george/PrivateBin
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: george:master
Branches Tags
george:master george:jdenticons-test george:bin george:php8 george:serverside_yourls george:dependabot/npm_and_yarn/js/jsdom-16.5.0 george:experiment-showdown-2 george:wasm-streaming george:siftleft-scan george:paste-manager george:fixEncoding george:1.2-backport george:challenge-response-api george:php-unit-testing
george:1.4.0 george:1.3.5 george:1.3.4 george:1.3.3 george:1.2.3 george:1.3.2 george:1.2.2 george:1.3.1 george:1.3 george:1.2.1 george:1.2 george:1.1.1 george:1.1 george:1.0 george:0.22 george:0.21.1 george:0.21 george:0.20 george:0.19 george:0.18
...
compare: george:1.1.1
Branches Tags
george:jdenticons-test george:master george:bin george:php8 george:serverside_yourls george:dependabot/npm_and_yarn/js/jsdom-16.5.0 george:experiment-showdown-2 george:wasm-streaming george:siftleft-scan george:paste-manager george:fixEncoding george:1.2-backport george:challenge-response-api george:php-unit-testing
george:1.4.0 george:1.3.5 george:1.3.4 george:1.3.3 george:1.2.3 george:1.3.2 george:1.2.2 george:1.3.1 george:1.3 george:1.2.1 george:1.2 george:1.1.1 george:1.1 george:1.0 george:0.22 george:0.21.1 george:0.21 george:0.20 george:0.19 george:0.18

17 Commits
master ... 1.1.1

Author SHA1 Message Date
El RIDO
978ab1a59f adapting configuration test generator to new INI model and point release support 2017-10-08 12:27:37 +02:00
El RIDO
f94f61a8c6 PHP < 5.6 compatibility and StyleCI recommendations 2017-10-08 11:31:41 +02:00
El RIDO
6b87a6e0e1 implemented JSON file conversion on purge and storage in PHP files for data leak protection 2017-10-08 11:03:17 +02:00
El RIDO
e326310c57 wrote a unit test to generate old style pastes and comments and check that the purge converts them to PHP files 2017-10-08 07:46:28 +02:00
El RIDO
22a061e01e adding correct HTTP error to response, as per @rugk's recommentation 2017-10-08 07:03:53 +02:00
El RIDO
b88d22a06a removing dead code 2017-10-04 22:06:39 +02:00
El RIDO
098ff786c8 making StyleCI happy 2017-10-04 22:02:27 +02:00
El RIDO
9215a9617e implemented INI cenversion functionality 2017-10-04 21:55:03 +02:00
El RIDO
7911b4f6a0 adding test for INI config file conversion 2017-10-04 20:31:37 +02:00
El RIDO
cfa8c83d61 updating SRI hashes 2017-10-04 20:27:43 +02:00
El RIDO
8c328aa9cf updated documentation, incremented version 2017-10-04 20:05:46 +02:00
El RIDO
9744c02b04 disabling two new options that do no match our style guidelines 2017-10-03 20:49:36 +02:00
El RIDO
3abb333d0b make travis use phpunit < 6 to avoid failing builds for PHP 7, see: https://github.com/travis-ci/travis-ci/issues/7226#issuecomment-285852088 2017-10-03 20:44:26 +02:00
El RIDO
0eaf803490 ask composer in TravisCI to use an oauth token to avoid rate limiting 2017-10-03 20:34:39 +02:00
El RIDO
dd32156c9b hiding INI contents from StyleCI 2017-10-03 20:33:24 +02:00
rugk
bb639d7894 changes the file extension to php and adds a small one-liner to stop PHP from presenting the file to any website visitor 
Signed-off-by: El RIDO <elrido@gmx.net>
 2017-10-03 20:03:00 +02:00
El RIDO
2c8a4c631b updating unit test in preparation for planned file name change, currently failing 2017-10-03 19:45:47 +02:00
45 changed files with 348 additions and 235 deletions
Expand all files Collapse all files

2
.styleci.yml
View File

@@ -11,6 +11,8 @@ enabled:
disabled:
- blank_line_after_opening_tag
- blank_line_before_return
- blank_line_before_throw
- blank_line_before_try
- concat_without_spaces
- declare_equal_normalize
- heredoc_to_nowdoc

3
.travis.yml
View File

@@ -6,10 +6,11 @@ php:
- 7.0
before_script:
- composer config -g github-oauth.github.com "$GITHUB_TOKEN"
- composer install -n
script:
- cd tst && phpunit
- cd tst && ../vendor/bin/phpunit
after_script:
- cd ..

2
CHANGELOG.md
View File

@@ -1,5 +1,7 @@
# PrivateBin version history
* **1.1.1 (2017-10-06)**
* CHANGED: Switched to `.php` file extension for configuration file, to avoid leaking configuration data in unprotected installation.
* **1.1 (2016-12-26)**
* ADDED: Translations for Italian and Russian
* ADDED: Loading message displayed until decryption succeeded for slower (in terms of CPU or network) systems

138
INSTALL.md
View File

@@ -3,14 +3,15 @@
**TL;DR:** Download the
[latest release archive](https://github.com/PrivateBin/PrivateBin/releases/latest)
and extract it in your web hosts folder where you want to install your PrivateBin
instance. We try to provide a safe default configuration, but we advise you to
check the options and adjust them as you see fit.
instance. We try to provide a mostly safe default configuration, but we urge you to
check the [security section](#hardening-and-security) below and the [configuration
options](#configuration) to adjust as you see fit.
## Basic installation
**NOTE:** See [our FAQ](https://github.com/PrivateBin/PrivateBin/wiki/FAQ#how-can-i-securely-clonedownload-your-project) for information how to securely download the PrivateBin release files.
### Requirements
### Minimal requirements
- PHP version 5.3 or above
- PHP version 5.4 or above
- _one_ of the following sources of cryptographically safe randomness is required:
- PHP 7 or higher
- [Libsodium](https://download.libsodium.org/libsodium/content/installation/) and it's [PHP extension](https://paragonie.com/book/pecl-libsodium/read/00-intro.md#installing-libsodium)
@@ -20,37 +21,11 @@ check the options and adjust them as you see fit.
Mcrypt needs to be able to access `/dev/urandom`. This means if `open_basedir` is set, it must include this file.
- GD extension
- some disk space or (optional) a database supported by [PDO](https://secure.php.net/manual/book.pdo.php)
- ability to create files and folders in the installation directory and the PATH
- some disk space or (optionally) a database supported by [PDO](https://secure.php.net/manual/book.pdo.php)
- ability to create files and folders in the installation directory and the PATH defined in index.php
- A web browser with javascript support
### Configuration
In the file `cfg/conf.ini` you can configure PrivateBin. A `cfg/conf.ini.sample`
is provided containing all options and default values. You can copy it to
`cfg/conf.ini` and adapt it as needed. The config file is divided into multiple
sections, which are enclosed in square brackets.
In the `[main]` section you can enable or disable the discussion feature, set
the limit of stored pastes and comments in bytes. The `[traffic]` section lets
you set a time limit in seconds. Users may not post more often then this limit
to your PrivateBin installation.
More details can be found in the
[configuration documentation](https://github.com/PrivateBin/PrivateBin/wiki/Configuration).
## Further configuration
After (or before) setting up PrivateBin, also set up HTTPS, as without HTTPS
PrivateBin is not secure. (
[More information](https://github.com/PrivateBin/PrivateBin/wiki/FAQ#how-should-i-setup-https))
If you want to use PrivateBin behind Cloudflare, make sure you disabled Rocket
loader and unchecked "Javascript" for Auto Minify, found in your domain settings,
under "Speed". (More information
[in this FAQ entry](https://github.com/PrivateBin/PrivateBin/wiki/FAQ#user-content-how-to-make-privatebin-work-when-using-cloudflare-for-ddos-protection))
## Advanced installation
## Hardening and security
### Changing the path
@@ -75,6 +50,29 @@ process (see also
> PrivateBin will look for your includes / data here:
> /home/example.com/secret/privatebin
### Transport security
When setting up PrivateBin, also set up HTTPS, if you haven't already. Without HTTPS
PrivateBin is not secure, as the javascript files could be manipulated during transmission.
For more information on this, see our [FAQ entry on HTTPS setup](https://github.com/PrivateBin/PrivateBin/wiki/FAQ#how-should-i-setup-https).
## Configuration
In the file `cfg/conf.php` you can configure PrivateBin. A `cfg/conf.sample.php`
is provided containing all options and default values. You can copy it to
`cfg/conf.php` and adapt it as needed. The config file is divided into multiple
sections, which are enclosed in square brackets.
In the `[main]` section you can enable or disable the discussion feature, set
the limit of stored pastes and comments in bytes. The `[traffic]` section lets
you set a time limit in seconds. Users may not post more often then this limit
to your PrivateBin installation.
More details can be found in the
[configuration documentation](https://github.com/PrivateBin/PrivateBin/wiki/Configuration).
## Advanced installation
### Web server configuration
A `robots.txt` file is provided in the root dir of PrivateBin. It disallows all
@@ -88,6 +86,13 @@ some known robots and link-scanning bots. If you use Apache, you can rename the
file to `.htaccess` to enable this feature. If you use another webserver, you
have to configure it manually to do the same.
### On using Cloudflare
If you want to use PrivateBin behind Cloudflare, make sure you have disabled the Rocket
loader and unchecked "Javascript" for Auto Minify, found in your domain settings,
under "Speed". (More information
[in this FAQ entry](https://github.com/PrivateBin/PrivateBin/wiki/FAQ#user-content-how-to-make-privatebin-work-when-using-cloudflare-for-ddos-protection))
### Using a database instead of flat files
In the configuration file the `[model]` and `[model_options]` sections let you
@@ -115,34 +120,39 @@ The table prefix option is called `tbl`.
> know.
For reference or if you want to create the table schema for yourself (replace
`prefix_` with your own table prefix):
`prefix_` with your own table prefix and create the table schema with phpMyAdmin
or the MYSQL console):
CREATE TABLE prefix_paste (
dataid CHAR(16) NOT NULL,
data BLOB,
postdate INT,
expiredate INT,
opendiscussion INT,
burnafterreading INT,
meta TEXT,
attachment MEDIUMBLOB,
attachmentname BLOB,
PRIMARY KEY (dataid)
);
CREATE TABLE prefix_comment (
dataid CHAR(16),
pasteid CHAR(16),
parentid CHAR(16),
data BLOB,
nickname BLOB,
vizhash BLOB,
postdate INT,
PRIMARY KEY (dataid)
);
CREATE INDEX parent ON prefix_comment(pasteid);
CREATE TABLE prefix_config (
id CHAR(16) NOT NULL, value TEXT, PRIMARY KEY (id)
);
INSERT INTO prefix_config VALUES('VERSION', '1.1');
```sql
CREATE TABLE prefix_paste (
dataid CHAR(16) NOT NULL,
data BLOB,
postdate INT,
expiredate INT,
opendiscussion INT,
burnafterreading INT,
meta TEXT,
attachment MEDIUMBLOB,
attachmentname BLOB,
PRIMARY KEY (dataid)
);
CREATE TABLE prefix_comment (
dataid CHAR(16),
pasteid CHAR(16),
parentid CHAR(16),
data BLOB,
nickname BLOB,
vizhash BLOB,
postdate INT,
PRIMARY KEY (dataid)
);
CREATE INDEX parent ON prefix_comment(pasteid);
CREATE TABLE prefix_config (
id CHAR(16) NOT NULL, value TEXT, PRIMARY KEY (id)
);
INSERT INTO prefix_config VALUES('VERSION', '1.1');
```
In PostgreSQL, the attachment column needs to be TEXT and not BLOB or MEDIUMBLOB.

2
README.md
View File

@@ -7,7 +7,7 @@
[![Codacy Badge](https://api.codacy.com/project/badge/Coverage/094500f62abf4c9aa0c8a8a4520e4789)](https://www.codacy.com/app/PrivateBin/PrivateBin)
[![Test Coverage](https://codeclimate.com/github/PrivateBin/PrivateBin/badges/coverage.svg)](https://codeclimate.com/github/PrivateBin/PrivateBin/coverage) [![Code Coverage](https://scrutinizer-ci.com/g/PrivateBin/PrivateBin/badges/coverage.png?b=master)](https://scrutinizer-ci.com/g/PrivateBin/PrivateBin/?branch=master)
*Current version: 1.1*
*Current version: 1.1.1*
**PrivateBin** is a minimalist, open source online pastebin where the server has
zero knowledge of pasted data.

1
cfg/conf.ini.sample → cfg/conf.sample.php
View File

@@ -1,3 +1,4 @@
;<?php http_response_code(403); /*
; config file for PrivateBin
;
; An explanation of each setting can be find online at https://github.com/PrivateBin/PrivateBin/wiki/Configuration.

3
composer.json
View File

@@ -24,7 +24,8 @@
},
"require-dev": {
"codacy/coverage": "dev-master",
"codeclimate/php-test-reporter": "dev-master"
"codeclimate/php-test-reporter": "dev-master",
"phpunit/phpunit": "^4.6 || ^5.0"
},
"autoload": {
"psr-4": {

2
css/bootstrap/privatebin.css
View File

@@ -6,7 +6,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.1
* @version 1.1.1
*/
body {

2
css/noscript.css
View File

@@ -6,7 +6,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.0
* @version 1.1.1
*/
/* When there is no script at all other */

2
css/privatebin.css
View File

@@ -6,7 +6,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.1
* @version 1.1.1
*/
/* CSS Reset from YUI 3.4.1 (build 4118) - Copyright 2011 Yahoo! Inc. All rights reserved.

2
js/privatebin.js
View File

@@ -6,7 +6,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.1
* @version 1.1.1
*/
'use strict';

40
lib/Configuration.php
View File

@@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.1
* @version 1.1.1
*/
namespace PrivateBin;
@@ -22,6 +22,13 @@ use PDO;
*/
class Configuration
{
/**
* First line in INI file, to hide contents
*
* @const string
*/
const PROTECTION_LINE = ';<?php http_response_code(403); /*';
/**
* parsed configuration
*
@@ -98,7 +105,35 @@ class Configuration
public function __construct()
{
$config = array();
$configFile = PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.ini';
$configFile = PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.php';
$configIni = PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.ini';
// rename INI files to avoid configuration leakage
if (is_readable($configIni)) {
$context = stream_context_create();
// don't overwrite already converted file
if (!is_file($configFile)) {
$iniHandle = fopen($configIni, 'r', false, $context);
file_put_contents($configFile, self::PROTECTION_LINE . PHP_EOL);
file_put_contents($configFile, $iniHandle, FILE_APPEND);
fclose($iniHandle);
}
unlink($configIni);
// cleanup sample, too
$configSample = PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.sample.php';
$configIniSample = PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.ini.sample';
if (is_readable($configIniSample)) {
if (!is_readable($configSample)) {
$iniSampleHandle = fopen($configIniSample, 'r', false, $context);
file_put_contents($configSample, self::PROTECTION_LINE . PHP_EOL);
file_put_contents($configSample, $iniSampleHandle, FILE_APPEND);
fclose($iniSampleHandle);
}
unlink($configIniSample);
}
}
if (is_readable($configFile)) {
$config = parse_ini_file($configFile, true);
foreach (array('main', 'model', 'model_options') as $section) {
@@ -107,6 +142,7 @@ class Configuration
}
}
}
$opts = '_options';
foreach (self::getDefaults() as $section => $values) {
// fill missing sections with default values

2
lib/Data/AbstractData.php
View File

@@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.1
* @version 1.1.1
*/
namespace PrivateBin\Data;

7
lib/Data/Database.php
View File

@@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.1
* @version 1.1.1
*/
namespace PrivateBin\Data;
@@ -699,9 +699,8 @@ class Database extends AbstractData
'CREATE INDEX IF NOT EXISTS comment_parent ON ' .
self::_sanitizeIdentifier('comment') . '(pasteid);'
);
// no break, continue with updates for 0.22
case '0.22':
case '1.0':
// no break, continue with updates for 0.22 and later
default:
self::_exec(
'UPDATE ' . self::_sanitizeIdentifier('config') .
' SET value = ? WHERE id = ?',

90
lib/Data/Filesystem.php
View File

@@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.1
* @version 1.1.1
*/
namespace PrivateBin\Data;
@@ -22,6 +22,13 @@ use PrivateBin\Model\Paste;
*/
class Filesystem extends AbstractData
{
/**
* First line in JSON files, to hide contents
*
* @const string
*/
const PROTECTION_LINE = '<?php http_response_code(403); /*';
/**
* directory where data is stored
*
@@ -68,13 +75,13 @@ class Filesystem extends AbstractData
public function create($pasteid, $paste)
{
$storagedir = self::_dataid2path($pasteid);
if (is_file($storagedir . $pasteid)) {
if (is_file($storagedir . $pasteid . '.php')) {
return false;
}
if (!is_dir($storagedir)) {
mkdir($storagedir, 0700, true);
}
return (bool) file_put_contents($storagedir . $pasteid, Json::encode($paste));
return (bool) file_put_contents($storagedir . $pasteid . '.php', self::PROTECTION_LINE . PHP_EOL . Json::encode($paste));
}
/**
@@ -89,9 +96,7 @@ class Filesystem extends AbstractData
if (!$this->exists($pasteid)) {
return false;
}
$paste = json_decode(
file_get_contents(self::_dataid2path($pasteid) . $pasteid)
);
$paste = self::_decodeFile(self::_dataid2path($pasteid) . $pasteid . '.php');
if (property_exists($paste->meta, 'attachment')) {
$paste->attachment = $paste->meta->attachment;
unset($paste->meta->attachment);
@@ -115,8 +120,8 @@ class Filesystem extends AbstractData
$pastedir = self::_dataid2path($pasteid);
if (is_dir($pastedir)) {
// Delete the paste itself.
if (is_file($pastedir . $pasteid)) {
unlink($pastedir . $pasteid);
if (is_file($pastedir . $pasteid . '.php')) {
unlink($pastedir . $pasteid . '.php');
}
// Delete discussion if it exists.
@@ -144,7 +149,41 @@ class Filesystem extends AbstractData
*/
public function exists($pasteid)
{
return is_file(self::_dataid2path($pasteid) . $pasteid);
$basePath = self::_dataid2path($pasteid) . $pasteid;
$pastePath = $basePath . '.php';
// convert to PHP protected files if needed
if (is_readable($basePath)) {
$context = stream_context_create();
// don't overwrite already converted file
if (!is_file($pastePath)) {
$handle = fopen($basePath, 'r', false, $context);
file_put_contents($pastePath, self::PROTECTION_LINE . PHP_EOL);
file_put_contents($pastePath, $handle, FILE_APPEND);
fclose($handle);
}
unlink($basePath);
// convert comments, too
$discdir = self::_dataid2discussionpath($pasteid);
if (is_dir($discdir)) {
$dir = dir($discdir);
while (false !== ($filename = $dir->read())) {
if (substr($filename, -4) !== '.php' && strlen($filename) >= 16) {
$commentFilename = $discdir . $filename . '.php';
// don't overwrite already converted file
if (!is_file($commentFilename)) {
$handle = fopen($discdir . $filename, 'r', false, $context);
file_put_contents($commentFilename, self::PROTECTION_LINE . PHP_EOL);
file_put_contents($commentFilename, $handle, FILE_APPEND);
fclose($handle);
}
unlink($discdir . $filename);
}
}
$dir->close();
}
}
return is_readable($pastePath);
}
/**
@@ -161,14 +200,14 @@ class Filesystem extends AbstractData
public function createComment($pasteid, $parentid, $commentid, $comment)
{
$storagedir = self::_dataid2discussionpath($pasteid);
$filename = $pasteid . '.' . $commentid . '.' . $parentid;
$filename = $pasteid . '.' . $commentid . '.' . $parentid . '.php';
if (is_file($storagedir . $filename)) {
return false;
}
if (!is_dir($storagedir)) {
mkdir($storagedir, 0700, true);
}
return (bool) file_put_contents($storagedir . $filename, Json::encode($comment));
return (bool) file_put_contents($storagedir . $filename, self::PROTECTION_LINE . PHP_EOL . Json::encode($comment));
}
/**
@@ -183,15 +222,14 @@ class Filesystem extends AbstractData
$comments = array();
$discdir = self::_dataid2discussionpath($pasteid);
if (is_dir($discdir)) {
// Delete all files in discussion directory
$dir = dir($discdir);
while (false !== ($filename = $dir->read())) {
// Filename is in the form pasteid.commentid.parentid:
// Filename is in the form pasteid.commentid.parentid.php:
// - pasteid is the paste this reply belongs to.
// - commentid is the comment identifier itself.
// - parentid is the comment this comment replies to (It can be pasteid)
if (is_file($discdir . $filename)) {
$comment = json_decode(file_get_contents($discdir . $filename));
$comment = self::_decodeFile($discdir . $filename);
$items = explode('.', $filename);
// Add some meta information not contained in file.
$comment->id = $items[1];
@@ -223,7 +261,7 @@ class Filesystem extends AbstractData
{
return is_file(
self::_dataid2discussionpath($pasteid) .
$pasteid . '.' . $commentid . '.' . $parentid
$pasteid . '.' . $commentid . '.' . $parentid . '.php'
);
}
@@ -263,7 +301,14 @@ class Filesystem extends AbstractData
continue;
}
$thirdLevel = array_filter(
scandir($path),
array_map(
function ($filename) {
return strlen($filename) >= 20 ?
substr($filename, 0, -4) :
$filename;
},
scandir($path)
),
'PrivateBin\\Model\\Paste::isValidId'
);
if (count($thirdLevel) == 0) {
@@ -378,4 +423,17 @@ class Filesystem extends AbstractData
{
return (bool) preg_match('/^[a-f0-9]{2}$/', $element);
}
/**
* Decodes a paste or comment file.
*
* @access private
* @static
* @param string $file
* @return array
*/
private static function _decodeFile($file)
{
return json_decode(substr(file_get_contents($file), strlen(self::PROTECTION_LINE . PHP_EOL)));
}
}

2
lib/Filter.php
View File

@@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.1
* @version 1.1.1
*/
namespace PrivateBin;

2
lib/I18n.php
View File

@@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.1
* @version 1.1.1
*/
namespace PrivateBin;

2
lib/Json.php
View File

@@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.1
* @version 1.1.1
*/
namespace PrivateBin;

2
lib/Model.php
View File

@@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.1
* @version 1.1.1
*/
namespace PrivateBin;

2
lib/Model/AbstractModel.php
View File

@@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.1
* @version 1.1.1
*/
namespace PrivateBin\Model;

2
lib/Model/Comment.php
View File

@@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.1
* @version 1.1.1
*/
namespace PrivateBin\Model;

2
lib/Model/Paste.php
View File

@@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.1
* @version 1.1.1
*/
namespace PrivateBin\Model;

2
lib/Persistence/AbstractPersistence.php
View File

@@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.1
* @version 1.1.1
*/
namespace PrivateBin\Persistence;

2
lib/Persistence/PurgeLimiter.php
View File

@@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.1
* @version 1.1.1
*/
namespace PrivateBin\Persistence;

2
lib/Persistence/ServerSalt.php
View File

@@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.1
* @version 1.1.1
*/
namespace PrivateBin\Persistence;

2
lib/Persistence/TrafficLimiter.php
View File

@@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.1
* @version 1.1.1
*/
namespace PrivateBin\Persistence;

4
lib/PrivateBin.php
View File

@@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.1
* @version 1.1.1
*/
namespace PrivateBin;
@@ -28,7 +28,7 @@ class PrivateBin
*
* @const string
*/
const VERSION = '1.1';
const VERSION = '1.1.1';
/**
* show the same error message if the paste expired or does not exist

2
lib/Request.php
View File

@@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.1
* @version 1.1.1
*/
namespace PrivateBin;

2
lib/Sjcl.php
View File

@@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.1
* @version 1.1.1
*/
namespace PrivateBin;

2
lib/View.php
View File

@@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license http://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.1
* @version 1.1.1
*/
namespace PrivateBin;

2
lib/Vizhash16x16.php
View File

@@ -8,7 +8,7 @@
* @link http://sebsauvage.net/wiki/doku.php?id=php:vizhash_gd
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 0.0.5 beta PrivateBin 1.1
* @version 0.0.5 beta PrivateBin 1.1.1
*/
namespace PrivateBin;

2
tpl/bootstrap-compact.php
View File

@@ -52,7 +52,7 @@ if ($MARKDOWN):
<?php
endif;
?>
<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-q/2ZUVaS+RVZEaIzIufFOAbhkq2/hYXix2f/Dt3+MxWouGt7vxB3rIU3jkn3f7VHNBnK/wL3KjKL+xZuaaKPVQ==" crossorigin="anonymous"></script>
<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-6To0UBu7oCGa0oX6b669PoOK6vB5P8InWcV6OcBJt8v+RO6QJgP5RF6tiPlE5YSMlXtFpJz8bohe84saAgRspg==" crossorigin="anonymous"></script>
<!--[if lt IE 10]>
<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
<![endif]-->

2
tpl/bootstrap-dark-page.php
View File

@@ -52,7 +52,7 @@ if ($MARKDOWN):
<?php
endif;
?>
<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-q/2ZUVaS+RVZEaIzIufFOAbhkq2/hYXix2f/Dt3+MxWouGt7vxB3rIU3jkn3f7VHNBnK/wL3KjKL+xZuaaKPVQ==" crossorigin="anonymous"></script>
<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-6To0UBu7oCGa0oX6b669PoOK6vB5P8InWcV6OcBJt8v+RO6QJgP5RF6tiPlE5YSMlXtFpJz8bohe84saAgRspg==" crossorigin="anonymous"></script>
<!--[if lt IE 10]>
<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
<![endif]-->

2
tpl/bootstrap-dark.php
View File

@@ -53,7 +53,7 @@ if ($MARKDOWN):
<?php
endif;
?>
<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-q/2ZUVaS+RVZEaIzIufFOAbhkq2/hYXix2f/Dt3+MxWouGt7vxB3rIU3jkn3f7VHNBnK/wL3KjKL+xZuaaKPVQ==" crossorigin="anonymous"></script>
<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-6To0UBu7oCGa0oX6b669PoOK6vB5P8InWcV6OcBJt8v+RO6QJgP5RF6tiPlE5YSMlXtFpJz8bohe84saAgRspg==" crossorigin="anonymous"></script>
<!--[if lt IE 10]>
<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
<![endif]-->

2
tpl/bootstrap-page.php
View File

@@ -52,7 +52,7 @@ if ($MARKDOWN):
<?php
endif;
?>
<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-q/2ZUVaS+RVZEaIzIufFOAbhkq2/hYXix2f/Dt3+MxWouGt7vxB3rIU3jkn3f7VHNBnK/wL3KjKL+xZuaaKPVQ==" crossorigin="anonymous"></script>
<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-6To0UBu7oCGa0oX6b669PoOK6vB5P8InWcV6OcBJt8v+RO6QJgP5RF6tiPlE5YSMlXtFpJz8bohe84saAgRspg==" crossorigin="anonymous"></script>
<!--[if lt IE 10]>
<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
<![endif]-->

2
tpl/bootstrap.php
View File

@@ -53,7 +53,7 @@ if ($MARKDOWN):
<?php
endif;
?>
<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-q/2ZUVaS+RVZEaIzIufFOAbhkq2/hYXix2f/Dt3+MxWouGt7vxB3rIU3jkn3f7VHNBnK/wL3KjKL+xZuaaKPVQ==" crossorigin="anonymous"></script>
<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-6To0UBu7oCGa0oX6b669PoOK6vB5P8InWcV6OcBJt8v+RO6QJgP5RF6tiPlE5YSMlXtFpJz8bohe84saAgRspg==" crossorigin="anonymous"></script>
<!--[if lt IE 10]>
<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
<![endif]-->

2
tpl/page.php
View File

@@ -47,7 +47,7 @@ if ($MARKDOWN):
<?php
endif;
?>
<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-q/2ZUVaS+RVZEaIzIufFOAbhkq2/hYXix2f/Dt3+MxWouGt7vxB3rIU3jkn3f7VHNBnK/wL3KjKL+xZuaaKPVQ==" crossorigin="anonymous"></script>
<script type="text/javascript" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-6To0UBu7oCGa0oX6b669PoOK6vB5P8InWcV6OcBJt8v+RO6QJgP5RF6tiPlE5YSMlXtFpJz8bohe84saAgRspg==" crossorigin="anonymous"></script>
<!--[if lt IE 10]>
<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
<![endif]-->

12
tst/Bootstrap.php
View File

@@ -12,10 +12,10 @@ if (!defined('PATH')) {
define('PATH', '..' . DIRECTORY_SEPARATOR);
}
if (!defined('CONF')) {
define('CONF', PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.ini');
define('CONF', PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.php');
}
if (!is_file(CONF)) {
copy(CONF . '.sample', CONF);
if (!defined('CONF_SAMPLE')) {
define('CONF_SAMPLE', PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.sample.php');
}
require PATH . 'vendor/autoload.php';
@@ -201,6 +201,9 @@ class Helper
if (!is_file(CONF . '.bak') && is_file(CONF)) {
rename(CONF, CONF . '.bak');
}
if (!is_file(CONF_SAMPLE . '.bak') && is_file(CONF_SAMPLE)) {
copy(CONF_SAMPLE, CONF_SAMPLE . '.bak');
}
}
/**
@@ -213,6 +216,9 @@ class Helper
if (is_file(CONF . '.bak')) {
rename(CONF . '.bak', CONF);
}
if (is_file(CONF_SAMPLE . '.bak')) {
rename(CONF_SAMPLE . '.bak', CONF_SAMPLE);
}
}
/**

48
tst/ConfigurationTest.php
View File

@@ -12,7 +12,7 @@ class ConfigurationTest extends PHPUnit_Framework_TestCase
{
/* Setup Routine */
Helper::confBackup();
$this->_options = configuration::getDefaults();
$this->_options = Configuration::getDefaults();
$this->_options['model_options']['dir'] = PATH . $this->_options['model_options']['dir'];
$this->_options['traffic']['dir'] = PATH . $this->_options['traffic']['dir'];
$this->_options['purge']['dir'] = PATH . $this->_options['purge']['dir'];
@@ -22,12 +22,14 @@ class ConfigurationTest extends PHPUnit_Framework_TestCase
public function tearDown()
{
/* Tear Down Routine */
if (is_file(CONF)) {
unlink(CONF);
}
Helper::confRestore();
}
public function testDefaultConfigFile()
{
$this->assertTrue(copy(CONF . '.bak', CONF), 'copy default configuration file');
$conf = new Configuration;
$this->assertEquals($this->_options, $conf->get(), 'default configuration is correct');
}
@@ -41,7 +43,9 @@ class ConfigurationTest extends PHPUnit_Framework_TestCase
public function testHandleMissingConfigFile()
{
@unlink(CONF);
if (is_file(CONF)) {
unlink(CONF);
}
$conf = new Configuration;
$this->assertEquals($this->_options, $conf->get(), 'returns correct defaults on missing file');
}
@@ -135,4 +139,42 @@ class ConfigurationTest extends PHPUnit_Framework_TestCase
$conf = new Configuration;
$this->assertEquals('Database', $conf->getKey('class', 'model'), 'old db class gets renamed');
}
public function testHandleConfigFileRename()
{
$options = $this->_options;
Helper::createIniFile(PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.ini.sample', $options);
$options['main']['opendiscussion'] = true;
$options['main']['fileupload'] = true;
$options['main']['template'] = 'darkstrap';
Helper::createIniFile(PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.ini', $options);
$conf = new Configuration;
$this->assertFileExists(CONF, 'old configuration file gets converted');
$this->assertFileNotExists(PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.ini', 'old configuration file gets removed');
$this->assertFileNotExists(PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.ini.sample', 'old configuration sample file gets removed');
$this->assertTrue(
$conf->getKey('opendiscussion') &&
$conf->getKey('fileupload') &&
$conf->getKey('template') === 'darkstrap',
'configuration values get converted'
);
}
public function testRenameIniSample()
{
$iniSample = PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.ini.sample';
Helper::createIniFile(PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.ini', $this->_options);
if (is_file(CONF)) {
unlink(CONF);
}
rename(CONF_SAMPLE, $iniSample);
new Configuration;
$this->assertFileNotExists($iniSample, 'old sample file gets removed');
$this->assertFileExists(CONF_SAMPLE, 'new sample file gets created');
$this->assertFileExists(CONF, 'old configuration file gets converted');
$this->assertFileNotExists(PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.ini', 'old configuration file gets removed');
}
}

11
tst/ConfigurationTestGenerator.php
View File

@@ -159,7 +159,7 @@ new ConfigurationTestGenerator(array(
array(
'type' => 'RegExp',
'args' => array(
'#<link[^>]+type="text/css"[^>]+rel="stylesheet"[^>]+href="css/privatebin\.css\\?\d+\.\d+"[^>]*/>#',
'#<link[^>]+type="text/css"[^>]+rel="stylesheet"[^>]+href="css/privatebin\.css\\?\d[\d\.]+\d+"[^>]*/>#',
'$content',
'outputs "page" stylesheet correctly',
),
@@ -179,7 +179,7 @@ new ConfigurationTestGenerator(array(
array(
'type' => 'NotRegExp',
'args' => array(
'#<link[^>]+type="text/css"[^>]+rel="stylesheet"[^>]+href="css/privatebin\.css\\?\d+\.\d+"[^>]*/>#',
'#<link[^>]+type="text/css"[^>]+rel="stylesheet"[^>]+href="css/privatebin\.css\\?\d[\d\.]+\d+"[^>]*/>#',
'$content',
'removes "page" stylesheet correctly',
),
@@ -344,7 +344,7 @@ class ConfigurationTestGenerator
*/
private function _writeConfigurationTest()
{
$defaultOptions = parse_ini_file(CONF, true);
$defaultOptions = parse_ini_file(CONF_SAMPLE, true);
$code = $this->_getHeader();
foreach ($this->_configurations as $key => $conf) {
$fullOptions = array_replace_recursive($defaultOptions, $conf['options']);
@@ -425,7 +425,7 @@ class ConfigurationCombinationsTest extends PHPUnit_Framework_TestCase
{
/* Setup Routine */
Helper::confBackup();
$this->_path = sys_get_temp_dir() . DIRECTORY_SEPARATOR . 'privatebin_data';
$this->_path = sys_get_temp_dir() . DIRECTORY_SEPARATOR . 'privatebin_data';
$this->_model = Filesystem::getInstance(array('dir' => $this->_path));
ServerSalt::setPath($this->_path);
TrafficLimiter::setPath($this->_path);
@@ -435,9 +435,10 @@ class ConfigurationCombinationsTest extends PHPUnit_Framework_TestCase
public function tearDown()
{
/* Tear Down Routine */
unlink(CONF);
Helper::confRestore();
Helper::rmDir($this->_path);
}
}
public function reset($configuration = array())
{

45
tst/Data/FilesystemTest.php
View File

@@ -127,4 +127,49 @@ class FilesystemTest extends PHPUnit_Framework_TestCase
$this->assertFalse($this->_model->createComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getCommentId(), $comment), 'unable to store broken comment');
$this->assertFalse($this->_model->existsComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getCommentId()), 'comment does still not exist');
}
public function testOldFilesGetConverted()
{
// generate 10 (default purge batch size) pastes in the old format
$paste = Helper::getPaste();
$comment = Helper::getComment();
$commentid = Helper::getCommentId();
$ids = array();
for ($i = 0, $max = 10; $i < $max; ++$i) {
// PHPs mt_rand only supports 32 bit or up 0x7fffffff on 64 bit systems to be precise :-/
$dataid = str_pad(dechex(mt_rand(0, mt_getrandmax())), 8, '0', STR_PAD_LEFT) .
str_pad(dechex(mt_rand(0, mt_getrandmax())), 8, '0', STR_PAD_LEFT);
$storagedir = $this->_path . DIRECTORY_SEPARATOR . substr($dataid, 0, 2) .
DIRECTORY_SEPARATOR . substr($dataid, 2, 2) . DIRECTORY_SEPARATOR;
$ids[$dataid] = $storagedir;
if (!is_dir($storagedir)) {
mkdir($storagedir, 0700, true);
}
file_put_contents($storagedir . $dataid, json_encode($paste));
$storagedir .= $dataid . '.discussion' . DIRECTORY_SEPARATOR;
if (!is_dir($storagedir)) {
mkdir($storagedir, 0700, true);
}
file_put_contents($storagedir . $dataid . '.' . $commentid . '.' . $dataid, json_encode($comment));
}
// check that all 10 pastes were converted after the purge
$this->_model->purge(10);
foreach ($ids as $dataid => $storagedir) {
$this->assertFileExists($storagedir . $dataid . '.php', "paste $dataid exists in new format");
$this->assertFileNotExists($storagedir . $dataid, "old format paste $dataid got removed");
$this->assertTrue($this->_model->exists($dataid), "paste $dataid exists");
$this->assertEquals($this->_model->read($dataid), json_decode(json_encode($paste)), "paste $dataid wasn't modified in the conversion");
$storagedir .= $dataid . '.discussion' . DIRECTORY_SEPARATOR;
$this->assertFileExists($storagedir . $dataid . '.' . $commentid . '.' . $dataid . '.php', "comment of $dataid exists in new format");
$this->assertFileNotExists($storagedir . $dataid . '.' . $commentid . '.' . $dataid, "old format comment of $dataid got removed");
$this->assertTrue($this->_model->existsComment($dataid, $dataid, $commentid), "comment in paste $dataid exists");
$comment = json_decode(json_encode($comment));
$comment->id = $commentid;
$comment->parentid = $dataid;
$this->assertEquals($this->_model->readComments($dataid), array($comment->meta->postdate => $comment), "comment of $dataid wasn't modified in the conversion");
}
}
}

37
tst/JsonApiTest.php
View File

@@ -14,30 +14,17 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
public function setUp()
{
/* Setup Routine */
Helper::confBackup();
$this->_path = sys_get_temp_dir() . DIRECTORY_SEPARATOR . 'privatebin_data';
$this->_model = Filesystem::getInstance(array('dir' => $this->_path));
ServerSalt::setPath($this->_path);
$this->reset();
}
public function tearDown()
{
/* Tear Down Routine */
Helper::confRestore();
Helper::rmDir($this->_path);
}
public function reset()
{
$_POST = array();
$_GET = array();
$_SERVER = array();
if ($this->_model->exists(Helper::getPasteId())) {
$this->_model->delete(Helper::getPasteId());
}
Helper::confRestore();
$options = parse_ini_file(CONF, true);
$options = parse_ini_file(CONF_SAMPLE, true);
$options['purge']['dir'] = $this->_path;
$options['traffic']['dir'] = $this->_path;
$options['model_options']['dir'] = $this->_path;
@@ -45,15 +32,21 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
Helper::createIniFile(CONF, $options);
}
public function tearDown()
{
/* Tear Down Routine */
unlink(CONF);
Helper::confRestore();
Helper::rmDir($this->_path);
}
/**
* @runInSeparateProcess
*/
public function testCreate()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getPaste();
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
@@ -80,10 +73,8 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
*/
public function testPut()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$paste = Helper::getPaste();
unset($paste['meta']);
@@ -116,7 +107,6 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
*/
public function testDelete()
{
$this->reset();
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
$this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data');
$paste = $this->_model->read(Helper::getPasteId());
@@ -142,7 +132,6 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
*/
public function testDeleteWithPost()
{
$this->reset();
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
$this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data');
$paste = $this->_model->read(Helper::getPasteId());
@@ -167,7 +156,6 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
*/
public function testRead()
{
$this->reset();
$paste = Helper::getPasteWithAttachment();
$paste['meta']['attachment'] = $paste['attachment'];
$paste['meta']['attachmentname'] = $paste['attachmentname'];
@@ -199,7 +187,6 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
*/
public function testJsonLdPaste()
{
$this->reset();
$paste = Helper::getPasteWithAttachment();
$this->_model->create(Helper::getPasteId(), $paste);
$_GET['jsonld'] = 'paste';
@@ -219,7 +206,6 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
*/
public function testJsonLdComment()
{
$this->reset();
$paste = Helper::getPasteWithAttachment();
$this->_model->create(Helper::getPasteId(), $paste);
$_GET['jsonld'] = 'comment';
@@ -239,7 +225,6 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
*/
public function testJsonLdPasteMeta()
{
$this->reset();
$paste = Helper::getPasteWithAttachment();
$this->_model->create(Helper::getPasteId(), $paste);
$_GET['jsonld'] = 'pastemeta';
@@ -259,7 +244,6 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
*/
public function testJsonLdCommentMeta()
{
$this->reset();
$paste = Helper::getPasteWithAttachment();
$this->_model->create(Helper::getPasteId(), $paste);
$_GET['jsonld'] = 'commentmeta';
@@ -279,10 +263,9 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
*/
public function testJsonLdInvalid()
{
$this->reset();
$paste = Helper::getPasteWithAttachment();
$this->_model->create(Helper::getPasteId(), $paste);
$_GET['jsonld'] = '../cfg/conf.ini';
$_GET['jsonld'] = CONF;
ob_start();
new PrivateBin;
$content = ob_get_contents();

7
tst/ModelTest.php
View File

@@ -20,13 +20,12 @@ class ModelTest extends PHPUnit_Framework_TestCase
public function setUp()
{
/* Setup Routine */
Helper::confRestore();
$this->_path = sys_get_temp_dir() . DIRECTORY_SEPARATOR . 'privatebin_data';
if (!is_dir($this->_path)) {
mkdir($this->_path);
}
ServerSalt::setPath($this->_path);
$options = parse_ini_file(CONF, true);
$options = parse_ini_file(CONF_SAMPLE, true);
$options['purge']['limit'] = 0;
$options['model'] = array(
'class' => 'Database',
@@ -47,6 +46,7 @@ class ModelTest extends PHPUnit_Framework_TestCase
public function tearDown()
{
/* Tear Down Routine */
unlink(CONF);
Helper::confRestore();
Helper::rmDir($this->_path);
}
@@ -274,7 +274,6 @@ class ModelTest extends PHPUnit_Framework_TestCase
'pwd' => null,
'opt' => array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION),
);
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$model = new Model(new Configuration);
@@ -329,7 +328,6 @@ class ModelTest extends PHPUnit_Framework_TestCase
'pwd' => null,
'opt' => array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION),
);
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$model = new Model(new Configuration);
@@ -367,7 +365,6 @@ class ModelTest extends PHPUnit_Framework_TestCase
'pwd' => null,
'opt' => array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION),
);
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$model = new Model(new Configuration);

74
tst/PrivateBinTest.php
View File

@@ -16,13 +16,13 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
/* Setup Routine */
$this->_path = sys_get_temp_dir() . DIRECTORY_SEPARATOR . 'privatebin_data';
$this->_model = Filesystem::getInstance(array('dir' => $this->_path));
ServerSalt::setPath($this->_path);
$this->reset();
}
public function tearDown()
{
/* Tear Down Routine */
unlink(CONF);
Helper::confRestore();
Helper::rmDir($this->_path);
}
@@ -35,13 +35,13 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
if ($this->_model->exists(Helper::getPasteId())) {
$this->_model->delete(Helper::getPasteId());
}
Helper::confRestore();
$options = parse_ini_file(CONF, true);
$options = parse_ini_file(CONF_SAMPLE, true);
$options['purge']['dir'] = $this->_path;
$options['traffic']['dir'] = $this->_path;
$options['model_options']['dir'] = $this->_path;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
ServerSalt::setPath($this->_path);
}
/**
@@ -49,7 +49,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testView()
{
$this->reset();
ob_start();
new PrivateBin;
$content = ob_get_contents();
@@ -71,10 +70,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testViewLanguageSelection()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['main']['languageselection'] = true;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_COOKIE['lang'] = 'de';
ob_start();
@@ -93,11 +90,9 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testViewForceLanguageDefault()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['main']['languageselection'] = false;
$options['main']['languagedefault'] = 'fr';
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_COOKIE['lang'] = 'de';
ob_start();
@@ -116,11 +111,9 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testViewUrlShortener()
{
$shortener = 'https://shortener.example.com/api?link=';
$this->reset();
$shortener = 'https://shortener.example.com/api?link=';
$options = parse_ini_file(CONF, true);
$options['main']['urlshortener'] = $shortener;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_COOKIE['lang'] = 'de';
ob_start();
@@ -139,7 +132,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testHtaccess()
{
$this->reset();
$dirs = array('cfg', 'lib');
foreach ($dirs as $dir) {
$file = PATH . $dir . DIRECTORY_SEPARATOR . '.htaccess';
@@ -163,8 +155,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testConf()
{
$this->reset();
Helper::confBackup();
file_put_contents(CONF, '');
new PrivateBin;
}
@@ -174,10 +164,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreate()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getPaste();
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
@@ -203,10 +191,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateInvalidTimelimit()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getPaste(array('expire' => 25));
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
@@ -233,11 +219,9 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateInvalidSize()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['main']['sizelimit'] = 10;
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getPaste();
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
@@ -257,10 +241,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateProxyHeader()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['header'] = 'X_FORWARDED_FOR';
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getPaste();
$_SERVER['HTTP_X_FORWARDED_FOR'] = '::2';
@@ -287,10 +269,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateDuplicateId()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
$_POST = Helper::getPaste();
@@ -311,10 +291,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateValidExpire()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getPaste();
$_POST['expire'] = '5min';
@@ -344,10 +322,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateValidExpireWithDiscussion()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getPaste();
$_POST['expire'] = '5min';
@@ -378,10 +354,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateInvalidExpire()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getPaste();
$_POST['expire'] = 'foo';
@@ -408,10 +382,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateInvalidBurn()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getPaste();
$_POST['burnafterreading'] = 'neither 1 nor 0';
@@ -432,10 +404,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateInvalidOpenDiscussion()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getPaste();
$_POST['opendiscussion'] = 'neither 1 nor 0';
@@ -456,11 +426,9 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateAttachment()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
$options['main']['fileupload'] = true;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getPasteWithAttachment();
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
@@ -494,11 +462,9 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateBrokenAttachmentUpload()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
$options['main']['fileupload'] = true;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getPasteWithAttachment();
unset($_POST['attachment']);
@@ -520,7 +486,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateTooSoon()
{
$this->reset();
$_POST = Helper::getPaste();
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
$_SERVER['REQUEST_METHOD'] = 'POST';
@@ -543,10 +508,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateValidNick()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getPaste();
$_POST['nickname'] = Helper::getComment()['meta']['nickname'];
@@ -573,10 +536,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateInvalidNick()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getCommentPost();
$_POST['pasteid'] = Helper::getPasteId();
@@ -600,10 +561,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateComment()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getCommentPost();
$_POST['pasteid'] = Helper::getPasteId();
@@ -626,10 +585,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateInvalidComment()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getCommentPost();
$_POST['pasteid'] = Helper::getPasteId();
@@ -652,10 +609,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateCommentDiscussionDisabled()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getCommentPost();
$_POST['pasteid'] = Helper::getPasteId();
@@ -679,10 +634,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateCommentInvalidPaste()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$_POST = Helper::getCommentPost();
$_POST['pasteid'] = Helper::getPasteId();
@@ -704,10 +657,8 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testCreateDuplicateComment()
{
$this->reset();
$options = parse_ini_file(CONF, true);
$options['traffic']['limit'] = 0;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
$this->_model->createComment(Helper::getPasteId(), Helper::getPasteId(), Helper::getCommentId(), Helper::getComment());
@@ -732,7 +683,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testRead()
{
$this->reset();
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
$_SERVER['QUERY_STRING'] = Helper::getPasteId();
ob_start();
@@ -753,7 +703,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testReadInvalidId()
{
$this->reset();
$_SERVER['QUERY_STRING'] = 'foo';
ob_start();
new PrivateBin;
@@ -771,7 +720,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testReadNonexisting()
{
$this->reset();
$_SERVER['QUERY_STRING'] = Helper::getPasteId();
ob_start();
new PrivateBin;
@@ -789,7 +737,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testReadExpired()
{
$this->reset();
$expiredPaste = Helper::getPaste(array('expire_date' => 1344803344));
$this->_model->create(Helper::getPasteId(), $expiredPaste);
$_SERVER['QUERY_STRING'] = Helper::getPasteId();
@@ -809,7 +756,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testReadBurn()
{
$this->reset();
$burnPaste = Helper::getPaste(array('burnafterreading' => true));
$this->_model->create(Helper::getPasteId(), $burnPaste);
$_SERVER['QUERY_STRING'] = Helper::getPasteId();
@@ -832,7 +778,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testReadJson()
{
$this->reset();
$paste = Helper::getPaste();
$this->_model->create(Helper::getPasteId(), $paste);
$_SERVER['QUERY_STRING'] = Helper::getPasteId();
@@ -858,7 +803,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testReadInvalidJson()
{
$this->reset();
$_SERVER['QUERY_STRING'] = Helper::getPasteId();
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
ob_start();
@@ -874,7 +818,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testReadOldSyntax()
{
$this->reset();
$oldPaste = Helper::getPaste();
$meta = array(
'syntaxcoloring' => true,
@@ -903,7 +846,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testReadOldFormat()
{
$this->reset();
$oldPaste = Helper::getPaste();
unset($oldPaste['meta']['formatter']);
$this->_model->create(Helper::getPasteId(), $oldPaste);
@@ -928,7 +870,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testDelete()
{
$this->reset();
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
$this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data');
$paste = $this->_model->read(Helper::getPasteId());
@@ -951,7 +892,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testDeleteInvalidId()
{
$this->reset();
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
$_GET['pasteid'] = 'foo';
$_GET['deletetoken'] = 'bar';
@@ -972,7 +912,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testDeleteInexistantId()
{
$this->reset();
$_GET['pasteid'] = Helper::getPasteId();
$_GET['deletetoken'] = 'bar';
ob_start();
@@ -991,7 +930,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testDeleteInvalidToken()
{
$this->reset();
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
$_GET['pasteid'] = Helper::getPasteId();
$_GET['deletetoken'] = 'bar';
@@ -1012,7 +950,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testDeleteBurnAfterReading()
{
$this->reset();
$burnPaste = Helper::getPaste(array('burnafterreading' => true));
$this->_model->create(Helper::getPasteId(), $burnPaste);
$this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data');
@@ -1034,7 +971,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testDeleteInvalidBurnAfterReading()
{
$this->reset();
$this->_model->create(Helper::getPasteId(), Helper::getPaste());
$this->assertTrue($this->_model->exists(Helper::getPasteId()), 'paste exists before deleting data');
$_POST['deletetoken'] = 'burnafterreading';
@@ -1055,7 +991,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testDeleteExpired()
{
$this->reset();
$expiredPaste = Helper::getPaste(array('expire_date' => 1000));
$this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste does not exist before being created');
$this->_model->create(Helper::getPasteId(), $expiredPaste);
@@ -1079,7 +1014,6 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
*/
public function testDeleteMissingPerPasteSalt()
{
$this->reset();
$paste = Helper::getPaste();
unset($paste['meta']['salt']);
$this->_model->create(Helper::getPasteId(), $paste);

5
tst/PrivateBinWithDbTest.php
View File

@@ -1,7 +1,6 @@
<?php
use PrivateBin\Data\Database;
use PrivateBin\Persistence\ServerSalt;
require_once 'PrivateBinTest.php';
@@ -23,7 +22,6 @@ class PrivateBinWithDbTest extends PrivateBinTest
if (!is_dir($this->_path)) {
mkdir($this->_path);
}
ServerSalt::setPath($this->_path);
$this->_options['dsn'] = 'sqlite:' . $this->_path . DIRECTORY_SEPARATOR . 'tst.sq3';
$this->_model = Database::getInstance($this->_options);
$this->reset();
@@ -37,10 +35,7 @@ class PrivateBinWithDbTest extends PrivateBinTest
$options['model'] = array(
'class' => 'Database',
);
$options['purge']['dir'] = $this->_path;
$options['traffic']['dir'] = $this->_path;
$options['model_options'] = $this->_options;
Helper::confBackup();
Helper::createIniFile(CONF, $options);
}
}