2015-09-27 03:03:55 +02:00
|
|
|
<?php
|
|
|
|
/**
|
2016-07-11 11:58:15 +02:00
|
|
|
* PrivateBin
|
2015-09-27 03:03:55 +02:00
|
|
|
*
|
|
|
|
* a zero-knowledge paste bin
|
|
|
|
*
|
2016-07-11 11:58:15 +02:00
|
|
|
* @link https://github.com/PrivateBin/PrivateBin
|
2015-09-27 03:03:55 +02:00
|
|
|
* @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
|
2016-07-19 13:56:52 +02:00
|
|
|
* @license https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
|
2018-07-01 13:11:32 +02:00
|
|
|
* @version 1.2
|
2015-09-27 03:03:55 +02:00
|
|
|
*/
|
2016-12-12 18:43:23 +01:00
|
|
|
|
2016-12-12 18:49:08 +01:00
|
|
|
namespace PrivateBin\Model;
|
2016-07-21 17:09:48 +02:00
|
|
|
|
2016-10-29 10:24:08 +02:00
|
|
|
use Exception;
|
2018-07-29 15:17:35 +02:00
|
|
|
use PrivateBin\Controller;
|
2018-07-29 16:15:52 +02:00
|
|
|
use PrivateBin\Persistence\ServerSalt;
|
2016-08-09 11:54:42 +02:00
|
|
|
use PrivateBin\Sjcl;
|
2016-07-21 17:09:48 +02:00
|
|
|
|
2015-09-27 03:03:55 +02:00
|
|
|
/**
|
2016-08-09 11:54:42 +02:00
|
|
|
* Paste
|
2015-09-27 03:03:55 +02:00
|
|
|
*
|
2016-07-11 11:58:15 +02:00
|
|
|
* Model of a PrivateBin paste.
|
2015-09-27 03:03:55 +02:00
|
|
|
*/
|
2016-08-09 11:54:42 +02:00
|
|
|
class Paste extends AbstractModel
|
2015-09-27 03:03:55 +02:00
|
|
|
{
|
|
|
|
/**
|
|
|
|
* Get paste data.
|
|
|
|
*
|
|
|
|
* @access public
|
|
|
|
* @throws Exception
|
2016-07-06 14:58:06 +02:00
|
|
|
* @return stdClass
|
2015-09-27 03:03:55 +02:00
|
|
|
*/
|
|
|
|
public function get()
|
|
|
|
{
|
2016-08-09 12:45:26 +02:00
|
|
|
$data = $this->_store->read($this->getId());
|
|
|
|
if ($data === false) {
|
2018-07-29 15:17:35 +02:00
|
|
|
throw new Exception(Controller::GENERIC_ERROR, 64);
|
2016-07-26 08:19:35 +02:00
|
|
|
}
|
2016-07-06 14:58:06 +02:00
|
|
|
|
2016-07-06 11:37:13 +02:00
|
|
|
// check if paste has expired and delete it if neccessary.
|
2016-08-09 12:45:26 +02:00
|
|
|
if (property_exists($data->meta, 'expire_date')) {
|
|
|
|
if ($data->meta->expire_date < time()) {
|
2015-09-27 03:03:55 +02:00
|
|
|
$this->delete();
|
2018-07-29 15:17:35 +02:00
|
|
|
throw new Exception(Controller::GENERIC_ERROR, 63);
|
2015-09-27 03:03:55 +02:00
|
|
|
}
|
|
|
|
// We kindly provide the remaining time before expiration (in seconds)
|
2016-08-09 12:45:26 +02:00
|
|
|
$data->meta->remaining_time = $data->meta->expire_date - time();
|
2015-09-27 03:03:55 +02:00
|
|
|
}
|
|
|
|
|
2017-04-11 17:23:26 +02:00
|
|
|
// check if non-expired burn after reading paste needs to be deleted
|
2018-04-30 20:01:38 +02:00
|
|
|
if (property_exists($data->meta, 'burnafterreading') && $data->meta->burnafterreading) {
|
2017-04-11 17:23:26 +02:00
|
|
|
$this->delete();
|
|
|
|
}
|
|
|
|
|
2015-09-27 03:03:55 +02:00
|
|
|
// set formatter for for the view.
|
2016-08-09 12:45:26 +02:00
|
|
|
if (!property_exists($data->meta, 'formatter')) {
|
2015-09-27 03:03:55 +02:00
|
|
|
// support < 0.21 syntax highlighting
|
2016-08-09 12:45:26 +02:00
|
|
|
if (property_exists($data->meta, 'syntaxcoloring') && $data->meta->syntaxcoloring === true) {
|
|
|
|
$data->meta->formatter = 'syntaxhighlighting';
|
2016-07-26 08:19:35 +02:00
|
|
|
} else {
|
2016-08-09 12:45:26 +02:00
|
|
|
$data->meta->formatter = $this->_conf->getKey('defaultformatter');
|
2015-09-27 03:03:55 +02:00
|
|
|
}
|
|
|
|
}
|
2016-07-06 11:37:13 +02:00
|
|
|
|
|
|
|
// support old paste format with server wide salt
|
2016-08-09 12:45:26 +02:00
|
|
|
if (!property_exists($data->meta, 'salt')) {
|
|
|
|
$data->meta->salt = ServerSalt::get();
|
2016-07-06 11:37:13 +02:00
|
|
|
}
|
2016-08-15 16:45:47 +02:00
|
|
|
$data->comments = array_values($this->getComments());
|
|
|
|
$data->comment_count = count($data->comments);
|
2016-08-09 12:45:26 +02:00
|
|
|
$data->comment_offset = 0;
|
2016-08-15 16:45:47 +02:00
|
|
|
$data->{'@context'} = 'js/paste.jsonld';
|
|
|
|
$this->_data = $data;
|
2017-04-13 10:52:48 +02:00
|
|
|
|
|
|
|
// If the paste was meant to be read only once, delete it.
|
|
|
|
if ($this->isBurnafterreading()) {
|
|
|
|
$this->delete();
|
|
|
|
}
|
|
|
|
|
2015-09-27 03:03:55 +02:00
|
|
|
return $this->_data;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Store the paste's data.
|
|
|
|
*
|
|
|
|
* @access public
|
|
|
|
* @throws Exception
|
|
|
|
*/
|
|
|
|
public function store()
|
|
|
|
{
|
|
|
|
// Check for improbable collision.
|
2016-07-26 08:19:35 +02:00
|
|
|
if ($this->exists()) {
|
2015-09-27 03:03:55 +02:00
|
|
|
throw new Exception('You are unlucky. Try again.', 75);
|
2016-07-26 08:19:35 +02:00
|
|
|
}
|
2015-09-27 03:03:55 +02:00
|
|
|
|
|
|
|
$this->_data->meta->postdate = time();
|
2016-08-15 16:45:47 +02:00
|
|
|
$this->_data->meta->salt = serversalt::generate();
|
2015-09-27 03:03:55 +02:00
|
|
|
|
|
|
|
// store paste
|
|
|
|
if (
|
|
|
|
$this->_store->create(
|
|
|
|
$this->getId(),
|
|
|
|
json_decode(json_encode($this->_data), true)
|
|
|
|
) === false
|
2016-07-26 08:19:35 +02:00
|
|
|
) {
|
|
|
|
throw new Exception('Error saving paste. Sorry.', 76);
|
|
|
|
}
|
2015-09-27 03:03:55 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Delete the paste.
|
|
|
|
*
|
|
|
|
* @access public
|
|
|
|
* @throws Exception
|
|
|
|
*/
|
|
|
|
public function delete()
|
|
|
|
{
|
|
|
|
$this->_store->delete($this->getId());
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Test if paste exists in store.
|
|
|
|
*
|
|
|
|
* @access public
|
|
|
|
* @return bool
|
|
|
|
*/
|
|
|
|
public function exists()
|
|
|
|
{
|
|
|
|
return $this->_store->exists($this->getId());
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Get a comment, optionally a specific instance.
|
|
|
|
*
|
|
|
|
* @access public
|
|
|
|
* @param string $parentId
|
|
|
|
* @param string $commentId
|
|
|
|
* @throws Exception
|
2016-08-09 11:54:42 +02:00
|
|
|
* @return Comment
|
2015-09-27 03:03:55 +02:00
|
|
|
*/
|
|
|
|
public function getComment($parentId, $commentId = null)
|
|
|
|
{
|
2016-07-26 08:19:35 +02:00
|
|
|
if (!$this->exists()) {
|
2015-09-27 03:03:55 +02:00
|
|
|
throw new Exception('Invalid data.', 62);
|
|
|
|
}
|
2016-08-09 11:54:42 +02:00
|
|
|
$comment = new Comment($this->_conf, $this->_store);
|
2015-09-27 03:03:55 +02:00
|
|
|
$comment->setPaste($this);
|
|
|
|
$comment->setParentId($parentId);
|
2016-07-26 08:19:35 +02:00
|
|
|
if ($commentId !== null) {
|
|
|
|
$comment->setId($commentId);
|
|
|
|
}
|
2015-09-27 03:03:55 +02:00
|
|
|
return $comment;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Get all comments, if any.
|
|
|
|
*
|
|
|
|
* @access public
|
|
|
|
* @return array
|
|
|
|
*/
|
|
|
|
public function getComments()
|
|
|
|
{
|
|
|
|
return $this->_store->readComments($this->getId());
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Generate the "delete" token.
|
|
|
|
*
|
|
|
|
* The token is the hmac of the pastes ID signed with the server salt.
|
|
|
|
* The paste can be deleted by calling:
|
2017-04-11 16:34:13 +02:00
|
|
|
* https://example.com/privatebin/?pasteid=<pasteid>&deletetoken=<deletetoken>
|
2015-09-27 03:03:55 +02:00
|
|
|
*
|
|
|
|
* @access public
|
|
|
|
* @return string
|
|
|
|
*/
|
|
|
|
public function getDeleteToken()
|
|
|
|
{
|
2016-07-26 08:19:35 +02:00
|
|
|
if (!property_exists($this->_data->meta, 'salt')) {
|
|
|
|
$this->get();
|
|
|
|
}
|
2016-07-06 11:37:13 +02:00
|
|
|
return hash_hmac(
|
|
|
|
$this->_conf->getKey('zerobincompatibility') ? 'sha1' : 'sha256',
|
|
|
|
$this->getId(),
|
|
|
|
$this->_data->meta->salt
|
|
|
|
);
|
2015-09-27 03:03:55 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Set paste's attachment.
|
|
|
|
*
|
|
|
|
* @access public
|
|
|
|
* @param string $attachment
|
|
|
|
* @throws Exception
|
|
|
|
*/
|
|
|
|
public function setAttachment($attachment)
|
|
|
|
{
|
2016-08-09 11:54:42 +02:00
|
|
|
if (!$this->_conf->getKey('fileupload') || !Sjcl::isValid($attachment)) {
|
2015-09-27 03:03:55 +02:00
|
|
|
throw new Exception('Invalid attachment.', 71);
|
2016-07-26 08:19:35 +02:00
|
|
|
}
|
2015-09-27 03:03:55 +02:00
|
|
|
$this->_data->meta->attachment = $attachment;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Set paste's attachment name.
|
|
|
|
*
|
|
|
|
* @access public
|
|
|
|
* @param string $attachmentname
|
|
|
|
* @throws Exception
|
|
|
|
*/
|
|
|
|
public function setAttachmentName($attachmentname)
|
|
|
|
{
|
2016-08-09 11:54:42 +02:00
|
|
|
if (!$this->_conf->getKey('fileupload') || !Sjcl::isValid($attachmentname)) {
|
2015-09-27 03:03:55 +02:00
|
|
|
throw new Exception('Invalid attachment.', 72);
|
2016-07-26 08:19:35 +02:00
|
|
|
}
|
2015-09-27 03:03:55 +02:00
|
|
|
$this->_data->meta->attachmentname = $attachmentname;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Set paste expiration.
|
|
|
|
*
|
|
|
|
* @access public
|
|
|
|
* @param string $expiration
|
|
|
|
*/
|
|
|
|
public function setExpiration($expiration)
|
|
|
|
{
|
|
|
|
$expire_options = $this->_conf->getSection('expire_options');
|
2016-07-26 08:19:35 +02:00
|
|
|
if (array_key_exists($expiration, $expire_options)) {
|
2015-09-27 03:03:55 +02:00
|
|
|
$expire = $expire_options[$expiration];
|
2016-07-26 08:19:35 +02:00
|
|
|
} else {
|
2015-09-27 03:03:55 +02:00
|
|
|
// using getKey() to ensure a default value is present
|
|
|
|
$expire = $this->_conf->getKey($this->_conf->getKey('default', 'expire'), 'expire_options');
|
|
|
|
}
|
2016-07-26 08:19:35 +02:00
|
|
|
if ($expire > 0) {
|
|
|
|
$this->_data->meta->expire_date = time() + $expire;
|
|
|
|
}
|
2015-09-27 03:03:55 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Set paste's burn-after-reading type.
|
|
|
|
*
|
|
|
|
* @access public
|
|
|
|
* @param string $burnafterreading
|
|
|
|
* @throws Exception
|
|
|
|
*/
|
|
|
|
public function setBurnafterreading($burnafterreading = '1')
|
|
|
|
{
|
2016-07-26 08:19:35 +02:00
|
|
|
if ($burnafterreading === '0') {
|
2015-09-27 03:03:55 +02:00
|
|
|
$this->_data->meta->burnafterreading = false;
|
2016-07-26 08:19:35 +02:00
|
|
|
} else {
|
|
|
|
if ($burnafterreading !== '1') {
|
2015-09-27 03:03:55 +02:00
|
|
|
throw new Exception('Invalid data.', 73);
|
2016-07-26 08:19:35 +02:00
|
|
|
}
|
2015-09-27 03:03:55 +02:00
|
|
|
$this->_data->meta->burnafterreading = true;
|
2016-08-15 16:45:47 +02:00
|
|
|
$this->_data->meta->opendiscussion = false;
|
2015-09-27 03:03:55 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Set paste's discussion state.
|
|
|
|
*
|
|
|
|
* @access public
|
|
|
|
* @param string $opendiscussion
|
|
|
|
* @throws Exception
|
|
|
|
*/
|
|
|
|
public function setOpendiscussion($opendiscussion = '1')
|
|
|
|
{
|
|
|
|
if (
|
|
|
|
!$this->_conf->getKey('discussion') ||
|
|
|
|
$this->isBurnafterreading() ||
|
|
|
|
$opendiscussion === '0'
|
2016-07-26 08:19:35 +02:00
|
|
|
) {
|
2015-09-27 03:03:55 +02:00
|
|
|
$this->_data->meta->opendiscussion = false;
|
2016-07-26 08:19:35 +02:00
|
|
|
} else {
|
|
|
|
if ($opendiscussion !== '1') {
|
2015-09-27 03:03:55 +02:00
|
|
|
throw new Exception('Invalid data.', 74);
|
2016-07-26 08:19:35 +02:00
|
|
|
}
|
2015-09-27 03:03:55 +02:00
|
|
|
$this->_data->meta->opendiscussion = true;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Set paste's format.
|
|
|
|
*
|
|
|
|
* @access public
|
|
|
|
* @param string $format
|
|
|
|
* @throws Exception
|
|
|
|
*/
|
|
|
|
public function setFormatter($format)
|
|
|
|
{
|
2016-07-26 08:19:35 +02:00
|
|
|
if (!array_key_exists($format, $this->_conf->getSection('formatter_options'))) {
|
2015-09-27 03:03:55 +02:00
|
|
|
$format = $this->_conf->getKey('defaultformatter');
|
|
|
|
}
|
|
|
|
$this->_data->meta->formatter = $format;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Check if paste is of burn-after-reading type.
|
|
|
|
*
|
|
|
|
* @access public
|
|
|
|
* @throws Exception
|
2016-08-15 16:45:47 +02:00
|
|
|
* @return bool
|
2015-09-27 03:03:55 +02:00
|
|
|
*/
|
|
|
|
public function isBurnafterreading()
|
|
|
|
{
|
2016-07-26 08:19:35 +02:00
|
|
|
if (!property_exists($this->_data, 'data')) {
|
|
|
|
$this->get();
|
|
|
|
}
|
2015-09-27 03:03:55 +02:00
|
|
|
return property_exists($this->_data->meta, 'burnafterreading') &&
|
|
|
|
$this->_data->meta->burnafterreading === true;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Check if paste has discussions enabled.
|
|
|
|
*
|
|
|
|
* @access public
|
|
|
|
* @throws Exception
|
2016-08-15 16:45:47 +02:00
|
|
|
* @return bool
|
2015-09-27 03:03:55 +02:00
|
|
|
*/
|
|
|
|
public function isOpendiscussion()
|
|
|
|
{
|
2016-07-26 08:19:35 +02:00
|
|
|
if (!property_exists($this->_data, 'data')) {
|
|
|
|
$this->get();
|
|
|
|
}
|
2015-09-27 03:03:55 +02:00
|
|
|
return property_exists($this->_data->meta, 'opendiscussion') &&
|
|
|
|
$this->_data->meta->opendiscussion === true;
|
|
|
|
}
|
|
|
|
}
|