updated base64.js to version 2.1.9, using minified version found at
9192c510f5/base64.min.js
kudos Dan Kogai
small improvements to input checking
implementing default values for most configuration options
switching to versioned JS files to avoid version hack used in templateThis commit is contained in:
El RIDO
parent
7bc8c14df6
commit
49c6e3c1b6
9 changed files with 62 additions and 33 deletions
12
cfg/conf.ini
12
cfg/conf.ini
|
|
@ -8,21 +8,25 @@
|
|||
; @version 0.18
|
||||
|
||||
[main]
|
||||
; enable or disable discussions
|
||||
; enable or disable discussions, defaults to true
|
||||
opendiscussion = true
|
||||
|
||||
; enable or disable syntax highlighting
|
||||
; enable or disable syntax highlighting, defaults to true
|
||||
syntaxhighlighting = true
|
||||
|
||||
; preselect the burn-after-reading feature by default
|
||||
; preselect the burn-after-reading feature by default, defaults to false
|
||||
burnafterreadingselected = false
|
||||
|
||||
; size limit per paste or comment in bytes, default is 2 Mibibytes
|
||||
; size limit per paste or comment in bytes, defaults to 2 Mibibytes
|
||||
sizelimit = 2097152
|
||||
|
||||
; template to include, default is "page" (tpl/page.html)
|
||||
template = "page"
|
||||
|
||||
; base64.js library version, defaults to 2.1.9
|
||||
; use "1.7" if you are upgrading from a ZeroBin Alpha 0.19 installation
|
||||
base64version = "2.1.9"
|
||||
|
||||
[expire]
|
||||
; expire value that is selected per default
|
||||
; make sure the value exists in [expire_options]
|
||||
|
|
|
|||
1
js/base64-2.1.9.js
Normal file
1
js/base64-2.1.9.js
Normal file
|
|
@ -0,0 +1 @@
|
|||
(function(global){"use strict";var _Base64=global.Base64;var version="2.1.9";var buffer;if(typeof module!=="undefined"&&module.exports){try{buffer=require("buffer").Buffer}catch(err){}}var b64chars="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";var b64tab=function(bin){var t={};for(var i=0,l=bin.length;i<l;i++)t[bin.charAt(i)]=i;return t}(b64chars);var fromCharCode=String.fromCharCode;var cb_utob=function(c){if(c.length<2){var cc=c.charCodeAt(0);return cc<128?c:cc<2048?fromCharCode(192|cc>>>6)+fromCharCode(128|cc&63):fromCharCode(224|cc>>>12&15)+fromCharCode(128|cc>>>6&63)+fromCharCode(128|cc&63)}else{var cc=65536+(c.charCodeAt(0)-55296)*1024+(c.charCodeAt(1)-56320);return fromCharCode(240|cc>>>18&7)+fromCharCode(128|cc>>>12&63)+fromCharCode(128|cc>>>6&63)+fromCharCode(128|cc&63)}};var re_utob=/[\uD800-\uDBFF][\uDC00-\uDFFFF]|[^\x00-\x7F]/g;var utob=function(u){return u.replace(re_utob,cb_utob)};var cb_encode=function(ccc){var padlen=[0,2,1][ccc.length%3],ord=ccc.charCodeAt(0)<<16|(ccc.length>1?ccc.charCodeAt(1):0)<<8|(ccc.length>2?ccc.charCodeAt(2):0),chars=[b64chars.charAt(ord>>>18),b64chars.charAt(ord>>>12&63),padlen>=2?"=":b64chars.charAt(ord>>>6&63),padlen>=1?"=":b64chars.charAt(ord&63)];return chars.join("")};var btoa=global.btoa?function(b){return global.btoa(b)}:function(b){return b.replace(/[\s\S]{1,3}/g,cb_encode)};var _encode=buffer?function(u){return(u.constructor===buffer.constructor?u:new buffer(u)).toString("base64")}:function(u){return btoa(utob(u))};var encode=function(u,urisafe){return!urisafe?_encode(String(u)):_encode(String(u)).replace(/[+\/]/g,function(m0){return m0=="+"?"-":"_"}).replace(/=/g,"")};var encodeURI=function(u){return encode(u,true)};var re_btou=new RegExp(["[À-ß][-¿]","[à-ï][-¿]{2}","[ð-÷][-¿]{3}"].join("|"),"g");var cb_btou=function(cccc){switch(cccc.length){case 4:var cp=(7&cccc.charCodeAt(0))<<18|(63&cccc.charCodeAt(1))<<12|(63&cccc.charCodeAt(2))<<6|63&cccc.charCodeAt(3),offset=cp-65536;return fromCharCode((offset>>>10)+55296)+fromCharCode((offset&1023)+56320);case 3:return fromCharCode((15&cccc.charCodeAt(0))<<12|(63&cccc.charCodeAt(1))<<6|63&cccc.charCodeAt(2));default:return fromCharCode((31&cccc.charCodeAt(0))<<6|63&cccc.charCodeAt(1))}};var btou=function(b){return b.replace(re_btou,cb_btou)};var cb_decode=function(cccc){var len=cccc.length,padlen=len%4,n=(len>0?b64tab[cccc.charAt(0)]<<18:0)|(len>1?b64tab[cccc.charAt(1)]<<12:0)|(len>2?b64tab[cccc.charAt(2)]<<6:0)|(len>3?b64tab[cccc.charAt(3)]:0),chars=[fromCharCode(n>>>16),fromCharCode(n>>>8&255),fromCharCode(n&255)];chars.length-=[0,0,2,1][padlen];return chars.join("")};var atob=global.atob?function(a){return global.atob(a)}:function(a){return a.replace(/[\s\S]{1,4}/g,cb_decode)};var _decode=buffer?function(a){return(a.constructor===buffer.constructor?a:new buffer(a,"base64")).toString()}:function(a){return btou(atob(a))};var decode=function(a){return _decode(String(a).replace(/[-_]/g,function(m0){return m0=="-"?"+":"/"}).replace(/[^A-Za-z0-9\+\/]/g,""))};var noConflict=function(){var Base64=global.Base64;global.Base64=_Base64;return Base64};global.Base64={VERSION:version,atob:atob,btoa:btoa,fromBase64:decode,toBase64:encode,utob:utob,encode:encode,encodeURI:encodeURI,btou:btou,decode:decode,noConflict:noConflict};if(typeof Object.defineProperty==="function"){var noEnum=function(v){return{value:v,enumerable:false,writable:true,configurable:true}};global.Base64.extendString=function(){Object.defineProperty(String.prototype,"fromBase64",noEnum(function(){return decode(this)}));Object.defineProperty(String.prototype,"toBase64",noEnum(function(urisafe){return encode(this,urisafe)}));Object.defineProperty(String.prototype,"toBase64URI",noEnum(function(){return encode(this,true)}))}}if(global["Meteor"]){Base64=global.Base64}})(this);
|
||||
0
js/jquery.js → js/jquery-1.11.3.js
vendored
0
js/jquery.js → js/jquery-1.11.3.js
vendored
|
|
@ -87,7 +87,8 @@ abstract class persistence
|
|||
file_put_contents(
|
||||
$file,
|
||||
'Allow from none' . PHP_EOL .
|
||||
'Deny from all'. PHP_EOL
|
||||
'Deny from all'. PHP_EOL,
|
||||
LOCK_EX
|
||||
);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -110,11 +110,17 @@ class zerobin
|
|||
if (!is_file(PATH . $dir . '/.htaccess')) file_put_contents(
|
||||
PATH . $dir . '/.htaccess',
|
||||
'Allow from none' . PHP_EOL .
|
||||
'Deny from all'. PHP_EOL
|
||||
'Deny from all'. PHP_EOL,
|
||||
LOCK_EX
|
||||
);
|
||||
}
|
||||
|
||||
$this->_conf = parse_ini_file(PATH . 'cfg/conf.ini', true);
|
||||
foreach (array('main', 'model') as $section) {
|
||||
if (!array_key_exists($section, $this->_conf)) die(
|
||||
"ZeroBin requires configuration section [$section] to be present in configuration file."
|
||||
);
|
||||
}
|
||||
$this->_model = $this->_conf['model']['class'];
|
||||
}
|
||||
|
||||
|
|
@ -171,14 +177,13 @@ class zerobin
|
|||
);
|
||||
|
||||
// Make sure content is not too big.
|
||||
$sizelimit = (int) $this->_getMainConfig('sizelimit', 2097152);
|
||||
if (
|
||||
strlen($data) > $this->_conf['main']['sizelimit']
|
||||
strlen($data) > $sizelimit
|
||||
) $this->_return_message(
|
||||
1,
|
||||
'Paste is limited to ' .
|
||||
$this->_conf['main']['sizelimit'] .
|
||||
' ' .
|
||||
filter::size_humanreadable($this->_conf['main']['sizelimit']) .
|
||||
filter::size_humanreadable($sizelimit) .
|
||||
' of encrypted data.'
|
||||
);
|
||||
|
||||
|
|
@ -191,8 +196,9 @@ class zerobin
|
|||
// Read expiration date
|
||||
if (!empty($_POST['expire']))
|
||||
{
|
||||
if (array_key_exists($_POST['expire'], $this->_conf['expire_options'])) {
|
||||
$expire = $this->_conf['expire_options'][$_POST['expire']];
|
||||
$selected_expire = (string) $_POST['expire'];
|
||||
if (array_key_exists($selected_expire, $this->_conf['expire_options'])) {
|
||||
$expire = $this->_conf['expire_options'][$selected_expire];
|
||||
} else {
|
||||
$expire = $this->_conf['expire_options'][$this->_conf['expire']['default']];
|
||||
}
|
||||
|
|
@ -203,9 +209,9 @@ class zerobin
|
|||
if (!empty($_POST['burnafterreading']))
|
||||
{
|
||||
$burnafterreading = $_POST['burnafterreading'];
|
||||
if ($burnafterreading != '0')
|
||||
if ($burnafterreading !== '0')
|
||||
{
|
||||
if ($burnafterreading != '1') $error = true;
|
||||
if ($burnafterreading !== '1') $error = true;
|
||||
$meta['burnafterreading'] = true;
|
||||
}
|
||||
}
|
||||
|
|
@ -214,9 +220,9 @@ class zerobin
|
|||
if ($this->_conf['main']['opendiscussion'] && !empty($_POST['opendiscussion']))
|
||||
{
|
||||
$opendiscussion = $_POST['opendiscussion'];
|
||||
if ($opendiscussion != 0)
|
||||
if ($opendiscussion !== '0')
|
||||
{
|
||||
if ($opendiscussion != 1) $error = true;
|
||||
if ($opendiscussion !== '1') $error = true;
|
||||
$meta['opendiscussion'] = true;
|
||||
}
|
||||
}
|
||||
|
|
@ -269,8 +275,8 @@ class zerobin
|
|||
!empty($_POST['pasteid'])
|
||||
)
|
||||
{
|
||||
$pasteid = $_POST['pasteid'];
|
||||
$parentid = $_POST['parentid'];
|
||||
$pasteid = (string) $_POST['pasteid'];
|
||||
$parentid = (string) $_POST['parentid'];
|
||||
if (
|
||||
!filter::is_valid_paste_id($pasteid) ||
|
||||
!filter::is_valid_paste_id($parentid)
|
||||
|
|
@ -458,19 +464,35 @@ class zerobin
|
|||
$key;
|
||||
}
|
||||
|
||||
RainTPL::$path_replace = false;
|
||||
$page = new RainTPL;
|
||||
$page::$path_replace = false;
|
||||
// we escape it here because ENT_NOQUOTES can't be used in RainTPL templates
|
||||
$page->assign('CIPHERDATA', htmlspecialchars($this->_data, ENT_NOQUOTES));
|
||||
$page->assign('ERROR', $this->_error);
|
||||
$page->assign('STATUS', $this->_status);
|
||||
$page->assign('VERSION', self::VERSION);
|
||||
$page->assign('BURNAFTERREADINGSELECTED', $this->_conf['main']['burnafterreadingselected']);
|
||||
$page->assign('OPENDISCUSSION', $this->_conf['main']['opendiscussion']);
|
||||
$page->assign('SYNTAXHIGHLIGHTING', $this->_conf['main']['syntaxhighlighting']);
|
||||
$page->assign('OPENDISCUSSION', $this->_getMainConfig('opendiscussion', true));
|
||||
$page->assign('SYNTAXHIGHLIGHTING', $this->_getMainConfig('syntaxhighlighting', true));
|
||||
$page->assign('BURNAFTERREADINGSELECTED', $this->_getMainConfig('burnafterreadingselected', false));
|
||||
$page->assign('BASE64JSVERSION', $this->_getMainConfig('base64version', '2.1.9'));
|
||||
$page->assign('EXPIRE', $expire);
|
||||
$page->assign('EXPIREDEFAULT', $this->_conf['expire']['default']);
|
||||
$page->draw($this->_conf['main']['template']);
|
||||
$page->draw($this->_getMainConfig('template', 'page'));
|
||||
}
|
||||
|
||||
/**
|
||||
* get configuration option from [main] section, optionally set a default
|
||||
*
|
||||
* @access private
|
||||
* @param string $option
|
||||
* @param mixed $default (optional)
|
||||
* @return mixed
|
||||
*/
|
||||
private function _getMainConfig($option, $default = false)
|
||||
{
|
||||
return array_key_exists($option, $this->_conf['main']) ?
|
||||
$this->_conf['main'][$option] :
|
||||
$default;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -4,15 +4,15 @@
|
|||
<meta charset="utf-8" />
|
||||
<meta name="robots" content="noindex" />
|
||||
<title>ZeroBin</title>
|
||||
<link type="text/css" rel="stylesheet" href="css/zerobin.css?{$VERSION|rawurlencode}#" />
|
||||
<link type="text/css" rel="stylesheet" href="css/prettify.css?{$VERSION|rawurlencode}#" />
|
||||
<script type="text/javascript" src="js/jquery.js?{$VERSION|rawurlencode}#"></script>
|
||||
<script type="text/javascript" src="js/sjcl.js?{$VERSION|rawurlencode}#"></script>
|
||||
<script type="text/javascript" src="js/base64.js?{$VERSION|rawurlencode}#"></script>
|
||||
<script type="text/javascript" src="js/rawdeflate.js?{$VERSION|rawurlencode}#"></script>
|
||||
<script type="text/javascript" src="js/rawinflate.js?{$VERSION|rawurlencode}#"></script>{if="$SYNTAXHIGHLIGHTING"}
|
||||
<script type="text/javascript" src="js/prettify.js?{$VERSION|rawurlencode}#"></script>{/if}
|
||||
<script type="text/javascript" src="js/zerobin.js?{$VERSION|rawurlencode}#"></script>
|
||||
<link type="text/css" rel="stylesheet" href="css/zerobin.css?{$VERSION|rawurlencode}" />{if="$SYNTAXHIGHLIGHTING"}
|
||||
<link type="text/css" rel="stylesheet" href="css/prettify.css?{$VERSION|rawurlencode}" />{/if}
|
||||
<script type="text/javascript" src="js/jquery-1.11.3.js"></script>
|
||||
<script type="text/javascript" src="js/sjcl-1.0.2.js"></script>
|
||||
<script type="text/javascript" src="js/base64-{$BASE64JSVERSION}.js"></script>
|
||||
<script type="text/javascript" src="js/rawdeflate.js?{$VERSION|rawurlencode}"></script>
|
||||
<script type="text/javascript" src="js/rawinflate.js?{$VERSION|rawurlencode}"></script>{if="$SYNTAXHIGHLIGHTING"}
|
||||
<script type="text/javascript" src="js/prettify.js?{$VERSION|rawurlencode}"></script>{/if}
|
||||
<script type="text/javascript" src="js/zerobin.js?{$VERSION|rawurlencode}"></script>
|
||||
<!--[if lt IE 10]>
|
||||
<style> body {padding-left:60px;padding-right:60px;} div#ienotice {display:block;} </style>
|
||||
<![endif]-->
|
||||
|
|
|
|||
|
|
@ -24,8 +24,8 @@ class RainTPLTest extends PHPUnit_Framework_TestCase
|
|||
/* Setup Routine */
|
||||
$page = new RainTPL;
|
||||
$page::configure(array('cache_dir' => 'tmp/'));
|
||||
$page::$path_replace = false;
|
||||
|
||||
$page = new RainTPL;
|
||||
// We escape it here because ENT_NOQUOTES can't be used in RainTPL templates.
|
||||
$page->assign('CIPHERDATA', htmlspecialchars(self::$data, ENT_NOQUOTES));
|
||||
$page->assign('ERROR', self::$error);
|
||||
|
|
@ -34,6 +34,7 @@ class RainTPLTest extends PHPUnit_Framework_TestCase
|
|||
$page->assign('BURNAFTERREADINGSELECTED', false);
|
||||
$page->assign('OPENDISCUSSION', false);
|
||||
$page->assign('SYNTAXHIGHLIGHTING', true);
|
||||
$page->assign('BASE64JSVERSION', '2.1.9');
|
||||
$page->assign('EXPIRE', self::$expire);
|
||||
$page->assign('EXPIREDEFAULT', self::$expire_default);
|
||||
ob_start();
|
||||
|
|
|
|||
Loading…
Reference in a new issue