Browse Source

Merge branch 'master-1.3.4' into chapril-1.3.4

chapril-1.3.4
Didier Clermonté 2 years ago
committed by root
parent
commit
27b942199a
  1. 11
      CHANGELOG.md
  2. 2
      INSTALL.md
  3. 2
      README.md
  4. 4
      SECURITY.md
  5. 2
      css/bootstrap/privatebin.css
  6. 2
      css/noscript.css
  7. 2
      css/privatebin.css
  8. 4
      i18n/de.json
  9. 2
      index.php
  10. 223
      js/privatebin.js
  11. 2
      lib/Configuration.php
  12. 10
      lib/Controller.php
  13. 2
      lib/Data/AbstractData.php
  14. 2
      lib/Data/Database.php
  15. 2
      lib/Data/Filesystem.php
  16. 21
      lib/Filter.php
  17. 2
      lib/FormatV2.php
  18. 2
      lib/I18n.php
  19. 2
      lib/Json.php
  20. 2
      lib/Model.php
  21. 2
      lib/Model/AbstractModel.php
  22. 2
      lib/Model/Comment.php
  23. 2
      lib/Model/Paste.php
  24. 2
      lib/Persistence/AbstractPersistence.php
  25. 2
      lib/Persistence/DataStore.php
  26. 2
      lib/Persistence/PurgeLimiter.php
  27. 2
      lib/Persistence/ServerSalt.php
  28. 2
      lib/Persistence/TrafficLimiter.php
  29. 2
      lib/Request.php
  30. 2
      lib/View.php
  31. 2
      lib/Vizhash16x16.php
  32. 2
      tpl/bootstrap.php
  33. 2
      tpl/page.php
  34. 15
      vendor/yzalis/identicon/src/Identicon/Generator/SvgGenerator.php
  35. 36
      vendor/yzalis/identicon/src/Identicon/Identicon.php

11
CHANGELOG.md

@ -1,10 +1,21 @@
# PrivateBin version history
* **1.4 (not yet released)**
* **1.3.4 (2020-03-22)**
* CHANGED: Minimum required PHP version is 5.6, due to a change in the identicon library and to use php's native hash_equals()
* CHANGED: Upgrading libraries to: identicon 2.0.0
* FIXED: Support custom expiration options in email function (#586)
* FIXED: Regression with encoding of HTML entities (#588)
* FIXED: Unable to paste password on paste with attachment (#565 & #595)
* **1.3.3 (2020-02-16)**
* CHANGED: Upgrading libraries to: DOMpurify 2.0.8
* CHANGED: Several translations got updated with missing messages
* CHANGED: Introduce HTML entity encoding on server side (#581)
* FIXED: HTML entity double encoding issues introduced in 1.3.2 (#560)
* **1.2.3 (2020-02-16)**
* CHANGED: Upgrading libraries to: DOMpurify 2.0.8
* CHANGED: Introduce HTML entity encoding on server side (#581)
* FIXED: HTML entity double encoding issues introduced in 1.3.2 (#560)
* **1.3.2 (2020-01-11)**
* ADDED: Translation for Ukrainian (#533)
* ADDED: Option to send a mail with the link, when creating a paste (#398)

2
INSTALL.md

@ -187,7 +187,7 @@ CREATE INDEX parent ON prefix_comment(pasteid);
CREATE TABLE prefix_config (
id CHAR(16) NOT NULL, value TEXT, PRIMARY KEY (id)
);
INSERT INTO prefix_config VALUES('VERSION', '1.3.3');
INSERT INTO prefix_config VALUES('VERSION', '1.3.4');
```
In **PostgreSQL**, the data, attachment, nickname and vizhash columns needs to be TEXT and not BLOB or MEDIUMBLOB.

2
README.md

@ -1,6 +1,6 @@
# [![PrivateBin](https://cdn.rawgit.com/PrivateBin/assets/master/images/preview/logoSmall.png)](https://privatebin.info/)
*Current version: 1.3.3*
*Current version: 1.3.4*
**PrivateBin** is a minimalist, open source online [pastebin](https://en.wikipedia.org/wiki/Pastebin)
where the server has zero knowledge of pasted data.

4
SECURITY.md

@ -4,8 +4,8 @@
| Version | Supported |
| ------- | ------------------ |
| 1.3.3 | :heavy_check_mark: |
| < 1.3.3 | :x: |
| 1.3.4 | :heavy_check_mark: |
| < 1.3.4 | :x: |
## Reporting a Vulnerability

2
css/bootstrap/privatebin.css

@ -6,7 +6,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.3.3
* @version 1.3.4
*/
body {

2
css/noscript.css

@ -6,7 +6,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.3.3
* @version 1.3.4
*/
/* When there is no script at all other */

2
css/privatebin.css

@ -6,7 +6,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.3.3
* @version 1.3.4
*/
/* CSS Reset from YUI 3.4.1 (build 4118) - Copyright 2011 Yahoo! Inc. All rights reserved.

4
i18n/de.json

@ -172,9 +172,9 @@
"Notice:":
"Hinweis:",
"This link will expire after %s.":
"Dieser Link wird in %s ablaufen.",
"Dieser Link wird um %s ablaufen.",
"This link can only be accessed once, do not use back or refresh button in your browser.":
"Dieser Link kann nur einmal geöffnet werden, verwende nicht den \"Zurück\" oder \"Neu laden\" Knopf Deines Browsers.",
"Dieser Link kann nur einmal geöffnet werden, verwende nicht den Zurück- oder Neu-laden-Knopf Deines Browsers.",
"Link:":
"Link:",
"Recipient may become aware of your timezone, convert time to UTC?":

2
index.php

@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.3.3
* @version 1.3.4
*/
// change this, if your php files and data is outside of your webservers document root

223
js/privatebin.js

@ -6,7 +6,7 @@
* @see {@link https://github.com/PrivateBin/PrivateBin}
* @copyright 2012 Sébastien SAUVAGE ({@link http://sebsauvage.net})
* @license {@link https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License}
* @version 1.3.3
* @version 1.3.4
* @name PrivateBin
* @namespace
*/
@ -209,6 +209,64 @@ jQuery.PrivateBin = (function($, RawDeflate) {
'=': '&#x3D;'
};
/**
* number of seconds in a minute
*
* @name Helper.minute
* @private
* @enum {number}
* @readonly
*/
const minute = 60;
/**
* number of seconds in an hour
*
* = 60 * 60 seconds
*
* @name Helper.minute
* @private
* @enum {number}
* @readonly
*/
const hour = 3600;
/**
* number of seconds in a day
*
* = 60 * 60 * 24 seconds
*
* @name Helper.day
* @private
* @enum {number}
* @readonly
*/
const day = 86400;
/**
* number of seconds in a month (30 days, an approximation)
*
* = 60 * 60 * 24 * 30 seconds
*
* @name Helper.month
* @private
* @enum {number}
* @readonly
*/
const month = 2592000;
/**
* number of seconds in a non-leap year
*
* = 60 * 60 * 24 * 365 seconds
*
* @name Helper.year
* @private
* @enum {number}
* @readonly
*/
const year = 31536000;
/**
* cache for script location
*
@ -229,31 +287,67 @@ jQuery.PrivateBin = (function($, RawDeflate) {
me.secondsToHuman = function(seconds)
{
let v;
if (seconds < 60)
if (seconds < minute)
{
v = Math.floor(seconds);
return [v, 'second'];
}
if (seconds < 60 * 60)
if (seconds < hour)
{
v = Math.floor(seconds / 60);
v = Math.floor(seconds / minute);
return [v, 'minute'];
}
if (seconds < 60 * 60 * 24)
if (seconds < day)
{
v = Math.floor(seconds / (60 * 60));
v = Math.floor(seconds / hour);
return [v, 'hour'];
}
// If less than 2 months, display in days:
if (seconds < 60 * 60 * 24 * 60)
if (seconds < (2 * month))
{
v = Math.floor(seconds / (60 * 60 * 24));
v = Math.floor(seconds / day);
return [v, 'day'];
}
v = Math.floor(seconds / (60 * 60 * 24 * 30));
v = Math.floor(seconds / month);
return [v, 'month'];
};
/**
* converts a duration string into seconds
*
* The string is expected to be optional digits, followed by a time.
* Supported times are: min, hour, day, month, year, never
* Examples: 5min, 13hour, never
*
* @name Helper.durationToSeconds
* @function
* @param {String} duration
* @return {number}
*/
me.durationToSeconds = function(duration)
{
let pieces = duration.split(/\d+/),
factor = pieces[0] || 0,
timespan = pieces[1] || pieces[0];
switch (timespan)
{
case 'min':
return factor * minute;
case 'hour':
return factor * hour;
case 'day':
return factor * day;
case 'month':
return factor * month;
case 'year':
return factor * year;
case 'never':
return 0;
default:
return factor;
}
};
/**
* text range selection
*
@ -281,7 +375,7 @@ jQuery.PrivateBin = (function($, RawDeflate) {
};
/**
* convert URLs to clickable links.
* convert URLs to clickable links in the provided element.
*
* URLs to handle:
* <pre>
@ -292,14 +386,15 @@ jQuery.PrivateBin = (function($, RawDeflate) {
*
* @name Helper.urls2links
* @function
* @param {string} html
* @return {string}
* @param {HTMLElement} element
*/
me.urls2links = function(html)
me.urls2links = function(element)
{
return html.replace(
/(((https?|ftp):\/\/[\w?!=&.\/-;#@~%+*-]+(?![\w\s?!&.\/;#~%"=-]*>))|((magnet):[\w?=&.\/-;#@~%+*-]+))/ig,
'<a href="$1" rel="nofollow">$1</a>'
element.html(
element.html().replace(
/(((https?|ftp):\/\/[\w?!=&.\/-;#@~%+*-]+(?![\w\s?!&.\/;#~%"=-]>))|((magnet):[\w?=&.\/-;#@~%+*-]+))/ig,
'<a href="$1" rel="nofollow">$1</a>'
)
);
};
@ -432,22 +527,10 @@ jQuery.PrivateBin = (function($, RawDeflate) {
* @return {Date}
*/
me.calculateExpirationDate = function(initialDate, expirationDisplayStringOrSecondsToExpire) {
let expirationDate = new Date(initialDate);
const expirationDisplayStringToSecondsDict = {
'5min': 300,
'10min': 600,
'1hour': 3500,
'1day': 86400,
'1week': 604800,
'1month': 2592000,
'1year': 31536000,
'never': 0
};
let secondsToExpiration = expirationDisplayStringOrSecondsToExpire;
let expirationDate = new Date(initialDate),
secondsToExpiration = expirationDisplayStringOrSecondsToExpire;
if (typeof expirationDisplayStringOrSecondsToExpire === 'string') {
secondsToExpiration = expirationDisplayStringToSecondsDict[expirationDisplayStringOrSecondsToExpire];
secondsToExpiration = me.durationToSeconds(expirationDisplayStringOrSecondsToExpire);
}
if (typeof secondsToExpiration !== 'number') {
@ -2422,36 +2505,24 @@ jQuery.PrivateBin = (function($, RawDeflate) {
return;
}
// escape HTML entities, link URLs, sanitize
const escapedLinkedText = Helper.urls2links(text),
sanitizedLinkedText = DOMPurify.sanitize(
escapedLinkedText, {
ALLOWED_TAGS: ['a'],
ALLOWED_ATTR: ['href', 'rel']
}
);
$plainText.html(sanitizedLinkedText);
$prettyPrint.html(sanitizedLinkedText);
switch (format) {
case 'markdown':
const converter = new showdown.Converter({
strikethrough: true,
tables: true,
tablesHeaderId: true,
simplifiedAutoLink: true,
excludeTrailingPunctuationFromURLs: true
});
// let showdown convert the HTML and sanitize HTML *afterwards*!
$plainText.html(
DOMPurify.sanitize(
converter.makeHtml(text)
)
);
// add table classes from bootstrap css
$plainText.find('table').addClass('table-condensed table-bordered');
break;
case 'syntaxhighlighting':
if (format === 'markdown') {
const converter = new showdown.Converter({
strikethrough: true,
tables: true,
tablesHeaderId: true,
simplifiedAutoLink: true,
excludeTrailingPunctuationFromURLs: true
});
// let showdown convert the HTML and sanitize HTML *afterwards*!
$plainText.html(
DOMPurify.sanitize(
converter.makeHtml(text)
)
);
// add table classes from bootstrap css
$plainText.find('table').addClass('table-condensed table-bordered');
} else {
if (format === 'syntaxhighlighting') {
// yes, this is really needed to initialize the environment
if (typeof prettyPrint === 'function')
{
@ -2459,15 +2530,18 @@ jQuery.PrivateBin = (function($, RawDeflate) {
}
$prettyPrint.html(
DOMPurify.sanitize(
prettyPrintOne(escapedLinkedText, null, true)
prettyPrintOne(
Helper.htmlEntities(text), null, true
)
);
// fall through, as the rest is the same
default: // = 'plaintext'
$prettyPrint.css('white-space', 'pre-wrap');
$prettyPrint.css('word-break', 'normal');
$prettyPrint.removeClass('prettyprint');
} else {
// = 'plaintext'
$prettyPrint.text(text);
}
Helper.urls2links($prettyPrint);
$prettyPrint.css('white-space', 'pre-wrap');
$prettyPrint.css('word-break', 'normal');
$prettyPrint.removeClass('prettyprint');
}
}
@ -3241,14 +3315,8 @@ jQuery.PrivateBin = (function($, RawDeflate) {
const $commentEntryData = $commentEntry.find('div.commentdata');
// set & parse text
$commentEntryData.html(
DOMPurify.sanitize(
Helper.urls2links(commentText), {
ALLOWED_TAGS: ['a'],
ALLOWED_ATTR: ['href', 'rel']
}
)
);
$commentEntryData.text(commentText);
Helper.urls2links($commentEntryData);
// set nickname
if (nickname.length > 0) {
@ -3379,6 +3447,7 @@ jQuery.PrivateBin = (function($, RawDeflate) {
if (fadeOut === true) {
setTimeout(function () {
$comment.removeClass('highlight');
}, 300);
}
};
@ -4181,7 +4250,7 @@ jQuery.PrivateBin = (function($, RawDeflate) {
*/
me.isAttachmentReadonly = function()
{
return $attach.hasClass('hidden');
return createButtonsDisplayed && $attach.hasClass('hidden');
}
/**

2
lib/Configuration.php

@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.3.3
* @version 1.3.4
*/
namespace PrivateBin;

10
lib/Controller.php

@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.3.3
* @version 1.3.4
*/
namespace PrivateBin;
@ -28,14 +28,14 @@ class Controller
*
* @const string
*/
const VERSION = '1.3.3';
const VERSION = '1.3.4';
/**
* minimal required PHP version
*
* @const string
*/
const MIN_PHP_VERSION = '5.5.0';
const MIN_PHP_VERSION = '5.6.0';
/**
* show the same error message if the paste expired or does not exist
@ -276,9 +276,7 @@ class Controller
// accessing this method ensures that the paste would be
// deleted if it has already expired
$paste->get();
if (
Filter::slowEquals($deletetoken, $paste->getDeleteToken())
) {
if (hash_equals($paste->getDeleteToken(), $deletetoken)) {
// Paste exists and deletion token is valid: Delete the paste.
$paste->delete();
$this->_status = 'Paste was properly deleted.';

2
lib/Data/AbstractData.php

@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.3.3
* @version 1.3.4
*/
namespace PrivateBin\Data;

2
lib/Data/Database.php

@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.3.3
* @version 1.3.4
*/
namespace PrivateBin\Data;

2
lib/Data/Filesystem.php

@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.3.3
* @version 1.3.4
*/
namespace PrivateBin\Data;

21
lib/Filter.php

@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.3.3
* @version 1.3.4
*/
namespace PrivateBin;
@ -68,23 +68,4 @@ class Filter
}
return number_format($size, ($i ? 2 : 0), '.', ' ') . ' ' . I18n::_($iec[$i]);
}
/**
* fixed time string comparison operation to prevent timing attacks
* https://crackstation.net/hashing-security.htm?=rd#slowequals
*
* @access public
* @static
* @param string $a
* @param string $b
* @return bool
*/
public static function slowEquals($a, $b)
{
$diff = strlen($a) ^ strlen($b);
for ($i = 0; $i < strlen($a) && $i < strlen($b); ++$i) {
$diff |= ord($a[$i]) ^ ord($b[$i]);
}
return $diff === 0;
}
}

2
lib/FormatV2.php

@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.3.3
* @version 1.3.4
*/
namespace PrivateBin;

2
lib/I18n.php

@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.3.3
* @version 1.3.4
*/
namespace PrivateBin;

2
lib/Json.php

@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.3.3
* @version 1.3.4
*/
namespace PrivateBin;

2
lib/Model.php

@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.3.3
* @version 1.3.4
*/
namespace PrivateBin;

2
lib/Model/AbstractModel.php

@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.3.3
* @version 1.3.4
*/
namespace PrivateBin\Model;

2
lib/Model/Comment.php

@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.3.3
* @version 1.3.4
*/
namespace PrivateBin\Model;

2
lib/Model/Paste.php

@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.3.3
* @version 1.3.4
*/
namespace PrivateBin\Model;

2
lib/Persistence/AbstractPersistence.php

@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.3.3
* @version 1.3.4
*/
namespace PrivateBin\Persistence;

2
lib/Persistence/DataStore.php

@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.1
* @version 1.3.4
*/
namespace PrivateBin\Persistence;

2
lib/Persistence/PurgeLimiter.php

@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.3.3
* @version 1.3.4
*/
namespace PrivateBin\Persistence;

2
lib/Persistence/ServerSalt.php

@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.3.3
* @version 1.3.4
*/
namespace PrivateBin\Persistence;

2
lib/Persistence/TrafficLimiter.php

@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.3.3
* @version 1.3.4
*/
namespace PrivateBin\Persistence;

2
lib/Request.php

@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.3.3
* @version 1.3.4
*/
namespace PrivateBin;

2
lib/View.php

@ -7,7 +7,7 @@
* @link https://github.com/PrivateBin/PrivateBin
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license http://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 1.3.3
* @version 1.3.4
*/
namespace PrivateBin;

2
lib/Vizhash16x16.php

@ -8,7 +8,7 @@
* @link http://sebsauvage.net/wiki/doku.php?id=php:vizhash_gd
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
* @version 0.0.5 beta PrivateBin 1.3.3
* @version 0.0.5 beta PrivateBin 1.3.4
*/
namespace PrivateBin;

2
tpl/bootstrap.php

@ -72,7 +72,7 @@ endif;
?>
<script type="text/javascript" data-cfasync="false" src="js/purify-2.0.8.js" integrity="sha512-QwcEKGuEmKtMguCO9pqNtUtZqq9b/tJ8gNr5qhY8hykq3zKTlDOvpZAmf6Rs8yH35Bz1ZdctUjj2qEWxT5aXCg==" crossorigin="anonymous"></script>
<script type="text/javascript" data-cfasync="false" src="js/legacy.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-LYos+qXHIRqFf5ZPNphvtTB0cgzHUizu2wwcOwcwz/VIpRv9lpcBgPYz4uq6jx0INwCAj6Fbnl5HoKiLufS2jg==" crossorigin="anonymous"></script>
<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-enOoc3FEmX00nbC+28Qrhjc2shbso/DWmeHVbLDy+a0jvXXweYXCr/B1PRqnXJzTBdPqVBYLVM1u6peVlTwNxg==" crossorigin="anonymous"></script>
<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-+4ay2Dw/9w/DOTutdpoiHvF6RxqV0V8ABSXHlebjGbQ7Td+3If7mOZ5OIu/lWCifcgP6vyhJuiB8+jl8FGtuwg==" crossorigin="anonymous"></script>
<link rel="apple-touch-icon" href="img/apple-touch-icon.png?<?php echo rawurlencode($VERSION); ?>" sizes="180x180" />
<link rel="icon" type="image/png" href="img/favicon-32x32.png?<?php echo rawurlencode($VERSION); ?>" sizes="32x32" />
<link rel="icon" type="image/png" href="img/favicon-16x16.png?<?php echo rawurlencode($VERSION); ?>" sizes="16x16" />

2
tpl/page.php

@ -50,7 +50,7 @@ endif;
?>
<script type="text/javascript" data-cfasync="false" src="js/purify-2.0.8.js" integrity="sha512-QwcEKGuEmKtMguCO9pqNtUtZqq9b/tJ8gNr5qhY8hykq3zKTlDOvpZAmf6Rs8yH35Bz1ZdctUjj2qEWxT5aXCg==" crossorigin="anonymous"></script>
<script type="text/javascript" data-cfasync="false" src="js/legacy.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-LYos+qXHIRqFf5ZPNphvtTB0cgzHUizu2wwcOwcwz/VIpRv9lpcBgPYz4uq6jx0INwCAj6Fbnl5HoKiLufS2jg==" crossorigin="anonymous"></script>
<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-enOoc3FEmX00nbC+28Qrhjc2shbso/DWmeHVbLDy+a0jvXXweYXCr/B1PRqnXJzTBdPqVBYLVM1u6peVlTwNxg==" crossorigin="anonymous"></script>
<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-+4ay2Dw/9w/DOTutdpoiHvF6RxqV0V8ABSXHlebjGbQ7Td+3If7mOZ5OIu/lWCifcgP6vyhJuiB8+jl8FGtuwg==" crossorigin="anonymous"></script>
<link rel="apple-touch-icon" href="img/apple-touch-icon.png?<?php echo rawurlencode($VERSION); ?>" sizes="180x180" />
<link rel="icon" type="image/png" href="img/favicon-32x32.png?<?php echo rawurlencode($VERSION); ?>" sizes="32x32" />
<link rel="icon" type="image/png" href="img/favicon-16x16.png?<?php echo rawurlencode($VERSION); ?>" sizes="16x16" />

15
vendor/yzalis/identicon/src/Identicon/Generator/SvgGenerator.php

@ -46,25 +46,28 @@ class SvgGenerator extends BaseGenerator implements GeneratorInterface
// prepare image
$w = $this->getPixelRatio() * 5;
$h = $this->getPixelRatio() * 5;
$svg = '<svg xmlns="http://www.w3.org/2000/svg" version="1.1" width="'.$w.'" height="'.$h.'">';
$svg = '<svg xmlns="http://www.w3.org/2000/svg" version="1.1" width="'.$w.'" height="'.$h.'" viewBox="0 0 5 5">';
$backgroundColor = '#FFFFFF';
$backgroundColor = '#FFF';
$rgbBackgroundColor = $this->getBackgroundColor();
if (!is_null($rgbBackgroundColor)) {
$backgroundColor = $this->_toUnderstandableColor($rgbBackgroundColor);
}
$svg .= '<rect width="'.$w.'" height="'.$h.'" style="fill:'.$backgroundColor.';stroke-width:1;stroke:'.$backgroundColor.'"/>';
$rgbColor = $this->_toUnderstandableColor($this->getColor());
$svg .= '<rect width="5" height="5" fill="'.$backgroundColor.'" stroke-width="0"/>';
$rects = [];
// draw content
foreach ($this->getArrayOfSquare() as $lineKey => $lineValue) {
foreach ($lineValue as $colKey => $colValue) {
if (true === $colValue) {
$svg .= '<rect x="'.$colKey * $this->getPixelRatio().'" y="'.$lineKey * $this->getPixelRatio().'" width="'.($this->getPixelRatio()).'" height="'.$this->getPixelRatio().'" style="fill:'.$rgbColor.';stroke-width:0;"/>';
$rects[] = 'M'.$colKey.','.$lineKey.'h1v1h-1v-1';
}
}
}
$rgbColor = $this->_toUnderstandableColor($this->getColor());
$svg .= '<path fill="'.$rgbColor.'" stroke-width="0" d="' . implode('', $rects) . '"/>';
$svg .= '</svg>';
$this->generatedImage = $svg;
@ -80,7 +83,7 @@ class SvgGenerator extends BaseGenerator implements GeneratorInterface
protected function _toUnderstandableColor($color)
{
if (is_array($color)) {
return 'rgb('.implode(', ', $color).')';
return sprintf('#%X%X%X', $color[0], $color[1], $color[2]);
}
return $color;

36
vendor/yzalis/identicon/src/Identicon/Identicon.php

@ -46,10 +46,10 @@ class Identicon
/**
* Display an Identicon image.
*
* @param string $string
* @param int $size
* @param string $color
* @param string $backgroundColor
* @param string $string
* @param int $size
* @param string|array $color
* @param string $backgroundColor
*/
public function displayImage($string, $size = 64, $color = null, $backgroundColor = null)
{
@ -60,10 +60,10 @@ class Identicon
/**
* Get an Identicon PNG image data.
*
* @param string $string
* @param int $size
* @param string $color
* @param string $backgroundColor
* @param string $string
* @param int $size
* @param string|array $color
* @param string $backgroundColor
*
* @return string
*/
@ -75,10 +75,10 @@ class Identicon
/**
* Get an Identicon PNG image resource.
*
* @param string $string
* @param int $size
* @param string $color
* @param string $backgroundColor
* @param string $string
* @param int $size
* @param string|array $color
* @param string $backgroundColor
*
* @return string
*/
@ -90,10 +90,10 @@ class Identicon
/**
* Get an Identicon PNG image data as base 64 encoded.
*
* @param string $string
* @param int $size
* @param string $color
* @param string $backgroundColor
* @param string $string
* @param int $size
* @param string|array $color
* @param string $backgroundColor
*
* @return string
*/
@ -101,13 +101,13 @@ class Identicon
{
return sprintf('data:%s;base64,%s', $this->generator->getMimeType(), base64_encode($this->getImageData($string, $size, $color, $backgroundColor)));
}
/**
* Get the color of the Identicon
*
* Returns an array with RGB values of the Identicon's color. Colors may be NULL if no image has been generated
* so far (e.g., when calling the method on a new Identicon()).
*
*
* @return array
*/
public function getColor()

Loading…
Cancel
Save