d14eb0efe4
fixing configuration and its test to match the new namespaces
8 years ago
b1305beb0f
Improve workaround for keeping config file format BC
8 years ago
54f96b9938
Introduce PSR-4 autoloading
8 years ago
9a9362789b
addressing issues with failed attachement uploads due to webserver configuration, resolves #15
8 years ago
002046cc62
some minor cleanups
8 years ago
be4c845129
Merge branch 'master' of github.com:PrivateBin/PrivateBin
8 years ago
c5606a47fe
refactoring away RainTPL and templating, resolves #36
8 years ago
38ab755733
Replace HTTP links with HTTPS
...
Using this regexp: https://regex101.com/r/rZ2dE2/1
8 years ago
03306dabff
using TEXT data type for PostgreSQL instead of BLOB, hopefully resolves #8
8 years ago
e7dde4d212
cleaning REQUEST_URI for good measure
8 years ago
e1d6db88a1
Merge pull request #44 from PrivateBin/rugk-itBugsMe
...
Change array used for language selection
8 years ago
afaa111d22
code style
8 years ago
b53efda635
improving code coverage and unit testing
8 years ago
2e863e3ed9
Search key first
...
Looks a bit complicated, but well...
8 years ago
80e9d75477
Remove unnecessary array
...
Now it is right...
8 years ago
19d5659a8f
Change array
...
https://github.com/PrivateBin/PrivateBin/issues/41
Not tested locally, let's say what Travis says... 😄
8 years ago
ff0c55c0d6
introduce option to disable vizhash for paranoid admins, resolves #20 point 2.4
8 years ago
f8bc40b4e4
introducing automatic purging of expired pastes, triggered by default at least 5 minutes apart, deleting a maximum of 10 pastes - resolves #3
8 years ago
4d10fd9690
fixing support for pre renaming configuration file format, resolves #37
8 years ago
90a26d8fcb
removing some code smells, found in the various code checker tools
8 years ago
c33c50f775
using table name sanitation function to ensure no weird characters are used by accident (e.g. by oddly configured table prefix)
8 years ago
3b3b5277eb
refactoring to improve code quality
8 years ago
79509ad48a
renaming the fork to PrivateBin
8 years ago
b8080acc78
fixing an unhandled case found with scrutinizer-ci
8 years ago
c13caee981
fixing some documentation issues detected by scrutinizer-ci
8 years ago
0e217a42c5
introduce new zerobincompatibility option, replacing the base64 one, if it is enabled, delete tokens use sha256; added per paste salt with server salt fallback; this resolves the points 2.2 & 2.9 in #103
8 years ago
6b0b814dc6
removing leftover from previously using a different function, resolves #83
8 years ago
5980f8b603
removing some unused code detected by codacy
8 years ago
fd5a7a07ae
Soft fail for chmod errors
8 years ago
54f1cb9d34
Only protect file if it was written
8 years ago
8a48e9ce78
Set permissions when saving files
...
Fixes https://github.com/elrido/ZeroBin/issues/80
8 years ago
1a1818660d
Missing space
8 years ago
4918bef4dc
Although there usually are no plurals in chinese, there's an exception
...
for words related to persons, when not preceeded by a numeric word.
Sources:
- http://localization-guide.readthedocs.org/en/latest/l10n/pluralforms.html#f3
- https://answers.yahoo.com/question/index?qid=20110606153553AAAW5zX
9 years ago
3a92c940a9
implementing media type negotiation (based on language negotiation
...
logic) in cases both JSON and (X)HTML are being requested, resolving #68
9 years ago
a4ebdbc606
re-introducing (optional) URL shortener support, resolves #58
9 years ago
09dd79dbc7
switching to SHA256 HMAC of IPs in traffic limiter, resolves #57
9 years ago
a13ad6368f
MD5 instead of IP
9 years ago
24a4328c55
incrementing version, updating changelog, added missing phpdoc comments
9 years ago
42a9c92b5e
improved database backend support for larger files (100 KiB - 16 MiB),
...
introduced database versioning to reduce amount of checks done per
request
9 years ago
d42975580a
expire_options and formatter_options should not be filled up with
...
default values, resolves #52
9 years ago
176dff3b70
renaming config file to make updates easier, resolving #50
9 years ago
e3f4aa982c
adding configuration option to set a default language and/or force it,
...
resolves #39
9 years ago
ca07398b66
adding option to hide clone button on expiring pastes, resolves #34
9 years ago
14d08ec56d
working on JSON-LD validity, added CORS headers preparing external API
...
call support
9 years ago
22d0b1ec22
updating comment format to match defined JSON-LD API context
9 years ago
f21567133c
changing paste read output for API refactoring
9 years ago
b92b38cee8
found and resolved issues in database layer, thanks to report in #42
9 years ago
2e3bacb699
fixing deletion issue in request refactoring, starting work on API read
...
refactoring
9 years ago
512b3d1172
fixing "missing" comments when they were posted during the same second
9 years ago
1d6cfb7f3b
refactoring delete API, added external JSON-LD context
9 years ago
9e6e29bc93
working on API: simplifying PUT request mocking
9 years ago
e5b096ed8c
found and fixed a bug when using expiration together with discussion
9 years ago
add980d36f
adding UI tests for database configuration, fixed an issue with comment
...
table creation
9 years ago
7ec94e0db5
implementing request refactoring, beginning JS changes for JSON API, but
...
discovered that DELETE and PUT are not available on all webservers by
default
9 years ago
6b7dc44039
preparing unit test for request object
9 years ago
ce3f10f143
improving unit tests, fixing regression in DB model
9 years ago
694138c5d4
mostly finished with data model refactoring
9 years ago
211d3e4622
preparing unit test for model refactoring, refactoring traffic limiter
9 years ago
d04eab52c9
refactoring how attachments are stored
9 years ago
6d24ff824e
refactoring configuration
9 years ago
9f68658106
incrementing version number, updating changelog
9 years ago
0de9f868fa
improving unit tests, fixing #38
9 years ago
608605cd54
incrementing version number, updating docs
9 years ago
a41d0ca4dd
various fixes:
...
- changing default formatter option to plain text to make upgrading from
0.19 Alpha smoother
- fixing translation message change in bootstrap templates
- adjusting how image uploads are displayed in bootstrap templates
9 years ago
a111357fae
add optional (since it uses a session cookie) language selection
9 years ago
47efedf23c
traffic limiter would fail behind a reverse proxy / load balancer.
...
Adding configuration option to set the trusted HTTP header to get the
visitors IP in such a case (avoiding security issue if malicious clients
just set these headers themselfs)
9 years ago
ed9c4f45f4
adding file name support for #20 , solving issue with unencryptable file
9 years ago
ec8851e46c
support < 0.21 syntax highlighting
9 years ago
106141efa4
merging @vikstrous file upload feature for #20 from
...
8a6d268278
9 years ago
0e53d1ee86
added markdown support and a dropdown for the format selection. The
...
options other then markdown are plain text and source code (syntax
highlighting). Resolves #25
9 years ago
b060d57524
- implemented php side of plural translation
...
- using it to generate labels dynamically for the expire options
(deprecating the [expire_labels] configuration).
- added translation of the human readable data sizes to support the
french octet
- fixed IEC label for kibibytes
9 years ago
eee7b0144a
covering JS side of translations ( #7 ), added the messages to the
...
translation files and translated the german ones
9 years ago
a2af88a36e
initial work on translations, covering the PHP side of it
9 years ago
28776ac178
formatting RainTPL class
9 years ago
411419d597
adding tests and unifying paste creation output
9 years ago
2d79ba8243
updating docs, bumping version to 0.20
9 years ago
602fc4705e
change for API consistency
9 years ago
b25022e403
refactored JSON API, its now possible to retrieve pastes as JSON, which
...
is now used when posting comments, eliminating the need to store the
password in sessionStorage
9 years ago
802a0b26b9
burn after reading messages are only deleted after callback by JS when
...
successfully decrypted, resolves #11
9 years ago
d3c4600806
slight configuration changes, template modifications to make discussions
...
and password configurable, removed generated configuration test as it
grows quite big and a new one can be generated easily if needed
9 years ago
2d0668af03
concluding work on configuration test generator for #16 . Replaced a few
...
die()s in the code with Exception, making it possible to test properly.
Fixed some outdated unit tests.
9 years ago
1c4d1aa6b6
working on configuration unit test generator as described in #16
9 years ago
ae82e84ef8
correcting php doc comments
9 years ago
d57d6cf44b
created initial unit tests for main zerobin class
9 years ago
f775da3931
fixing nasty deletion bug from #15 , included unit tests to trigger it
...
and reworked persistence classes to through exceptions rather to fail
silently
9 years ago
cb28056223
made highlighting more configurable, added all four themes, there is now a configurable flavour text (notice)
9 years ago
24d18c5313
cleaned up phpdoc comments, added README on how to install and use it
9 years ago
49c6e3c1b6
updated base64.js to version 2.1.9, using minified version found at
...
9192c510f5/base64.min.js
9 years ago
769768d25e
updated jquery to 1.11.3
9 years ago
8881b3047a
changing version string
9 years ago
43a439e7d0
Time attack protection on hmac comparison
...
This fixes issue 2.7 of https://defuse.ca/audits/zerobin.htm , and thus
(with commit a24212afda90ca3e4b4ff5ce30d2012709b58a28) also issue 2.8.
(cherry picked from commit 0b4db7ece313dd268e51fc47a0293a649927558a)
Conflicts:
index.php
9 years ago
e7feca0e53
Stronger server salt
...
ZeroBin now generates a much stronger salt. This fixes issue #68
(mentioned in section 2.1 of https://defuse.ca/audits/zerobin.htm )
(cherry picked from commit a24212afda90ca3e4b4ff5ce30d2012709b58a28)
Conflicts:
lib/serversalt.php
lib/vizhash16x16.php
9 years ago
4f72f04eda
Prevent inconstitent /data/trafic_limiter.php due to file read while writing
...
(cherry picked from commit 71a7f6adaea9a86a84fa8ebbcb9e5c506a785527)
Conflicts:
index.php
9 years ago
5b54ca34ad
Update index.php
...
Removed ugly error message when paste identifier is invalid (eg. http://mydomain.com/zerobin?foo )
(cherry picked from commit 43fa904979a29e4c205b9f4f08e1c487555bbe1c)
Conflicts:
index.php
9 years ago
bc8b23d35e
XSS flaw correction
...
With a client IE < 10 there was a XSS security flaw. Other browsers were
not affected.
Also corrected spacing display with IE<10.
(cherry picked from commit 28813cd82ae47e556b610da3c7302a6709e27431)
Conflicts:
CHANGELOG.md
index.php
js/zerobin.js
lib/vizhash16x16.php
9 years ago
e646729b2d
fixing regressions from cherrypicking
9 years ago
5f87ea6843
ZeroBin 0.18
...
(cherry picked from commit 7a8cbee2f99cd74a50bce7e8df8130e2c477d903)
Conflicts:
CHANGELOG.md
index.php
js/zerobin.js
lib/vizhash16x16.php
9 years ago
cff4d99f05
"Burn after reading" as a checkbox
...
"Burn after reading" option has been moved out of Expiration combo to a
separate checkbox.
Reason is: You can prevent a read-once paste to be available ad vitam
eternam on the net.
(cherry picked from commit 190b278402c086ebc4d1a78aae27d1e2666e3e7a)
Conflicts:
css/zerobin.css
index.php
js/zerobin.js
tpl/page.html
9 years ago
ad70051323
reviewed unit tests, fixing line endings, added more tests
9 years ago
7db76d8d71
Updated json checking.
...
- adapted to SJCL changed
- added entropy checking (from
f2ee2e8ba2
9 years ago
Simon Rupf