wok diff zerobin/stuff/zerobin.u @ rev 19150
Add fzy
| author | Paul Issott <paul@slitaz.org> |
|---|---|
| date | Mon May 23 15:19:32 2016 +0200 (2016-05-23) |
| parents | 0baeb3ed8570 |
| children | 7a16da2c93b9 |
line diff
1.1 --- a/zerobin/stuff/zerobin.u Sun Feb 24 18:40:38 2013 +0100 1.2 +++ b/zerobin/stuff/zerobin.u Mon May 23 15:19:32 2016 +0200 1.3 @@ -1,51 +1,51 @@ 1.4 --- index.php 1.5 +++ index.php 1.6 @@ -17,6 +17,13 @@ 1.7 - $_COOKIE = array_map('stripslashes_deep', $_COOKIE); 1.8 - } 1.9 - 1.10 -+function remote_address() 1.11 -+{ 1.12 -+ // if (isset($_SERVER["HTTP_X_FORWARDED_FOR"])) 1.13 -+ // return $_SERVER["HTTP_X_FORWARDED_FOR"]; 1.14 -+ return $_SERVER["REMOTE_ADDR"]; 1.15 -+} 1.16 -+ 1.17 - // trafic_limiter : Make sure the IP address makes at most 1 request every 10 seconds. 1.18 - // Will return false if IP address made a call less than 10 seconds ago. 1.19 - function trafic_limiter_canPass($ip) 1.20 + $_COOKIE = array_map('stripslashes_deep', $_COOKIE); 1.21 + } 1.22 + 1.23 ++function remote_address() 1.24 ++{ 1.25 ++ // if (isset($_SERVER["HTTP_X_FORWARDED_FOR"])) 1.26 ++ // return $_SERVER["HTTP_X_FORWARDED_FOR"]; 1.27 ++ return $_SERVER["REMOTE_ADDR"]; 1.28 ++} 1.29 ++ 1.30 + // trafic_limiter : Make sure the IP address makes at most 1 request every 10 seconds. 1.31 + // Will return false if IP address made a call less than 10 seconds ago. 1.32 + function trafic_limiter_canPass($ip) 1.33 @@ -144,7 +151,7 @@ 1.34 - } 1.35 - 1.36 - // Make sure last paste from the IP address was more than 10 seconds ago. 1.37 -- if (!trafic_limiter_canPass($_SERVER['REMOTE_ADDR'])) 1.38 -+ if (!trafic_limiter_canPass(remote_address())) 1.39 - { echo json_encode(array('status'=>1,'message'=>'Please wait 10 seconds between each post.')); exit; } 1.40 - 1.41 - // Make sure content is not too big. 1.42 + } 1.43 + 1.44 + // Make sure last paste from the IP address was more than 10 seconds ago. 1.45 +- if (!trafic_limiter_canPass($_SERVER['REMOTE_ADDR'])) 1.46 ++ if (!trafic_limiter_canPass(remote_address())) 1.47 + { echo json_encode(array('status'=>1,'message'=>'Please wait 10 seconds between each post.')); exit; } 1.48 + 1.49 + // Make sure content is not too big. 1.50 @@ -216,7 +223,7 @@ 1.51 - // (We assume that if the user did not enter a nickname, he/she wants 1.52 - // to be anonymous and we will not generate the vizhash.) 1.53 - $vz = new vizhash16x16(); 1.54 -- $pngdata = $vz->generate($_SERVER['REMOTE_ADDR']); 1.55 -+ $pngdata = $vz->generate(remote_address()); 1.56 - if ($pngdata!='') $meta['vizhash'] = 'data:image/png;base64,'.base64_encode($pngdata); 1.57 - // Once the avatar is generated, we do not keep the IP address, nor its hash. 1.58 - } 1.59 + // (We assume that if the user did not enter a nickname, he/she wants 1.60 + // to be anonymous and we will not generate the vizhash.) 1.61 + $vz = new vizhash16x16(); 1.62 +- $pngdata = $vz->generate($_SERVER['REMOTE_ADDR']); 1.63 ++ $pngdata = $vz->generate(remote_address()); 1.64 + if ($pngdata!='') $meta['vizhash'] = 'data:image/png;base64,'.base64_encode($pngdata); 1.65 + // Once the avatar is generated, we do not keep the IP address, nor its hash. 1.66 + } 1.67 --- js/zerobin.js 1.68 +++ js/zerobin.js 1.69 -@@ -326,7 +326,13 @@ 1.70 - return; 1.71 - } 1.72 - showStatus('Sending paste...', spin=true); 1.73 -- var randomkey = sjcl.codec.base64.fromBits(sjcl.random.randomWords(8, 0), 0); 1.74 -+ var randomkey = (window.location.hash.length > 2) ? 1.75 -+ // force key 1.76 -+ window.location.hash.substring(1) : 1.77 -+ // Generate a random 256 bits key, encoded in base64: 1.78 -+ sjcl.codec.base64.fromBits(sjcl.random.randomWords(8,0),0); 1.79 -+ if (randomkey.charAt(randomkey.length-1) !== '=') 1.80 -+ randomkey+='='; // Add trailing = if missing. 1.81 - var cipherdata = zeroCipher(randomkey, $('textarea#message').val()); 1.82 - var data_to_send = { data: cipherdata, 1.83 - expire: $('select#pasteExpiration').val(), 1.84 +@@ -340,7 +340,13 @@ 1.85 + 1.86 + showStatus('Sending paste...', spin=true); 1.87 + 1.88 +- var randomkey = sjcl.codec.base64.fromBits(sjcl.random.randomWords(8, 0), 0); 1.89 ++ var randomkey = (window.location.hash.length > 2) ? 1.90 ++ // force key 1.91 ++ window.location.hash.substring(1) : 1.92 ++ // Generate a random 256 bits key, encoded in base64: 1.93 ++ sjcl.codec.base64.fromBits(sjcl.random.randomWords(8,0),0); 1.94 ++ if (randomkey.charAt(randomkey.length-1) !== '=') 1.95 ++ randomkey+='='; // Add trailing = if missing. 1.96 + var cipherdata = zeroCipher(randomkey, $('textarea#message').val()); 1.97 + var data_to_send = { data: cipherdata, 1.98 + expire: $('select#pasteExpiration').val(),