diff --git a/js/privatebin.js b/js/privatebin.js
index 9be809d..e349153 100644
--- a/js/privatebin.js
+++ b/js/privatebin.js
@@ -741,6 +741,7 @@ jQuery.PrivateBin = (function($, sjcl, Base64, RawDeflate) {
me.getPasteId = function()
{
if (id === null) {
+ // Attention: This also returns the delete token inside of the ID, if it is specified
id = window.location.search.substring(1);
if (id === '') {
@@ -749,7 +750,19 @@ jQuery.PrivateBin = (function($, sjcl, Base64, RawDeflate) {
}
return id;
- };
+ }
+
+ /**
+ * Returns true, when the URL has a delete token and the current call was used for deleting a paste.
+ *
+ * @name Model.hasDeleteToken
+ * @function
+ * @return {bool}
+ */
+ me.hasDeleteToken = function()
+ {
+ return window.location.search.indexOf('deletetoken') !== -1;
+ }
/**
* return the deciphering key stored in anchor part of the URL
@@ -4412,6 +4425,12 @@ jQuery.PrivateBin = (function($, sjcl, Base64, RawDeflate) {
return me.newPaste();
}
+ // if delete token is passed (i.e. paste has been deleted by this access)
+ // there is no more stuf we need to do
+ if (Model.hasDeleteToken()) {
+ return;
+ }
+
// prevent bots from viewing a paste and potentially deleting data
// when burn-after-reading is set
// see https://github.com/elrido/ZeroBin/issues/11
diff --git a/tpl/bootstrap.php b/tpl/bootstrap.php
index 2cf9e6d..e5a9d0b 100644
--- a/tpl/bootstrap.php
+++ b/tpl/bootstrap.php
@@ -75,7 +75,7 @@ if ($MARKDOWN):
-
+
diff --git a/tpl/page.php b/tpl/page.php
index 4abcbce..9c53ba9 100644
--- a/tpl/page.php
+++ b/tpl/page.php
@@ -54,7 +54,7 @@ if ($QRCODE):
-
+