arno
/
privatebin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge 861dd347da into 6eb8822059

Browse Source
pull/226/merge
__cyp 6 years ago committed by GitHub
parent 6eb8822059 861dd347da
commit 635036972c
4 changed files with 103 additions and 11 deletions
Show Stats Download Patch File Download Diff File

2
lib/Configuration.php
Unescape View File

@ -55,7 +55,7 @@ class Configuration
'qrcode' => true,
'icon' => 'identicon',
'cspheader' => 'default-src \'none\'; manifest-src \'self\'; connect-src *; script-src \'self\'; style-src \'self\'; font-src \'self\'; img-src \'self\' data:; referrer no-referrer; sandbox allow-same-origin allow-scripts allow-forms allow-popups',
'zerobincompatibility' => false,
'zerobincompatibility' => false
),
'expire' => array(
'default' => '1week',

4
lib/Model/Paste.php
Unescape View File

@ -14,6 +14,7 @@ namespace PrivateBin\Model;
use Exception;
use PrivateBin\Persistence\ServerSalt;
use PrivateBin\Persistence\WebServer;
use PrivateBin\PrivateBin;
use PrivateBin\Sjcl;
@ -89,7 +90,8 @@ class Paste extends AbstractModel
}
$this->_data->meta->postdate = time();
$this->_data->meta->salt = serversalt::generate();
$this->_data->meta->salt = ServerSalt::generate();
$this->_data->webserver = WebServer::restrictAccessTo();
// store paste
if (

20
lib/Persistence/AbstractPersistence.php
Unescape View File

@ -88,15 +88,17 @@ abstract class AbstractPersistence
throw new Exception('unable to create directory ' . self::$_path, 10);
}
}
$file = self::$_path . DIRECTORY_SEPARATOR . '.htaccess';
if (!is_file($file)) {
$writtenBytes = @file_put_contents(
$file,
'Require all denied' . PHP_EOL,
LOCK_EX
);
if ($writtenBytes === false || $writtenBytes < 19) {
throw new Exception('unable to write to file ' . $file, 11);
if (property_exists($data->meta, 'webserver') && $data->meta->webserver && $this->_conf->getKey('webserver') == "Apache") {
$file = self::$_path . DIRECTORY_SEPARATOR . '.htaccess';
if (!is_file($file)) {
$writtenBytes = @file_put_contents(
$file,
'Require all denied' . PHP_EOL,
LOCK_EX
);
if ($writtenBytes === false || $writtenBytes < 19) {
throw new Exception('unable to write to file ' . $file, 11);
}
}
}
}

88
lib/Persistence/WebServer.php
Unescape View File

@ -0,0 +1,88 @@
<?php
/**
* PrivateBin
*
* a zero-knowledge paste bin
*
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.1
*/
namespace PrivateBin\Persistence;
/**
* WebServer
*
* Provides detect webserver functions.
*/
class WebServer extends AbstractPersistence
{
/**
* path in which to persist something
*
* @access private
* @static
* @var string
*/
private static $_path = 'data';
/**
* key to detect server software
*
* @access private
* @static
* @var string
*/
private static $_serverKey = 'SERVER_SOFTWARE';
/**
* get a webserver
*
* @access public
* @static
* @return array
*/
public static function getWebserver()
{
$regex = "/(?<software>\w+)\/(?<version>[0-9.a-z]*)/";
if(isset($_SERVER[self::$_serverKey]) && preg_match_all($regex, $_SERVER[self::$_serverKey], $arr))
return array_merge(['software' => $arr['software'][0]], ['version' => $arr['version'][0]]);
else
return array();
}
/**
* Write a directive into .htacess
*
*
* @access public
* @static
* @throws Exception
*/
public static function restrictAccessTo()
{
$file = '.htaccess';
if (is_dir(self::$path) && !is_file($file)) {
$server = self::getWebserver();
if($server['software'] == "Apache") {
if (version_compare($server['version'], '2.2') >= 0) {
self::_store(
$file,
'Allow from none' . PHP_EOL .
'Deny from all' . PHP_EOL,
LOCK_EX
);
} else {
self::_store(
$file,
'Require all denied' . PHP_EOL,
LOCK_EX
);
}
}
}
}
}
Write Preview
Loading…
Cancel
Save