PonyMirrors/ponepaste
1
0
Fork 0
mirror of https://github.com/Neetpone/ponepaste.git synced 2025-03-12 14:40:09 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Much work with regards to the database restructure

Browse source
This commit is contained in:
Floorb 2021-07-14 14:20:43 -04:00
parent a5e5d24884
commit accc28ac75
6 changed files with 74 additions and 76 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
admin/dashboard.php
View file

@ -45,8 +45,7 @@ $query->execute([$c_date]);
$today_users_count = intval($query->fetch(PDO::FETCH_NUM)[0]);
/* Number of pastes today */
$query = $conn->prepare('SELECT COUNT(*) FROM pastes where s_date = ?');
$query->execute([$c_date]);
$query = $conn->query('SELECT COUNT(*) FROM pastes where DATE(created_at) = DATE(NOW())');
$today_pastes_count = intval($query->fetch(PDO::FETCH_NUM)[0]);
for ($loop = 0; $loop <= 6; $loop++) {
@ -169,7 +168,7 @@ for ($loop = 0; $loop <= 6; $loop++) {
foreach ($res as $row) {
$title = Trim($row['title']);
$p_id = Trim($row['id']);
$p_date = Trim($row['s_date']);
$p_date = $row['date']->format('jS F Y h:i:s A');
$p_ip = Trim($row['ip']);
$p_member = Trim($row['member']);
$p_view = Trim($row['views']);

12
includes/common.php
View file

@ -47,6 +47,17 @@ function getSiteTotal_unique_views(PDO $conn) : int {
return intval($conn->query('SELECT tvisit FROM page_view ORDER BY id DESC LIMIT 1')->fetch(PDO::FETCH_NUM)[0]);
}
function getCurrentUser(PDO $conn) : array | null {
if (empty($_SESSION['username'])) {
return null;
}
$query = $conn->prepare('SELECT * FROM users WHERE username = ?');
$query->execute($_SESSION['username']);
return $query->fetch();
}
function updatePageViews(PDO $conn) : void {
$ip = $_SERVER['REMOTE_ADDR'];
$date = date('jS F Y');
@ -129,7 +140,6 @@ if (isset($_SESSION['username'])) {
$noguests = "off";
}
// Prevent a potential LFI (you never know :p)
$lang_file = "${default_lang}.php";
if (in_array($lang_file, scandir('langs/'))) {

17
includes/functions.php
View file

@ -138,10 +138,13 @@ function getRecentreport($conn, $count) {
function getUserRecom($conn, $p_member) {
$query = $conn->prepare("SELECT id, member, title, visible
FROM pastes where member= ? AND visible = '0'
ORDER BY id DESC
LIMIT 0 , 5");
$query = $conn->prepare(
"SELECT pastes.id AS id, users.username AS member, title, visible
FROM pastes
INNER JOIN users ON users.username = ?
WHERE visible = '0'
ORDER BY id DESC
LIMIT 0, 5");
$query->execute([$p_member]);
return $query->fetchAll();
}
@ -151,7 +154,7 @@ function recentupdate($conn, $count) {
"SELECT pastes.id AS id, visible, title, created_at, users.username AS member, tagsys
FROM pastes
INNER JOIN users ON users.id = pastes.user_id
WHERE visible = '0' ORDER BY timeedit DESC
WHERE visible = '0' ORDER BY updated_at DESC
LIMIT ?");
$query->execute([$count]);
return $query->fetchAll();
@ -220,7 +223,7 @@ function getRecent($conn, $count) {
}
function getRecentadmin($conn, $count = 5) {
$query = $conn->prepare('SELECT id, ip title, date, now_time, s_date, views, member FROM pastes ORDER BY id DESC LIMIT 0, ?');
$query = $conn->prepare('SELECT id, ip title, date, now_time, views, member FROM pastes ORDER BY id DESC LIMIT 0, ?');
$query->execute([$count]);
return $query->fetchAll();
@ -261,7 +264,7 @@ LIMIT 0 , ?");
function getUserPastes($conn, $username) {
$query = $conn->prepare("SELECT id, title, code, views, s_date, now_time, visible, date, tagsys, member FROM pastes where member=? ORDER by id DESC");
$query = $conn->prepare("SELECT id, title, code, views, now_time, visible, date, tagsys, member FROM pastes where member=? ORDER by id DESC");
$query->execute([$username]);
return $query->fetchAll();
}

43
index.php
View file

@ -104,6 +104,8 @@ header('Content-Type: text/html; charset=utf-8');
$date = date('jS F Y');
$ip = $_SERVER['REMOTE_ADDR'];
$current_user = getCurrentUser($conn);
// Sitemap
$site_sitemap_rows = $conn->query('SELECT * FROM sitemap_options LIMIT 1');
if ($row = $site_sitemap_rows->fetch()) {
@ -174,7 +176,7 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') {
} else {
$p_password = password_hash($p_password, PASSWORD_DEFAULT);
}
$p_encrypt = Trim(htmlspecialchars($_POST['encrypted']));
$p_encrypt = trim(htmlspecialchars($_POST['encrypted']));
if (empty($p_encrypt)) {
$p_encrypt = "0";
@ -184,42 +186,32 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$p_content = encrypt($p_content);
}
if (isset($_SESSION['token'])) {
$p_member = Trim($_SESSION['username']);
} else {
$p_member = "Guest";
}
// Set expiry time
$expires = calculatePasteExpiry($p_expiry);
$p_date = date('jS F Y h:i:s A');
$date = date('jS F Y');
$now_time = mktime(date("H"), date("i"), date("s"), date("n"), date("j"), date("Y"));
$timeedit = gmmktime(date("H"), date("i"), date("s"), date("n"), date("j"), date("Y"));
// Edit existing paste or create new?
if ($editing) {
if (isset($_SESSION['username'])) {
if ($current_user && $current_user['id'] === $paste_id) {
$paste_id = intval($_POST['paste_id']);
$statement = $conn->prepare(
"UPDATE pastes SET title = ?, content = ?, visible = ?, code = ?, expiry = ?, password = ?, encrypt = ?, member = ?, ip = ?, tagsys = ?, now_time = ?, timeedit = ?
"UPDATE pastes SET title = ?, content = ?, visible = ?, code = ?, expiry = ?, password = ?, encrypt = ?,ip = ?, tagsys = ?, updated_at = NOW()
WHERE id = ?"
);
$statement->execute([
$p_title, $p_content, $p_visible, $p_code, $expires, $p_password, $p_encrypt, $p_member, $ip, $p_tagsys, $now_time, $timeedit, $edit_paste_id
$p_title, $p_content, $p_visible, $p_code, $expires, $p_password, $p_encrypt, $ip, $p_tagsys, $paste_id
]);
$success = $paste_id;
} else {
$error = $lang['loginwarning']; //"You must be logged in to do that."
}
} else {
$paste_owner = $current_user ? $current_user['id'] : null;
$statement = $conn->prepare(
"INSERT INTO pastes (title, content, visible, code, expiry, password, encrypt, member, date, ip, now_time, views, s_date, tagsys) VALUES
(?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, '0', ?, ?)"
"INSERT INTO pastes (title, content, visible, code, expiry, password, encrypt, user_id, created_at, ip, views, tagsys) VALUES
(?, ?, ?, ?, ?, ?, ?, ?, NOW(), ?, 0, ?)"
);
$statement->execute([$p_title, $p_content, $p_visible, $p_code, $expires, $p_password, $p_encrypt, $p_member, $p_date, $ip, $now_time, $date, $p_tagsys]);
$statement->execute([$p_title, $p_content, $p_visible, $p_code, $expires, $p_password, $p_encrypt, $paste_owner, $ip, $p_tagsys]);
$paste_id = intval($conn->lastInsertId()); /* returns the last inserted ID as per the query above */
if ($p_visible == '0') {
addToSitemap($paste_id, $priority, $changefreq, $mod_rewrite);
@ -229,20 +221,7 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') {
// Redirect to paste on successful entry, or on successful edit redirect back to edited paste
if (isset($success)) {
if ($mod_rewrite == '1') {
if ($editing) {
$paste_url = "$edit_paste_id";
} else {
$paste_url = "$success";
}
} else {
if ($editing) {
$paste_url = "paste.php?id=$edit_paste_id";
} else {
$paste_url = "paste.php?id=$success";
}
}
$paste_url = urlForPaste($success);
header("Location: ${paste_url}");
die();
}

45
paste.php
View file

@ -37,7 +37,7 @@ $fav_count = intval($query->fetch(PDO::FETCH_NUM)[0]);
// Get paste info
$query = $conn->prepare(
'SELECT title, content, visible, code, expiry, pastes.password AS password, created_at, encrypt, views, tagsys, users.username AS member
'SELECT title, content, visible, code, expiry, pastes.password AS password, created_at, updated_at, encrypt, views, tagsys, users.username AS member
FROM pastes
INNER JOIN users ON users.id = pastes.user_id
WHERE pastes.id = ?');
@ -47,27 +47,35 @@ $row = $query->fetch();
// This is used in the theme files.
$totalpastes = getSiteTotalPastes($conn);
$current_user = getCurrentUser($conn);
if (!$row) {
header('HTTP/1.1 404 Not Found');
$notfound = $lang['notfound']; // "Not found";
} else {
$p_title = $row['title'];
$paste_title = $row['title'];
$paste_code = $row['code'];
$paste = [
'title' => $paste_title,
'created_at' => (new DateTime($row['created_at']))->format('jS F Y h:i:s A'),
'updated_at' => (new DateTime($row['updated_at']))->format('jS F Y h:i:s A'),
'member' => $row['member'],
'tags' => $row['tagsys'],
'views' => $row['views'],
'code' => $paste_code
];
$p_content = $row['content'];
$p_visible = $row['visible'];
$p_code = $row['code'];
$p_expiry = Trim($row['expiry']);
$p_password = $row['password'];
$p_member = $row['member'];
$p_encrypt = $row['encrypt'];
$p_views = $row['views'];
$p_tagsys = $row['tagsys'];
$mod_date = date("jS F Y h:i:s A", $now_time);
$p_private_error = '0';
if ($p_visible == "2") {
if (isset($_SESSION['username'])) {
if ($p_member !== trim($_SESSION['username'])) {
if ($current_user) {
if ($p_member !== $current_user['id']) {
$notfound = $lang['privatepaste']; //" This is a private paste.";
$p_private_error = '1';
goto Not_Valid_Paste;
@ -98,12 +106,12 @@ if (!$row) {
// Download the paste
if (isset($_GET['download'])) {
if ($p_password == "NONE") {
doDownload($paste_id, $p_title, $p_member, $op_content, $p_code);
doDownload($paste_id, $paste_title, $p_member, $op_content, $paste_code);
exit();
} else {
if (isset($_GET['password'])) {
if (password_verify($_GET['password'], $p_password)) {
doDownload($paste_id, $p_title, $p_member, $op_content, $p_code);
doDownload($paste_id, $paste_title, $p_member, $op_content, $paste_code);
exit();
} else {
$error = $lang['wrongpassword']; // 'Wrong password';
@ -117,12 +125,12 @@ if (!$row) {
// Raw view
if (isset($_GET['raw'])) {
if ($p_password == "NONE") {
rawView($paste_id, $p_title, $op_content, $p_code);
rawView($paste_id, $paste_title, $op_content, $paste_code);
exit();
} else {
if (isset($_GET['password'])) {
if (password_verify($_GET['password'], $p_password)) {
rawView($paste_id, $p_title, $op_content, $p_code);
rawView($paste_id, $paste_title, $op_content, $paste_code);
exit();
} else {
$error = $lang['wrongpassword']; // 'Wrong password';
@ -151,12 +159,12 @@ if (!$row) {
// Apply syntax highlight
$p_content = htmlspecialchars_decode($p_content);
if ($p_code === "pastedown") {
if ($paste_code === "pastedown") {
$Parsedown = new Parsedown();
$Parsedown->setSafeMode(true);
$p_content = $Parsedown->text($p_content);
} else {
$geshi = new GeSHi($p_content, $p_code, 'includes/geshi/');
$geshi = new GeSHi($p_content, $paste_code, 'includes/geshi/');
$geshi->enable_classes();
$geshi->set_header_type(GESHI_HEADER_DIV);
@ -177,12 +185,12 @@ if (!$row) {
// Embed view after GeSHI is applied so that $p_code is syntax highlighted as it should be.
if (isset($_GET['embed'])) {
if ($p_password == "NONE") {
embedView($paste_id, $p_title, $p_content, $p_code, $title, $baseurl, $ges_style, $lang);
embedView($paste_id, $paste_title, $p_content, $paste_code, $title, $baseurl, $ges_style, $lang);
exit();
} else {
if (isset($_GET['password'])) {
if (password_verify($_GET['password'], $p_password)) {
embedView($paste_id, $p_title, $p_content, $p_code, $title, $p_baseurl, $ges_style, $lang);
embedView($paste_id, $paste_title, $p_content, $paste_code, $title, $p_baseurl, $ges_style, $lang);
exit();
} else {
$error = $lang['wrongpassword']; // 'Wrong password';
@ -196,7 +204,6 @@ if (!$row) {
require_once('theme/' . $default_theme . '/header.php');
if ($p_password == "NONE") {
// No password & diplay the paste
// Set download URL
@ -262,4 +269,4 @@ if ($p_private_error == '1') {
// Footer
require_once('theme/' . $default_theme . '/footer.php');
?>

28
theme/bulma/view.php
View file

@ -58,7 +58,7 @@
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 3
* of the License, or (at your option) any later version.
*
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
@ -146,9 +146,9 @@ $selectedloader = "$bg[$i]"; // set variable equal to which random filename was
<div class="columns is-multiline">
<div class="column is-4">
<span class="tag is-normal"><i class="fa fa-code fa-lg"
aria-hidden="true"></i>&nbsp;&nbsp;<?php echo strtoupper($p_code); ?></span>
aria-hidden="true"></i>&nbsp;&nbsp;<?php echo strtoupper($paste['code']); ?></span>
<span class="tag is-normal"><i class="fa fa-eye fa-lg"
aria-hidden="true"></i>&nbsp;&nbsp;<?php echo $p_views; ?></span>
aria-hidden="true"></i>&nbsp;&nbsp;<?php echo $paste['views']; ?></span>
<span class="tag is-normal"><i class="fa fa-star fa-lg"
aria-hidden="true"></i>&nbsp;&nbsp;<?php echo $fav_count; ?></span>
<br>
@ -160,7 +160,7 @@ $selectedloader = "$bg[$i]"; // set variable equal to which random filename was
<span class="tag is-normal"><i class="fa fa-list-ol fa-lg" aria-hidden="true"></i>&nbsp;&nbsp;<?php echo substr_count($op_content, "\n") + 1; ?></span>
</div>
<div class="column is-4 has-text-centered">
<h1 class="title is-6" style="margin-bottom:0;"><?php echo($p_title); ?></h1>
<h1 class="title is-6" style="margin-bottom:0;"><?= $paste['title'] ?></h1>
<small class="title is-6 has-text-weight-normal has-text-grey">
<?php if ($paste['member'] === NULL): ?>
Guest
@ -168,11 +168,11 @@ $selectedloader = "$bg[$i]"; // set variable equal to which random filename was
By <a href="<?= urlForMember($paste['member']) ?>"><?= $paste['member'] ?></a>
<?php endif; ?>
<br/>
Created: <?php echo $p_date; ?>
Created: <?= $paste['created_at'] ?>
<br/>
<?php if (strcmp($p_date, $mod_date) !== 0) { ?>
Modified: <?php echo $mod_date; ?>
<?php } ?>
<?php if ($paste['updated_at'] != $paste['created_at']): ?>
<?= $paste['updated_at'] ?>
<?php endif; ?>
</small>
</div>
<div class="column is-4 has-text-right">
@ -185,7 +185,7 @@ $selectedloader = "$bg[$i]"; // set variable equal to which random filename was
?>
<a class="icon tool-icon" class="flip" onclick="openreport()"><i
class="far fa-flag fa-lg has-text-grey" title="Report Paste"></i></a>
<?php if ($p_code != "pastedown") { ?>
<?php if ($paste['code'] != "pastedown") { ?>
<a class="icon tool-icon" href="javascript:togglev();"><i
class="fas fa-list-ol fa-lg has-text-grey"
title="Toggle Line Numbers"></i></a>
@ -220,7 +220,7 @@ $selectedloader = "$bg[$i]"; // set variable equal to which random filename was
<!-- Tag display -->
<div class="columns is-desktop is-centered">
<?php
$tagDisplay = htmlentities($p_tagsys, ENT_QUOTES, 'UTF-8');
$tagDisplay = htmlentities($paste['tags'], ENT_QUOTES, 'UTF-8');
$tagDisplay = rtrim($tagDisplay);
$tagArray = explode(',', $tagDisplay);
if (strlen($tagDisplay) > 0) {
@ -238,7 +238,7 @@ $selectedloader = "$bg[$i]"; // set variable equal to which random filename was
<?php if (isset($error)) {
echo '<p class="help is-danger subtitle is-6">' . $error . '</p>';
} else {
if ($p_code != "pastedown") {
if ($paste['code'] != "pastedown") {
echo '
<div id="paste" style="line-height:1!important;">' . linkify($p_content) . '</div>';
} else {
@ -309,7 +309,7 @@ $selectedloader = "$bg[$i]"; // set variable equal to which random filename was
<?php // Show popular GeSHi formats
foreach ($geshiformats as $code => $name) {
if (in_array($code, $popular_formats)) {
$sel = ($p_code == $code) ? 'selected="selected"' : ' ';
$sel = ($paste['code'] == $code) ? 'selected="selected"' : ' ';
echo '<option ' . $sel . ' value="' . $code . '">' . $name . '</option>';
}
}
@ -317,7 +317,7 @@ $selectedloader = "$bg[$i]"; // set variable equal to which random filename was
// Show all GeSHi formats.
foreach ($geshiformats as $code => $name) {
if (!in_array($code, $popular_formats)) {
$sel = ($p_code == $code) ? 'selected="selected"' : '';
$sel = ($paste['code'] == $code) ? 'selected="selected"' : '';
echo '<option ' . $sel . ' value="' . $code . '">' . $name . '</option>';
}
}
@ -501,7 +501,7 @@ $selectedloader = "$bg[$i]"; // set variable equal to which random filename was
var charRemain = (maxLength - strLength);
var char2kb = charRemain / 1000;
var charDisplay = roundToTwo(char2kb);
// Grace limit
// Grace limit
var gracelimit = 11480;
var newstrLength = obj.value.length - 1000000;
var graceRemain = (gracelimit - newstrLength);