Commit Graph

528 Commits

Author SHA1 Message Date
El RIDO
7565be8ed5
initial work on a bootstrap 5 template
current status:
- renders without PHP errors & passes unit tests
- displays pastes
- responsive navbar
- right-to-left support
- auto dark mode with toggle

to be done:
- add "Dark Mode" to translation strings
- get expiration and format selections to work
- fix modals (password, QR-code, etc.)
- replace glyphicons with Bootstrap Icons (no longer included)
- test all the different settings and combinations
- check tab alignment in HTML source
2024-04-01 18:59:28 +02:00
El RIDO
6bcef2fa24
handle PHP 8.2 deprecation
PHP 8.2 deprecates implicit conversion from float to int if it loses precision, hence the explicit conversion.

PHP 8.1 deprecates the (optional since PHP 8.0) 3rd parameter of imagefilledpolygon(), but 7.3 & 7.4 require it.
2024-04-01 14:50:16 +02:00
El RIDO
3bc09ed561
Merge pull request #1275 from PrivateBin/legacy-php-cleanup
input sanitation & removing some obsolete version checks
2024-03-26 06:33:57 +01:00
Zwyx
6130547ca6
Add response header X-Uncompressed-Content-Length for JSON API
Because the response from the API is PHP output, the usual `Content-Length` header is absent.

This [custom header technique](https://stackoverflow.com/questions/15097712/how-can-i-use-deflated-gzipped-content-with-an-xhr-onprogress-function/32799706#32799706) allows the client to know the total length of the data being received, in order to display a progress indicator.

Here's a code example with `XMLHttpRequest`:


```
xhr.addEventListener("progress", (e) => {
	if (e.lengthComputable) {
		onDownloadProgress({
			loaded: e.loaded,
			total: e.total,
		});
	} else {
		const uncompressedContentLength = xhr.getResponseHeader(
			"X-Uncompressed-Content-Length",
		);

		if (uncompressedContentLength) {
			onDownloadProgress({
				loaded: e.loaded,
				total: Number(uncompressedContentLength),
			});
		}
	}
});
```

Notes:
- `Fetch` can be used as well (only reason I use `XMLHttpRequest` is because `fetch` doesn't allow to track the progress of uploaded data (when creating a paste); whereas `XMLHttpRequest` does).
- `e.loaded` can be different between browsers; Firefox reports the length of the compressed data, Chrome reports the length of uncompressed data (see https://github.com/whatwg/xhr/issues/388). A workaround for this is to manually set our progress indicator to 100% when the request finishes.
2024-03-24 19:40:50 +08:00
El RIDO
65a626f940 inputs sanitation & remove some obsolete version checks
using filter_vars instead of filter_input, because our unit tests depend on manipulating global arrays, which are not used by filter_input - we would have to mock the function in the unit testing, it therefore is cleaner to use the same code paths in testing as in production

some inputs in I18n and TrafficLimiter remain unfiltered, since we already validate them by other means (IP lib and/or preg_match)

our minimum PHP version is 7.3, so we can drop the two < 5.6 fallback checks
2024-03-23 11:27:25 +01:00
Aaron Sherber
7c9cc7754f
Allow for shortenviayourls in query params 2024-03-16 16:55:49 -04:00
El RIDO
e1e0e8399c
phpdoc improvements 2024-03-10 18:01:46 +01:00
El RIDO
5f00587d71
phpdoc improvements, fixes #1036 2024-03-10 17:07:10 +01:00
Aaron Sherber
fd7d9f4715
Fix styleci issues 2024-03-09 16:55:44 -05:00
Aaron Sherber
8abf6ae9cb
Always add cache control headers 2024-03-09 16:49:42 -05:00
El RIDO
aad975a721
incrementing version 2024-02-11 15:31:11 +01:00
El RIDO
a3ee624d3a
incrementing version 2024-02-11 14:17:27 +01:00
El RIDO
257fc5d2b6
enable Romanian translation and credit it 2024-01-27 19:15:40 +01:00
El RIDO
2985305dbb
Merge pull request #1220 from PrivateBin/en-default-test
prevent regression around presence or absence of en.json
2023-12-23 13:06:05 +01:00
El RIDO
d49be80ffb
prevent regression around presence or absence of en.json
it gets excluded in the release archive, it's absence should not make
any difference
2023-12-18 21:49:21 +01:00
El RIDO
d88945663e detect and report on damaged pastes
May occur during statistics or purge, when existing pastes get parsed, addresses #1214
2023-12-16 07:38:09 +01:00
El RIDO
d0420fb418
1.6.2 release 2023-12-15 07:20:20 +01:00
El RIDO
684924e9e5
apply StyleCI patch 2023-12-09 12:00:57 +01:00
El RIDO
a7f720d825
ensure English is always added to available languages, fixes #1208
bug got introduced in 3668f1e3f4 and
started affecting release after 896a49c8cf
2023-12-09 11:58:29 +01:00
El RIDO
3bd570bd6a
incrementing version 2023-12-04 21:07:17 +01:00
El RIDO
5c97443d1d
add basic RTL support, drop default language key 2023-09-19 07:29:00 +02:00
El RIDO
f56907bd38
increment version 2023-09-11 19:36:45 +02:00
Sergio Giraldo
c665385ff6
feat: make the email button optional. Issue #1031
::by sergio giraldo
@ 20230909T2226CEST, gpg signed
2023-09-09 22:26:11 +02:00
El RIDO
fe37b7f0e5 enable & credit Japanese & Arabic translations 2023-08-01 14:00:45 +02:00
El RIDO
ecf100551d document change, raise minimum PHP version to 7.3, remove branch refresh 2023-07-23 10:04:57 +02:00
El RIDO
01afe7d481
incrementing version 2023-07-09 08:44:22 +02:00
El RIDO
8988899c8c
apply StyleCI patch, fixes #1084 2023-06-18 12:54:22 +02:00
Felipe Nakandakari
6d4d3af377
Fix code style issues 2023-02-27 13:26:45 +11:00
Felipe Nakandakari
e3abc042a8
Use credentials array only if values passed via conf.php 2023-02-27 12:58:18 +11:00
El RIDO
3a4e5ed0c9
unnecessary string concatenation 2023-01-15 14:45:10 +01:00
El RIDO
bf7d2f05b6
expose types JSON-LD incl. configured expiration dates, resolves #1045 2023-01-15 08:04:44 +01:00
El RIDO
e84a8694e4
incrementing version 2022-12-24 05:52:07 +01:00
El RIDO
a93c8ceccb
fold extracted function back into the one remaining place calling it 2022-12-13 06:21:37 +01:00
El RIDO
53ab57627e
re-add shuffling paste list 2022-12-12 21:28:38 +01:00
El RIDO
e54277f014
re-add 10 * batch size limit in filesystem purge and support v1 dates for sorting mixed versioned comments 2022-12-12 20:48:36 +01:00
El RIDO
38574f0196
return invalid data error on API instead of exception 2022-12-12 20:46:47 +01:00
El RIDO
b5602dd1ae
incrementing version 2022-12-11 05:02:15 +01:00
El RIDO
910675c74b
apply StyleCI fix 2022-11-18 05:38:37 +01:00
El RIDO
4056057a3c
updated some links to https 2022-11-18 05:36:33 +01:00
El RIDO
07bc3285aa
moved glob iterator pattern to const, documentation 2022-11-18 05:36:06 +01:00
El RIDO
b8593b1bf2
use a glob iterator to stream through as many matches as needed 2022-11-10 20:36:15 +01:00
El RIDO
b3699cae8f
Merge branch 'master' into bin 2022-11-10 19:28:29 +01:00
El RIDO
b53df70227
Merge pull request #1008 from PrivateBin/jdenticons-test
Jdenticons size and speed test results
2022-11-10 07:28:13 +01:00
El RIDO
e5487cee48
Merge branch 'master' into bin 2022-11-07 07:34:34 +01:00
El RIDO
89df4a54ec
enable and credit Thai translation 2022-11-07 07:12:40 +01:00
El RIDO
94aab6d64b
apply StyleCI patch 2022-11-06 09:12:42 +01:00
El RIDO
a799351db3
re-use logic from _getExpiredPastes()
Scrutinizer pointed out that the dieerr() function isn't available in this
class. Code does work when invoked by migrate script, but this way it would
also work in other contexts.
2022-11-06 09:09:50 +01:00
El RIDO
3028c22c20
be more efficient 2022-11-06 07:40:39 +01:00
El RIDO
07ad9ad0f4
typo, found by Scrutinizer 2022-11-05 09:37:24 +01:00
El RIDO
833cf93209
address Scrutinizer warning
> The variable $bucket does not seem to be defined for all execution paths leading up to this point.
2022-11-05 09:35:19 +01:00
El RIDO
8389c2a2d6
minor optimization, let the PDO driver do that for us 2022-11-05 08:46:42 +01:00
El RIDO
a33721e3ab
Merge branch 'migrate' of https://github.com/felixjogris/PrivateBin into felixjogris-migrate 2022-11-05 08:27:40 +01:00
Felix J. Ogris
75d28ef423 _sanitizeClob touches no instance variables 2022-11-04 21:25:53 +01:00
Felix J. Ogris
604c931875 remove cache from database backend 2022-11-04 21:19:47 +01:00
Felix J. Ogris
726f54ce9e typos 2022-11-04 20:19:41 +01:00
El RIDO
66600e5eb3
Merge pull request #1003 from PrivateBin/yourls-cleanup
improve configuration wording, adjust self check
2022-11-03 19:54:56 +01:00
El RIDO
987ead2719
ensure the basepath ends in a slash, if one is set 2022-11-03 07:47:50 +01:00
Felix J. Ogris
bde5802a3a syntax fix, changelog 2022-11-01 16:38:06 +01:00
Felix J. Ogris
9a61e8fd48 started script for storage backend migrations
todo: GCS

added GCS, no GLOBALS, two methods for saving pastes and comments

use GLOBALS for verbosity again

added getAllPastes() to all storage providers

moved to bin, added --delete options, make use of $store->getAllPastes()

added --delete-* options to help

longopts without -- *sigh*

fixed arguments

drop singleton behaviour to allow multiple backends of the same type simultaneously

remove singleton from Model, collapse loop in migrate.php

comments is not indexed

tests without data singleton

fix

exit if scandir() fails

extended meta doc
2022-11-01 16:02:17 +01:00
El RIDO
89d575ace3
in light of the perf/size test results of Jdenticons, switch back to Identicons as the default 2022-10-30 09:24:35 +01:00
El RIDO
432d3e71d3
improve configuration wording, adjust self check 2022-10-29 07:58:40 +02:00
El RIDO
8ac69590cf
add new Jdenticon comment icon library, set it as default, fixes #793 2022-10-26 06:53:56 +02:00
El RIDO
bff4d3a016
PHP 8.2 compatibility: Use of "self" in callables is deprecated 2022-10-25 07:15:09 +02:00
El RIDO
78e915e049
adding tests for YOURLS functionality 2022-10-23 13:09:54 +02:00
El RIDO
4bd5ef9cda
add new messages to translate 2022-10-23 10:50:18 +02:00
El RIDO
69034ef9d1
apply StyleCI recommendations 2022-10-23 09:16:55 +02:00
El RIDO
f4000150fa
avoid cURL dependency, native functions should suffice for such a simple call 2022-10-23 09:05:17 +02:00
El RIDO
b768a2e8cb
use JSON wrapper for decoding error catching 2022-10-23 08:21:37 +02:00
El RIDO
0a2094f069
code style 2022-10-23 08:16:05 +02:00
El RIDO
0dc9ab7576
refactor shortenviayourls.php for our MVC framework 2022-10-23 08:10:56 +02:00
Jens-U. Mozdzen
dce8b8d352 updated code formatting 2022-10-23 01:07:43 +02:00
Jens-U. Mozdzen
3115cb8883 added parameters for server-side YOURLS shortener call 2022-10-23 00:19:43 +02:00
Felix J. Ogris
ee212b1a33 implemented S3 storage backend
added sample configuration + aws php sdk version

coding style cleanup
2022-10-22 18:30:24 +02:00
Ra'Jiska
8dbe60621d Fix GCS Upload Metadata Mistake 2022-10-06 14:41:37 +08:00
Ra'Jiska
8dded4e8e4 GCS Support for Uniform ACL Buckets 2022-10-06 12:19:06 +08:00
El RIDO
77409e6065
crediting greek language as well, plus docs 2022-09-29 21:15:00 +02:00
El RIDO
b61b4253a6
enabled use of Slovak translations 2022-09-29 05:34:49 +02:00
rugk
e740d0f761
Remove COOP header for now
Same as https://github.com/PrivateBin/docker-nginx-fpm-alpine/pull/108

Disable the header here as it breaks links to the own site.
2022-08-22 13:25:56 +02:00
El RIDO
e6d606ba88
clarify that it is only unsupported by Oracle MySQL, while supported in MariaDB, Postgres, SQLite, ... 2022-06-29 22:25:54 +02:00
El RIDO
4ad4aed875
apply table prefix to indexes as well, to support multiple instances sharing a single database 2022-06-28 06:51:21 +02:00
El RIDO
b7cffbddd0
CREATE INDEX IF NOT EXISTS is not supported as of MySQL <= 8.0, fixes #943 2022-06-27 19:05:57 +02:00
El RIDO
07a23d7f0b
addressing deprecation warnings in php 8.1
Deprecated: strlen(): Passing null to parameter #1 ($string) of type string is deprecated in lib/Data/Database.php on line 280 & 555
2022-06-01 21:05:08 +02:00
El RIDO
f717334ee0
- credit & document Turkish translation
- remove plural indicators
- add plural logic and enable Turkish translation
2022-04-28 20:05:57 +02:00
El RIDO
0e2ec27033
Avoid privilege for setting the for MariaDB/MySQL, fixes #919 2022-04-19 18:44:00 +02:00
Harald Leithner
4b3d11c988
Add browsing-topics premission policy 2022-04-10 11:28:52 +02:00
Harald Leithner
7b8e031ab5
Remove FLoC Header
Google announced that it is discontinuing FLoC.
2022-04-10 10:36:39 +02:00
El RIDO
456ced37c2
incrementing version 2022-04-05 07:30:51 +02:00
El RIDO
f0d0daffcc
enable and credit new Finnish translation 2022-04-05 07:22:07 +02:00
El RIDO
11b16fc6fd
removed directive needed for the PDF preview in FireFox < 78
fixed in https://bugzilla.mozilla.org/show_bug.cgi?id=1582115 and
https://bugzilla.mozilla.org/show_bug.cgi?id=1638826 for FF 78
2022-03-27 08:45:33 +02:00
El RIDO
6c1f0dde0c
set CSP also as meta tag, to deal with misconfigured webservers mangling the HTTP header 2022-03-13 18:11:13 +01:00
El RIDO
3e02818335
actually support the short CIDR notation 2022-02-28 16:24:06 +01:00
El RIDO
f83f80b5f6
Merge branch 'master' into stevenandres-master 2022-02-26 11:56:58 +01:00
El RIDO
f39934a104
Merge pull request #896 from Patriccollu/PB-in-Corsican
Adding Corsican as brand new locale
2022-02-26 11:52:43 +01:00
El RIDO
fe89161848
replace deprecated function calls 2022-02-26 07:18:59 +01:00
El RIDO
288cf3f005
Merge branch 'master' into stevenandres-master 2022-02-25 06:42:18 +01:00
Patriccollu
30c0d22468
Updating I18n.php to add Corsican as new locale 2022-02-24 20:05:19 +01:00
El RIDO
0e3a7196f9
set frame-ancestors to none
disables embedding the site in any frames, which can bypass some of the security mechanisms reg. cross site scripting
2022-02-20 15:21:47 +01:00
El RIDO
f987e96d4b
apply StyleCI recommendation 2022-02-20 12:25:55 +01:00
El RIDO
1034d4038e
unify IP-related logic into traffic limiter 2022-02-20 11:25:19 +01:00
El RIDO
190a35a53b
small unit test refactoring, comment wording 2022-02-20 09:30:41 +01:00