added autoloading, configurable paste size limit, changed JS to calculate localized comment times instead of UTC

2024-10-01 01:26:10 -04:00 · 2012-04-30 22:58:08 +02:00 · 2012-04-30 22:58:08 +02:00 · edf95ff56d
commit edf95ff56d
parent 5d6401b44d
14 changed files with 207 additions and 91 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,3 +1,6 @@
 # Ignore data/ and tmp/
 data/
 tmp/
+.settings/
+.buildpath
+.project
--- a/cfg/conf.ini
+++ b/cfg/conf.ini
@ -7,10 +7,13 @@
 ; @license   http://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
 ; @version   0.15

-; timelimit between calls from the same IP address in seconds
+; time limit between calls from the same IP address in seconds
 traffic_limit = 10
 traffic_dir = PATH "data"

+; size limit per paste or comment in bytes
+size_limit = 2000000
+
 ; name of data model class to load and directory for storage
 ; the default model "zerobin_data" stores everything in the filesystem
 model = zerobin_data
--- a/css/prettify.css
+++ b/css/prettify.css
@ -32,7 +32,7 @@
 }

 /* Put a border around prettyprinted code snippets. */
-pre.prettyprint { padding: 2px; border: 1px solid #888; background-color:white; }
+pre.prettyprint { padding: 2px; border: 1px solid #888; background-color:white; white-space:pre-wrap; }

 /* Specify class=linenums on a pre to get line numbering */
 ol.linenums {
--- a/index.php
+++ b/index.php
@ -12,5 +12,6 @@

 // change this, if your php files and data is outside of your webservers document root
 define('PATH', '');
-require_once PATH . 'lib/zerobin.php';
+
+require PATH . 'lib/auto.php';
 new zerobin;
--- a/js/zerobin.js
+++ b/js/zerobin.js
@ -1,8 +1,12 @@
 /**
- * ZeroBin 0.15
+ * ZeroBin
 *
- * @link http://sebsauvage.net/wiki/doku.php?id=php:zerobin
- * @author sebsauvage
+ * a zero-knowledge paste bin
+ *
+ * @link      http://sebsauvage.net/wiki/doku.php?id=php:zerobin
+ * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
+ * @license   http://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
+ * @version   0.15
 */

 // Immediately start random number generator collector.
@ -157,7 +161,7 @@ function displayMessages(key, comments) {
            try {
                divComment.find('span.nickname').text(zeroDecipher(key, comment.meta.nickname));
            } catch(err) { }
-            divComment.find('span.commentdate').text('  ('+(new Date(comment.meta.postdate*1000).toUTCString())+')').attr('title','CommentID: ' + comment.meta.commentid);
+            divComment.find('span.commentdate').text('  ('+(new Date(comment.meta.postdate*1000).toString())+')').attr('title','CommentID: ' + comment.meta.commentid);

            // If an avatar is available, display it.
            if (comment.meta.vizhash) {
@ -185,7 +189,6 @@ function open_reply(source, commentid) {
                + '<div id="replystatus">&nbsp;</div>'
                + '</div>');
    $('input#nickname').focus(function() {
-        $(this).css('color', '#000');
        if ($(this).val() == $(this).attr('title')) {
            $(this).val('');
        }
--- a/lib/rain.tpl.class.php
+++ b/lib/rain.tpl.class.php
--- a/lib/auto.php
+++ b/lib/auto.php
@ -0,0 +1,35 @@
+<?php
+/**
+ * ZeroBin
+ *
+ * a zero-knowledge paste bin
+ *
+ * @link      http://sebsauvage.net/wiki/doku.php?id=php:zerobin
+ * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
+ * @license   http://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
+ * @version   0.15
+ */
+
+spl_autoload_register('auto::loader');
+
+/**
+ * auto
+ *
+ * provides autoloading functionality
+ */
+class auto
+{
+    /**
+     * strips slashes deeply
+     *
+     * @access public
+     * @static
+     * @param  mixed $value
+     * @return mixed
+     */
+    public static function loader($class_name)
+    {
+        require_once PATH . 'lib/' . str_replace('_', '/', $class_name) . '.php';
+    }
+}
+
--- a/lib/filter.php
+++ b/lib/filter.php
@ -31,4 +31,23 @@ class filter
            array_map('filter::stripslashes_deep', $value) :
            stripslashes($value);
    }
+
+    /**
+     * format a given number of bytes
+     *
+     * @access public
+     * @static
+     * @param  int $size
+     * @return string
+     */
+    public static function size_humanreadable($size)
+    {
+        $i = 0;
+        $iec = array('B', 'kiB', 'MiB', 'GiB', 'TiB', 'PiB', 'EiB', 'ZiB', 'YiB');
+        while ( ( $size / 1024 ) > 1 ) {
+                $size = $size / 1024;
+                $i++;
+        }
+        return number_format($size, 2, ".", " ") . ' ' . $iec[$i];
+    }
 }
--- a/lib/traffic_limiter.php
+++ b/lib/traffic_limiter.php
@ -15,7 +15,7 @@
 *
 * Handles traffic limiting, so no user does more than one call per 10 seconds.
 */
-class traffic_limiter
+class trafficlimiter
 {
    /**
     * @access private
--- a/lib/vizhash_gd_zero.php
+++ b/lib/vizhash_gd_zero.php
--- a/lib/zerobin.php
+++ b/lib/zerobin.php
@ -63,7 +63,6 @@ class zerobin
        // In case stupid admin has left magic_quotes enabled in php.ini.
        if (get_magic_quotes_gpc())
        {
-            require_once PATH . 'lib/filter.php';
            $_POST   = array_map('filter::stripslashes_deep', $_POST);
            $_GET    = array_map('filter::stripslashes_deep', $_GET);
            $_COOKIE = array_map('filter::stripslashes_deep', $_COOKIE);
@ -118,7 +117,6 @@ class zerobin
    {
        // if needed, initialize the model
        if(is_string($this->_model)) {
-            require_once PATH . 'lib/' . $this->_model . '.php';
            $this->_model = forward_static_call(array($this->_model, 'getInstance'), $this->_conf['model_options']);
        }
        return $this->_model;
@ -146,11 +144,10 @@ class zerobin
        $error = false;

        // Make sure last paste from the IP address was more than 10 seconds ago.
-        require_once PATH . 'lib/traffic_limiter.php';
-        traffic_limiter::setLimit($this->_conf['traffic_limit']);
-        traffic_limiter::setPath($this->_conf['traffic_dir']);
+        trafficlimiter::setLimit($this->_conf['traffic_limit']);
+        trafficlimiter::setPath($this->_conf['traffic_dir']);
        if (
-            !traffic_limiter::canPass($_SERVER['REMOTE_ADDR'])
+            !trafficlimiter::canPass($_SERVER['REMOTE_ADDR'])
        ) $this->_return_message(1, 'Please wait 10 seconds between each post.');

        // Make sure content is not too big.
@ -160,7 +157,6 @@ class zerobin
        ) $this->_return_message(1, 'Paste is limited to 2 MB of encrypted data.');

        // Make sure format is correct.
-        require_once PATH . 'lib/sjcl.php';
        if (!sjcl::isValid($data)) $this->_return_message(1, 'Invalid data.');

        // Read additional meta-information.
@ -219,7 +215,6 @@ class zerobin
            }
            else
            {
-                require_once PATH . 'lib/vizhash_gd_zero.php';
                $meta['nickname'] = $nick;
                $vz = new vizhash16x16();
                $pngdata = $vz->generate($_SERVER['REMOTE_ADDR']);
@ -381,7 +376,6 @@ class zerobin
     */
    private function _view()
    {
-        require_once PATH . 'lib/rain.tpl.class.php';
        header('Content-Type: text/html; charset=utf-8');
        $page = new RainTPL;
        // We escape it here because ENT_NOQUOTES can't be used in RainTPL templates.
--- a/lib/zerobin/abstract.php
+++ b/lib/zerobin/abstract.php
@ -0,0 +1,124 @@
+<?php
+/**
+ * ZeroBin
+ *
+ * a zero-knowledge paste bin
+ *
+ * @link      http://sebsauvage.net/wiki/doku.php?id=php:zerobin
+ * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
+ * @license   http://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
+ * @version   0.15
+ */
+
+/**
+ * zerobin_abstract
+ *
+ * Abstract model for ZeroBin data access, implemented as a singleton.
+ */
+abstract class zerobin_abstract
+{
+	/**
+     * singleton instance
+     *
+     * @access private
+     * @static
+     * @var zerobin
+     */
+    protected static $_instance = null;
+
+    /**
+     * enforce singleton, disable constructor
+     *
+     * Instantiate using {@link getInstance()}, zerobin is a singleton object.
+     *
+     * @access protected
+     */
+    protected function __construct() {}
+
+    /**
+     * enforce singleton, disable cloning
+     *
+     * Instantiate using {@link getInstance()}, zerobin is a singleton object.
+     *
+     * @access private
+     */
+    private function __clone() {}
+
+    /**
+     * get instance of singleton
+     *
+     * @access public
+     * @static
+     * @return zerobin
+     */
+    abstract public static function getInstance($options);
+
+    /**
+     * Create a paste.
+     *
+     * @access public
+     * @param  string $pasteid
+     * @param  array  $paste
+     * @return int|false
+     */
+    abstract public function create($pasteid, $paste);
+
+    /**
+     * Read a paste.
+     *
+     * @access public
+     * @param  string $pasteid
+     * @return string
+     */
+    abstract public function read($pasteid);
+
+    /**
+     * Delete a paste and its discussion.
+     *
+     * @access public
+     * @param  string $pasteid
+     * @return void
+     */
+    abstract public function delete($pasteid);
+
+    /**
+     * Test if a paste exists.
+     *
+     * @access public
+     * @param  string $dataid
+     * @return void
+     */
+    abstract public function exists($pasteid);
+
+    /**
+     * Create a comment in a paste.
+     *
+     * @access public
+     * @param  string $pasteid
+     * @param  string $parentid
+     * @param  string $commentid
+     * @param  array  $comment
+     * @return int|false
+     */
+    abstract public function createComment($pasteid, $parentid, $commentid, $comment);
+
+    /**
+     * Read all comments of paste.
+     *
+     * @access public
+     * @param  string $pasteid
+     * @return array
+     */
+    abstract public function readComments($pasteid);
+
+    /**
+     * Test if a comment exists.
+     *
+     * @access public
+     * @param  string $dataid
+     * @param  string $parentid
+     * @param  string $commentid
+     * @return void
+     */
+    abstract public function existsComment($pasteid, $parentid, $commentid);
+}
--- a/lib/zerobin/data.php
+++ b/lib/zerobin/data.php
@ -15,7 +15,7 @@
 *
 * Model for data access, implemented as a singleton.
 */
-class zerobin_data
+class zerobin_data extends zerobin_abstract
 {
    /*
     * @access private
@ -24,33 +24,6 @@ class zerobin_data
     */
    private static $_dir = 'data/';

-    /**
-     * singleton instance
-     *
-     * @access private
-     * @static
-     * @var zerobin
-     */
-    private static $_instance = null;
-
-    /**
-     * enforce singleton, disable constructor
-     *
-     * Instantiate using {@link getInstance()}, zerobin is a singleton object.
-     *
-     * @access protected
-     */
-    protected function __construct() {}
-
-    /**
-     * enforce singleton, disable cloning
-     *
-     * Instantiate using {@link getInstance()}, zerobin is a singleton object.
-     *
-     * @access private
-     */
-    private function __clone() {}
-
    /**
     * get instance of singleton
     *
@ -66,11 +39,11 @@ class zerobin_data
        	array_key_exists('dir', $options)
        ) self::$_dir = $options['dir'] . '/';
        // if needed initialize the singleton
-        if(null === self::$_instance) {
-            self::$_instance = new self;
+        if(null === parent::$_instance) {
+            parent::$_instance = new self;
            self::_init();
        }
-        return self::$_instance;
+        return parent::$_instance;
    }

    /**
--- a/lib/zerobin/db.php
+++ b/lib/zerobin/db.php
@ -15,7 +15,7 @@
 *
 * Model for DB access, implemented as a singleton.
 */
-class zerobin_db
+class zerobin_db extends zerobin_abstract
 {
    /*
     * @access private
@ -24,33 +24,6 @@ class zerobin_db
     */
    private static $_db;

-	/**
-     * singleton instance
-     *
-     * @access private
-     * @static
-     * @var zerobin
-     */
-    private static $_instance = null;
-
-    /**
-     * enforce singleton, disable constructor
-     *
-     * Instantiate using {@link getInstance()}, zerobin is a singleton object.
-     *
-     * @access protected
-     */
-    protected function __construct() {}
-
-    /**
-     * enforce singleton, disable cloning
-     *
-     * Instantiate using {@link getInstance()}, zerobin is a singleton object.
-     *
-     * @access private
-     */
-    private function __clone() {}
-
    /**
     * get instance of singleton
     *
@ -62,8 +35,7 @@ class zerobin_db
    {
        // if needed initialize the singleton
        if(null === self::$_instance) {
-            self::$_instance = new self;
-            self::_init();
+            parent::$_instance = new self;
        }
        if (
        	is_array($options) &&
@ -77,7 +49,7 @@ class zerobin_db
            $options['pwd'],
            $options['opt']
        );
-        return self::$_instance;
+        return parent::$_instance;
    }

    /**
@ -162,15 +134,4 @@ class zerobin_db
    public function existsComment($pasteid, $parentid, $commentid)
    {
    }
-
-    /**
-     * initialize zerobin
-     *
-     * @access private
-     * @static
-     * @return void
-     */
-    private static function _init()
-    {
-    }
 }