[ticket/10] Apply correct file extension to downloaded files

.travis.yml

@@ -33,7 +33,7 @@ env:
     - SNIFF="1"            # Should we run code sniffer on your code?
     - IMAGE_ICC="1"        # Should we run icc profile sniffer on your images?
     - EPV="1"              # Should we run EPV (Extension Pre Validator) on your code?
-    - PHPBB_BRANCH="develop-ascraeus"
+    - PHPBB_BRANCH="3.1.x"
 
 branches:
   only:

composer.json

@@ -3,7 +3,7 @@
 	"type": "phpbb-extension",
 	"description": "Provides a pastebin including syntax highlighting",
 	"homepage": "https://www.phpbb.de/community/",
-	"version": "1.0.0",
+	"version": "1.0.0-dev",
 	"time": "2015-01-03",
 	"license": "GPL-2.0",
 	"authors": [

config/services.yml

@@ -5,10 +5,16 @@ parameters:
     phpbbde.pastebin.cron.prune_interval: 86400
     tables.phpbbde.pastebin.pastebin: %core.table_prefix%pastebin
 services:
+    phpbbde.pastebin.functions.utility:
+        class: phpbbde\pastebin\functions\utility
+        arguments:
+            - %phpbbde.pastebin.geshilangs%
     phpbbde.pastebin.functions.pastebin:
         class: phpbbde\pastebin\functions\pastebin
         arguments:
-            - %phpbbde.pastebin.geshilangs%
+            - @dbal.conn
+            - @user
+            - %tables.phpbbde.pastebin.pastebin%
     phpbbde.pastebin.controller.main:
         class: phpbbde\pastebin\controller\main
         arguments:
@@ -21,6 +27,7 @@ services:
             - @user
             - @controller.helper
             - @captcha.factory
+            - @phpbbde.pastebin.functions.utility
             - @phpbbde.pastebin.functions.pastebin
             - %core.root_path%
             - %core.php_ext%

controller/main.php

@@ -54,6 +54,9 @@ class main
 	/** @var \phpbbde\pastebin\functions\pastebin */
 	protected $pastebin;
 
+	/** @var \phpbbde\pastebin\functions\utility */
+	protected $util;
+
 	/** @var \phpbb\captcha\factory */
 	protected $captcha_factory;
 
@@ -77,10 +80,11 @@ class main
 	 * @param \phpbb\user $user
 	 * @param \phpbb\controller\helper $helper
 	 * @param \phpbbde\pastebin\functions\pastebin $pastebin
+	 * @param \phpbbde\pastebin\functions\utility $util
 	 * @param string $root_path
 	 * @param string $php_ext
 	 */
-	public function __construct(\phpbb\auth\auth $auth, \phpbb\cache\service $cache, \phpbb\config\config $config, \phpbb\request\request $request, \phpbb\db\driver\driver_interface $db, \phpbb\template\template $template, \phpbb\user $user, \phpbb\controller\helper $helper, \phpbb\captcha\factory $captcha_factory, \phpbbde\pastebin\functions\pastebin $pastebin, $root_path, $php_ext, $geshi_path, $geshi_lang, $pastebin_table)
+	public function __construct(\phpbb\auth\auth $auth, \phpbb\cache\service $cache, \phpbb\config\config $config, \phpbb\request\request $request, \phpbb\db\driver\driver_interface $db, \phpbb\template\template $template, \phpbb\user $user, \phpbb\controller\helper $helper, \phpbb\captcha\factory $captcha_factory, \phpbbde\pastebin\functions\utility $util, \phpbbde\pastebin\functions\pastebin $pastebin, $root_path, $php_ext, $geshi_path, $geshi_lang, $pastebin_table)
 	{
 		$this->auth = $auth;
 		$this->cache = $cache;
@@ -93,6 +97,7 @@ public function __construct(\phpbb\auth\auth $auth, \phpbb\cache\service $cache,
 		$this->root_path = $root_path;
 		$this->php_ext = $php_ext;
 		$this->pastebin = $pastebin;
+		$this->util = $util;
 		$this->captcha_factory = $captcha_factory;
 
 		$this->geshi_path = $geshi_path;
@@ -129,7 +134,7 @@ public function handle($name = '')
 	 */
 	private function table($name)
 	{
-		if($name == 'pastebin')
+		if ($name == 'pastebin')
 		{
 			return $this->pastebin_table;
 		}
@@ -140,7 +145,7 @@ private function table($name)
 	 */
 	private function display_pb()
 	{
-		$pastebin 	= $this->pastebin;
+		$util	 	= $this->util;
 		$template 	= $this->template;
 		$db 		= $this->db;
 		$auth 		= $this->auth;
@@ -150,8 +155,43 @@ private function display_pb()
 		$mode			= $this->request->variable('mode', '');
 		$confirm_id		= $this->request->variable('confirm_id', '');
 		$confirm_code	= $this->request->variable('confirm_code', '');
+		$snippet_id		= $this->request->variable('s', 0);
 		$submit			= isset($_POST['submit']) ? true : false;
 
+		if (in_array($mode, array('view', 'download', 'moderate')))
+		{
+			// for all of these we have to check if the entry exists
+
+			$sql = $db->sql_build_query('SELECT', array(
+				'SELECT'	=> 'pb.*, u.user_id, u.username, u.user_colour',
+				'FROM'		=> array(
+					$this->table('pastebin')	=> 'pb',
+					USERS_TABLE		=> 'u',
+				),
+				'WHERE'		=> "pb.snippet_author = u.user_id AND pb.snippet_id = $snippet_id",
+			));
+			$result = $db->sql_query($sql);
+			$data   = $db->sql_fetchrow($result);
+			$db->sql_freeresult($result);
+
+			if (!$data)
+			{
+				$message = $user->lang['NO_VALID_SNIPPET'];
+				$message .= '<br /><br />';
+				$message .= sprintf($user->lang['RETURN_PASTEBIN'], '<a href="' . $this->helper->route('phpbbde_pastebin_main_controller') . '">', '</a>');
+
+				trigger_error($message);
+			}
+
+			$this->pastebin->load_from_array($data);
+			$snippet = $this->pastebin;
+
+			$this->template->assign_vars(array(
+				'S_AUTH_EDIT'	=> ($auth->acl_get('m_pastebin_edit') || ($auth->acl_get('u_pastebin_edit') && $snippet['snippet_author'] == $this->user->data['user_id'])) ? true : false,
+				'S_AUTH_DELETE'	=> ($auth->acl_get('m_pastebin_delete') || ($auth->acl_get('u_pastebin_delete') && $snippet['snippet_author'] == $this->user->data['user_id'])) ? true : false,
+			));
+		}
+
 		// Some default values
 		$error = $s_hidden_fields = array();
 
@@ -188,8 +228,6 @@ private function display_pb()
 
 			'S_AUTH_VIEW'	=> ($auth->acl_get('u_pastebin_view')) ? true : false,
 			'S_AUTH_POST'	=> ($auth->acl_get('u_pastebin_post')) ? true : false,
-			'S_AUTH_EDIT'	=> ($auth->acl_get('m_pastebin_edit')) ? true : false,
-			'S_AUTH_DELETE'	=> ($auth->acl_get('m_pastebin_delete')) ? true : false,
 		));
 
 		// Now let's decide what to do
@@ -216,7 +254,7 @@ private function display_pb()
 						'snippet_prune_on'	=> max(1, min(6, $this->request->variable('pruning_months', 0))),
 				);
 
-				if($this->auth->acl_get('u_pastebin_post_notlim') && $this->request->variable('pruning_months',0) == -1)
+				if ($this->auth->acl_get('u_pastebin_post_notlim') && $this->request->variable('pruning_months',0) == -1)
 				{
 					//Infinite Time...
 					$data['snippet_prunable'] = 0;
@@ -229,7 +267,7 @@ private function display_pb()
 					$error[] = $user->lang['ERR_NO_TITLE'];
 				}
 
-				if (!$pastebin->geshi_check($data['snippet_highlight']))
+				if (!$util->geshi_check($data['snippet_highlight']))
 				{
 					$data['snippet_highlight'] = 'text';
 				}
@@ -259,7 +297,7 @@ private function display_pb()
 					$error[] = $user->lang['ERR_NO_BODY'];
 				}
 
-				if(!check_form_key('pastebinform'))
+				if (!check_form_key('pastebinform'))
 				{
 					$error[] = $user->lang['FORM_INVALID'];
 				}
@@ -324,32 +362,6 @@ private function display_pb()
 			case 'view':
 			case 'download':
 			case 'moderate':
-
-				// for all of these we have to check if the entry exists
-
-				$snippet_id	= $this->request->variable('s', 0);
-
-				$sql = $db->sql_build_query('SELECT', array(
-						'SELECT'	=> 'pb.*, u.user_id, u.username, u.user_colour',
-						'FROM'		=> array(
-								$this->table('pastebin')	=> 'pb',
-								USERS_TABLE		=> 'u',
-						),
-						'WHERE'		=> "pb.snippet_author = u.user_id AND pb.snippet_id = $snippet_id",
-				));
-				$result = $db->sql_query($sql);
-				$data   = $db->sql_fetchrow($result);
-				$db->sql_freeresult($result);
-
-				if (!$data)
-				{
-					$message = $user->lang['NO_VALID_SNIPPET'];
-					$message .= '<br /><br />';
-					$message .= sprintf($user->lang['RETURN_PASTEBIN'], '<a href="' . $this->helper->route('phpbbde_pastebin_main_controller') . '">', '</a>');
-
-					trigger_error($message);
-				}
-
 				if ($mode == 'view')
 				{
 					if (!$auth->acl_get('u_pastebin_view'))
@@ -363,7 +375,7 @@ private function display_pb()
 
 					$highlight = (isset($_REQUEST['highlight'])) ? $this->request->variable('highlight', '') : $data['snippet_highlight'];
 
-					if (!$pastebin->geshi_check($highlight))
+					if (!$util->geshi_check($highlight))
 					{
 						$highlight = 'php';
 					}
@@ -374,7 +386,7 @@ private function display_pb()
 
 					$code = htmlspecialchars_decode($snippet_text);
 
-					$geshi = new \GeSHi($code, $highlight, $pastebin->geshi_dir);
+					$geshi = new \GeSHi($code, $highlight, $util->geshi_dir);
 					$geshi->set_header_type(GESHI_HEADER_NONE);
 					$geshi->enable_line_numbers(GESHI_NORMAL_LINE_NUMBERS, 100);
 
@@ -400,7 +412,7 @@ private function display_pb()
 						'SNIPPET_AUTHOR_FULL'	=> get_username_string('full', $data['user_id'], $data['username'], $data['user_colour']),
 						'SNIPPET_DATE'			=> $user->format_date($data['snippet_time']),
 
-						'HIGHLIGHT_SELECT_MOD'	=> $pastebin->highlight_select($data['snippet_highlight']),
+						'HIGHLIGHT_SELECT_MOD'	=> $util->highlight_select($data['snippet_highlight']),
 						'DOWNLOAD_SNIPPET_EXPLAIN'	=> sprintf($user->lang['DOWNLOAD_SNIPPET_EXPLAIN'], '<a href="' . $snippet_download_url . '">', '</a>'),
 
 						'U_SNIPPET'				=> $this->helper->route('phpbbde_pastebin_main_controller', array("mode" => "view", "s" => $data['snippet_id'])),
@@ -422,7 +434,7 @@ private function display_pb()
 					// Thanks download.php
 					$snippet_text = htmlspecialchars_decode(utf8_decode($data['snippet_text']));
 
-					$filename = htmlspecialchars_decode($data['snippet_title']) . '.txt';
+					$filename = htmlspecialchars_decode($data['snippet_title']) . '.' . $this->pastebin->file_ext();
 
 					$user_agent = $this->request->server('HTTP_USER_AGENT', '');
 					if (strpos($user_agent, 'MSIE') !== false || strpos($user_agent, 'Safari') !== false || strpos($user_agent, 'Konqueror') !== false)
@@ -453,11 +465,15 @@ private function display_pb()
 				else if ($mode == 'moderate')
 				{
 					$delete			= (isset($_POST['delete_snippet'])) ? true : false;
-					$prunable		= (isset($_POST['snippet_prunable'])) ? true : false;
 					$highlight		= $this->request->variable('snippet_highlight', '');
-					$pruning_months	= max(1, min(6, $this->request->variable('pruning_months', 0)));
+					$pruning_months	= $this->request->variable('pruning_months', 0);
+					$prunable		= $pruning_months != -1;
+
+					$auth_edit = ($auth->acl_get('m_pastebin_edit') || ($auth->acl_get('u_pastebin_edit') && $this->user->data['user_id'] == $snippet['snippet_author']));
+					$auth_delete =  ($auth->acl_get('m_pastebin_delete') || ($auth->acl_get('u_pastebin_delete') && $this->user->data['user_id'] == $snippet['snippet_author']));
 
-					if (!$auth->acl_get('m_pastebin_edit') || ($delete && !$auth->acl_get('m_pastebin_delete')))
+					// Generic permissions check
+					if (!$auth_edit && !$auth_delete)
 					{
 						trigger_error('PASTEBIN_AUTH_NO_VIEW');
 					}
@@ -468,7 +484,7 @@ private function display_pb()
 						redirect($this->helper->route('phpbbde_pastebin_main_controller', array("mode"=>"view","s"=>$snippet_id)));
 					}
 
-					if ($delete)
+					if ($delete && $auth_delete)
 					{
 						// Confirm box
 						if (!confirm_box(true))
@@ -478,21 +494,25 @@ private function display_pb()
 						}
 						else
 						{
-							$sql = 'DELETE FROM ' . $this->table('pastebin') . '
-								WHERE snippet_id = ' . $snippet_id;
+							$snippet->delete();
 							$redirect_append = array();
 						}
 					}
-					else
+					else if ($auth_edit)
 					{
-						$sql = 'UPDATE ' . $this->table('pastebin') . ' SET ' . $db->sql_build_array('UPDATE', array(
-								'snippet_prunable'	=> (int) $prunable,
-								'snippet_highlight'	=> $highlight,
-								'snippet_prune_on'	=> $row['snippet_time'] + ($pruning_months * $this::SECONDS_MONTH),
-						)) . ' WHERE snippet_id = ' . $snippet_id;
+						$snippet->load_from_array(array(
+							'snippet_prunable'	=> (int) $prunable,
+							'snippet_highlight'	=> $highlight,
+							'snippet_prune_on'	=> $data['snippet_time'] + ($pruning_months * $this::SECONDS_MONTH),
+						));
+						$snippet->submit();
+
 						$redirect_append = array("mode"=>"view","s"=>$snippet_id);
 					}
-					$db->sql_query($sql);
+					else
+					{
+						trigger_error('PASTEBIN_NOT_AUTH_EDIT');
+					}
 
 					$redirect_url = $this->helper->route('phpbbde_pastebin_main_controller', $redirect_append);
 
@@ -521,7 +541,7 @@ private function display_pb()
 		$confirm_image = '';
 		if (!$auth->acl_get('u_pastebin_post_novc'))
 		{
-			if(!isset($captcha))
+			if (!isset($captcha))
 			{
 				$captcha = $this->captcha_factory->get_instance($this->config['captcha_plugin']);
 				$captcha->init($this::CONFIRM_PASTEBIN);
@@ -533,11 +553,11 @@ private function display_pb()
 		$prune_month = $this->request->variable('pruning_months', 0);
 		for ($i = 1; $i < 7; $i++)
 		{
-			if(isset($data['snippet_prune_on']) && isset($data['snippet_time']))
+			if (isset($data['snippet_prune_on']) && isset($data['snippet_time']))
 			{
 				$selected = ($data['snippet_prune_on'] - $data['snippet_time'] == $i * $this::SECONDS_MONTH) ? ' selected="selected"' : '';
 			}
-			else if($prune_month)
+			else if ($prune_month)
 			{
 				$selected = ($i == $prune_month) ? ' selected="selected"' : '';
 			}
@@ -549,9 +569,9 @@ private function display_pb()
 		}
 
 		//Allow infinite storage if it is already set and we are editing, or if the user is allowed to
-		if((isset($data['snippet_prunable']) && !$data['snippet_prunable']) || $this->auth->acl_get('u_pastebin_post_notlim'))
+		if ((isset($data['snippet_prunable']) && !$data['snippet_prunable']) || $this->auth->acl_get('u_pastebin_post_notlim'))
 		{
-			if(isset($data['snippet_prunable']))
+			if (isset($data['snippet_prunable']))
 			{
 				$selected = ($data['snippet_prunable'] == 0 || $prune_month == -1) ? ' selected="selected"' : '';
 			}
@@ -562,11 +582,11 @@ private function display_pb()
 			$pruning_months_select .= '<option' . $selected . ' value="-1">' . $this->user->lang['INFINITE'] . '</option>';
 		}
 
-		if(!isset($highlight))
+		if (!isset($highlight))
 		{
 			$highlight = isset($data['snippet_highlight']) ? $data['snippet_highlight'] : 'php';
 		}
-		$highlight_select = $pastebin->highlight_select($highlight);
+		$highlight_select = $util->highlight_select($highlight);
 
 		add_form_key('pastebinform');
 

event/acp_events.php

@@ -50,6 +50,8 @@ public function add_permissions($event)
 			'u_pastebin_post'			=> array('lang' => 'ACL_U_PASTEBIN_POST', 'cat' => 'pastebin'),
 			'u_pastebin_post_novc'		=> array('lang' => 'ACL_U_PASTEBIN_POST_NOVC', 'cat' => 'pastebin'),
 			'u_pastebin_post_notlim'	=> array('lang' => 'ACL_U_PASTEBIN_POST_NOTLIM', 'cat' => 'pastebin'),
+			'u_pastebin_edit'			=> array('lang' => 'ACL_U_PASTEBIN_EDIT', 'cat' => 'pastebin'),
+			'u_pastebin_delete'			=> array('lang' => 'ACL_U_PASTEBIN_DELETE', 'cat' => 'pastebin'),
 
 			// Moderator perms
 			'm_pastebin_edit'			=> array('lang' => 'ACL_M_PASTEBIN_EDIT', 'cat' => 'pastebin'),

event/base_events.php

@@ -61,7 +61,7 @@ public function viewonline_page($event)
 	{
 		if ($event['on_page'][1] == 'app')
 		{
-			if(strrpos($event['row']['session_page'], 'app.' . $this->php_ext . '/pastebin') === 0)
+			if (strrpos($event['row']['session_page'], 'app.' . $this->php_ext . '/pastebin') === 0)
 			{
 				$event['location'] = $this->user->lang('PASTEBIN_VIEWONLINE');
 				$event['location_url'] = $this->helper->route('phpbbde_pastebin_main_controller');