mirror of
https://github.com/PrivateBin/PrivateBin.git
synced 2024-10-01 01:26:10 -04:00
added autoloading, configurable paste size limit, changed JS to calculate localized comment times instead of UTC
This commit is contained in:
parent
5d6401b44d
commit
edf95ff56d
3
.gitignore
vendored
3
.gitignore
vendored
@ -1,3 +1,6 @@
|
|||||||
# Ignore data/ and tmp/
|
# Ignore data/ and tmp/
|
||||||
data/
|
data/
|
||||||
tmp/
|
tmp/
|
||||||
|
.settings/
|
||||||
|
.buildpath
|
||||||
|
.project
|
||||||
|
@ -7,10 +7,13 @@
|
|||||||
; @license http://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
|
; @license http://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
|
||||||
; @version 0.15
|
; @version 0.15
|
||||||
|
|
||||||
; timelimit between calls from the same IP address in seconds
|
; time limit between calls from the same IP address in seconds
|
||||||
traffic_limit = 10
|
traffic_limit = 10
|
||||||
traffic_dir = PATH "data"
|
traffic_dir = PATH "data"
|
||||||
|
|
||||||
|
; size limit per paste or comment in bytes
|
||||||
|
size_limit = 2000000
|
||||||
|
|
||||||
; name of data model class to load and directory for storage
|
; name of data model class to load and directory for storage
|
||||||
; the default model "zerobin_data" stores everything in the filesystem
|
; the default model "zerobin_data" stores everything in the filesystem
|
||||||
model = zerobin_data
|
model = zerobin_data
|
||||||
|
@ -32,7 +32,7 @@
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* Put a border around prettyprinted code snippets. */
|
/* Put a border around prettyprinted code snippets. */
|
||||||
pre.prettyprint { padding: 2px; border: 1px solid #888; background-color:white; }
|
pre.prettyprint { padding: 2px; border: 1px solid #888; background-color:white; white-space:pre-wrap; }
|
||||||
|
|
||||||
/* Specify class=linenums on a pre to get line numbering */
|
/* Specify class=linenums on a pre to get line numbering */
|
||||||
ol.linenums {
|
ol.linenums {
|
||||||
|
@ -12,5 +12,6 @@
|
|||||||
|
|
||||||
// change this, if your php files and data is outside of your webservers document root
|
// change this, if your php files and data is outside of your webservers document root
|
||||||
define('PATH', '');
|
define('PATH', '');
|
||||||
require_once PATH . 'lib/zerobin.php';
|
|
||||||
|
require PATH . 'lib/auto.php';
|
||||||
new zerobin;
|
new zerobin;
|
||||||
|
@ -1,8 +1,12 @@
|
|||||||
/**
|
/**
|
||||||
* ZeroBin 0.15
|
* ZeroBin
|
||||||
*
|
*
|
||||||
* @link http://sebsauvage.net/wiki/doku.php?id=php:zerobin
|
* a zero-knowledge paste bin
|
||||||
* @author sebsauvage
|
*
|
||||||
|
* @link http://sebsauvage.net/wiki/doku.php?id=php:zerobin
|
||||||
|
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
|
||||||
|
* @license http://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
|
||||||
|
* @version 0.15
|
||||||
*/
|
*/
|
||||||
|
|
||||||
// Immediately start random number generator collector.
|
// Immediately start random number generator collector.
|
||||||
@ -157,7 +161,7 @@ function displayMessages(key, comments) {
|
|||||||
try {
|
try {
|
||||||
divComment.find('span.nickname').text(zeroDecipher(key, comment.meta.nickname));
|
divComment.find('span.nickname').text(zeroDecipher(key, comment.meta.nickname));
|
||||||
} catch(err) { }
|
} catch(err) { }
|
||||||
divComment.find('span.commentdate').text(' ('+(new Date(comment.meta.postdate*1000).toUTCString())+')').attr('title','CommentID: ' + comment.meta.commentid);
|
divComment.find('span.commentdate').text(' ('+(new Date(comment.meta.postdate*1000).toString())+')').attr('title','CommentID: ' + comment.meta.commentid);
|
||||||
|
|
||||||
// If an avatar is available, display it.
|
// If an avatar is available, display it.
|
||||||
if (comment.meta.vizhash) {
|
if (comment.meta.vizhash) {
|
||||||
@ -185,7 +189,6 @@ function open_reply(source, commentid) {
|
|||||||
+ '<div id="replystatus"> </div>'
|
+ '<div id="replystatus"> </div>'
|
||||||
+ '</div>');
|
+ '</div>');
|
||||||
$('input#nickname').focus(function() {
|
$('input#nickname').focus(function() {
|
||||||
$(this).css('color', '#000');
|
|
||||||
if ($(this).val() == $(this).attr('title')) {
|
if ($(this).val() == $(this).attr('title')) {
|
||||||
$(this).val('');
|
$(this).val('');
|
||||||
}
|
}
|
||||||
|
35
lib/auto.php
Normal file
35
lib/auto.php
Normal file
@ -0,0 +1,35 @@
|
|||||||
|
<?php
|
||||||
|
/**
|
||||||
|
* ZeroBin
|
||||||
|
*
|
||||||
|
* a zero-knowledge paste bin
|
||||||
|
*
|
||||||
|
* @link http://sebsauvage.net/wiki/doku.php?id=php:zerobin
|
||||||
|
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
|
||||||
|
* @license http://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
|
||||||
|
* @version 0.15
|
||||||
|
*/
|
||||||
|
|
||||||
|
spl_autoload_register('auto::loader');
|
||||||
|
|
||||||
|
/**
|
||||||
|
* auto
|
||||||
|
*
|
||||||
|
* provides autoloading functionality
|
||||||
|
*/
|
||||||
|
class auto
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* strips slashes deeply
|
||||||
|
*
|
||||||
|
* @access public
|
||||||
|
* @static
|
||||||
|
* @param mixed $value
|
||||||
|
* @return mixed
|
||||||
|
*/
|
||||||
|
public static function loader($class_name)
|
||||||
|
{
|
||||||
|
require_once PATH . 'lib/' . str_replace('_', '/', $class_name) . '.php';
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
@ -31,4 +31,23 @@ class filter
|
|||||||
array_map('filter::stripslashes_deep', $value) :
|
array_map('filter::stripslashes_deep', $value) :
|
||||||
stripslashes($value);
|
stripslashes($value);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* format a given number of bytes
|
||||||
|
*
|
||||||
|
* @access public
|
||||||
|
* @static
|
||||||
|
* @param int $size
|
||||||
|
* @return string
|
||||||
|
*/
|
||||||
|
public static function size_humanreadable($size)
|
||||||
|
{
|
||||||
|
$i = 0;
|
||||||
|
$iec = array('B', 'kiB', 'MiB', 'GiB', 'TiB', 'PiB', 'EiB', 'ZiB', 'YiB');
|
||||||
|
while ( ( $size / 1024 ) > 1 ) {
|
||||||
|
$size = $size / 1024;
|
||||||
|
$i++;
|
||||||
|
}
|
||||||
|
return number_format($size, 2, ".", " ") . ' ' . $iec[$i];
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
@ -15,7 +15,7 @@
|
|||||||
*
|
*
|
||||||
* Handles traffic limiting, so no user does more than one call per 10 seconds.
|
* Handles traffic limiting, so no user does more than one call per 10 seconds.
|
||||||
*/
|
*/
|
||||||
class traffic_limiter
|
class trafficlimiter
|
||||||
{
|
{
|
||||||
/**
|
/**
|
||||||
* @access private
|
* @access private
|
@ -63,7 +63,6 @@ class zerobin
|
|||||||
// In case stupid admin has left magic_quotes enabled in php.ini.
|
// In case stupid admin has left magic_quotes enabled in php.ini.
|
||||||
if (get_magic_quotes_gpc())
|
if (get_magic_quotes_gpc())
|
||||||
{
|
{
|
||||||
require_once PATH . 'lib/filter.php';
|
|
||||||
$_POST = array_map('filter::stripslashes_deep', $_POST);
|
$_POST = array_map('filter::stripslashes_deep', $_POST);
|
||||||
$_GET = array_map('filter::stripslashes_deep', $_GET);
|
$_GET = array_map('filter::stripslashes_deep', $_GET);
|
||||||
$_COOKIE = array_map('filter::stripslashes_deep', $_COOKIE);
|
$_COOKIE = array_map('filter::stripslashes_deep', $_COOKIE);
|
||||||
@ -118,7 +117,6 @@ class zerobin
|
|||||||
{
|
{
|
||||||
// if needed, initialize the model
|
// if needed, initialize the model
|
||||||
if(is_string($this->_model)) {
|
if(is_string($this->_model)) {
|
||||||
require_once PATH . 'lib/' . $this->_model . '.php';
|
|
||||||
$this->_model = forward_static_call(array($this->_model, 'getInstance'), $this->_conf['model_options']);
|
$this->_model = forward_static_call(array($this->_model, 'getInstance'), $this->_conf['model_options']);
|
||||||
}
|
}
|
||||||
return $this->_model;
|
return $this->_model;
|
||||||
@ -146,11 +144,10 @@ class zerobin
|
|||||||
$error = false;
|
$error = false;
|
||||||
|
|
||||||
// Make sure last paste from the IP address was more than 10 seconds ago.
|
// Make sure last paste from the IP address was more than 10 seconds ago.
|
||||||
require_once PATH . 'lib/traffic_limiter.php';
|
trafficlimiter::setLimit($this->_conf['traffic_limit']);
|
||||||
traffic_limiter::setLimit($this->_conf['traffic_limit']);
|
trafficlimiter::setPath($this->_conf['traffic_dir']);
|
||||||
traffic_limiter::setPath($this->_conf['traffic_dir']);
|
|
||||||
if (
|
if (
|
||||||
!traffic_limiter::canPass($_SERVER['REMOTE_ADDR'])
|
!trafficlimiter::canPass($_SERVER['REMOTE_ADDR'])
|
||||||
) $this->_return_message(1, 'Please wait 10 seconds between each post.');
|
) $this->_return_message(1, 'Please wait 10 seconds between each post.');
|
||||||
|
|
||||||
// Make sure content is not too big.
|
// Make sure content is not too big.
|
||||||
@ -160,7 +157,6 @@ class zerobin
|
|||||||
) $this->_return_message(1, 'Paste is limited to 2 MB of encrypted data.');
|
) $this->_return_message(1, 'Paste is limited to 2 MB of encrypted data.');
|
||||||
|
|
||||||
// Make sure format is correct.
|
// Make sure format is correct.
|
||||||
require_once PATH . 'lib/sjcl.php';
|
|
||||||
if (!sjcl::isValid($data)) $this->_return_message(1, 'Invalid data.');
|
if (!sjcl::isValid($data)) $this->_return_message(1, 'Invalid data.');
|
||||||
|
|
||||||
// Read additional meta-information.
|
// Read additional meta-information.
|
||||||
@ -219,7 +215,6 @@ class zerobin
|
|||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
require_once PATH . 'lib/vizhash_gd_zero.php';
|
|
||||||
$meta['nickname'] = $nick;
|
$meta['nickname'] = $nick;
|
||||||
$vz = new vizhash16x16();
|
$vz = new vizhash16x16();
|
||||||
$pngdata = $vz->generate($_SERVER['REMOTE_ADDR']);
|
$pngdata = $vz->generate($_SERVER['REMOTE_ADDR']);
|
||||||
@ -381,7 +376,6 @@ class zerobin
|
|||||||
*/
|
*/
|
||||||
private function _view()
|
private function _view()
|
||||||
{
|
{
|
||||||
require_once PATH . 'lib/rain.tpl.class.php';
|
|
||||||
header('Content-Type: text/html; charset=utf-8');
|
header('Content-Type: text/html; charset=utf-8');
|
||||||
$page = new RainTPL;
|
$page = new RainTPL;
|
||||||
// We escape it here because ENT_NOQUOTES can't be used in RainTPL templates.
|
// We escape it here because ENT_NOQUOTES can't be used in RainTPL templates.
|
||||||
|
124
lib/zerobin/abstract.php
Normal file
124
lib/zerobin/abstract.php
Normal file
@ -0,0 +1,124 @@
|
|||||||
|
<?php
|
||||||
|
/**
|
||||||
|
* ZeroBin
|
||||||
|
*
|
||||||
|
* a zero-knowledge paste bin
|
||||||
|
*
|
||||||
|
* @link http://sebsauvage.net/wiki/doku.php?id=php:zerobin
|
||||||
|
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
|
||||||
|
* @license http://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
|
||||||
|
* @version 0.15
|
||||||
|
*/
|
||||||
|
|
||||||
|
/**
|
||||||
|
* zerobin_abstract
|
||||||
|
*
|
||||||
|
* Abstract model for ZeroBin data access, implemented as a singleton.
|
||||||
|
*/
|
||||||
|
abstract class zerobin_abstract
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* singleton instance
|
||||||
|
*
|
||||||
|
* @access private
|
||||||
|
* @static
|
||||||
|
* @var zerobin
|
||||||
|
*/
|
||||||
|
protected static $_instance = null;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* enforce singleton, disable constructor
|
||||||
|
*
|
||||||
|
* Instantiate using {@link getInstance()}, zerobin is a singleton object.
|
||||||
|
*
|
||||||
|
* @access protected
|
||||||
|
*/
|
||||||
|
protected function __construct() {}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* enforce singleton, disable cloning
|
||||||
|
*
|
||||||
|
* Instantiate using {@link getInstance()}, zerobin is a singleton object.
|
||||||
|
*
|
||||||
|
* @access private
|
||||||
|
*/
|
||||||
|
private function __clone() {}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* get instance of singleton
|
||||||
|
*
|
||||||
|
* @access public
|
||||||
|
* @static
|
||||||
|
* @return zerobin
|
||||||
|
*/
|
||||||
|
abstract public static function getInstance($options);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Create a paste.
|
||||||
|
*
|
||||||
|
* @access public
|
||||||
|
* @param string $pasteid
|
||||||
|
* @param array $paste
|
||||||
|
* @return int|false
|
||||||
|
*/
|
||||||
|
abstract public function create($pasteid, $paste);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Read a paste.
|
||||||
|
*
|
||||||
|
* @access public
|
||||||
|
* @param string $pasteid
|
||||||
|
* @return string
|
||||||
|
*/
|
||||||
|
abstract public function read($pasteid);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Delete a paste and its discussion.
|
||||||
|
*
|
||||||
|
* @access public
|
||||||
|
* @param string $pasteid
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
abstract public function delete($pasteid);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Test if a paste exists.
|
||||||
|
*
|
||||||
|
* @access public
|
||||||
|
* @param string $dataid
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
abstract public function exists($pasteid);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Create a comment in a paste.
|
||||||
|
*
|
||||||
|
* @access public
|
||||||
|
* @param string $pasteid
|
||||||
|
* @param string $parentid
|
||||||
|
* @param string $commentid
|
||||||
|
* @param array $comment
|
||||||
|
* @return int|false
|
||||||
|
*/
|
||||||
|
abstract public function createComment($pasteid, $parentid, $commentid, $comment);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Read all comments of paste.
|
||||||
|
*
|
||||||
|
* @access public
|
||||||
|
* @param string $pasteid
|
||||||
|
* @return array
|
||||||
|
*/
|
||||||
|
abstract public function readComments($pasteid);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Test if a comment exists.
|
||||||
|
*
|
||||||
|
* @access public
|
||||||
|
* @param string $dataid
|
||||||
|
* @param string $parentid
|
||||||
|
* @param string $commentid
|
||||||
|
* @return void
|
||||||
|
*/
|
||||||
|
abstract public function existsComment($pasteid, $parentid, $commentid);
|
||||||
|
}
|
@ -15,7 +15,7 @@
|
|||||||
*
|
*
|
||||||
* Model for data access, implemented as a singleton.
|
* Model for data access, implemented as a singleton.
|
||||||
*/
|
*/
|
||||||
class zerobin_data
|
class zerobin_data extends zerobin_abstract
|
||||||
{
|
{
|
||||||
/*
|
/*
|
||||||
* @access private
|
* @access private
|
||||||
@ -24,33 +24,6 @@ class zerobin_data
|
|||||||
*/
|
*/
|
||||||
private static $_dir = 'data/';
|
private static $_dir = 'data/';
|
||||||
|
|
||||||
/**
|
|
||||||
* singleton instance
|
|
||||||
*
|
|
||||||
* @access private
|
|
||||||
* @static
|
|
||||||
* @var zerobin
|
|
||||||
*/
|
|
||||||
private static $_instance = null;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* enforce singleton, disable constructor
|
|
||||||
*
|
|
||||||
* Instantiate using {@link getInstance()}, zerobin is a singleton object.
|
|
||||||
*
|
|
||||||
* @access protected
|
|
||||||
*/
|
|
||||||
protected function __construct() {}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* enforce singleton, disable cloning
|
|
||||||
*
|
|
||||||
* Instantiate using {@link getInstance()}, zerobin is a singleton object.
|
|
||||||
*
|
|
||||||
* @access private
|
|
||||||
*/
|
|
||||||
private function __clone() {}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* get instance of singleton
|
* get instance of singleton
|
||||||
*
|
*
|
||||||
@ -66,11 +39,11 @@ class zerobin_data
|
|||||||
array_key_exists('dir', $options)
|
array_key_exists('dir', $options)
|
||||||
) self::$_dir = $options['dir'] . '/';
|
) self::$_dir = $options['dir'] . '/';
|
||||||
// if needed initialize the singleton
|
// if needed initialize the singleton
|
||||||
if(null === self::$_instance) {
|
if(null === parent::$_instance) {
|
||||||
self::$_instance = new self;
|
parent::$_instance = new self;
|
||||||
self::_init();
|
self::_init();
|
||||||
}
|
}
|
||||||
return self::$_instance;
|
return parent::$_instance;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
@ -15,7 +15,7 @@
|
|||||||
*
|
*
|
||||||
* Model for DB access, implemented as a singleton.
|
* Model for DB access, implemented as a singleton.
|
||||||
*/
|
*/
|
||||||
class zerobin_db
|
class zerobin_db extends zerobin_abstract
|
||||||
{
|
{
|
||||||
/*
|
/*
|
||||||
* @access private
|
* @access private
|
||||||
@ -24,33 +24,6 @@ class zerobin_db
|
|||||||
*/
|
*/
|
||||||
private static $_db;
|
private static $_db;
|
||||||
|
|
||||||
/**
|
|
||||||
* singleton instance
|
|
||||||
*
|
|
||||||
* @access private
|
|
||||||
* @static
|
|
||||||
* @var zerobin
|
|
||||||
*/
|
|
||||||
private static $_instance = null;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* enforce singleton, disable constructor
|
|
||||||
*
|
|
||||||
* Instantiate using {@link getInstance()}, zerobin is a singleton object.
|
|
||||||
*
|
|
||||||
* @access protected
|
|
||||||
*/
|
|
||||||
protected function __construct() {}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* enforce singleton, disable cloning
|
|
||||||
*
|
|
||||||
* Instantiate using {@link getInstance()}, zerobin is a singleton object.
|
|
||||||
*
|
|
||||||
* @access private
|
|
||||||
*/
|
|
||||||
private function __clone() {}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* get instance of singleton
|
* get instance of singleton
|
||||||
*
|
*
|
||||||
@ -62,8 +35,7 @@ class zerobin_db
|
|||||||
{
|
{
|
||||||
// if needed initialize the singleton
|
// if needed initialize the singleton
|
||||||
if(null === self::$_instance) {
|
if(null === self::$_instance) {
|
||||||
self::$_instance = new self;
|
parent::$_instance = new self;
|
||||||
self::_init();
|
|
||||||
}
|
}
|
||||||
if (
|
if (
|
||||||
is_array($options) &&
|
is_array($options) &&
|
||||||
@ -77,7 +49,7 @@ class zerobin_db
|
|||||||
$options['pwd'],
|
$options['pwd'],
|
||||||
$options['opt']
|
$options['opt']
|
||||||
);
|
);
|
||||||
return self::$_instance;
|
return parent::$_instance;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -162,15 +134,4 @@ class zerobin_db
|
|||||||
public function existsComment($pasteid, $parentid, $commentid)
|
public function existsComment($pasteid, $parentid, $commentid)
|
||||||
{
|
{
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* initialize zerobin
|
|
||||||
*
|
|
||||||
* @access private
|
|
||||||
* @static
|
|
||||||
* @return void
|
|
||||||
*/
|
|
||||||
private static function _init()
|
|
||||||
{
|
|
||||||
}
|
|
||||||
}
|
}
|
Loading…
Reference in New Issue
Block a user