Reorganize file structure

This commit is contained in:
Pijus Kamandulis 2023-09-13 22:36:33 +03:00
parent 5ad55753cf
commit 6617d03a17
86 changed files with 847 additions and 829 deletions

View File

@ -1,60 +0,0 @@
<div class="container">
<div class="panel panel-default">
<div class="panel-body">
<?php
include_once "config/config.php";
include_once "includes/user.php";
$conn = GetConnectionToDB();
if(GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]) == -1){
printf('<h2>You must be loged in to see your pastes!</h2>');
$conn = null;
echo '</div></div></div>';
die();
}
$stmt = $conn->prepare('SELECT * FROM pastes WHERE owner=:own');
$own = GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]);
$stmt->bindParam(':own', $own);
$stmt->execute();
if($stmt->rowCount()>0){
echo "<table id=\"tablepastes\" class=\"table table-striped\" style=\"width:100%\">";
printf('<thead><th data-dynatable-column="name" style="text-align: left;">Title</th>
<th style="text-align: left;">Added</th>
<th style="text-align: left;">Expires</th>
<th style="text-align: left;">ID</th>
<th style="text-align: left;">Actions</th></thead>');
printf('<tbody>');
while($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
$title = $row['title'];
//Paste title
printf('<tr><td style="text-align: left;">'.htmlspecialchars($row["title"], ENT_QUOTES, 'UTF-8').'</td>');
//Creation date
printf('<td style="text-align: left;">'.date('Y-m-d',$row["created"]).'</td>');
//Expire date
if($row["expire"]==0) printf('<td style="text-align: left;">Never</td>');
else{
$expire = ($row["expire"]-time())/3600;
if($expire>24){
printf('<td style="text-align: left;">'.round($expire/24).' days from now</td>');
} else if($expire>=1)
printf('<td style="text-align: left;">'.round($expire).' hours from now</td>');
else printf('<td style="text-align: left;">'.round($expire*60).' minutes from now</td>');
}
//Paste url
printf('<td style="text-align: right;"><a href="'.htmlspecialchars($row["uid"], ENT_QUOTES, 'UTF-8').'">'.htmlspecialchars($row["uid"], ENT_QUOTES, 'UTF-8').'</a></td>');
//Actions
printf('<td style="text-align: right;">');
//delete paste
printf('<a href="delete/'.htmlspecialchars($row["uid"], ENT_QUOTES, 'UTF-8').'"><span class="glyphicon glyphicon-trash" title="Delete paste" aria-hidden="true"></span>');
//edit paste
printf('<a href="edit/'.htmlspecialchars($row["uid"], ENT_QUOTES, 'UTF-8').'"><span class="glyphicon glyphicon-edit" title="Edit paste" aria-hidden="true"></span>');
printf('</td></tr>');
}
printf('</tbody></talbe>');
} else {
printf('<h2>You havent made any pastes yet!</h2>');
}
$conn = null;
?>
</div>
</div>
</div>

View File

@ -1,12 +0,0 @@
<div class="container">
<div class="container-fluid">
<div class="row">
<div class="col-sm-9">
<?php include "NewPastePanel.php"; ?>
</div>
<div class="col-sm-3">
<?php include "NewestPastes.php"; ?>
</div>
</div>
</div>
</div>

View File

@ -1,119 +0,0 @@
<div class="panel panel-default">
<div class="panel-body">
<?php
$edit_mode = false;
if(isset($_GET['page']) && $_GET['page']=='edit'){
$edit_mode = true;
printf('You are editing paste '.$_GET['id']);
printf('<form role="form" method="post" action="../post.php" onsubmit="document.getElementById(\'submit\').disabled=true;document.getElementById(\'submit\').value=\'Please wait...\';">');
}else printf('<form role="form" method="post" action="post.php" onsubmit="document.getElementById(\'submit\').disabled=true;document.getElementById(\'submit\').value=\'Please wait...\';">');
?>
<div class="form-group">
<label for="title">Paste title:</label>
<?php
if($edit_mode == true){
printf('<input type="title" class="form-control" value="'.$row['title'].'" id="title" name="title">');
} else printf('<input type="title" class="form-control" id="title" name="title">');
?>
</div>
<div class="form-group">
<label for="text">New paste:</label>
<?php
if($edit_mode == true){
echo '<textarea class="form-control" rows="5" id="text" name="text">'.$row['text'].'</textarea>';
} else printf('<textarea class="form-control" rows="5" id="text" name="text"></textarea>');
?>
</div>
<?php
if($edit_mode == true){
printf("<input type='hidden' name='type' value='edit_paste'></input>");
printf("<input type='hidden' name='uid' value='".$row['uid']."'></input>");
} else printf("<input type='hidden' name='type' value='paste'></input>");
?>
<div class="container-fluid">
<div class="row">
<div class="col-sm-6">
<!-- Posting as guest -->
<div class="checkbox">
<label><input type="checkbox" name="asguest">Post as guest</label>
</div>
<!-- Submit -->
<button type="submit" class="btn btn-default">Submit</button>
</div>
<div class="col-sm-6">
<!-- Expiry -->
<div class="form-group">
<label for="expire">Expiration:</label>
<select class="form-control" id="expire" name="expire">
<option>Never</option>
<option value="600">10 Minutes</option>
<option value="3600">1 Hour</option>
<option value="86400">1 Day</option>
<option value="2592000">1 Month</option>
</select>
</div>
<!-- Syntax Highlight -->
<div class="form-group">
<label for="syntax">Syntax Highlight:</label>
<select data-placeholder="None" class="form-control chosen-select" id="syntax" name="syntax">
<?php
if($edit_mode == true)
print '<option value="'.$row['highlight'].'">Current ('.$row['highlight'].')</option>';
?>
<option value="plain">Plain</option>
<option value="applescript">AppleScript</option>
<option value="as3">ActionScript3 (AS3)</option>
<option value="bash">Bash</option>
<option value="cf">ColdFusion</option>
<option value="cpp">C++</option>
<option value="csharp">C#</option>
<option value="css">CSS</option>
<option value="delphi">Delphi</option>
<option value="diff">Diff</option>
<option value="erlang">Erlang</option>
<option value="groovy">Groovy</option>
<option value="java">Java</option>
<option value="javafx">JavaFX</option>
<option value="jscript">JScript</option>
<option value="perl">Perl</option>
<option value="php">Php</option>
<option value="powershell">PowerShell</option>
<option value="python">Python</option>
<option value="ruby">Ruby</option>
<option value="sass">Sass</option>
<option value="scala">Scala</option>
<option value="sql">Sql</option>
<option value="vb">VB</option>
<option value="xml">Xml</option>
</select>
</div>
<!-- Type -->
<div class="form-group">
<label for="exposure">Type:</label>
<select class="form-control" id="exposure" name="exposure">
<?php
print '<option value="0">Public</option>';
if($edit_mode == true && $row['exposure'] == 1)
print '<option selected="selected" value="1">Unlisted</option>';
else print '<option value="1">Unlisted</option>';
include_once "includes/user.php";
$userID = -1;
if(isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"]))
$userID = GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]);
if($userID==-1)
print '<option value="2" disabled>Private (Members only)</option>';
else {
if($edit_mode === true && $row['exposure'] === 2)
print '<option selected="selected" value="2" >Private</option>';
else print '<option value="2" >Private</option>';
}
?>
</select>
</div>
<!-- END Type -->
</div>
</div>
</div>
</form>
</div>
</div>

View File

@ -1,18 +0,0 @@
<div class="panel panel-default">
<div class="panel-body">
<h4>Newest pastes:</h4>
<div class="list-group">
<?php
include_once "config/config.php";
$conn = GetConnectionToDB();
$stmt = $conn->query('SELECT * FROM pastes WHERE exposure=0 ORDER BY id DESC LIMIT 5');
while($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
$title = htmlspecialchars($row['title'], ENT_QUOTES, 'UTF-8');
if(strlen($title)>25)$title = substr($title,0,25)."...";
echo "<a href=\"".htmlspecialchars($row['uid'], ENT_QUOTES, 'UTF-8')."\" class=\"list-group-item\">".$title."</a>";
}
$conn = null;
?>
</div>
</div>
</div>

View File

@ -7,8 +7,8 @@ Also if you have any ideas you can contact me on twitter, I'm @pik4mi
If you have any issues, file them here https://github.com/pikami/palm-paste/issues If you have any issues, file them here https://github.com/pikami/palm-paste/issues
# Note # Note
Original development environment is Apache 2.4 + PHP5.6 + MySQL. Original development environment is Nginx + PHP5.6 + MySQL.
Should work with Nginx and any PDO-compatible database. Should work with Apache.
# Install # Install
For the purposes of this guide, we won't cover setting up Apache, PHP, MySQL, or Nginx. For the purposes of this guide, we won't cover setting up Apache, PHP, MySQL, or Nginx.
@ -17,7 +17,7 @@ So we'll just assume you already have them all running well.
1. Download palm-paste from https://github.com/pikami/palm-paste/tags 1. Download palm-paste from https://github.com/pikami/palm-paste/tags
2. Create a user and database for palm-paste 2. Create a user and database for palm-paste
3. Take the 'palm-paste.sql' and import it to your database. 3. Take the 'palm-paste.sql' and import it to your database.
4. Edit configuration settings in config/config.php 4. Edit configuration settings in includes/config.php
5. (For apache users) Change the "RewriteBase" setting in ".htaccess" file to the root of your palm-paste installation 5. (For apache users) Change the "RewriteBase" setting in ".htaccess" file to the root of your palm-paste installation
5. (For nginx users) add the block from nginx_cfg.txt to your nginx server config, replace all occurrences of "paste" with the root of your palm-paste installation 5. (For nginx users) add the block from nginx_cfg.txt to your nginx server config, replace all occurrences of "paste" with the root of your palm-paste installation
6. Done! 6. Done!

View File

@ -1,52 +0,0 @@
<div class="container">
<div class="panel panel-default">
<div class="panel-body">
<?php
include_once "config/config.php";
include_once "includes/user.php";
$conn = GetConnectionToDB();
$ownerID = GetUserIDByName($_GET["user"]);
if($ownerID!=-1){
//== Print user info ==//
$owner = GetUserByID($ownerID);
printf('<h2>'.$owner["user"].'\'s profile</h2>');
//== Print pastes ==//
$query = "SELECT * FROM pastes WHERE owner=:own AND exposure=0";
if(GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]) == $ownerID)$query = "SELECT * FROM pastes WHERE owner=:own";
$stmt = $conn->prepare($query);
$stmt->bindParam(':own', $ownerID);
$stmt->execute();
if($stmt->rowCount()>0){
echo "<table id=\"tablepastes\" class=\"table table-striped\" style=\"width:100%\">";
printf('<thead><th data-dynatable-column="name" style="text-align: left;">Title</th>
<th style="text-align: left;">Added</th>
<th style="text-align: left;">Expires</th>
<th style="text-align: left;">ID</th></thead>');
printf('<tbody>');
while($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
$title = $row['title'];
printf('<tr><td style="text-align: left;">'.htmlspecialchars($row["title"], ENT_QUOTES, 'UTF-8').'</td>');
printf('<td style="text-align: left;">'.date('Y-m-d',$row["created"]).'</td>');
if($row["expire"]==0) printf('<td style="text-align: left;">Never</td>');
else{
$expire = ($row["expire"]-time())/3600;
if($expire>24){
printf('<td style="text-align: left;">'.round($expire/24).' days from now</td>');
} else if($expire>=1)
printf('<td style="text-align: left;">'.round($expire).' hours from now</td>');
else printf('<td style="text-align: left;">'.round($expire*60).' minutes from now</td>');
}
printf('<td style="text-align: right;"><a href="../'.htmlspecialchars($row["uid"], ENT_QUOTES, 'UTF-8').'">'.htmlspecialchars($row["uid"], ENT_QUOTES, 'UTF-8').'</a></td></tr>');
}
printf('</tbody></talbe>');
} else {
printf('<h2>This user has no public pastes!</h2>');
}
} else printf('<h2>User does not exist!</h2>');
$conn = null;
?>
</div>
</div>
</div>

View File

@ -1,56 +0,0 @@
<div class="container">
<div class="panel panel-default">
<div class="panel-body">
<?php
if(isset($uid)){
include_once "config/config.php";
include_once "includes/user.php";
$conn = GetConnectionToDB();
$stmt = $conn->query('SELECT * FROM pastes WHERE uid="'.$uid.'"');
if($result = $stmt->fetch(PDO::FETCH_ASSOC)){
$conn = null;
if($result["expire"]!=0 && $result["expire"]<time()){
//This paste is expired but not removed
echo "<h1>This paste just expired</h1>";
include_once "cronjob.php";
RemoveExpiredPastes();
die();
}
if($result["exposure"]==2 && $result["owner"]!=0 && isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"]) && $result["owner"]!=GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"])){
echo "<h1>This paste is private</h1>";
die();
}
echo "<h1>".htmlspecialchars($result["title"], ENT_QUOTES, 'UTF-8')."</h1>";
//
$owner = GetUserByID($result["owner"]);
echo "<h5>";
if($owner[1] == -1)
echo "Posted by: <b>Guest</b>";
else echo "Posted by: <b><a href=\"u/".htmlspecialchars($owner[1])."\">".htmlspecialchars($owner[1])."</a></b>";
echo ", at ".date('Y-m-d',$result["created"]).", it will expire <b>";
if($result["expire"]==0) printf('Never');
else{
$expire = ($result["expire"]-time())/3600;
if($expire>24){
printf(round($expire/24).' days from now');
} else if($expire>=1)
printf(round($expire).' hours from now');
else printf(round($expire*60).' minutes from now');
}
echo "</b></h5>";
//
echo "<pre class=\"brush: ".$_HL."\">";
echo htmlspecialchars($result["text"], ENT_QUOTES, 'UTF-8')."</pre><pb>";
echo "<label for=\"rawtext\">Raw text:</label>";
echo "<textarea id=\"rawtext\" class=\"form-control\" rows=\"10\">".htmlspecialchars($result["text"], ENT_QUOTES, 'UTF-8')."</textarea>";
}
else echo "Paste does not exist";
$conn = null;
} else echo "Error: id not set";
?>
<script type="text/javascript">
SyntaxHighlighter.all()
</script>
</div>
</div>
</div>

View File

@ -1,19 +0,0 @@
<?php
include_once "config/config.php";
function RemoveExpiredPastes(){
$conn = GetConnectionToDB();
$time = time();
$stmt = $conn->prepare("DELETE from `pastes` where `expire`<:time and `expire`>0");
$stmt->bindValue(':time', $time);
$stmt->execute();
$conn = null; //close connection to database
echo 'OK! 200';
}
if (isset($_GET["key"])){
if($_GET["key"]==$CRON_ExpireKey){ //Delete expired pastes
RemoveExpiredPastes();
}
}
//Cron job example: */5 * * * * curl --silent http://127.0.0.1/paste/cronjob.php?key=fgd45fb5fb15gb > /dev/null
//More about cron jobs: http://www.shellhacks.com/en/Adding-Cron-Jobs-in-Linux-Crontab-Usage-and-Examples
?>

View File

@ -1,42 +0,0 @@
<div class="container">
<div class="panel panel-default">
<div class="panel-body">
<?php
if(isset($_GET['id']) && isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"])){
include_once "includes/user.php";
$uid = GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]);
$paste = $_GET['id'];
//connect to db and get paste info
$conn = GetConnectionToDB();
$stmt = $conn->prepare('SELECT * FROM pastes WHERE uid=:uid');
$stmt->bindParam(':uid', $paste);
$stmt->execute();
if($stmt->rowCount()>0){
while($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
if($row['owner'] === $uid){
$stmt2 = $conn->prepare("DELETE FROM pastes WHERE id=:id");
$stmt2->bindParam(':id', $row['id']);
$stmt2->execute();
$conn = null;
echo '<center><h4>Paste '.$row["uid"].' has been deleted!</h4></center>';
echo '<meta http-equiv="refresh" content="2;url=../index.php">';
die();
} else {
$conn = null;
echo '<center><h4>You are not the owner of the paste '.$row["uid"].'</h4></center>';
echo '<meta http-equiv="refresh" content="2;url=../index.php">';
die();
}
}
} else {
$conn = null;
echo '<center><h4>The paste '.$row["uid"].' does not exist</h4></center>';
echo '<meta http-equiv="refresh" content="2;url=../index.php">';
die();
}
$conn = null;
}
?>
</div>
</div>
</div>

View File

@ -6,7 +6,7 @@ services:
ports: ports:
- '8080:80' - '8080:80'
volumes: volumes:
- ./:/var/www/html - ./src:/var/www/html
- ./nginx_cfg.conf:/etc/nginx/conf.d/default.conf - ./nginx_cfg.conf:/etc/nginx/conf.d/default.conf
links: links:
- php-fpm - php-fpm
@ -17,7 +17,7 @@ services:
environment: environment:
SQL_HOST: db SQL_HOST: db
volumes: volumes:
- ./:/var/www/html - ./src:/var/www/html
db: db:
image: mysql:5.6 image: mysql:5.6

View File

@ -1,35 +0,0 @@
<div class="container">
<div class="panel panel-default">
<div class="panel-body">
<?php
if(isset($_GET['id']) && isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"])){
include_once "includes/user.php";
$uid = GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]);
$paste = $_GET['id'];
//connect to db and get paste info
$conn = GetConnectionToDB();
$stmt = $conn->prepare('SELECT * FROM pastes WHERE uid=:uid');
$stmt->bindParam(':uid', $paste);
$stmt->execute();
if($stmt->rowCount()>0){
while($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
if($row['owner'] === $uid){
include "NewPastePanel.php";
} else {
$conn = null;
echo '<center><h4>You are not the owner of the paste '.$row["uid"].'</h4></center>';
echo '<meta http-equiv="refresh" content="2;url=../index.php">';
die();
}
}
} else {
$conn = null;
echo '<center><h4>The paste '.$row["uid"].' does not exist</h4></center>';
echo '<meta http-equiv="refresh" content="2;url=../index.php">';
}
$conn = null;
}
?>
</div>
</div>
</div>

145
index.php
View File

@ -1,145 +0,0 @@
<?php
if(isset($_GET["page"]) && $_GET["page"] == "login" && isset($_POST["type"]) && $_POST["type"]=="login"){
include_once "login.php";
die();
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<title>Palm-Paste Index</title>
<meta charset="utf-8">
<?php
echo '<meta name="viewport" content="width=device-width, initial-scale=1">';
$dir = "";
if (isset($_GET["user"]) || isset($_GET["page"]) && $_GET["page"]=="edit")$dir="../";
echo '<link rel="stylesheet" href="'.$dir.'css/bootstrap.min.css">';
echo '<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.12.0/jquery.min.js"></script>';
echo '<script src="'.$dir.'js/bootstrap.min.js"></script>';
echo '<script type="text/javascript" src="'.$dir.'js/jquery.dynatable.js"></script>';
echo '<link href="'.$dir.'css/jquery.dynatable.css" rel="stylesheet">';
echo '<link href="'.$dir.'css/chosen.css" rel="stylesheet">';
echo '<script src="'.$dir.'js/chosen.jquery.js" type="text/javascript"></script>';
echo '<script src="'.$dir.'js/chosen.proto.js" type="text/javascript"></script>';
echo "<script>$(document).ready(function(){
$('#tablepastes').dynatable();
$('.chosen-select').chosen();
});</script>";
//<!-- Highlight scripts -->
include_once "includes/highlight.php";
?>
</head>
<body>
<!-- NavBar -->
<nav class="navbar navbar-inverse">
<div class="container">
<div class="navbar-header">
<?php
$dir = "";
if (isset($_GET["user"]) || isset($_GET["page"]) && $_GET["page"]=="edit")$dir="../";
echo '<a class="navbar-brand" href="'.$dir.'index.php">Palm-Paste</a>';
?>
</div>
<ul class="nav navbar-nav">
<li class="active"><a href="index.php">Home</a></li>
<li><a href="#">Page 1</a></li>
<li><a href="#">Page 2</a></li>
</ul>
<ul class="nav navbar-nav navbar-right">
<?php
include_once "includes/user.php";
$dir = "";
if (isset($_GET["user"]) || isset($_GET["page"]) && $_GET["page"]=="edit")$dir="../";
$userID = -1;
if(isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"]))
$userID = GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]);
if($userID == -1){
echo "<li><a href=\"".$dir."signup\"><span class=\"glyphicon glyphicon-user\"></span> Sign Up</a></li>";
echo "<li><a data-toggle=\"modal\" data-target=\"#LoginPopup\" href=\"#\"><span class=\"glyphicon glyphicon-log-in\"></span> Login</a></li>";
} else {
$user = GetUserByID($userID);
echo '
<li class="dropdown">
<a class="dropdown-toggle glyphicon glyphicon-user" data-toggle="dropdown" href="#"> '.htmlspecialchars($user[1], ENT_QUOTES, 'UTF-8').'<span class="caret"></span></a>
<ul class="dropdown-menu">
<li><a href="'.$dir.'mypastes">My pastes</a></li>
<li><a href="'.$dir.'logout">Logout</a></li>
</ul>
</li>
';
}
?>
</ul>
</div>
</nav>
<!-- LoginPopup -->
<div id="LoginPopup" class="modal fade" role="dialog">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal">&times;</button>
<h4 class="modal-title">Login</h4>
</div>
<div class="modal-body">
<!-- Login form -->
<?php
echo'<form role="form" method="POST" action="'.$dir.'login">';
?>
<div class="form-group">
<label for="user">Username:</label>
<input type="user" class="form-control" id="user" name="user">
</div>
<div class="form-group">
<label for="pwd">Password:</label>
<input type="password" class="form-control" id="pwd" name="pwd">
</div>
<div class="checkbox">
<label><input type="checkbox" name="remember"> Remember me</label>
</div>
<input type='hidden' name='type' value='login'></input>
<button type="submit" class="btn btn-default">Submit</button>
</form>
<!-- END Login form -->
</div>
<div class="modal-footer">
<button type="button" class="btn btn-default" data-dismiss="modal">Close</button>
</div>
</div>
</div>
</div>
<!-- Content -->
<?php
if (isset($_GET["page"])){
if($_GET["page"] == "create"){
include_once "NewPaste.php";
} else if($_GET["page"] == "mypastes"){
include_once "MyPastes.php";
} else if($_GET["page"] == "login"){
include_once "login.php";
} else if($_GET["page"] == "logout"){
echo '<center><h4>Please wait...</h4></center>';
echo '<meta http-equiv="refresh" content="2;url=login.php?logout=1">';
die();
} else if($_GET["page"] == "signup"){
include_once "signup.php";
} else if($_GET["page"] == "edit"){
include_once "edit.php";
} else {
$uid = $_GET["page"];
include_once "ViewPaste.php";
}
} else if (isset($_GET["user"])){
include_once "UserPage.php";
} else {
include_once "NewPaste.php";
}
?>
</body>
</html>

120
login.php
View File

@ -1,120 +0,0 @@
<?php
function generate_skey(){
$chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
$key = '';
for ($i = 0; $i < 32; $i++) {
$key .= $chars[mt_rand(0, 61)];
}
return $key;
}
if(isset($_GET["logout"])){
include_once "includes/user.php";
if(isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"])){
LogOutUserBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]);
UnsetBrowserCookies();
}
echo '<center><h4>Please wait...</h4></center>';
echo '<meta http-equiv="refresh" content="2;url=index.php">';
} else if(isset($_POST["type"])) {
if($_POST["type"]=="login" && isset($_POST["user"]) && isset($_POST["pwd"])){
//Get options
$user = $_POST["user"];
$pwd = $_POST["pwd"];
$remember = 0;
if(isset($_POST["remember"]) && $_POST["remember"]=="on")
$remember = 1;
//Try to login
include_once "config/config.php";
$conn = GetConnectionToDB();
$stmt = $conn->prepare('SELECT * FROM users WHERE user=?');
$stmt->execute(array($user));
if($result = $stmt->fetch(PDO::FETCH_ASSOC)){
if (password_verify($pwd, $result["password"])){
$skey = generate_skey();
$stmt = $conn->prepare("INSERT INTO sessions (skey, uid)
VALUES (:skey, :uid)");
$stmt->bindParam(':skey', $skey);
$stmt->bindParam(':uid', $result["id"]);
$stmt->execute();
$sid = $conn->lastInsertId();
$conn = null;
if($remember == 1){
setcookie("pp_sid", $sid, time()+63072000); //Dies in 2 years
setcookie("pp_skey", $skey, time()+63072000); //Dies in 2 years
} else {
setcookie("pp_sid", $sid); //Dies when browser closes
setcookie("pp_skey", $skey); //Dies when browser closes
}
echo '<center><h4>Please wait...</h4></center>';
echo '<meta http-equiv="refresh" content="2;url=index.php">';
die();
}
else echo "No!"; //TODO: Wrong password
} else echo "Fail!"; //TODO: No user or SQL fail.
$conn = null;
}
if($_POST["type"]=="register" && isset($_POST["user"]) && isset($_POST["pwd"])){
//Get options
$user = $_POST["user"];
$pwd = $_POST["pwd"];
$hash = password_hash($pwd ,CRYPT_BLOWFISH);
//Does this user exist
include_once "config/config.php";
$conn = GetConnectionToDB();
$stmt = $conn->prepare('SELECT * FROM users WHERE user=?');
$stmt->execute(array($user));
if($result = $stmt->fetch(PDO::FETCH_ASSOC)){
echo "<div class=\"container\"><h2>User allready exists!</h2></div>";
$conn = null;
die();
}
//Did the person enter a password
if($pwd==""){
echo "<div class=\"container\"><h2>You need a password to singup!</h2></div>";
$conn = null;
die();
}
//Register the user
$stmt = $conn->prepare("INSERT INTO users (user,password)
VALUES (:user, :pwd)");
$stmt->bindParam(':user', $user);
$stmt->bindParam(':pwd', $hash);
if($stmt->execute()){
echo '<center><h4>Please wait...</h4></center>';
echo '<meta http-equiv="refresh" content="2;url=login">';
} else {
echo "Fail!";
}
$conn = null;
}
} else {
echo '
<div class="container">
<div class="panel panel-default">
<div class="panel-heading">Login</div>
<div class="panel-body">
';
echo '
<form role="form" method="POST" action="login">
<div class="form-group">
<label for="user">Username:</label>
<input type="user" class="form-control" id="user" name="user">
</div>
<div class="form-group">
<label for="pwd">Password:</label>
<input type="password" class="form-control" id="pwd" name="pwd">
</div>
<div class="checkbox">
<label><input type="checkbox" name="remember"> Remember me</label>
</div>
<input type=\'hidden\' name=\'type\' value=\'login\'></input>
<button type="submit" class="btn btn-default">Submit</button>
</form>
';
echo '
</div>
</div>
</div>
';
}
?>

View File

@ -16,7 +16,7 @@ server {
} }
location / { location / {
if ( $uri !~ ^/(index\.php|css|js|robots\.txt|favicon\.ico|$) ) { if ( $uri !~ ^/(fonts|public|index\.php|css|js|robots\.txt|favicon\.ico|$) ) {
rewrite ^/u/(.*)$ /index.php?user=$1? last; rewrite ^/u/(.*)$ /index.php?user=$1? last;
rewrite ^/delete/(.*)$ /delete.php?id=$1? last; rewrite ^/delete/(.*)$ /delete.php?id=$1? last;
rewrite ^/([^/]+)/(.*)$ /index.php?page=$1&id=$2? last; rewrite ^/([^/]+)/(.*)$ /index.php?page=$1&id=$2? last;

View File

@ -1,29 +0,0 @@
<div class="container">
<div class="panel panel-default">
<div class="panel-heading">Register</div>
<div class="panel-body">
<!-- Panel Content -->
<form class="form-horizontal" role="form" method="POST" action="login">
<div class="form-group">
<label class="control-label col-sm-2" for="user">Username:</label>
<div class="col-sm-10">
<input type="user" class="form-control" id="user" placeholder="Enter username" name="user">
</div>
</div>
<div class="form-group">
<label class="control-label col-sm-2" for="pwd">Password:</label>
<div class="col-sm-10">
<input type="password" class="form-control" id="pwd" placeholder="Enter password" name="pwd">
</div>
</div>
<div class="form-group">
<div class="col-sm-offset-2 col-sm-10">
<input type='hidden' name='type' value='register'></input>
<button type="submit" class="btn btn-default" >Submit</button>
</div>
</div>
</form>
<!-- END Panel Content -->
</div>
</div>
</div>

19
src/cronjob.php Normal file
View File

@ -0,0 +1,19 @@
<?php
include_once "includes/config.php";
function RemoveExpiredPastes()
{
$conn = GetConnectionToDB();
$time = time();
$stmt = $conn->prepare("DELETE from `pastes` where `expire`<:time and `expire`>0");
$stmt->bindValue(':time', $time);
$stmt->execute();
$conn = null; //close connection to database
echo 'OK! 200';
}
if (isset($_GET["key"])) {
if ($_GET["key"] == $CRON_ExpireKey) { //Delete expired pastes
RemoveExpiredPastes();
}
}
//Cron job example: */5 * * * * curl --silent http://127.0.0.1/paste/cronjob.php?key=fgd45fb5fb15gb > /dev/null
//More about cron jobs: http://www.shellhacks.com/en/Adding-Cron-Jobs-in-Linux-Crontab-Usage-and-Examples

42
src/delete.php Normal file
View File

@ -0,0 +1,42 @@
<div class="container">
<div class="panel panel-default">
<div class="panel-body">
<?php
if (isset($_GET['id']) && isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"])) {
include_once "includes/user.php";
$uid = GetUsersIDBySession($_COOKIE["pp_sid"], $_COOKIE["pp_skey"]);
$paste = $_GET['id'];
//connect to db and get paste info
$conn = GetConnectionToDB();
$stmt = $conn->prepare('SELECT * FROM pastes WHERE uid=:uid');
$stmt->bindParam(':uid', $paste);
$stmt->execute();
if ($stmt->rowCount() > 0) {
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
if ($row['owner'] === $uid) {
$stmt2 = $conn->prepare("DELETE FROM pastes WHERE id=:id");
$stmt2->bindParam(':id', $row['id']);
$stmt2->execute();
$conn = null;
echo '<center><h4>Paste ' . $row["uid"] . ' has been deleted!</h4></center>';
echo '<meta http-equiv="refresh" content="2;url=../index.php">';
die();
} else {
$conn = null;
echo '<center><h4>You are not the owner of the paste ' . $row["uid"] . '</h4></center>';
echo '<meta http-equiv="refresh" content="2;url=../index.php">';
die();
}
}
} else {
$conn = null;
echo '<center><h4>The paste ' . $row["uid"] . ' does not exist</h4></center>';
echo '<meta http-equiv="refresh" content="2;url=../index.php">';
die();
}
$conn = null;
}
?>
</div>
</div>
</div>

View File

@ -11,4 +11,3 @@ function GetConnectionToDB(){
} }
//========CRON_JOBS=========// //========CRON_JOBS=========//
$CRON_ExpireKey = getenv('CRON_EXPIREKEY') ?: "b1g51bf6g"; $CRON_ExpireKey = getenv('CRON_EXPIREKEY') ?: "b1g51bf6g";
?>

View File

@ -4,16 +4,16 @@
if($_GET["page"] == "create" || $_GET["page"] == "mypastes" || $_GET["page"] == "login" || $_GET["page"] == "logout" || $_GET["page"] == "signup"); if($_GET["page"] == "create" || $_GET["page"] == "mypastes" || $_GET["page"] == "login" || $_GET["page"] == "logout" || $_GET["page"] == "signup");
else { else {
$uid = $_GET["page"]; $uid = $_GET["page"];
echo '<script type="text/javascript" src="js/SyntaxHighlighter/shCore.js"></script>'; echo '<script type="text/javascript" src="public/js/SyntaxHighlighter/shCore.js"></script>';
// //
include_once "config/config.php"; include_once "includes/config.php";
$conn = GetConnectionToDB(); $conn = GetConnectionToDB();
$stmt = $conn->query('SELECT highlight FROM pastes WHERE uid="'.$uid.'"'); $stmt = $conn->query('SELECT highlight FROM pastes WHERE uid="'.$uid.'"');
if($result = $stmt->fetch(PDO::FETCH_ASSOC)){ if($result = $stmt->fetch(PDO::FETCH_ASSOC)){
$conn = null; $conn = null;
$_HL = $result["highlight"]; $_HL = $result["highlight"];
if($_HL == "")$_HL = "plain"; if($_HL == "")$_HL = "plain";
echo '<script type="text/javascript" src="js/SyntaxHighlighter/'; echo '<script type="text/javascript" src="public/js/SyntaxHighlighter/';
if($result["highlight"]=="cpp")echo 'shBrushCpp.js'; if($result["highlight"]=="cpp")echo 'shBrushCpp.js';
else if($result["highlight"]=="python")echo 'shBrushPython.js'; else if($result["highlight"]=="python")echo 'shBrushPython.js';
else if($result["highlight"]=="applescript")echo 'shBrushAppleScript.js'; else if($result["highlight"]=="applescript")echo 'shBrushAppleScript.js';
@ -43,8 +43,7 @@
} }
$conn = null; $conn = null;
// //
echo '<link href="css/SyntaxHighlighter/shCore.css" rel="stylesheet" type="text/css"> echo '<link href="public/css/SyntaxHighlighter/shCore.css" rel="stylesheet" type="text/css">
<link href="css/SyntaxHighlighter/shThemeDefault.css" rel="stylesheet" type="text/css" />'; <link href="public/css/SyntaxHighlighter/shThemeDefault.css" rel="stylesheet" type="text/css" />';
} }
} }
?>

View File

@ -1,6 +1,6 @@
<?php <?php
function GetUsersIDBySession($sid, $skey) { function GetUsersIDBySession($sid, $skey) {
include_once "config/config.php"; include_once "includes/config.php";
$conn = GetConnectionToDB(); $conn = GetConnectionToDB();
$stmt = $conn->prepare("SELECT uid FROM sessions WHERE id=:sid AND skey=:skey"); $stmt = $conn->prepare("SELECT uid FROM sessions WHERE id=:sid AND skey=:skey");
$stmt->bindParam(':skey', $skey); $stmt->bindParam(':skey', $skey);
@ -15,7 +15,7 @@ function GetUsersIDBySession($sid,$skey){
} }
} }
function LogOutUserBySession($sid, $skey) { function LogOutUserBySession($sid, $skey) {
include_once "config/config.php"; include_once "includes/config.php";
$conn = GetConnectionToDB(); $conn = GetConnectionToDB();
$stmt = $conn->prepare("DELETE FROM sessions WHERE id=:sid AND skey=:skey"); $stmt = $conn->prepare("DELETE FROM sessions WHERE id=:sid AND skey=:skey");
$stmt->bindParam(':skey', $skey); $stmt->bindParam(':skey', $skey);
@ -29,7 +29,7 @@ function UnsetBrowserCookies(){
setcookie("pp_skey", '', time() - 3600); setcookie("pp_skey", '', time() - 3600);
} }
function GetUserByID($id) { function GetUserByID($id) {
include_once "config/config.php"; include_once "includes/config.php";
$conn = GetConnectionToDB(); $conn = GetConnectionToDB();
$stmt = $conn->prepare("SELECT * FROM users WHERE id=:id"); $stmt = $conn->prepare("SELECT * FROM users WHERE id=:id");
$stmt->bindParam(':id', $id); $stmt->bindParam(':id', $id);
@ -43,7 +43,7 @@ function GetUserByID($id){
} }
} }
function GetUserIDByName($name) { function GetUserIDByName($name) {
include_once "config/config.php"; include_once "includes/config.php";
$conn = GetConnectionToDB(); $conn = GetConnectionToDB();
$stmt = $conn->prepare("SELECT * FROM users WHERE user=:name"); $stmt = $conn->prepare("SELECT * FROM users WHERE user=:name");
$stmt->bindParam(':name', $name); $stmt->bindParam(':name', $name);
@ -56,4 +56,3 @@ function GetUserIDByName($name){
return -1; return -1;
} }
} }
?>

46
src/index.php Normal file
View File

@ -0,0 +1,46 @@
<?php
if (isset($_GET["page"]) && $_GET["page"] == "login" && isset($_POST["type"]) && $_POST["type"] == "login") {
include_once "views/login.php";
die();
}
ob_start();
// <!-- Highlight scripts -->
include_once "includes/highlight.php";
if (isset($_GET["page"])) {
switch ($_GET["page"]) {
case "create":
require "views/new-paste.php";
break;
case "mypastes":
require "views/my-pastes.php";
break;
case "login":
require "views/login.php";
break;
case "logout":
echo '<center><h4>Please wait...</h4></center>';
echo '<meta http-equiv="refresh" content="2;url=login.php?logout=1">';
die();
case "signup":
require "views/signup.php";
break;
case "edit":
require "views/edit.php";
break;
default:
$uid = $_GET["page"];
require "views/view-paste.php";
break;
}
} else if (isset($_GET["user"])) {
include_once "views/user.php";
} else {
include_once "views/new-paste.php";
}
$content = ob_get_clean();
require 'views/_layout.php';

View File

@ -1,5 +1,5 @@
<?php <?php
include_once "config/config.php"; include_once "includes/config.php";
function generate_uid () { function generate_uid () {
$conn = GetConnectionToDB(); $conn = GetConnectionToDB();
@ -124,4 +124,3 @@ if(isset($_POST["type"])){
} }
} }
} }
?>

View File

Before

Width:  |  Height:  |  Size: 106 KiB

After

Width:  |  Height:  |  Size: 106 KiB

44
src/views/_layout.php Normal file
View File

@ -0,0 +1,44 @@
<?php
if (!isset($content)) {
$content = '<p>no content</p>';
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<title>Palm-Paste Index</title>
<meta charset="utf-8">
<?php
echo '<meta name="viewport" content="width=device-width, initial-scale=1">';
$dir = "";
if (isset($_GET["user"]) || isset($_GET["page"]) && $_GET["page"] == "edit") $dir = "../";
echo '<link rel="stylesheet" href="' . $dir . 'public/css/bootstrap.min.css">';
echo '<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.12.0/jquery.min.js"></script>';
echo '<script src="' . $dir . 'public/js/bootstrap.min.js"></script>';
echo '<script type="text/javascript" src="' . $dir . 'public/js/jquery.dynatable.js"></script>';
echo '<link href="' . $dir . 'public/css/jquery.dynatable.css" rel="stylesheet">';
echo '<link href="' . $dir . 'public/css/chosen.css" rel="stylesheet">';
echo '<script src="' . $dir . 'public/js/chosen.jquery.js" type="text/javascript"></script>';
echo '<script src="' . $dir . 'public/js/chosen.proto.js" type="text/javascript"></script>';
echo "<script>$(document).ready(function(){
$('#tablepastes').dynatable();
$('.chosen-select').chosen();
});</script>";
?>
</head>
<body>
<!-- NavBar -->
<?php include_once "views/_navbar.php" ?>
<!-- Content -->
<?php echo $content; ?>
</body>
</html>

79
src/views/_navbar.php Normal file
View File

@ -0,0 +1,79 @@
<nav class="navbar navbar-inverse">
<div class="container">
<div class="navbar-header">
<?php
$dir = "";
if (isset($_GET["user"]) || isset($_GET["page"]) && $_GET["page"] == "edit") $dir = "../";
echo '<a class="navbar-brand" href="' . $dir . '.">Palm-Paste</a>';
?>
</div>
<ul class="nav navbar-nav">
<li class="active"><a href="index.php">Home</a></li>
<li><a href="#">Page 1</a></li>
<li><a href="#">Page 2</a></li>
</ul>
<ul class="nav navbar-nav navbar-right">
<?php
include_once "includes/user.php";
$dir = "";
if (isset($_GET["user"]) || isset($_GET["page"]) && $_GET["page"] == "edit") $dir = "../";
$userID = -1;
if (isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"]))
$userID = GetUsersIDBySession($_COOKIE["pp_sid"], $_COOKIE["pp_skey"]);
if ($userID == -1) {
echo "<li><a href=\"" . $dir . "signup\"><span class=\"glyphicon glyphicon-user\"></span> Sign Up</a></li>";
echo "<li><a data-toggle=\"modal\" data-target=\"#LoginPopup\" href=\"#\"><span class=\"glyphicon glyphicon-log-in\"></span> Login</a></li>";
} else {
$user = GetUserByID($userID);
echo '
<li class="dropdown">
<a class="dropdown-toggle glyphicon glyphicon-user" data-toggle="dropdown" href="#"> ' . htmlspecialchars($user[1], ENT_QUOTES, 'UTF-8') . '<span class="caret"></span></a>
<ul class="dropdown-menu">
<li><a href="' . $dir . 'mypastes">My pastes</a></li>
<li><a href="' . $dir . 'logout">Logout</a></li>
</ul>
</li>
';
}
?>
</ul>
</div>
</nav>
<!-- LoginPopup -->
<div id="LoginPopup" class="modal fade" role="dialog">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal">&times;</button>
<h4 class="modal-title">Login</h4>
</div>
<div class="modal-body">
<!-- Login form -->
<?php
echo '<form role="form" method="POST" action="' . $dir . 'login">';
?>
<div class="form-group">
<label for="user">Username:</label>
<input type="user" class="form-control" id="user" name="user">
</div>
<div class="form-group">
<label for="pwd">Password:</label>
<input type="password" class="form-control" id="pwd" name="pwd">
</div>
<div class="checkbox">
<label><input type="checkbox" name="remember"> Remember me</label>
</div>
<input type='hidden' name='type' value='login'></input>
<button type="submit" class="btn btn-default">Submit</button>
</form>
<!-- END Login form -->
</div>
<div class="modal-footer">
<button type="button" class="btn btn-default" data-dismiss="modal">Close</button>
</div>
</div>
</div>
</div>

119
src/views/_new-paste.php Normal file
View File

@ -0,0 +1,119 @@
<div class="panel panel-default">
<div class="panel-body">
<?php
$edit_mode = false;
if (isset($_GET['page']) && $_GET['page'] == 'edit') {
$edit_mode = true;
printf('You are editing paste ' . $_GET['id']);
printf('<form role="form" method="post" action="../post.php" onsubmit="document.getElementById(\'submit\').disabled=true;document.getElementById(\'submit\').value=\'Please wait...\';">');
} else printf('<form role="form" method="post" action="post.php" onsubmit="document.getElementById(\'submit\').disabled=true;document.getElementById(\'submit\').value=\'Please wait...\';">');
?>
<div class="form-group">
<label for="title">Paste title:</label>
<?php
if ($edit_mode == true) {
printf('<input type="title" class="form-control" value="' . $row['title'] . '" id="title" name="title">');
} else printf('<input type="title" class="form-control" id="title" name="title">');
?>
</div>
<div class="form-group">
<label for="text">New paste:</label>
<?php
if ($edit_mode == true) {
echo '<textarea class="form-control" rows="5" id="text" name="text">' . $row['text'] . '</textarea>';
} else printf('<textarea class="form-control" rows="5" id="text" name="text"></textarea>');
?>
</div>
<?php
if ($edit_mode == true) {
printf("<input type='hidden' name='type' value='edit_paste'></input>");
printf("<input type='hidden' name='uid' value='" . $row['uid'] . "'></input>");
} else printf("<input type='hidden' name='type' value='paste'></input>");
?>
<div class="container-fluid">
<div class="row">
<div class="col-sm-6">
<!-- Posting as guest -->
<div class="checkbox">
<label><input type="checkbox" name="asguest">Post as guest</label>
</div>
<!-- Submit -->
<button type="submit" class="btn btn-default">Submit</button>
</div>
<div class="col-sm-6">
<!-- Expiry -->
<div class="form-group">
<label for="expire">Expiration:</label>
<select class="form-control" id="expire" name="expire">
<option>Never</option>
<option value="600">10 Minutes</option>
<option value="3600">1 Hour</option>
<option value="86400">1 Day</option>
<option value="2592000">1 Month</option>
</select>
</div>
<!-- Syntax Highlight -->
<div class="form-group">
<label for="syntax">Syntax Highlight:</label>
<select data-placeholder="None" class="form-control chosen-select" id="syntax" name="syntax">
<?php
if ($edit_mode == true)
print '<option value="' . $row['highlight'] . '">Current (' . $row['highlight'] . ')</option>';
?>
<option value="plain">Plain</option>
<option value="applescript">AppleScript</option>
<option value="as3">ActionScript3 (AS3)</option>
<option value="bash">Bash</option>
<option value="cf">ColdFusion</option>
<option value="cpp">C++</option>
<option value="csharp">C#</option>
<option value="css">CSS</option>
<option value="delphi">Delphi</option>
<option value="diff">Diff</option>
<option value="erlang">Erlang</option>
<option value="groovy">Groovy</option>
<option value="java">Java</option>
<option value="javafx">JavaFX</option>
<option value="jscript">JScript</option>
<option value="perl">Perl</option>
<option value="php">Php</option>
<option value="powershell">PowerShell</option>
<option value="python">Python</option>
<option value="ruby">Ruby</option>
<option value="sass">Sass</option>
<option value="scala">Scala</option>
<option value="sql">Sql</option>
<option value="vb">VB</option>
<option value="xml">Xml</option>
</select>
</div>
<!-- Type -->
<div class="form-group">
<label for="exposure">Type:</label>
<select class="form-control" id="exposure" name="exposure">
<?php
print '<option value="0">Public</option>';
if ($edit_mode == true && $row['exposure'] == 1)
print '<option selected="selected" value="1">Unlisted</option>';
else print '<option value="1">Unlisted</option>';
include_once "includes/user.php";
$userID = -1;
if (isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"]))
$userID = GetUsersIDBySession($_COOKIE["pp_sid"], $_COOKIE["pp_skey"]);
if ($userID == -1)
print '<option value="2" disabled>Private (Members only)</option>';
else {
if ($edit_mode === true && $row['exposure'] === 2)
print '<option selected="selected" value="2" >Private</option>';
else print '<option value="2" >Private</option>';
}
?>
</select>
</div>
<!-- END Type -->
</div>
</div>
</div>
</form>
</div>
</div>

View File

@ -0,0 +1,18 @@
<div class="panel panel-default">
<div class="panel-body">
<h4>Newest pastes:</h4>
<div class="list-group">
<?php
include_once "includes/config.php";
$conn = GetConnectionToDB();
$stmt = $conn->query('SELECT * FROM pastes WHERE exposure=0 ORDER BY id DESC LIMIT 5');
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
$title = htmlspecialchars($row['title'], ENT_QUOTES, 'UTF-8');
if (strlen($title) > 25) $title = substr($title, 0, 25) . "...";
echo "<a href=\"" . htmlspecialchars($row['uid'], ENT_QUOTES, 'UTF-8') . "\" class=\"list-group-item\">" . $title . "</a>";
}
$conn = null;
?>
</div>
</div>
</div>

35
src/views/edit.php Normal file
View File

@ -0,0 +1,35 @@
<div class="container">
<div class="panel panel-default">
<div class="panel-body">
<?php
if (isset($_GET['id']) && isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"])) {
include_once "includes/user.php";
$uid = GetUsersIDBySession($_COOKIE["pp_sid"], $_COOKIE["pp_skey"]);
$paste = $_GET['id'];
//connect to db and get paste info
$conn = GetConnectionToDB();
$stmt = $conn->prepare('SELECT * FROM pastes WHERE uid=:uid');
$stmt->bindParam(':uid', $paste);
$stmt->execute();
if ($stmt->rowCount() > 0) {
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
if ($row['owner'] === $uid) {
include "views/_new-paste.php";
} else {
$conn = null;
echo '<center><h4>You are not the owner of the paste ' . $row["uid"] . '</h4></center>';
echo '<meta http-equiv="refresh" content="2;url=../index.php">';
die();
}
}
} else {
$conn = null;
echo '<center><h4>The paste ' . $row["uid"] . ' does not exist</h4></center>';
echo '<meta http-equiv="refresh" content="2;url=../index.php">';
}
$conn = null;
}
?>
</div>
</div>
</div>

119
src/views/login.php Normal file
View File

@ -0,0 +1,119 @@
<?php
function generate_skey()
{
$chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
$key = '';
for ($i = 0; $i < 32; $i++) {
$key .= $chars[mt_rand(0, 61)];
}
return $key;
}
if (isset($_GET["logout"])) {
include_once "includes/user.php";
if (isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"])) {
LogOutUserBySession($_COOKIE["pp_sid"], $_COOKIE["pp_skey"]);
UnsetBrowserCookies();
}
echo '<center><h4>Please wait...</h4></center>';
echo '<meta http-equiv="refresh" content="2;url=index.php">';
} else if (isset($_POST["type"])) {
if ($_POST["type"] == "login" && isset($_POST["user"]) && isset($_POST["pwd"])) {
//Get options
$user = $_POST["user"];
$pwd = $_POST["pwd"];
$remember = 0;
if (isset($_POST["remember"]) && $_POST["remember"] == "on")
$remember = 1;
//Try to login
include_once "includes/config.php";
$conn = GetConnectionToDB();
$stmt = $conn->prepare('SELECT * FROM users WHERE user=?');
$stmt->execute(array($user));
if ($result = $stmt->fetch(PDO::FETCH_ASSOC)) {
if (password_verify($pwd, $result["password"])) {
$skey = generate_skey();
$stmt = $conn->prepare("INSERT INTO sessions (skey, uid)
VALUES (:skey, :uid)");
$stmt->bindParam(':skey', $skey);
$stmt->bindParam(':uid', $result["id"]);
$stmt->execute();
$sid = $conn->lastInsertId();
$conn = null;
if ($remember == 1) {
setcookie("pp_sid", $sid, time() + 63072000); //Dies in 2 years
setcookie("pp_skey", $skey, time() + 63072000); //Dies in 2 years
} else {
setcookie("pp_sid", $sid); //Dies when browser closes
setcookie("pp_skey", $skey); //Dies when browser closes
}
echo '<center><h4>Please wait...</h4></center>';
echo '<meta http-equiv="refresh" content="2;url=index.php">';
die();
} else echo "No!"; //TODO: Wrong password
} else echo "Fail!"; //TODO: No user or SQL fail.
$conn = null;
}
if ($_POST["type"] == "register" && isset($_POST["user"]) && isset($_POST["pwd"])) {
//Get options
$user = $_POST["user"];
$pwd = $_POST["pwd"];
$hash = password_hash($pwd, CRYPT_BLOWFISH);
//Does this user exist
include_once "includes/config.php";
$conn = GetConnectionToDB();
$stmt = $conn->prepare('SELECT * FROM users WHERE user=?');
$stmt->execute(array($user));
if ($result = $stmt->fetch(PDO::FETCH_ASSOC)) {
echo "<div class=\"container\"><h2>User allready exists!</h2></div>";
$conn = null;
die();
}
//Did the person enter a password
if ($pwd == "") {
echo "<div class=\"container\"><h2>You need a password to singup!</h2></div>";
$conn = null;
die();
}
//Register the user
$stmt = $conn->prepare("INSERT INTO users (user,password)
VALUES (:user, :pwd)");
$stmt->bindParam(':user', $user);
$stmt->bindParam(':pwd', $hash);
if ($stmt->execute()) {
echo '<center><h4>Please wait...</h4></center>';
echo '<meta http-equiv="refresh" content="2;url=login">';
} else {
echo "Fail!";
}
$conn = null;
}
} else {
echo '
<div class="container">
<div class="panel panel-default">
<div class="panel-heading">Login</div>
<div class="panel-body">
';
echo '
<form role="form" method="POST" action="login">
<div class="form-group">
<label for="user">Username:</label>
<input type="user" class="form-control" id="user" name="user">
</div>
<div class="form-group">
<label for="pwd">Password:</label>
<input type="password" class="form-control" id="pwd" name="pwd">
</div>
<div class="checkbox">
<label><input type="checkbox" name="remember"> Remember me</label>
</div>
<input type=\'hidden\' name=\'type\' value=\'login\'></input>
<button type="submit" class="btn btn-default">Submit</button>
</form>
';
echo '
</div>
</div>
</div>
';
}

60
src/views/my-pastes.php Normal file
View File

@ -0,0 +1,60 @@
<div class="container">
<div class="panel panel-default">
<div class="panel-body">
<?php
include_once "includes/config.php";
include_once "includes/user.php";
$conn = GetConnectionToDB();
if (GetUsersIDBySession($_COOKIE["pp_sid"], $_COOKIE["pp_skey"]) == -1) {
printf('<h2>You must be loged in to see your pastes!</h2>');
$conn = null;
echo '</div></div></div>';
die();
}
$stmt = $conn->prepare('SELECT * FROM pastes WHERE owner=:own');
$own = GetUsersIDBySession($_COOKIE["pp_sid"], $_COOKIE["pp_skey"]);
$stmt->bindParam(':own', $own);
$stmt->execute();
if ($stmt->rowCount() > 0) {
echo "<table id=\"tablepastes\" class=\"table table-striped\" style=\"width:100%\">";
printf('<thead><th data-dynatable-column="name" style="text-align: left;">Title</th>
<th style="text-align: left;">Added</th>
<th style="text-align: left;">Expires</th>
<th style="text-align: left;">ID</th>
<th style="text-align: left;">Actions</th></thead>');
printf('<tbody>');
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
$title = $row['title'];
//Paste title
printf('<tr><td style="text-align: left;">' . htmlspecialchars($row["title"], ENT_QUOTES, 'UTF-8') . '</td>');
//Creation date
printf('<td style="text-align: left;">' . date('Y-m-d', $row["created"]) . '</td>');
//Expire date
if ($row["expire"] == 0) printf('<td style="text-align: left;">Never</td>');
else {
$expire = ($row["expire"] - time()) / 3600;
if ($expire > 24) {
printf('<td style="text-align: left;">' . round($expire / 24) . ' days from now</td>');
} else if ($expire >= 1)
printf('<td style="text-align: left;">' . round($expire) . ' hours from now</td>');
else printf('<td style="text-align: left;">' . round($expire * 60) . ' minutes from now</td>');
}
//Paste url
printf('<td style="text-align: right;"><a href="' . htmlspecialchars($row["uid"], ENT_QUOTES, 'UTF-8') . '">' . htmlspecialchars($row["uid"], ENT_QUOTES, 'UTF-8') . '</a></td>');
//Actions
printf('<td style="text-align: right;">');
//delete paste
printf('<a href="delete/' . htmlspecialchars($row["uid"], ENT_QUOTES, 'UTF-8') . '"><span class="glyphicon glyphicon-trash" title="Delete paste" aria-hidden="true"></span>');
//edit paste
printf('<a href="edit/' . htmlspecialchars($row["uid"], ENT_QUOTES, 'UTF-8') . '"><span class="glyphicon glyphicon-edit" title="Edit paste" aria-hidden="true"></span>');
printf('</td></tr>');
}
printf('</tbody></talbe>');
} else {
printf('<h2>You havent made any pastes yet!</h2>');
}
$conn = null;
?>
</div>
</div>
</div>

12
src/views/new-paste.php Normal file
View File

@ -0,0 +1,12 @@
<div class="container">
<div class="container-fluid">
<div class="row">
<div class="col-sm-9">
<?php include "views/_new-paste.php"; ?>
</div>
<div class="col-sm-3">
<?php include "views/_recent-pastes.php"; ?>
</div>
</div>
</div>
</div>

29
src/views/signup.php Normal file
View File

@ -0,0 +1,29 @@
<div class="container">
<div class="panel panel-default">
<div class="panel-heading">Register</div>
<div class="panel-body">
<!-- Panel Content -->
<form class="form-horizontal" role="form" method="POST" action="login">
<div class="form-group">
<label class="control-label col-sm-2" for="user">Username:</label>
<div class="col-sm-10">
<input type="user" class="form-control" id="user" placeholder="Enter username" name="user">
</div>
</div>
<div class="form-group">
<label class="control-label col-sm-2" for="pwd">Password:</label>
<div class="col-sm-10">
<input type="password" class="form-control" id="pwd" placeholder="Enter password" name="pwd">
</div>
</div>
<div class="form-group">
<div class="col-sm-offset-2 col-sm-10">
<input type='hidden' name='type' value='register'></input>
<button type="submit" class="btn btn-default">Submit</button>
</div>
</div>
</form>
<!-- END Panel Content -->
</div>
</div>
</div>

52
src/views/user.php Normal file
View File

@ -0,0 +1,52 @@
<div class="container">
<div class="panel panel-default">
<div class="panel-body">
<?php
include_once "includes/config.php";
include_once "includes/user.php";
$conn = GetConnectionToDB();
$ownerID = GetUserIDByName($_GET["user"]);
if ($ownerID != -1) {
//== Print user info ==//
$owner = GetUserByID($ownerID);
printf('<h2>' . $owner["user"] . '\'s profile</h2>');
//== Print pastes ==//
$query = "SELECT * FROM pastes WHERE owner=:own AND exposure=0";
if (GetUsersIDBySession($_COOKIE["pp_sid"], $_COOKIE["pp_skey"]) == $ownerID) $query = "SELECT * FROM pastes WHERE owner=:own";
$stmt = $conn->prepare($query);
$stmt->bindParam(':own', $ownerID);
$stmt->execute();
if ($stmt->rowCount() > 0) {
echo "<table id=\"tablepastes\" class=\"table table-striped\" style=\"width:100%\">";
printf('<thead><th data-dynatable-column="name" style="text-align: left;">Title</th>
<th style="text-align: left;">Added</th>
<th style="text-align: left;">Expires</th>
<th style="text-align: left;">ID</th></thead>');
printf('<tbody>');
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
$title = $row['title'];
printf('<tr><td style="text-align: left;">' . htmlspecialchars($row["title"], ENT_QUOTES, 'UTF-8') . '</td>');
printf('<td style="text-align: left;">' . date('Y-m-d', $row["created"]) . '</td>');
if ($row["expire"] == 0) printf('<td style="text-align: left;">Never</td>');
else {
$expire = ($row["expire"] - time()) / 3600;
if ($expire > 24) {
printf('<td style="text-align: left;">' . round($expire / 24) . ' days from now</td>');
} else if ($expire >= 1)
printf('<td style="text-align: left;">' . round($expire) . ' hours from now</td>');
else printf('<td style="text-align: left;">' . round($expire * 60) . ' minutes from now</td>');
}
printf('<td style="text-align: right;"><a href="../' . htmlspecialchars($row["uid"], ENT_QUOTES, 'UTF-8') . '">' . htmlspecialchars($row["uid"], ENT_QUOTES, 'UTF-8') . '</a></td></tr>');
}
printf('</tbody></talbe>');
} else {
printf('<h2>This user has no public pastes!</h2>');
}
} else printf('<h2>User does not exist!</h2>');
$conn = null;
?>
</div>
</div>
</div>

55
src/views/view-paste.php Normal file
View File

@ -0,0 +1,55 @@
<div class="container">
<div class="panel panel-default">
<div class="panel-body">
<?php
if (isset($uid)) {
include_once "includes/config.php";
include_once "includes/user.php";
$conn = GetConnectionToDB();
$stmt = $conn->query('SELECT * FROM pastes WHERE uid="' . $uid . '"');
if ($result = $stmt->fetch(PDO::FETCH_ASSOC)) {
$conn = null;
if ($result["expire"] != 0 && $result["expire"] < time()) {
//This paste is expired but not removed
echo "<h1>This paste just expired</h1>";
include_once "cronjob.php";
RemoveExpiredPastes();
die();
}
if ($result["exposure"] == 2 && $result["owner"] != 0 && isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"]) && $result["owner"] != GetUsersIDBySession($_COOKIE["pp_sid"], $_COOKIE["pp_skey"])) {
echo "<h1>This paste is private</h1>";
die();
}
echo "<h1>" . htmlspecialchars($result["title"], ENT_QUOTES, 'UTF-8') . "</h1>";
//
$owner = GetUserByID($result["owner"]);
echo "<h5>";
if ($owner[1] == -1)
echo "Posted by: <b>Guest</b>";
else echo "Posted by: <b><a href=\"u/" . htmlspecialchars($owner[1]) . "\">" . htmlspecialchars($owner[1]) . "</a></b>";
echo ", at " . date('Y-m-d', $result["created"]) . ", it will expire <b>";
if ($result["expire"] == 0) printf('Never');
else {
$expire = ($result["expire"] - time()) / 3600;
if ($expire > 24) {
printf(round($expire / 24) . ' days from now');
} else if ($expire >= 1)
printf(round($expire) . ' hours from now');
else printf(round($expire * 60) . ' minutes from now');
}
echo "</b></h5>";
//
echo "<pre class=\"brush: " . $_HL . "\">";
echo htmlspecialchars($result["text"], ENT_QUOTES, 'UTF-8') . "</pre><pb>";
echo "<label for=\"rawtext\">Raw text:</label>";
echo "<textarea id=\"rawtext\" class=\"form-control\" rows=\"10\">" . htmlspecialchars($result["text"], ENT_QUOTES, 'UTF-8') . "</textarea>";
} else echo "Paste does not exist";
$conn = null;
} else echo "Error: id not set";
?>
<script type="text/javascript">
SyntaxHighlighter.all()
</script>
</div>
</div>
</div>