PonyMirrors/ponepaste
1
0
Fork 0
mirror of https://github.com/Neetpone/ponepaste.git synced 2025-03-12 06:30:07 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: disable passworded pastes for guests

Browse source
This commit is contained in:
Floorb 2023-07-11 03:45:51 -04:00
parent 563d8f6738
commit b49951e4d5
2 changed files with 10 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
public/index.php
View file

@ -116,14 +116,17 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$paste_visibility = $_POST['visibility']; $paste_visibility = $_POST['visibility'];
$paste_code = $_POST['format']; $paste_code = $_POST['format'];
$paste_password = $_POST['pass']; $paste_password = $_POST['pass'];
$p_expiry = trim(htmlspecialchars($_POST['paste_expire_date']));
$tag_input = $_POST['tag_input']; $tag_input = $_POST['tag_input'];
if (empty($paste_password)) { if (!empty($paste_password)) {
$paste_password = null; if (!$current_user) {
} else { $error = 'You must be logged in to create a password-protected paste.';
goto OutPut;
}
$paste_password = password_hash($paste_password, PASSWORD_DEFAULT); $paste_password = password_hash($paste_password, PASSWORD_DEFAULT);
} else {
$paste_password = null;
} }
$paste_content = openssl_encrypt( $paste_content = openssl_encrypt(
@ -133,7 +136,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
); );
// Set expiry time // Set expiry time
$expires = calculatePasteExpiry($p_expiry); $expires = calculatePasteExpiry(trim($_POST['paste_expire_date']));
// Edit existing paste or create new? // Edit existing paste or create new?
if ($editing) { if ($editing) {

2
theme/bulma/main.php
View file

@ -140,7 +140,7 @@
<div class="field"> <div class="field">
<div class="control"> <div class="control">
<input type="text" class="input pp-width-auto" name="pass" id="pass" <input type="text" class="input pp-width-auto" name="pass" id="pass"
placeholder="Password (optional)" autocomplete="new-password" placeholder="Password (optional)<?= $current_user ? ' (must be logged in)': '' ?>" autocomplete="new-password"<?= $current_user ? '' : ' disabled="disabled"' ?>
value="<?php echo (isset($_POST['pass'])) ? pp_html_escape($_POST['pass']) : ''; ?>"/> value="<?php echo (isset($_POST['pass'])) ? pp_html_escape($_POST['pass']) : ''; ?>"/>
</div> </div>
</div> </div>