wok-6.x: zerobin/stuff/zerobin.u annotate

wok-6.x annotate zerobin/stuff/zerobin.u @ rev 16350

Up: tazweb (1.9) - Fixes and editable bookmarks!

author	Christophe Lincoln <pankso@slitaz.org>
date	Sun Apr 13 02:34:25 2014 +0200 (2014-04-13)
parents	30f393e65a4c
children	139df21c10dd

rev	line source
pascal@13154	1 --- index.php
pascal@13154	2 +++ index.php
pascal@14109	3 @@ -17,6 +17,13 @@
pascal@13156	4 $_COOKIE = array_map('stripslashes_deep', $_COOKIE);
pascal@13156	5 }
pascal@13156	6
pascal@14109	7 +function remote_address()
pascal@13156	8 +{
pascal@14111	9 + // if (isset($_SERVER["HTTP_X_FORWARDED_FOR"]))
pascal@14111	10 + // return $_SERVER["HTTP_X_FORWARDED_FOR"];
pascal@14109	11 + return $_SERVER["REMOTE_ADDR"];
pascal@13156	12 +}
pascal@13156	13 +
pascal@13156	14 // trafic_limiter : Make sure the IP address makes at most 1 request every 10 seconds.
pascal@13156	15 // Will return false if IP address made a call less than 10 seconds ago.
pascal@13156	16 function trafic_limiter_canPass($ip)
pascal@14111	17 @@ -144,7 +151,7 @@
pascal@14109	18 }
pascal@14109	19
pascal@14109	20 // Make sure last paste from the IP address was more than 10 seconds ago.
pascal@13156	21 - if (!trafic_limiter_canPass($_SERVER['REMOTE_ADDR']))
pascal@13156	22 + if (!trafic_limiter_canPass(remote_address()))
pascal@13156	23 { echo json_encode(array('status'=>1,'message'=>'Please wait 10 seconds between each post.')); exit; }
pascal@13156	24
pascal@13156	25 // Make sure content is not too big.
pascal@14111	26 @@ -216,7 +223,7 @@
pascal@13156	27 // (We assume that if the user did not enter a nickname, he/she wants
pascal@13156	28 // to be anonymous and we will not generate the vizhash.)
pascal@13156	29 $vz = new vizhash16x16();
pascal@13156	30 - $pngdata = $vz->generate($_SERVER['REMOTE_ADDR']);
pascal@13156	31 + $pngdata = $vz->generate(remote_address());
pascal@14109	32 if ($pngdata!='') $meta['vizhash'] = 'data:image/png;base64,'.base64_encode($pngdata);
pascal@14109	33 // Once the avatar is generated, we do not keep the IP address, nor its hash.
pascal@13156	34 }
pascal@14109	35 --- js/zerobin.js
pascal@14109	36 +++ js/zerobin.js
pascal@14111	37 @@ -326,7 +326,13 @@
pascal@14109	38 return;
pascal@14109	39 }
pascal@14109	40 showStatus('Sending paste...', spin=true);
pascal@14109	41 - var randomkey = sjcl.codec.base64.fromBits(sjcl.random.randomWords(8, 0), 0);
pascal@14109	42 + var randomkey = (window.location.hash.length > 2) ?
pascal@14109	43 + // force key
pascal@14109	44 + window.location.hash.substring(1) :
pascal@14109	45 + // Generate a random 256 bits key, encoded in base64:
pascal@14109	46 + sjcl.codec.base64.fromBits(sjcl.random.randomWords(8,0),0);
pascal@14109	47 + if (randomkey.charAt(randomkey.length-1) !== '=')
pascal@14109	48 + randomkey+='='; // Add trailing = if missing.
pascal@14109	49 var cipherdata = zeroCipher(randomkey, $('textarea#message').val());
pascal@14109	50 var data_to_send = { data: cipherdata,
pascal@14109	51 expire: $('select#pasteExpiration').val(),

SliTaz Repositories

wok-6.x annotate zerobin/stuff/zerobin.u @ rev 16350