diff options
| author | Ricky Elrod <codeblock@fedoraproject.org> | 2016-06-21 00:39:03 +0000 |
|---|---|---|
| committer | Ricky Elrod <codeblock@fedoraproject.org> | 2016-06-21 00:39:03 +0000 |
| commit | 27785b296b58ef63a2f247640ff95b50cf572237 (patch) | |
| tree | be0387a66a109291532cde79fea9395533fd283b | |
| parent | 6efc52cda6724375717f70e48076e9510ce12d4c (diff) | |
| download | ansible-27785b296b58ef63a2f247640ff95b50cf572237.tar.gz ansible-27785b296b58ef63a2f247640ff95b50cf572237.tar.xz ansible-27785b296b58ef63a2f247640ff95b50cf572237.zip | |
prepare to patch sticky-notes show.php to fix JSON rendering
Signed-off-by: Ricky Elrod <codeblock@fedoraproject.org>
| -rw-r--r-- | roles/paste/files/show.php | 267 |
1 files changed, 267 insertions, 0 deletions
diff --git a/roles/paste/files/show.php b/roles/paste/files/show.php new file mode 100644 index 000000000..92d4c5aa7 --- /dev/null +++ b/roles/paste/files/show.php @@ -0,0 +1,267 @@ +<?php +/** +* Sticky Notes pastebin +* @ver 0.3 +* @license BSD License - www.opensource.org/licenses/bsd-license.php +* +* Copyright (c) 2012 Sayak Banerjee <sayakb@kde.org> +* Copyright (c) 2013 Athmane Madjoudj <athmane@fedoraproject.org> +* All rights reserved. Do not remove this copyright notice. +*/ + +// Invoke required files +include_once('init.php'); + +// Collect some data +$paste_id = $core->variable('id', 0); +$hash = $core->variable('hash', 0); +$mode = $core->variable('mode', ''); +$project = $core->variable('project', ''); +$password = $core->variable('password', ''); +$sid = $core->variable('session_id_' . $paste_id, '', true); +$mode = strtolower($mode); + +// Password exempt +$exempt = false; + +// Trim trailing / +if (strrpos($password, '/') == strlen($password) - 1) +{ + $password = substr($password, 0, strlen($password) - 1); +} + +if (empty($mode)) +{ + $mode = $core->variable('format', ''); + $_GET['mode'] = $mode; +} + +// Check for mode validity +if ($mode && $mode != 'raw' && $mode != 'xml' && $mode != 'json') +{ + die; +} + +// Initialize the skin file +if ($mode != 'raw') +{ + $skin->init('tpl_show'); +} + +// We want paste id +if ($paste_id == 0) +{ + $core->redirect($core->path() . 'all/'); +} + +// Escape the paste id +$db->escape($paste_id); + +// Get the paste data +$sql = "SELECT * FROM {$db->prefix}main WHERE id = {$paste_id} LIMIT 1"; +$row = $db->query($sql, true); + +// Check if something was returned +if ($row == null) +{ + if ($mode == 'xml' || $mode == 'json') + { + $skin->assign('error_message', 'err_not_found'); + echo $skin->output("api_error.{$mode}"); + die; + } + else if ($mode == 'raw') + { + die($lang->get('error_404')); + } + else + { + $skin->assign(array( + 'error_text' => $lang->get('error_404'), + 'data_visibility' => 'hidden', + )); + + $skin->kill(); + } +} + +// Is it a private paste? +if ($row['private'] == "1") +{ + if (empty($hash) || $row['hash'] != $hash) + { + if ($mode == 'xml' || $mode == 'json') + { + $skin->assign('error_message', 'err_invalid_hash'); + echo $skin->output("api_error.{$mode}"); + die; + } + else if ($mode == 'raw') + { + die($lang->get('error_hash')); + } + else + { + $skin->assign(array( + 'error_text' => $lang->get('error_hash'), + 'data_visibility' => 'hidden', + )); + + $skin->kill(); + } + } +} + +// Check if password cookie is there +if (!empty($row['password']) && !empty($sid)) +{ + // Escape the session id + $db->escape($sid); + + // Clean up the session data every 30 seconds + if (time() % 30 == 0) + { + $age = time() - 1200; + $db->query("DELETE FROM {$db->prefix}session " . + "WHERE timestamp < {$age}"); + } + + $pass_data = $db->query("SELECT sid FROM {$db->prefix}session " . + "WHERE sid = '{$sid}'", true); + + if (!empty($pass_data['sid'])) + { + $exempt = true; + } +} + +// Is it password protected? +if (!empty($row['password']) && empty($password) && !$exempt) +{ + if ($mode == 'xml' || $mode == 'json') + { + $skin->assign('error_message', 'err_password_required'); + echo $skin->output("api_error.{$mode}"); + die; + } + else if ($mode == 'raw') + { + die($lang->get('err_passreqd')); + } + else + { + $skin->init('tpl_show_password'); + $skin->title("#{$row['id']} • " . $lang->get('site_title')); + $skin->output(); + + exit; + } +} + +// Check password +if (!empty($row['password']) && !empty($password) && !$exempt) +{ + $check = sha1(sha1($password) . $row['salt']); + + if ($check != $row['password']) + { + if ($mode == 'xml' || $mode == 'json') + { + $skin->assign('error_message', 'err_invalid_password'); + echo $skin->output("api_error.{$mode}"); + die; + } + else if ($mode == 'raw') + { + die($lang->get('invalid_password')); + } + else + { + $skin->assign(array( + 'error_text' => $lang->get('invalid_password'), + 'data_visibility' => 'hidden', + )); + + $skin->kill(); + } + } + else + { + // Create a session + $sid = sha1(time() . $core->remote_ip()); + + $core->set_cookie('session_id_' . $paste_id, $sid); + $db->query("INSERT INTO {$db->prefix}session " . + "(sid, timestamp) VALUES ('{$sid}', " . time() . ")"); + } +} + +// Is it raw? just dump the code then +if ($mode == 'raw') +{ + header('Content-type: text/plain; charset=UTF-8'); + header('Content-Disposition: inline; filename="pastedata"'); + + echo $row['data']; + exit; +} + +// Prepare GeSHi +$geshi = new GeSHi($row['data'], $row['language']); +$geshi->enable_line_numbers(GESHI_FANCY_LINE_NUMBERS, 2); +$geshi->set_header_type(GESHI_HEADER_DIV); +//$geshi->set_line_style('background: #f7f7f7; text-shadow: 0px 1px #fff; padding: 1px;', +// 'background: #fbfbfb; text-shadow: 0px 1px #fff; padding: 1px;'); +$geshi->set_overall_style('word-wrap:break-word;'); + +// Generate the data +$user = empty($row['author']) ? $lang->get('anonymous') : htmlspecialchars($row['author']); +$time = date('d M Y, h:i:s e', $row['timestamp']); +$info = $lang->get('posted_info'); + +$info = preg_replace('/\_\_user\_\_/', $user, $info); +$info = preg_replace('/\_\_time\_\_/', $time, $info); + +// Before we display, we need to escape the data from the skin/lang parsers +$code_data = (empty($mode) ? $geshi->parse_code() : htmlspecialchars($row['data'])); + +$lang->escape($code_data); +$skin->escape($code_data); + +// Shorten the current URL +$url_shortener = new URLShortener(); +$short_url = $url_shortener->shorten($nav->get_paste($row['id'], $hash, $project, true, '')); + +// Assign template variables +$skin->assign(array( + 'paste_id' => $row['id'], + 'paste_data' => $code_data, + 'paste_lang' => htmlspecialchars($row['language']), + 'paste_info' => $info, + 'paste_user' => $user, + 'paste_timestamp' => $row['timestamp'], + 'raw_url' => $nav->get_paste($row['id'], $hash, $project, false, 'raw'), + 'share_url' => urlencode($core->base_uri()), + 'share_title' => urlencode($lang->get('paste') . ' #' . $row['id']), + 'error_visibility' => 'hidden', + 'geshi_stylesheet' => $geshi->get_stylesheet(), + 'short_url' => $short_url, +)); + +// Let's output the page now +$skin->title("#{$row['id']} • " . $lang->get('site_title')); + +if ($mode == 'raw') +{ + $skin->output(false, true); +} +else if ($mode) +{ + echo $skin->output("api_show.{$mode}"); +} +else +{ + $skin->output(); +} + +?> |