pk
/
palm-paste
mirror of https://github.com/pikami/palm-paste.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Refactor pastes to use repository

This commit is contained in:
Pijus Kamandulis 2023-09-14 23:33:31 +03:00
parent 6617d03a17
commit d3970c3116
14 changed files with 495 additions and 337 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
src/cronjob.php
View File

@ -1,18 +1,11 @@
<?php
include_once "includes/config.php";
function RemoveExpiredPastes()
{
$conn = GetConnectionToDB();
$time = time();
$stmt = $conn->prepare("DELETE from `pastes` where `expire`<:time and `expire`>0");
$stmt->bindValue(':time', $time);
$stmt->execute();
$conn = null; //close connection to database
echo 'OK! 200';
}
if (isset($_GET["key"])) {
if ($_GET["key"] == $CRON_ExpireKey) { //Delete expired pastes
RemoveExpiredPastes();
include_once "repositories/paste-repository.php";
$pasteRepo = new PasteRepository();
echo $pasteRepo->removeExpiredPastes();
}
}
//Cron job example: */5 * * * * curl --silent http://127.0.0.1/paste/cronjob.php?key=fgd45fb5fb15gb > /dev/null

30
src/delete.php
View File

@ -6,36 +6,20 @@
include_once "includes/user.php";
$uid = GetUsersIDBySession($_COOKIE["pp_sid"], $_COOKIE["pp_skey"]);
$paste = $_GET['id'];
//connect to db and get paste info
$conn = GetConnectionToDB();
$stmt = $conn->prepare('SELECT * FROM pastes WHERE uid=:uid');
$stmt->bindParam(':uid', $paste);
$stmt->execute();
if ($stmt->rowCount() > 0) {
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
if ($row['owner'] === $uid) {
$stmt2 = $conn->prepare("DELETE FROM pastes WHERE id=:id");
$stmt2->bindParam(':id', $row['id']);
$stmt2->execute();
$conn = null;
echo '<center><h4>Paste ' . $row["uid"] . ' has been deleted!</h4></center>';
include_once "repositories/paste-repository.php";
$pasteRepo = new PasteRepository();
$result = $pasteRepo->deletePasteByUID($paste, $uid);
if ($result === 'OK! 200') {
echo '<center><h4>Paste ' . $paste . ' has been deleted!</h4></center>';
echo '<meta http-equiv="refresh" content="2;url=../index.php">';
die();
} else {
$conn = null;
echo '<center><h4>You are not the owner of the paste ' . $row["uid"] . '</h4></center>';
echo '<center><h4>' . $result . '</h4></center>';
echo '<meta http-equiv="refresh" content="2;url=../index.php">';
die();
}
}
} else {
$conn = null;
echo '<center><h4>The paste ' . $row["uid"] . ' does not exist</h4></center>';
echo '<meta http-equiv="refresh" content="2;url=../index.php">';
die();
}
$conn = null;
}
?>
</div>
</div>

2
src/includes/config.php
View File

@ -11,3 +11,5 @@ function GetConnectionToDB() {
}
//========CRON_JOBS=========//
$CRON_ExpireKey = getenv('CRON_EXPIREKEY') ?: "b1g51bf6g";
//=========GENERAL==========//
$BASE_DIR = "/";

90
src/includes/highlight.php
View File

@ -1,49 +1,51 @@
<?php
$_HL = "plain";
if (isset($_GET["page"])){
if($_GET["page"] == "create" || $_GET["page"] == "mypastes" || $_GET["page"] == "login" || $_GET["page"] == "logout" || $_GET["page"] == "signup");
include_once "includes/config.php";
$_HL = "plain";
if (isset($_GET["page"])) {
if ($_GET["page"] == "create" || $_GET["page"] == "mypastes" || $_GET["page"] == "login" || $_GET["page"] == "logout" || $_GET["page"] == "signup");
else {
$uid = $_GET["page"];
echo '<script type="text/javascript" src="public/js/SyntaxHighlighter/shCore.js"></script>';
//
include_once "includes/config.php";
$conn = GetConnectionToDB();
$stmt = $conn->query('SELECT highlight FROM pastes WHERE uid="'.$uid.'"');
if($result = $stmt->fetch(PDO::FETCH_ASSOC)){
$conn = null;
$_HL = $result["highlight"];
if($_HL == "")$_HL = "plain";
echo '<script type="text/javascript" src="public/js/SyntaxHighlighter/';
if($result["highlight"]=="cpp")echo 'shBrushCpp.js';
else if($result["highlight"]=="python")echo 'shBrushPython.js';
else if($result["highlight"]=="applescript")echo 'shBrushAppleScript.js';
else if($result["highlight"]=="as3")echo 'shBrushAS3.js';
else if($result["highlight"]=="bash")echo 'shBrushBash.js';
else if($result["highlight"]=="cf")echo 'shBrushColdFusion.js';
else if($result["highlight"]=="csharp")echo 'shBrushCSharp.js';
else if($result["highlight"]=="css")echo 'shBrushCss.js';
else if($result["highlight"]=="delphi")echo 'shBrushDelphi.js';
else if($result["highlight"]=="diff")echo 'shBrushDiff.js';
else if($result["highlight"]=="erlang")echo 'shBrushErlang.js';
else if($result["highlight"]=="groovy")echo 'shBrushGroovy.js';
else if($result["highlight"]=="java")echo 'shBrushJava.js';
else if($result["highlight"]=="javafx")echo 'shBrushJavaFX.js';
else if($result["highlight"]=="jscript")echo 'shBrushJScript.js';
else if($result["highlight"]=="perl")echo 'shBrushPerl.js';
else if($result["highlight"]=="php")echo 'shBrushPhp.js';
else if($result["highlight"]=="powershell")echo 'shBrushPowerShell.js';
else if($result["highlight"]=="ruby")echo 'shBrushRuby.js';
else if($result["highlight"]=="sass")echo 'shBrushSass.js';
else if($result["highlight"]=="scala")echo 'shBrushScala.js';
else if($result["highlight"]=="sql")echo 'shBrushSql.js';
else if($result["highlight"]=="vb")echo 'shBrushVb.js';
else if($result["highlight"]=="xml")echo 'shBrushXml.js';
else echo 'shBrushPlain.js';
echo '"></script>';
}
$conn = null;
//
echo '<link href="public/css/SyntaxHighlighter/shCore.css" rel="stylesheet" type="text/css">
<link href="public/css/SyntaxHighlighter/shThemeDefault.css" rel="stylesheet" type="text/css" />';
echo '<script type="text/javascript" src="' . $BASE_DIR . 'public/js/SyntaxHighlighter/shCore.js"></script>';
include_once "repositories/paste-repository.php";
$pasteRepo = new PasteRepository();
$_HL = $pasteRepo->getSyntaxHighlightByUID($uid);
if ($_HL === "") {
$_HL = "plain";
}
$highlightToBrushFileMap = [
"python" => 'shBrushPython.js',
"applescript" => 'shBrushAppleScript.js',
"as3" => 'shBrushAS3.js',
"bash" => 'shBrushBash.js',
"cf" => 'shBrushColdFusion.js',
"csharp" => 'shBrushCSharp.js',
"css" => 'shBrushCss.js',
"delphi" => 'shBrushDelphi.js',
"diff" => 'shBrushDiff.js',
"erlang" => 'shBrushErlang.js',
"groovy" => 'shBrushGroovy.js',
"java" => 'shBrushJava.js',
"javafx" => 'shBrushJavaFX.js',
"jscript" => 'shBrushJScript.js',
"perl" => 'shBrushPerl.js',
"php" => 'shBrushPhp.js',
"powershell" => 'shBrushPowerShell.js',
"ruby" => 'shBrushRuby.js',
"sass" => 'shBrushSass.js',
"scala" => 'shBrushScala.js',
"sql" => 'shBrushSql.js',
"vb" => 'shBrushVb.js',
"xml" => 'shBrushXml.js',
];
$brushFile = $highlightToBrushFileMap[$_HL] ?? 'shBrushPlain.js';
echo '<script type="text/javascript" src="public/js/SyntaxHighlighter/' . $brushFile . '"></script>';
echo '<link href="' . $BASE_DIR . 'public/css/SyntaxHighlighter/shCore.css" rel="stylesheet" type="text/css">
<link href="' . $BASE_DIR . 'public/css/SyntaxHighlighter/shThemeDefault.css" rel="stylesheet" type="text/css" />';
}
}

145
src/post.php
View File

@ -1,126 +1,51 @@
<?php
include_once "includes/config.php";
function generate_uid () {
$conn = GetConnectionToDB();
$name = '';
// We start at N retries, and --N until we give up
$tries = 500;
do {
// Iterate until we reach the maximum number of retries
if ($tries-- == 0) throw new Exception('Gave up trying to find an unused name', 500);
$chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
$name = '';
for ($i = 0; $i < 8; $i++) {
$name .= $chars[mt_rand(0, 61)];
// $chars string length is hardcoded, should use a variable to store it?
}
// Check if a paste with the same uid does already exist in the database
$q = $conn->prepare('SELECT COUNT(uid) FROM pastes WHERE uid = (:name)');
$q->bindValue(':name', $name, PDO::PARAM_STR);
$q->execute();
$result = $q->fetchColumn();
// If it does, generate a new uid
} while($result > 0);
$conn = null;
return $name;
}
include_once "repositories/paste-repository.php";
$pasteRepo = new PasteRepository();
if(isset($_POST["type"])){
//===New_Paste===//
if($_POST["type"]=="paste" && isset($_POST["text"])){
/* Set paste details */
$title = "Untitled";
if (isset($_POST["type"]) && isset($_POST["text"])) {
// Set paste details
$title = isset($_POST["title"]) && !empty($_POST["title"]) ? $_POST["title"] : "Untitled";
$text = $_POST["text"];
$exposure = 0;
if(isset($_POST["title"]) && $_POST["title"]!="")
$title = $_POST["title"];
if(isset($_POST["exposure"]) && is_numeric($_POST["exposure"]))
$exposure = $_POST["exposure"];
$uid = generate_uid();
$exposure = isset($_POST["exposure"]) && is_numeric($_POST["exposure"]) ? $_POST["exposure"] : 0;
// Common details for both create and edit
$uid = isset($_POST["uid"]) ? $_POST["uid"] : $pasteRepo->generateUniqueUID();
$created = time();
$expire = 0;
if(isset($_POST["expire"]) && is_numeric($_POST["expire"]))
$expire = $created + $_POST["expire"];
$expire = isset($_POST["expire"]) && is_numeric($_POST["expire"]) ? ($created + $_POST["expire"]) : 0;
$owner = 0;
$syntax = "plain";
if(isset($_POST["syntax"]))
$syntax=$_POST["syntax"];
if(isset($_POST["asguest"]) && $_POST["asguest"]=="on")
$syntax = isset($_POST["syntax"]) ? $_POST["syntax"] : "plain";
if (isset($_POST["asguest"]) && $_POST["asguest"] == "on") {
$owner = 0;
else if(isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"])){
} elseif (isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"])) {
include "includes/user.php";
$owner = GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]);
$owner = GetUsersIDBySession($_COOKIE["pp_sid"], $_COOKIE["pp_skey"]);
}
/* Add paste to database */
$conn = GetConnectionToDB();
$QuerySTR = "INSERT INTO pastes (uid,title,text,created,expire,exposure,owner,highlight)
VALUES (:uid, :tit, :txt, :cre, :exp, :exposure, :own, :hl)";
$stmt = $conn->prepare($QuerySTR);
$stmt->bindParam(':exp', $expire);
$stmt->bindParam(':uid', $uid);
$stmt->bindParam(':tit', $title);
$stmt->bindParam(':txt', $text);
$stmt->bindParam(':cre', $created);
$stmt->bindParam(':exposure', $exposure);
$stmt->bindParam(':own', $owner);
$stmt->bindParam(':hl', $syntax);
$stmt->execute();
$conn = null; //close connection to database
header("Location: ".$uid);
die();
} else if($_POST["type"]=="edit_paste" && isset($_POST["text"])){
/* Set paste details */
$title = "Untitled";
$text = $_POST["text"];
$exposure = 0;
if(isset($_POST["title"]))
$title = $_POST["title"];
if(isset($_POST["exposure"]) && is_numeric($_POST["exposure"]))
$exposure = $_POST["exposure"];
$uid = $_POST["uid"];
$created = time();
$expire = 0;
if(isset($_POST["expire"]) && is_numeric($_POST["expire"]))
$expire = $created + $_POST["expire"];
$owner = 0;
$syntax = "plain";
if(isset($_POST["syntax"]))
$syntax=$_POST["syntax"];
if(isset($_POST["asguest"]) && $_POST["asguest"]=="on")
$owner = 0;
else if(isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"])){
include "includes/user.php";
$owner = GetUsersIDBySession($_COOKIE["pp_sid"],$_COOKIE["pp_skey"]);
}
/* Get the owner of the paste */
$paste_owner = 0;
$conn = GetConnectionToDB();
$stmt = $conn->query('SELECT owner FROM pastes WHERE uid="'.$uid.'"');
if($result = $stmt->fetch(PDO::FETCH_ASSOC)){
$paste_owner = $result['owner'];
}
/* Edit paste in database */
if($owner === $paste_owner && $owner !== 0){
$QuerySTR = " UPDATE pastes SET title=:tit,text=:txt,created=:cre,expire=:exp,exposure=:exposure,owner=:own,highlight=:hl
WHERE uid=:uid";
$stmt = $conn->prepare($QuerySTR);
$stmt->bindParam(':exp', $expire);
$stmt->bindParam(':uid', $uid);
$stmt->bindParam(':tit', $title);
$stmt->bindParam(':txt', $text);
$stmt->bindParam(':cre', $created);
$stmt->bindParam(':exposure', $exposure);
$stmt->bindParam(':own', $owner);
$stmt->bindParam(':hl', $syntax);
$stmt->execute();
$conn = null; //close connection to database
header("Location: ".$uid);
die();
if ($_POST["type"] == "paste") {
// Add paste to the database using the repository
$result = $pasteRepo->create($uid, $title, $text, $created, $expire, $exposure, $owner, $syntax);
} elseif ($_POST["type"] == "edit_paste" && isset($_POST["uid"])) {
// Get the owner of the paste from the database
$existingPaste = $pasteRepo->readByUid($uid);
// Edit paste in the database using the repository
if ($owner === $existingPaste["owner"] && $owner !== 0) {
$result = $pasteRepo->update($existingPaste["id"], $uid, $title, $text, $created, $expire, $exposure, $owner, $syntax);
} else {
$conn = null; //close connection to database
echo "<h1>This paste does not belong to you!</h1>";
die();
}
}
if ($result) {
header("Location: " . $uid);
die();
} else {
echo "<h1>Error processing the paste!</h1>";
die();
}
}

228
src/repositories/paste-repository.php Normal file
View File

@ -0,0 +1,228 @@
<?php
include_once "includes/config.php";
class PasteRepository
{
private $conn;
private $table_name = "pastes";
public function __construct()
{
$this->conn = GetConnectionToDB();
}
function __destruct()
{
$this->conn = null;
}
// Create a new paste
public function create($uid, $title, $text, $created, $expire, $exposure, $owner, $highlight)
{
$query = "INSERT INTO " . $this->table_name . "
(uid, title, text, created, expire, exposure, owner, highlight)
VALUES (:uid, :title, :text, :created, :expire, :exposure, :owner, :highlight)";
$stmt = $this->conn->prepare($query);
$stmt->bindParam(":uid", $uid);
$stmt->bindParam(":title", $title);
$stmt->bindParam(":text", $text);
$stmt->bindParam(":created", $created);
$stmt->bindParam(":expire", $expire);
$stmt->bindParam(":exposure", $exposure);
$stmt->bindParam(":owner", $owner);
$stmt->bindParam(":highlight", $highlight);
if ($stmt->execute()) {
return true;
} else {
return false;
}
}
// Read a paste by ID
public function read($id)
{
$query = "SELECT * FROM " . $this->table_name . " WHERE id = :id";
$stmt = $this->conn->prepare($query);
$stmt->bindParam(":id", $id);
$stmt->execute();
return $stmt->fetch(PDO::FETCH_ASSOC);
}
// Read a paste by UID
public function readByUid($uid)
{
$query = "SELECT * FROM " . $this->table_name . " WHERE uid = :uid";
$stmt = $this->conn->prepare($query);
$stmt->bindParam(":uid", $uid);
$stmt->execute();
return $stmt->fetch(PDO::FETCH_ASSOC);
}
// Update a paste
public function update($id, $uid, $title, $text, $created, $expire, $exposure, $owner, $highlight)
{
$query = "UPDATE " . $this->table_name . " SET
uid = :uid,
title = :title,
text = :text,
created = :created,
expire = :expire,
exposure = :exposure,
owner = :owner,
highlight = :highlight
WHERE id = :id";
$stmt = $this->conn->prepare($query);
$stmt->bindParam(":id", $id);
$stmt->bindParam(":uid", $uid);
$stmt->bindParam(":title", $title);
$stmt->bindParam(":text", $text);
$stmt->bindParam(":created", $created);
$stmt->bindParam(":expire", $expire);
$stmt->bindParam(":exposure", $exposure);
$stmt->bindParam(":owner", $owner);
$stmt->bindParam(":highlight", $highlight);
if ($stmt->execute()) {
return true;
} else {
return false;
}
}
// Delete a paste by ID
public function delete($id)
{
$query = "DELETE FROM " . $this->table_name . " WHERE id = :id";
$stmt = $this->conn->prepare($query);
$stmt->bindParam(":id", $id);
if ($stmt->execute()) {
return true;
} else {
return false;
}
}
// Get pastes with a specific exposure value and limit
public function getPastesWithExposure($exposureValue, $limit)
{
$query = "SELECT * FROM " . $this->table_name . " WHERE exposure = :exposureValue ORDER BY id DESC LIMIT :limit";
$stmt = $this->conn->prepare($query);
$stmt->bindParam(":exposureValue", $exposureValue, PDO::PARAM_INT);
$stmt->bindParam(":limit", $limit, PDO::PARAM_INT);
$stmt->execute();
return $stmt->fetchAll(PDO::FETCH_ASSOC);
}
// Remove expired pastes
public function removeExpiredPastes()
{
$time = time();
$query = "DELETE FROM " . $this->table_name . " WHERE `expire` < :time AND `expire` > 0";
$stmt = $this->conn->prepare($query);
$stmt->bindParam(':time', $time, PDO::PARAM_INT);
if ($stmt->execute()) {
return 'OK! 200';
} else {
return 'Error!';
}
}
// Delete a paste by UID and owner
public function deletePasteByUID($uid, $owner)
{
$query = "SELECT * FROM " . $this->table_name . " WHERE uid = :uid";
$stmt = $this->conn->prepare($query);
$stmt->bindParam(':uid', $uid);
$stmt->execute();
if ($stmt->rowCount() > 0) {
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
if ($row['owner'] === $owner) {
$deleteQuery = "DELETE FROM " . $this->table_name . " WHERE id = :id";
$deleteStmt = $this->conn->prepare($deleteQuery);
$deleteStmt->bindParam(':id', $row['id']);
$deleteStmt->execute();
return 'OK! 200';
} else {
return 'You are not the owner of the paste ' . $row['uid'];
}
}
} else {
return 'The paste ' . $uid . ' does not exist';
}
}
// Generate a random unique UID for a new paste
public function generateUniqueUID()
{
$chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
$uid = '';
// Maximum number of retries to find an unused name
$maxRetries = 500;
$tries = $maxRetries;
do {
if ($tries-- === 0) {
throw new Exception('Gave up trying to find an unused name', 500);
}
for ($i = 0; $i < 8; $i++) {
$uid .= $chars[mt_rand(0, 61)];
}
$query = "SELECT COUNT(uid) FROM " . $this->table_name . " WHERE uid = :uid";
$stmt = $this->conn->prepare($query);
$stmt->bindParam(':uid', $uid, PDO::PARAM_STR);
$stmt->execute();
$result = $stmt->fetchColumn();
} while ($result > 0);
return $uid;
}
// Get syntax highlight for a paste by UID
public function getSyntaxHighlightByUID($uid)
{
$query = "SELECT highlight FROM " . $this->table_name . " WHERE uid = :uid";
$stmt = $this->conn->prepare($query);
$stmt->bindParam(':uid', $uid);
$stmt->execute();
if ($stmt->rowCount() > 0) {
$result = $stmt->fetch(PDO::FETCH_ASSOC);
return $result['highlight'];
} else {
return "";
}
}
// Get pastes by owner ID and exposure condition
public function getPastesByOwner($ownerID, $includePrivate = false)
{
$query = "SELECT * FROM " . $this->table_name . " WHERE owner = :ownerID";
if (!$includePrivate) {
$query .= " AND exposure = 0";
}
$query .= " ORDER BY id DESC";
$stmt = $this->conn->prepare($query);
$stmt->bindParam(":ownerID", $ownerID);
$stmt->execute();
return $stmt->fetchAll(PDO::FETCH_ASSOC);
}
}

18
src/views/_layout.php
View File

@ -1,4 +1,6 @@
<?php
include_once "includes/config.php";
if (!isset($content)) {
$content = '<p>no content</p>';
}
@ -12,19 +14,17 @@ if (!isset($content)) {
<meta charset="utf-8">
<?php
echo '<meta name="viewport" content="width=device-width, initial-scale=1">';
$dir = "";
if (isset($_GET["user"]) || isset($_GET["page"]) && $_GET["page"] == "edit") $dir = "../";
echo '<link rel="stylesheet" href="' . $dir . 'public/css/bootstrap.min.css">';
echo '<link rel="stylesheet" href="' . $BASE_DIR . 'public/css/bootstrap.min.css">';
echo '<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.12.0/jquery.min.js"></script>';
echo '<script src="' . $dir . 'public/js/bootstrap.min.js"></script>';
echo '<script type="text/javascript" src="' . $dir . 'public/js/jquery.dynatable.js"></script>';
echo '<link href="' . $dir . 'public/css/jquery.dynatable.css" rel="stylesheet">';
echo '<script src="' . $BASE_DIR . 'public/js/bootstrap.min.js"></script>';
echo '<script type="text/javascript" src="' . $BASE_DIR . 'public/js/jquery.dynatable.js"></script>';
echo '<link href="' . $BASE_DIR . 'public/css/jquery.dynatable.css" rel="stylesheet">';
echo '<link href="' . $dir . 'public/css/chosen.css" rel="stylesheet">';
echo '<script src="' . $dir . 'public/js/chosen.jquery.js" type="text/javascript"></script>';
echo '<script src="' . $dir . 'public/js/chosen.proto.js" type="text/javascript"></script>';
echo '<link href="' . $BASE_DIR . 'public/css/chosen.css" rel="stylesheet">';
echo '<script src="' . $BASE_DIR . 'public/js/chosen.jquery.js" type="text/javascript"></script>';
echo '<script src="' . $BASE_DIR . 'public/js/chosen.proto.js" type="text/javascript"></script>';
echo "<script>$(document).ready(function(){
$('#tablepastes').dynatable();

16
src/views/_navbar.php
View File

@ -1,10 +1,10 @@
<?php include_once "includes/config.php"; ?>
<nav class="navbar navbar-inverse">
<div class="container">
<div class="navbar-header">
<?php
$dir = "";
if (isset($_GET["user"]) || isset($_GET["page"]) && $_GET["page"] == "edit") $dir = "../";
echo '<a class="navbar-brand" href="' . $dir . '.">Palm-Paste</a>';
echo '<a class="navbar-brand" href="' . $BASE_DIR . '.">Palm-Paste</a>';
?>
</div>
<ul class="nav navbar-nav">
@ -15,13 +15,11 @@
<ul class="nav navbar-nav navbar-right">
<?php
include_once "includes/user.php";
$dir = "";
if (isset($_GET["user"]) || isset($_GET["page"]) && $_GET["page"] == "edit") $dir = "../";
$userID = -1;
if (isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"]))
$userID = GetUsersIDBySession($_COOKIE["pp_sid"], $_COOKIE["pp_skey"]);
if ($userID == -1) {
echo "<li><a href=\"" . $dir . "signup\"><span class=\"glyphicon glyphicon-user\"></span> Sign Up</a></li>";
echo "<li><a href=\"" . $BASE_DIR . "signup\"><span class=\"glyphicon glyphicon-user\"></span> Sign Up</a></li>";
echo "<li><a data-toggle=\"modal\" data-target=\"#LoginPopup\" href=\"#\"><span class=\"glyphicon glyphicon-log-in\"></span> Login</a></li>";
} else {
$user = GetUserByID($userID);
@ -29,8 +27,8 @@
<li class="dropdown">
<a class="dropdown-toggle glyphicon glyphicon-user" data-toggle="dropdown" href="#"> ' . htmlspecialchars($user[1], ENT_QUOTES, 'UTF-8') . '<span class="caret"></span></a>
<ul class="dropdown-menu">
<li><a href="' . $dir . 'mypastes">My pastes</a></li>
<li><a href="' . $dir . 'logout">Logout</a></li>
<li><a href="' . $BASE_DIR . 'mypastes">My pastes</a></li>
<li><a href="' . $BASE_DIR . 'logout">Logout</a></li>
</ul>
</li>
';
@ -52,7 +50,7 @@
<div class="modal-body">
<!-- Login form -->
<?php
echo '<form role="form" method="POST" action="' . $dir . 'login">';
echo '<form role="form" method="POST" action="' . $BASE_DIR . 'login">';
?>
<div class="form-group">
<label for="user">Username:</label>

12
src/views/_new-paste.php
View File

@ -12,7 +12,7 @@
<label for="title">Paste title:</label>
<?php
if ($edit_mode == true) {
printf('<input type="title" class="form-control" value="' . $row['title'] . '" id="title" name="title">');
printf('<input type="title" class="form-control" value="' . $pasteInfo['title'] . '" id="title" name="title">');
} else printf('<input type="title" class="form-control" id="title" name="title">');
?>
</div>
@ -20,14 +20,14 @@
<label for="text">New paste:</label>
<?php
if ($edit_mode == true) {
echo '<textarea class="form-control" rows="5" id="text" name="text">' . $row['text'] . '</textarea>';
echo '<textarea class="form-control" rows="5" id="text" name="text">' . $pasteInfo['text'] . '</textarea>';
} else printf('<textarea class="form-control" rows="5" id="text" name="text"></textarea>');
?>
</div>
<?php
if ($edit_mode == true) {
printf("<input type='hidden' name='type' value='edit_paste'></input>");
printf("<input type='hidden' name='uid' value='" . $row['uid'] . "'></input>");
printf("<input type='hidden' name='uid' value='" . $pasteInfo['uid'] . "'></input>");
} else printf("<input type='hidden' name='type' value='paste'></input>");
?>
<div class="container-fluid">
@ -58,7 +58,7 @@
<select data-placeholder="None" class="form-control chosen-select" id="syntax" name="syntax">
<?php
if ($edit_mode == true)
print '<option value="' . $row['highlight'] . '">Current (' . $row['highlight'] . ')</option>';
print '<option value="' . $pasteInfo['highlight'] . '">Current (' . $pasteInfo['highlight'] . ')</option>';
?>
<option value="plain">Plain</option>
<option value="applescript">AppleScript</option>
@ -93,7 +93,7 @@
<select class="form-control" id="exposure" name="exposure">
<?php
print '<option value="0">Public</option>';
if ($edit_mode == true && $row['exposure'] == 1)
if ($edit_mode == true && $pasteInfo['exposure'] == 1)
print '<option selected="selected" value="1">Unlisted</option>';
else print '<option value="1">Unlisted</option>';
include_once "includes/user.php";
@ -103,7 +103,7 @@
if ($userID == -1)
print '<option value="2" disabled>Private (Members only)</option>';
else {
if ($edit_mode === true && $row['exposure'] === 2)
if ($edit_mode === true && $pasteInfo['exposure'] === 2)
print '<option selected="selected" value="2" >Private</option>';
else print '<option value="2" >Private</option>';
}

14
src/views/_recent-pastes.php
View File

@ -3,15 +3,15 @@
<h4>Newest pastes:</h4>
<div class="list-group">
<?php
include_once "includes/config.php";
$conn = GetConnectionToDB();
$stmt = $conn->query('SELECT * FROM pastes WHERE exposure=0 ORDER BY id DESC LIMIT 5');
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
$title = htmlspecialchars($row['title'], ENT_QUOTES, 'UTF-8');
include_once "repositories/paste-repository.php";
$pasteRepo = new PasteRepository();
$pastes = $pasteRepo->getPastesWithExposure(0, 5);
foreach ($pastes as $paste) {
$title = htmlspecialchars($paste['title'], ENT_QUOTES, 'UTF-8');
if (strlen($title) > 25) $title = substr($title, 0, 25) . "...";
echo "<a href=\"" . htmlspecialchars($row['uid'], ENT_QUOTES, 'UTF-8') . "\" class=\"list-group-item\">" . $title . "</a>";
echo "<a href=\"" . htmlspecialchars($paste['uid'], ENT_QUOTES, 'UTF-8') . "\" class=\"list-group-item\">" . $title . "</a>";
}
$conn = null;
?>
</div>
</div>

25
src/views/edit.php
View File

@ -6,28 +6,25 @@
include_once "includes/user.php";
$uid = GetUsersIDBySession($_COOKIE["pp_sid"], $_COOKIE["pp_skey"]);
$paste = $_GET['id'];
//connect to db and get paste info
$conn = GetConnectionToDB();
$stmt = $conn->prepare('SELECT * FROM pastes WHERE uid=:uid');
$stmt->bindParam(':uid', $paste);
$stmt->execute();
if ($stmt->rowCount() > 0) {
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
if ($row['owner'] === $uid) {
include_once "repositories/paste-repository.php";
$pasteRepo = new PasteRepository();
// Get paste info
$pasteInfo = $pasteRepo->readByUid($paste);
if ($pasteInfo) {
if ($pasteInfo['owner'] === $uid) {
include "views/_new-paste.php";
} else {
$conn = null;
echo '<center><h4>You are not the owner of the paste ' . $row["uid"] . '</h4></center>';
echo '<center><h4>You are not the owner of the paste ' . $pasteInfo["uid"] . '</h4></center>';
echo '<meta http-equiv="refresh" content="2;url=../index.php">';
die();
}
}
} else {
$conn = null;
echo '<center><h4>The paste ' . $row["uid"] . ' does not exist</h4></center>';
echo '<center><h4>The paste ' . $paste . ' does not exist</h4></center>';
echo '<meta http-equiv="refresh" content="2;url=../index.php">';
}
$conn = null;
}
?>
</div>

84
src/views/my-pastes.php
View File

@ -4,56 +4,60 @@
<?php
include_once "includes/config.php";
include_once "includes/user.php";
$conn = GetConnectionToDB();
include_once "repositories/paste-repository.php";
$pasteRepo = new PasteRepository();
if (GetUsersIDBySession($_COOKIE["pp_sid"], $_COOKIE["pp_skey"]) == -1) {
printf('<h2>You must be loged in to see your pastes!</h2>');
$conn = null;
echo '<h2>You must be logged in to see your pastes!</h2>';
echo '</div></div></div>';
die();
}
$stmt = $conn->prepare('SELECT * FROM pastes WHERE owner=:own');
$own = GetUsersIDBySession($_COOKIE["pp_sid"], $_COOKIE["pp_skey"]);
$stmt->bindParam(':own', $own);
$stmt->execute();
if ($stmt->rowCount() > 0) {
echo "<table id=\"tablepastes\" class=\"table table-striped\" style=\"width:100%\">";
printf('<thead><th data-dynatable-column="name" style="text-align: left;">Title</th>
$pastes = $pasteRepo->getPastesByOwner($own, true);
if (!empty($pastes)) {
echo '<table id="tablepastes" class="table table-striped" style="width:100%">';
echo '<thead><th data-dynatable-column="name" style="text-align: left;">Title</th>
<th style="text-align: left;">Added</th>
<th style="text-align: left;">Expires</th>
<th style="text-align: left;">ID</th>
<th style="text-align: left;">Actions</th></thead>');
printf('<tbody>');
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
$title = $row['title'];
//Paste title
printf('<tr><td style="text-align: left;">' . htmlspecialchars($row["title"], ENT_QUOTES, 'UTF-8') . '</td>');
//Creation date
printf('<td style="text-align: left;">' . date('Y-m-d', $row["created"]) . '</td>');
//Expire date
if ($row["expire"] == 0) printf('<td style="text-align: left;">Never</td>');
else {
$expire = ($row["expire"] - time()) / 3600;
if ($expire > 24) {
printf('<td style="text-align: left;">' . round($expire / 24) . ' days from now</td>');
} else if ($expire >= 1)
printf('<td style="text-align: left;">' . round($expire) . ' hours from now</td>');
else printf('<td style="text-align: left;">' . round($expire * 60) . ' minutes from now</td>');
}
//Paste url
printf('<td style="text-align: right;"><a href="' . htmlspecialchars($row["uid"], ENT_QUOTES, 'UTF-8') . '">' . htmlspecialchars($row["uid"], ENT_QUOTES, 'UTF-8') . '</a></td>');
//Actions
printf('<td style="text-align: right;">');
//delete paste
printf('<a href="delete/' . htmlspecialchars($row["uid"], ENT_QUOTES, 'UTF-8') . '"><span class="glyphicon glyphicon-trash" title="Delete paste" aria-hidden="true"></span>');
//edit paste
printf('<a href="edit/' . htmlspecialchars($row["uid"], ENT_QUOTES, 'UTF-8') . '"><span class="glyphicon glyphicon-edit" title="Edit paste" aria-hidden="true"></span>');
printf('</td></tr>');
}
printf('</tbody></talbe>');
<th style="text-align: left;">Actions</th></thead>';
echo '<tbody>';
foreach ($pastes as $row) {
$title = htmlspecialchars($row['title'], ENT_QUOTES, 'UTF-8');
$created = date('Y-m-d', $row["created"]);
if ($row["expire"] == 0) {
$expire = 'Never';
} else {
printf('<h2>You havent made any pastes yet!</h2>');
$expireInSeconds = $row["expire"] - time();
if ($expireInSeconds > 24 * 3600) {
$expire = round($expireInSeconds / (24 * 3600)) . ' days from now';
} elseif ($expireInSeconds >= 3600) {
$expire = round($expireInSeconds / 3600) . ' hours from now';
} else {
$expire = round($expireInSeconds / 60) . ' minutes from now';
}
}
echo '<tr>';
echo '<td style="text-align: left;">' . $title . '</td>';
echo '<td style="text-align: left;">' . $created . '</td>';
echo '<td style="text-align: left;">' . $expire . '</td>';
echo '<td style="text-align: right;"><a href="' . htmlspecialchars($row["uid"], ENT_QUOTES, 'UTF-8') . '">' . htmlspecialchars($row["uid"], ENT_QUOTES, 'UTF-8') . '</a></td>';
echo '<td style="text-align: right;">';
echo '<a href="delete/' . htmlspecialchars($row["uid"], ENT_QUOTES, 'UTF-8') . '"><span class="glyphicon glyphicon-trash" title="Delete paste" aria-hidden="true"></span></a>';
echo '<a href="edit/' . htmlspecialchars($row["uid"], ENT_QUOTES, 'UTF-8') . '"><span class="glyphicon glyphicon-edit" title="Edit paste" aria-hidden="true"></span></a>';
echo '</td></tr>';
}
echo '</tbody></table>';
} else {
echo '<h2>You haven\'t made any pastes yet!</h2>';
}
$conn = null;
?>
</div>
</div>

55
src/views/user.php
View File

@ -4,48 +4,57 @@
<?php
include_once "includes/config.php";
include_once "includes/user.php";
$conn = GetConnectionToDB();
$ownerID = GetUserIDByName($_GET["user"]);
include_once "repositories/paste-repository.php";
$pasteRepo = new PasteRepository();
$ownerName = $_GET["user"];
$ownerID = GetUserIDByName($ownerName);
if ($ownerID != -1) {
//== Print user info ==//
$owner = GetUserByID($ownerID);
printf('<h2>' . $owner["user"] . '\'s profile</h2>');
//== Print pastes ==//
$query = "SELECT * FROM pastes WHERE owner=:own AND exposure=0";
if (GetUsersIDBySession($_COOKIE["pp_sid"], $_COOKIE["pp_skey"]) == $ownerID) $query = "SELECT * FROM pastes WHERE owner=:own";
$stmt = $conn->prepare($query);
$stmt->bindParam(':own', $ownerID);
$stmt->execute();
if ($stmt->rowCount() > 0) {
$pastes = $pasteRepo->getPastesByOwner($ownerID, isset($_COOKIE["pp_sid"]) ? true : false);
if (!empty($pastes)) {
echo "<table id=\"tablepastes\" class=\"table table-striped\" style=\"width:100%\">";
printf('<thead><th data-dynatable-column="name" style="text-align: left;">Title</th>
<th style="text-align: left;">Added</th>
<th style="text-align: left;">Expires</th>
<th style="text-align: left;">ID</th></thead>');
printf('<tbody>');
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
$title = $row['title'];
printf('<tr><td style="text-align: left;">' . htmlspecialchars($row["title"], ENT_QUOTES, 'UTF-8') . '</td>');
printf('<td style="text-align: left;">' . date('Y-m-d', $row["created"]) . '</td>');
if ($row["expire"] == 0) printf('<td style="text-align: left;">Never</td>');
else {
$expire = ($row["expire"] - time()) / 3600;
foreach ($pastes as $paste) {
$title = $paste['title'];
printf('<tr><td style="text-align: left;">' . htmlspecialchars($paste["title"], ENT_QUOTES, 'UTF-8') . '</td>');
printf('<td style="text-align: left;">' . date('Y-m-d', $paste["created"]) . '</td>');
if ($paste["expire"] == 0) {
printf('<td style="text-align: left;">Never</td>');
} else {
$expire = ($paste["expire"] - time()) / 3600;
if ($expire > 24) {
printf('<td style="text-align: left;">' . round($expire / 24) . ' days from now</td>');
} else if ($expire >= 1)
} else if ($expire >= 1) {
printf('<td style="text-align: left;">' . round($expire) . ' hours from now</td>');
else printf('<td style="text-align: left;">' . round($expire * 60) . ' minutes from now</td>');
} else {
printf('<td style="text-align: left;">' . round($expire * 60) . ' minutes from now</td>');
}
printf('<td style="text-align: right;"><a href="../' . htmlspecialchars($row["uid"], ENT_QUOTES, 'UTF-8') . '">' . htmlspecialchars($row["uid"], ENT_QUOTES, 'UTF-8') . '</a></td></tr>');
}
printf('</tbody></talbe>');
printf('<td style="text-align: right;"><a href="../' . htmlspecialchars($paste["uid"], ENT_QUOTES, 'UTF-8') . '">' . htmlspecialchars($paste["uid"], ENT_QUOTES, 'UTF-8') . '</a></td></tr>');
}
printf('</tbody></table>');
} else {
printf('<h2>This user has no public pastes!</h2>');
}
} else printf('<h2>User does not exist!</h2>');
$conn = null;
} else {
printf('<h2>User does not exist!</h2>');
}
?>
</div>
</div>

64
src/views/view-paste.php
View File

@ -5,47 +5,63 @@
if (isset($uid)) {
include_once "includes/config.php";
include_once "includes/user.php";
$conn = GetConnectionToDB();
$stmt = $conn->query('SELECT * FROM pastes WHERE uid="' . $uid . '"');
if ($result = $stmt->fetch(PDO::FETCH_ASSOC)) {
$conn = null;
if ($result["expire"] != 0 && $result["expire"] < time()) {
//This paste is expired but not removed
include_once "repositories/paste-repository.php";
$pasteRepo = new PasteRepository();
$paste = $pasteRepo->readByUid($uid);
if ($paste) {
if ($paste["expire"] != 0 && $paste["expire"] < time()) {
// This paste is expired but not removed
echo "<h1>This paste just expired</h1>";
include_once "cronjob.php";
RemoveExpiredPastes();
$result = $pasteRepo->removeExpiredPastes();
if ($result === 'OK! 200') {
echo 'Expired pastes have been removed';
} else {
echo 'Error removing expired pastes';
}
die();
}
if ($result["exposure"] == 2 && $result["owner"] != 0 && isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"]) && $result["owner"] != GetUsersIDBySession($_COOKIE["pp_sid"], $_COOKIE["pp_skey"])) {
if ($paste["exposure"] == 2 && $paste["owner"] != 0 && isset($_COOKIE["pp_sid"]) && isset($_COOKIE["pp_skey"]) && $paste["owner"] != GetUsersIDBySession($_COOKIE["pp_sid"], $_COOKIE["pp_skey"])) {
echo "<h1>This paste is private</h1>";
die();
}
echo "<h1>" . htmlspecialchars($result["title"], ENT_QUOTES, 'UTF-8') . "</h1>";
//
$owner = GetUserByID($result["owner"]);
echo "<h1>" . htmlspecialchars($paste["title"], ENT_QUOTES, 'UTF-8') . "</h1>";
$owner = GetUserByID($paste["owner"]);
echo "<h5>";
if ($owner[1] == -1)
echo "Posted by: <b>Guest</b>";
else echo "Posted by: <b><a href=\"u/" . htmlspecialchars($owner[1]) . "\">" . htmlspecialchars($owner[1]) . "</a></b>";
echo ", at " . date('Y-m-d', $result["created"]) . ", it will expire <b>";
if ($result["expire"] == 0) printf('Never');
else {
$expire = ($result["expire"] - time()) / 3600;
else
echo "Posted by: <b><a href=\"u/" . htmlspecialchars($owner[1]) . "\">" . htmlspecialchars($owner[1]) . "</a></b>";
echo ", at " . date('Y-m-d', $paste["created"]) . ", it will expire <b>";
if ($paste["expire"] == 0) {
printf('Never');
} else {
$expire = ($paste["expire"] - time()) / 3600;
if ($expire > 24) {
printf(round($expire / 24) . ' days from now');
} else if ($expire >= 1)
} elseif ($expire >= 1) {
printf(round($expire) . ' hours from now');
else printf(round($expire * 60) . ' minutes from now');
} else {
printf(round($expire * 60) . ' minutes from now');
}
}
echo "</b></h5>";
//
echo "<pre class=\"brush: " . $_HL . "\">";
echo htmlspecialchars($result["text"], ENT_QUOTES, 'UTF-8') . "</pre><pb>";
echo htmlspecialchars($paste["text"], ENT_QUOTES, 'UTF-8') . "</pre><pb>";
echo "<label for=\"rawtext\">Raw text:</label>";
echo "<textarea id=\"rawtext\" class=\"form-control\" rows=\"10\">" . htmlspecialchars($result["text"], ENT_QUOTES, 'UTF-8') . "</textarea>";
} else echo "Paste does not exist";
echo "<textarea id=\"rawtext\" class=\"form-control\" rows=\"10\">" . htmlspecialchars($paste["text"], ENT_QUOTES, 'UTF-8') . "</textarea>";
} else {
echo "Paste does not exist";
}
$conn = null;
} else echo "Error: id not set";
} else {
echo "Error: id not set";
}
?>
<script type="text/javascript">
SyntaxHighlighter.all()