From 75fa51f0c624ab0858820f8f4fd6868ca30bea53 Mon Sep 17 00:00:00 2001
From: Floorb <132411956+Neetpone@users.noreply.github.com>
Date: Sun, 11 Jul 2021 12:18:57 -0400
Subject: [PATCH] ajax_pastes.php actually works now

---
 api/ssp.pastes.php   | 10 +++++-----
 archive.php          |  3 ---
 config.php           | 15 ++++++---------
 event.php            |  1 -
 includes/common.php  |  2 ++
 includes/geshi.php   | 11 +++++++----
 index.php            |  8 ++------
 login.php            |  7 +------
 paste.php            | 23 ++++++-----------------
 profile.php          |  7 ++-----
 rules.php            |  3 ---
 theme/bulma/view.php |  2 +-
 user.php             |  1 -
 13 files changed, 32 insertions(+), 61 deletions(-)

diff --git a/api/ssp.pastes.php b/api/ssp.pastes.php
index 45ae47d..47043cc 100644
--- a/api/ssp.pastes.php
+++ b/api/ssp.pastes.php
@@ -1,6 +1,6 @@
 <?php
 // Turn off all error reporting
-error_reporting(0);
+//error_reporting(0);
 ?>
 <?php
 
@@ -219,7 +219,7 @@ class SSP {
 		// Build the SQL query string from the request 
 		$limit = self::limit( $request, $columns );
 		$order = self::order( $request, $columns );
-		$where = self::filter( $request, $columns, $bindings );
+		//$where = self::filter( $request, $columns, $bindings );
 
   		// Main query to actually get the data
 		$data = self::Ssql_exec($db, $bindings,
@@ -245,7 +245,7 @@ class SSP {
 		 * Output
 		 */   
 		return array(
-			"draw"            => intval( $request['draw'] ),
+			"draw"            => isset($request['draw']) ? intval( $request['draw'] ) : 0,
 			"recordsTotal"    => intval( $recordsTotal ),
 			"recordsFiltered" => intval( $recordsFiltered ),
 			"data"            => self::data_output( $columns2, $data )
@@ -262,7 +262,7 @@ class SSP {
 	 *     * db   - database name
 	 *     * user - user name
 	 *     * pass - user password
-	 * @return resource Database connection handle
+	 * @return PDO Database connection handle
 	 */
 	static function sql_connect ( $sql_details )
 	{
@@ -355,7 +355,7 @@ class SSP {
         $result[$loop]['id']= $arr['id'];
         $result[$loop]['member']= $arr['member'];
         $result[$loop]['tagsys']= sandwitch( $arr['tagsys']);
-        $date_time = strtotime($arr['date']);
+        $date_time = strtotime(isset($arr['date']) ? $arr['date'] : '0');
 		$result[$loop]['date']= date("d F Y", $date_time);
         $myid = $arr['id'];
         $mytitle = $arr['title'];
diff --git a/archive.php b/archive.php
index 2d285b9..b1a9d48 100644
--- a/archive.php
+++ b/archive.php
@@ -12,17 +12,14 @@
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License in GPL.txt for more details.
  */
-session_start();
 
 define('IN_PONEPASTE', 1);
 require_once('includes/common.php');
-require_once('config.php');
 
 // UTF-8
 header('Content-Type: text/html; charset=utf-8');
 
 $date    = date('jS F Y');
-$data_ip = file_get_contents('tmp/temp.tdata');
 
 // Temp count for untagged pastes
 $total_untagged = intval($conn->query("SELECT COUNT(*) from pastes WHERE tagsys IS NULL")->fetch(PDO::FETCH_NUM)[0]);
diff --git a/config.php b/config.php
index a7eb2f1..20d231c 100644
--- a/config.php
+++ b/config.php
@@ -41,7 +41,6 @@ define('G_Client_Secret', 'CHANGE THIS'); // What's your Secret key
 define('G_Redirect_Uri', 'http://ponepaste.org//oauth/google.php'); // Leave this as is
 define('G_Application_Name', 'Paste'); // Make sure this matches the name of your application
 
-
 $db_host = 'localhost';
 $db_schema = 'p0nepast3s';
 $db_user = 'P0nedbAcc0unt';
@@ -69,21 +68,19 @@ define('SECRET',md5($sec_key));
 $mod_rewrite = "1";
 
 // Available GeSHi formats
-$geshiformats =array(
-   
+$geshiformats = [
     'green' => 'Green Text',
     'text' => 'Plain Text',
     'pastedown' => 'pastedown',
-    'pastedown_old' => 'pastedown old',
-);
+    'pastedown_old' => 'pastedown old'
+];
 
 // Popular formats that are listed first.
-$popular_formats=array(
+$popular_formats = [
 	'green',
     'text',
 	'pastedown',
     'pastedown_old'
-);
+];
 
-//Cookie 
-?>
\ No newline at end of file
+// Cookie - I want a cookie, can I have one?
diff --git a/event.php b/event.php
index 6566943..189cbe3 100644
--- a/event.php
+++ b/event.php
@@ -12,7 +12,6 @@
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License in GPL.txt for more details.
  */
-session_start();
 
 define('IN_PONEPASTE', 1);
 require_once('includes/common.php');
diff --git a/includes/common.php b/includes/common.php
index b1d4fe8..170ab75 100644
--- a/includes/common.php
+++ b/includes/common.php
@@ -64,6 +64,8 @@ function updatePageViews($conn) {
     }
 }
 
+session_start();
+
 $conn = new PDO(
     "mysql:host=$db_host;dbname=$db_schema;charset=utf8",
     $db_user,
diff --git a/includes/geshi.php b/includes/geshi.php
index c93102f..6cc6917 100644
--- a/includes/geshi.php
+++ b/includes/geshi.php
@@ -2370,7 +2370,7 @@ class GeSHi {
         unset($code);
 
         //Preload some repeatedly used values regarding hardquotes ...
-        $hq = isset($this->language_data['HARDQUOTE']) ? $this->language_data['HARDQUOTE'][0] : false;
+        $hq = !empty($this->language_data['HARDQUOTE']) ? $this->language_data['HARDQUOTE'][0] : false;
         $hq_strlen = strlen($hq);
 
         //Preload if line numbers are to be generated afterwards
@@ -4479,11 +4479,14 @@ class GeSHi {
                 $stylesheet .= "$selector.st$group {{$styles}}\n";
             }
         }
-        foreach ($this->language_data['STYLES']['NUMBERS'] as $group => $styles) {
-            if ($styles != '' && (!$economy_mode || $this->lexic_permissions['NUMBERS'])) {
-                $stylesheet .= "$selector.nu$group {{$styles}}\n";
+        if (isset($this->language_data['STYLES']['NUMBERS'])) {
+            foreach ($this->language_data['STYLES']['NUMBERS'] as $group => $styles) {
+                if ($styles != '' && (!$economy_mode || $this->lexic_permissions['NUMBERS'])) {
+                    $stylesheet .= "$selector.nu$group {{$styles}}\n";
+                }
             }
         }
+
         foreach ($this->language_data['STYLES']['METHODS'] as $group => $styles) {
             if ($styles != '' && (!$economy_mode || $this->lexic_permissions['METHODS'])) {
                 $stylesheet .= "$selector.me$group {{$styles}}\n";
diff --git a/index.php b/index.php
index b8ab1d6..1dfdfdc 100644
--- a/index.php
+++ b/index.php
@@ -13,8 +13,6 @@
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License in GPL.txt for more details.
  */
- 
-session_start();
 
 $directory = 'install';
 
@@ -24,12 +22,10 @@ if (file_exists($directory)) {
 }
 
 // Required functions
-require_once('includes/captcha.php');
-require_once('includes/functions.php');
 define('IN_PONEPASTE', 1);
 require_once('includes/common.php');
-
-// PHP <5.5 compatibility
+require_once('includes/captcha.php');
+require_once('includes/functions.php');
 require_once('includes/password.php');
 
 function calculatePasteExpiry($p_expiry) {
diff --git a/login.php b/login.php
index a00528c..e493748 100644
--- a/login.php
+++ b/login.php
@@ -12,21 +12,16 @@
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License in GPL.txt for more details.
  */
- 
-// PHP <5.5 compatibility
-require_once('includes/password.php'); 
-
-session_start();
 
 // Required functions
 require_once('includes/common.php');
 require_once('includes/functions.php');
+require_once('includes/password.php');
 require_once('mail/mail.php');
 
 // Current Date & User IP
 $date    = date('jS F Y');
 $ip      = $_SERVER['REMOTE_ADDR'];
-$data_ip = file_get_contents('tmp/temp.tdata');
 
 // Mail
 $mail_type = "1";
diff --git a/paste.php b/paste.php
index df2a95d..6724943 100644
--- a/paste.php
+++ b/paste.php
@@ -13,11 +13,6 @@
  * GNU General Public License in GPL.txt for more details.
  */
 
-// PHP <5.5 compatibility
-require_once('includes/password.php'); 
- 
-session_start();
-
 // UTF-8
 header('Content-Type: text/html; charset=utf-8');
 
@@ -26,14 +21,11 @@ define('IN_PONEPASTE', 1);
 require_once('includes/common.php');
 require_once('includes/geshi.php');
 require_once('includes/functions.php');
+require_once('includes/password.php');
 
-// Path of GeSHi object
-$path = 'includes/geshi/';
-
-// Path of Parsedown object
-$parsedown_path = 'includes/Parsedown/Parsedown.php';
-$parsedownextra_path  = 'includes/Parsedown/ParsedownExtra.php';
-$parsedownsec_path = 'includes/Parsedown/SecureParsedown.php';
+require_once('includes/Parsedown/Parsedown.php');
+require_once('includes/Parsedown/ParsedownExtra.php');
+require_once('includes/Parsedown/SecureParsedown.php');
 
 $paste_id = intval(trim($_REQUEST['id']));
 
@@ -159,15 +151,12 @@ if (!$row) {
 
     // Apply syntax highlight
     $p_content = htmlspecialchars_decode($p_content);
-    if ( $p_code == "pastedown" ) {
-        include( $parsedown_path );
-        include ($parsedownextra_path);
-        include ($parsedownsec_path);
+    if ($p_code === "pastedown") {
         $Parsedown = new Parsedown();
         $Parsedown->setSafeMode(true);
         $p_content = $Parsedown->text( $p_content );
     } else {
-        $geshi     = new GeSHi($p_content, $p_code, $path);
+        $geshi = new GeSHi($p_content, $p_code, 'includes/geshi/');
 
         $geshi->enable_classes();
         $geshi->set_header_type(GESHI_HEADER_DIV);
diff --git a/profile.php b/profile.php
index a3feccb..70bfa46 100644
--- a/profile.php
+++ b/profile.php
@@ -12,15 +12,12 @@
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License in GPL.txt for more details.
  */
- 
-// PHP <5.5 compatibility
-require_once('includes/password.php');
-
-session_start();
 
 define('IN_PONEPASTE', 1);
 require_once('includes/common.php');
 require_once('includes/functions.php');
+require_once('includes/password.php');
+
 
 // UTF-8
 header('Content-Type: text/html; charset=utf-8');
diff --git a/rules.php b/rules.php
index 1180fc7..87cb609 100644
--- a/rules.php
+++ b/rules.php
@@ -1,6 +1,4 @@
 <?php
-session_start();
-
 define('IN_PONEPASTE', 1);
 require_once ('includes/common.php');
 require_once('includes/functions.php');
@@ -14,4 +12,3 @@ $p_title = $lang['archive']; // "Pastes Archive";
 require_once('theme/' . $default_theme . '/header.php');
 require_once('theme/' . $default_theme . '/rules.php');
 require_once('theme/' . $default_theme . '/footer.php');
-?>
\ No newline at end of file
diff --git a/theme/bulma/view.php b/theme/bulma/view.php
index b948b73..2f78839 100644
--- a/theme/bulma/view.php
+++ b/theme/bulma/view.php
@@ -230,7 +230,7 @@ overflow: hidden !important;
 					}} ?>
 				</div>
 				<!-- Guests -->
-                <?php if (strcasecmp($_SESSION['username'], $p_member)) { ?>
+                <?php if (!isset($_SESSION['username']) || strcasecmp($_SESSION['username'], $p_member)) { ?>
                  <hr> 
                 <label class="label">More from this Author </label>                 
 					<?php          
diff --git a/user.php b/user.php
index 2bcd043..3d3897f 100644
--- a/user.php
+++ b/user.php
@@ -12,7 +12,6 @@
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License in GPL.txt for more details.
  */
-session_start();
 
 define('IN_PONEPASTE', 1);
 require_once('includes/common.php');