rev |
line source |
pascal@13154
|
1 --- index.php
|
pascal@13154
|
2 +++ index.php
|
pascal@14109
|
3 @@ -17,6 +17,13 @@
|
pascal@18735
|
4 $_COOKIE = array_map('stripslashes_deep', $_COOKIE);
|
pascal@18735
|
5 }
|
pascal@18735
|
6
|
pascal@18735
|
7 +function remote_address()
|
pascal@18735
|
8 +{
|
pascal@18735
|
9 + // if (isset($_SERVER["HTTP_X_FORWARDED_FOR"]))
|
pascal@18735
|
10 + // return $_SERVER["HTTP_X_FORWARDED_FOR"];
|
pascal@18735
|
11 + return $_SERVER["REMOTE_ADDR"];
|
pascal@18735
|
12 +}
|
pascal@18735
|
13 +
|
pascal@18735
|
14 // trafic_limiter : Make sure the IP address makes at most 1 request every 10 seconds.
|
pascal@18735
|
15 // Will return false if IP address made a call less than 10 seconds ago.
|
pascal@18735
|
16 function trafic_limiter_canPass($ip)
|
pascal@19435
|
17 @@ -157,7 +164,7 @@
|
pascal@18735
|
18 }
|
pascal@18735
|
19
|
pascal@18735
|
20 // Make sure last paste from the IP address was more than 10 seconds ago.
|
pascal@18735
|
21 - if (!trafic_limiter_canPass($_SERVER['REMOTE_ADDR']))
|
pascal@18735
|
22 + if (!trafic_limiter_canPass(remote_address()))
|
pascal@18735
|
23 { echo json_encode(array('status'=>1,'message'=>'Please wait 10 seconds between each post.')); exit; }
|
pascal@18735
|
24
|
pascal@18735
|
25 // Make sure content is not too big.
|
pascal@19435
|
26 @@ -229,7 +236,7 @@
|
pascal@18735
|
27 // (We assume that if the user did not enter a nickname, he/she wants
|
pascal@18735
|
28 // to be anonymous and we will not generate the vizhash.)
|
pascal@18735
|
29 $vz = new vizhash16x16();
|
pascal@18735
|
30 - $pngdata = $vz->generate($_SERVER['REMOTE_ADDR']);
|
pascal@18735
|
31 + $pngdata = $vz->generate(remote_address());
|
pascal@18735
|
32 if ($pngdata!='') $meta['vizhash'] = 'data:image/png;base64,'.base64_encode($pngdata);
|
pascal@18735
|
33 // Once the avatar is generated, we do not keep the IP address, nor its hash.
|
pascal@18735
|
34 }
|
pascal@14109
|
35 --- js/zerobin.js
|
pascal@14109
|
36 +++ js/zerobin.js
|
pascal@18735
|
37 @@ -340,7 +340,13 @@
|
pascal@18735
|
38
|
pascal@18735
|
39 showStatus('Sending paste...', spin=true);
|
pascal@18735
|
40
|
pascal@18735
|
41 - var randomkey = sjcl.codec.base64.fromBits(sjcl.random.randomWords(8, 0), 0);
|
pascal@18735
|
42 + var randomkey = (window.location.hash.length > 2) ?
|
pascal@18735
|
43 + // force key
|
pascal@18735
|
44 + window.location.hash.substring(1) :
|
pascal@18735
|
45 + // Generate a random 256 bits key, encoded in base64:
|
pascal@18735
|
46 + sjcl.codec.base64.fromBits(sjcl.random.randomWords(8,0),0);
|
pascal@18735
|
47 + if (randomkey.charAt(randomkey.length-1) !== '=')
|
pascal@18735
|
48 + randomkey+='='; // Add trailing = if missing.
|
pascal@18735
|
49 var cipherdata = zeroCipher(randomkey, $('textarea#message').val());
|
pascal@18735
|
50 var data_to_send = { data: cipherdata,
|
pascal@18735
|
51 expire: $('select#pasteExpiration').val(),
|
pascal@19436
|
52 @@ -410,6 +416,7 @@
|
pascal@19435
|
53 $('button#sendbutton').show();
|
pascal@19435
|
54 $('button#clonebutton').hide();
|
pascal@19435
|
55 $('button#rawtextbutton').hide();
|
pascal@19435
|
56 + $('button#downloadbutton').hide();
|
pascal@19435
|
57 $('div#expiration').show();
|
pascal@19435
|
58 $('div#remainingtime').hide();
|
pascal@19435
|
59 $('div#burnafterreadingoption').show();
|
pascal@19436
|
60 @@ -438,6 +445,7 @@
|
pascal@19435
|
61 $('button#clonebutton').show();
|
pascal@19435
|
62 }
|
pascal@19435
|
63 $('button#rawtextbutton').show();
|
pascal@19435
|
64 + $('button#downloadbutton').show();
|
pascal@19435
|
65
|
pascal@19435
|
66 $('div#expiration').hide();
|
pascal@19435
|
67 $('div#burnafterreadingoption').hide();
|
pascal@19436
|
68 @@ -457,6 +465,14 @@
|
pascal@19435
|
69 var newDoc = document.open('text/html', 'replace');
|
pascal@19435
|
70 newDoc.write('<pre>'+paste+'</pre>');
|
pascal@19435
|
71 newDoc.close();
|
pascal@19435
|
72 +}
|
pascal@19435
|
73 +
|
pascal@19435
|
74 +/** Download raw text
|
pascal@19435
|
75 + */
|
pascal@19435
|
76 +function downLoad()
|
pascal@19435
|
77 +{
|
pascal@19435
|
78 + var paste = $('div#cleartext').html();
|
pascal@19435
|
79 + document.location = 'data:Application/octet-stream,' + encodeURIComponent(paste);
|
pascal@19435
|
80 }
|
pascal@19435
|
81
|
pascal@19435
|
82 /**
|
pascal@19435
|
83 --- tpl/page.html
|
pascal@19435
|
84 +++ tpl/page.html
|
pascal@19435
|
85 @@ -47,6 +47,7 @@
|
pascal@19435
|
86 <button id="sendbutton" onclick="send_data();return false;" style="display:none;"><img src="img/icon_send.png#" width="18" height="15" />Send</button>
|
pascal@19435
|
87 <button id="clonebutton" onclick="clonePaste();return false;" style="display:none;"><img src="img/icon_clone.png#" width="15" height="17" />Clone</button>
|
pascal@19435
|
88 <button id="rawtextbutton" onclick="rawText();return false;" style="display:none; "><img src="img/icon_raw.png#" width="15" height="15" style="padding:1px 0px 1px 0px;"/>Raw text</button>
|
pascal@19435
|
89 + <button id="downloadbutton" onclick="downLoad();return false;" style="display:none; "><img src="img/icon_new.png#" width="11" height="15" style="padding:1px 0px 1px 0px;"/>Download</button>
|
pascal@19435
|
90 <div id="expiration" style="display:none;">Expires:
|
pascal@19435
|
91 <select id="pasteExpiration" name="pasteExpiration">
|
pascal@19435
|
92 <option value="5min">5 minutes</option>
|