arno
/
privatebin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Removed option to hide clone button on expiring pastes, since this requires reading the paste for rendering the template, which leaks information on the pastes state

Browse Source
pull/320/head
El RIDO 6 years ago
parent 05c1776ada
commit d6f203dc4c
No known key found for this signature in database
GPG Key ID: 0F5C940A6BD81F92
7 changed files with 2 additions and 37 deletions
Show Stats Download Patch File Download Diff File

1
CHANGELOG.md
Unescape View File

@ -6,6 +6,7 @@
* CHANGED: Minimum required PHP version is 5.4 (#186) * CHANGED: Minimum required PHP version is 5.4 (#186)
* CHANGED: Shipped .htaccess files were updated for Apache 2.4 (#192) * CHANGED: Shipped .htaccess files were updated for Apache 2.4 (#192)
* CHANGED: Cleanup of bootstrap template variants and moved icons to `img` directory * CHANGED: Cleanup of bootstrap template variants and moved icons to `img` directory
* CHANGED: Removed option to hide clone button on expiring pastes, since this requires reading the paste for rendering the template, which leaks information on the pastes state
* **1.1.1 (2017-10-06)** * **1.1.1 (2017-10-06)**
* CHANGED: Switched to `.php` file extension for configuration file, to avoid leaking configuration data in unprotected installation. * CHANGED: Switched to `.php` file extension for configuration file, to avoid leaking configuration data in unprotected installation.
* **1.1 (2016-12-26)** * **1.1 (2016-12-26)**

4
cfg/conf.sample.php
Unescape View File

@ -81,10 +81,6 @@ zerobincompatibility = false
; make sure the value exists in [expire_options] ; make sure the value exists in [expire_options]
default = "1week" default = "1week"
; optionally the "clone" button can be disabled on expiring pastes
; note that this only hides the button, copy & paste is still possible
; clone = false
[expire_options] [expire_options]
; Set each one of these to the number of seconds in the expiration period, ; Set each one of these to the number of seconds in the expiration period,
; or 0 if it should never expire ; or 0 if it should never expire

1
lib/Configuration.php
Unescape View File

@ -58,7 +58,6 @@ class Configuration
), ),
'expire' => array( 'expire' => array(
'default' => '1week', 'default' => '1week',
'clone' => true,
), ),
'expire_options' => array( 'expire_options' => array(
'5min' => 300, '5min' => 300,

20
lib/PrivateBin.php
Unescape View File

@ -52,22 +52,6 @@ class PrivateBin
*/ */
private $_conf; private $_conf;
/**
* data
*
* @access private
* @var string
*/
private $_data = '';
/**
* does the paste expire
*
* @access private
* @var bool
*/
private $_doesExpire = false;
/** /**
* error message * error message
* *
@ -370,8 +354,7 @@ class PrivateBin
try { try {
$paste = $this->_model->getPaste($dataid); $paste = $this->_model->getPaste($dataid);
if ($paste->exists()) { if ($paste->exists()) {
$data = $paste->get(); $data = $paste->get();
$this->_doesExpire = property_exists($data, 'meta') && property_exists($data->meta, 'expire_date');
if (property_exists($data->meta, 'salt')) { if (property_exists($data->meta, 'salt')) {
unset($data->meta->salt); unset($data->meta->salt);
} }
@ -440,7 +423,6 @@ class PrivateBin
$page->assign('LANGUAGES', I18n::getLanguageLabels(I18n::getAvailableLanguages())); $page->assign('LANGUAGES', I18n::getLanguageLabels(I18n::getAvailableLanguages()));
$page->assign('EXPIRE', $expire); $page->assign('EXPIRE', $expire);
$page->assign('EXPIREDEFAULT', $this->_conf->getKey('default', 'expire')); $page->assign('EXPIREDEFAULT', $this->_conf->getKey('default', 'expire'));
$page->assign('EXPIRECLONE', !$this->_doesExpire || ($this->_doesExpire && $this->_conf->getKey('clone', 'expire')));
$page->assign('URLSHORTENER', $this->_conf->getKey('urlshortener')); $page->assign('URLSHORTENER', $this->_conf->getKey('urlshortener'));
$page->assign('QRCODE', $this->_conf->getKey('qrcode')); $page->assign('QRCODE', $this->_conf->getKey('qrcode'));
$page->draw($this->_conf->getKey('template')); $page->draw($this->_conf->getKey('template'));

6
tpl/bootstrap.php
Unescape View File

@ -164,15 +164,9 @@ else:
endif; endif;
?> ?>
</button> </button>
<?php
if ($EXPIRECLONE):
?>
<button id="clonebutton" type="button" class="hidden btn btn-<?php echo $isDark ? 'warning' : 'default'; ?> navbar-btn"> <button id="clonebutton" type="button" class="hidden btn btn-<?php echo $isDark ? 'warning' : 'default'; ?> navbar-btn">
<span class="glyphicon glyphicon-duplicate" aria-hidden="true"></span> <?php echo I18n::_('Clone'), PHP_EOL; ?> <span class="glyphicon glyphicon-duplicate" aria-hidden="true"></span> <?php echo I18n::_('Clone'), PHP_EOL; ?>
</button> </button>
<?php
endif;
?>
<button id="rawtextbutton" type="button" class="hidden btn btn-<?php echo $isDark ? 'warning' : 'default'; ?> navbar-btn"> <button id="rawtextbutton" type="button" class="hidden btn btn-<?php echo $isDark ? 'warning' : 'default'; ?> navbar-btn">
<span class="glyphicon glyphicon-text-background" aria-hidden="true"></span> <?php echo I18n::_('Raw text'), PHP_EOL; ?> <span class="glyphicon glyphicon-text-background" aria-hidden="true"></span> <?php echo I18n::_('Raw text'), PHP_EOL; ?>
</button> </button>

6
tpl/page.php
Unescape View File

@ -98,13 +98,7 @@ endif;
<button id="newbutton" class="reloadlink hidden"><img src="img/icon_new.png" width="11" height="15" alt="" /><?php echo I18n::_('New'); ?></button> <button id="newbutton" class="reloadlink hidden"><img src="img/icon_new.png" width="11" height="15" alt="" /><?php echo I18n::_('New'); ?></button>
<button id="retrybutton" class="reloadlink hidden"><?php echo I18n::_('Retry'), PHP_EOL; ?></button> <button id="retrybutton" class="reloadlink hidden"><?php echo I18n::_('Retry'), PHP_EOL; ?></button>
<button id="sendbutton" class="hidden"><img src="img/icon_send.png" width="18" height="15" alt="" /><?php echo I18n::_('Send'); ?></button> <button id="sendbutton" class="hidden"><img src="img/icon_send.png" width="18" height="15" alt="" /><?php echo I18n::_('Send'); ?></button>
<?php
if ($EXPIRECLONE):
?>
<button id="clonebutton" class="hidden"><img src="img/icon_clone.png" width="15" height="17" alt="" /><?php echo I18n::_('Clone'); ?></button> <button id="clonebutton" class="hidden"><img src="img/icon_clone.png" width="15" height="17" alt="" /><?php echo I18n::_('Clone'); ?></button>
<?php
endif;
?>
<button id="rawtextbutton" class="hidden"><img src="img/icon_raw.png" width="15" height="15" alt="" /><?php echo I18n::_('Raw text'); ?></button> <button id="rawtextbutton" class="hidden"><img src="img/icon_raw.png" width="15" height="15" alt="" /><?php echo I18n::_('Raw text'); ?></button>
<?php <?php
if ($QRCODE): if ($QRCODE):

1
tst/ViewTest.php
Unescape View File

@ -53,7 +53,6 @@ class ViewTest extends PHPUnit_Framework_TestCase
$page->assign('LANGUAGES', I18n::getLanguageLabels(I18n::getAvailableLanguages())); $page->assign('LANGUAGES', I18n::getLanguageLabels(I18n::getAvailableLanguages()));
$page->assign('EXPIRE', self::$expire); $page->assign('EXPIRE', self::$expire);
$page->assign('EXPIREDEFAULT', self::$expire_default); $page->assign('EXPIREDEFAULT', self::$expire_default);
$page->assign('EXPIRECLONE', true);
$page->assign('URLSHORTENER', ''); $page->assign('URLSHORTENER', '');
$page->assign('QRCODE', true); $page->assign('QRCODE', true);

Write Preview
Loading…
Cancel
Save