370 lines
10 KiB
PHP
370 lines
10 KiB
PHP
<?php
|
|
/*
|
|
* Paste <https://github.com/jordansamuel/PASTE>
|
|
*
|
|
* This program is free software; you can redistribute it and/or
|
|
* modify it under the terms of the GNU General Public License
|
|
* as published by the Free Software Foundation; either version 3
|
|
* of the License, or (at your option) any later version.
|
|
*
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License in GPL.txt for more details.
|
|
*/
|
|
|
|
function str_contains($haystack, $needle, $ignoreCase = false)
|
|
{
|
|
if ($ignoreCase) {
|
|
$haystack = strtolower($haystack);
|
|
$needle = strtolower($needle);
|
|
}
|
|
$needlePos = strpos($haystack, $needle);
|
|
return ($needlePos === false ? false : ($needlePos + 1));
|
|
}
|
|
|
|
function encrypt($value)
|
|
{
|
|
$iv_size = @mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
|
|
$iv = @mcrypt_create_iv($iv_size, MCRYPT_RAND);
|
|
$val = @mcrypt_encrypt(MCRYPT_RIJNDAEL_256, SECRET, $value, MCRYPT_MODE_ECB, $iv);
|
|
return base64_encode($val);
|
|
}
|
|
|
|
function decrypt($value)
|
|
{
|
|
$value = base64_decode($value);
|
|
$iv_size = @mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
|
|
$iv = @mcrypt_create_iv($iv_size, MCRYPT_RAND);
|
|
return @mcrypt_decrypt(MCRYPT_RIJNDAEL_256, SECRET, $value, MCRYPT_MODE_ECB, $iv);
|
|
}
|
|
|
|
function deleteMyPaste($con, $paste_id)
|
|
{
|
|
$query = "DELETE FROM pastes where id='$paste_id'";
|
|
$result = mysqli_query($con, $query);
|
|
}
|
|
|
|
function getRecent($con, $count = 5)
|
|
{
|
|
$limit = $count ? "limit $count" : "";
|
|
$query = "SELECT *
|
|
FROM pastes where visible='0'
|
|
ORDER BY id DESC
|
|
LIMIT 0 , $count";
|
|
$result = mysqli_query($con, $query);
|
|
return $result;
|
|
}
|
|
|
|
function getUserRecent($con, $count = 5, $username)
|
|
{
|
|
$limit = $count ? "limit $count" : "";
|
|
$query = "SELECT *
|
|
FROM pastes where member='$username'
|
|
ORDER BY id DESC
|
|
LIMIT 0 , $count";
|
|
$result = mysqli_query($con, $query);
|
|
return $result;
|
|
}
|
|
|
|
function getUserPastes($con, $username)
|
|
{
|
|
$query = "SELECT * FROM pastes where member='$username' ORDER by id DESC";
|
|
$result = mysqli_query($con, $query);
|
|
return $result;
|
|
}
|
|
|
|
function getTotalPastes($con, $username)
|
|
{
|
|
$query = "SELECT * FROM pastes WHERE member='$username'";
|
|
$result = mysqli_query($con, $query);
|
|
$count = 0;
|
|
while ($row = mysqli_fetch_array($result)) {
|
|
$count = $count + 1;
|
|
}
|
|
return $count;
|
|
}
|
|
|
|
function isValidUsername($str) {
|
|
return !preg_match('/[^A-Za-z0-9.#\\-$]/', $str);
|
|
}
|
|
|
|
function existingUser( $con, $username ) {
|
|
$query = "SELECT * FROM users WHERE username = '$username'";
|
|
$result = mysqli_query( $con, $query );
|
|
$num_rows = mysqli_num_rows( $result );
|
|
if ( $num_rows == 0 ) {
|
|
// No records. User doesn't exist.
|
|
return false;
|
|
} else {
|
|
return true;
|
|
}
|
|
}
|
|
|
|
function updateMyView($con, $paste_id)
|
|
{
|
|
$query = "SELECT * FROM pastes WHERE id=" . Trim($paste_id);
|
|
$result = mysqli_query($con, $query);
|
|
|
|
while ($row = mysqli_fetch_array($result)) {
|
|
$p_view = Trim($row['views']);
|
|
}
|
|
$p_view = $p_view + 1;
|
|
$query = "UPDATE pastes SET views='$p_view' where id='$paste_id'";
|
|
$result = mysqli_query($con, $query);
|
|
}
|
|
|
|
function conTime($secs) {
|
|
$bit = array(
|
|
' year' => $secs / 31556926 % 12,
|
|
' week' => $secs / 604800 % 52,
|
|
' day' => $secs / 86400 % 7,
|
|
' hour' => $secs / 3600 % 24,
|
|
' min' => $secs / 60 % 60,
|
|
' sec' => $secs % 60
|
|
);
|
|
|
|
foreach ($bit as $k => $v) {
|
|
if ($v > 1)
|
|
$ret[] = $v . $k . 's';
|
|
if ($v == 1)
|
|
$ret[] = $v . $k;
|
|
}
|
|
array_splice($ret, count($ret) - 1, 0, 'and');
|
|
$ret[] = 'ago';
|
|
|
|
$val = join(' ', $ret);
|
|
if (str_contains($val, "week")) {
|
|
} else {
|
|
$val = str_replace("and", "", $val);
|
|
}
|
|
if (Trim($val) == "ago") {
|
|
$val = "1 sec ago";
|
|
}
|
|
return $val;
|
|
}
|
|
|
|
function truncate($input, $maxWords, $maxChars)
|
|
{
|
|
$words = preg_split('/\s+/', $input);
|
|
$words = array_slice($words, 0, $maxWords);
|
|
$words = array_reverse($words);
|
|
|
|
$chars = 0;
|
|
$truncated = array();
|
|
|
|
while (count($words) > 0) {
|
|
$fragment = trim(array_pop($words));
|
|
$chars += strlen($fragment);
|
|
|
|
if ($chars > $maxChars)
|
|
break;
|
|
|
|
$truncated[] = $fragment;
|
|
}
|
|
|
|
$result = implode($truncated, ' ');
|
|
|
|
return $result . ($input == $result ? '' : '[...]');
|
|
}
|
|
|
|
function doDownload($paste_id, $p_title, $p_content, $p_code)
|
|
{
|
|
$stats = false;
|
|
if ($p_code) {
|
|
// Figure out extensions.
|
|
$ext = "txt";
|
|
switch ($p_code) {
|
|
case 'bash':
|
|
$ext = 'sh';
|
|
break;
|
|
case 'actionscript':
|
|
$ext = 'html';
|
|
break;
|
|
case 'html4strict':
|
|
$ext = 'html';
|
|
break;
|
|
case 'javascript':
|
|
$ext = 'js';
|
|
break;
|
|
case 'perl':
|
|
$ext = 'pl';
|
|
break;
|
|
case 'csharp':
|
|
$ext = 'cs';
|
|
break;
|
|
case 'ruby':
|
|
$ext = 'rb';
|
|
break;
|
|
case 'python':
|
|
$ext = 'py';
|
|
break;
|
|
case 'sql':
|
|
$ext = 'sql';
|
|
break;
|
|
case 'php':
|
|
$ext = 'php';
|
|
break;
|
|
case 'c':
|
|
$ext = 'c';
|
|
break;
|
|
case 'cpp':
|
|
$ext = 'cpp';
|
|
break;
|
|
case 'css':
|
|
$ext = 'css';
|
|
break;
|
|
case 'xml':
|
|
$ext = 'xml';
|
|
break;
|
|
default:
|
|
$ext = 'txt';
|
|
break;
|
|
}
|
|
|
|
// Download
|
|
header('Content-type: text/plain');
|
|
header('Content-Disposition: attachment; filename="' . $p_title . '.' . $ext . '"');
|
|
echo $p_content;
|
|
$stats = true;
|
|
} else {
|
|
// 404
|
|
header('HTTP/1.1 404 Not Found');
|
|
}
|
|
return $stats;
|
|
}
|
|
|
|
function rawView($paste_id, $p_title, $p_content, $p_code)
|
|
{
|
|
$stats = false;
|
|
if ($p_code) {
|
|
// Raw
|
|
header('Content-type: text/plain');
|
|
echo $p_content;
|
|
$stats = true;
|
|
} else {
|
|
// 404
|
|
header('HTTP/1.1 404 Not Found');
|
|
}
|
|
return $stats;
|
|
}
|
|
|
|
function embedView( $paste_id, $p_title, $p_content, $p_code, $title, $baseurl, $ges_style, $lang ) {
|
|
$stats = false;
|
|
if ( $p_content ) {
|
|
// Build the output
|
|
$output = "<div class='paste_embed_container'>";
|
|
$output .= "<style>"; // Add our own styles
|
|
$output .= "
|
|
.paste_embed_container {
|
|
font-size: 12px;
|
|
color: #333;
|
|
text-align: left;
|
|
margin-bottom: 1em;
|
|
border: 1px solid #ddd;
|
|
background-color: #f7f7f7;
|
|
border-radius: 3px;
|
|
}
|
|
.paste_embed_container a {
|
|
font-weight: bold;
|
|
color: #666;
|
|
text-decoration: none;
|
|
border: 0;
|
|
}
|
|
.paste_embed_container ol {
|
|
color: white;
|
|
background-color: #f7f7f7;
|
|
border-right: 1px solid #ccc;
|
|
margin: 0;
|
|
}
|
|
.paste_embed_footer {
|
|
font-size:14px;
|
|
padding: 10px;
|
|
overflow: hidden;
|
|
color: #767676;
|
|
background-color: #f7f7f7;
|
|
border-radius: 0 0 2px 2px;
|
|
border-top: 1px solid #ccc;
|
|
}
|
|
.de1, .de2 {
|
|
-moz-user-select: text;
|
|
-khtml-user-select: text;
|
|
-webkit-user-select: text;
|
|
-ms-user-select: text;
|
|
user-select: text;
|
|
padding: 0 8px;
|
|
color: #000;
|
|
border-left: 1px solid #ddd;
|
|
background: #ffffff;
|
|
line-height:20px;
|
|
}";
|
|
$output .= "</style>";
|
|
$output .= "$ges_style"; // Dynamic GeSHI Style
|
|
$output .= $p_content; // Paste content
|
|
$output .= "<div class='paste_embed_footer'>";
|
|
$output .= "<a href='$baseurl/$paste_id'>$p_title</a> " . $lang['embed-hosted-by'] . " <a href='$baseurl'>$title</a> | <a href='$baseurl/raw/$paste_id'>" . strtolower( $lang['view-raw'] ) . "</a>";
|
|
$output .= "</div>";
|
|
$output .= "</div>";
|
|
|
|
// Display embed content using json_encode since that escapes
|
|
// characters well enough to satisfy javascript. http://stackoverflow.com/a/169035
|
|
header( 'Content-type: text/javascript; charset=utf-8;' );
|
|
echo 'document.write(' . json_encode( $output ) . ')';
|
|
$stats = true;
|
|
} else {
|
|
// 404
|
|
header( 'HTTP/1.1 404 Not Found' );
|
|
}
|
|
return $stats;
|
|
}
|
|
|
|
function addToSitemap($paste_id, $priority, $changefreq, $mod_rewrite)
|
|
{
|
|
$c_date = date('Y-m-d');
|
|
$site_data = file_get_contents("sitemap.xml");
|
|
$site_data = str_replace("</urlset>", "", $site_data);
|
|
// which protocol are we on
|
|
$protocol = paste_protocol();
|
|
|
|
if ($mod_rewrite == "1") {
|
|
$server_name = $protocol . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/" . $paste_id;
|
|
} else {
|
|
$server_name = $protocol . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/paste.php?id=" . $paste_id;
|
|
}
|
|
|
|
$c_sitemap =
|
|
' <url>
|
|
<loc>' . $server_name . '</loc>
|
|
<priority>' . $priority . '</priority>
|
|
<changefreq>' . $changefreq . '</changefreq>
|
|
<lastmod>' . $c_date . '</lastmod>
|
|
</url>
|
|
</urlset>';
|
|
|
|
$full_map = $site_data . $c_sitemap;
|
|
file_put_contents("sitemap.xml", $full_map);
|
|
}
|
|
function paste_protocol() {
|
|
|
|
$protocol = ( isset( $_SERVER['HTTPS'] ) && $_SERVER['HTTPS'] == "on" ) ? 'https://' : 'http://';
|
|
|
|
return $protocol;
|
|
}
|
|
|
|
function is_banned($con, $ip) {
|
|
$query = "SELECT id FROM ban_user WHERE ip=?";
|
|
if ($stmt = mysqli_prepare($con, $query)) {
|
|
mysqli_stmt_bind_param($stmt, "s", $ip);
|
|
mysqli_stmt_execute($stmt);
|
|
mysqli_stmt_store_result($stmt);
|
|
|
|
if ( mysqli_stmt_num_rows($stmt) > 0 ) {
|
|
mysqli_stmt_close($stmt);
|
|
return true;
|
|
} else {
|
|
mysqli_stmt_close($stmt);
|
|
return false;
|
|
}
|
|
}
|
|
}
|