wok rev 18735
Up zerobin (6 feb 2014)
author | Pascal Bellard <pascal.bellard@slitaz.org> |
---|---|
date | Mon Dec 21 16:28:32 2015 +0100 (2015-12-21) |
parents | d6ca18366f41 |
children | c8f848a49bc1 |
files | zerobin/receipt zerobin/stuff/zerobin.u |
line diff
1.1 --- a/zerobin/receipt Mon Dec 21 02:53:09 2015 +0200 1.2 +++ b/zerobin/receipt Mon Dec 21 16:28:32 2015 +0100 1.3 @@ -1,14 +1,15 @@ 1.4 # SliTaz package receipt. 1.5 1.6 PACKAGE="zerobin" 1.7 -VERSION="0.18_alpha" 1.8 +GITHASH="8cae64d6eab99fb0d31868df77846285c0958ed0" # 6 feb 2014 1.9 +VERSION="${GITHASH:0:7}" 1.10 CATEGORY="network" 1.11 SHORT_DESC="Online pastebin where the server has zero knowledge of pasted data." 1.12 MAINTAINER="pascal.bellard@slitaz.org" 1.13 LICENSE="zlib/libpng" 1.14 -TARBALL="${PACKAGE}_$VERSION.zip" 1.15 +TARBALL="$PACKAGE-$VERSION.tar.gz" 1.16 WEB_SITE="http://sebsauvage.net/wiki/doku.php?id=php:zerobin" 1.17 -WGET_URL="http://sebsauvage.net/files/$TARBALL" 1.18 +WGET_URL="https://github.com/sebsauvage/ZeroBin/archive/$VERSION.tar.gz" 1.19 HOST_ARCH="any" 1.20 1.21 DEPENDS="php" 1.22 @@ -17,9 +18,7 @@ 1.23 # Rules to configure and make the package. 1.24 compile_rules() 1.25 { 1.26 - cd $src 1.27 patch -p0 < $stuff/zerobin.u 1.28 - find css js lib tpl -type f | xargs dos2unix *.* 1.29 } 1.30 1.31 # Rules to gen a SliTaz package suitable for Tazpkg.
2.1 --- a/zerobin/stuff/zerobin.u Mon Dec 21 02:53:09 2015 +0200 2.2 +++ b/zerobin/stuff/zerobin.u Mon Dec 21 16:28:32 2015 +0100 2.3 @@ -1,51 +1,51 @@ 2.4 --- index.php 2.5 +++ index.php 2.6 @@ -17,6 +17,13 @@ 2.7 - $_COOKIE = array_map('stripslashes_deep', $_COOKIE); 2.8 - } 2.9 - 2.10 -+function remote_address() 2.11 -+{ 2.12 -+ // if (isset($_SERVER["HTTP_X_FORWARDED_FOR"])) 2.13 -+ // return $_SERVER["HTTP_X_FORWARDED_FOR"]; 2.14 -+ return $_SERVER["REMOTE_ADDR"]; 2.15 -+} 2.16 -+ 2.17 - // trafic_limiter : Make sure the IP address makes at most 1 request every 10 seconds. 2.18 - // Will return false if IP address made a call less than 10 seconds ago. 2.19 - function trafic_limiter_canPass($ip) 2.20 + $_COOKIE = array_map('stripslashes_deep', $_COOKIE); 2.21 + } 2.22 + 2.23 ++function remote_address() 2.24 ++{ 2.25 ++ // if (isset($_SERVER["HTTP_X_FORWARDED_FOR"])) 2.26 ++ // return $_SERVER["HTTP_X_FORWARDED_FOR"]; 2.27 ++ return $_SERVER["REMOTE_ADDR"]; 2.28 ++} 2.29 ++ 2.30 + // trafic_limiter : Make sure the IP address makes at most 1 request every 10 seconds. 2.31 + // Will return false if IP address made a call less than 10 seconds ago. 2.32 + function trafic_limiter_canPass($ip) 2.33 @@ -144,7 +151,7 @@ 2.34 - } 2.35 - 2.36 - // Make sure last paste from the IP address was more than 10 seconds ago. 2.37 -- if (!trafic_limiter_canPass($_SERVER['REMOTE_ADDR'])) 2.38 -+ if (!trafic_limiter_canPass(remote_address())) 2.39 - { echo json_encode(array('status'=>1,'message'=>'Please wait 10 seconds between each post.')); exit; } 2.40 - 2.41 - // Make sure content is not too big. 2.42 + } 2.43 + 2.44 + // Make sure last paste from the IP address was more than 10 seconds ago. 2.45 +- if (!trafic_limiter_canPass($_SERVER['REMOTE_ADDR'])) 2.46 ++ if (!trafic_limiter_canPass(remote_address())) 2.47 + { echo json_encode(array('status'=>1,'message'=>'Please wait 10 seconds between each post.')); exit; } 2.48 + 2.49 + // Make sure content is not too big. 2.50 @@ -216,7 +223,7 @@ 2.51 - // (We assume that if the user did not enter a nickname, he/she wants 2.52 - // to be anonymous and we will not generate the vizhash.) 2.53 - $vz = new vizhash16x16(); 2.54 -- $pngdata = $vz->generate($_SERVER['REMOTE_ADDR']); 2.55 -+ $pngdata = $vz->generate(remote_address()); 2.56 - if ($pngdata!='') $meta['vizhash'] = 'data:image/png;base64,'.base64_encode($pngdata); 2.57 - // Once the avatar is generated, we do not keep the IP address, nor its hash. 2.58 - } 2.59 + // (We assume that if the user did not enter a nickname, he/she wants 2.60 + // to be anonymous and we will not generate the vizhash.) 2.61 + $vz = new vizhash16x16(); 2.62 +- $pngdata = $vz->generate($_SERVER['REMOTE_ADDR']); 2.63 ++ $pngdata = $vz->generate(remote_address()); 2.64 + if ($pngdata!='') $meta['vizhash'] = 'data:image/png;base64,'.base64_encode($pngdata); 2.65 + // Once the avatar is generated, we do not keep the IP address, nor its hash. 2.66 + } 2.67 --- js/zerobin.js 2.68 +++ js/zerobin.js 2.69 -@@ -326,7 +326,13 @@ 2.70 - return; 2.71 - } 2.72 - showStatus('Sending paste...', spin=true); 2.73 -- var randomkey = sjcl.codec.base64.fromBits(sjcl.random.randomWords(8, 0), 0); 2.74 -+ var randomkey = (window.location.hash.length > 2) ? 2.75 -+ // force key 2.76 -+ window.location.hash.substring(1) : 2.77 -+ // Generate a random 256 bits key, encoded in base64: 2.78 -+ sjcl.codec.base64.fromBits(sjcl.random.randomWords(8,0),0); 2.79 -+ if (randomkey.charAt(randomkey.length-1) !== '=') 2.80 -+ randomkey+='='; // Add trailing = if missing. 2.81 - var cipherdata = zeroCipher(randomkey, $('textarea#message').val()); 2.82 - var data_to_send = { data: cipherdata, 2.83 - expire: $('select#pasteExpiration').val(), 2.84 +@@ -340,7 +340,13 @@ 2.85 + 2.86 + showStatus('Sending paste...', spin=true); 2.87 + 2.88 +- var randomkey = sjcl.codec.base64.fromBits(sjcl.random.randomWords(8, 0), 0); 2.89 ++ var randomkey = (window.location.hash.length > 2) ? 2.90 ++ // force key 2.91 ++ window.location.hash.substring(1) : 2.92 ++ // Generate a random 256 bits key, encoded in base64: 2.93 ++ sjcl.codec.base64.fromBits(sjcl.random.randomWords(8,0),0); 2.94 ++ if (randomkey.charAt(randomkey.length-1) !== '=') 2.95 ++ randomkey+='='; // Add trailing = if missing. 2.96 + var cipherdata = zeroCipher(randomkey, $('textarea#message').val()); 2.97 + var data_to_send = { data: cipherdata, 2.98 + expire: $('select#pasteExpiration').val(),