PonyMirrors/ponepaste
1
0
Fork 0
mirror of https://github.com/Neetpone/ponepaste.git synced 2025-03-12 06:30:07 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

More misc code cleanup.

Browse source
This commit is contained in:
Floorb 2021-08-17 13:26:26 -04:00
parent 7546b01fa9
commit 0c5c01c424
5 changed files with 21 additions and 64 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
includes/config.php
View file

@ -42,7 +42,8 @@ if (gethostname() === 'thunderlane') {
// Secret key for paste encryption // Secret key for paste encryption
//$sec_key = "8ac67343e7980b16b31e8311d4377bbb"; //$sec_key = "8ac67343e7980b16b31e8311d4377bbb";
$sec_key = ''; const PP_ENCRYPTION_ALGO = 'AES-256-CBC';
const PP_ENCRYPTION_KEY = '';
// Available GeSHi formats // Available GeSHi formats

51
includes/functions.php
View file

@ -118,16 +118,6 @@ function linkify($value, $protocols = array('http', 'mail'), array $attributes =
}, $value); }, $value);
} }
function getRecentreport($conn, $count) {
$query = $conn->prepare("SELECT id, m_report, p_report, rep_reason, t_report FROM user_reports
ORDER BY id DESC
LIMIT 0 , ?");
$query->execute([$count]);
return $query->fetchAll();
}
function getUserRecom(DatabaseHandle $conn, int $user_id) : array { function getUserRecom(DatabaseHandle $conn, int $user_id) : array {
$query = $conn->prepare( $query = $conn->prepare(
"SELECT pastes.id AS id, users.username AS member, title, visible "SELECT pastes.id AS id, users.username AS member, title, visible
@ -140,10 +130,6 @@ function getUserRecom(DatabaseHandle $conn, int $user_id) : array {
return $query->fetchAll(); return $query->fetchAll();
} }
function formatBytes($size, $precision = 2) { function formatBytes($size, $precision = 2) {
$base = log($size, 1024); $base = log($size, 1024);
$suffixes = array('B', 'KB', 'MB', 'GB', 'TB'); $suffixes = array('B', 'KB', 'MB', 'GB', 'TB');
@ -151,20 +137,6 @@ function formatBytes($size, $precision = 2) {
return round(pow(1024, $base - floor($base)), $precision) . ' ' . $suffixes[floor($base)]; return round(pow(1024, $base - floor($base)), $precision) . ' ' . $suffixes[floor($base)];
} }
function encrypt(string $value) : string {
global $sec_key;
return openssl_encrypt($value, "AES-256-CBC", $sec_key);
}
function decrypt(string $value) : string {
global $sec_key;
return openssl_decrypt($value, "AES-256-CBC", $sec_key);
}
function getRecentadmin($conn, $count = 5) { function getRecentadmin($conn, $count = 5) {
$query = $conn->prepare( $query = $conn->prepare(
'SELECT pastes.id AS id, pastes.ip AS ip, title, created_at, views, users.username AS member 'SELECT pastes.id AS id, pastes.ip AS ip, title, created_at, views, users.username AS member
@ -176,8 +148,6 @@ function getRecentadmin($conn, $count = 5) {
return $query->fetchAll(); return $query->fetchAll();
} }
function getUserPastes(DatabaseHandle $conn, int $user_id) : array { function getUserPastes(DatabaseHandle $conn, int $user_id) : array {
return $conn->query( return $conn->query(
"SELECT id, title, visible, code, created_at, views FROM pastes "SELECT id, title, visible, code, created_at, views FROM pastes
@ -194,10 +164,6 @@ function getTotalPastes(DatabaseHandle $conn, int $user_id) : int {
return intval($query->fetch(PDO::FETCH_NUM)[0]); return intval($query->fetch(PDO::FETCH_NUM)[0]);
} }
function isValidUsername(string $str) : bool {
return !preg_match('/[^A-Za-z0-9._\\-$]/', $str);
}
function friendlyDateDifference(DateTime $lesser, DateTime $greater) : string { function friendlyDateDifference(DateTime $lesser, DateTime $greater) : string {
$delta = $greater->diff($lesser, true); $delta = $greater->diff($lesser, true);
@ -266,21 +232,6 @@ function doDownload($paste_id, $p_title, $p_member, $p_conntent, $p_code) {
return $stats; return $stats;
} }
function rawView($paste_id, $p_title, $p_conntent, $p_code) {
$stats = false;
if ($p_code) {
// Raw
header('content-type: text/plain');
echo $p_conntent;
$stats = true;
} else {
// 404
header('HTTP/1.1 404 Not Found');
}
return $stats;
}
function embedView($paste_id, $p_title, $p_conntent, $p_code, $title, $baseurl, $ges_style, $lang) { function embedView($paste_id, $p_title, $p_conntent, $p_code, $title, $baseurl, $ges_style, $lang) {
$stats = false; $stats = false;
if ($p_conntent) { if ($p_conntent) {
@ -332,7 +283,7 @@ function embedView($paste_id, $p_title, $p_conntent, $p_code, $title, $baseurl,
}"; }";
$output .= "</style>"; $output .= "</style>";
$output .= "$ges_style"; // Dynamic GeSHI Style $output .= "$ges_style"; // Dynamic GeSHI Style
$output .= $p_conntent; // Paste conntent $output .= $p_conntent; // Paste content
$output .= "<div class='paste_embed_footer'>"; $output .= "<div class='paste_embed_footer'>";
$output .= "<a href='https://ponepaste.org/$paste_id'>$p_title</a> " . $lang['embed-hosted-by'] . " <a href='https://ponepaste.org'>$title</a> | <a href='https://ponepaste.org/raw/$paste_id'>" . strtolower($lang['view-raw']) . "</a>"; $output .= "<a href='https://ponepaste.org/$paste_id'>$p_title</a> " . $lang['embed-hosted-by'] . " <a href='https://ponepaste.org'>$title</a> | <a href='https://ponepaste.org/raw/$paste_id'>" . strtolower($lang['view-raw']) . "</a>";
$output .= "</div>"; $output .= "</div>";

10
index.php
View file

@ -139,16 +139,12 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$p_password = password_hash($p_password, PASSWORD_DEFAULT); $p_password = password_hash($p_password, PASSWORD_DEFAULT);
} }
$p_encrypt = trim(htmlspecialchars($_POST['encrypted'])); $p_encrypt = $_POST['encrypted'] === '1';
$tag_input = $_POST['tag_input']; $tag_input = $_POST['tag_input'];
if (empty($p_encrypt)) { if ($p_encrypt) {
$p_encrypt = "0"; $p_content = openssl_encrypt($p_content, PP_ENCRYPTION_ALGO, PP_ENCRYPTION_KEY);
} else {
// Encrypt option
$p_encrypt = "1";
$p_content = encrypt($p_content);
} }
// Set expiry time // Set expiry time

2
login.php
View file

@ -122,7 +122,7 @@ if (isset($_POST['forgot'])) {
$error = $lang['missingfields']; // "All fields must be filled out"; $error = $lang['missingfields']; // "All fields must be filled out";
} elseif (strlen($username) > $chara_max) { } elseif (strlen($username) > $chara_max) {
$error = $lang['maxnamelimit']; // "Username already taken."; $error = $lang['maxnamelimit']; // "Username already taken.";
} elseif (!isValidUsername($username)) { } elseif (preg_match('/[^A-Za-z0-9._\\-$]/', $str)) {
$error = $lang['usrinvalid']; // "Username not valid. Usernames can't contain special characters."; $error = $lang['usrinvalid']; // "Username not valid. Usernames can't contain special characters.";
} else { } else {
if ($conn->querySelectOne('SELECT 1 FROM users WHERE username = ?', [$username])) { if ($conn->querySelectOne('SELECT 1 FROM users WHERE username = ?', [$username])) {

19
paste.php
View file

@ -28,6 +28,15 @@ require_once('includes/Parsedown/Parsedown.php');
require_once('includes/Parsedown/ParsedownExtra.php'); require_once('includes/Parsedown/ParsedownExtra.php');
require_once('includes/Parsedown/SecureParsedown.php'); require_once('includes/Parsedown/SecureParsedown.php');
function rawView($content, $p_code) {
if ($p_code) {
header('Content-Type: text/plain');
echo $content;
} else {
header('HTTP/1.1 404 Not Found');
}
}
$paste_id = intval(trim($_REQUEST['id'])); $paste_id = intval(trim($_REQUEST['id']));
updatePageViews($conn); updatePageViews($conn);
@ -70,7 +79,7 @@ if (!$row) {
$p_visible = $row['visible']; $p_visible = $row['visible'];
$p_expiry = Trim($row['expiry']); $p_expiry = Trim($row['expiry']);
$p_password = $row['password']; $p_password = $row['password'];
$p_encrypt = $row['encrypt']; $p_encrypt = (bool) $row['encrypt'];
$is_private = $row['visible'] === '2'; $is_private = $row['visible'] === '2';
@ -92,8 +101,8 @@ if (!$row) {
} }
} }
if (!empty($p_encrypt)) { if ($p_encrypt) {
$p_content = decrypt($p_content); $p_content = openssl_decrypt($p_content, PP_ENCRYPTION_ALGO, PP_ENCRYPTION_KEY);
} }
$op_content = Trim(htmlspecialchars_decode($p_content)); $op_content = Trim(htmlspecialchars_decode($p_content));
@ -120,12 +129,12 @@ if (!$row) {
// Raw view // Raw view
if (isset($_GET['raw'])) { if (isset($_GET['raw'])) {
if ($p_password == "NONE" || $p_password === null) { if ($p_password == "NONE" || $p_password === null) {
rawView($paste_id, $paste_title, $op_content, $paste_code); rawView($op_content, $paste_code);
exit(); exit();
} else { } else {
if (isset($_GET['password'])) { if (isset($_GET['password'])) {
if (pp_password_verify($_GET['password'], $p_password)) { if (pp_password_verify($_GET['password'], $p_password)) {
rawView($paste_id, $paste_title, $op_content, $paste_code); rawView($op_content, $paste_code);
exit(); exit();
} else { } else {
$error = $lang['wrongpassword']; // 'Wrong password'; $error = $lang['wrongpassword']; // 'Wrong password';