PonyMirrors/ponepaste
1
0
Fork 0
mirror of https://github.com/Neetpone/ponepaste.git synced 2025-03-11 14:10:06 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: disable passworded pastes for guests

Browse source
This commit is contained in:
Floorb 2023-07-11 03:45:51 -04:00
parent 563d8f6738
commit b49951e4d5
2 changed files with 10 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
public/index.php
View file

@ -116,14 +116,17 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$paste_visibility = $_POST['visibility'];
$paste_code = $_POST['format'];
$paste_password = $_POST['pass'];
$p_expiry = trim(htmlspecialchars($_POST['paste_expire_date']));
$tag_input = $_POST['tag_input'];
if (empty($paste_password)) {
$paste_password = null;
} else {
if (!empty($paste_password)) {
if (!$current_user) {
$error = 'You must be logged in to create a password-protected paste.';
goto OutPut;
}
$paste_password = password_hash($paste_password, PASSWORD_DEFAULT);
} else {
$paste_password = null;
}
$paste_content = openssl_encrypt(
@ -133,7 +136,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
);
// Set expiry time
$expires = calculatePasteExpiry($p_expiry);
$expires = calculatePasteExpiry(trim($_POST['paste_expire_date']));
// Edit existing paste or create new?
if ($editing) {

2
theme/bulma/main.php
View file

@ -140,7 +140,7 @@
<div class="field">
<div class="control">
<input type="text" class="input pp-width-auto" name="pass" id="pass"
placeholder="Password (optional)" autocomplete="new-password"
placeholder="Password (optional)<?= $current_user ? ' (must be logged in)': '' ?>" autocomplete="new-password"<?= $current_user ? '' : ' disabled="disabled"' ?>
value="<?php echo (isset($_POST['pass'])) ? pp_html_escape($_POST['pass']) : ''; ?>"/>
</div>
</div>