Merge branch 'master' into jsrefactor

This commit is contained in:
El RIDO 2017-02-25 07:30:44 +01:00
commit e880f7924c
No known key found for this signature in database
GPG key ID: 0F5C940A6BD81F92
5 changed files with 20 additions and 17 deletions

View file

@ -334,19 +334,16 @@ class PrivateBin
// accessing this property ensures that the paste would be // accessing this property ensures that the paste would be
// deleted if it has already expired // deleted if it has already expired
$burnafterreading = $paste->isBurnafterreading(); $burnafterreading = $paste->isBurnafterreading();
if ($deletetoken == 'burnafterreading') { if (
if ($burnafterreading) { ($burnafterreading && $deletetoken == 'burnafterreading') ||
$paste->delete(); Filter::slowEquals($deletetoken, $paste->getDeleteToken())
$this->_return_message(0, $dataid); ) {
} else { // Paste exists and deletion token is valid: Delete the paste.
$this->_return_message(1, 'Paste is not of burn-after-reading type.'); $paste->delete();
} $this->_status = 'Paste was properly deleted.';
} else { } else {
// Make sure the token is valid. if (!$burnafterreading && $deletetoken == 'burnafterreading') {
if (Filter::slowEquals($deletetoken, $paste->getDeleteToken())) { $this->_error = 'Paste is not of burn-after-reading type.';
// Paste exists and deletion token is valid: Delete the paste.
$paste->delete();
$this->_status = 'Paste was properly deleted.';
} else { } else {
$this->_error = 'Wrong deletion token. Paste was not deleted.'; $this->_error = 'Wrong deletion token. Paste was not deleted.';
} }
@ -357,6 +354,13 @@ class PrivateBin
} catch (Exception $e) { } catch (Exception $e) {
$this->_error = $e->getMessage(); $this->_error = $e->getMessage();
} }
if ($this->_request->isJsonApiCall()) {
if (strlen($this->_error)) {
$this->_return_message(1, $this->_error);
} else {
$this->_return_message(0, $dataid);
}
}
} }
/** /**

View file

@ -69,7 +69,7 @@ if ($MARKDOWN):
<?php <?php
endif; endif;
?> ?>
<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" crossorigin="anonymous"></script> <script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-vYYJYraxQNOf41XtehLBU2JbIQ2Uffe+n8TjHyWkpqoZdZX4aL5zyABrUNvRUP02+AxoRsmNJkpvIbmeQqcIXg==" crossorigin="anonymous"></script>
<!--[if lt IE 10]> <!--[if lt IE 10]>
<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style> <style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
<![endif]--> <![endif]-->

View file

@ -47,7 +47,7 @@ if ($MARKDOWN):
<?php <?php
endif; endif;
?> ?>
<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-CvVHawXqZ6ArGeNCmrYkd9brSbFtb73JfnMzj92d9NzNGRxc2O6nPm2d7CX8pgeughLQ45jfL9gidTktUNxvOQ==" crossorigin="anonymous"></script> <script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-vYYJYraxQNOf41XtehLBU2JbIQ2Uffe+n8TjHyWkpqoZdZX4aL5zyABrUNvRUP02+AxoRsmNJkpvIbmeQqcIXg==" crossorigin="anonymous"></script>
<!--[if lt IE 10]> <!--[if lt IE 10]>
<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style> <style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
<![endif]--> <![endif]-->

View file

@ -147,10 +147,9 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
$this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data'); $this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data');
$paste = $this->_model->read(Helper::getPasteId()); $paste = $this->_model->read(Helper::getPasteId());
$_POST = array( $_POST = array(
'action' => 'delete', 'pasteid' => Helper::getPasteId(),
'deletetoken' => hash_hmac('sha256', Helper::getPasteId(), $paste->meta->salt), 'deletetoken' => hash_hmac('sha256', Helper::getPasteId(), $paste->meta->salt),
); );
$_SERVER['QUERY_STRING'] = Helper::getPasteId();
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest'; $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
$_SERVER['REQUEST_METHOD'] = 'POST'; $_SERVER['REQUEST_METHOD'] = 'POST';
ob_start(); ob_start();

View file

@ -1047,7 +1047,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
ob_end_clean(); ob_end_clean();
$response = json_decode($content, true); $response = json_decode($content, true);
$this->assertEquals(1, $response['status'], 'outputs status'); $this->assertEquals(1, $response['status'], 'outputs status');
$this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste successfully deleted'); $this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists after failing to delete data');
} }
/** /**