wok rev 14109

Up zerobin (0.17_alpha)
author Pascal Bellard <pascal.bellard@slitaz.org>
date Sun Feb 24 11:44:36 2013 +0100 (2013-02-24)
parents cc1a7a187042
children 7ad0051245b2
files zerobin/receipt zerobin/stuff/zerobin.u
line diff
     1.1 --- a/zerobin/receipt	Sun Feb 24 09:19:30 2013 +0100
     1.2 +++ b/zerobin/receipt	Sun Feb 24 11:44:36 2013 +0100
     1.3 @@ -1,7 +1,7 @@
     1.4  # SliTaz package receipt.
     1.5  
     1.6  PACKAGE="zerobin"
     1.7 -VERSION="0.15_alpha"
     1.8 +VERSION="0.17_alpha"
     1.9  CATEGORY="network"
    1.10  SHORT_DESC="Online pastebin where the server has zero knowledge of pasted data."
    1.11  MAINTAINER="pascal.bellard@slitaz.org"
     2.1 --- a/zerobin/stuff/zerobin.u	Sun Feb 24 09:19:30 2013 +0100
     2.2 +++ b/zerobin/stuff/zerobin.u	Sun Feb 24 11:44:36 2013 +0100
     2.3 @@ -1,74 +1,51 @@
     2.4 ---- lib/zerobin.js
     2.5 -+++ lib/zerobin.js
     2.6 -@@ -180,7 +180,12 @@
     2.7 - {
     2.8 -     if ($('textarea#message').val().length==0) return; // Do not send if no data.
     2.9 -     showStatus('Sending paste...',spin=true); 
    2.10 --    var randomkey = sjcl.codec.base64.fromBits(sjcl.random.randomWords(8,0),0);
    2.11 -+    var randomkey = (window.location.hash.length > 2) ?
    2.12 -+    	// force key
    2.13 -+    	window.location.hash.substring(1) :
    2.14 -+    	// Generate a random 256 bits key, encoded in base64:
    2.15 -+    	sjcl.codec.base64.fromBits(sjcl.random.randomWords(8,0),0);
    2.16 -+    if (randomkey.charAt(randomkey.length-1)!=='=') randomkey+='='; // Add trailing = if missing.
    2.17 -     var cipherdata = zeroCipher(randomkey,$('textarea#message').val());
    2.18 -     var data_to_send =  { data:cipherdata,
    2.19 -                           expire:$('select#pasteExpiration').val(),
    2.20  --- index.php
    2.21  +++ index.php
    2.22 -@@ -16,6 +16,14 @@
    2.23 +@@ -17,6 +17,13 @@
    2.24       $_COOKIE = array_map('stripslashes_deep', $_COOKIE);
    2.25   }
    2.26   
    2.27 -+function remote_address()
    2.28 -+
    2.29 ++function remote_address()
    2.30  +{
    2.31 -+    if (isset($_SERVER["HTTP_X_FORWARDED_FOR"]))
    2.32 -+    	return $_SERVER["HTTP_X_FORWARDED_FOR"];
    2.33 -+    return $_SERVER["REMOTE_ADDR"];
    2.34 ++	if (isset($_SERVER["HTTP_X_FORWARDED_FOR"]))
    2.35 ++		return $_SERVER["HTTP_X_FORWARDED_FOR"];
    2.36 ++	return $_SERVER["REMOTE_ADDR"];
    2.37  +}
    2.38  +
    2.39   // trafic_limiter : Make sure the IP address makes at most 1 request every 10 seconds.
    2.40   // Will return false if IP address made a call less than 10 seconds ago.
    2.41   function trafic_limiter_canPass($ip)
    2.42 -@@ -136,7 +144,7 @@
    2.43 -     }  
    2.44 -     
    2.45 -     // Make sure last paste from the IP address was more than 10 seconds ago. 
    2.46 +@@ -137,7 +144,7 @@
    2.47 +     }
    2.48 + 
    2.49 +     // Make sure last paste from the IP address was more than 10 seconds ago.
    2.50  -    if (!trafic_limiter_canPass($_SERVER['REMOTE_ADDR']))
    2.51  +    if (!trafic_limiter_canPass(remote_address()))
    2.52           { echo json_encode(array('status'=>1,'message'=>'Please wait 10 seconds between each post.')); exit; }
    2.53   
    2.54       // Make sure content is not too big.
    2.55 -@@ -191,7 +199,7 @@
    2.56 +@@ -192,7 +199,7 @@
    2.57               // (We assume that if the user did not enter a nickname, he/she wants
    2.58               // to be anonymous and we will not generate the vizhash.)
    2.59               $vz = new vizhash16x16();
    2.60  -            $pngdata = $vz->generate($_SERVER['REMOTE_ADDR']);
    2.61  +            $pngdata = $vz->generate(remote_address());
    2.62 -             if ($pngdata!='') $meta['vizhash'] = 'data:image/png;base64,'.base64_encode($pngdata);  
    2.63 -             // Once the avatar is generated, we do not keep the IP address, nor its hash.           
    2.64 -         }            
    2.65 -@@ -286,11 +294,11 @@
    2.66 -             if ($ERRORMESSAGE=='') // If no error, return the paste.
    2.67 -             {
    2.68 -                 // We kindly provide the remaining time before expiration (in seconds)
    2.69 --                if ($paste->meta->expire_date) $paste->meta->remaining_time = $paste->meta->expire_date - time();
    2.70 -+                if (isset($paste->meta->expire_date)) $paste->meta->remaining_time = $paste->meta->expire_date - time();
    2.71 - 
    2.72 -                 $messages = array($paste); // The paste itself is the first in the list of encrypted messages.
    2.73 -                 // If it's a discussion, get all comments.
    2.74 --                if ($paste->meta->opendiscussion)
    2.75 -+                if (isset($paste->meta->opendiscussion))
    2.76 -                 {
    2.77 -                     $comments=array();
    2.78 -                     $datadir = dataid2discussionpath($dataid);
    2.79 -@@ -318,7 +326,7 @@
    2.80 -                 $CIPHERDATA = json_encode($messages);
    2.81 -                 
    2.82 -                 // If the paste was meant to be read only once, delete it.
    2.83 --                if ($paste->meta->burnafterreading) deletePaste($dataid);
    2.84 -+                if (isset($paste->meta->burnafterreading)) deletePaste($dataid);
    2.85 -             }
    2.86 +             if ($pngdata!='') $meta['vizhash'] = 'data:image/png;base64,'.base64_encode($pngdata);
    2.87 +             // Once the avatar is generated, we do not keep the IP address, nor its hash.
    2.88           }
    2.89 -         else
    2.90 +--- js/zerobin.js
    2.91 ++++ js/zerobin.js
    2.92 +@@ -308,7 +308,13 @@
    2.93 +         return;
    2.94 +     }
    2.95 +     showStatus('Sending paste...', spin=true);
    2.96 +-    var randomkey = sjcl.codec.base64.fromBits(sjcl.random.randomWords(8, 0), 0);
    2.97 ++    var randomkey = (window.location.hash.length > 2) ?
    2.98 ++	// force key
    2.99 ++	window.location.hash.substring(1) :
   2.100 ++	// Generate a random 256 bits key, encoded in base64:
   2.101 ++	sjcl.codec.base64.fromBits(sjcl.random.randomWords(8,0),0);
   2.102 ++    if (randomkey.charAt(randomkey.length-1) !== '=')
   2.103 ++	randomkey+='='; // Add trailing = if missing.
   2.104 +     var cipherdata = zeroCipher(randomkey, $('textarea#message').val());
   2.105 +     var data_to_send = { data:           cipherdata,
   2.106 +                          expire:         $('select#pasteExpiration').val(),