function displayBody() { $html = NULL; if (!isset($this->get['pid']) || strlen($this->get['pid']) != 8) { parent::addError("Invalid ID"); return $html; } $conn = parent::getPDOConn(); if ($conn != NULL) { $stmt = $conn->prepare("SELECT raw, formatted, hash FROM `pastes` WHERE `hash` = :hash"); $stmt->bindParam(":hash", $this->get['pid']); if ($stmt->execute()) { $res = $stmt->fetch(); $html .= '<h3>View Paste</h3> <div id="formatted">' . $res['formatted'] . '</div> <textarea id="preview">' . $res['raw'] . '</textarea> <form method="post" action="download.php"> <input type="hidden" name="pid" value="' . $res['hash'] . '" /> <input style="margin-left: 5%;" type="submit" value="Download as ' . $res['hash'] . '.txt" />'; } else { parent::addError("Invalid ID"); } } else { parent::addError("Server error - Could not connect to the database."); } return $html; }
function displayRecent() { $html = NULL; $conn = parent::getPDOConn(); if ($conn == null) { parent::addError("Server error - Could not connect to the database"); return false; } $stmt = $conn->prepare("SELECT lang, hash, author, time FROM `pastes` ORDER BY `id` DESC LIMIT 5"); if ($stmt->execute()) { while ($res = $stmt->fetch(PDO::FETCH_ASSOC)) { $html .= '<div class="recitem">' . $res['author'] . '<br />' . $res['lang'] . '<br /><a href=view.php?pid=' . $res['hash'] . '>View</a><br />Posted ' . $this->distanceOfTimeInWords($res['time']) . ' ago</div>'; } } else { parent::addError("Could not retrieve recent pastes"); } return $html; }
function addEntry() { require_once 'inc/geshi.php'; $code = $this->post['code']; $lang = $this->post['lang']; $poster = $this->post['poster']; $conn = parent::getPDOConn(); if ($conn == NULL) { parent::addError("Server error - Could not connect to the database"); return false; } if (empty($code) || empty($lang)) { parent::addError("You haven't pasted anything!"); return false; } if (empty($poster)) { $poster = "Anonymous"; } $stmt = $conn->prepare("SELECT * FROM `langs` WHERE `lang` = :lang"); $stmt->bindParam(":lang", $lang); if ($stmt->execute()) { $res = $stmt->fetch(PDO::FETCH_ASSOC); if (empty($res)) { parent::addError("Invalid language"); return false; } } $geshi = new GeSHi($code, $lang); $geshi->enable_line_numbers(GESHI_NORMAL_LINE_NUMBERS); if ($lang !== "None") { $formatted = $geshi->parse_code(); } else { $formatted = "<pre>" . htmlentities($code) . "</pre>"; } $hash = $this->makeHash($this->post['code'], $formatted, $this->post['lang']); $stmt = $conn->prepare("INSERT INTO `pastes` VALUES('', ?, ?, ?, ?, ?, ?)"); if ($stmt->execute(array(htmlentities($code), $formatted, $res['filename'], $hash, $poster, time()))) { parent::addMessage("Paste has been added! Click <a href=\"view.php?pid=" . $hash . "\">here</a> to view.<br /><input type=\"text\" value=\"http://pb.pwnds.info/view.php?pid=" . $hash . "\" readonly />"); return $hash; } else { parent::addError("Server error - Couldn't add paste. " . $this->post['lang'] . " " . print_r($stmt->errorInfo(), true)); return false; } }