arno
/
privatebin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge branch 'master' into master

Browse Source
pull/226/head
rugk 7 years ago committed by GitHub
parent fe24371cce 502e96c129
commit 861dd347da
47 changed files with 388 additions and 255 deletions
Show Stats Download Patch File Download Diff File

3
.github/ISSUE_TEMPLATE.md vendored
Unescape View File

@ -35,5 +35,4 @@ If you have access to the server log files, also copy them here.
<!-- The version of PrivateBin, if you use an unstable version paste the commit hash or the GitHub link to the commit here (you can get it by running `git rev-parse HEAD`) -->
**PrivateBin version:**
* I can reproduce this issue on <https://privatebin.net>: Yes / No
I can reproduce this issue on <https://privatebin.net>: Yes / No

2
.styleci.yml
Unescape View File

@ -11,6 +11,8 @@ enabled:
disabled:
- blank_line_after_opening_tag
- blank_line_before_return
- blank_line_before_throw
- blank_line_before_try
- concat_without_spaces
- declare_equal_normalize
- heredoc_to_nowdoc

3
.travis.yml
Unescape View File

@ -12,10 +12,11 @@ install:
- rm -rf ~/.nvm && git clone https://github.com/creationix/nvm.git ~/.nvm && (cd ~/.nvm && git checkout `git describe --abbrev=0 --tags`) && source ~/.nvm/nvm.sh && nvm install 4
before_script:
- composer config -g github-oauth.github.com "$GITHUB_TOKEN"
- composer install -n
- npm install -g mocha
- cd js
- npm install jsverify jsdom jsdom-global
- npm install jsverify jsdom@9 jsdom-global@2
- cd ..
script:

2
CHANGELOG.md
Unescape View File

@ -6,6 +6,8 @@
* CHANGED: Minimum required PHP version is 5.4 (#186)
* CHANGED: Shipped .htaccess files were updated for Apache 2.4 (#192)
* CHANGED: Cleanup of bootstrap template variants and moved icons to `img` directory
* **1.1.1 (2017-10-06)**
* CHANGED: Switched to `.php` file extension for configuration file, to avoid leaking configuration data in unprotected installation.
* **1.1 (2016-12-26)**
* ADDED: Translations for Italian and Russian
* ADDED: Loading message displayed until decryption succeeded for slower (in terms of CPU or network) systems

76
INSTALL.md
Unescape View File

@ -3,12 +3,13 @@
**TL;DR:** Download the
[latest release archive](https://github.com/PrivateBin/PrivateBin/releases/latest)
and extract it in your web hosts folder where you want to install your PrivateBin
instance. We try to provide a safe default configuration, but we advise you to
check the options and adjust them as you see fit.
instance. We try to provide a mostly safe default configuration, but we urge you to
check the [security section](#hardening-and-security) below and the [configuration
options](#configuration) to adjust as you see fit.
## Basic installation
**NOTE:** See [our FAQ](https://github.com/PrivateBin/PrivateBin/wiki/FAQ#how-can-i-securely-clonedownload-your-project) for information how to securely download the PrivateBin release files.
### Requirements
### Minimal requirements
- PHP version 5.4 or above
- _one_ of the following sources of cryptographically safe randomness is required:
@ -20,37 +21,11 @@ check the options and adjust them as you see fit.
Mcrypt needs to be able to access `/dev/urandom`. This means if `open_basedir` is set, it must include this file.
- GD extension
- some disk space or (optional) a database supported by [PDO](https://secure.php.net/manual/book.pdo.php)
- ability to create files and folders in the installation directory and the PATH
- some disk space or (optionally) a database supported by [PDO](https://secure.php.net/manual/book.pdo.php)
- ability to create files and folders in the installation directory and the PATH defined in index.php
- A web browser with javascript support
### Configuration
In the file `cfg/conf.ini` you can configure PrivateBin. A `cfg/conf.ini.sample`
is provided containing all options and default values. You can copy it to
`cfg/conf.ini` and adapt it as needed. The config file is divided into multiple
sections, which are enclosed in square brackets.
In the `[main]` section you can enable or disable the discussion feature, set
the limit of stored pastes and comments in bytes. The `[traffic]` section lets
you set a time limit in seconds. Users may not post more often then this limit
to your PrivateBin installation.
More details can be found in the
[configuration documentation](https://github.com/PrivateBin/PrivateBin/wiki/Configuration).
## Further configuration
After (or before) setting up PrivateBin, also set up HTTPS, as without HTTPS
PrivateBin is not secure. (
[More information](https://github.com/PrivateBin/PrivateBin/wiki/FAQ#how-should-i-setup-https))
If you want to use PrivateBin behind Cloudflare, make sure you disabled Rocket
loader and unchecked "Javascript" for Auto Minify, found in your domain settings,
under "Speed". (More information
[in this FAQ entry](https://github.com/PrivateBin/PrivateBin/wiki/FAQ#user-content-how-to-make-privatebin-work-when-using-cloudflare-for-ddos-protection))
## Advanced installation
## Hardening and security
### Changing the path
@ -64,7 +39,7 @@ process (see also
> #### PATH Example
> Your PrivateBin installation lives in a subfolder called "paste" inside of
> your document root. The URL looks like this:
> https://example.com/paste/
> http://example.com/paste/
>
> The full path of PrivateBin on your webserver is:
> /home/example.com/htdocs/paste
@ -75,6 +50,29 @@ process (see also
> PrivateBin will look for your includes / data here:
> /home/example.com/secret/privatebin
### Transport security
When setting up PrivateBin, also set up HTTPS, if you haven't already. Without HTTPS
PrivateBin is not secure, as the javascript files could be manipulated during transmission.
For more information on this, see our [FAQ entry on HTTPS setup](https://github.com/PrivateBin/PrivateBin/wiki/FAQ#how-should-i-setup-https).
## Configuration
In the file `cfg/conf.php` you can configure PrivateBin. A `cfg/conf.sample.php`
is provided containing all options and default values. You can copy it to
`cfg/conf.php` and adapt it as needed. The config file is divided into multiple
sections, which are enclosed in square brackets.
In the `[main]` section you can enable or disable the discussion feature, set
the limit of stored pastes and comments in bytes. The `[traffic]` section lets
you set a time limit in seconds. Users may not post more often then this limit
to your PrivateBin installation.
More details can be found in the
[configuration documentation](https://github.com/PrivateBin/PrivateBin/wiki/Configuration).
## Advanced installation
### Web server configuration
A `robots.txt` file is provided in the root dir of PrivateBin. It disallows all
@ -88,6 +86,13 @@ some known robots and link-scanning bots. If you use Apache, you can rename the
file to `.htaccess` to enable this feature. If you use another webserver, you
have to configure it manually to do the same.
### On using Cloudflare
If you want to use PrivateBin behind Cloudflare, make sure you have disabled the Rocket
loader and unchecked "Javascript" for Auto Minify, found in your domain settings,
under "Speed". (More information
[in this FAQ entry](https://github.com/PrivateBin/PrivateBin/wiki/FAQ#user-content-how-to-make-privatebin-work-when-using-cloudflare-for-ddos-protection))
### Using a database instead of flat files
In the configuration file the `[model]` and `[model_options]` sections let you
@ -150,5 +155,4 @@ CREATE TABLE prefix_config (
INSERT INTO prefix_config VALUES('VERSION', '1.1');
```
In PostgreSQL the attachment column needs to be TEXT and not BLOB or MEDIUMBLOB.
In PostgreSQL, the attachment column needs to be TEXT and not BLOB or MEDIUMBLOB.

44
README.md
Unescape View File

@ -7,18 +7,18 @@
[![Codacy Badge](https://api.codacy.com/project/badge/Coverage/094500f62abf4c9aa0c8a8a4520e4789)](https://www.codacy.com/app/PrivateBin/PrivateBin)
[![Test Coverage](https://codeclimate.com/github/PrivateBin/PrivateBin/badges/coverage.svg)](https://codeclimate.com/github/PrivateBin/PrivateBin/coverage) [![Code Coverage](https://scrutinizer-ci.com/g/PrivateBin/PrivateBin/badges/coverage.png?b=master)](https://scrutinizer-ci.com/g/PrivateBin/PrivateBin/?branch=master)
*Current version: 1.1*
*Current version: 1.1.1*
**PrivateBin** is a minimalist, open source online pastebin where the server has
zero knowledge of pasted data.
Data is encrypted/decrypted in the browser using 256bit AES in [Galois Counter mode](https://en.wikipedia.org/wiki/Galois/Counter_Mode).
Data is encrypted and decrypted in the browser using 256bit AES in [Galois Counter mode](https://en.wikipedia.org/wiki/Galois/Counter_Mode).
This is a fork of ZeroBin, originally developed by
[Sébastien Sauvage](https://github.com/sebsauvage/ZeroBin). It was refactored
to allow easier and cleaner extensions and has now many more features than the
original. It is however still fully compatible to the original ZeroBin 0.19
data storage scheme. Therefore such installations can be upgraded to this fork
[Sébastien Sauvage](https://github.com/sebsauvage/ZeroBin). ZeroBin was refactored
to allow easier and cleaner extensions. PrivateBin has many more features than the
original ZeroBin. It is, however, still fully compatible to the original ZeroBin 0.19
data storage scheme. Therefore, such installations can be upgraded to PrivateBin
without losing any data.
## What PrivateBin provides
@ -38,37 +38,37 @@ without losing any data.
## What it doesn't provide
- As a user you have to trust the server administrator, your internet provider
and any country the traffic passes not to inject any malicious javascript code.
For a basic security the PrivateBin installation *has to provide HTTPS*!
Additionally it should be secured by
- As a user you have to trust the server administrator not to inject any malicious
javascript code.
For basic security, the PrivateBin installation *has to provide HTTPS*!
Otherwise you would also have to trust your internet provider, and any country
the traffic passes through.
Additionally the instance should be secured by
[HSTS](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) and
ideally by [HPKP](https://en.wikipedia.org/wiki/HTTP_Public_Key_Pinning) using a
certificate either validated by a trusted third party (check the certificate
when first using a new PrivateBin instance) or self-signed by the server
operator, validated using a
certificate. It can use traditional certificate authorities and/or use
[DNSSEC](https://en.wikipedia.org/wiki/Domain_Name_System_Security_Extensions)
protected
[DANE](https://en.wikipedia.org/wiki/DNS-based_Authentication_of_Named_Entities)
record.
- The "key" used to encrypt the paste is part of the URL. If you publicly post
the URL of a paste that is not password-protected, everybody can read it.
Use a password if you want your paste to be private. In this case make sure to
use a strong password and do only share it privately and end-to-end-encrypted.
the URL of a paste that is not password-protected, anyone can read it.
Use a password if you want your paste to be private. In this case, make sure to
use a strong password and only share it privately and end-to-end-encrypted.
- A server admin might be forced to hand over access logs to the authorities.
PrivateBin encrypts your text and the discussion contents, but who accessed it
first might still be disclosed via such access logs.
PrivateBin encrypts your text and the discussion contents, but who accessed a
paste (first) might still be disclosed via access logs.
- In case of a server breach your data is secure as it is only stored encrypted
on the server. However the server could be misused or the server admin could
on the server. However, the server could be misused or the server admin could
be legally forced into sending malicious JavaScript to all web users, which
grabs the decryption key and send it to the server when a user accesses a
grabs the decryption key and sends it to the server when a user accesses a
PrivateBin.
Therefore do not access any PrivateBin instance if you think it has been
Therefore, do not access any PrivateBin instance if you think it has been
compromised. As long as no user accesses this instance with a previously
generated URL, the content can''t be decrypted.
generated URL, the content can't be decrypted.
## Options

1
cfg/conf.ini.sample → cfg/conf.sample.php
Unescape View File

@ -1,3 +1,4 @@
;<?php http_response_code(403); /*
; config file for PrivateBin
;
; An explanation of each setting can be find online at https://github.com/PrivateBin/PrivateBin/wiki/Configuration.

2
css/bootstrap/privatebin.css
Unescape View File

@ -6,7 +6,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.1
* @version 1.1.1
*/
body {

2
css/noscript.css
Unescape View File

@ -6,7 +6,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.0
* @version 1.1.1
*/
/* When there is no script at all other */

2
css/privatebin.css
Unescape View File

@ -6,7 +6,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.1
* @version 1.1.1
*/
/* CSS Reset from YUI 3.4.1 (build 4118) - Copyright 2011 Yahoo! Inc. All rights reserved.

10
i18n/es.json
Unescape View File

@ -93,7 +93,7 @@
"Anonymous":
"Anónimo",
"Avatar generated from IP address":
"Avatar anónimo (Vizhash de la dirección IP)",
"Avatar generado a partir de la dirección IP",
"Add comment":
"Añadir comentario",
"Optional nickname…":
@ -130,7 +130,7 @@
"Markdown": "Markdown",
"Download attachment": "Descargar adjunto",
"Cloned: '%s'": "Clonado: '%s'.",
"The cloned file '%s' was attached to this paste.": "The cloned file '%s' was attached to this paste.",
"The cloned file '%s' was attached to this paste.": "El archivo clonado '%s' ha sido adjuntado a este texto.",
"Attach a file": "Adjuntar archivo",
"Remove attachment": "Remover adjunto",
"Your browser does not support uploading encrypted files. Please use a newer browser.":
@ -147,9 +147,9 @@
"Enter password":
"Ingrese contraseña",
"Loading…": "Cargando…",
"Decrypting paste…": "Decrypting paste…",
"Preparing new paste…": "Preparing new paste…",
"Decrypting paste…": "Descifrando texto…",
"Preparing new paste…": "Preparando texto nuevo…",
"In case this message never disappears please have a look at <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">this FAQ for information to troubleshoot</a>.":
"En caso de que este mensaje nunca desaparezca por favor revise <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">este FAQ para obtener información para solucionar problemas</a>.",
"+++ no paste text +++": "+++ no paste text +++"
"+++ no paste text +++": "+++ sin texto +++"
}

8
i18n/fr.json
Unescape View File

@ -83,7 +83,7 @@
"Could not decrypt data (Wrong key?)":
"Impossible de déchiffrer les données (mauvaise clé ?)",
"Could not delete the paste, it was not stored in burn after reading mode.":
"Impossible de supprimer le paste, car il n'a pas été stoclé en mode \"Effacer après lecture\".",
"Impossible de supprimer le paste, car il n'a pas été stocké en mode \"Effacer après lecture\".",
"FOR YOUR EYES ONLY. Don't close this window, this message can't be displayed again.":
"POUR VOS YEUX UNIQUEMENT. Ne fermez pas cette fenêtre, ce paste ne pourra plus être affiché.",
"Could not decrypt comment; Wrong key?":
@ -93,7 +93,7 @@
"Anonymous":
"Anonyme",
"Avatar generated from IP address":
"Avatar anonyme (Vizhash de l'adresse IP)",
"Avatar généré à partir de l'adresse IP",
"Add comment":
"Ajouter un commentaire",
"Optional nickname…":
@ -139,7 +139,7 @@
"Markdown": "Markdown",
"Download attachment": "Télécharger la pièce jointe",
"Cloned: '%s'": "Cloner '%s'",
"The cloned file '%s' was attached to this paste.": "The cloned file '%s' was attached to this paste.",
"The cloned file '%s' was attached to this paste.": "Le fichier cloné '%s' a été attaché à ce paste.",
"Attach a file": "Attacher un fichier ",
"Remove attachment": "Enlever l'attachement",
"Your browser does not support uploading encrypted files. Please use a newer browser.":
@ -160,5 +160,5 @@
"Preparing new paste…": "Préparation du paste…",
"In case this message never disappears please have a look at <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">this FAQ for information to troubleshoot</a>.":
"Si ce message ne disparaîssait pas, jetez un oeil à <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">cette FAQ pour des idées de résolution</a> (en Anglais).",
"+++ no paste text +++": "+++ no paste text +++"
"+++ no paste text +++": "+++ pas de paste-text +++"
}

36
i18n/oc.json
Unescape View File

@ -1,9 +1,9 @@
{
"PrivateBin": "PrivateBin",
"%s is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted <i>in the browser</i> using 256 bits AES. More information on the <a href=\"https://privatebin.info/\">project page</a>.":
"%s es un 'pastebin' (o gestionari d'extrachs de tèxte e còdi font) minimalista e open source, dins lo qual lo servidor a pas cap de coneissença de las donadas mandadas. Las donadas son chifradas/deschifradas <i>dins lo navigator</i> per un chiframent AES 256 bits. Mai informacions sus <a href=\"https://privatebin.info/\">la pagina del projècte</a>.",
"%s es un 'pastebin' (o gestionari dextrachs de tèxte e còdi font) minimalista e open source, dins lo qual lo servidor a pas cap de coneissença de las donadas mandadas. Las donadas son chifradas/deschifradas <i>dins lo navigator</i> per un chiframent AES 256 bits. Mai informacions sus <a href=\"https://privatebin.info/\">la pagina del projècte</a>.",
"Because ignorance is bliss":
"Perque l'ignorància es bonaür",
"Perque lo bonaür es lignorància",
"en": "oc",
"Paste does not exist, has expired or has been deleted.":
"Lo tèxte existís pas, a expirat, o es estat suprimit.",
@ -32,11 +32,11 @@
"Paste was properly deleted.":
"Lo tèxte es estat correctament suprimit.",
"JavaScript is required for %s to work.<br />Sorry for the inconvenience.":
"JavaScript es requesit per far foncionar %s. <br />O planhèm per l'inconvenient.",
"JavaScript es requesit per far foncionar %s. <br />O planhèm per linconvenient.",
"%s requires a modern browser to work.":
"%s necessita un navigator modèrn per foncionar.",
"Still using Internet Explorer? Do yourself a favor, switch to a modern browser:":
"Encora sus Internet Explorer ? Fasètz-vos una favor, passatz a un navigator modèrn :",
"Encora sus Internet Explorer?Fasètz-vos una favor, passatz a un navigator modèrn:",
"New":
"Nòu",
"Send":
@ -67,7 +67,7 @@
"Never":
"Jamai",
"Note: This is a test service: Data may be deleted anytime. Kittens will die if you abuse this service.":
"Nota : Aquò es un servici d'espròva : las donadas pòdon èsser suprimidas a cada moment. De catons moriràn s'abusatz d'aqueste servici.",
"Nota:Aquò es un servici despròva:las donadas pòdon èsser suprimidas a cada moment. De catons moriràn sabusatz daqueste servici.",
"This document will expire in %d seconds.":
["Ce document expirera dans %d seconde.", "Aqueste document expirarà dins %d segondas."],
"This document will expire in %d minutes.":
@ -79,21 +79,21 @@
"This document will expire in %d months.":
["Ce document expirera dans %d mois.", "Aqueste document expirarà dins %d meses."],
"Please enter the password for this paste:":
"Picatz lo senhal per aqueste tèxte :",
"Picatz lo senhal per aqueste tèxte:",
"Could not decrypt data (Wrong key?)":
"Impossible de deschifrar las donadas (marrida clau ?)",
"Impossible de deschifrar las donadas (marrida clau?)",
"Could not delete the paste, it was not stored in burn after reading mode.":
"Impossible de suprimir lo tèxte, perque es pas estat gardat en mòde \"Escafar aprèp lectura\".",
"FOR YOUR EYES ONLY. Don't close this window, this message can't be displayed again.":
"PER VÒSTRES UÈLHS SOLAMENT. Tampetz pas aquesta fenèstra, aqueste tèxte poirà pas mai èsser afichat.",
"Could not decrypt comment; Wrong key?":
"Impossible de deschifrar lo comentari ; marrida clau ?",
"Impossible de deschifrar lo comentari ; marrida clau?",
"Reply":
"Respondre",
"Anonymous":
"Anonime",
"Avatar generated from IP address":
"Avatar anonime (Vizhash de l'adreça IP)",
"Avatar anonime (Vizhash de ladreça IP)",
"Add comment":
"Apondre un comentari",
"Optional nickname…":
@ -105,25 +105,25 @@
"Comment posted.":
"Comentari mandat.",
"Could not refresh display: %s":
"Impossible d'actualizar l'afichatge : %s",
"Impossible dactualizar lafichatge:%s",
"unknown status":
"Estatut desconegut",
"server error or not responding":
"Lo servidor respond pas o a rencontrat una error",
"Could not post comment: %s":
"Impossible de mandar lo comentari : %s",
"Impossible de mandar lo comentari:%s",
"Please move your mouse for more entropy…":
"Mercés de bolegar vòstra mirga per mai entropia…",
"Sending paste…":
"Mandadís del tèxte…",
"Your paste is <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Hit [Ctrl]+[c] to copy)</span>":
"Vòstre tèxte es disponible a l'adreça <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Picatz sus [Ctrl]+[c] per copiar)</span>",
"Vòstre tèxte es disponible a ladreça <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Picatz sus [Ctrl]+[c] per copiar)</span>",
"Delete data":
"Supprimir las donadas del tèxte",
"Could not create paste: %s":
"Impossible de crear lo tèxte : %s",
"Impossible de crear lo tèxte:%s",
"Cannot decrypt paste: Decryption key missing in URL (Did you use a redirector or an URL shortener which strips part of the URL?)":
"Impossible de deschifrar lo tèxte : Clau de deschiframent absenta de l'URL (Avètz utilizat un redirector o un site de reduccion d'URL que suprimís una partida de l'URL ?)",
"Impossible de deschifrar lo tèxte:Clau de deschiframent absenta de lURL (Avètz utilizat un redirector o un site de reduccion dURL que suprimís una partida de lURL?)",
"B": "o",
"KiB": "Kio",
"MiB": "Mio",
@ -139,14 +139,14 @@
"Markdown": "Markdown",
"Download attachment": "Telecargar la pèça junta",
"Cloned: '%s'": "Clonar: '%s'",
"The cloned file '%s' was attached to this paste.": "The cloned file '%s' was attached to this paste.",
"The cloned file '%s' was attached to this paste.": "Aqueste fichièr clonat '%s' es estat ajustat a aqueste tèxte.",
"Attach a file": "Juntar un fichièr ",
"Remove attachment": "Levar la pèca junta",
"Your browser does not support uploading encrypted files. Please use a newer browser.":
"Vòstre navigator es pas compatible amb lo mandadís de fichièrs chifrats. Mercés d'emplegar un navigator mai recent.",
"Vòstre navigator es pas compatible amb lo mandadís de fichièrs chifrats. Mercés demplegar un navigator mai recent.",
"Invalid attachment.": "Pèça junta invalida.",
"Options": "Opcions",
"Shorten URL": "Acorchir l'URL",
"Shorten URL": "Acorchir lURL",
"Editor": "Editar",
"Preview": "Previsualizar",
"%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.":
@ -159,6 +159,6 @@
"Decrypting paste…": "Decrypting paste…",
"Preparing new paste…": "Preparing new paste…",
"In case this message never disappears please have a look at <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">this FAQ for information to troubleshoot</a>.":
"Se per cas aqueste messatge quita pas de s'afichar mercés de gaitar <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">aquesta FAQ per las solucions</a> (en Anglés).",
"Se per cas aqueste messatge quita pas de safichar mercés de gaitar <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">aquesta FAQ per las solucions</a> (en Anglés).",
"+++ no paste text +++": "+++ no paste text +++"
}

2
js/privatebin.js
Unescape View File

@ -6,7 +6,7 @@
* @see {@link https://github.com/PrivateBin/PrivateBin}
* @copyright 2012 Sébastien SAUVAGE ({@link http://sebsauvage.net})
* @license {@link https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License}
* @version 1.1
* @version 1.1.1
* @name PrivateBin
* @namespace
*/

40
js/test.js
Unescape View File

@ -78,6 +78,7 @@ describe('Helper', function () {
// this test is not yet meaningful using jsdom, as it does not contain getSelection support.
// TODO: This needs to be tested using a browser.
describe('selectText', function () {
this.timeout(30000);
jsc.property(
'selection contains content of given ID',
jsc.nearray(jsc.nearray(jsc.elements(alnumString))),
@ -271,6 +272,7 @@ describe('Helper', function () {
});
describe('getCookie', function () {
this.timeout(30000);
jsc.property(
'returns the requested cookie',
'nearray asciinestring',
@ -299,6 +301,7 @@ describe('Helper', function () {
});
describe('baseUri', function () {
this.timeout(30000);
before(function () {
$.PrivateBin.Helper.reset();
});
@ -413,6 +416,7 @@ describe('I18n', function () {
// loading of JSON via AJAX needs to be tested in the browser, this just mocks it
// TODO: This needs to be tested using a browser.
describe('loadTranslations', function () {
this.timeout(30000);
before(function () {
$.PrivateBin.I18n.reset();
});
@ -561,7 +565,42 @@ describe('CryptTool', function () {
});
describe('Model', function () {
describe('getExpirationDefault', function () {
before(function () {
$.PrivateBin.Model.reset();
cleanup();
});
jsc.property(
'returns the contents of the element with id "pasteExpiration"',
'array asciinestring',
'string',
'small nat',
function (keys, value, key) {
keys = keys.map($.PrivateBin.Helper.htmlEntities);
value = $.PrivateBin.Helper.htmlEntities(value);
var content = keys.length > key ? keys[key] : (keys.length > 0 ? keys[0] : 'null'),
contents = '<select id="pasteExpiration" name="pasteExpiration">';
keys.forEach(function(item) {
contents += '<option value="' + item + '"';
if (item === content) {
contents += ' selected="selected"';
}
contents += '>' + value + '</option>';
});
contents += '</select>';
$('body').html(contents);
var result = $.PrivateBin.Helper.htmlEntities(
$.PrivateBin.Model.getExpirationDefault()
);
$.PrivateBin.Model.reset();
return content === result;
}
);
});
describe('getPasteId', function () {
this.timeout(30000);
before(function () {
$.PrivateBin.Model.reset();
cleanup();
@ -610,6 +649,7 @@ describe('Model', function () {
});
describe('getPasteKey', function () {
this.timeout(30000);
jsc.property(
'returns the fragment of the URL',
jsc.nearray(jsc.elements(a2zString)),

19
lib/Configuration.php
Unescape View File

@ -7,13 +7,14 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.1
* @version 1.1.1
*/
namespace PrivateBin;
use Exception;
use PDO;
use PrivateBin\Persistence\DataStore;
/**
* Configuration
@ -100,7 +101,20 @@ class Configuration
public function __construct()
{
$config = array();
$configFile = PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.ini';
$configFile = PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.php';
$configIni = PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.ini';
// rename INI files to avoid configuration leakage
if (is_readable($configIni)) {
DataStore::prependRename($configIni, $configFile, ';');
// cleanup sample, too
$configIniSample = $configIni . '.sample';
if (is_readable($configIniSample)) {
DataStore::prependRename($configIniSample, PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.sample.php', ';');
}
}
if (is_readable($configFile)) {
$config = parse_ini_file($configFile, true);
foreach (array('main', 'model', 'model_options') as $section) {
@ -109,6 +123,7 @@ class Configuration
}
}
}
$opts = '_options';
foreach (self::getDefaults() as $section => $values) {
// fill missing sections with default values

2
lib/Data/AbstractData.php
Unescape View File

@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.1
* @version 1.1.1
*/
namespace PrivateBin\Data;

7
lib/Data/Database.php
Unescape View File

@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.1
* @version 1.1.1
*/
namespace PrivateBin\Data;
@ -693,9 +693,8 @@ class Database extends AbstractData
'CREATE INDEX IF NOT EXISTS comment_parent ON ' .
self::_sanitizeIdentifier('comment') . '(pasteid);'
);
// no break, continue with updates for 0.22
case '0.22':
case '1.0':
// no break, continue with updates for 0.22 and later
default:
self::_exec(
'UPDATE ' . self::_sanitizeIdentifier('config') .
' SET value = ? WHERE id = ?',

51
lib/Data/Filesystem.php
Unescape View File

@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.1
* @version 1.1.1
*/
namespace PrivateBin\Data;
@ -57,7 +57,7 @@ class Filesystem extends AbstractData
public function create($pasteid, $paste)
{
$storagedir = self::_dataid2path($pasteid);
$file = $storagedir . $pasteid;
$file = $storagedir . $pasteid . '.php';
if (is_file($file)) {
return false;
}
@ -79,9 +79,7 @@ class Filesystem extends AbstractData
if (!$this->exists($pasteid)) {
return false;
}
$paste = json_decode(
file_get_contents(self::_dataid2path($pasteid) . $pasteid)
);
$paste = DataStore::get(self::_dataid2path($pasteid) . $pasteid . '.php');
if (property_exists($paste->meta, 'attachment')) {
$paste->attachment = $paste->meta->attachment;
unset($paste->meta->attachment);
@ -104,8 +102,8 @@ class Filesystem extends AbstractData
$pastedir = self::_dataid2path($pasteid);
if (is_dir($pastedir)) {
// Delete the paste itself.
if (is_file($pastedir . $pasteid)) {
unlink($pastedir . $pasteid);
if (is_file($pastedir . $pasteid . '.php')) {
unlink($pastedir . $pasteid . '.php');
}
// Delete discussion if it exists.
@ -133,7 +131,26 @@ class Filesystem extends AbstractData
*/
public function exists($pasteid)
{
return is_file(self::_dataid2path($pasteid) . $pasteid);
$basePath = self::_dataid2path($pasteid) . $pasteid;
$pastePath = $basePath . '.php';
// convert to PHP protected files if needed
if (is_readable($basePath)) {
DataStore::prependRename($basePath, $pastePath);
// convert comments, too
$discdir = self::_dataid2discussionpath($pasteid);
if (is_dir($discdir)) {
$dir = dir($discdir);
while (false !== ($filename = $dir->read())) {
if (substr($filename, -4) !== '.php' && strlen($filename) >= 16) {
$commentFilename = $discdir . $filename . '.php';
DataStore::prependRename($discdir . $filename, $commentFilename);
}
}
$dir->close();
}
}
return is_readable($pastePath);
}
/**
@ -149,7 +166,7 @@ class Filesystem extends AbstractData
public function createComment($pasteid, $parentid, $commentid, $comment)
{
$storagedir = self::_dataid2discussionpath($pasteid);
$file = $storagedir . $pasteid . '.' . $commentid . '.' . $parentid;
$file = $storagedir . $pasteid . '.' . $commentid . '.' . $parentid . '.php';
if (is_file($file)) {
return false;
}
@ -171,15 +188,14 @@ class Filesystem extends AbstractData
$comments = array();
$discdir = self::_dataid2discussionpath($pasteid);
if (is_dir($discdir)) {
// Delete all files in discussion directory
$dir = dir($discdir);
while (false !== ($filename = $dir->read())) {
// Filename is in the form pasteid.commentid.parentid:
// Filename is in the form pasteid.commentid.parentid.php:
// - pasteid is the paste this reply belongs to.
// - commentid is the comment identifier itself.
// - parentid is the comment this comment replies to (It can be pasteid)
if (is_file($discdir . $filename)) {
$comment = json_decode(file_get_contents($discdir . $filename));
$comment = DataStore::get($discdir . $filename);
$items = explode('.', $filename);
// Add some meta information not contained in file.
$comment->id = $items[1];
@ -211,7 +227,7 @@ class Filesystem extends AbstractData
{
return is_file(
self::_dataid2discussionpath($pasteid) .
$pasteid . '.' . $commentid . '.' . $parentid
$pasteid . '.' . $commentid . '.' . $parentid . '.php'
);
}
@ -253,7 +269,14 @@ class Filesystem extends AbstractData
continue;
}
$thirdLevel = array_filter(
scandir($path),
array_map(
function ($filename) {
return strlen($filename) >= 20 ?
substr($filename, 0, -4) :
$filename;
},
scandir($path)
),
'PrivateBin\\Model\\Paste::isValidId'
);
if (count($thirdLevel) == 0) {

2
lib/Filter.php
Unescape View File

@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.1
* @version 1.1.1
*/
namespace PrivateBin;

2
lib/I18n.php
Unescape View File

@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.1
* @version 1.1.1
*/
namespace PrivateBin;

2
lib/Json.php
Unescape View File

@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.1
* @version 1.1.1
*/
namespace PrivateBin;

2
lib/Model.php
Unescape View File

@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.1
* @version 1.1.1
*/
namespace PrivateBin;

2
lib/Model/AbstractModel.php
Unescape View File

@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.1
* @version 1.1.1
*/
namespace PrivateBin\Model;

2
lib/Model/Comment.php
Unescape View File

@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.1
* @version 1.1.1
*/
namespace PrivateBin\Model;

2
lib/Model/Paste.php
Unescape View File

@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.1
* @version 1.1.1
*/
namespace PrivateBin\Model;

2
lib/Persistence/AbstractPersistence.php
Unescape View File

@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.1
* @version 1.1.1
*/
namespace PrivateBin\Persistence;

44
lib/Persistence/DataStore.php
Unescape View File

@ -22,6 +22,13 @@ use PrivateBin\Json;
*/
class DataStore extends AbstractPersistence
{
/**
* first line in file, to protect its contents
*
* @const string
*/
const PROTECTION_LINE = '<?php http_response_code(403); /*';
/**
* store the data
*
@ -38,10 +45,45 @@ class DataStore extends AbstractPersistence
$filename = substr($filename, strlen($path));
}
try {
self::_store($filename, Json::encode($data));
self::_store($filename, self::PROTECTION_LINE . PHP_EOL . Json::encode($data));
return true;
} catch (Exception $e) {
return false;
}
}
/**
* get the data
*
* @access public
* @static
* @param string $filename
* @return stdClass|false $data
*/
public static function get($filename)
{
return json_decode(substr(file_get_contents($filename), strlen(self::PROTECTION_LINE . PHP_EOL)));
}
/**
* rename a file, prepending the protection line at the beginning
*
* @access public
* @static
* @param string $srcFile
* @param string $destFile
* @param string $prefix (optional)
* @return void
*/
public static function prependRename($srcFile, $destFile, $prefix = '')
{
// don't overwrite already converted file
if (!is_readable($destFile)) {
$handle = fopen($srcFile, 'r', false, stream_context_create());
file_put_contents($destFile, $prefix . self::PROTECTION_LINE . PHP_EOL);
file_put_contents($destFile, $handle, FILE_APPEND);
fclose($handle);
}
unlink($srcFile);
}
}

2
lib/Persistence/PurgeLimiter.php
Unescape View File

@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.1
* @version 1.1.1
*/
namespace PrivateBin\Persistence;

2
lib/Persistence/ServerSalt.php
Unescape View File

@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.1
* @version 1.1.1
*/
namespace PrivateBin\Persistence;

2
lib/Persistence/TrafficLimiter.php
Unescape View File

@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.1
* @version 1.1.1
*/
namespace PrivateBin\Persistence;

4
lib/PrivateBin.php
Unescape View File

@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.1
* @version 1.1.1
*/
namespace PrivateBin;
@ -28,7 +28,7 @@ class PrivateBin
*
* @const string
*/
const VERSION = '1.1';
const VERSION = '1.1.1';
/**
* minimal required PHP version

2
lib/Request.php
Unescape View File

@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.1
* @version 1.1.1
*/
namespace PrivateBin;

2
lib/Sjcl.php
Unescape View File

@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.1
* @version 1.1.1
*/
namespace PrivateBin;

2
lib/View.php
Unescape View File

@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license http://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.1
* @version 1.1.1
*/
namespace PrivateBin;

2
lib/Vizhash16x16.php
Unescape View File

@ -8,7 +8,7 @@
* @link http://sebsauvage.net/wiki/doku.php?id=php:vizhash_gd
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 0.0.5 beta PrivateBin 1.1
* @version 0.0.5 beta PrivateBin 1.1.1
*/
namespace PrivateBin;

4
tpl/bootstrap.php
Unescape View File

@ -69,7 +69,7 @@ if ($MARKDOWN):
<?php
endif;
?>
<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-7WGautcQxef6PeNh1sNcdCFCNRNo2uULN7QCgjqd+fWalRubtu1mtMEz8BLQ8sKgzPRF8E6dqgBQJ5ycwt03gA==" crossorigin="anonymous"></script>
<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-gTAGAlxWTLH1PaXA4q9l0kME8wPPWi2iub5uU7HZ3A2bisLtjMIsaZ/Ecu4+sawFvvedAzbh9Y4rR34Ct3oF5Q==" crossorigin="anonymous"></script>
<!--[if lt IE 10]>
<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
<![endif]-->
@ -269,7 +269,7 @@ if ($PASSWORD):
?>
<li>
<div id="password" class="navbar-form hidden">
<input type="password" id="passwordinput" placeholder="<?php echo I18n::_('Password (recommended)'); ?>" class="form-control" size="19" />
<input type="password" id="passwordinput" placeholder="<?php echo I18n::_('Password (recommended)'); ?>" class="form-control" size="23" />
</div>
</li>
<?php

2
tpl/page.php
Unescape View File

@ -47,7 +47,7 @@ if ($MARKDOWN):
<?php
endif;
?>
<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-7WGautcQxef6PeNh1sNcdCFCNRNo2uULN7QCgjqd+fWalRubtu1mtMEz8BLQ8sKgzPRF8E6dqgBQJ5ycwt03gA==" crossorigin="anonymous"></script>
<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-gTAGAlxWTLH1PaXA4q9l0kME8wPPWi2iub5uU7HZ3A2bisLtjMIsaZ/Ecu4+sawFvvedAzbh9Y4rR34Ct3oF5Q==" crossorigin="anonymous"></script>
<!--[if lt IE 10]>
<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
<![endif]-->

12
tst/Bootstrap.php
Unescape View File

@ -12,10 +12,10 @@ if (!defined('PATH')) {
define('PATH', '..' . DIRECTORY_SEPARATOR);
}
if (!defined('CONF')) {
define('CONF', PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.ini');
define('CONF', PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.php');
}
if (!is_file(CONF)) {
copy(CONF . '.sample', CONF);
if (!defined('CONF_SAMPLE')) {
define('CONF_SAMPLE', PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.sample.php');
}
require PATH . 'vendor/autoload.php';
@ -203,6 +203,9 @@ class Helper
if (!is_file(CONF . '.bak') && is_file(CONF)) {
rename(CONF, CONF . '.bak');
}
if (!is_file(CONF_SAMPLE . '.bak') && is_file(CONF_SAMPLE)) {
copy(CONF_SAMPLE, CONF_SAMPLE . '.bak');
}
}
/**
@ -215,6 +218,9 @@ class Helper
if (is_file(CONF . '.bak')) {
rename(CONF . '.bak', CONF);
}
if (is_file(CONF_SAMPLE . '.bak')) {
rename(CONF_SAMPLE . '.bak', CONF_SAMPLE);
}
}
/**

48
tst/ConfigurationTest.php
Unescape View File

@ -12,7 +12,7 @@ class ConfigurationTest extends PHPUnit_Framework_TestCase
{
/* Setup Routine */
Helper::confBackup();
$this->_options = configuration::getDefaults();
$this->_options = Configuration::getDefaults();
$this->_options['model_options']['dir'] = PATH . $this->_options['model_options']['dir'];
$this->_options['traffic']['dir'] = PATH . $this->_options['traffic']['dir'];
$this->_options['purge']['dir'] = PATH . $this->_options['purge']['dir'];
@ -22,12 +22,14 @@ class ConfigurationTest extends PHPUnit_Framework_TestCase
public function tearDown()
{
/* Tear Down Routine */
if (is_file(CONF)) {
unlink(CONF);
}
Helper::confRestore();
}
public function testDefaultConfigFile()
{
$this->assertTrue(copy(CONF . '.bak', CONF), 'copy default configuration file');
$conf = new Configuration;
$this->assertEquals($this->_options, $conf->get(), 'default configuration is correct');
}
@ -41,7 +43,9 @@ class ConfigurationTest extends PHPUnit_Framework_TestCase
public function testHandleMissingConfigFile()
{
@unlink(CONF);
if (is_file(CONF)) {
unlink(CONF);
}
$conf = new Configuration;
$this->assertEquals($this->_options, $conf->get(), 'returns correct defaults on missing file');
}
@ -135,4 +139,42 @@ class ConfigurationTest extends PHPUnit_Framework_TestCase
$conf = new Configuration;
$this->assertEquals('Database', $conf->getKey('class', 'model'), 'old db class gets renamed');
}
public function testHandleConfigFileRename()
{
$options = $this->_options;
Helper::createIniFile(PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.ini.sample', $options);
$options['main']['opendiscussion'] = true;
$options['main']['fileupload'] = true;
$options['main']['template'] = 'darkstrap';
Helper::createIniFile(PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.ini', $options);
$conf = new Configuration;
$this->assertFileExists(CONF, 'old configuration file gets converted');
$this->assertFileNotExists(PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.ini', 'old configuration file gets removed');
$this->assertFileNotExists(PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.ini.sample', 'old configuration sample file gets removed');
$this->assertTrue(
$conf->getKey('opendiscussion') &&
$conf->getKey('fileupload') &&
$conf->getKey('template') === 'darkstrap',
'configuration values get converted'
);
}
public function testRenameIniSample()
{
$iniSample = PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.ini.sample';
Helper::createIniFile(PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.ini', $this->_options);
if (is_file(CONF)) {
unlink(CONF);
}
rename(CONF_SAMPLE, $iniSample);
new Configuration;
$this->assertFileNotExists($iniSample, 'old sample file gets removed');
$this->assertFileExists(CONF_SAMPLE, 'new sample file gets created');
$this->assertFileExists(CONF, 'old configuration file gets converted');
$this->assertFileNotExists(PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.ini', 'old configuration file gets removed');
}
}

11
tst/ConfigurationTestGenerator.php
Unescape View File

@ -159,7 +159,7 @@ new ConfigurationTestGenerator(array(
array(
'type' => 'RegExp',
'args' => array(
'#<link[^>]+type="text/css"[^>]+rel="stylesheet"[^>]+href="css/privatebin\.css\\?\d+\.\d+"[^>]*/>#',
'#<link[^>]+type="text/css"[^>]+rel="stylesheet"[^>]+href="css/privatebin\.css\\?\d[\d\.]+\d+"[^>]*/>#',
'$content',
'outputs "page" stylesheet correctly',
),
@ -179,7 +179,7 @@ new ConfigurationTestGenerator(array(
array(
'type' => 'NotRegExp',
'args' => array(
'#<link[^>]+type="text/css"[^>]+rel="stylesheet"[^>]+href="css/privatebin\.css\\?\d+\.\d+"[^>]*/>#',
'#<link[^>]+type="text/css"[^>]+rel="stylesheet"[^>]+href="css/privatebin\.css\\?\d[\d\.]+\d+"[^>]*/>#',
'$content',
'removes "page" stylesheet correctly',
),
@ -344,7 +344,7 @@ class ConfigurationTestGenerator
*/
private function _writeConfigurationTest()
{
$defaultOptions = parse_ini_file(CONF, true);
$defaultOptions = parse_ini_file(CONF_SAMPLE, true);
$code = $this->_getHeader();
foreach ($this->_configurations as $key => $conf) {
$fullOptions = array_replace_recursive($defaultOptions, $conf['options']);
@ -425,7 +425,7 @@ class ConfigurationCombinationsTest extends PHPUnit_Framework_TestCase
{
/* Setup Routine */
Helper::confBackup();
$this->_path = sys_get_temp_dir() . DIRECTORY_SEPARATOR . 'privatebin_data';
$this->_path = sys_get_temp_dir() . DIRECTORY_SEPARATOR . 'privatebin_data';
$this->_model = Filesystem::getInstance(array('dir' => $this->_path));
ServerSalt::setPath($this->_path);
TrafficLimiter::setPath($this->_path);
@ -435,9 +435,10 @@ class ConfigurationCombinationsTest extends PHPUnit_Framework_TestCase
public function tearDown()
{
/* Tear Down Routine */
unlink(CONF);
Helper::confRestore();
Helper::rmDir($this->_path);
}
}
public function reset($configuration = array())
{

45
tst/Data/FilesystemTest.php
Unescape View File

@ -130,4 +130,49 @@ class FilesystemTest extends PHPUnit_Framework_TestCase
$this->assertFalse($this->_model->createComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getCommentId(), $comment), 'unable to store broken comment');
$this->assertFalse($this->_model->existsComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getCommentId()), 'comment does still not exist');
}
public function testOldFilesGetConverted()
{
// generate 10 (default purge batch size) pastes in the old format
$paste = Helper::getPaste();
$comment = Helper::getComment();
$commentid = Helper::getCommentId();
$ids = array();
for ($i = 0, $max = 10; $i < $max; ++$i) {
// PHPs mt_rand only supports 32 bit or up 0x7fffffff on 64 bit systems to be precise :-/
$dataid = str_pad(dechex(mt_rand(0, mt_getrandmax())), 8, '0', STR_PAD_LEFT) .
str_pad(dechex(mt_rand(0, mt_getrandmax())), 8, '0', STR_PAD_LEFT);
$storagedir = $this->_path . DIRECTORY_SEPARATOR . substr($dataid, 0, 2) .
DIRECTORY_SEPARATOR . substr($dataid, 2, 2) . DIRECTORY_SEPARATOR;
$ids[$dataid] = $storagedir;
if (!is_dir($storagedir)) {
mkdir($storagedir, 0700, true);
}
file_put_contents($storagedir . $dataid, json_encode($paste));
$storagedir .= $dataid . '.discussion' . DIRECTORY_SEPARATOR;
if (!is_dir($storagedir)) {
mkdir($storagedir, 0700, true);
}
file_put_contents($storagedir . $dataid . '.' . $commentid . '.' . $dataid, json_encode($comment));
}
// check that all 10 pastes were converted after the purge
$this->_model->purge(10);
foreach ($ids as $dataid => $storagedir) {
$this->assertFileExists($storagedir . $dataid . '.php', "paste $dataid exists in new format");
$this->assertFileNotExists($storagedir . $dataid, "old format paste $dataid got removed");
$this->assertTrue($this->_model->exists($dataid), "paste $dataid exists");
$this->assertEquals($this->_model->read($dataid), json_decode(json_encode($paste)), "paste $dataid wasn't modified in the conversion");
$storagedir .= $dataid . '.discussion' . DIRECTORY_SEPARATOR;
$this->assertFileExists($storagedir . $dataid . '.' . $commentid . '.' . $dataid . '.php', "comment of $dataid exists in new format");
$this->assertFileNotExists($storagedir . $dataid . '.' . $commentid . '.' . $dataid, "old format comment of $dataid got removed");
$this->assertTrue($this->_model->existsComment($dataid, $dataid, $commentid), "comment in paste $dataid exists");
$comment = json_decode(json_encode($comment));
$comment->id = $commentid;
$comment->parentid = $dataid;
$this->assertEquals($this->_model->readComments($dataid), array($comment->meta->postdate => $comment), "comment of $dataid wasn't modified in the conversion");
}
}
}

37
tst/JsonApiTest.php
Unescape View File

@ -14,30 +14,17 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
public function setUp()
{
/* Setup Routine */
Helper::confBackup();
$this->_path = sys_get_temp_dir() . DIRECTORY_SEPARATOR . 'privatebin_data';
$this->_model = Filesystem::getInstance(array('dir' => $this->_path));
ServerSalt::setPath($this->_path);
$this->reset();
}
public function tearDown()
{
/* Tear Down Routine */
Helper::confRestore();
Helper::rmDir($this->_path);
}
public function reset()
{
$_POST = array();
$_GET = array();
$_SERVER = array();
if ($this->_model->exists(Helper::getPasteId())) {
$this->_model->delete(Helper::getPasteId());
}
Helper::confRestore();
$options = parse_ini_file(CONF, true);
$options = parse_ini_file(CONF_SAMPLE, true);
$options['purge']['dir'] = $this->_path;
$options['traffic']['dir'] = $this->_path;
$options['model_options']['dir'] = $this->_path;
@ -45,15 +32,21 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
Helper::createIniFile(CONF, $options);
}
public function tearDown()
{
/* Tear Down Routine */
unlink(CONF);
Helper::confRestore();
Helper::rmDir($this->_path);
}
/**
* @runInSeparateProcess
*/
public function testCreate()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getPaste();
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
@ -80,10 +73,8 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
*/
public function testPut()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$paste = Helper::getPaste();
unset($paste['meta']);
@ -117,7 +108,6 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
*/
public function testDelete()
{
$this->reset();
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
$this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data');
$paste = $this->_model->read(Helper::getPasteId());
@ -144,7 +134,6 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
*/
public function testDeleteWithPost()
{
$this->reset();
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
$this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data');
$paste = $this->_model->read(Helper::getPasteId());
@ -168,7 +157,6 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
*/
public function testRead()
{
$this->reset();
$paste = Helper::getPasteWithAttachment();
$paste['meta']['attachment'] = $paste['attachment'];
$paste['meta']['attachmentname'] = $paste['attachmentname'];
@ -200,7 +188,6 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
*/
public function testJsonLdPaste()
{
$this->reset();
$paste = Helper::getPasteWithAttachment();
$this->_model->create(Helper::getPasteId(), $paste);
$_GET['jsonld'] = 'paste';
@ -220,7 +207,6 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
*/
public function testJsonLdComment()
{
$this->reset();
$paste = Helper::getPasteWithAttachment();
$this->_model->create(Helper::getPasteId(), $paste);
$_GET['jsonld'] = 'comment';
@ -240,7 +226,6 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
*/
public function testJsonLdPasteMeta()
{
$this->reset();
$paste = Helper::getPasteWithAttachment();
$this->_model->create(Helper::getPasteId(), $paste);
$_GET['jsonld'] = 'pastemeta';
@ -260,7 +245,6 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
*/
public function testJsonLdCommentMeta()
{
$this->reset();
$paste = Helper::getPasteWithAttachment();
$this->_model->create(Helper::getPasteId(), $paste);
$_GET['jsonld'] = 'commentmeta';
@ -280,10 +264,9 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
*/
public function testJsonLdInvalid()
{
$this->reset();
$paste = Helper::getPasteWithAttachment();
$this->_model->create(Helper::getPasteId(), $paste);
$_GET['jsonld'] = '../cfg/conf.ini';
$_GET['jsonld'] = CONF;
ob_start();
new PrivateBin;
$content = ob_get_contents();

7
tst/ModelTest.php
Unescape View File

@ -20,13 +20,12 @@ class ModelTest extends PHPUnit_Framework_TestCase
public function setUp()
{
/* Setup Routine */
Helper::confRestore();
$this->_path = sys_get_temp_dir() . DIRECTORY_SEPARATOR . 'privatebin_data';
if (!is_dir($this->_path)) {
mkdir($this->_path);
}
ServerSalt::setPath($this->_path);
$options = parse_ini_file(CONF, true);
$options = parse_ini_file(CONF_SAMPLE, true);
$options['purge']['limit'] = 0;
$options['model'] = array(
'class' => 'Database',
@ -47,6 +46,7 @@ class ModelTest extends PHPUnit_Framework_TestCase
public function tearDown()
{
/* Tear Down Routine */
unlink(CONF);
Helper::confRestore();
Helper::rmDir($this->_path);
}
@ -327,7 +327,6 @@ class ModelTest extends PHPUnit_Framework_TestCase
'pwd' => null,
'opt' => array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION),
);
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$model = new Model(new Configuration);
@ -382,7 +381,6 @@ class ModelTest extends PHPUnit_Framework_TestCase
'pwd' => null,
'opt' => array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION),
);
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$model = new Model(new Configuration);
@ -420,7 +418,6 @@ class ModelTest extends PHPUnit_Framework_TestCase
'pwd' => null,
'opt' => array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION),
);
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$model = new Model(new Configuration);

75
tst/PrivateBinTest.php
Unescape View File

@ -16,13 +16,13 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
/* Setup Routine */
$this->_path = sys_get_temp_dir() . DIRECTORY_SEPARATOR . 'privatebin_data';
$this->_model = Filesystem::getInstance(array('dir' => $this->_path));
ServerSalt::setPath($this->_path);
$this->reset();
}
public function tearDown()
{
/* Tear Down Routine */
unlink(CONF);
Helper::confRestore();
Helper::rmDir($this->_path);
}
@ -35,13 +35,12 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
if ($this->_model->exists(Helper::getPasteId())) {
$this->_model->delete(Helper::getPasteId());
}
Helper::confRestore();
$options = parse_ini_file(CONF, true);
$options = parse_ini_file(CONF_SAMPLE, true);
$options['purge']['dir'] = $this->_path;
$options['traffic']['dir'] = $this->_path;
$options['model_options']['dir'] = $this->_path;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
ServerSalt::setPath($this->_path);
}
/**
@ -49,7 +48,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testView()
{
$this->reset();
ob_start();
new PrivateBin;
$content = ob_get_contents();
@ -71,10 +69,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testViewLanguageSelection()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['main']['languageselection'] = true;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_COOKIE['lang'] = 'de';
ob_start();
@ -93,11 +89,9 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testViewForceLanguageDefault()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['main']['languageselection'] = false;
$options['main']['languagedefault'] = 'fr';
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_COOKIE['lang'] = 'de';
ob_start();
@ -116,11 +110,9 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testViewUrlShortener()
{
$shortener = 'https://shortener.example.com/api?link=';
$this->reset();
$shortener = 'https://shortener.example.com/api?link=';
$options = parse_ini_file(CONF, true);
$options['main']['urlshortener'] = $shortener;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_COOKIE['lang'] = 'de';
ob_start();
@ -139,7 +131,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testHtaccess()
{
$this->reset();
$file = $this->_path . DIRECTORY_SEPARATOR . '.htaccess';
@unlink($file);
@ -160,8 +151,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testConf()
{
$this->reset();
Helper::confBackup();
file_put_contents(CONF, '');
new PrivateBin;
}
@ -171,10 +160,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreate()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getPaste();
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
@ -200,10 +187,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateInvalidTimelimit()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getPaste(array('expire' => 25));
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
@ -230,11 +215,9 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateInvalidSize()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['main']['sizelimit'] = 10;
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getPaste();
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
@ -254,10 +237,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateProxyHeader()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['header'] = 'X_FORWARDED_FOR';
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getPaste();
$_SERVER['HTTP_X_FORWARDED_FOR'] = '::2';
@ -284,10 +265,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateDuplicateId()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
$_POST = Helper::getPaste();
@ -308,10 +287,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateValidExpire()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getPaste();
$_POST['expire'] = '5min';
@ -341,10 +318,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateValidExpireWithDiscussion()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getPaste();
$_POST['expire'] = '5min';
@ -375,10 +350,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateInvalidExpire()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getPaste();
$_POST['expire'] = 'foo';
@ -405,10 +378,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateInvalidBurn()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getPaste();
$_POST['burnafterreading'] = 'neither 1 nor 0';
@ -429,10 +400,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateInvalidOpenDiscussion()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getPaste();
$_POST['opendiscussion'] = 'neither 1 nor 0';
@ -453,11 +422,9 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateAttachment()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
$options['main']['fileupload'] = true;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getPasteWithAttachment();
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
@ -491,11 +458,9 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateBrokenAttachmentUpload()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
$options['main']['fileupload'] = true;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getPasteWithAttachment();
unset($_POST['attachment']);
@ -517,7 +482,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateTooSoon()
{
$this->reset();
$_POST = Helper::getPaste();
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
$_SERVER['REQUEST_METHOD'] = 'POST';
@ -540,10 +504,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateValidNick()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getPaste();
$_POST['nickname'] = Helper::getComment()['meta']['nickname'];
@ -570,10 +532,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateInvalidNick()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getCommentPost();
$_POST['pasteid'] = Helper::getPasteId();
@ -597,10 +557,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateComment()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getCommentPost();
$_POST['pasteid'] = Helper::getPasteId();
@ -623,10 +581,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateInvalidComment()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getCommentPost();
$_POST['pasteid'] = Helper::getPasteId();
@ -649,10 +605,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateCommentDiscussionDisabled()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getCommentPost();
$_POST['pasteid'] = Helper::getPasteId();
@ -676,10 +630,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateCommentInvalidPaste()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getCommentPost();
$_POST['pasteid'] = Helper::getPasteId();
@ -701,10 +653,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateDuplicateComment()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
$this->_model->createComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getCommentId(), Helper::getComment());
@ -729,7 +679,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testRead()
{
$this->reset();
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
$_SERVER['QUERY_STRING'] = Helper::getPasteId();
ob_start();
@ -750,7 +699,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testReadInvalidId()
{
$this->reset();
$_SERVER['QUERY_STRING'] = 'foo';
ob_start();
new PrivateBin;
@ -768,7 +716,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testReadNonexisting()
{
$this->reset();
$_SERVER['QUERY_STRING'] = Helper::getPasteId();
ob_start();
new PrivateBin;
@ -786,7 +733,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testReadExpired()
{
$this->reset();
$expiredPaste = Helper::getPaste(array('expire_date' => 1344803344));
$this->_model->create(Helper::getPasteId(), $expiredPaste);
$_SERVER['QUERY_STRING'] = Helper::getPasteId();
@ -806,7 +752,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testReadBurn()
{
$this->reset();
$burnPaste = Helper::getPaste(array('burnafterreading' => true));
$this->_model->create(Helper::getPasteId(), $burnPaste);
$_SERVER['QUERY_STRING'] = Helper::getPasteId();
@ -860,7 +805,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testReadJson()
{
$this->reset();
$paste = Helper::getPaste();
$this->_model->create(Helper::getPasteId(), $paste);
$_SERVER['QUERY_STRING'] = Helper::getPasteId();
@ -886,7 +830,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testReadInvalidJson()
{
$this->reset();
$_SERVER['QUERY_STRING'] = Helper::getPasteId();
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
ob_start();
@ -902,7 +845,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testReadOldSyntax()
{
$this->reset();
$oldPaste = Helper::getPaste();
$meta = array(
'syntaxcoloring' => true,
@ -931,7 +873,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testReadOldFormat()
{
$this->reset();
$oldPaste = Helper::getPaste();
unset($oldPaste['meta']['formatter']);
$this->_model->create(Helper::getPasteId(), $oldPaste);
@ -956,7 +897,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testDelete()
{
$this->reset();
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
$this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data');
$paste = $this->_model->read(Helper::getPasteId());
@ -979,7 +919,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testDeleteInvalidId()
{
$this->reset();
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
$_GET['pasteid'] = 'foo';
$_GET['deletetoken'] = 'bar';
@ -1000,7 +939,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testDeleteInexistantId()
{
$this->reset();
$_GET['pasteid'] = Helper::getPasteId();
$_GET['deletetoken'] = 'bar';
ob_start();
@ -1019,7 +957,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testDeleteInvalidToken()
{
$this->reset();
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
$_GET['pasteid'] = Helper::getPasteId();
$_GET['deletetoken'] = 'bar';
@ -1040,7 +977,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testDeleteBurnAfterReading()
{
$this->reset();
$burnPaste = Helper::getPaste(array('burnafterreading' => true));
$this->_model->create(Helper::getPasteId(), $burnPaste);
$this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data');
@ -1062,7 +998,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testDeleteInvalidBurnAfterReading()
{
$this->reset();
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
$this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data');
$_POST['deletetoken'] = 'burnafterreading';
@ -1083,7 +1018,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testDeleteExpired()
{
$this->reset();
$expiredPaste = Helper::getPaste(array('expire_date' => 1000));
$this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste does not exist before being created');
$this->_model->create(Helper::getPasteId(), $expiredPaste);
@ -1107,7 +1041,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testDeleteMissingPerPasteSalt()
{
$this->reset();
$paste = Helper::getPaste();
unset($paste['meta']['salt']);
$this->_model->create(Helper::getPasteId(), $paste);

5
tst/PrivateBinWithDbTest.php
Unescape View File

@ -1,7 +1,6 @@
<?php
use PrivateBin\Data\Database;
use PrivateBin\Persistence\ServerSalt;
require_once 'PrivateBinTest.php';
@ -23,7 +22,6 @@ class PrivateBinWithDbTest extends PrivateBinTest
if (!is_dir($this->_path)) {
mkdir($this->_path);
}
ServerSalt::setPath($this->_path);
$this->_options['dsn'] = 'sqlite:' . $this->_path . DIRECTORY_SEPARATOR . 'tst.sq3';
$this->_model = Database::getInstance($this->_options);
$this->reset();
@ -37,10 +35,7 @@ class PrivateBinWithDbTest extends PrivateBinTest
$options['model'] = array(
'class' => 'Database',
);
$options['purge']['dir'] = $this->_path;
$options['traffic']['dir'] = $this->_path;
$options['model_options'] = $this->_options;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
}
}

7
tst/README.md
Unescape View File

@ -51,7 +51,7 @@ and jsdom-global locally:
```console
$ npm install -g mocha istanbul
$ cd PrivateBin/js
$ npm install jsverify jsdom jsdom-global
$ npm install jsverify jsdom@9 jsdom-global@2
```
Example for Debian and Ubuntu, including steps to allow the current user to
@ -63,9 +63,12 @@ $ sudo chown -R $(whoami) $(npm config get prefix)/{lib/node_modules,bin,share}
$ ln -s /usr/bin/nodejs /usr/local/bin/node
$ npm install -g mocha istanbul
$ cd PrivateBin/js
$ npm install jsverify jsdom jsdom-global
$ npm install jsverify jsdom@9 jsdom-global@2
```
Note: If you use a distribution that provides nodeJS >= 6, then you can install
the latest jsdom and jsdom-global packages and don't need to use @9 and @2.
To run the tests, just change into the `js` directory and run istanbul:
```console
$ cd PrivateBin/js

Write Preview
Loading…
Cancel
Save