Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Comparing changes

Choose two branches to see what's changed or to start a new pull request. If you need to, you can also compare across forks.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also compare across forks.
base fork: jdarwood007/pastebin
base: 1abfe8fe1e
...
head fork: jdarwood007/pastebin
compare: 92485c867c
Checking mergeability… Don't worry, you can still create the pull request.
  • 1 commit
  • 9 files changed
  • 0 commit comments
  • 1 contributor
Commits on Feb 18, 2012
Jeremy D + Added a spam handler with basic and recaptcha support
 + Added ability to show warnings and other non fatal errors
 ! Moved all handlers to be loaded by a main startHandler function
92485c8
View
112 index.php
@@ -23,7 +23,7 @@
// Handles the actions.
if (isset($_POST['submit']))
$pasteBin->action_paste();
-if (isset($_GET['view']))
+elseif (isset($_GET['view']))
$pasteBin->action_view($_GET['view']);
else
$pasteBin->action_index();
@@ -46,6 +46,8 @@ class pB
private $db = null;
private $usr = null;
private $tpl = null;
+ private $antispam = null;
+ private $warnings = array();
/*
* Setup the settings when creating the object.
@@ -56,54 +58,55 @@ public function __construct()
if (file_exists(dirname(__FILE__) . '/settings-' . pathinfo(basename($_SERVER['SCRIPT_FILENAME']), PATHINFO_FILENAME) . '.php'))
require_once(dirname(__FILE__) . '/settings-' . pathinfo(basename($_SERVER['SCRIPT_FILENAME']), PATHINFO_FILENAME). '.php');
- // Start up our database.
- require_once(pBS::get('sources') . '/db.php');
- if (file_exists(pBS::get('sources') . '/db-' . pBS::get('db') . '.php'))
- {
- require_once(pBS::get('sources') . '/db-' . pBS::get('db') . '.php');
+ // This will get some of our handler going.
+ $this->startHandler('db', 'db', 'pDB');
+ $this->startHandler('user', 'usr', 'pUser');
+ $this->startHandler('tpl', 'tpl', 'pTPL');
+ $this->startHandler('spam', 'antispam', 'pAS');
- $class = 'pDB_' . pBS::get('db');
- if (class_exists($class))
- $this->db = new $class;
- else
- $this->error('Database is defined but no such class exists.');
- }
- else
- $this->error('No database handler is defined.');
+ // Start getting things going.
+ $this->loadLanguage();
+ $this->loadGeshi();
+ }
- // Start up our User handler.
- require_once(pBS::get('sources') . '/user.php');
- if (file_exists(pBS::get('sources') . '/user-' . pBS::get('user') . '.php'))
- {
- require_once(pBS::get('sources') . '/user-' . pBS::get('user') . '.php');
+ /*
+ * Setup a handler for usage.
+ * @param $file String The main name of the handler we are loading.
+ * @param $var String The variable we will store this under. As well this is the setting name we look for when loading that extra class.
+ * @param $class_name String The name of the class this will load.
+ * @param $extension String When we use this, we ignore using $var as extension of the class we are loading.
+ */
+ public function startHandler($file, $var, $class_name, $extension = '')
+ {
+ if (!file_exists(pBS::get('sources') . '/'. $file . '.php'))
+ $this->error('Failed to start Handler (' . $var . ') as file (' . $file . ' ) does not exist.');
- $class = 'pUser_' . pBS::get('user');
- if (class_exists($class))
- $this->usr = new $class;
- else
- $this->error('User is defined but no such class exists.');
- }
- else
- $this->error('No user handler is defined.');
+ if (empty($extension))
+ $extension = pBS::get($var);
- // Start up our Template handler.
- require_once(pBS::get('sources') . '/tpl.php');
- if (file_exists(pBS::get('sources') . '/tpl-' . pBS::get('tpl') . '.php'))
+ require_once(pBS::get('sources') . '/'. $file . '.php');
+ if (file_exists(pBS::get('sources') . '/'. $file . '-' . $extension . '.php'))
{
- require_once(pBS::get('sources') . '/tpl-' . pBS::get('tpl') . '.php');
+ require_once(pBS::get('sources') . '/'. $file . '-' . $extension . '.php');
- $class = 'pTPL_' . pBS::get('tpl');
+ $class = $class_name . '_' . pBS::get($var);
if (class_exists($class))
- $this->tpl = new $class;
+ $this->{$var} = new $class;
else
- $this->error('Template is defined but no such class exists.');
+ $this->error($var . ' Handler is defined but no such class exists.');
+
+ // If this had a classActive method, we need to verify this before we go on.
+ if (method_exists($this->{$var}, 'classActive') && ($result = $this->{$var}->classActive()) !== true)
+ {
+ // If the result returned nothing, we got no fall back.
+ if (empty($result))
+ $this->error('Invalid Handler setup for ' . $file);
+
+ $this->startHandler($file, $var, $class_name, $result);
+ }
}
else
- $this->error('No template handler is defined.');
-
- // Start getting things going.
- $this->loadLanguage();
- $this->loadGeshi();
+ $this->error('No ' . $var . ' handler is defined.');
}
/*
@@ -268,6 +271,14 @@ public function action_view($id)
if (is_callable(array($this->tpl, 'htmlHead')))
$this->tpl->htmlHead($this->title);
+ // Give admins a hint what the key is.
+ if (!empty($this->warnings))
+ echo '
+ <div class="alert alert-error">
+ <h4 class="alert-heading">This paste has failed to be created because:</h4>
+ ', implode('<br />', $this->warnings), '
+ </div>';
+
$paste = $this->showPaste($id);
// Give admins a hint what the key is.
@@ -296,11 +307,23 @@ public function action_paste()
$do_create = true;
if ($this->usr->id() > 0 && (empty($_POST['name']) || empty($_POST['email'])))
+ {
+ $this->warnings[] = 'Missing information (Username/email)';
$do_create = false;
+ }
if (empty($_POST['code']))
+ {
+ $this->warnings[] = 'Nothing entered into the code box';
+ $do_create = false;
+ }
+
+ if (pBS::get('human_check') && $this->antispam->verify(&$this->warnings) === false)
$do_create = false;
+ if (!empty($this->warnings) && isset($_POST['iHateU']))
+ $this->warnings[] = 'I do not like you either';
+
// Get the data ready.
$data = array(
'paste_id' => !empty($_POST['view']) ? $_POST['view'] : 0,
@@ -313,12 +336,10 @@ public function action_paste()
);
// Do a test.
- $this->db->addPasteTest(&$data, &$do_create);
+ $this->db->addPasteTest(&$data, &$do_create, &$this->warnings);
if (!$do_create)
{
- $this->warningss[] = 'Missing information (Username/email)';
-
if (!empty($_POST['view']))
$this->action_view($_POST['view']);
else
@@ -453,8 +474,11 @@ public function postForm($code, $id = 0, $use_geshi = true, $geshi_language = 'p
<li><input type="checkbox" name="force_new_pw" /><strong>', pBL('force_new_key'), '</strong></li>';
if (pBS::get('human_check'))
- echo '
- <li>', pBS::get('human_question'), ':<input type="text" name="ru_human" value="', isset($_POST['ru_human']) ? $_POST['ru_human'] : '', '" /></li>';
+ {
+ echo '<li>';
+ $this->antispam->template();
+ echo '</li>';
+ }
echo '
</ul>';
View
18 settings.php
@@ -22,11 +22,15 @@ class pBS
private static $db = 'smf';
/* User Handler. */
- private static $user = 'smf';
+ private static $usr = 'smf';
/* Template Handler. */
private static $tpl = 'wp';
+ /* Template Handler. */
+// private static $antispam = 'recaptcha';
+ private static $antispam = 'basic';
+
/* Any preloader file needed? */
private static $preload = '__integrate.php';
@@ -64,15 +68,21 @@ class pBS
/* GESHI: The default language to use. */
private static $geshi_default = 'php';
- /* HUMAN CHECK: Enable the human check? */
+ /* ANTI-SPAM (BASIC): Enable the human check? */
private static $human_check = true;
- /* HUMAN CHECK: The question to ask. */
+ /* ANTI-SPAM (BASIC): The question to ask. */
private static $human_question = 'A duck, cat and a goose walk into a bar. How many animals walked into a bar?';
- /* HUMAN CHECK: The answer they need to provide. */
+ /* ANTI-SPAM (BASIC): The answer they need to provide. */
private static $human_answer = '3';
+ /* ANTI-SPAM (RECAPTCHA): If using Recaptcha as your anti-spam handler enter your key here */
+ private static $recaptcha_key = '';
+
+ /* ANTI-SPAM (RECAPTCHA): If using Recaptcha as your anti-spam handler enter your private key here */
+ private static $recaptcha_private_key = '';
+
/* SMF: When we are using SMF, we need to know where it is. */
private static $smf_dir = '../forum/';
View
7 sources/db-smf.php
@@ -111,7 +111,7 @@ public function fetchPaste($id)
'approved' => $topic['approved'],
'use_geshi' => $Paste['use_geshi'],
'language' => $Paste['type'],
- 'body' => $topic['body'],
+ 'body' => htmlspecialchars_decode($topic['body']),
'parsed' => '',
);
}
@@ -159,6 +159,11 @@ public function addPaste($data)
elseif (!empty($paste['key']))
$data['key'] = $paste['key'];
+ if (function_exists('wp_magic_quotes'))
+ {
+ $data['body'] = stripslashes($data['body']);
+ }
+
// Options needed for our post.
$topicOptions = array(
'id' => (!empty($paste['id']) ? $paste['id'] : 0) ,
View
53 sources/spam-basic.php
@@ -0,0 +1,53 @@
+<?php
+/*
+ * SMF PasteBin
+ * Author: SleePy (JeremyD)
+ * Repository: https://github.com/jdarwood007/pastebin
+ * License: BSD 3 Clause; See license.txt
+*/
+if (!defined('SMFPasteBin')) { exit('[' . basename(__FILE__) . '] Direct access restricted');}
+
+/*
+* Basic Anti-Spam handler for Pastebin.
+*/
+class pAS_basic extends pAS
+{
+ /*
+ * Test whether this anti-spam method is enabled or not.
+ */
+ public function classActive()
+ {
+ if (pBS::get('human_check') === false || pBS::get('human_question') === null || pBS::get('human_answer') === null)
+ return false;
+ return true;
+ }
+
+ /*
+ * Verify the that we correctly entered the anti-spam stuff.
+ */
+ public function verify($warnings)
+ {
+ // Luck you, get a free pass.
+ if (pBS::get('human_check') === false)
+ return true;
+
+ if (!isset($_POST['ru_human']) || $_POST['ru_human'] != pBS::get('human_answer'))
+ {
+ $warnings[] = 'Invalid human verification';
+ return false;
+ }
+
+ return true;
+ }
+
+ /*
+ * For the template.
+ */
+ public function template()
+ {
+ if (pBS::get('human_check') === false)
+ return;
+
+ echo pBS::get('human_question'), ':<input type="text" name="ru_human" value="', isset($_POST['ru_human']) ? $_POST['ru_human'] : '', '" />';
+ }
+}
View
91 sources/spam-recaptcha.php
@@ -0,0 +1,91 @@
+<?php
+/*
+ * SMF PasteBin
+ * Author: SleePy (JeremyD)
+ * Repository: https://github.com/jdarwood007/pastebin
+ * License: BSD 3 Clause; See license.txt
+*/
+if (!defined('SMFPasteBin')) { exit('[' . basename(__FILE__) . '] Direct access restricted');}
+
+/*
+* Basic Anti-Spam handler for Pastebin.
+*/
+class pAS_recaptcha extends pAS
+{
+ /*
+ * Test whether this anti-spam method is enabled or not.
+ */
+ public function classActive()
+ {
+ if (pBS::get('recaptcha_key') === null || pBS::get('recaptcha_private_key') === null)
+ return false;
+ return true;
+ }
+
+ /*
+ * Verify the that we correctly entered the anti-spam stuff.
+ */
+ public function verify($warnings)
+ {
+ $data = implode('&', array(
+ 'privatekey' => pBS::get('recaptcha_private_key'),
+ 'remoteip' => $_SERVER['REMOTE_ADDR'],
+ 'challenge' => $this->cleanInput($_POST['recaptcha_challenge_field']),
+ 'response' => $this->cleanInput($_POST['recaptcha_response_field'])
+ ));
+
+
+ // Connect to the collection script.
+ $response = '';
+ $fp = @fsockopen('www.google.com', 80, $errno, $errstr);
+ if ($fp)
+ {
+ $out = 'POST /recaptcha/api/verify HTTP/1.1' . "\r\n";
+ $out .= 'Host: www.google.com' . "\r\n";
+ $out .= "User-Agent: reCAPTCHA/PHP\r\n";
+ $out .= 'Content-Type: application/x-www-form-urlencoded' . "\r\n";
+ $out .= 'Content-Length: ' . strlen($data) . "\r\n\r\n";
+ $out .= $data . "\r\n";
+ $out .= 'Connection: Close' . "\r\n\r\n";
+ fwrite($fp, $out);
+
+ while (!feof($fs))
+ $response .= fgets($fs, 1160);
+ fclose($fp);
+
+ $response = explode("\r\n\r\n", $response, 2);
+
+ if (trim($response[0]) == 'true')
+ return true;
+ else
+ {
+ $warnings[] = $response[1];
+ return false;
+ }
+ }
+ else
+ {
+ $warnings[] = 'Could not connect to the remote ReCaptcha service, verification failed';
+ return false;
+ }
+ }
+
+ /*
+ * For the template.
+ */
+ public function template()
+ {
+ echo '
+ <script type="text/javascript" src="http://www.google.com/recaptcha/api/challenge?k=', pBS::get('recaptcha_key'), '"></script>
+ <noscript>
+ <iframe src="http://www.google.com/recaptcha/api/noscript?k=', pBS::get('recaptcha_key') , '" height="300" width="500" frameborder="0"></iframe><br>
+ <textarea name="recaptcha_challenge_field" rows="3" cols="40"></textarea>
+ <input type="hidden" name="recaptcha_response_field" value="manual_challenge" />
+ </noscript>';
+ }
+
+ private function cleanInput($var)
+ {
+ return urlencode(stripslashes($var));
+ }
+}
View
35 sources/spam.php
@@ -0,0 +1,35 @@
+<?php
+/*
+ * SMF PasteBin
+ * Author: SleePy (JeremyD)
+ * Repository: https://github.com/jdarwood007/pastebin
+ * License: BSD 3 Clause; See license.txt
+*/
+if (!defined('SMFPasteBin')) { exit('[' . basename(__FILE__) . '] Direct access restricted');}
+
+/*
+* Basic Anti-Spam handler for Pastebin.
+*/
+class pAS
+{
+ /*
+ * Setup the anti-spam method, for basic we do nothing.
+ */
+ public function setup()
+ {
+ }
+
+ /*
+ * Verify the that we correctly entered the anti-spam stuff.
+ */
+ public function verify($warnings)
+ {
+ }
+
+ /*
+ * For the template.
+ */
+ public function template()
+ {
+ }
+}
View
1  sources/tpl-smf.php
@@ -29,6 +29,7 @@ public function __construct()
/*
* Do the header.
+ * @param $title String the page title.
* @Note: Because we used ssi earlier to star the SMF theme, we have nothing to do here.
*/
public function htmlHead($title)
View
17 sources/tpl-wp.php
@@ -13,21 +13,22 @@
class pTPL_wp extends pTPL
{
/*
- * Do the header.
+ * Lets get things cooking.
*/
- public function htmlHead($title)
+ public function __construct()
{
- global $specialPage;
-
- $specialPage['title'] = $title;
+ wp_enqueue_style('pastebin', pBS::get('css'));
}
/*
- * Lets get things cooking.
+ * Do the header.
+ * @param $title String the page title.
*/
- public function __construct()
+ public function htmlHead($title)
{
- wp_enqueue_style('pastebin', pBS::get('css'));
+ global $specialPage;
+
+ $specialPage['title'] = $title;
}
/*
View
1  sources/user.php
@@ -12,5 +12,4 @@
*/
class pUser
{
-
}

No commit comments for this range

Something went wrong with that request. Please try again.