wok rev 13156
zerobin: fix zerobin.u
author | Pascal Bellard <pascal.bellard@slitaz.org> |
---|---|
date | Tue Jul 17 08:53:48 2012 +0200 (2012-07-17) |
parents | 37066c566083 |
children | 12b713676e9a |
files | zerobin/stuff/zerobin.u |
line diff
1.1 --- a/zerobin/stuff/zerobin.u Mon Jul 16 13:18:48 2012 +0200 1.2 +++ b/zerobin/stuff/zerobin.u Tue Jul 17 08:53:48 2012 +0200 1.3 @@ -16,59 +16,59 @@ 1.4 expire:$('select#pasteExpiration').val(), 1.5 --- index.php 1.6 +++ index.php 1.7 -@@ -16,6 +16,13 @@ 1.8 - $_COOKIE = array_map('stripslashes_deep', $_COOKIE); 1.9 - } 1.10 - 1.11 +@@ -16,6 +16,14 @@ 1.12 + $_COOKIE = array_map('stripslashes_deep', $_COOKIE); 1.13 + } 1.14 + 1.15 +function remote_address() 1.16 -+{ 1.17 -+ if (isset($_SERVER["HTTP_X_FORWARDED_FOR"])) 1.18 -+ return $_SERVER["HTTP_X_FORWARDED_FOR"]; 1.19 -+ return $_SERVER["REMOTE_ADDR"]; 1.20 -+} 1.21 -+ 1.22 - // trafic_limiter : Make sure the IP address makes at most 1 request every 10 seconds. 1.23 - // Will return false if IP address made a call less than 10 seconds ago. 1.24 - function trafic_limiter_canPass($ip) 1.25 -@@ -136,7 +143,7 @@ 1.26 - } 1.27 - 1.28 - // Make sure last paste from the IP address was more than 10 seconds ago. 1.29 -- if (!trafic_limiter_canPass($_SERVER['REMOTE_ADDR'])) 1.30 -+ if (!trafic_limiter_canPass(remote_address())) 1.31 - { echo json_encode(array('status'=>1,'message'=>'Please wait 10 seconds between each post.')); exit; } 1.32 - 1.33 - // Make sure content is not too big. 1.34 -@@ -191,7 +198,7 @@ 1.35 - // (We assume that if the user did not enter a nickname, he/she wants 1.36 - // to be anonymous and we will not generate the vizhash.) 1.37 - $vz = new vizhash16x16(); 1.38 -- $pngdata = $vz->generate($_SERVER['REMOTE_ADDR']); 1.39 -+ $pngdata = $vz->generate(remote_address()); 1.40 - if ($pngdata!='') $meta['vizhash'] = 'data:image/png;base64,'.base64_encode($pngdata); 1.41 - // Once the avatar is generated, we do not keep the IP address, nor its hash. 1.42 - } 1.43 -@@ -286,11 +293,11 @@ 1.44 - if ($ERRORMESSAGE=='') // If no error, return the paste. 1.45 - { 1.46 - // We kindly provide the remaining time before expiration (in seconds) 1.47 -- if ($paste->meta->expire_date) $paste->meta->remaining_time = $paste->meta->expire_date - time(); 1.48 -+ if (isset($paste->meta->expire_date)) $paste->meta->remaining_time = $paste->meta->expire_date - time(); 1.49 - 1.50 - $messages = array($paste); // The paste itself is the first in the list of encrypted messages. 1.51 - // If it's a discussion, get all comments. 1.52 -- if ($paste->meta->opendiscussion) 1.53 -+ if (isset($paste->meta->opendiscussion)) 1.54 - { 1.55 - $comments=array(); 1.56 - $datadir = dataid2discussionpath($dataid); 1.57 -@@ -318,7 +325,7 @@ 1.58 - $CIPHERDATA = json_encode($messages); 1.59 - 1.60 - // If the paste was meant to be read only once, delete it. 1.61 -- if ($paste->meta->burnafterreading) deletePaste($dataid); 1.62 -+ if (isset($paste->meta->burnafterreading)) deletePaste($dataid); 1.63 - } 1.64 - } 1.65 - else 1.66 - 1.67 ++ 1.68 ++{ 1.69 ++ if (isset($_SERVER["HTTP_X_FORWARDED_FOR"])) 1.70 ++ return $_SERVER["HTTP_X_FORWARDED_FOR"]; 1.71 ++ return $_SERVER["REMOTE_ADDR"]; 1.72 ++} 1.73 ++ 1.74 + // trafic_limiter : Make sure the IP address makes at most 1 request every 10 seconds. 1.75 + // Will return false if IP address made a call less than 10 seconds ago. 1.76 + function trafic_limiter_canPass($ip) 1.77 +@@ -136,7 +144,7 @@ 1.78 + } 1.79 + 1.80 + // Make sure last paste from the IP address was more than 10 seconds ago. 1.81 +- if (!trafic_limiter_canPass($_SERVER['REMOTE_ADDR'])) 1.82 ++ if (!trafic_limiter_canPass(remote_address())) 1.83 + { echo json_encode(array('status'=>1,'message'=>'Please wait 10 seconds between each post.')); exit; } 1.84 + 1.85 + // Make sure content is not too big. 1.86 +@@ -191,7 +199,7 @@ 1.87 + // (We assume that if the user did not enter a nickname, he/she wants 1.88 + // to be anonymous and we will not generate the vizhash.) 1.89 + $vz = new vizhash16x16(); 1.90 +- $pngdata = $vz->generate($_SERVER['REMOTE_ADDR']); 1.91 ++ $pngdata = $vz->generate(remote_address()); 1.92 + if ($pngdata!='') $meta['vizhash'] = 'data:image/png;base64,'.base64_encode($pngdata); 1.93 + // Once the avatar is generated, we do not keep the IP address, nor its hash. 1.94 + } 1.95 +@@ -286,11 +294,11 @@ 1.96 + if ($ERRORMESSAGE=='') // If no error, return the paste. 1.97 + { 1.98 + // We kindly provide the remaining time before expiration (in seconds) 1.99 +- if ($paste->meta->expire_date) $paste->meta->remaining_time = $paste->meta->expire_date - time(); 1.100 ++ if (isset($paste->meta->expire_date)) $paste->meta->remaining_time = $paste->meta->expire_date - time(); 1.101 + 1.102 + $messages = array($paste); // The paste itself is the first in the list of encrypted messages. 1.103 + // If it's a discussion, get all comments. 1.104 +- if ($paste->meta->opendiscussion) 1.105 ++ if (isset($paste->meta->opendiscussion)) 1.106 + { 1.107 + $comments=array(); 1.108 + $datadir = dataid2discussionpath($dataid); 1.109 +@@ -318,7 +326,7 @@ 1.110 + $CIPHERDATA = json_encode($messages); 1.111 + 1.112 + // If the paste was meant to be read only once, delete it. 1.113 +- if ($paste->meta->burnafterreading) deletePaste($dataid); 1.114 ++ if (isset($paste->meta->burnafterreading)) deletePaste($dataid); 1.115 + } 1.116 + } 1.117 + else