From da45d347e23b11bf9f8ab505020419da8be1d317 Mon Sep 17 00:00:00 2001 From: rugk Date: Mon, 21 May 2018 19:32:01 +0200 Subject: [PATCH 1/4] Fix attachment issues Fixes https://github.com/PrivateBin/PrivateBin/issues/315 The attachment viewer is also used for storing to be uploaded attachments, which caused some confusion in handling them. I also tried to add some comments clarifying it as it seems to work. Additionally I fixed the issue that you could submit an empty paste and it was not rejected. --- .gitignore | 4 +++- js/privatebin.js | 25 ++++++++++++++++++++++--- tpl/bootstrap.php | 2 +- tpl/page.php | 2 +- 4 files changed, 27 insertions(+), 6 deletions(-) diff --git a/.gitignore b/.gitignore index eb61b175..b363a7e0 100644 --- a/.gitignore +++ b/.gitignore @@ -1,7 +1,9 @@ # Ignore server files for safety .htaccess .htpasswd -cfg/conf.php +cfg/* +!cfg/conf.sample.php +!cfg/.htaccess # Ignore data/ data/ diff --git a/js/privatebin.js b/js/privatebin.js index 48dc7a0d..c5c5c3fc 100644 --- a/js/privatebin.js +++ b/js/privatebin.js @@ -2005,6 +2005,19 @@ jQuery.PrivateBin = (function($, sjcl, Base64, RawDeflate) { $attachmentLink.off('click'); $attachmentPreview.html(''); + AttachmentViewer.removeAttachmentData(); + }; + + /** + * removes the attachment data + * + * This removes the data, which would be uploaded otherwise. + * + * @name AttachmentViewer.removeAttachmentData + * @function + */ + me.removeAttachmentData = function() + { file = undefined; attachmentData = undefined; }; @@ -2038,7 +2051,7 @@ jQuery.PrivateBin = (function($, sjcl, Base64, RawDeflate) { }; /** - * checks if there is an attachment + * checks if there is an attachment displayed * * @name AttachmentViewer.hasAttachment * @function @@ -2053,7 +2066,9 @@ jQuery.PrivateBin = (function($, sjcl, Base64, RawDeflate) { }; /** - * checks if there is attachment data available + * checks if there is attachment data (for preview!) available + * + * It returns true, when there is data that needs to be encrypted. * * @name AttachmentViewer.hasAttachmentData * @function @@ -2824,6 +2839,9 @@ jQuery.PrivateBin = (function($, sjcl, Base64, RawDeflate) { $fileWrap.removeClass('hidden'); } + // in any case, remove saved attachment data + AttachmentViewer.removeAttachmentData(); + // our up-to-date jQuery can handle it :) $fileWrap.find('input').val(''); @@ -3696,10 +3714,11 @@ jQuery.PrivateBin = (function($, sjcl, Base64, RawDeflate) { // get data var plainText = Editor.getText(), format = PasteViewer.getFormat(), + // the methods may return different values if no files are attached (null, undefined or false) files = TopNav.getFileList() || AttachmentViewer.getFile() || AttachmentViewer.hasAttachment(); // do not send if there is no data - if (plainText.length === 0 && files === null) { + if (plainText.length === 0 && !files) { // revert loading status… Alert.hideLoading(); TopNav.showCreateButtons(); diff --git a/tpl/bootstrap.php b/tpl/bootstrap.php index ab95dfc6..5ab0f519 100644 --- a/tpl/bootstrap.php +++ b/tpl/bootstrap.php @@ -75,7 +75,7 @@ if ($MARKDOWN): - + diff --git a/tpl/page.php b/tpl/page.php index 6c5b974f..13870ea9 100644 --- a/tpl/page.php +++ b/tpl/page.php @@ -54,7 +54,7 @@ if ($QRCODE): - + From 14a7fd70913d9e9d556b19757ca4bc26846294b4 Mon Sep 17 00:00:00 2001 From: rugk Date: Tue, 22 May 2018 00:41:02 +0200 Subject: [PATCH 2/4] Fix https://github.com/PrivateBin/PrivateBin/issues/315 Fixes some display issues related to file display. --- js/privatebin.js | 18 ++++++++++++++++-- tpl/bootstrap.php | 2 +- tpl/page.php | 2 +- 3 files changed, 18 insertions(+), 4 deletions(-) diff --git a/js/privatebin.js b/js/privatebin.js index c5c5c3fc..2f4ba71a 100644 --- a/js/privatebin.js +++ b/js/privatebin.js @@ -2022,6 +2022,17 @@ jQuery.PrivateBin = (function($, sjcl, Base64, RawDeflate) { attachmentData = undefined; }; + /** + * Cleares the drag & drop data. + * + * @name AttachmentViewer.clearDragAndDrop + * @function + */ + me.clearDragAndDrop = function() + { + $dragAndDropFileName.text(''); + }; + /** * hides the attachment * @@ -2137,6 +2148,7 @@ jQuery.PrivateBin = (function($, sjcl, Base64, RawDeflate) { loadedFile = $fileInput[0].files[0]; $dragAndDropFileName.text(''); } else { + // TODO: cannot set original $fileWrap here for security reasons… $dragAndDropFileName.text(loadedFile.name); } @@ -2206,7 +2218,7 @@ jQuery.PrivateBin = (function($, sjcl, Base64, RawDeflate) { // Firefox crashes with files that are about 1.5MB // The performance with 1MB files is bearable if (data.length > 1398488) { - Alert.showError('File too large, to display a preview. Please download the attachment.'); + Alert.showError('File too large, to display a preview. Please download the attachment.'); //TODO: is this error really neccessary? return; } @@ -2262,7 +2274,7 @@ jQuery.PrivateBin = (function($, sjcl, Base64, RawDeflate) { $(document).on('drop', drop); $(document).on('dragenter', ignoreDragDrop); $(document).on('dragover', ignoreDragDrop); - $fileInput.on("change", function () { + $fileInput.on('change', function () { me.readFileData(); }); }; @@ -2842,8 +2854,10 @@ jQuery.PrivateBin = (function($, sjcl, Base64, RawDeflate) { // in any case, remove saved attachment data AttachmentViewer.removeAttachmentData(); + // hide UI for selected files // our up-to-date jQuery can handle it :) $fileWrap.find('input').val(''); + AttachmentViewer.clearDragAndDrop(); // pevent '#' from appearing in the URL event.preventDefault(); diff --git a/tpl/bootstrap.php b/tpl/bootstrap.php index 5ab0f519..ec6a0d50 100644 --- a/tpl/bootstrap.php +++ b/tpl/bootstrap.php @@ -75,7 +75,7 @@ if ($MARKDOWN): - + diff --git a/tpl/page.php b/tpl/page.php index 13870ea9..36c774ca 100644 --- a/tpl/page.php +++ b/tpl/page.php @@ -54,7 +54,7 @@ if ($QRCODE): - + From 429d43dc78ad5b722d547a4082bc106f702f5d1d Mon Sep 17 00:00:00 2001 From: rugk Date: Tue, 22 May 2018 00:43:24 +0200 Subject: [PATCH 3/4] Make some functions of AttachmentHandler private They are only used/referenced in the same module, so there is no need to make them public. --- js/privatebin.js | 19 +++++++++++-------- tpl/bootstrap.php | 2 +- tpl/page.php | 2 +- 3 files changed, 13 insertions(+), 10 deletions(-) diff --git a/js/privatebin.js b/js/privatebin.js index 2f4ba71a..d72d0cf7 100644 --- a/js/privatebin.js +++ b/js/privatebin.js @@ -2130,11 +2130,12 @@ jQuery.PrivateBin = (function($, sjcl, Base64, RawDeflate) { * read file data as dataURL using the FileReader API * * @name AttachmentViewer.readFileData + * @private * @function * @param {object} loadedFile The loaded file. * @see {@link https://developer.mozilla.org/en-US/docs/Web/API/FileReader#readAsDataURL()} */ - me.readFileData = function (loadedFile) { + readFileData = function (loadedFile) { if (typeof FileReader === 'undefined') { // revert loading status… me.hideAttachment(); @@ -2242,9 +2243,10 @@ jQuery.PrivateBin = (function($, sjcl, Base64, RawDeflate) { * attaches the file attachment drag & drop handler to the page * * @name AttachmentViewer.addDragDropHandler + * @private * @function */ - me.addDragDropHandler = function () { + addDragDropHandler = function () { if (typeof $fileInput === 'undefined' || $fileInput.length === 0) { return; } @@ -2267,7 +2269,7 @@ jQuery.PrivateBin = (function($, sjcl, Base64, RawDeflate) { //Only works in Chrome: //fileInput[0].files = e.dataTransfer.files; - me.readFileData(file); + readFileData(file); } }; @@ -2275,7 +2277,7 @@ jQuery.PrivateBin = (function($, sjcl, Base64, RawDeflate) { $(document).on('dragenter', ignoreDragDrop); $(document).on('dragover', ignoreDragDrop); $fileInput.on('change', function () { - me.readFileData(); + readFileData(); }); }; @@ -2283,9 +2285,10 @@ jQuery.PrivateBin = (function($, sjcl, Base64, RawDeflate) { * attaches the clipboard attachment handler to the page * * @name AttachmentViewer.addClipboardEventHandler + * @private * @function */ - me.addClipboardEventHandler = function () { + addClipboardEventHandler = function () { $(document).on('paste', function (event) { var items = (event.clipboardData || event.originalEvent.clipboardData).items; @@ -2293,7 +2296,7 @@ jQuery.PrivateBin = (function($, sjcl, Base64, RawDeflate) { if (items.hasOwnProperty(i)) { var item = items[i]; if (item.kind === 'file') { - me.readFileData(item.getAsFile()); + readFileData(item.getAsFile()); } } } @@ -2362,8 +2365,8 @@ jQuery.PrivateBin = (function($, sjcl, Base64, RawDeflate) { $dragAndDropFileName = $('#dragAndDropFileName'); $fileInput = $('#file'); - me.addDragDropHandler(); - me.addClipboardEventHandler(); + addDragDropHandler(); + addClipboardEventHandler(); } } diff --git a/tpl/bootstrap.php b/tpl/bootstrap.php index ec6a0d50..7dca0fd8 100644 --- a/tpl/bootstrap.php +++ b/tpl/bootstrap.php @@ -75,7 +75,7 @@ if ($MARKDOWN): - + diff --git a/tpl/page.php b/tpl/page.php index 36c774ca..07e26cdc 100644 --- a/tpl/page.php +++ b/tpl/page.php @@ -54,7 +54,7 @@ if ($QRCODE): - + From 733cc709670cefda1f38e4661264a3e663e1aa62 Mon Sep 17 00:00:00 2001 From: rugk Date: Tue, 22 May 2018 10:19:53 +0200 Subject: [PATCH 4/4] Improve code style of function names Thx https://github.com/PrivateBin/PrivateBin/commit/429d43dc78ad5b722d547a4082bc106f702f5d1d#r29068381 --- js/privatebin.js | 33 ++++++++++++++++----------------- tpl/bootstrap.php | 2 +- tpl/page.php | 2 +- 3 files changed, 18 insertions(+), 19 deletions(-) diff --git a/js/privatebin.js b/js/privatebin.js index d72d0cf7..f7b7dd69 100644 --- a/js/privatebin.js +++ b/js/privatebin.js @@ -2135,7 +2135,7 @@ jQuery.PrivateBin = (function($, sjcl, Base64, RawDeflate) { * @param {object} loadedFile The loaded file. * @see {@link https://developer.mozilla.org/en-US/docs/Web/API/FileReader#readAsDataURL()} */ - readFileData = function (loadedFile) { + function readFileData(loadedFile) { if (typeof FileReader === 'undefined') { // revert loading status… me.hideAttachment(); @@ -2165,7 +2165,7 @@ jQuery.PrivateBin = (function($, sjcl, Base64, RawDeflate) { } }; fileReader.readAsDataURL(loadedFile); - }; + } /** * handle the preview of files that can either be an image, video, audio or pdf element @@ -2246,7 +2246,7 @@ jQuery.PrivateBin = (function($, sjcl, Base64, RawDeflate) { * @private * @function */ - addDragDropHandler = function () { + function addDragDropHandler() { if (typeof $fileInput === 'undefined' || $fileInput.length === 0) { return; } @@ -2279,7 +2279,7 @@ jQuery.PrivateBin = (function($, sjcl, Base64, RawDeflate) { $fileInput.on('change', function () { readFileData(); }); - }; + } /** * attaches the clipboard attachment handler to the page @@ -2288,20 +2288,19 @@ jQuery.PrivateBin = (function($, sjcl, Base64, RawDeflate) { * @private * @function */ - addClipboardEventHandler = function () { - $(document).on('paste', - function (event) { - var items = (event.clipboardData || event.originalEvent.clipboardData).items; - for (var i in items) { - if (items.hasOwnProperty(i)) { - var item = items[i]; - if (item.kind === 'file') { - readFileData(item.getAsFile()); - } - } + function addClipboardEventHandler() { + $(document).on('paste', function (event) { + var items = (event.clipboardData || event.originalEvent.clipboardData).items; + for (var i in items) { + if (items.hasOwnProperty(i)) { + var item = items[i]; + if (item.kind === 'file') { + readFileData(item.getAsFile()); } - }); - }; + } + } + }); + } /** diff --git a/tpl/bootstrap.php b/tpl/bootstrap.php index 7dca0fd8..e3e14cac 100644 --- a/tpl/bootstrap.php +++ b/tpl/bootstrap.php @@ -75,7 +75,7 @@ if ($MARKDOWN): - + diff --git a/tpl/page.php b/tpl/page.php index 07e26cdc..a7867023 100644 --- a/tpl/page.php +++ b/tpl/page.php @@ -54,7 +54,7 @@ if ($QRCODE): - +