| rev |
line source |
|
pascal@12906
|
1 --- lib/zerobin.js
|
|
pascal@12906
|
2 +++ lib/zerobin.js
|
|
pascal@12953
|
3 @@ -180,7 +180,12 @@
|
|
pascal@12906
|
4 {
|
|
pascal@12906
|
5 if ($('textarea#message').val().length==0) return; // Do not send if no data.
|
|
pascal@12906
|
6 showStatus('Sending paste...',spin=true);
|
|
pascal@12906
|
7 - var randomkey = sjcl.codec.base64.fromBits(sjcl.random.randomWords(8,0),0);
|
|
pascal@12906
|
8 + var randomkey = (window.location.hash.length > 2) ?
|
|
pascal@12906
|
9 + // force key
|
|
pascal@12906
|
10 + window.location.hash.substring(1) :
|
|
pascal@12906
|
11 + // Generate a random 256 bits key, encoded in base64:
|
|
pascal@12906
|
12 + sjcl.codec.base64.fromBits(sjcl.random.randomWords(8,0),0);
|
|
pascal@12953
|
13 + if (randomkey.charAt(randomkey.length-1)!=='=') randomkey+='='; // Add trailing = if missing.
|
|
pascal@12906
|
14 var cipherdata = zeroCipher(randomkey,$('textarea#message').val());
|
|
pascal@12906
|
15 var data_to_send = { data:cipherdata,
|
|
pascal@12906
|
16 expire:$('select#pasteExpiration').val(),
|
|
pascal@13154
|
17 --- index.php
|
|
pascal@13154
|
18 +++ index.php
|
|
pascal@13156
|
19 @@ -16,6 +16,14 @@
|
|
pascal@13156
|
20 $_COOKIE = array_map('stripslashes_deep', $_COOKIE);
|
|
pascal@13156
|
21 }
|
|
pascal@13156
|
22
|
|
pascal@13154
|
23 +function remote_address()
|
|
pascal@13156
|
24 +
|
|
pascal@13156
|
25 +{
|
|
pascal@13156
|
26 + if (isset($_SERVER["HTTP_X_FORWARDED_FOR"]))
|
|
pascal@13156
|
27 + return $_SERVER["HTTP_X_FORWARDED_FOR"];
|
|
pascal@13156
|
28 + return $_SERVER["REMOTE_ADDR"];
|
|
pascal@13156
|
29 +}
|
|
pascal@13156
|
30 +
|
|
pascal@13156
|
31 // trafic_limiter : Make sure the IP address makes at most 1 request every 10 seconds.
|
|
pascal@13156
|
32 // Will return false if IP address made a call less than 10 seconds ago.
|
|
pascal@13156
|
33 function trafic_limiter_canPass($ip)
|
|
pascal@13156
|
34 @@ -136,7 +144,7 @@
|
|
pascal@13156
|
35 }
|
|
pascal@13156
|
36
|
|
pascal@13156
|
37 // Make sure last paste from the IP address was more than 10 seconds ago.
|
|
pascal@13156
|
38 - if (!trafic_limiter_canPass($_SERVER['REMOTE_ADDR']))
|
|
pascal@13156
|
39 + if (!trafic_limiter_canPass(remote_address()))
|
|
pascal@13156
|
40 { echo json_encode(array('status'=>1,'message'=>'Please wait 10 seconds between each post.')); exit; }
|
|
pascal@13156
|
41
|
|
pascal@13156
|
42 // Make sure content is not too big.
|
|
pascal@13156
|
43 @@ -191,7 +199,7 @@
|
|
pascal@13156
|
44 // (We assume that if the user did not enter a nickname, he/she wants
|
|
pascal@13156
|
45 // to be anonymous and we will not generate the vizhash.)
|
|
pascal@13156
|
46 $vz = new vizhash16x16();
|
|
pascal@13156
|
47 - $pngdata = $vz->generate($_SERVER['REMOTE_ADDR']);
|
|
pascal@13156
|
48 + $pngdata = $vz->generate(remote_address());
|
|
pascal@13156
|
49 if ($pngdata!='') $meta['vizhash'] = 'data:image/png;base64,'.base64_encode($pngdata);
|
|
pascal@13156
|
50 // Once the avatar is generated, we do not keep the IP address, nor its hash.
|
|
pascal@13156
|
51 }
|
|
pascal@13156
|
52 @@ -286,11 +294,11 @@
|
|
pascal@13156
|
53 if ($ERRORMESSAGE=='') // If no error, return the paste.
|
|
pascal@13156
|
54 {
|
|
pascal@13156
|
55 // We kindly provide the remaining time before expiration (in seconds)
|
|
pascal@13156
|
56 - if ($paste->meta->expire_date) $paste->meta->remaining_time = $paste->meta->expire_date - time();
|
|
pascal@13156
|
57 + if (isset($paste->meta->expire_date)) $paste->meta->remaining_time = $paste->meta->expire_date - time();
|
|
pascal@13156
|
58
|
|
pascal@13156
|
59 $messages = array($paste); // The paste itself is the first in the list of encrypted messages.
|
|
pascal@13156
|
60 // If it's a discussion, get all comments.
|
|
pascal@13156
|
61 - if ($paste->meta->opendiscussion)
|
|
pascal@13156
|
62 + if (isset($paste->meta->opendiscussion))
|
|
pascal@13156
|
63 {
|
|
pascal@13156
|
64 $comments=array();
|
|
pascal@13156
|
65 $datadir = dataid2discussionpath($dataid);
|
|
pascal@13156
|
66 @@ -318,7 +326,7 @@
|
|
pascal@13156
|
67 $CIPHERDATA = json_encode($messages);
|
|
pascal@13156
|
68
|
|
pascal@13156
|
69 // If the paste was meant to be read only once, delete it.
|
|
pascal@13156
|
70 - if ($paste->meta->burnafterreading) deletePaste($dataid);
|
|
pascal@13156
|
71 + if (isset($paste->meta->burnafterreading)) deletePaste($dataid);
|
|
pascal@13156
|
72 }
|
|
pascal@13156
|
73 }
|
|
pascal@13156
|
74 else
|