9UHAV9JFs+6pUQZp13TuspAUjnF+iM+dM= * * - * @name helper.urls2links + * @name Helper.urls2links * @function - * @param {Object} element - a jQuery DOM element + * @param {Object} $element - a jQuery DOM element */ - urls2links: function(element) + me.urls2links = function($element) { var markup = '$1'; - element.html( - element.html().replace( + $element.html( + $element.html().replace( /((http|https|ftp):\/\/[\w?=&.\/-;#@~%+*-]+(?![\w\s?&.\/;#~%"=-]*>))/ig, markup ) ); - element.html( - element.html().replace( + $element.html( + $element.html().replace( /((magnet):[\w?=&.\/-;#@~%+*-]+)/ig, markup ) ); - }, + } /** * minimal sprintf emulation for %s and %d formats @@ -183,19 +205,15 @@ jQuery.PrivateBin = function($, sjcl, Base64, RawDeflate) { * format strings appear in the string, contrary to the original. * * @see {@link https://stackoverflow.com/questions/610406/javascript-equivalent-to-printf-string-format#4795914} - * @name helper.sprintf + * @name Helper.sprintf * @function * @param {string} format * @param {...*} args - one or multiple parameters injected into format string * @return {string} */ - sprintf: function() + me.sprintf = function() { - var args = arguments; - if (typeof arguments[0] === 'object') - { - args = arguments[0]; - } + var args = Array.prototype.slice.call(arguments); var format = args[0], i = 1; return format.replace(/%(s|d)/g, function (m) { @@ -216,18 +234,18 @@ jQuery.PrivateBin = function($, sjcl, Base64, RawDeflate) { ++i; return val; }); - }, + } /** * get value of cookie, if it was set, empty string otherwise * * @see {@link http://www.w3schools.com/js/js_cookies.asp} - * @name helper.getCookie + * @name Helper.getCookie * @function * @param {string} cname - may not be empty * @return {string} */ - getCookie: function(cname) { + me.getCookie = function(cname) { var name = cname + '=', ca = document.cookie.split(';'); for (var i = 0; i < ca.length; ++i) { @@ -242,201 +260,236 @@ jQuery.PrivateBin = function($, sjcl, Base64, RawDeflate) { } } return ''; - }, + } /** - * get the current script location (without search or hash part of the URL), + * get the current location (without search or hash part of the URL), * eg. http://example.com/path/?aaaa#bbbb --> http://example.com/path/ * - * @name helper.scriptLocation + * @name Helper.baseUri * @function - * @return {string} current script location + * @return {string} */ - scriptLocation: function() + me.baseUri = function() { - var scriptLocation = window.location.href.substring( - 0, - window.location.href.length - window.location.search.length - window.location.hash.length - ), - hashIndex = scriptLocation.indexOf('?'); - if (hashIndex !== -1) - { - scriptLocation = scriptLocation.substring(0, hashIndex); - } - return scriptLocation; - }, - - /** - * get the pastes unique identifier from the URL, - * eg. http://example.com/path/?c05354954c49a487#c05354954c49a487 returns c05354954c49a487 - * - * @name helper.pasteId - * @function - * @return {string} unique identifier - */ - pasteId: function() - { - return window.location.search.substring(1); - }, - - /** - * return the deciphering key stored in anchor part of the URL - * - * @name helper.pageKey - * @function - * @return {string} key - */ - pageKey: function() - { - var key = window.location.hash.substring(1), - i = key.indexOf('&'); - - // Some web 2.0 services and redirectors add data AFTER the anchor - // (such as &utm_source=...). We will strip any additional data. - if (i > -1) - { - key = key.substring(0, i); + // check for cached version + if (baseUri !== null) { + return baseUri; } - return key; - }, + baseUri = window.location.origin + window.location.pathname; + return baseUri; + } /** * convert all applicable characters to HTML entities * * @see {@link https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#RULE_.231_-_HTML_Escape_Before_Inserting_Untrusted_Data_into_HTML_Element_Content} - * @name helper.htmlEntities + * @name Helper.htmlEntities * @function * @param {string} str * @return {string} escaped HTML */ - htmlEntities: function(str) { + me.htmlEntities = function(str) { return String(str).replace( /[&<>"'`=\/]/g, function(s) { - return helper.entityMap[s]; + return entityMap[s]; }); - }, + } /** - * character to HTML entity lookup table + * resets state, used for unit testing * - * @see {@link https://github.com/janl/mustache.js/blob/master/mustache.js#L60} - * @name helper.entityMap - * @enum {Object} - * @readonly + * @name Helper.reset + * @function */ - entityMap: { - '&': '&', - '<': '<', - '>': '>', - '"': '"', - "'": ''', - '/': '/', - '`': '`', - '=': '=' + me.reset = function() + { + baseUri = null; } - }; + + return me; + })(); /** - * internationalization methods + * internationalization module * - * @name i18n + * @name I18n + * @param {object} window + * @param {object} document * @class */ - var i18n = { + var I18n = (function (window, document) { + var me = {}; + + /** + * const for string of loaded language + * + * @name I18n.languageLoadedEvent + * @private + * @prop {string} + * @readonly + */ + var languageLoadedEvent = 'languageLoaded'; + /** * supported languages, minus the built in 'en' * - * @name i18n.supportedLanguages + * @name I18n.supportedLanguages + * @private * @prop {string[]} * @readonly */ - supportedLanguages: ['de', 'es', 'fr', 'it', 'no', 'pl', 'oc', 'ru', 'sl', 'zh'], + var supportedLanguages = ['de', 'es', 'fr', 'it', 'no', 'pl', 'pt', 'oc', 'ru', 'sl', 'zh']; /** - * translate a string, alias for i18n.translate() + * built in language * - * @name i18n._ + * @name I18n.language + * @private + * @prop {string|null} + */ + var language = null; + + /** + * translation cache + * + * @name I18n.translations + * @private + * @enum {Object} + */ + var translations = {}; + + /** + * translate a string, alias for I18n.translate + * + * @name I18n._ * @function + * @param {jQuery} $element - optional * @param {string} messageId * @param {...*} args - one or multiple parameters injected into placeholders * @return {string} */ - _: function() + me._ = function() { - return this.translate(arguments); - }, + return me.translate.apply(this, arguments); + } /** * translate a string * - * @name i18n.translate + * Optionally pass a jQuery element as the first parameter, to automatically + * let the text of this element be replaced. In case the (asynchronously + * loaded) language is not downloadet yet, this will make sure the string + * is replaced when it is actually loaded. + * So for easy translations passing the jQuery object to apply it to is + * more save, especially when they are loaded in the beginning. + * + * @name I18n.translate * @function + * @param {jQuery} $element - optional * @param {string} messageId * @param {...*} args - one or multiple parameters injected into placeholders * @return {string} */ - translate: function() + me.translate = function() { - var args = arguments, messageId; - if (typeof arguments[0] === 'object') - { - args = arguments[0]; + // convert parameters to array + var args = Array.prototype.slice.call(arguments), + messageId, + $element = null; + + // parse arguments + if (args[0] instanceof jQuery) { + // optional jQuery element as first parameter + $element = args[0]; + args.shift(); } + + // extract messageId from arguments var usesPlurals = $.isArray(args[0]); - if (usesPlurals) - { + if (usesPlurals) { // use the first plural form as messageId, otherwise the singular messageId = (args[0].length > 1 ? args[0][1] : args[0][0]); - } - else - { + } else { messageId = args[0]; } - if (messageId.length === 0) - { + + if (messageId.length === 0) { return messageId; } - if (!this.translations.hasOwnProperty(messageId)) - { - if (this.language !== 'en') - { - console.debug( - 'Missing ' + this.language + ' translation for: ' + messageId - ); + + // if no translation string cannot be found (in translations object) + if (!translations.hasOwnProperty(messageId) || language === null) { + // if language is still loading and we have an elemt assigned + if (language === null && $element !== null) { + // handle the error by attaching the language loaded event + var orgArguments = arguments; + $(document).on(languageLoadedEvent, function () { + // log to show that the previous error could be mitigated + console.log('Fix missing translation of \'' + messageId + '\' with now loaded language ' + language); + // re-execute this function + me.translate.apply(this, orgArguments); + }); + + // and fall back to English for now until the real language + // file is loaded } - this.translations[messageId] = args[0]; + + // for all other langauges than English for which this behaviour + // is expected as it is built-in, log error + if (language !== null && language !== 'en') { + console.error('Missing translation for: \'' + messageId + '\' in language ' + language); + // fallback to English + } + + // save English translation (should be the same on both sides) + translations[messageId] = args[0]; } - if (usesPlurals && $.isArray(this.translations[messageId])) - { + + // lookup plural translation + if (usesPlurals && $.isArray(translations[messageId])) { var n = parseInt(args[1] || 1, 10), - key = this.getPluralForm(n), - maxKey = this.translations[messageId].length - 1; - if (key > maxKey) - { + key = me.getPluralForm(n), + maxKey = translations[messageId].length - 1; + if (key > maxKey) { key = maxKey; } - args[0] = this.translations[messageId][key]; + args[0] = translations[messageId][key]; args[1] = n; + } else { + // lookup singular translation + args[0] = translations[messageId]; } - else - { - args[0] = this.translations[messageId]; + + // format string + var output = Helper.sprintf.apply(this, args); + + // if $element is given, apply text to element + if ($element !== null) { + // get last text node of element + var content = $element.contents(); + if (content.length > 1) { + content[content.length - 1].nodeValue = ' ' + output; + } else { + $element.text(output); + } } - return helper.sprintf(args); - }, + + return output; + } /** * per language functions to use to determine the plural form * * @see {@link http://localization-guide.readthedocs.org/en/latest/l10n/pluralforms.html} - * @name i18n.getPluralForm + * @name I18n.getPluralForm * @function - * @param {number} n - * @return {number} array key + * @param {int} n + * @return {int} array key */ - getPluralForm: function(n) { - switch (this.language) + me.getPluralForm = function(n) { + switch (language) { case 'fr': case 'oc': @@ -448,1061 +501,1041 @@ jQuery.PrivateBin = function($, sjcl, Base64, RawDeflate) { return (n % 10 === 1 && n % 100 !== 11 ? 0 : (n % 10 >= 2 && n % 10 <= 4 && (n % 100 < 10 || n % 100 >= 20) ? 1 : 2)); case 'sl': return (n % 100 === 1 ? 1 : (n % 100 === 2 ? 2 : (n % 100 === 3 || n % 100 === 4 ? 3 : 0))); - // de, en, es, it, no + // de, en, es, it, no, pt default: return (n !== 1 ? 1 : 0); } - }, + } /** - * load translations into cache, then trigger controller initialization + * load translations into cache * - * @name i18n.loadTranslations + * @name I18n.loadTranslations * @function */ - loadTranslations: function() + me.loadTranslations = function() { - var language = helper.getCookie('lang'); - if (language.length === 0) - { - language = (navigator.language || navigator.userLanguage).substring(0, 2); - } - // note that 'en' is built in, so no translation is necessary - if (i18n.supportedLanguages.indexOf(language) === -1) - { - controller.init(); - } - else - { - $.getJSON('i18n/' + language + '.json', function(data) { - i18n.language = language; - i18n.translations = data; - controller.init(); - }); - } - }, + var newLanguage = Helper.getCookie('lang'); - /** - * built in language - * - * @name i18n.language - * @prop {string} - */ - language: 'en', + // auto-select language based on browser settings + if (newLanguage.length === 0) { + newLanguage = (navigator.language || navigator.userLanguage).substring(0, 2); + } - /** - * translation cache - * - * @name i18n.translations - * @enum {Object} - */ - translations: {} - }; + // if language is already used skip update + if (newLanguage === language) { + return; + } + + // if language is built-in (English) skip update + if (newLanguage === 'en') { + language = 'en'; + return; + } + + // if language is not supported, show error + if (supportedLanguages.indexOf(newLanguage) === -1) { + console.error('Language \'%s\' is not supported. Translation failed, fallback to English.', newLanguage); + language = 'en'; + return; + } + + // load strings from JSON + $.getJSON('i18n/' + newLanguage + '.json', function(data) { + language = newLanguage; + translations = data; + $(document).triggerHandler(languageLoadedEvent); + }).fail(function (data, textStatus, errorMsg) { + console.error('Language \'%s\' could not be loaded (%s: %s). Translation failed, fallback to English.', newLanguage, textStatus, errorMsg); + language = 'en'; + }); + } + + return me; + })(window, document); /** - * filter methods + * handles everything related to en/decryption * - * @name filter + * @name CryptTool * @class */ - var filter = { + var CryptTool = (function () { + var me = {}; + /** * compress a message (deflate compression), returns base64 encoded data * - * @name filter.compress + * @name CryptTool.compress * @function + * @private * @param {string} message * @return {string} base64 data */ - compress: function(message) + function compress(message) { return Base64.toBase64( RawDeflate.deflate( Base64.utob(message) ) ); - }, + } /** - * decompress a message compressed with filter.compress() + * decompress a message compressed with cryptToolcompress() * - * @name filter.decompress + * @name CryptTool.decompress * @function + * @private * @param {string} data - base64 data * @return {string} message */ - decompress: function(data) + function decompress(data) { return Base64.btou( RawDeflate.inflate( Base64.fromBase64(data) ) ); - }, + } /** * compress, then encrypt message with given key and password * - * @name filter.cipher + * @name CryptTool.cipher * @function * @param {string} key * @param {string} password * @param {string} message * @return {string} data - JSON with encrypted data */ - cipher: function(key, password, message) + me.cipher = function(key, password, message) { // Galois Counter Mode, keysize 256 bit, authentication tag 128 bit - var options = {mode: 'gcm', ks: 256, ts: 128}; - if ((password || '').trim().length === 0) - { - return sjcl.encrypt(key, this.compress(message), options); + var options = { + mode: 'gcm', + ks: 256, + ts: 128 + }; + + if ((password || '').trim().length === 0) { + return sjcl.encrypt(key, compress(message), options); } - return sjcl.encrypt(key + sjcl.codec.hex.fromBits(sjcl.hash.sha256.hash(password)), this.compress(message), options); - }, + return sjcl.encrypt(key + sjcl.codec.hex.fromBits(sjcl.hash.sha256.hash(password)), compress(message), options); + } /** * decrypt message with key, then decompress * - * @name filter.decipher + * @name CryptTool.decipher * @function * @param {string} key * @param {string} password * @param {string} data - JSON with encrypted data * @return {string} decrypted message */ - decipher: function(key, password, data) + me.decipher = function(key, password, data) { - if (data !== undefined) - { - try - { - return this.decompress(sjcl.decrypt(key, data)); - } - catch(err) - { - try - { - return this.decompress(sjcl.decrypt(key + sjcl.codec.hex.fromBits(sjcl.hash.sha256.hash(password)), data)); + if (data !== undefined) { + try { + return decompress(sjcl.decrypt(key, data)); + } catch(err) { + try { + return decompress(sjcl.decrypt(key + sjcl.codec.hex.fromBits(sjcl.hash.sha256.hash(password)), data)); + } catch(e) { + // ignore error, because ????? @TODO } - catch(e) - {} } } return ''; } - }; + + /** + * checks whether the crypt tool has collected enough entropy + * + * @name CryptTool.isEntropyReady + * @function + * @return {bool} + */ + me.isEntropyReady = function() + { + return sjcl.random.isReady(); + } + + /** + * add a listener function, triggered when enough entropy is available + * + * @name CryptTool.addEntropySeedListener + * @function + * @param {function} func + */ + me.addEntropySeedListener = function(func) + { + sjcl.random.addEventListener('seeded', func); + } + + /** + * returns a random symmetric key + * + * @name CryptTool.getSymmetricKey + * @function + * @return {string} func + */ + me.getSymmetricKey = function() + { + return sjcl.codec.base64.fromBits(sjcl.random.randomWords(8, 0), 0); + } + + return me; + })(); /** - * PrivateBin logic + * (Model) Data source (aka MVC) * - * @name controller + * @name Model * @class */ - var controller = { - /** - * headers to send in AJAX requests - * - * @name controller.headers - * @enum {Object} - */ - headers: {'X-Requested-With': 'JSONHttpRequest'}, + var Model = (function () { + var me = {}; + + var $cipherData, + $templates; + + var id = null, symmetricKey = null; /** - * URL shortners create address + * returns the expiration set in the HTML * - * @name controller.shortenerUrl - * @prop {string} + * @name Model.getExpirationDefault + * @function + * @return string + * @TODO the template can be simplified as #pasteExpiration is no longer modified (only default value) */ - shortenerUrl: '', + me.getExpirationDefault = function() + { + return $('#pasteExpiration').val(); + } /** - * URL of newly created paste + * returns the format set in the HTML * - * @name controller.createdPasteUrl - * @prop {string} + * @name Model.getFormatDefault + * @function + * @return string + * @TODO the template can be simplified as #pasteFormatter is no longer modified (only default value) */ - createdPasteUrl: '', + me.getFormatDefault = function() + { + return $('#pasteFormatter').val(); + } /** - * ask the user for the password and set it + * check if cipher data was supplied * - * @name controller.requestPassword + * @name Model.getCipherData + * @function + * @return boolean + */ + me.hasCipherData = function() + { + return (me.getCipherData().length > 0); + } + + /** + * returns the cipher data + * + * @name Model.getCipherData + * @function + * @return string + */ + me.getCipherData = function() + { + return $cipherData.text(); + } + + /** + * get the pastes unique identifier from the URL, + * eg. http://example.com/path/?c05354954c49a487#dfdsdgdgdfgdf returns c05354954c49a487 + * + * @name Model.getPasteId + * @function + * @return {string} unique identifier + * @throws {string} + */ + me.getPasteId = function() + { + if (id === null) { + id = window.location.search.substring(1); + + if (id === '') { + throw 'no paste id given'; + } + } + + return id; + } + + /** + * return the deciphering key stored in anchor part of the URL + * + * @name Model.getPasteKey + * @function + * @return {string|null} key + * @throws {string} + */ + me.getPasteKey = function() + { + if (symmetricKey === null) { + symmetricKey = window.location.hash.substring(1); + + if (symmetricKey === '') { + throw 'no encryption key given'; + } + + // Some web 2.0 services and redirectors add data AFTER the anchor + // (such as &utm_source=...). We will strip any additional data. + var ampersandPos = symmetricKey.indexOf('&'); + if (ampersandPos > -1) + { + symmetricKey = symmetricKey.substring(0, ampersandPos); + } + } + + return symmetricKey; + } + + /** + * returns a jQuery copy of the HTML template + * + * @name Model.getTemplate + * @function + * @param {string} name - the name of the template + * @return {jQuery} + */ + me.getTemplate = function(name) + { + // find template + var $element = $templates.find('#' + name + 'template').clone(true); + // change ID to avoid collisions (one ID should really be unique) + return $element.prop('id', name); + } + + /** + * resets state, used for unit testing + * + * @name Model.reset * @function */ - requestPassword: function() + me.reset = function() { - if (this.passwordModal.length === 0) { - var password = prompt(i18n._('Please enter the password for this paste:'), ''); - if (password === null) - { - throw 'password prompt canceled'; - } - if (password.length === 0) - { - this.requestPassword(); - } else { - this.passwordInput.val(password); - this.displayMessages(); - } - } else { - this.passwordModal.modal(); - } - }, + $cipherData = $templates = id = symmetricKey = null; + } + /** - * use given format on paste, defaults to plain text + * init navigation manager * - * @name controller.formatPaste + * preloads jQuery elements + * + * @name Model.init * @function - * @param {string} format - * @param {string} text */ - formatPaste: function(format, text) + me.init = function() { - helper.setElementText(this.clearText, text); - helper.setElementText(this.prettyPrint, text); - switch (format || 'plaintext') - { - case 'markdown': - if (typeof showdown === 'object') - { - var converter = new showdown.Converter({ - strikethrough: true, - tables: true, - tablesHeaderId: true - }); - this.clearText.html( - converter.makeHtml(text) - ); - // add table classes from bootstrap css - this.clearText.find('table').addClass('table-condensed table-bordered'); + $cipherData = $('#cipherdata'); + $templates = $('#templates'); + } - this.clearText.removeClass('hidden'); - } - this.prettyMessage.addClass('hidden'); - break; - case 'syntaxhighlighting': - if (typeof prettyPrintOne === 'function') - { - if (typeof prettyPrint === 'function') - { - prettyPrint(); - } - this.prettyPrint.html( - prettyPrintOne( - helper.htmlEntities(text), null, true - ) - ); - } - // fall through, as the rest is the same - default: - // convert URLs to clickable links - helper.urls2links(this.clearText); - helper.urls2links(this.prettyPrint); - this.clearText.addClass('hidden'); - if (format === 'plaintext') - { - this.prettyPrint.css('white-space', 'pre-wrap'); - this.prettyPrint.css('word-break', 'normal'); - this.prettyPrint.removeClass('prettyprint'); - } - this.prettyMessage.removeClass('hidden'); - } - }, + return me; + })(); + + /** + * Helper functions for user interface + * + * everything directly UI-related, which fits nowhere else + * + * @name UiHelper + * @param {object} window + * @param {object} document + * @class + */ + var UiHelper = (function (window, document) { + var me = {}; /** - * show decrypted text in the display area, including discussion (if open) + * handle history (pop) state changes * - * @name controller.displayMessages - * @function - * @param {Object} [paste] - (optional) object including comments to display (items = array with keys ('data','meta')) - */ - displayMessages: function(paste) - { - paste = paste || $.parseJSON(this.cipherData.text()); - var key = helper.pageKey(), - password = this.passwordInput.val(); - if (!this.prettyPrint.hasClass('prettyprinted')) { - // Try to decrypt the paste. - try - { - if (paste.attachment) - { - var attachment = filter.decipher(key, password, paste.attachment); - if (attachment.length === 0) - { - if (password.length === 0) - { - this.requestPassword(); - return; - } - attachment = filter.decipher(key, password, paste.attachment); - } - if (attachment.length === 0) - { - throw 'failed to decipher attachment'; - } - - if (paste.attachmentname) - { - var attachmentname = filter.decipher(key, password, paste.attachmentname); - if (attachmentname.length > 0) - { - this.attachmentLink.attr('download', attachmentname); - } - } - this.attachmentLink.attr('href', attachment); - this.attachment.removeClass('hidden'); - - // if the attachment is an image, display it - var imagePrefix = 'data:image/'; - if (attachment.substring(0, imagePrefix.length) === imagePrefix) - { - this.image.html( - $(document.createElement('img')) - .attr('src', attachment) - .attr('class', 'img-thumbnail') - ); - this.image.removeClass('hidden'); - } - } - var cleartext = filter.decipher(key, password, paste.data); - if (cleartext.length === 0 && password.length === 0 && !paste.attachment) - { - this.requestPassword(); - return; - } - if (cleartext.length === 0 && !paste.attachment) - { - throw 'failed to decipher message'; - } - - this.passwordInput.val(password); - if (cleartext.length > 0) - { - $('#pasteFormatter').val(paste.meta.formatter); - this.formatPaste(paste.meta.formatter, cleartext); - } - } - catch(err) - { - this.stateOnlyNewPaste(); - this.showError(i18n._('Could not decrypt data (Wrong key?)')); - return; - } - } - - // display paste expiration / for your eyes only - if (paste.meta.expire_date) - { - var expiration = helper.secondsToHuman(paste.meta.remaining_time), - expirationLabel = [ - 'This document will expire in %d ' + expiration[1] + '.', - 'This document will expire in %d ' + expiration[1] + 's.' - ]; - helper.setMessage(this.remainingTime, i18n._(expirationLabel, expiration[0])); - this.remainingTime.removeClass('foryoureyesonly') - .removeClass('hidden'); - } - if (paste.meta.burnafterreading) - { - // unfortunately many web servers don't support DELETE (and PUT) out of the box - $.ajax({ - type: 'POST', - url: helper.scriptLocation() + '?' + helper.pasteId(), - data: {deletetoken: 'burnafterreading'}, - dataType: 'json', - headers: this.headers - }) - .fail(function() { - controller.showError(i18n._('Could not delete the paste, it was not stored in burn after reading mode.')); - }); - helper.setMessage(this.remainingTime, i18n._( - 'FOR YOUR EYES ONLY. Don\'t close this window, this message can\'t be displayed again.' - )); - this.remainingTime.addClass('foryoureyesonly') - .removeClass('hidden'); - // discourage cloning (as it can't really be prevented) - this.cloneButton.addClass('hidden'); - } - - // if the discussion is opened on this paste, display it - if (paste.meta.opendiscussion) - { - this.comments.html(''); - - // iterate over comments - for (var i = 0; i < paste.comments.length; ++i) - { - var place = this.comments, - comment = paste.comments[i], - commenttext = filter.decipher(key, password, comment.data), - // if parent comment exists, display below (CSS will automatically shift it to the right) - cname = '#comment_' + comment.parentid, - divComment = $('
' - + '
' - + '
' - + '
'), - divCommentData = divComment.find('div.commentdata'); - - // if the element exists in page - if ($(cname).length) - { - place = $(cname); - } - divComment.find('button').click({commentid: comment.id}, $.proxy(this.openReply, this)); - helper.setElementText(divCommentData, commenttext); - helper.urls2links(divCommentData); - - // try to get optional nickname - var nick = filter.decipher(key, password, comment.meta.nickname); - if (nick.length > 0) - { - divComment.find('span.nickname').text(nick); - } - else - { - divComment.find('span.nickname').html('' + i18n._('Anonymous') + ''); - } - divComment.find('span.commentdate') - .text(' (' + (new Date(comment.meta.postdate * 1000).toLocaleString()) + ')') - .attr('title', 'CommentID: ' + comment.id); - - // if an avatar is available, display it - if (comment.meta.vizhash) - { - divComment.find('span.nickname') - .before( - ' ' - ); - } - - place.append(divComment); - } - var divComment = $( - '
' - ); - divComment.find('button').click({commentid: helper.pasteId()}, $.proxy(this.openReply, this)); - this.comments.append(divComment); - this.discussion.removeClass('hidden'); - } - }, - - /** - * open the comment entry when clicking the "Reply" button of a comment + * currently this does only handle redirects to the home page. * - * @name controller.openReply + * @name UiHelper.historyChange + * @private * @function * @param {Event} event */ - openReply: function(event) + function historyChange(event) { - event.preventDefault(); - - // remove any other reply area - $('div.reply').remove(); - - var source = $(event.target), - commentid = event.data.commentid, - hint = i18n._('Optional nickname...'), - reply = $( - '

' + - '
' - ); - reply.find('button').click( - {parentid: commentid}, - $.proxy(this.sendComment, this) - ); - source.after(reply); - this.replyStatus = $('#replystatus'); - $('#replymessage').focus(); - }, - - /** - * send a reply in a discussion - * - * @name controller.sendComment - * @function - * @param {Event} event - */ - sendComment: function(event) - { - event.preventDefault(); - this.errorMessage.addClass('hidden'); - // do not send if no data - var replyMessage = $('#replymessage'); - if (replyMessage.val().length === 0) - { - return; + var currentLocation = Helper.baseUri(); + if (event.originalEvent.state === null && // no state object passed + event.originalEvent.target.location.href === currentLocation && // target location is home page + window.location.href === currentLocation // and we are not already on the home page + ) { + // redirect to home page + window.location.href = currentLocation; } - - this.showStatus(i18n._('Sending comment...'), true); - var parentid = event.data.parentid, - key = helper.pageKey(), - cipherdata = filter.cipher(key, this.passwordInput.val(), replyMessage.val()), - ciphernickname = '', - nick = $('#nickname').val(); - if (nick.length > 0) - { - ciphernickname = filter.cipher(key, this.passwordInput.val(), nick); - } - var data_to_send = { - data: cipherdata, - parentid: parentid, - pasteid: helper.pasteId(), - nickname: ciphernickname - }; - - $.ajax({ - type: 'POST', - url: helper.scriptLocation(), - data: data_to_send, - dataType: 'json', - headers: this.headers, - success: function(data) - { - if (data.status === 0) - { - controller.showStatus(i18n._('Comment posted.')); - $.ajax({ - type: 'GET', - url: helper.scriptLocation() + '?' + helper.pasteId(), - dataType: 'json', - headers: controller.headers, - success: function(data) - { - if (data.status === 0) - { - controller.displayMessages(data); - } - else if (data.status === 1) - { - controller.showError(i18n._('Could not refresh display: %s', data.message)); - } - else - { - controller.showError(i18n._('Could not refresh display: %s', i18n._('unknown status'))); - } - } - }) - .fail(function() { - controller.showError(i18n._('Could not refresh display: %s', i18n._('server error or not responding'))); - }); - } - else if (data.status === 1) - { - controller.showError(i18n._('Could not post comment: %s', data.message)); - } - else - { - controller.showError(i18n._('Could not post comment: %s', i18n._('unknown status'))); - } - } - }) - .fail(function() { - controller.showError(i18n._('Could not post comment: %s', i18n._('server error or not responding'))); - }); - }, - - /** - * send a new paste to server - * - * @name controller.sendData - * @function - * @param {Event} event - */ - sendData: function(event) - { - event.preventDefault(); - var file = document.getElementById('file'), - files = (file && file.files) ? file.files : null; // FileList object - - // do not send if no data. - if (this.message.val().length === 0 && !(files && files[0])) - { - return; - } - - // if sjcl has not collected enough entropy yet, display a message - if (!sjcl.random.isReady()) - { - this.showStatus(i18n._('Sending paste (Please move your mouse for more entropy)...'), true); - sjcl.random.addEventListener('seeded', function() { - this.sendData(event); - }); - return; - } - - $('.navbar-toggle').click(); - this.password.addClass('hidden'); - this.showStatus(i18n._('Sending paste...'), true); - - this.stateSubmittingPaste(); - - var randomkey = sjcl.codec.base64.fromBits(sjcl.random.randomWords(8, 0), 0), - password = this.passwordInput.val(); - if(files && files[0]) - { - if(typeof FileReader === undefined) - { - // revert loading status… - this.stateNewPaste(); - this.showError(i18n._('Your browser does not support uploading encrypted files. Please use a newer browser.')); - return; - } - var reader = new FileReader(); - // closure to capture the file information - reader.onload = (function(theFile) - { - return function(e) { - controller.sendDataContinue( - randomkey, - filter.cipher(randomkey, password, e.target.result), - filter.cipher(randomkey, password, theFile.name) - ); - }; - })(files[0]); - reader.readAsDataURL(files[0]); - } - else if(this.attachmentLink.attr('href')) - { - this.sendDataContinue( - randomkey, - filter.cipher(randomkey, password, this.attachmentLink.attr('href')), - this.attachmentLink.attr('download') - ); - } - else - { - this.sendDataContinue(randomkey, '', ''); - } - }, - - /** - * send a new paste to server, step 2 - * - * @name controller.sendDataContinue - * @function - * @param {string} randomkey - * @param {string} cipherdata_attachment - * @param {string} cipherdata_attachment_name - */ - sendDataContinue: function(randomkey, cipherdata_attachment, cipherdata_attachment_name) - { - var cipherdata = filter.cipher(randomkey, this.passwordInput.val(), this.message.val()), - data_to_send = { - data: cipherdata, - expire: $('#pasteExpiration').val(), - formatter: $('#pasteFormatter').val(), - burnafterreading: this.burnAfterReading.is(':checked') ? 1 : 0, - opendiscussion: this.openDiscussion.is(':checked') ? 1 : 0 - }; - if (cipherdata_attachment.length > 0) - { - data_to_send.attachment = cipherdata_attachment; - if (cipherdata_attachment_name.length > 0) - { - data_to_send.attachmentname = cipherdata_attachment_name; - } - } - $.ajax({ - type: 'POST', - url: helper.scriptLocation(), - data: data_to_send, - dataType: 'json', - headers: this.headers, - success: function(data) - { - if (data.status === 0) { - controller.stateExistingPaste(); - var url = helper.scriptLocation() + '?' + data.id + '#' + randomkey, - deleteUrl = helper.scriptLocation() + '?pasteid=' + data.id + '&deletetoken=' + data.deletetoken; - controller.showStatus(''); - controller.errorMessage.addClass('hidden'); - // show new URL in browser bar - history.pushState({type: 'newpaste'}, document.title, url); - - $('#pastelink').html( - i18n._( - 'Your paste is %s (Hit [Ctrl]+[c] to copy)', - url, url - ) + controller.shortenUrl(url) - ); - // save newly created element - controller.pasteUrl = $('#pasteurl'); - // and add click event - controller.pasteUrl.click($.proxy(controller.pasteLinkClick, controller)); - - var shortenButton = $('#shortenbutton'); - if (shortenButton) { - shortenButton.click($.proxy(controller.sendToShortener, controller)); - } - $('#deletelink').html('' + i18n._('Delete data') + ''); - controller.pasteResult.removeClass('hidden'); - // we pre-select the link so that the user only has to [Ctrl]+[c] the link - helper.selectText('pasteurl'); - controller.showStatus(''); - controller.formatPaste(data_to_send.formatter, controller.message.val()); - } - else if (data.status === 1) - { - // revert loading status… - controller.stateNewPaste(); - controller.showError(i18n._('Could not create paste: %s', data.message)); - } - else - { - // revert loading status… - controller.stateNewPaste(); - controller.showError(i18n._('Could not create paste: %s', i18n._('unknown status'))); - } - } - }) - .fail(function() - { - // revert loading status… - this.stateNewPaste(); - controller.showError(i18n._('Could not create paste: %s', i18n._('server error or not responding'))); - }); - }, - - /** - * check if a URL shortener was defined and create HTML containing a link to it - * - * @name controller.shortenUrl - * @function - * @param {string} url - * @return {string} html - */ - shortenUrl: function(url) - { - var shortenerHtml = $('#shortenbutton'); - if (shortenerHtml) { - this.shortenerUrl = shortenerHtml.data('shortener'); - this.createdPasteUrl = url; - return ' ' + $('
').append(shortenerHtml.clone()).html(); - } - return ''; - }, - - /** - * put the screen in "New paste" mode - * - * @name controller.stateNewPaste - * @function - */ - stateNewPaste: function() - { - this.message.text(''); - this.attachment.addClass('hidden'); - this.cloneButton.addClass('hidden'); - this.rawTextButton.addClass('hidden'); - this.remainingTime.addClass('hidden'); - this.pasteResult.addClass('hidden'); - this.clearText.addClass('hidden'); - this.discussion.addClass('hidden'); - this.prettyMessage.addClass('hidden'); - this.loadingIndicator.addClass('hidden'); - this.sendButton.removeClass('hidden'); - this.expiration.removeClass('hidden'); - this.formatter.removeClass('hidden'); - this.burnAfterReadingOption.removeClass('hidden'); - this.openDisc.removeClass('hidden'); - this.newButton.removeClass('hidden'); - this.password.removeClass('hidden'); - this.attach.removeClass('hidden'); - this.message.removeClass('hidden'); - this.preview.removeClass('hidden'); - this.message.focus(); - }, - - /** - * put the screen in mode after submitting a paste - * - * @name controller.stateSubmittingPaste - * @function - */ - stateSubmittingPaste: function() - { - this.message.text(''); - this.attachment.addClass('hidden'); - this.cloneButton.addClass('hidden'); - this.rawTextButton.addClass('hidden'); - this.remainingTime.addClass('hidden'); - this.pasteResult.addClass('hidden'); - this.clearText.addClass('hidden'); - this.discussion.addClass('hidden'); - this.prettyMessage.addClass('hidden'); - this.sendButton.addClass('hidden'); - this.expiration.addClass('hidden'); - this.formatter.addClass('hidden'); - this.burnAfterReadingOption.addClass('hidden'); - this.openDisc.addClass('hidden'); - this.newButton.addClass('hidden'); - this.password.addClass('hidden'); - this.attach.addClass('hidden'); - this.message.addClass('hidden'); - this.preview.addClass('hidden'); - - this.loadingIndicator.removeClass('hidden'); - }, - - /** - * put the screen in a state where the only option is to submit a - * new paste - * - * @name controller.stateOnlyNewPaste - * @function - */ - stateOnlyNewPaste: function() - { - this.message.text(''); - this.attachment.addClass('hidden'); - this.cloneButton.addClass('hidden'); - this.rawTextButton.addClass('hidden'); - this.remainingTime.addClass('hidden'); - this.pasteResult.addClass('hidden'); - this.clearText.addClass('hidden'); - this.discussion.addClass('hidden'); - this.prettyMessage.addClass('hidden'); - this.sendButton.addClass('hidden'); - this.expiration.addClass('hidden'); - this.formatter.addClass('hidden'); - this.burnAfterReadingOption.addClass('hidden'); - this.openDisc.addClass('hidden'); - this.password.addClass('hidden'); - this.attach.addClass('hidden'); - this.message.addClass('hidden'); - this.preview.addClass('hidden'); - this.loadingIndicator.addClass('hidden'); - - this.newButton.removeClass('hidden'); - }, - - /** - * put the screen in "Existing paste" mode - * - * @name controller.stateExistingPaste - * @function - * @param {boolean} [preview=false] - (optional) tell if the preview tabs should be displayed, defaults to false - */ - stateExistingPaste: function(preview) - { - preview = preview || false; - - if (!preview) - { - // no "clone" for IE<10. - if ($('#oldienotice').is(":visible")) - { - this.cloneButton.addClass('hidden'); - } - else - { - this.cloneButton.removeClass('hidden'); - } - - this.rawTextButton.removeClass('hidden'); - this.sendButton.addClass('hidden'); - this.attach.addClass('hidden'); - this.expiration.addClass('hidden'); - this.formatter.addClass('hidden'); - this.burnAfterReadingOption.addClass('hidden'); - this.openDisc.addClass('hidden'); - this.newButton.removeClass('hidden'); - this.preview.addClass('hidden'); - } - - this.pasteResult.addClass('hidden'); - this.message.addClass('hidden'); - this.clearText.addClass('hidden'); - this.prettyMessage.addClass('hidden'); - this.loadingIndicator.addClass('hidden'); - }, - - /** - * when "burn after reading" is checked, disable discussion - * - * @name controller.changeBurnAfterReading - * @function - */ - changeBurnAfterReading: function() - { - if (this.burnAfterReading.is(':checked') ) - { - this.openDisc.addClass('buttondisabled'); - this.openDiscussion.attr({checked: false, disabled: true}); - } - else - { - this.openDisc.removeClass('buttondisabled'); - this.openDiscussion.removeAttr('disabled'); - } - }, - - /** - * when discussion is checked, disable "burn after reading" - * - * @name controller.changeOpenDisc - * @function - */ - changeOpenDisc: function() - { - if (this.openDiscussion.is(':checked') ) - { - this.burnAfterReadingOption.addClass('buttondisabled'); - this.burnAfterReading.attr({checked: false, disabled: true}); - } - else - { - this.burnAfterReadingOption.removeClass('buttondisabled'); - this.burnAfterReading.removeAttr('disabled'); - } - }, - - /** - * forward to URL shortener - * - * @name controller.sendToShortener - * @function - * @param {Event} event - */ - sendToShortener: function(event) - { - event.preventDefault(); - window.location.href = this.shortenerUrl + encodeURIComponent(this.createdPasteUrl); - }, + } /** * reload the page * - * This takes the user to the PrivateBin home page. + * This takes the user to the PrivateBin homepage. * - * @name controller.reloadPage + * @name UiHelper.reloadHome * @function - * @param {Event} event */ - reloadPage: function(event) + me.reloadHome = function() { - event.preventDefault(); - window.location.href = helper.scriptLocation(); - }, + window.location.href = Helper.baseUri(); + } /** - * return raw text + * checks whether the element is currently visible in the viewport (so + * the user can actually see it) * - * @name controller.rawText + * @see {@link https://stackoverflow.com/a/40658647} + * @name UiHelper.isVisible * @function - * @param {Event} event + * @param {jQuery} $element The link hash to move to. */ - rawText: function(event) + me.isVisible = function($element) { - event.preventDefault(); - var paste = $('#pasteFormatter').val() === 'markdown' ? - this.prettyPrint.text() : this.clearText.text(); - history.pushState( - null, document.title, helper.scriptLocation() + '?' + - helper.pasteId() + '#' + helper.pageKey() - ); - // we use text/html instead of text/plain to avoid a bug when - // reloading the raw text view (it reverts to type text/html) - var newDoc = document.open('text/html', 'replace'); - newDoc.write('
' + helper.htmlEntities(paste) + '
'); - newDoc.close(); - }, + var elementTop = $element.offset().top; + var viewportTop = $(window).scrollTop(); + var viewportBottom = viewportTop + $(window).height(); + + return (elementTop > viewportTop && elementTop < viewportBottom); + } /** - * clone the current paste + * scrolls to a specific element * - * @name controller.clonePaste + * @see {@link https://stackoverflow.com/questions/4198041/jquery-smooth-scroll-to-an-anchor#answer-12714767} + * @name UiHelper.scrollTo * @function - * @param {Event} event + * @param {jQuery} $element The link hash to move to. + * @param {(number|string)} animationDuration passed to jQuery .animate, when set to 0 the animation is skipped + * @param {string} animationEffect passed to jQuery .animate + * @param {function} finishedCallback function to call after animation finished */ - clonePaste: function(event) + me.scrollTo = function($element, animationDuration, animationEffect, finishedCallback) { - event.preventDefault(); - this.stateNewPaste(); + var $body = $('html, body'), + margin = 50, + callbackCalled = false; - // erase the id and the key in url - history.replaceState(null, document.title, helper.scriptLocation()); - - this.showStatus(''); - if (this.attachmentLink.attr('href')) - { - this.clonedFile.removeClass('hidden'); - this.fileWrap.addClass('hidden'); + //calculate destination place + var dest = 0; + // if it would scroll out of the screen at the bottom only scroll it as + // far as the screen can go + if ($element.offset().top > $(document).height() - $(window).height()) { + dest = $(document).height() - $(window).height(); + } else { + dest = $element.offset().top - margin; } - this.message.text( - $('#pasteFormatter').val() === 'markdown' ? - this.prettyPrint.text() : this.clearText.text() - ); - $('.navbar-toggle').click(); - }, - - /** - * set the expiration on bootstrap templates - * - * @name controller.setExpiration - * @function - * @param {Event} event - */ - setExpiration: function(event) - { - event.preventDefault(); - var target = $(event.target); - $('#pasteExpiration').val(target.data('expiration')); - $('#pasteExpirationDisplay').text(target.text()); - }, - - /** - * set the format on bootstrap templates - * - * @name controller.setFormat - * @function - * @param {Event} event - */ - setFormat: function(event) - { - event.preventDefault(); - var target = $(event.target); - $('#pasteFormatter').val(target.data('format')); - $('#pasteFormatterDisplay').text(target.text()); - - if (this.messagePreview.parent().hasClass('active')) { - this.viewPreview(event); + // skip animation if duration is set to 0 + if (animationDuration === 0) { + window.scrollTo(0, dest); + } else { + // stop previous animation + $body.stop(); + // scroll to destination + $body.animate({ + scrollTop: dest + }, animationDuration, animationEffect); } - }, + + // as we have finished we can enable scrolling again + $body.queue(function (next) { + if (!callbackCalled) { + // call user function if needed + if (typeof finishedCallback !== 'undefined') { + finishedCallback(); + } + + // prevent calling this function twice + callbackCalled = true; + } + next(); + }); + } /** - * set the language in a cookie and reload the page + * initialize * - * @name controller.setLanguage + * @name UiHelper.init + * @function + */ + me.init = function() + { + // update link to home page + $('.reloadlink').prop('href', Helper.baseUri()); + + $(window).on('popstate', historyChange); + } + + return me; + })(window, document); + + /** + * Alert/error manager + * + * @name Alert + * @class + */ + var Alert = (function () { + var me = {}; + + var $errorMessage, + $loadingIndicator, + $statusMessage, + $remainingTime; + + var currentIcon = [ + 'glyphicon-time', // loading icon + 'glyphicon-info-sign', // status icon + '', // resevered for warning, not used yet + 'glyphicon-alert' // error icon + ]; + + var alertType = [ + 'loading', // not in bootstrap, but using a good value here + 'info', // status icon + 'warning', // not used yet + 'danger' // error icon + ]; + + var customHandler; + + /** + * forwards a request to the i18n module and shows the element + * + * @name Alert.handleNotification + * @private + * @function + * @param {int} id - id of notification + * @param {jQuery} $element - jQuery object + * @param {string|array} args + * @param {string|null} icon - optional, icon + */ + function handleNotification(id, $element, args, icon) + { + // basic parsing/conversion of parameters + if (typeof icon === 'undefined') { + icon = null; + } + if (typeof args === 'undefined') { + args = null; + } else if (typeof args === 'string') { + // convert string to array if needed + args = [args]; + } + + // pass to custom handler if defined + if (typeof customHandler === 'function') { + var handlerResult = customHandler(alertType[id], $element, args, icon); + if (handlerResult === true) { + // if it returs true, skip own handler + return; + } + if (handlerResult instanceof jQuery) { + // continue processing with new element + $element = handlerResult; + icon = null; // icons not supported in this case + } + } + + // handle icon + if (icon !== null && // icon was passed + icon !== currentIcon[id] // and it differs from current icon + ) { + var $glyphIcon = $element.find(':first'); + + // remove (previous) icon + $glyphIcon.removeClass(currentIcon[id]); + + // any other thing as a string (e.g. 'null') (only) removes the icon + if (typeof icon === 'string') { + // set new icon + currentIcon[id] = 'glyphicon-' + icon; + $glyphIcon.addClass(currentIcon[id]); + } + } + + // show text + if (args !== null) { + // add jQuery object to it as first parameter + args.unshift($element); + // pass it to I18n + I18n._.apply(this, args); + } + + // show notification + $element.removeClass('hidden'); + } + + /** + * display a status message + * + * This automatically passes the text to I18n for translation. + * + * @name Alert.showStatus + * @function + * @param {string|array} message string, use an array for %s/%d options + * @param {string|null} icon optional, the icon to show, + * default: leave previous icon + * @param {bool} dismissable optional, whether the notification + * can be dismissed (closed), default: false + * @param {bool|int} autoclose optional, after how many seconds the + * notification should be hidden automatically; + * default: disabled (0); use true for default value + */ + me.showStatus = function(message, icon, dismissable, autoclose) + { + console.log('status shown: ', message); + // @TODO: implement dismissable + // @TODO: implement autoclose + + handleNotification(1, $statusMessage, message, icon); + } + + /** + * display an error message + * + * This automatically passes the text to I18n for translation. + * + * @name Alert.showError + * @function + * @param {string|array} message string, use an array for %s/%d options + * @param {string|null} icon optional, the icon to show, default: + * leave previous icon + * @param {bool} dismissable optional, whether the notification + * can be dismissed (closed), default: false + * @param {bool|int} autoclose optional, after how many seconds the + * notification should be hidden automatically; + * default: disabled (0); use true for default value + */ + me.showError = function(message, icon, dismissable, autoclose) + { + console.error('error message shown: ', message); + // @TODO: implement dismissable (bootstrap add-on has it) + // @TODO: implement autoclose + + handleNotification(3, $errorMessage, message, icon); + } + + /** + * display remaining message + * + * This automatically passes the text to I18n for translation. + * + * @name Alert.showRemaining + * @function + * @param {string|array} message string, use an array for %s/%d options + */ + me.showRemaining = function(message) + { + console.log('remaining message shown: ', message); + handleNotification(1, $remainingTime, message); + } + + /** + * shows a loading message, optionally with a percentage + * + * This automatically passes all texts to the i10s module. + * + * @name Alert.showLoading + * @function + * @param {string|array|null} message optional, use an array for %s/%d options, default: 'Loading…' + * @param {int} percentage optional, default: null + * @param {string|null} icon optional, the icon to show, default: leave previous icon + */ + me.showLoading = function(message, percentage, icon) + { + if (typeof message !== 'undefined' && message !== null) { + console.log('status changed: ', message); + } + + // default message text + if (typeof message === 'undefined') { + message = 'Loading…'; + } + + // currently percentage parameter is ignored + // // @TODO handle it here… + + handleNotification(0, $loadingIndicator, message, icon); + + // show loading status (cursor) + $('body').addClass('loading'); + } + + /** + * hides the loading message + * + * @name Alert.hideLoading + * @function + */ + me.hideLoading = function() + { + $loadingIndicator.addClass('hidden'); + + // hide loading cursor + $('body').removeClass('loading'); + } + + /** + * hides any status/error messages + * + * This does not include the loading message. + * + * @name Alert.hideMessages + * @function + */ + me.hideMessages = function() + { + // also possible: $('.statusmessage').addClass('hidden'); + $statusMessage.addClass('hidden'); + $errorMessage.addClass('hidden'); + } + + /** + * set a custom handler, which gets all notifications. + * + * This handler gets the following arguments: + * alertType (see array), $element, args, icon + * If it returns true, the own processing will be stopped so the message + * will not be displayed. Otherwise it will continue. + * As an aditional feature it can return q jQuery element, which will + * then be used to add the message there. Icons are not supported in + * that case and will be ignored. + * Pass 'null' to reset/delete the custom handler. + * Note that there is no notification when a message is supposed to get + * hidden. + * + * @name Alert.setCustomHandler + * @function + * @param {function|null} newHandler + */ + me.setCustomHandler = function(newHandler) + { + customHandler = newHandler; + } + + /** + * init status manager + * + * preloads jQuery elements + * + * @name Alert.init + * @function + */ + me.init = function() + { + // hide "no javascript" error message + $('#noscript').hide(); + + // not a reset, but first set of the elements + $errorMessage = $('#errormessage'); + $loadingIndicator = $('#loadingindicator'); + $statusMessage = $('#status'); + $remainingTime = $('#remainingtime'); + } + + return me; + })(); + + /** + * handles paste status/result + * + * @name PasteStatus + * @param {object} window + * @class + */ + var PasteStatus = (function (window) { + var me = {}; + + var $pasteSuccess, + $pasteUrl, + $remainingTime, + $shortenButton; + + /** + * forward to URL shortener + * + * @name PasteStatus.sendToShortener + * @private * @function * @param {Event} event */ - setLanguage: function(event) + function sendToShortener(event) { - document.cookie = 'lang=' + $(event.target).data('lang'); - this.reloadPage(event); - }, + window.location.href = $shortenButton.data('shortener') + + encodeURIComponent($pasteUrl.attr('href')); + } + + /** + * Forces opening the paste if the link does not do this automatically. + * + * This is necessary as browsers will not reload the page when it is + * already loaded (which is fake as it is set via history.pushState()). + * + * @name PasteStatus.pasteLinkClick + * @function + * @param {Event} event + */ + function pasteLinkClick(event) + { + // check if location is (already) shown in URL bar + if (window.location.href === $pasteUrl.attr('href')) { + // if so we need to load link by reloading the current site + window.location.reload(true); + } + } + + /** + * creates a notification after a successfull paste upload + * + * @name PasteStatus.createPasteNotification + * @function + * @param {string} url + * @param {string} deleteUrl + */ + me.createPasteNotification = function(url, deleteUrl) + { + $('#pastelink').html( + I18n._( + 'Your paste is %s (Hit [Ctrl]+[c] to copy)', + url, url + ) + ); + // save newly created element + $pasteUrl = $('#pasteurl'); + // and add click event + $pasteUrl.click(pasteLinkClick); + + // shorten button + $('#deletelink').html('' + I18n._('Delete data') + ''); + + // show result + $pasteSuccess.removeClass('hidden'); + // we pre-select the link so that the user only has to [Ctrl]+[c] the link + Helper.selectText($pasteUrl[0]); + } + + /** + * shows the remaining time + * + * @name PasteStatus.showRemainingTime + * @function + * @param {object} pasteMetaData + */ + me.showRemainingTime = function(pasteMetaData) + { + if (pasteMetaData.burnafterreading) { + // display paste "for your eyes only" if it is deleted + + // actually remove paste, before we claim it is deleted + Controller.removePaste(Model.getPasteId(), 'burnafterreading'); + + Alert.showRemaining("FOR YOUR EYES ONLY. Don't close this window, this message can't be displayed again."); + $remainingTime.addClass('foryoureyesonly'); + + // discourage cloning (it cannot really be prevented) + TopNav.hideCloneButton(); + + } else if (pasteMetaData.expire_date) { + // display paste expiration + var expiration = Helper.secondsToHuman(pasteMetaData.remaining_time), + expirationLabel = [ + 'This document will expire in %d ' + expiration[1] + '.', + 'This document will expire in %d ' + expiration[1] + 's.' + ]; + + Alert.showRemaining([expirationLabel, expiration[0]]); + $remainingTime.removeClass('foryoureyesonly') + } else { + // never expires + return; + } + + // in the end, display notification + $remainingTime.removeClass('hidden'); + } + + /** + * hides the remaining time and successful upload notification + * + * @name PasteStatus.hideRemainingTime + * @function + */ + me.hideMessages = function() + { + $remainingTime.addClass('hidden'); + $pasteSuccess.addClass('hidden'); + } + + /** + * init status manager + * + * preloads jQuery elements + * + * @name PasteStatus.init + * @function + */ + me.init = function() + { + $pasteSuccess = $('#pasteSuccess'); + // $pasteUrl is saved in me.createPasteNotification() after creation + $remainingTime = $('#remainingtime'); + $shortenButton = $('#shortenbutton'); + + // bind elements + $shortenButton.click(sendToShortener); + } + + return me; + })(window); + + /** + * password prompt + * + * @name Prompt + * @class + */ + var Prompt = (function () { + var me = {}; + + var $passwordDecrypt, + $passwordForm, + $passwordModal; + + var password = ''; + + /** + * submit a password in the modal dialog + * + * @name Prompt.submitPasswordModal + * @private + * @function + * @param {Event} event + */ + function submitPasswordModal(event) + { + event.preventDefault(); + + // get input + password = $passwordDecrypt.val(); + + // hide modal + $passwordModal.modal('hide'); + + PasteDecrypter.run(); + } + + /** + * ask the user for the password and set it + * + * @name Prompt.requestPassword + * @function + */ + me.requestPassword = function() + { + // show new bootstrap method (if available) + if ($passwordModal.length !== 0) { + $passwordModal.modal({ + backdrop: 'static', + keyboard: false + }); + return; + } + + // fallback to old method for page template + var newPassword = prompt(I18n._('Please enter the password for this paste:'), ''); + if (newPassword === null) { + throw 'password prompt canceled'; + } + if (password.length === 0) { + // recursive… + return me.requestPassword(); + } + + password = newPassword; + } + + /** + * getthe cached password + * + * If you do not get a password with this function + * (returns an empty string), use requestPassword. + * + * @name Prompt.getPassword + * @function + * @return {string} + */ + me.getPassword = function() + { + return password; + } + + /** + * init status manager + * + * preloads jQuery elements + * + * @name Prompt.init + * @function + */ + me.init = function() + { + $passwordDecrypt = $('#passworddecrypt'); + $passwordForm = $('#passwordform'); + $passwordModal = $('#passwordmodal'); + + // bind events + + // focus password input when it is shown + $passwordModal.on('shown.bs.Model', function () { + $passwordDecrypt.focus(); + }); + // handle Model password submission + $passwordForm.submit(submitPasswordModal); + } + + return me; + })(); + + /** + * Manage paste/message input, and preview tab + * + * Note that the actual preview is handled by PasteViewer. + * + * @name Editor + * @class + */ + var Editor = (function () { + var me = {}; + + var $editorTabs, + $messageEdit, + $messagePreview, + $message; + + var isPreview = false; /** * support input of tab character * - * @name controller.supportTabs + * @name Editor.supportTabs * @function * @param {Event} event + * @this $message (but not used, so it is jQuery-free, possibly faster) */ - supportTabs: function(event) + function supportTabs(event) { var keyCode = event.keyCode || event.which; // tab was pressed - if (keyCode === 9) - { - // prevent the textarea to lose focus - event.preventDefault(); + if (keyCode === 9) { // get caret position & selection var val = this.value, start = this.selectionStart, @@ -1511,341 +1544,2492 @@ jQuery.PrivateBin = function($, sjcl, Base64, RawDeflate) { this.value = val.substring(0, start) + '\t' + val.substring(end); // put caret at right position again this.selectionStart = this.selectionEnd = start + 1; + // prevent the textarea to lose focus + event.preventDefault(); } - }, + } /** - * view the editor tab + * view the Editor tab * - * @name controller.viewEditor + * @name Editor.viewEditor * @function - * @param {Event} event + * @param {Event} event - optional */ - viewEditor: function(event) + function viewEditor(event) { - event.preventDefault(); - this.messagePreview.parent().removeClass('active'); - this.messageEdit.parent().addClass('active'); - this.message.focus(); - this.stateNewPaste(); - }, + // toggle buttons + $messageEdit.addClass('active'); + $messagePreview.removeClass('active'); + + PasteViewer.hide(); + + // reshow input + $message.removeClass('hidden'); + + me.focusInput(); + + // finish + isPreview = false; + + // prevent jumping of page to top + if (typeof event !== 'undefined') { + event.preventDefault(); + } + } /** * view the preview tab * - * @name controller.viewPreview + * @name Editor.viewPreview * @function * @param {Event} event */ - viewPreview: function(event) + function viewPreview(event) { - event.preventDefault(); - this.messageEdit.parent().removeClass('active'); - this.messagePreview.parent().addClass('active'); - this.message.focus(); - this.stateExistingPaste(true); - this.formatPaste($('#pasteFormatter').val(), this.message.val()); - }, + // toggle buttons + $messageEdit.removeClass('active'); + $messagePreview.addClass('active'); - /** - * handle history (pop) state changes - * - * currently this does only handle redirects to the home page. - * - * @name controller.historyChange - * @function - * @param {Event} event - */ - historyChange: function(event) - { - var currentLocation = helper.scriptLocation(); - if (event.originalEvent.state === null && // no state object passed - event.originalEvent.target.location.href === currentLocation && // target location is home page - window.location.href === currentLocation // and we are not already on the home page - ) { - // redirect to home page - window.location.href = currentLocation; + // hide input as now preview is shown + $message.addClass('hidden'); + + // show preview + PasteViewer.setText($message.val()); + PasteViewer.run(); + + // finish + isPreview = true; + + // prevent jumping of page to top + if (typeof event !== 'undefined') { + event.preventDefault(); } - }, + } /** - * Forces opening the paste if the link does not do this automatically. + * get the state of the preview * - * This is necessary as browsers will not reload the page when it is - * already loaded (which is fake as it is set via history.pushState()). - * - * @name controller.pasteLinkClick + * @name Editor.isPreview * @function - * @param {Event} event */ - pasteLinkClick: function(event) + me.isPreview = function() { - // check if location is (already) shown in URL bar - if (window.location.href === this.pasteUrl.attr('href')) { - // if so we need to load link by reloading the current site - window.location.reload(true); + return isPreview; + } + + /** + * reset the Editor view + * + * @name Editor.resetInput + * @function + */ + me.resetInput = function() + { + // go back to input + if (isPreview) { + viewEditor(); } - }, + + // clear content + $message.val(''); + } /** - * create a new paste + * shows the Editor * - * @name controller.newPaste + * @name Editor.show * @function */ - newPaste: function() + me.show = function() { - this.stateNewPaste(); - this.showStatus(''); - this.message.text(''); - this.changeBurnAfterReading(); - this.changeOpenDisc(); - }, + $message.removeClass('hidden'); + $editorTabs.removeClass('hidden'); + } /** - * removes an attachment + * hides the Editor * - * @name controller.removeAttachment + * @name Editor.reset * @function */ - removeAttachment: function() + me.hide = function() { - this.clonedFile.addClass('hidden'); - // removes the saved decrypted file data - this.attachmentLink.attr('href', ''); - // the only way to deselect the file is to recreate the input - this.fileWrap.html(this.fileWrap.html()); - this.fileWrap.removeClass('hidden'); - }, + $message.addClass('hidden'); + $editorTabs.addClass('hidden'); + } /** - * decrypt using the password from the modal dialog + * focuses the message input * - * @name controller.decryptPasswordModal + * @name Editor.focusInput * @function */ - decryptPasswordModal: function() + me.focusInput = function() { - this.passwordInput.val(this.passwordDecrypt.val()); - this.displayMessages(); - }, + $message.focus(); + } /** - * submit a password in the modal dialog + * sets a new text * - * @name controller.submitPasswordModal + * @name Editor.setText * @function - * @param {Event} event + * @param {string} newText */ - submitPasswordModal: function(event) + me.setText = function(newText) { - event.preventDefault(); - this.passwordModal.modal('hide'); - }, + $message.val(newText); + } /** - * display an error message, - * we use the same function for paste and reply to comments + * returns the current text * - * @name controller.showError + * @name Editor.getText * @function - * @param {string} message - text to display + * @return {string} */ - showError: function(message) + me.getText = function() { - if (this.status.length) - { - this.status.addClass('errorMessage').text(message); - } - else - { - this.errorMessage.removeClass('hidden'); - helper.setMessage(this.errorMessage, message); - } - if (typeof this.replyStatus !== 'undefined') { - this.replyStatus.addClass('errorMessage'); - this.replyStatus.addClass(this.errorMessage.attr('class')); - if (this.status.length) - { - this.replyStatus.html(this.status.html()); - } - else - { - this.replyStatus.html(this.errorMessage.html()); - } - } - }, + return $message.val() + } /** - * display a status message, - * we use the same function for paste and reply to comments + * init status manager * - * @name controller.showStatus + * preloads jQuery elements + * + * @name Editor.init * @function - * @param {string} message - text to display - * @param {boolean} [spin=false] - (optional) tell if the "spinning" animation should be displayed, defaults to false */ - showStatus: function(message, spin) + me.init = function() { - if (spin || false) - { - var img = ''; - this.status.prepend(img); - if (typeof this.replyStatus !== 'undefined') { - this.replyStatus.prepend(img); - } - } - if (typeof this.replyStatus !== 'undefined') { - this.replyStatus.removeClass('errorMessage').text(message); - } - if (!message) - { - this.status.html(' '); + $editorTabs = $('#editorTabs'); + $message = $('#message'); + + // bind events + $message.keydown(supportTabs); + + // bind click events to tab switchers (a), but save parent of them + // (li) + $messageEdit = $('#messageedit').click(viewEditor).parent(); + $messagePreview = $('#messagepreview').click(viewPreview).parent(); + } + + return me; + })(); + + /** + * (view) Parse and show paste. + * + * @name PasteViewer + * @class + */ + var PasteViewer = (function () { + var me = {}; + + var $placeholder, + $prettyMessage, + $prettyPrint, + $plainText; + + var text, + format = 'plaintext', + isDisplayed = false, + isChanged = true; // by default true as nothing was parsed yet + + /** + * apply the set format on paste and displays it + * + * @name PasteViewer.parsePaste + * @private + * @function + */ + function parsePaste() + { + // skip parsing if no text is given + if (text === '') { return; } - if (message === '') - { - this.status.html(' '); - return; + + // set text + Helper.setElementText($plainText, text); + Helper.setElementText($prettyPrint, text); + + switch (format) { + case 'markdown': + var converter = new showdown.Converter({ + strikethrough: true, + tables: true, + tablesHeaderId: true + }); + $plainText.html( + converter.makeHtml(text) + ); + // add table classes from bootstrap css + $plainText.find('table').addClass('table-condensed table-bordered'); + break; + case 'syntaxhighlighting': + // @TODO is this really needed or is "one" enough? + if (typeof prettyPrint === 'function') + { + prettyPrint(); + } + + $prettyPrint.html( + prettyPrintOne( + Helper.htmlEntities(text), null, true + ) + ); + // fall through, as the rest is the same + default: // = 'plaintext' + // convert URLs to clickable links + Helper.urls2links($plainText); + Helper.urls2links($prettyPrint); + + $prettyPrint.css('white-space', 'pre-wrap'); + $prettyPrint.css('word-break', 'normal'); + $prettyPrint.removeClass('prettyprint'); } - this.status.removeClass('errorMessage').text(message); - }, + } /** - * bind events to DOM elements + * displays the paste * - * @name controller.bindEvents + * @name PasteViewer.showPaste + * @private * @function */ - bindEvents: function() + function showPaste() { - this.burnAfterReading.change($.proxy(this.changeBurnAfterReading, this)); - this.openDisc.change($.proxy(this.changeOpenDisc, this)); - this.sendButton.click($.proxy(this.sendData, this)); - this.cloneButton.click($.proxy(this.clonePaste, this)); - this.rawTextButton.click($.proxy(this.rawText, this)); - this.fileRemoveButton.click($.proxy(this.removeAttachment, this)); - $('.reloadlink').click($.proxy(this.reloadPage, this)); - this.message.keydown(this.supportTabs); - this.messageEdit.click($.proxy(this.viewEditor, this)); - this.messagePreview.click($.proxy(this.viewPreview, this)); + // instead of "nothing" better display a placeholder + if (text === '') { + $placeholder.removeClass('hidden') + return; + } + // otherwise hide the placeholder + $placeholder.addClass('hidden') + + switch (format) { + case 'markdown': + $plainText.removeClass('hidden'); + $prettyMessage.addClass('hidden'); + break; + default: + $plainText.addClass('hidden'); + $prettyMessage.removeClass('hidden'); + break; + } + } + + /** + * sets the format in which the text is shown + * + * @name PasteViewer.setFormat + * @function + * @param {string} newFormat the the new format + */ + me.setFormat = function(newFormat) + { + // skip if there is no update + if (format === newFormat) { + return; + } + + // needs to update display too, if from or to Markdown is switched + if (format === 'markdown' || newFormat === 'markdown') { + isDisplayed = false; + } + + format = newFormat; + isChanged = true; + } + + /** + * returns the current format + * + * @name PasteViewer.getFormat + * @function + * @return {string} + */ + me.getFormat = function() + { + return format; + } + + /** + * returns whether the current view is pretty printed + * + * @name PasteViewer.isPrettyPrinted + * @function + * @return {bool} + */ + me.isPrettyPrinted = function() + { + return $prettyPrint.hasClass('prettyprinted'); + } + + /** + * sets the text to show + * + * @name PasteViewer.setText + * @function + * @param {string} newText the text to show + */ + me.setText = function(newText) + { + if (text !== newText) { + text = newText; + isChanged = true; + } + } + + /** + * gets the current cached text + * + * @name PasteViewer.getText + * @function + * @return {string} + */ + me.getText = function() + { + return text; + } + + /** + * show/update the parsed text (preview) + * + * @name PasteViewer.run + * @function + */ + me.run = function() + { + if (isChanged) { + parsePaste(); + isChanged = false; + } + + if (!isDisplayed) { + showPaste(); + isDisplayed = true; + } + } + + /** + * hide parsed text (preview) + * + * @name PasteViewer.hide + * @function + */ + me.hide = function() + { + if (!isDisplayed) { + console.warn('PasteViewer was called to hide the parsed view, but it is already hidden.'); + } + + $plainText.addClass('hidden'); + $prettyMessage.addClass('hidden'); + $placeholder.addClass('hidden'); + + isDisplayed = false; + } + + /** + * init status manager + * + * preloads jQuery elements + * + * @name PasteViewer.init + * @function + */ + me.init = function() + { + $placeholder = $('#placeholder'); + $plainText = $('#plaintext'); + $prettyMessage = $('#prettymessage'); + $prettyPrint = $('#prettyprint'); + + // check requirements + if (typeof prettyPrintOne !== 'function') { + Alert.showError([ + 'The library %s is not available. This may cause display errors.', + 'pretty print' + ]); + } + if (typeof showdown !== 'object') { + Alert.showError([ + 'The library %s is not available. This may cause display errors.', + 'showdown' + ]); + } + + // get default option from template/HTML or fall back to set value + format = Model.getFormatDefault() || format; + } + + return me; + })(); + + /** + * (view) Show attachment and preview if possible + * + * @name AttachmentViewer + * @param {object} window + * @param {object} document + * @class + */ + var AttachmentViewer = (function (window, document) { + var me = {}; + + var $attachmentLink, + $attachmentPreview, + $attachment; + + var attachmentHasPreview = false; + + /** + * sets the attachment but does not yet show it + * + * @name AttachmentViewer.setAttachment + * @function + * @param {string} attachmentData - base64-encoded data of file + * @param {string} fileName - optional, file name + */ + me.setAttachment = function(attachmentData, fileName) + { + var imagePrefix = 'data:image/'; + + $attachmentLink.attr('href', attachmentData); + if (typeof fileName !== 'undefined') { + $attachmentLink.attr('download', fileName); + } + + // if the attachment is an image, display it + if (attachmentData.substring(0, imagePrefix.length) === imagePrefix) { + $attachmentPreview.html( + $(document.createElement('img')) + .attr('src', attachmentData) + .attr('class', 'img-thumbnail') + ); + attachmentHasPreview = true; + } + } + + /** + * displays the attachment + * + * @name AttachmentViewer.showAttachment + * @function + */ + me.showAttachment = function() + { + $attachment.removeClass('hidden'); + + if (attachmentHasPreview) { + $attachmentPreview.removeClass('hidden'); + } + } + + /** + * removes the attachment + * + * This automatically hides the attachment containers to, to + * prevent an inconsistent display. + * + * @name AttachmentViewer.removeAttachment + * @function + */ + me.removeAttachment = function() + { + me.hideAttachment(); + me.hideAttachmentPreview(); + $attachmentLink.prop('href', ''); + $attachmentLink.prop('download', ''); + $attachmentPreview.html(''); + } + + /** + * hides the attachment + * + * This will not hide the preview (see AttachmentViewer.hideAttachmentPreview + * for that) nor will it hide the attachment link if it was moved somewhere + * else (see AttachmentViewer.moveAttachmentTo). + * + * @name AttachmentViewer.hideAttachment + * @function + */ + me.hideAttachment = function() + { + $attachment.addClass('hidden'); + } + + /** + * hides the attachment preview + * + * @name AttachmentViewer.hideAttachmentPreview + * @function + */ + me.hideAttachmentPreview = function() + { + $attachmentPreview.addClass('hidden'); + } + + /** + * checks if there is an attachment + * + * @name AttachmentViewer.hasAttachment + * @function + */ + me.hasAttachment = function() + { + return ($attachmentLink.prop('href') !== '') + } + + /** + * return the attachment + * + * @name AttachmentViewer.getAttachment + * @function + * @returns {array} + */ + me.getAttachment = function() + { + return [ + $attachmentLink.prop('href'), + $attachmentLink.prop('download') + ]; + } + + /** + * moves the attachment link to another element + * + * It is advisable to hide the attachment afterwards (AttachmentViewer.hideAttachment) + * + * @name AttachmentViewer.moveAttachmentTo + * @function + * @param {jQuery} $element - the wrapper/container element where this should be moved to + * @param {string} label - the text to show (%s will be replaced with the file name), will automatically be translated + */ + me.moveAttachmentTo = function($element, label) + { + // move elemement to new place + $attachmentLink.appendTo($element); + + // update text + I18n._($attachmentLink, label, $attachmentLink.attr('download')); + } + + /** + * initiate + * + * preloads jQuery elements + * + * @name AttachmentViewer.init + * @function + */ + me.init = function() + { + $attachment = $('#attachment'); + $attachmentLink = $('#attachment a'); + $attachmentPreview = $('#attachmentPreview'); + } + + return me; + })(window, document); + + /** + * (view) Shows discussion thread and handles replies + * + * @name DiscussionViewer + * @param {object} window + * @param {object} document + * @class + */ + var DiscussionViewer = (function (window, document) { + var me = {}; + + var $commentTail, + $discussion, + $reply, + $replyMessage, + $replyNickname, + $replyStatus, + $commentContainer; + + var replyCommentId; + + /** + * initializes the templates + * + * @name DiscussionViewer.initTemplates + * @private + * @function + */ + function initTemplates() + { + $reply = Model.getTemplate('reply'); + $replyMessage = $reply.find('#replymessage'); + $replyNickname = $reply.find('#nickname'); + $replyStatus = $reply.find('#replystatus'); + + // cache jQuery elements + $commentTail = Model.getTemplate('commenttail'); + } + + /** + * open the comment entry when clicking the "Reply" button of a comment + * + * @name DiscussionViewer.openReply + * @private + * @function + * @param {Event} event + */ + function openReply(event) + { + var $source = $(event.target); + + // clear input + $replyMessage.val(''); + $replyNickname.val(''); + + // get comment id from source element + replyCommentId = $source.parent().prop('id').split('_')[1]; + + // move to correct position + $source.after($reply); + + // show + $reply.removeClass('hidden'); + $replyMessage.focus(); + + event.preventDefault(); + } + + /** + * custom handler for displaying notifications in own status message area + * + * @name DiscussionViewer.handleNotification + * @function + * @param {string} alertType + * @param {jQuery} $element + * @param {string|array} args + * @param {string|null} icon + * @return {bool|jQuery} + */ + me.handleNotification = function(alertType, $element, args, icon) + { + // ignore loading messages + if (alertType === 'loading') { + return false; + } + + if (alertType === 'danger') { + $replyStatus.removeClass('alert-info'); + $replyStatus.addClass('alert-danger'); + $replyStatus.find(':first').removeClass('glyphicon-alert'); + $replyStatus.find(':first').addClass('glyphicon-info-sign'); + } else { + $replyStatus.removeClass('alert-danger'); + $replyStatus.addClass('alert-info'); + $replyStatus.find(':first').removeClass('glyphicon-info-sign'); + $replyStatus.find(':first').addClass('glyphicon-alert'); + } + + return $replyStatus; + } + + /** + * adds another comment + * + * @name DiscussionViewer.addComment + * @function + * @param {object} comment + * @param {string} commentText + * @param {jQuery} $place - optional, tries to find the best position otherwise + */ + me.addComment = function(comment, commentText, nickname, $place) + { + if (typeof $place === 'undefined') { + // starting point (default value/fallback) + $place = $commentContainer; + + // if parent comment exists + var $parentComment = $('#comment_' + comment.parentid); + if ($parentComment.length) { + // use parent as position for noew comment, so it shifted + // to the right + $place = $parentComment; + } + } + if (commentText === '') { + commentText = 'comment decryption failed'; + } + + // create new comment based on template + var $commentEntry = Model.getTemplate('comment'); + $commentEntry.prop('id', 'comment_' + comment.id); + var $commentEntryData = $commentEntry.find('div.commentdata'); + + // set & parse text + Helper.setElementText($commentEntryData, commentText); + Helper.urls2links($commentEntryData); + + // set nickname + if (nickname.length > 0) { + $commentEntry.find('span.nickname').text(nickname); + } else { + $commentEntry.find('span.nickname').html(''); + I18n._($commentEntry.find('span.nickname i'), 'Anonymous'); + } + + // set date + $commentEntry.find('span.commentdate') + .text(' (' + (new Date(comment.meta.postdate * 1000).toLocaleString()) + ')') + .attr('title', 'CommentID: ' + comment.id); + + // if an avatar is available, display it + if (comment.meta.vizhash) { + $commentEntry.find('span.nickname') + .before( + ' ' + ); + $(document).on('languageLoaded', function () { + $commentEntry.find('img.vizhash') + .prop('title', I18n._('Avatar generated from IP address')); + }); + } + + // finally append comment + $place.append($commentEntry); + } + + /** + * finishes the discussion area after last comment + * + * @name DiscussionViewer.finishDiscussion + * @function + */ + me.finishDiscussion = function() + { + // add 'add new comment' area + $commentContainer.append($commentTail); + + // show discussions + $discussion.removeClass('hidden'); + } + + /** + * shows the discussion area + * + * @name DiscussionViewer.showDiscussion + * @function + */ + me.showDiscussion = function() + { + $discussion.removeClass('hidden'); + } + + /** + * removes the old discussion and prepares everything for creating a new + * one. + * + * @name DiscussionViewer.prepareNewDisucssion + * @function + */ + me.prepareNewDisucssion = function() + { + $commentContainer.html(''); + $discussion.addClass('hidden'); + + // (re-)init templates + initTemplates(); + } + + /** + * returns the user put into the reply form + * + * @name DiscussionViewer.getReplyData + * @function + * @return {array} + */ + me.getReplyData = function() + { + return [ + $replyMessage.val(), + $replyNickname.val() + ]; + } + + /** + * highlights a specific comment and scrolls to it if necessary + * + * @name DiscussionViewer.highlightComment + * @function + * @param {string} commentId + * @param {bool} fadeOut - whether to fade out the comment + */ + me.highlightComment = function(commentId, fadeOut) + { + var $comment = $('#comment_' + commentId); + // in case comment does not exist, cancel + if ($comment.length === 0) { + return; + } + + var highlightComment = function () { + $comment.addClass('highlight'); + if (fadeOut === true) { + setTimeout(function () { + $comment.removeClass('highlight'); + }, 300); + } + } + + if (UiHelper.isVisible($comment)) { + return highlightComment(); + } + + UiHelper.scrollTo($comment, 100, 'swing', highlightComment); + } + + /** + * returns the id of the parent comment the user is replying to + * + * @name DiscussionViewer.getReplyCommentId + * @function + * @return {int|undefined} + */ + me.getReplyCommentId = function() + { + return replyCommentId; + } + + /** + * initiate + * + * preloads jQuery elements + * + * @name DiscussionViewer.init + * @function + */ + me.init = function() + { + // bind events to templates (so they are later cloned) + $('#commenttailtemplate, #commenttemplate').find('button').on('click', openReply); + $('#replytemplate').find('button').on('click', PasteEncrypter.sendComment); + + $commentContainer = $('#commentcontainer'); + $discussion = $('#discussion'); + } + + return me; + })(window, document); + + /** + * Manage top (navigation) bar + * + * @name TopNav + * @param {object} window + * @param {object} document + * @class + */ + var TopNav = (function (window, document) { + var me = {}; + + var createButtonsDisplayed = false; + var viewButtonsDisplayed = false; + + var $attach, + $burnAfterReading, + $burnAfterReadingOption, + $cloneButton, + $customAttachment, + $expiration, + $fileRemoveButton, + $fileWrap, + $formatter, + $newButton, + $openDiscussion, + $openDiscussionOption, + $password, + $passwordInput, + $rawTextButton, + $sendButton; + + var pasteExpiration = '1week'; + + /** + * set the expiration on bootstrap templates in dropdown + * + * @name TopNav.updateExpiration + * @private + * @function + * @param {Event} event + */ + function updateExpiration(event) + { + // get selected option + var target = $(event.target); + + // update dropdown display and save new expiration time + $('#pasteExpirationDisplay').text(target.text()); + pasteExpiration = target.data('expiration'); + + event.preventDefault(); + } + + /** + * set the format on bootstrap templates in dropdown + * + * @name TopNav.updateFormat + * @private + * @function + * @param {Event} event + */ + function updateFormat(event) + { + // get selected option + var $target = $(event.target); + + // update dropdown display and save new format + var newFormat = $target.data('format'); + $('#pasteFormatterDisplay').text($target.text()); + PasteViewer.setFormat(newFormat); + + // update preview + if (Editor.isPreview()) { + PasteViewer.run(); + } + + event.preventDefault(); + } + + /** + * when "burn after reading" is checked, disable discussion + * + * @name TopNav.changeBurnAfterReading + * @private + * @function + */ + function changeBurnAfterReading() + { + if ($burnAfterReading.is(':checked')) { + $openDiscussionOption.addClass('buttondisabled'); + $openDiscussion.prop('checked', false); + + // if button is actually disabled, force-enable it and uncheck other button + $burnAfterReadingOption.removeClass('buttondisabled'); + } else { + $openDiscussionOption.removeClass('buttondisabled'); + } + } + + /** + * when discussion is checked, disable "burn after reading" + * + * @name TopNav.changeOpenDiscussion + * @private + * @function + */ + function changeOpenDiscussion() + { + if ($openDiscussion.is(':checked')) { + $burnAfterReadingOption.addClass('buttondisabled'); + $burnAfterReading.prop('checked', false); + + // if button is actually disabled, force-enable it and uncheck other button + $openDiscussionOption.removeClass('buttondisabled'); + } else { + $burnAfterReadingOption.removeClass('buttondisabled'); + } + } + + /** + * return raw text + * + * @name TopNav.rawText + * @private + * @function + * @param {Event} event + */ + function rawText(event) + { + TopNav.hideAllButtons(); + Alert.showLoading('Showing raw text…', 0, 'time'); + var paste = PasteViewer.getText(); + + // push a new state to allow back navigation with browser back button + history.pushState( + {type: 'raw'}, + document.title, + // recreate paste URL + Helper.baseUri() + '?' + Model.getPasteId() + '#' + + Model.getPasteKey() + ); + + // we use text/html instead of text/plain to avoid a bug when + // reloading the raw text view (it reverts to type text/html) + var $head = $('head').children().not('noscript, script, link[type="text/css"]'); + var newDoc = document.open('text/html', 'replace'); + newDoc.write(''); + for (var i = 0; i < $head.length; i++) { + newDoc.write($head[i].outerHTML); + } + newDoc.write('
' + Helper.htmlEntities(paste) + '
'); + newDoc.close(); + } + + /** + * saves the language in a cookie and reloads the page + * + * @name TopNav.setLanguage + * @private + * @function + * @param {Event} event + */ + function setLanguage(event) + { + document.cookie = 'lang=' + $(event.target).data('lang'); + UiHelper.reloadHome(); + } + + /** + * hides all messages and creates a new paste + * + * @name TopNav.clickNewPaste + * @private + * @function + * @param {Event} event + */ + function clickNewPaste(event) + { + Controller.hideStatusMessages(); + Controller.newPaste(); + } + + /** + * removes the existing attachment + * + * @name TopNav.removeAttachment + * @private + * @function + * @param {Event} event + */ + function removeAttachment(event) + { + // if custom attachment is used, remove it first + if (!$customAttachment.hasClass('hidden')) { + AttachmentViewer.removeAttachment(); + $customAttachment.addClass('hidden'); + $fileWrap.removeClass('hidden'); + } + + // our up-to-date jQuery can handle it :) + $fileWrap.find('input').val(''); + + // pevent '#' from appearing in the URL + event.preventDefault(); + } + + /** + * Shows all elements belonging to viwing an existing pastes + * + * @name TopNav.showViewButtons + * @function + */ + me.showViewButtons = function() + { + if (viewButtonsDisplayed) { + console.log('showViewButtons: view buttons are already displayed'); + return; + } + + $newButton.removeClass('hidden'); + $cloneButton.removeClass('hidden'); + $rawTextButton.removeClass('hidden'); + + viewButtonsDisplayed = true; + } + + /** + * Hides all elements belonging to existing pastes + * + * @name TopNav.hideViewButtons + * @function + */ + me.hideViewButtons = function() + { + if (!viewButtonsDisplayed) { + console.log('hideViewButtons: view buttons are already hidden'); + return; + } + + $newButton.addClass('hidden'); + $cloneButton.addClass('hidden'); + $rawTextButton.addClass('hidden'); + + viewButtonsDisplayed = false; + } + + /** + * Hides all elements belonging to existing pastes + * + * @name TopNav.hideAllButtons + * @function + */ + me.hideAllButtons = function() + { + me.hideViewButtons(); + me.hideCreateButtons(); + } + + /** + * shows all elements needed when creating a new paste + * + * @name TopNav.showCreateButtons + * @function + */ + me.showCreateButtons = function() + { + if (createButtonsDisplayed) { + console.log('showCreateButtons: create buttons are already displayed'); + return; + } + + $sendButton.removeClass('hidden'); + $expiration.removeClass('hidden'); + $formatter.removeClass('hidden'); + $burnAfterReadingOption.removeClass('hidden'); + $openDiscussionOption.removeClass('hidden'); + $newButton.removeClass('hidden'); + $password.removeClass('hidden'); + $attach.removeClass('hidden'); + + createButtonsDisplayed = true; + } + + /** + * shows all elements needed when creating a new paste + * + * @name TopNav.hideCreateButtons + * @function + */ + me.hideCreateButtons = function() + { + if (!createButtonsDisplayed) { + console.log('hideCreateButtons: create buttons are already hidden'); + return; + } + + $newButton.addClass('hidden'); + $sendButton.addClass('hidden'); + $expiration.addClass('hidden'); + $formatter.addClass('hidden'); + $burnAfterReadingOption.addClass('hidden'); + $openDiscussionOption.addClass('hidden'); + $password.addClass('hidden'); + $attach.addClass('hidden'); + + createButtonsDisplayed = false; + } + + /** + * only shows the "new paste" button + * + * @name TopNav.showNewPasteButton + * @function + */ + me.showNewPasteButton = function() + { + $newButton.removeClass('hidden'); + } + + /** + * only hides the clone button + * + * @name TopNav.hideCloneButton + * @function + */ + me.hideCloneButton = function() + { + $cloneButton.addClass('hidden'); + } + + /** + * only hides the raw text button + * + * @name TopNav.hideRawButton + * @function + */ + me.hideRawButton = function() + { + $rawTextButton.addClass('hidden'); + } + + /** + * hides the file selector in attachment + * + * @name TopNav.hideFileSelector + * @function + */ + me.hideFileSelector = function() + { + $fileWrap.addClass('hidden'); + } + + + /** + * shows the custom attachment + * + * @name TopNav.showCustomAttachment + * @function + */ + me.showCustomAttachment = function() + { + $customAttachment.removeClass('hidden'); + } + + /** + * collapses the navigation bar if nedded + * + * @name TopNav.collapseBar + * @function + */ + me.collapseBar = function() + { + var $bar = $('.navbar-toggle'); + + // check if bar is expanded + if ($bar.hasClass('collapse in')) { + // if so, toggle it + $bar.click(); + } + } + + /** + * returns the currently set expiration time + * + * @name TopNav.getExpiration + * @function + * @return {int} + */ + me.getExpiration = function() + { + return pasteExpiration; + } + + /** + * returns the currently selected file(s) + * + * @name TopNav.getFileList + * @function + * @return {FileList|null} + */ + me.getFileList = function() + { + var $file = $('#file'); + + // if no file given, return null + if (!$file.length || !$file[0].files.length) { + return null; + } + // @TODO is this really necessary + if (!($file[0].files && $file[0].files[0])) { + return null; + } + + return $file[0].files; + } + + /** + * returns the state of the burn after reading checkbox + * + * @name TopNav.getExpiration + * @function + * @return {bool} + */ + me.getBurnAfterReading = function() + { + return $burnAfterReading.is(':checked'); + } + + /** + * returns the state of the discussion checkbox + * + * @name TopNav.getOpenDiscussion + * @function + * @return {bool} + */ + me.getOpenDiscussion = function() + { + return $openDiscussion.is(':checked'); + } + + /** + * returns the entered password + * + * @name TopNav.getPassword + * @function + * @return {string} + */ + me.getPassword = function() + { + return $passwordInput.val(); + } + + /** + * returns the element where custom attachments can be placed + * + * Used by AttachmentViewer when an attachment is cloned here. + * + * @name TopNav.getCustomAttachment + * @function + * @return {jQuery} + */ + me.getCustomAttachment = function() + { + return $customAttachment; + } + + /** + * init navigation manager + * + * preloads jQuery elements + * + * @name TopNav.init + * @function + */ + me.init = function() + { + $attach = $('#attach'); + $burnAfterReading = $('#burnafterreading'); + $burnAfterReadingOption = $('#burnafterreadingoption'); + $cloneButton = $('#clonebutton'); + $customAttachment = $('#customattachment'); + $expiration = $('#expiration'); + $fileRemoveButton = $('#fileremovebutton'); + $fileWrap = $('#filewrap'); + $formatter = $('#formatter'); + $newButton = $('#newbutton'); + $openDiscussion = $('#opendiscussion'); + $openDiscussionOption = $('#opendiscussionoption'); + $password = $('#password'); + $passwordInput = $('#passwordinput'); + $rawTextButton = $('#rawtextbutton'); + $sendButton = $('#sendbutton'); + + // bootstrap template drop down + $('#language ul.dropdown-menu li a').click(setLanguage); + // page template drop down + $('#language select option').click(setLanguage); + + // bind events + $burnAfterReading.change(changeBurnAfterReading); + $openDiscussionOption.change(changeOpenDiscussion); + $newButton.click(clickNewPaste); + $sendButton.click(PasteEncrypter.sendPaste); + $cloneButton.click(Controller.clonePaste); + $rawTextButton.click(rawText); + $fileRemoveButton.click(removeAttachment); // bootstrap template drop downs - $('ul.dropdown-menu li a', $('#expiration').parent()).click($.proxy(this.setExpiration, this)); - $('ul.dropdown-menu li a', $('#formatter').parent()).click($.proxy(this.setFormat, this)); - $('#language ul.dropdown-menu li a').click($.proxy(this.setLanguage, this)); + $('ul.dropdown-menu li a', $('#expiration').parent()).click(updateExpiration); + $('ul.dropdown-menu li a', $('#formatter').parent()).click(updateFormat); - // page template drop down - $('#language select option').click($.proxy(this.setLanguage, this)); + // initiate default state of checkboxes + changeBurnAfterReading(); + changeOpenDiscussion(); - // handle modal password request on decryption - this.passwordModal.on('shown.bs.modal', $.proxy(this.passwordDecrypt.focus, this)); - this.passwordModal.on('hidden.bs.modal', $.proxy(this.decryptPasswordModal, this)); - this.passwordForm.submit($.proxy(this.submitPasswordModal, this)); + // get default value from template or fall back to set value + pasteExpiration = Model.getExpirationDefault() || pasteExpiration; + } - $(window).on('popstate', $.proxy(this.historyChange, this)); - }, + return me; + })(window, document); + + /** + * Responsible for AJAX requests, transparently handles encryption… + * + * @name Uploader + * @class + */ + var Uploader = (function () { + var me = {}; + + var successFunc = null, + failureFunc = null, + url, + data, + symmetricKey, + password; /** - * main application + * public variable ('constant') for errors to prevent magic numbers * - * @name controller.init - * @function + * @name Uploader.error + * @readonly + * @enum {Object} */ - init: function() + me.error = { + okay: 0, + custom: 1, + unknown: 2, + serverError: 3 + }; + + /** + * ajaxHeaders to send in AJAX requests + * + * @name Uploader.ajaxHeaders + * @private + * @readonly + * @enum {Object} + */ + var ajaxHeaders = {'X-Requested-With': 'JSONHttpRequest'}; + + /** + * called after successful upload + * + * @name Uploader.checkCryptParameters + * @private + * @function + * @throws {string} + */ + function checkCryptParameters() { - // hide "no javascript" message - $('#noscript').hide(); - - // preload jQuery wrapped DOM elements and bind events - this.attach = $('#attach'); - this.attachment = $('#attachment'); - this.attachmentLink = $('#attachment a'); - this.burnAfterReading = $('#burnafterreading'); - this.burnAfterReadingOption = $('#burnafterreadingoption'); - this.cipherData = $('#cipherdata'); - this.clearText = $('#cleartext'); - this.cloneButton = $('#clonebutton'); - this.clonedFile = $('#clonedfile'); - this.comments = $('#comments'); - this.discussion = $('#discussion'); - this.errorMessage = $('#errormessage'); - this.expiration = $('#expiration'); - this.fileRemoveButton = $('#fileremovebutton'); - this.fileWrap = $('#filewrap'); - this.formatter = $('#formatter'); - this.image = $('#image'); - this.loadingIndicator = $('#loadingindicator'); - this.message = $('#message'); - this.messageEdit = $('#messageedit'); - this.messagePreview = $('#messagepreview'); - this.newButton = $('#newbutton'); - this.openDisc = $('#opendisc'); - this.openDiscussion = $('#opendiscussion'); - this.password = $('#password'); - this.passwordInput = $('#passwordinput'); - this.passwordModal = $('#passwordmodal'); - this.passwordForm = $('#passwordform'); - this.passwordDecrypt = $('#passworddecrypt'); - this.pasteResult = $('#pasteresult'); - // this.pasteUrl is saved in sendDataContinue() if/after it is - // actually created - this.prettyMessage = $('#prettymessage'); - this.prettyPrint = $('#prettyprint'); - this.preview = $('#preview'); - this.rawTextButton = $('#rawtextbutton'); - this.remainingTime = $('#remainingtime'); - this.sendButton = $('#sendbutton'); - this.status = $('#status'); - this.bindEvents(); - - // display status returned by php code, if any (eg. paste was properly deleted) - if (this.status.text().length > 0) - { - this.showStatus(this.status.text()); - return; + // workaround for this nasty 'bug' in ECMAScript + // see https://stackoverflow.com/questions/18808226/why-is-typeof-null-object + var typeOfKey = typeof symmetricKey; + if (symmetricKey === null) { + typeOfKey = 'null'; } - // keep line height even if content empty - this.status.html(' '); + // in case of missing preparation, throw error + switch (typeOfKey) { + case 'string': + // already set, all right + return; + case 'null': + // needs to be generated auto-generate + symmetricKey = CryptTool.getSymmetricKey(); + break; + default: + console.error('current invalid symmetricKey:', symmetricKey); + throw 'symmetricKey is invalid, probably the module was not prepared'; + } + // password is optional + } - // display an existing paste - if (this.cipherData.text().length > 1) - { - // missing decryption key in URL? - if (window.location.hash.length === 0) - { - this.showError(i18n._('Cannot decrypt paste: Decryption key missing in URL (Did you use a redirector or an URL shortener which strips part of the URL?)')); + /** + * called after successful upload + * + * @name Uploader.success + * @private + * @function + * @param {int} status + * @param {int} result - optional + */ + function success(status, result) + { + // add useful data to result + result.encryptionKey = symmetricKey; + result.requestData = data; + + if (successFunc !== null) { + successFunc(status, result); + } + } + + /** + * called after a upload failure + * + * @name Uploader.fail + * @private + * @function + * @param {int} status - internal code + * @param {int} result - original error code + */ + function fail(status, result) + { + if (failureFunc !== null) { + failureFunc(status, result); + } + } + + /** + * actually uploads the data + * + * @name Uploader.run + * @function + */ + me.run = function() + { + $.ajax({ + type: 'POST', + url: url, + data: data, + dataType: 'json', + headers: ajaxHeaders, + success: function(result) { + if (result.status === 0) { + success(0, result); + } else if (result.status === 1) { + fail(1, result); + } else { + fail(2, result); + } + } + }) + .fail(function(jqXHR, textStatus, errorThrown) { + console.error(textStatus, errorThrown); + fail(3, jqXHR); + }); + } + + /** + * set success function + * + * @name Uploader.setUrl + * @function + * @param {function} newUrl + */ + me.setUrl = function(newUrl) + { + url = newUrl; + } + + /** + * sets the password to use (first value) and optionally also the + * encryption key (not recommend, it is automatically generated). + * + * Note: Call this after prepare() as prepare() resets these values. + * + * @name Uploader.setCryptValues + * @function + * @param {string} newPassword + * @param {string} newKey - optional + */ + me.setCryptParameters = function(newPassword, newKey) + { + password = newPassword; + + if (typeof newKey !== 'undefined') { + symmetricKey = newKey; + } + } + + /** + * set success function + * + * @name Uploader.setSuccess + * @function + * @param {function} func + */ + me.setSuccess = function(func) + { + successFunc = func; + } + + /** + * set failure function + * + * @name Uploader.setFailure + * @function + * @param {function} func + */ + me.setFailure = function(func) + { + failureFunc = func; + } + + /** + * prepares a new upload + * + * Call this when doing a new upload to reset any data from potential + * previous uploads. Must be called before any other method of this + * module. + * + * @name Uploader.prepare + * @function + * @return {object} + */ + me.prepare = function() + { + // entropy should already be checked! + + // reset password + password = ''; + + // reset key, so it a new one is generated when it is used + symmetricKey = null; + + // reset data + successFunc = null; + failureFunc = null; + url = Helper.baseUri(); + data = {}; + } + + /** + * encrypts and sets the data + * + * @name Uploader.setData + * @function + * @param {string} index + * @param {mixed} element + */ + me.setData = function(index, element) + { + checkCryptParameters(); + data[index] = CryptTool.cipher(symmetricKey, password, element); + } + + /** + * set the additional metadata to send unencrypted + * + * @name Uploader.setUnencryptedData + * @function + * @param {string} index + * @param {mixed} element + */ + me.setUnencryptedData = function(index, element) + { + data[index] = element; + } + + /** + * set the additional metadata to send unencrypted passed at once + * + * @name Uploader.setUnencryptedData + * @function + * @param {object} newData + */ + me.setUnencryptedBulkData = function(newData) + { + $.extend(data, newData); + } + + /** + * Helper, which parses shows a general error message based on the result of the Uploader + * + * @name Uploader.parseUploadError + * @function + * @param {int} status + * @param {object} data + * @param {string} doThisThing - a human description of the action, which was tried + * @return {array} + */ + me.parseUploadError = function(status, data, doThisThing) { + var errorArray; + + switch (status) { + case me.error['custom']: + errorArray = ['Could not ' + doThisThing + ': %s', data.message]; + break; + case me.error['unknown']: + errorArray = ['Could not ' + doThisThing + ': %s', I18n._('unknown status')]; + break; + case me.error['serverError']: + errorArray = ['Could not ' + doThisThing + ': %s', I18n._('server error or not responding')]; + break; + default: + errorArray = ['Could not ' + doThisThing + ': %s', I18n._('unknown error')]; + break; + } + + return errorArray; + } + + /** + * init Uploader + * + * @name Uploader.init + * @function + */ + me.init = function() + { + // nothing yet + } + + return me; + })(); + + /** + * (controller) Responsible for encrypting paste and sending it to server. + * + * Does upload, encryption is done transparently by Uploader. + * + * @name PasteEncrypter + * @class + */ + var PasteEncrypter = (function () { + var me = {}; + + var requirementsChecked = false; + + /** + * checks whether there is a suitable amount of entrophy + * + * @name PasteEncrypter.checkRequirements + * @private + * @function + * @param {function} retryCallback - the callback to execute to retry the upload + * @return {bool} + */ + function checkRequirements(retryCallback) { + // skip double requirement checks + if (requirementsChecked === true) { + return true; + } + + if (!CryptTool.isEntropyReady()) { + // display a message and wait + Alert.showStatus('Please move your mouse for more entropy…'); + + CryptTool.addEntropySeedListener(retryCallback); + return false; + } + + requirementsChecked = true; + + return true; + } + + /** + * called after successful paste upload + * + * @name PasteEncrypter.showCreatedPaste + * @private + * @function + * @param {int} status + * @param {object} data + */ + function showCreatedPaste(status, data) { + Alert.hideLoading(); + + var url = Helper.baseUri() + '?' + data.id + '#' + data.encryptionKey, + deleteUrl = Helper.baseUri() + '?pasteid=' + data.id + '&deletetoken=' + data.deletetoken; + + Alert.hideMessages(); + + // show notification + PasteStatus.createPasteNotification(url, deleteUrl) + + // show new URL in browser bar + history.pushState({type: 'newpaste'}, document.title, url); + + TopNav.showViewButtons(); + TopNav.hideRawButton(); + Editor.hide(); + + // parse and show text + // (preparation already done in me.sendPaste()) + PasteViewer.run(); + } + + /** + * called after successful comment upload + * + * @name PasteEncrypter.showUploadedComment + * @private + * @function + * @param {int} status + * @param {object} data + */ + function showUploadedComment(status, data) { + // show success message + // Alert.showStatus('Comment posted.'); + + // reload paste + Controller.refreshPaste(function () { + // highlight sent comment + DiscussionViewer.highlightComment(data.id, true); + // reset error handler + Alert.setCustomHandler(null); + }); + } + + /** + * adds attachments to the Uploader + * + * @name PasteEncrypter.encryptAttachments + * @private + * @function + * @param {File|null|undefined} file - optional, falls back to cloned attachment + * @param {function} callback - excuted when action is successful + */ + function encryptAttachments(file, callback) { + if (typeof file !== 'undefined' && file !== null) { + // check file reader requirements for upload + if (typeof FileReader === 'undefined') { + Alert.showError('Your browser does not support uploading encrypted files. Please use a newer browser.'); + // cancels process as it does not execute callback return; } - // show proper elements on screen - this.stateExistingPaste(); - this.displayMessages(); - } - // display error message from php code - else if (this.errorMessage.text().length > 1) - { - this.showError(this.errorMessage.text()); - } - // create a new paste - else - { - this.newPaste(); + var reader = new FileReader(); + + // closure to capture the file information + reader.onload = function(event) { + Uploader.setData('attachment', event.target.result); + Uploader.setData('attachmentname', file.name); + + // run callback + return callback(); + } + + // actually read first file + reader.readAsDataURL(file); + } else if (AttachmentViewer.hasAttachment()) { + // fall back to cloned part + var attachment = AttachmentViewer.getAttachment(); + + Uploader.setData('attachment', attachment[0]); + Uploader.setData('attachmentname', attachment[1]); + return callback(); + } else { + // if there are no attachments, this is of course still successful + return callback(); } } - } + + /** + * send a reply in a discussion + * + * @name PasteEncrypter.sendComment + * @function + */ + me.sendComment = function() + { + Alert.hideMessages(); + Alert.setCustomHandler(DiscussionViewer.handleNotification); + + // UI loading state + TopNav.hideAllButtons(); + Alert.showLoading('Sending comment…', 0, 'cloud-upload'); + + // get data, note that "var [x, y] = " structures aren't supported in all JS environments + var replyData = DiscussionViewer.getReplyData(), + plainText = replyData[0], + nickname = replyData[1], + parentid = DiscussionViewer.getReplyCommentId(); + + // do not send if there is no data + if (plainText.length === 0) { + // revert loading status… + Alert.hideLoading(); + Alert.setCustomHandler(null); + TopNav.showViewButtons(); + return; + } + + // check entropy + if (!checkRequirements(function () { + me.sendComment(); + })) { + return; // to prevent multiple executions + } + Alert.showLoading(null, 10); + + // prepare Uploader + Uploader.prepare(); + Uploader.setCryptParameters(Prompt.getPassword(), Model.getPasteKey()); + + // set success/fail functions + Uploader.setSuccess(showUploadedComment); + Uploader.setFailure(function (status, data) { + // revert loading status… + Alert.hideLoading(); + TopNav.showViewButtons(); + + // show error message + Alert.showError(Uploader.parseUploadError(status, data, 'post comment')); + + // reset error handler + Alert.setCustomHandler(null); + }); + + // fill it with unencrypted params + Uploader.setUnencryptedData('pasteid', Model.getPasteId()); + if (typeof parentid === 'undefined') { + // if parent id is not set, this is the top-most comment, so use + // paste id as parent @TODO is this really good? + Uploader.setUnencryptedData('parentid', Model.getPasteId()); + } else { + Uploader.setUnencryptedData('parentid', parentid); + } + + // encrypt data + Uploader.setData('data', plainText); + + if (nickname.length > 0) { + Uploader.setData('nickname', nickname); + } + + Uploader.run(); + } + + /** + * sends a new paste to server + * + * @name PasteEncrypter.sendPaste + * @function + */ + me.sendPaste = function() + { + // hide previous (error) messages + Controller.hideStatusMessages(); + + // UI loading state + TopNav.hideAllButtons(); + Alert.showLoading('Sending paste…', 0, 'cloud-upload'); + TopNav.collapseBar(); + + // get data + var plainText = Editor.getText(), + format = PasteViewer.getFormat(), + files = TopNav.getFileList(); + + // do not send if there is no data + if (plainText.length === 0 && files === null) { + // revert loading status… + Alert.hideLoading(); + TopNav.showCreateButtons(); + return; + } + + Alert.showLoading(null, 10); + + // check entropy + if (!checkRequirements(function () { + me.sendPaste(); + })) { + return; // to prevent multiple executions + } + + // prepare Uploader + Uploader.prepare(); + Uploader.setCryptParameters(TopNav.getPassword()); + + // set success/fail functions + Uploader.setSuccess(showCreatedPaste); + Uploader.setFailure(function (status, data) { + // revert loading status… + Alert.hideLoading(); + TopNav.showCreateButtons(); + + // show error message + Alert.showError(Uploader.parseUploadError(status, data, 'create paste')); + }); + + // fill it with unencrypted submitted options + Uploader.setUnencryptedBulkData({ + expire: TopNav.getExpiration(), + formatter: format, + burnafterreading: TopNav.getBurnAfterReading() ? 1 : 0, + opendiscussion: TopNav.getOpenDiscussion() ? 1 : 0 + }); + + // prepare PasteViewer for later preview + PasteViewer.setText(plainText); + PasteViewer.setFormat(format); + + // encrypt cipher data + Uploader.setData('data', plainText); + + // encrypt attachments + encryptAttachments( + files === null ? null : files[0], + function () { + // send data + Uploader.run(); + } + ); + } + + /** + * initialize + * + * @name PasteEncrypter.init + * @function + */ + me.init = function() + { + // nothing yet + } + + return me; + })(); /** - * main application start, called when DOM is fully loaded and - * runs controller initalization after translations are loaded + * (controller) Responsible for decrypting cipherdata and passing data to view. + * + * Only decryption, no download. + * + * @name PasteDecrypter + * @class */ - $(i18n.loadTranslations); + var PasteDecrypter = (function () { + var me = {}; + + /** + * decrypt data or prompts for password in cvase of failure + * + * @name PasteDecrypter.decryptOrPromptPassword + * @private + * @function + * @param {string} key + * @param {string} password - optional, may be an empty string + * @param {string} cipherdata + * @throws {string} + * @return {false|string} false, when unsuccessful or string (decrypted data) + */ + function decryptOrPromptPassword(key, password, cipherdata) + { + // try decryption without password + var plaindata = CryptTool.decipher(key, password, cipherdata); + + // if it fails, request password + if (plaindata.length === 0 && password.length === 0) { + // try to get cached password first + password = Prompt.getPassword(); + + // if password is there, re-try + if (password.length === 0) { + password = Prompt.requestPassword(); + } + // recursive + // note: an infinite loop is prevented as the previous if + // clause checks whether a password is already set and ignores + // errors when a password has been passed + return decryptOrPromptPassword.apply(key, password, cipherdata); + } + + // if all tries failed, we can only return an error + if (plaindata.length === 0) { + throw 'failed to decipher data'; + } + + return plaindata; + } + + /** + * decrypt the actual paste text + * + * @name PasteDecrypter.decryptOrPromptPassword + * @private + * @function + * @param {object} paste - paste data in object form + * @param {string} key + * @param {string} password + * @param {bool} ignoreError - ignore decryption errors iof set to true + * @return {bool} whether action was successful + * @throws {string} + */ + function decryptPaste(paste, key, password, ignoreError) + { + var plaintext + if (ignoreError === true) { + plaintext = CryptTool.decipher(key, password, paste.data); + } else { + try { + plaintext = decryptOrPromptPassword(key, password, paste.data); + } catch (err) { + throw 'failed to decipher paste text: ' + err + } + if (plaintext === false) { + return false; + } + } + + // on success show paste + PasteViewer.setFormat(paste.meta.formatter); + PasteViewer.setText(plaintext); + // trigger to show the text (attachment loaded afterwards) + PasteViewer.run(); + + return true; + } + + /** + * decrypts any attachment + * + * @name PasteDecrypter.decryptAttachment + * @private + * @function + * @param {object} paste - paste data in object form + * @param {string} key + * @param {string} password + * @return {bool} whether action was successful + * @throws {string} + */ + function decryptAttachment(paste, key, password) + { + // decrypt attachment + try { + var attachment = decryptOrPromptPassword(key, password, paste.attachment); + } catch (err) { + throw 'failed to decipher attachment: ' + err + } + if (attachment === false) { + return false; + } + + // decrypt attachment name + var attachmentName; + if (paste.attachmentname) { + try { + attachmentName = decryptOrPromptPassword(key, password, paste.attachmentname); + } catch (err) { + throw 'failed to decipher attachment name: ' + err + } + if (attachmentName === false) { + return false; + } + } + + AttachmentViewer.setAttachment(attachment, attachmentName); + AttachmentViewer.showAttachment(); + + return true; + } + + /** + * decrypts all comments and shows them + * + * @name PasteDecrypter.decryptComments + * @private + * @function + * @param {object} paste - paste data in object form + * @param {string} key + * @param {string} password + * @return {bool} whether action was successful + */ + function decryptComments(paste, key, password) + { + // remove potentially previous discussion + DiscussionViewer.prepareNewDisucssion(); + + // iterate over comments + for (var i = 0; i < paste.comments.length; ++i) { + var comment = paste.comments[i]; + + DiscussionViewer.addComment( + comment, + CryptTool.decipher(key, password, comment.data), + CryptTool.decipher(key, password, comment.meta.nickname) + ); + } + + DiscussionViewer.finishDiscussion(); + DiscussionViewer.showDiscussion(); + return true; + } + + /** + * show decrypted text in the display area, including discussion (if open) + * + * @name PasteDecrypter.run + * @function + * @param {Object} [paste] - (optional) object including comments to display (items = array with keys ('data','meta')) + */ + me.run = function(paste) + { + Alert.hideMessages(); + Alert.showLoading('Decrypting paste…', 0, 'cloud-download'); // @TODO icon maybe rotation-lock, but needs full Glyphicons + + if (typeof paste === 'undefined') { + paste = $.parseJSON(Model.getCipherData()); + } + + var key = Model.getPasteKey(), + password = Prompt.getPassword(); + + if (PasteViewer.isPrettyPrinted()) { + console.error('Too pretty! (don\'t know why this check)'); //@TODO + return; + } + + // try to decrypt the paste + try { + // decrypt attachments + if (paste.attachment) { + // try to decrypt paste and if it fails (because the password is + // missing) return to let JS continue and wait for user + if (!decryptAttachment(paste, key, password)) { + return; + } + // ignore empty paste, as this is allowed when pasting attachments + decryptPaste(paste, key, password, true); + } else { + decryptPaste(paste, key, password); + } + + + // shows the remaining time (until) deletion + PasteStatus.showRemainingTime(paste.meta); + + // if the discussion is opened on this paste, display it + if (paste.meta.opendiscussion) { + decryptComments(paste, key, password); + } + + Alert.hideLoading(); + TopNav.showViewButtons(); + } catch(err) { + Alert.hideLoading(); + + // log and show error + console.error(err); + Alert.showError('Could not decrypt data (Wrong key?)'); + } + } + + /** + * initialize + * + * @name PasteDecrypter.init + * @function + */ + me.init = function() + { + // nothing yet + } + + return me; + })(); + + /** + * (controller) main PrivateBin logic + * + * @name Controller + * @param {object} window + * @param {object} document + * @class + */ + var Controller = (function (window, document) { + var me = {}; + + /** + * hides all status messages no matter which module showed them + * + * @name Controller.hideStatusMessages + * @function + */ + me.hideStatusMessages = function() + { + PasteStatus.hideMessages(); + Alert.hideMessages(); + } + + /** + * creates a new paste + * + * @name Controller.newPaste + * @function + */ + me.newPaste = function() + { + // Important: This *must not* run Alert.hideMessages() as previous + // errors from viewing a paste should be shown. + TopNav.hideAllButtons(); + Alert.showLoading('Preparing new paste…', 0, 'time'); + + PasteStatus.hideMessages(); + PasteViewer.hide(); + Editor.resetInput(); + Editor.show(); + Editor.focusInput(); + + TopNav.showCreateButtons(); + Alert.hideLoading(); + } + + /** + * shows the loaded paste + * + * @name Controller.showPaste + * @function + */ + me.showPaste = function() + { + try { + Model.getPasteId(); + Model.getPasteKey(); + } catch (err) { + console.error(err); + + // missing decryption key (or paste ID) in URL? + if (window.location.hash.length === 0) { + Alert.showError('Cannot decrypt paste: Decryption key missing in URL (Did you use a redirector or an URL shortener which strips part of the URL?)'); + // @TODO adjust error message as it is less specific now, probably include thrown exception for a detailed error + return; + } + } + + // show proper elements on screen + PasteDecrypter.run(); + } + + /** + * refreshes the loaded paste to show potential new data + * + * @name Controller.refreshPaste + * @function + * @param {function} callback + */ + me.refreshPaste = function(callback) + { + // save window position to restore it later + var orgPosition = $(window).scrollTop(); + + Uploader.prepare(); + Uploader.setUrl(Helper.baseUri() + '?' + Model.getPasteId()); + + Uploader.setFailure(function (status, data) { + // revert loading status… + Alert.hideLoading(); + TopNav.showViewButtons(); + + // show error message + Alert.showError(Uploader.parseUploadError(status, data, 'refresh display')); + }) + Uploader.setSuccess(function (status, data) { + PasteDecrypter.run(data); + + // restore position + window.scrollTo(0, orgPosition); + + callback(); + }) + Uploader.run(); + } + + /** + * clone the current paste + * + * @name Controller.clonePaste + * @function + * @param {Event} event + */ + me.clonePaste = function(event) + { + TopNav.collapseBar(); + TopNav.hideAllButtons(); + Alert.showLoading('Cloning paste…', 0, 'transfer'); + + // hide messages from previous paste + me.hideStatusMessages(); + + // erase the id and the key in url + history.pushState({type: 'clone'}, document.title, Helper.baseUri()); + + if (AttachmentViewer.hasAttachment()) { + AttachmentViewer.moveAttachmentTo( + TopNav.getCustomAttachment(), + 'Cloned: \'%s\'' + ); + TopNav.hideFileSelector(); + AttachmentViewer.hideAttachment(); + // NOTE: it also looks nice without removing the attachment + // but for a consistent display we remove it… + AttachmentViewer.hideAttachmentPreview(); + TopNav.showCustomAttachment(); + + // show another status message to make the user aware that the + // file was cloned too! + Alert.showStatus( + [ + 'The cloned file \'%s\' was attached to this paste.', + AttachmentViewer.getAttachment()[1] + ], 'copy', true, true); + } + + Editor.setText(PasteViewer.getText()) + PasteViewer.hide(); + Editor.show(); + + Alert.hideLoading(); + TopNav.showCreateButtons(); + } + + /** + * removes a saved paste + * + * @name Controller.removePaste + * @function + * @param {string} pasteId + * @param {string} deleteToken + */ + me.removePaste = function(pasteId, deleteToken) { + // unfortunately many web servers don't support DELETE (and PUT) out of the box + // so we use a POST request + Uploader.prepare(); + Uploader.setUrl(Helper.baseUri() + '?' + pasteId); + Uploader.setUnencryptedData('deletetoken', deleteToken); + + Uploader.setFailure(function () { + Controller.showError(I18n._('Could not delete the paste, it was not stored in burn after reading mode.')); + }) + Uploader.run(); + } + + /** + * application start + * + * @name Controller.init + * @function + */ + me.init = function() + { + // first load translations + I18n.loadTranslations(); + + // initialize other modules/"classes" + Alert.init(); + Model.init(); + + AttachmentViewer.init(); + DiscussionViewer.init(); + Editor.init(); + PasteDecrypter.init(); + PasteEncrypter.init(); + PasteStatus.init(); + PasteViewer.init(); + Prompt.init(); + TopNav.init(); + UiHelper.init(); + Uploader.init(); + + // display an existing paste + if (Model.hasCipherData()) { + return me.showPaste(); + } + + // otherwise create a new paste + me.newPaste(); + } + + return me; + })(window, document); return { - helper: helper, - i18n: i18n, - filter: filter, - controller: controller + Helper: Helper, + I18n: I18n, + CryptTool: CryptTool, + Model: Model, + UiHelper: UiHelper, + Alert: Alert, + PasteStatus: PasteStatus, + Prompt: Prompt, + Editor: Editor, + PasteViewer: PasteViewer, + AttachmentViewer: AttachmentViewer, + DiscussionViewer: DiscussionViewer, + TopNav: TopNav, + Uploader: Uploader, + PasteEncrypter: PasteEncrypter, + PasteDecrypter: PasteDecrypter, + Controller: Controller }; }(jQuery, sjcl, Base64, RawDeflate); diff --git a/js/test.js b/js/test.js index 68792069..2d5a544c 100644 --- a/js/test.js +++ b/js/test.js @@ -11,7 +11,9 @@ var jsc = require('jsverify'), a2zString.map(function(c) { return c.toUpperCase(); }) - ); + ), + // schemas supported by the whatwg-url library + schemas = ['ftp','gopher','http','https','ws','wss']; global.$ = global.jQuery = require('./jquery-3.1.1'); global.sjcl = require('./sjcl-1.0.6'); @@ -20,49 +22,49 @@ global.RawDeflate = require('./rawdeflate-0.5'); require('./rawinflate-0.3'); require('./privatebin'); -describe('helper', function () { +describe('Helper', function () { describe('secondsToHuman', function () { after(function () { cleanup(); }); jsc.property('returns an array with a number and a word', 'integer', function (number) { - var result = $.PrivateBin.helper.secondsToHuman(number); + var result = $.PrivateBin.Helper.secondsToHuman(number); return Array.isArray(result) && result.length === 2 && result[0] === parseInt(result[0], 10) && typeof result[1] === 'string'; }); jsc.property('returns seconds on the first array position', 'integer 59', function (number) { - return $.PrivateBin.helper.secondsToHuman(number)[0] === number; + return $.PrivateBin.Helper.secondsToHuman(number)[0] === number; }); jsc.property('returns seconds on the second array position', 'integer 59', function (number) { - return $.PrivateBin.helper.secondsToHuman(number)[1] === 'second'; + return $.PrivateBin.Helper.secondsToHuman(number)[1] === 'second'; }); jsc.property('returns minutes on the first array position', 'integer 60 3599', function (number) { - return $.PrivateBin.helper.secondsToHuman(number)[0] === Math.floor(number / 60); + return $.PrivateBin.Helper.secondsToHuman(number)[0] === Math.floor(number / 60); }); jsc.property('returns minutes on the second array position', 'integer 60 3599', function (number) { - return $.PrivateBin.helper.secondsToHuman(number)[1] === 'minute'; + return $.PrivateBin.Helper.secondsToHuman(number)[1] === 'minute'; }); jsc.property('returns hours on the first array position', 'integer 3600 86399', function (number) { - return $.PrivateBin.helper.secondsToHuman(number)[0] === Math.floor(number / (60 * 60)); + return $.PrivateBin.Helper.secondsToHuman(number)[0] === Math.floor(number / (60 * 60)); }); jsc.property('returns hours on the second array position', 'integer 3600 86399', function (number) { - return $.PrivateBin.helper.secondsToHuman(number)[1] === 'hour'; + return $.PrivateBin.Helper.secondsToHuman(number)[1] === 'hour'; }); jsc.property('returns days on the first array position', 'integer 86400 5184000', function (number) { - return $.PrivateBin.helper.secondsToHuman(number)[0] === Math.floor(number / (60 * 60 * 24)); + return $.PrivateBin.Helper.secondsToHuman(number)[0] === Math.floor(number / (60 * 60 * 24)); }); jsc.property('returns days on the second array position', 'integer 86400 5184000', function (number) { - return $.PrivateBin.helper.secondsToHuman(number)[1] === 'day'; + return $.PrivateBin.Helper.secondsToHuman(number)[1] === 'day'; }); // max safe integer as per http://ecma262-5.com/ELS5_HTML.htm#Section_8.5 jsc.property('returns months on the first array position', 'integer 5184000 9007199254740991', function (number) { - return $.PrivateBin.helper.secondsToHuman(number)[0] === Math.floor(number / (60 * 60 * 24 * 30)); + return $.PrivateBin.Helper.secondsToHuman(number)[0] === Math.floor(number / (60 * 60 * 24 * 30)); }); jsc.property('returns months on the second array position', 'integer 5184000 9007199254740991', function (number) { - return $.PrivateBin.helper.secondsToHuman(number)[1] === 'month'; + return $.PrivateBin.Helper.secondsToHuman(number)[1] === 'month'; }); }); @@ -77,11 +79,11 @@ describe('helper', function () { var html = '', result = true; ids.forEach(function(item, i) { - html += '
' + $.PrivateBin.helper.htmlEntities(contents[i] || contents[0]) + '
'; + html += '
' + $.PrivateBin.Helper.htmlEntities(contents[i] || contents[0]) + '
'; }); var clean = jsdom(html); ids.forEach(function(item, i) { - $.PrivateBin.helper.selectText(item.join('')); + $.PrivateBin.Helper.selectText(item.join('')); // TODO: As per https://github.com/tmpvar/jsdom/issues/321 there is no getSelection in jsdom, yet. // Once there is one, uncomment the line below to actually check the result. //result *= (contents[i] || contents[0]) === window.getSelection().toString(); @@ -106,13 +108,13 @@ describe('helper', function () { var html = '', result = true; ids.forEach(function(item, i) { - html += '
' + $.PrivateBin.helper.htmlEntities(contents[i] || contents[0]) + '
'; + html += '
' + $.PrivateBin.Helper.htmlEntities(contents[i] || contents[0]) + '
'; }); var elements = $('').html(html); ids.forEach(function(item, i) { var id = item.join(''), element = elements.find('#' + id).first(); - $.PrivateBin.helper.setElementText(element, replacingContent); + $.PrivateBin.Helper.setElementText(element, replacingContent); result *= replacingContent === element.text(); }); return Boolean(result); @@ -120,56 +122,6 @@ describe('helper', function () { ); }); - describe('setMessage', function () { - after(function () { - cleanup(); - }); - - jsc.property( - 'replaces the content of an empty element, analog to setElementText', - jsc.nearray(jsc.nearray(jsc.elements(alnumString))), - 'nearray string', - 'string', - function (ids, contents, replacingContent) { - var html = '', - result = true; - ids.forEach(function(item, i) { - html += '
' + $.PrivateBin.helper.htmlEntities(contents[i] || contents[0]) + '
'; - }); - var elements = $('').html(html); - ids.forEach(function(item, i) { - var id = item.join(''), - element = elements.find('#' + id).first(); - $.PrivateBin.helper.setMessage(element, replacingContent); - result *= replacingContent === element.text(); - }); - return Boolean(result); - } - ); - jsc.property( - 'replaces the last child of a non-empty element', - jsc.nearray(jsc.nearray(jsc.elements(alnumString))), - jsc.nearray(jsc.nearray(jsc.elements(alnumString))), - 'nearray string', - 'string', - function (ids, classes, contents, replacingContent) { - var html = '', - result = true; - ids.forEach(function(item, i) { - html += '
' + $.PrivateBin.helper.htmlEntities(contents[i] || contents[0]) + '
'; - }); - var elements = $('').html(html); - ids.forEach(function(item, i) { - var id = item.join(''), - element = elements.find('#' + id).first(); - $.PrivateBin.helper.setMessage(element, replacingContent); - result *= ' ' + replacingContent === element.contents()[1].nodeValue; - }); - return Boolean(result); - } - ); - }); - describe('urls2links', function () { after(function () { cleanup(); @@ -181,7 +133,7 @@ describe('helper', function () { function (content) { var element = $('
' + content + '
'), before = element.html(); - $.PrivateBin.helper.urls2links(element); + $.PrivateBin.Helper.urls2links(element); return before === element.html(); } ); @@ -197,8 +149,8 @@ describe('helper', function () { var query = query.join(''), fragment = fragment.join(''), url = schema + '://' + address.join('') + '/?' + query + '#' + fragment, - prefix = $.PrivateBin.helper.htmlEntities(prefix), - postfix = ' ' + $.PrivateBin.helper.htmlEntities(postfix), + prefix = $.PrivateBin.Helper.htmlEntities(prefix), + postfix = ' ' + $.PrivateBin.Helper.htmlEntities(postfix), element = $('
' + prefix + url + postfix + '
'); // special cases: When the query string and fragment imply the beginning of an HTML entity, eg. � or &#x @@ -212,7 +164,7 @@ describe('helper', function () { element = $('
' + prefix + url + '
'); } - $.PrivateBin.helper.urls2links(element); + $.PrivateBin.Helper.urls2links(element); return element.html() === $('
' + prefix + '' + url + '' + postfix + '
').html(); } ); @@ -223,10 +175,10 @@ describe('helper', function () { 'string', function (prefix, query, postfix) { var url = 'magnet:?' + query.join(''), - prefix = $.PrivateBin.helper.htmlEntities(prefix), - postfix = $.PrivateBin.helper.htmlEntities(postfix), + prefix = $.PrivateBin.Helper.htmlEntities(prefix), + postfix = $.PrivateBin.Helper.htmlEntities(postfix), element = $('
' + prefix + url + ' ' + postfix + '
'); - $.PrivateBin.helper.urls2links(element); + $.PrivateBin.Helper.urls2links(element); return element.html() === $('
' + prefix + '' + url + ' ' + postfix + '
').html(); } ); @@ -247,8 +199,7 @@ describe('helper', function () { postfix = postfix.replace(/%(s|d)/g, '%%'), result = prefix + params[0] + postfix; params.unshift(prefix + '%s' + postfix); - return result === $.PrivateBin.helper.sprintf.apply(this, params) && - result === $.PrivateBin.helper.sprintf(params); + return result === $.PrivateBin.Helper.sprintf.apply(this, params); } ); jsc.property( @@ -261,8 +212,7 @@ describe('helper', function () { postfix = postfix.replace(/%(s|d)/g, '%%'), result = prefix + params[0] + postfix; params.unshift(prefix + '%d' + postfix); - return result === $.PrivateBin.helper.sprintf.apply(this, params) && - result === $.PrivateBin.helper.sprintf(params); + return result === $.PrivateBin.Helper.sprintf.apply(this, params); } ); jsc.property( @@ -275,8 +225,7 @@ describe('helper', function () { postfix = postfix.replace(/%(s|d)/g, '%%'), result = prefix + '0' + postfix; params.unshift(prefix + '%d' + postfix); - return result === $.PrivateBin.helper.sprintf.apply(this, params) && - result === $.PrivateBin.helper.sprintf(params); + return result === $.PrivateBin.Helper.sprintf.apply(this, params) } ); jsc.property( @@ -291,8 +240,7 @@ describe('helper', function () { postfix = postfix.replace(/%(s|d)/g, '%%'), params = [prefix + '%d' + middle + '%s' + postfix, uint, string], result = prefix + uint + middle + string + postfix; - return result === $.PrivateBin.helper.sprintf.apply(this, params) && - result === $.PrivateBin.helper.sprintf(params); + return result === $.PrivateBin.Helper.sprintf.apply(this, params); } ); jsc.property( @@ -307,8 +255,7 @@ describe('helper', function () { postfix = postfix.replace(/%(s|d)/g, '%%'), params = [prefix + '%s' + middle + '%d' + postfix, string, uint], result = prefix + string + middle + uint + postfix; - return result === $.PrivateBin.helper.sprintf.apply(this, params) && - result === $.PrivateBin.helper.sprintf(params); + return result === $.PrivateBin.Helper.sprintf.apply(this, params); } ); }); @@ -333,88 +280,35 @@ describe('helper', function () { } }); var clean = jsdom('', {cookie: cookieArray}), - result = $.PrivateBin.helper.getCookie(selectedKey); + result = $.PrivateBin.Helper.getCookie(selectedKey); clean(); return result === selectedValue; } ); }); - describe('scriptLocation', function () { + describe('baseUri', function () { + before(function () { + $.PrivateBin.Helper.reset(); + }); + jsc.property( 'returns the URL without query & fragment', - jsc.nearray(jsc.elements(a2zString)), + jsc.elements(schemas), jsc.nearray(jsc.elements(a2zString)), jsc.array(jsc.elements(queryString)), 'string', function (schema, address, query, fragment) { - var expected = schema.join('') + '://' + address.join('') + '/', + var expected = schema + '://' + address.join('') + '/', clean = jsdom('', {url: expected + '?' + query.join('') + '#' + fragment}), - result = $.PrivateBin.helper.scriptLocation(); + result = $.PrivateBin.Helper.baseUri(); + $.PrivateBin.Helper.reset(); clean(); return expected === result; } ); }); - describe('pasteId', function () { - jsc.property( - 'returns the query string without separator, if any', - jsc.nearray(jsc.elements(a2zString)), - jsc.nearray(jsc.elements(a2zString)), - jsc.array(jsc.elements(queryString)), - 'string', - function (schema, address, query, fragment) { - var queryString = query.join(''), - clean = jsdom('', { - url: schema.join('') + '://' + address.join('') + - '/?' + queryString + '#' + fragment - }), - result = $.PrivateBin.helper.pasteId(); - clean(); - return queryString === result; - } - ); - }); - - describe('pageKey', function () { - jsc.property( - 'returns the fragment of the URL', - jsc.nearray(jsc.elements(a2zString)), - jsc.nearray(jsc.elements(a2zString)), - jsc.array(jsc.elements(queryString)), - jsc.array(jsc.elements(base64String)), - function (schema, address, query, fragment) { - var fragmentString = fragment.join(''), - clean = jsdom('', { - url: schema.join('') + '://' + address.join('') + - '/?' + query.join('') + '#' + fragmentString - }), - result = $.PrivateBin.helper.pageKey(); - clean(); - return fragmentString === result; - } - ); - jsc.property( - 'returns the fragment stripped of trailing query parts', - jsc.nearray(jsc.elements(a2zString)), - jsc.nearray(jsc.elements(a2zString)), - jsc.array(jsc.elements(queryString)), - jsc.array(jsc.elements(base64String)), - jsc.array(jsc.elements(queryString)), - function (schema, address, query, fragment, trail) { - var fragmentString = fragment.join(''), - clean = jsdom('', { - url: schema.join('') + '://' + address.join('') + '/?' + - query.join('') + '#' + fragmentString + '&' + trail.join('') - }), - result = $.PrivateBin.helper.pageKey(); - clean(); - return fragmentString === result; - } - ); - }); - describe('htmlEntities', function () { after(function () { cleanup(); @@ -424,9 +318,76 @@ describe('helper', function () { 'removes all HTML entities from any given string', 'string', function (string) { - var result = $.PrivateBin.helper.htmlEntities(string); + var result = $.PrivateBin.Helper.htmlEntities(string); return !(/[<>"'`=\/]/.test(result)) && !(string.indexOf('&') > -1 && !(/&/.test(result))); } ); }); }); + +describe('Model', function () { + describe('getPasteId', function () { + before(function () { + $.PrivateBin.Model.reset(); + }); + + jsc.property( + 'returns the query string without separator, if any', + jsc.nearray(jsc.elements(a2zString)), + jsc.nearray(jsc.elements(a2zString)), + jsc.nearray(jsc.elements(queryString)), + 'string', + function (schema, address, query, fragment) { + var queryString = query.join(''), + clean = jsdom('', { + url: schema.join('') + '://' + address.join('') + + '/?' + queryString + '#' + fragment + }), + result = $.PrivateBin.Model.getPasteId(); + $.PrivateBin.Model.reset(); + clean(); + return queryString === result; + } + ); + }); + + describe('getPasteKey', function () { + jsc.property( + 'returns the fragment of the URL', + jsc.nearray(jsc.elements(a2zString)), + jsc.nearray(jsc.elements(a2zString)), + jsc.array(jsc.elements(queryString)), + jsc.nearray(jsc.elements(base64String)), + function (schema, address, query, fragment) { + var fragmentString = fragment.join(''), + clean = jsdom('', { + url: schema.join('') + '://' + address.join('') + + '/?' + query.join('') + '#' + fragmentString + }), + result = $.PrivateBin.Model.getPasteKey(); + $.PrivateBin.Model.reset(); + clean(); + return fragmentString === result; + } + ); + jsc.property( + 'returns the fragment stripped of trailing query parts', + jsc.nearray(jsc.elements(a2zString)), + jsc.nearray(jsc.elements(a2zString)), + jsc.array(jsc.elements(queryString)), + jsc.nearray(jsc.elements(base64String)), + jsc.array(jsc.elements(queryString)), + function (schema, address, query, fragment, trail) { + var fragmentString = fragment.join(''), + clean = jsdom('', { + url: schema.join('') + '://' + address.join('') + '/?' + + query.join('') + '#' + fragmentString + '&' + trail.join('') + }), + result = $.PrivateBin.Model.getPasteKey(); + $.PrivateBin.Model.reset(); + clean(); + return fragmentString === result; + } + ); + }); +}); diff --git a/lib/.htaccess b/lib/.htaccess index b584d98c..b66e8088 100644 --- a/lib/.htaccess +++ b/lib/.htaccess @@ -1,2 +1 @@ -Allow from none -Deny from all +Require all denied diff --git a/lib/Data/AbstractData.php b/lib/Data/AbstractData.php index c5eae217..41260f89 100644 --- a/lib/Data/AbstractData.php +++ b/lib/Data/AbstractData.php @@ -58,7 +58,7 @@ abstract class AbstractData * @access public * @static * @param array $options - * @return privatebin_abstract + * @return AbstractData */ public static function getInstance($options) { @@ -88,7 +88,6 @@ abstract class AbstractData * * @access public * @param string $pasteid - * @return void */ abstract public function delete($pasteid); @@ -147,7 +146,6 @@ abstract class AbstractData * * @access public * @param int $batchsize - * @return void */ public function purge($batchsize) { diff --git a/lib/Data/Database.php b/lib/Data/Database.php index 66744848..c35df3b0 100644 --- a/lib/Data/Database.php +++ b/lib/Data/Database.php @@ -282,7 +282,6 @@ class Database extends AbstractData * * @access public * @param string $pasteid - * @return void */ public function delete($pasteid) { @@ -375,11 +374,10 @@ class Database extends AbstractData $comments[$i]->data = $row['data']; $comments[$i]->meta = new stdClass; $comments[$i]->meta->postdate = (int) $row['postdate']; - if (array_key_exists('nickname', $row) && !empty($row['nickname'])) { - $comments[$i]->meta->nickname = $row['nickname']; - } - if (array_key_exists('vizhash', $row) && !empty($row['vizhash'])) { - $comments[$i]->meta->vizhash = $row['vizhash']; + foreach (array('nickname', 'vizhash') as $key) { + if (array_key_exists($key, $row) && !empty($row[$key])) { + $comments[$i]->meta->$key = $row[$key]; + } } } ksort($comments); @@ -564,7 +562,6 @@ class Database extends AbstractData * * @access private * @static - * @return void */ private static function _createPasteTable() { @@ -589,7 +586,6 @@ class Database extends AbstractData * * @access private * @static - * @return void */ private static function _createCommentTable() { @@ -616,7 +612,6 @@ class Database extends AbstractData * * @access private * @static - * @return void */ private static function _createConfigTable() { @@ -651,7 +646,6 @@ class Database extends AbstractData * @access private * @static * @param string $oldversion - * @return void */ private static function _upgradeDatabase($oldversion) { diff --git a/lib/Data/Filesystem.php b/lib/Data/Filesystem.php index ca9befb3..4100e291 100644 --- a/lib/Data/Filesystem.php +++ b/lib/Data/Filesystem.php @@ -12,8 +12,8 @@ namespace PrivateBin\Data; -use PrivateBin\Json; use PrivateBin\Model\Paste; +use PrivateBin\Persistence\DataStore; /** * Filesystem @@ -22,15 +22,6 @@ use PrivateBin\Model\Paste; */ class Filesystem extends AbstractData { - /** - * directory where data is stored - * - * @access private - * @static - * @var string - */ - private static $_dir = 'data/'; - /** * get instance of singleton * @@ -41,17 +32,16 @@ class Filesystem extends AbstractData */ public static function getInstance($options = null) { + // if needed initialize the singleton + if (!(self::$_instance instanceof self)) { + self::$_instance = new self; + } // if given update the data directory if ( is_array($options) && array_key_exists('dir', $options) ) { - self::$_dir = $options['dir'] . DIRECTORY_SEPARATOR; - } - // if needed initialize the singleton - if (!(self::$_instance instanceof self)) { - self::$_instance = new self; - self::_init(); + DataStore::setPath($options['dir']); } return self::$_instance; } @@ -62,19 +52,19 @@ class Filesystem extends AbstractData * @access public * @param string $pasteid * @param array $paste - * @throws Exception * @return bool */ public function create($pasteid, $paste) { $storagedir = self::_dataid2path($pasteid); - if (is_file($storagedir . $pasteid)) { + $file = $storagedir . $pasteid; + if (is_file($file)) { return false; } if (!is_dir($storagedir)) { mkdir($storagedir, 0700, true); } - return (bool) file_put_contents($storagedir . $pasteid, Json::encode($paste)); + return DataStore::store($file, $paste); } /** @@ -108,7 +98,6 @@ class Filesystem extends AbstractData * * @access public * @param string $pasteid - * @return void */ public function delete($pasteid) { @@ -155,20 +144,19 @@ class Filesystem extends AbstractData * @param string $parentid * @param string $commentid * @param array $comment - * @throws Exception * @return bool */ public function createComment($pasteid, $parentid, $commentid, $comment) { $storagedir = self::_dataid2discussionpath($pasteid); - $filename = $pasteid . '.' . $commentid . '.' . $parentid; - if (is_file($storagedir . $filename)) { + $file = $storagedir . $pasteid . '.' . $commentid . '.' . $parentid; + if (is_file($file)) { return false; } if (!is_dir($storagedir)) { mkdir($storagedir, 0700, true); } - return (bool) file_put_contents($storagedir . $filename, Json::encode($comment)); + return DataStore::store($file, $comment); } /** @@ -237,8 +225,9 @@ class Filesystem extends AbstractData protected function _getExpiredPastes($batchsize) { $pastes = array(); + $mainpath = DataStore::getPath(); $firstLevel = array_filter( - scandir(self::$_dir), + scandir($mainpath), 'self::_isFirstLevelDir' ); if (count($firstLevel) > 0) { @@ -246,7 +235,7 @@ class Filesystem extends AbstractData for ($i = 0, $max = $batchsize * 10; $i < $max; ++$i) { $firstKey = array_rand($firstLevel); $secondLevel = array_filter( - scandir(self::$_dir . $firstLevel[$firstKey]), + scandir($mainpath . DIRECTORY_SEPARATOR . $firstLevel[$firstKey]), 'self::_isSecondLevelDir' ); @@ -257,8 +246,9 @@ class Filesystem extends AbstractData } $secondKey = array_rand($secondLevel); - $path = self::$_dir . $firstLevel[$firstKey] . - DIRECTORY_SEPARATOR . $secondLevel[$secondKey]; + $path = $mainpath . DIRECTORY_SEPARATOR . + $firstLevel[$firstKey] . DIRECTORY_SEPARATOR . + $secondLevel[$secondKey]; if (!is_dir($path)) { continue; } @@ -292,29 +282,6 @@ class Filesystem extends AbstractData return $pastes; } - /** - * initialize privatebin - * - * @access private - * @static - * @return void - */ - private static function _init() - { - // Create storage directory if it does not exist. - if (!is_dir(self::$_dir)) { - mkdir(self::$_dir, 0700); - } - // Create .htaccess file if it does not exist. - if (!is_file(self::$_dir . '.htaccess')) { - file_put_contents( - self::$_dir . '.htaccess', - 'Allow from none' . PHP_EOL . - 'Deny from all' . PHP_EOL - ); - } - } - /** * Convert paste id to storage path. * @@ -332,8 +299,10 @@ class Filesystem extends AbstractData */ private static function _dataid2path($dataid) { - return self::$_dir . substr($dataid, 0, 2) . DIRECTORY_SEPARATOR . - substr($dataid, 2, 2) . DIRECTORY_SEPARATOR; + return DataStore::getPath( + substr($dataid, 0, 2) . DIRECTORY_SEPARATOR . + substr($dataid, 2, 2) . DIRECTORY_SEPARATOR + ); } /** @@ -363,7 +332,7 @@ class Filesystem extends AbstractData private static function _isFirstLevelDir($element) { return self::_isSecondLevelDir($element) && - is_dir(self::$_dir . DIRECTORY_SEPARATOR . $element); + is_dir(DataStore::getPath($element)); } /** diff --git a/lib/Filter.php b/lib/Filter.php index 60f6f170..951e2651 100644 --- a/lib/Filter.php +++ b/lib/Filter.php @@ -21,21 +21,6 @@ use Exception; */ class Filter { - /** - * strips slashes deeply - * - * @access public - * @static - * @param mixed $value - * @return mixed - */ - public static function stripslashesDeep($value) - { - return is_array($value) ? - array_map('self::stripslashesDeep', $value) : - stripslashes($value); - } - /** * format a given time string into a human readable label (localized) * diff --git a/lib/I18n.php b/lib/I18n.php index 4c59ef57..2bee73ec 100644 --- a/lib/I18n.php +++ b/lib/I18n.php @@ -135,15 +135,17 @@ class I18n * * @access public * @static - * @return void */ public static function loadTranslations() { $availableLanguages = self::getAvailableLanguages(); // check if the lang cookie was set and that language exists - if (array_key_exists('lang', $_COOKIE) && in_array($_COOKIE['lang'], $availableLanguages)) { - $match = $_COOKIE['lang']; + if ( + array_key_exists('lang', $_COOKIE) && + ($key = array_search($_COOKIE['lang'], $availableLanguages)) !== false + ) { + $match = $availableLanguages[$key]; } // find a translation file matching the browsers language preferences else { @@ -256,7 +258,6 @@ class I18n * @access public * @static * @param string $lang - * @return void */ public static function setLanguageFallback($lang) { @@ -304,7 +305,7 @@ class I18n return $n % 10 == 1 && $n % 100 != 11 ? 0 : ($n % 10 >= 2 && $n % 10 <= 4 && ($n % 100 < 10 || $n % 100 >= 20) ? 1 : 2); case 'sl': return $n % 100 == 1 ? 1 : ($n % 100 == 2 ? 2 : ($n % 100 == 3 || $n % 100 == 4 ? 3 : 0)); - // de, en, es, it, no + // de, en, es, it, no, pt default: return $n != 1 ? 1 : 0; } diff --git a/lib/Model.php b/lib/Model.php index fc795691..d1011f12 100644 --- a/lib/Model.php +++ b/lib/Model.php @@ -40,7 +40,6 @@ class Model * Factory constructor. * * @param configuration $conf - * @return void */ public function __construct(Configuration $conf) { @@ -64,8 +63,6 @@ class Model /** * Checks if a purge is necessary and triggers it if yes. - * - * @return void */ public function purge() { diff --git a/lib/Model/AbstractModel.php b/lib/Model/AbstractModel.php index 3dd48a83..55956b7a 100644 --- a/lib/Model/AbstractModel.php +++ b/lib/Model/AbstractModel.php @@ -63,7 +63,6 @@ abstract class AbstractModel * @access public * @param Configuration $configuration * @param AbstractData $storage - * @return void */ public function __construct(Configuration $configuration, AbstractData $storage) { @@ -90,7 +89,6 @@ abstract class AbstractModel * @access public * @param string $id * @throws Exception - * @return void */ public function setId($id) { @@ -106,7 +104,6 @@ abstract class AbstractModel * @access public * @param string $data * @throws Exception - * @return void */ public function setData($data) { @@ -133,7 +130,6 @@ abstract class AbstractModel * * @access public * @throws Exception - * @return void */ abstract public function store(); @@ -142,7 +138,6 @@ abstract class AbstractModel * * @access public * @throws Exception - * @return void */ abstract public function delete(); diff --git a/lib/Model/Comment.php b/lib/Model/Comment.php index 86f4ffa1..b67742d2 100644 --- a/lib/Model/Comment.php +++ b/lib/Model/Comment.php @@ -61,7 +61,6 @@ class Comment extends AbstractModel * * @access public * @throws Exception - * @return void */ public function store() { @@ -101,7 +100,6 @@ class Comment extends AbstractModel * * @access public * @throws Exception - * @return void */ public function delete() { @@ -129,7 +127,6 @@ class Comment extends AbstractModel * @access public * @param Paste $paste * @throws Exception - * @return void */ public function setPaste(Paste $paste) { @@ -154,7 +151,6 @@ class Comment extends AbstractModel * @access public * @param string $id * @throws Exception - * @return void */ public function setParentId($id) { @@ -184,7 +180,6 @@ class Comment extends AbstractModel * @access public * @param string $nickname * @throws Exception - * @return void */ public function setNickname($nickname) { diff --git a/lib/Model/Paste.php b/lib/Model/Paste.php index 038bfbc8..8f171fe1 100644 --- a/lib/Model/Paste.php +++ b/lib/Model/Paste.php @@ -75,7 +75,6 @@ class Paste extends AbstractModel * * @access public * @throws Exception - * @return void */ public function store() { @@ -103,7 +102,6 @@ class Paste extends AbstractModel * * @access public * @throws Exception - * @return void */ public function delete() { @@ -183,7 +181,6 @@ class Paste extends AbstractModel * @access public * @param string $attachment * @throws Exception - * @return void */ public function setAttachment($attachment) { @@ -199,7 +196,6 @@ class Paste extends AbstractModel * @access public * @param string $attachmentname * @throws Exception - * @return void */ public function setAttachmentName($attachmentname) { @@ -214,7 +210,6 @@ class Paste extends AbstractModel * * @access public * @param string $expiration - * @return void */ public function setExpiration($expiration) { @@ -236,7 +231,6 @@ class Paste extends AbstractModel * @access public * @param string $burnafterreading * @throws Exception - * @return void */ public function setBurnafterreading($burnafterreading = '1') { @@ -257,7 +251,6 @@ class Paste extends AbstractModel * @access public * @param string $opendiscussion * @throws Exception - * @return void */ public function setOpendiscussion($opendiscussion = '1') { @@ -281,7 +274,6 @@ class Paste extends AbstractModel * @access public * @param string $format * @throws Exception - * @return void */ public function setFormatter($format) { diff --git a/lib/Persistence/AbstractPersistence.php b/lib/Persistence/AbstractPersistence.php index 9aaa70bc..64fb530c 100644 --- a/lib/Persistence/AbstractPersistence.php +++ b/lib/Persistence/AbstractPersistence.php @@ -36,7 +36,6 @@ abstract class AbstractPersistence * @access public * @static * @param string $path - * @return void */ public static function setPath($path) { @@ -80,27 +79,23 @@ abstract class AbstractPersistence * @access protected * @static * @throws Exception - * @return void */ protected static function _initialize() { // Create storage directory if it does not exist. if (!is_dir(self::$_path)) { - if (!@mkdir(self::$_path)) { + if (!@mkdir(self::$_path, 0700)) { throw new Exception('unable to create directory ' . self::$_path, 10); } } - - // Create .htaccess file if it does not exist. $file = self::$_path . DIRECTORY_SEPARATOR . '.htaccess'; if (!is_file($file)) { $writtenBytes = @file_put_contents( $file, - 'Allow from none' . PHP_EOL . - 'Deny from all' . PHP_EOL, + 'Require all denied' . PHP_EOL, LOCK_EX ); - if ($writtenBytes === false || $writtenBytes < 30) { + if ($writtenBytes === false || $writtenBytes < 19) { throw new Exception('unable to write to file ' . $file, 11); } } diff --git a/lib/Persistence/DataStore.php b/lib/Persistence/DataStore.php new file mode 100644 index 00000000..56dde1a7 --- /dev/null +++ b/lib/Persistence/DataStore.php @@ -0,0 +1,47 @@ +_conf = new Configuration; $this->_model = new Model($this->_conf); $this->_request = new Request; @@ -324,7 +318,6 @@ class PrivateBin * @access private * @param string $dataid * @param string $deletetoken - * @return void */ private function _delete($dataid, $deletetoken) { @@ -334,19 +327,16 @@ class PrivateBin // accessing this property ensures that the paste would be // deleted if it has already expired $burnafterreading = $paste->isBurnafterreading(); - if ($deletetoken == 'burnafterreading') { - if ($burnafterreading) { - $paste->delete(); - $this->_return_message(0, $dataid); - } else { - $this->_return_message(1, 'Paste is not of burn-after-reading type.'); - } + if ( + ($burnafterreading && $deletetoken == 'burnafterreading') || + Filter::slowEquals($deletetoken, $paste->getDeleteToken()) + ) { + // Paste exists and deletion token is valid: Delete the paste. + $paste->delete(); + $this->_status = 'Paste was properly deleted.'; } else { - // Make sure the token is valid. - if (Filter::slowEquals($deletetoken, $paste->getDeleteToken())) { - // Paste exists and deletion token is valid: Delete the paste. - $paste->delete(); - $this->_status = 'Paste was properly deleted.'; + if (!$burnafterreading && $deletetoken == 'burnafterreading') { + $this->_error = 'Paste is not of burn-after-reading type.'; } else { $this->_error = 'Wrong deletion token. Paste was not deleted.'; } @@ -357,6 +347,13 @@ class PrivateBin } catch (Exception $e) { $this->_error = $e->getMessage(); } + if ($this->_request->isJsonApiCall()) { + if (strlen($this->_error)) { + $this->_return_message(1, $this->_error); + } else { + $this->_return_message(0, $dataid); + } + } } /** @@ -364,7 +361,6 @@ class PrivateBin * * @access private * @param string $dataid - * @return void */ private function _read($dataid) { @@ -397,7 +393,6 @@ class PrivateBin * Display PrivateBin frontend. * * @access private - * @return void */ private function _view() { @@ -461,7 +456,6 @@ class PrivateBin * * @access private * @param string $type - * @return void */ private function _jsonld($type) { @@ -494,7 +488,6 @@ class PrivateBin * @param int $status * @param string $message * @param array $other - * @return void */ private function _return_message($status, $message, $other = array()) { diff --git a/lib/Request.php b/lib/Request.php index d3c36d38..37c0bca7 100644 --- a/lib/Request.php +++ b/lib/Request.php @@ -41,7 +41,7 @@ class Request const MIME_XHTML = 'application/xhtml+xml'; /** - * Input stream to use for PUT parameter parsing. + * Input stream to use for PUT parameter parsing * * @access private * @var string @@ -49,7 +49,7 @@ class Request private static $_inputStream = 'php://input'; /** - * Operation to perform. + * Operation to perform * * @access private * @var string @@ -57,7 +57,7 @@ class Request private $_operation = 'view'; /** - * Request parameters. + * Request parameters * * @access private * @var array @@ -65,7 +65,7 @@ class Request private $_params = array(); /** - * If we are in a JSON API context. + * If we are in a JSON API context * * @access private * @var bool @@ -73,20 +73,12 @@ class Request private $_isJsonApi = false; /** - * Constructor. + * Constructor * * @access public - * @return void */ public function __construct() { - // in case stupid admin has left magic_quotes enabled in php.ini (for PHP < 5.4) - if (version_compare(PHP_VERSION, '5.4.0') < 0 && get_magic_quotes_gpc()) { - $_POST = array_map('PrivateBin\\Filter::stripslashesDeep', $_POST); - $_GET = array_map('PrivateBin\\Filter::stripslashesDeep', $_GET); - $_COOKIE = array_map('PrivateBin\\Filter::stripslashesDeep', $_COOKIE); - } - // decide if we are in JSON API or HTML context $this->_isJsonApi = $this->_detectJsonRequest(); @@ -129,7 +121,7 @@ class Request } /** - * Get current operation. + * Get current operation * * @access public * @return string @@ -140,7 +132,7 @@ class Request } /** - * Get a request parameter. + * Get a request parameter * * @access public * @param string $param @@ -153,7 +145,7 @@ class Request } /** - * If we are in a JSON API context. + * If we are in a JSON API context * * @access public * @return bool @@ -164,7 +156,7 @@ class Request } /** - * Override the default input stream source, used for unit testing. + * Override the default input stream source, used for unit testing * * @param string $input */ @@ -174,7 +166,7 @@ class Request } /** - * detect the clients supported media type and decide if its a JSON API call or not + * Detect the clients supported media type and decide if its a JSON API call or not * * Adapted from: https://stackoverflow.com/questions/3770513/detect-browser-language-in-php#3771447 * diff --git a/lib/View.php b/lib/View.php index d7ecaa21..6c04e47f 100644 --- a/lib/View.php +++ b/lib/View.php @@ -35,7 +35,6 @@ class View * @access public * @param string $name * @param mixed $value - * @return void */ public function assign($name, $value) { @@ -48,7 +47,6 @@ class View * @access public * @param string $template * @throws Exception - * @return void */ public function draw($template) { diff --git a/lib/Vizhash16x16.php b/lib/Vizhash16x16.php index 604c86ef..e9bd5d0b 100644 --- a/lib/Vizhash16x16.php +++ b/lib/Vizhash16x16.php @@ -61,7 +61,6 @@ class Vizhash16x16 * constructor * * @access public - * @return void */ public function __construct() { @@ -210,7 +209,6 @@ class Vizhash16x16 * @param resource $image * @param int $action * @param int $color - * @return void */ private function drawshape($image, $action, $color) { diff --git a/tpl/.htaccess b/tpl/.htaccess new file mode 100644 index 00000000..b66e8088 --- /dev/null +++ b/tpl/.htaccess @@ -0,0 +1 @@ +Require all denied diff --git a/tpl/bootstrap.php b/tpl/bootstrap.php index 5f5fe6a7..5381863b 100644 --- a/tpl/bootstrap.php +++ b/tpl/bootstrap.php @@ -4,7 +4,7 @@ $isCpct = substr($template, 9, 8) === '-compact'; $isDark = substr($template, 9, 5) === '-dark'; $isPage = substr($template, -5) === '-page'; ?> - + @@ -69,7 +69,7 @@ if ($MARKDOWN): - + @@ -94,7 +94,7 @@ endif;
- +
@@ -121,8 +121,8 @@ endif; -
+
+
- + - + - - - + - - - - -
-
-
- -
+
+
+ + + + +

+
+
+
+ - -

- -
-
-
+
+ +
+ + + diff --git a/tpl/page.php b/tpl/page.php index 3bd4b530..18d60e32 100644 --- a/tpl/page.php +++ b/tpl/page.php @@ -47,7 +47,7 @@ if ($MARKDOWN): - + @@ -79,12 +79,12 @@ endif;
Firefox, Opera, - Chrome, - Safari... + Chrome
+
@@ -125,7 +125,7 @@ endif; -
- +
#', + '#]*id="errormessage"[^>]*>.*Invalid paste ID\.#s', $content, 'outputs error correctly' ); @@ -778,7 +775,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase $content = ob_get_contents(); ob_end_clean(); $this->assertRegExp( - '#]*id="errormessage"[^>]*>.*Paste does not exist[^<]*
#', + '#]*id="errormessage"[^>]*>.*Paste does not exist, has expired or has been deleted\.#s', $content, 'outputs error correctly' ); @@ -798,7 +795,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase $content = ob_get_contents(); ob_end_clean(); $this->assertRegExp( - '#]*id="errormessage"[^>]*>.*Paste does not exist[^<]*#', + '#]*id="errormessage"[^>]*>.*Paste does not exist, has expired or has been deleted\.#s', $content, 'outputs error correctly' ); @@ -818,10 +815,10 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase $content = ob_get_contents(); ob_end_clean(); unset($burnPaste['meta']['salt']); - $this->assertContains( - '', + $this->assertRegExp( + '#
]*>' . + preg_quote(htmlspecialchars(Helper::getPasteAsJson($burnPaste['meta']), ENT_NOQUOTES)) . + '
#', $content, 'outputs data correctly' ); @@ -889,10 +886,10 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase $content = ob_get_contents(); ob_end_clean(); $meta['formatter'] = 'syntaxhighlighting'; - $this->assertContains( - '', + $this->assertRegExp( + '#
]*>' . + preg_quote(htmlspecialchars(Helper::getPasteAsJson($meta), ENT_NOQUOTES)) . + '
#', $content, 'outputs data correctly' ); @@ -914,10 +911,10 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase ob_end_clean(); $oldPaste['meta']['formatter'] = 'plaintext'; unset($oldPaste['meta']['salt']); - $this->assertContains( - '', + $this->assertRegExp( + '#
]*>' . + preg_quote(htmlspecialchars(Helper::getPasteAsJson($oldPaste['meta']), ENT_NOQUOTES)) . + '
#', $content, 'outputs data correctly' ); @@ -939,7 +936,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase $content = ob_get_contents(); ob_end_clean(); $this->assertRegExp( - '#]*id="status"[^>]*>.*Paste was properly deleted[^<]*#s', + '#]*id="status"[^>]*>.*Paste was properly deleted\.#s', $content, 'outputs deleted status correctly' ); @@ -960,7 +957,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase $content = ob_get_contents(); ob_end_clean(); $this->assertRegExp( - '#]*id="errormessage"[^>]*>.*Invalid paste ID\.#', + '#]*id="errormessage"[^>]*>.*Invalid paste ID\.#s', $content, 'outputs delete error correctly' ); @@ -980,7 +977,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase $content = ob_get_contents(); ob_end_clean(); $this->assertRegExp( - '#]*id="errormessage"[^>]*>.*Paste does not exist[^<]*#', + '#]*id="errormessage"[^>]*>.*Paste does not exist, has expired or has been deleted\.#s', $content, 'outputs delete error correctly' ); @@ -1000,7 +997,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase $content = ob_get_contents(); ob_end_clean(); $this->assertRegExp( - '#]*id="errormessage"[^>]*>.*Wrong deletion token[^<]*#', + '#]*id="errormessage"[^>]*>.*Wrong deletion token\. Paste was not deleted\.#s', $content, 'outputs delete error correctly' ); @@ -1047,7 +1044,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase ob_end_clean(); $response = json_decode($content, true); $this->assertEquals(1, $response['status'], 'outputs status'); - $this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste successfully deleted'); + $this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists after failing to delete data'); } /** @@ -1067,7 +1064,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase $content = ob_get_contents(); ob_end_clean(); $this->assertRegExp( - '#]*id="errormessage"[^>]*>.*Paste does not exist[^<]*#', + '#]*id="errormessage"[^>]*>.*Paste does not exist, has expired or has been deleted\.#s', $content, 'outputs error correctly' ); @@ -1091,7 +1088,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase $content = ob_get_contents(); ob_end_clean(); $this->assertRegExp( - '#]*id="status"[^>]*>.*Paste was properly deleted[^<]*#s', + '#]*id="status"[^>]*>.*Paste was properly deleted\.#s', $content, 'outputs deleted status correctly' ); diff --git a/tst/RequestTest.php b/tst/RequestTest.php index f20209f5..29b0dade 100644 --- a/tst/RequestTest.php +++ b/tst/RequestTest.php @@ -63,6 +63,7 @@ class RequestTest extends PHPUnit_Framework_TestCase file_put_contents($file, 'data=foo'); Request::setInputStream($file); $request = new Request; + unlink($file); $this->assertTrue($request->isJsonApiCall(), 'is JSON Api call'); $this->assertEquals('create', $request->getOperation()); $this->assertEquals('foo', $request->getParam('data')); diff --git a/tst/SjclTest.php b/tst/SjclTest.php index 54cc30fc..a9d947ec 100644 --- a/tst/SjclTest.php +++ b/tst/SjclTest.php @@ -1,11 +1,13 @@ assertTrue(Sjcl::isValid($paste['data']), 'valid sjcl'); $this->assertTrue(Sjcl::isValid($paste['attachment']), 'valid sjcl'); diff --git a/tst/ViewTest.php b/tst/ViewTest.php index 7d3c727a..e2e014b4 100644 --- a/tst/ViewTest.php +++ b/tst/ViewTest.php @@ -96,15 +96,15 @@ class ViewTest extends PHPUnit_Framework_TestCase public function testTemplateRendersCorrectly() { foreach ($this->_content as $template => $content) { - $this->assertContains( - '', + $this->assertRegExp( + '#]+id="cipherdata"[^>]*>' . + preg_quote(htmlspecialchars(Helper::getPaste()['data'], ENT_NOQUOTES)) . + '#', $content, $template . ': outputs data correctly' ); $this->assertRegExp( - '#]+id="errormessage"[^>]*>.*' . self::$error . '#', + '#]+id="errormessage"[^>]*>.*' . self::$error . '#s', $content, $template . ': outputs error correctly' ); @@ -119,7 +119,7 @@ class ViewTest extends PHPUnit_Framework_TestCase $template . ': checked discussion if configured' ); $this->assertRegExp( - '#<[^>]+id="opendisc"[^>]*>#', + '#<[^>]+id="opendiscussionoption"[^>]*>#', $content, $template . ': discussions available if configured' ); diff --git a/vendor/.htaccess b/vendor/.htaccess new file mode 100644 index 00000000..b66e8088 --- /dev/null +++ b/vendor/.htaccess @@ -0,0 +1 @@ +Require all denied