code

2025-03-11 14:10:06 +01:00 · 2021-08-25 02:08:30 -04:00 · 2021-08-25 02:08:30 -04:00 · 55cddd10fe
commit 55cddd10fe
parent 8781ebc3b2
15 changed files with 2894 additions and 48 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,3 +1,10 @@
 tmp/temp.tdata
 sitemap.xml
-
+node_modules/
+npm-debug.log
+yarn-error.log
+.yarn/*
+!.yarn/releases
+!.yarn/plugins
+!.yarn/sdks
+!.yarn/versions
--- a/api/ajax_pastes.php
+++ b/api/ajax_pastes.php
@ -2,7 +2,6 @@
 header('Content-Type: application/json; charset=UTF-8');

 define('IN_PONEPASTE', 1);
-//require_once('../includes/config.php');
 require_once('../includes/common.php');
 require_once('../includes/NonRetardedSSP.class.php');

--- a/assets/bundle.js
+++ b/assets/bundle.js
@ -0,0 +1,126 @@
+function htmlToElement(html) {
+    const template = document.createElement('template');
+
+    template.innerHTML = html.trim();
+
+    return template.content.firstChild;
+}
+
+function escapeHtml(unsafe) {
+    return unsafe
+        .replace(/&/g, "&amp;")
+        .replace(/</g, "&lt;")
+        .replace(/>/g, "&gt;")
+        .replace(/"/g, "&quot;")
+        .replace(/'/g, "&#039;");
+}
+
+class TagsInput {
+    constructor(element, options = {}) {
+        this.element = element;
+        this.tags = [];
+        this.options = options;
+
+        this.maxTags = options.maxTags || 10;
+        this.inputNode = null;
+        this.containerNode = null;
+    }
+
+    attach() {
+        this.element.style.display = 'none';
+
+        this.containerNode = htmlToElement('<div class="tags-input"></div>');
+        this.inputNode = htmlToElement('<input class="input" type="text" placeholder="10 tags maximum" value="" />');
+        this.containerNode.appendChild(this.inputNode);
+
+        this.element.parentNode.insertBefore(this.containerNode, this.element.nextSibling);
+
+        /* Handle addition and removal of tags via key-presses */
+        this.containerNode.addEventListener('keydown', this._handleInputKeyUp.bind(this));
+
+        /* Handle deletions by clicking the delete button */
+        this.containerNode.addEventListener('click', this._handleContainerClick.bind(this));
+    }
+
+    detach() {
+        this.tags.clear();
+        this.containerNode.remove();
+        this.element.style.display = 'inline-block';
+    }
+
+    updateHiddenInputValue() {
+        this.element.value = this.tags.join(',');
+    }
+
+    deleteTagNode(node) {
+        this.tags.splice(this.tags.indexOf(node.dataset.value.toLowerCase()), 1);
+        node.remove();
+
+        /* Below the limit? Make sure the input is enabled. */
+        if (this.tags.length < this.maxTags) {
+            this.inputNode.disabled = false;
+        }
+    }
+
+    addTag(tagValue) {
+        tagValue = tagValue.trim();
+
+        /* Tag value is probably not empty and we don't already have the same tag. */
+        if (tagValue !== '' && this.tags.indexOf(tagValue.toLowerCase()) === -1) {
+            this.tags.push(tagValue.toLowerCase());
+
+            this.inputNode.parentNode.insertBefore(
+                htmlToElement('<span class="tag is-info" data-value="' + escapeHtml(tagValue) + '">' + escapeHtml(tagValue) + '<span class="delete is-small" /></span>'),
+                this.inputNode
+            );
+
+            /* Too many tags, disable the input for now. */
+            if (this.tags.length >= this.maxTags) {
+                this.inputNode.disabled = true;
+            }
+        }
+    }
+
+    _handleInputKeyUp(evt) {
+        let tagValue = this.inputNode.value;
+
+        if (evt.key === 'Backspace' && tagValue === '') {
+            // Remove the child
+            if (this.inputNode.previousSibling) {
+                this.deleteTagNode(this.inputNode.previousSibling);
+
+                this.updateHiddenInputValue();
+            }
+        } else if (evt.key === ',') {
+            this.addTag(tagValue);
+
+            this.inputNode.value = '';
+            this.updateHiddenInputValue();
+
+            evt.preventDefault();
+        }
+    }
+
+    _handleContainerClick(evt) {
+        if (evt.target && evt.target.classList.contains('delete')) {
+            this.deleteTagNode(evt.target.closest('.tag'));
+            this.updateHiddenInputValue();
+        }
+    }
+}
+
+class Meme {
+    constructor() {
+        alert('xss');
+    }
+
+    meme() {
+        console.log('meme');
+    }
+}
+
+const meme = new Meme();
+
+meme.meme();
+
+new TagsInput(null);
--- a/assets/bundle.min.js
+++ b/assets/bundle.min.js
@ -0,0 +1,2 @@
+function e(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}function t(e,t){for(var n=0;n<t.length;n++){var i=t[n];i.enumerable=i.enumerable||!1,i.configurable=!0,"value"in i&&(i.writable=!0),Object.defineProperty(e,i.key,i)}}function n(e,n,i){return n&&t(e.prototype,n),i&&t(e,i),e}function i(e){var t=document.createElement("template");return t.innerHTML=e.trim(),t.content.firstChild}function a(e){return e.replace(/&/g,"&amp;").replace(/</g,"&lt;").replace(/>/g,"&gt;").replace(/"/g,"&quot;").replace(/'/g,"&#039;")}var s=function(){function t(n){var i=arguments.length>1&&void 0!==arguments[1]?arguments[1]:{};e(this,t),this.element=n,this.tags=[],this.options=i,this.maxTags=i.maxTags||10,this.inputNode=null,this.containerNode=null}return n(t,[{key:"attach",value:function(){this.element.style.display="none",this.containerNode=i('<div class="tags-input"></div>'),this.inputNode=i('<input class="input" type="text" placeholder="10 tags maximum" value="" />'),this.containerNode.appendChild(this.inputNode),this.element.parentNode.insertBefore(this.containerNode,this.element.nextSibling),this.containerNode.addEventListener("keydown",this._handleInputKeyUp.bind(this)),this.containerNode.addEventListener("click",this._handleContainerClick.bind(this))}},{key:"detach",value:function(){this.tags.clear(),this.containerNode.remove(),this.element.style.display="inline-block"}},{key:"updateHiddenInputValue",value:function(){this.element.value=this.tags.join(",")}},{key:"deleteTagNode",value:function(e){this.tags.splice(this.tags.indexOf(e.dataset.value.toLowerCase()),1),e.remove(),this.tags.length<this.maxTags&&(this.inputNode.disabled=!1)}},{key:"addTag",value:function(e){""!==(e=e.trim())&&-1===this.tags.indexOf(e.toLowerCase())&&(this.tags.push(e.toLowerCase()),this.inputNode.parentNode.insertBefore(i('<span class="tag is-info" data-value="'+a(e)+'">'+a(e)+'<span class="delete is-small" /></span>'),this.inputNode),this.tags.length>=this.maxTags&&(this.inputNode.disabled=!0))}},{key:"_handleInputKeyUp",value:function(e){var t=this.inputNode.value;"Backspace"===e.key&&""===t?this.inputNode.previousSibling&&(this.deleteTagNode(this.inputNode.previousSibling),this.updateHiddenInputValue()):","===e.key&&(this.addTag(t),this.inputNode.value="",this.updateHiddenInputValue(),e.preventDefault())}},{key:"_handleContainerClick",value:function(e){e.target&&e.target.classList.contains("delete")&&(this.deleteTagNode(e.target.closest(".tag")),this.updateHiddenInputValue())}}]),t}();(new(function(){function t(){e(this,t),alert("xss")}return n(t,[{key:"meme",value:function(){console.log("meme")}}]),t}())).meme(),new s(null);
+//# sourceMappingURL=bundle.min.js.map
--- a/assets/bundle.min.js.map
+++ b/assets/bundle.min.js.map
--- a/babel.config.json
+++ b/babel.config.json
@ -0,0 +1,3 @@
+{
+  "presets": ["@babel/preset-env"]
+}
--- a/includes/common.php
+++ b/includes/common.php
@ -117,12 +117,12 @@ $default_theme = $lang_and_theme['theme'];
 // Site permissions
 $site_permissions = $site_info['permissions'];

+$site_is_private = false;
+$site_disable_guests = false;
+
 if ($site_permissions) {
    $site_is_private = (bool) $site_permissions['private'];
    $site_disable_guests = (bool) $site_permissions['disable_guest'];
-} else {
-    $site_is_private = false;
-    $site_disable_guests = false;
 }

 // CAPTCHA configuration
--- a/includes/config.php
+++ b/includes/config.php
@ -1,18 +1,6 @@
 <?php
-/*
- * $ID Project: Paste 2.0 - J.Samuel
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version 3
- * of the License, or (at your option) any later version.
- * 
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License in LIC.txt for more details.
- */
-if (gethostname() === 'thunderlane') {
+define("PP_DEBUG", (gethostname() === 'thunderlane'));
+if (PP_DEBUG) {
    error_reporting(E_ALL);
    ini_set('display_errors', 1);
 }
@ -32,7 +20,7 @@ $db_user = 'P0nedbAcc0unt';
 $db_pass = '1NWO6Tp17IFz9lbl';

 // I'm sorry, I didn't want to edit this file and check it in, but I may need to make other changes to it, so I did this
-if (gethostname() === 'thunderlane') {
+if (PP_DEBUG) {
    $db_host = 'localhost';
    $db_schema = 'ponepaste';
    $db_user = 'ponepaste';
--- a/js/main.js
+++ b/js/main.js
@ -0,0 +1,17 @@
+import  { TagsInput } from './tag_input';
+
+class Meme {
+    constructor() {
+        alert('xss');
+    }
+
+    meme() {
+        console.log('meme');
+    }
+}
+
+const meme = new Meme();
+
+meme.meme();
+
+new TagsInput(null);
--- a/js/tag_input.js
+++ b/js/tag_input.js
@ -108,3 +108,5 @@ class TagsInput {
        }
    }
 }
+
+export { TagsInput };
--- a/package.json
+++ b/package.json
@ -0,0 +1,15 @@
+{
+  "devDependencies": {
+    "@babel/core": "^7.15.0",
+    "@babel/preset-env": "^7.15.0",
+    "@rollup/plugin-babel": "^5.3.0",
+    "rollup": "^2.56.3",
+    "rollup-plugin-terser": "^7.0.2"
+  },
+  "name": "punishedponepaste",
+  "version": "1.0.0",
+  "main": "index.js",
+  "repository": "git@github.com:aftercase/punishedponepaste.git",
+  "author": "AppleDash <pet@feather.horse>",
+  "license": "MIT"
+}
--- a/rollup.config.js
+++ b/rollup.config.js
@ -0,0 +1,18 @@
+import { getBabelOutputPlugin } from '@rollup/plugin-babel';
+import { terser } from 'rollup-plugin-terser';
+
+export default {
+    input: 'js/main.js',
+    output: [
+        {
+            file: 'assets/bundle.js',
+            format: 'esm'
+        },
+        {
+            file: 'assets/bundle.min.js',
+            format: 'esm',
+            plugins: [getBabelOutputPlugin({ presets: ['@babel/preset-env'] }), terser()],
+            sourcemap: true
+        }
+    ]
+};
--- a/theme/bulma/common.php
+++ b/theme/bulma/common.php
@ -5,19 +5,14 @@ if (!in_array($page_template . '.php', $template_candidates)) {
    die('Failed to find template');
 }

-//$page_content = ob_get_clean();
-$date = time();
-$statrttime = microtime();
-$time = explode(' ', $statrttime);
-$time = $time[1] + $time[0];
-$start = $time;
+$start = microtime(true);
 ?>

 <!DOCTYPE html>
 <html lang="<?php echo basename($default_lang, ".php"); ?>">
 <head>
-    <meta charset="UTF-8"/>
-    <meta name="viewport" content="width=device-width, initial-scale=1">
+    <meta charset="UTF-8" />
+    <meta name="viewport" content="width=device-width, initial-scale=1" />

    <title>
        <?php
@ -43,6 +38,7 @@ $start = $time;
    <script src="//<?= $baseurl ?>/theme/bulma/js/datatables.min.js"></script>
    <script src="//<?= $baseurl ?>/theme/bulma/js/table-responsive.js"></script>
    <script src="//<?= $baseurl ?>/theme/bulma/js/table-reorder.js"></script>
+    <script src="//<?= $baseurl ?>/assets/<?= PP_DEBUG ? 'bundle.js' : 'bundle.min.js' ?>"></script>
 </head>

 <body>
@ -209,8 +205,7 @@ $start = $time;
 								</span>
                        </div>
                    </div>
-                    <input class="button is-link is-fullwidth my-4" type="submit" name="signin" value="Login"
-                           value="<?php echo md5($date . $ip); ?>">
+                    <input class="button is-link is-fullwidth my-4" type="submit" name="signin" value="Login"/>
                    <div class="checkbox checkbox-primary">
                        <input id="rememberme" name="remember_me" type="checkbox" checked="">
                        <label for="rememberme">
@ -321,24 +316,10 @@ $start = $time;
                <div class="columns">
                    <div class="column">
                        <ul>
-                            <li> <?php
-                                $endtime = microtime();
-                                $time = explode(' ', $endtime);
-                                $time = $time[1] + $time[0];
-                                $finish = $time;
-                                $total_time = round(($finish - $start), 4);
-                                echo 'Page load: ' . $total_time . 's';
-                                ?>
-                            </li>
-                            <li>
-                                <?php echo 'Page Hits Today: ' . $total_page_views . ''; ?>
-                            </li>
-                            <li>
-                                <?php echo 'Unique Visitors Today: ' . $total_unique_views . ''; ?>
-                            </li>
-                            <li>
-                                <?php echo 'Total Pastes: ' . $total_pastes . ''; ?>
-                            </li>
+                            <li>Page load: <?= round((microtime(true) - $start), 4) ?>s</li>
+                            <li>Page Hits Today: <?= $total_page_views ?></li>
+                            <li>Unique Visitors Today: <?= $total_unique_views ?></li>
+                            <li>Total Pastes: <?= $total_pastes ?></li>
                        </ul>
                    </div>
                </div>
--- a/yarn-error.log
+++ b/yarn-error.log
--- a/yarn.lock
+++ b/yarn.lock