/** * Handles the paste password submission * * @param string $urlkey * @param string $hash * @return \Illuminate\Support\Facades\Redirect|null */ public function postComment() { if (Site::config('general')->comments) { // Define validation rules $validator = Validator::make(Input::all(), array('comment' => 'required|auth|min:5|max:1024')); // Generate anti-spam modules $antispam = Antispam::make('comment', 'comment'); // Run validations $resultValidation = $validator->passes(); // Execute antispam services $resultAntispam = $antispam->passes(); if ($resultValidation and $resultAntispam) { // Get the associated paste $paste = Paste::findOrFail(Input::get('id')); // Insert the new comment if (!is_null($paste)) { $comment = new Comment(); $comment->paste_id = $paste->id; $comment->data = nl2br(strip_tags(Input::get('comment'))); $comment->author = Auth::check() ? Auth::user()->username : Lang::get('global.anonymous'); $comment->timestamp = time(); $comment->save(); } return Redirect::to(URL::previous()); } else { // Set the error message as flashdata if (!$resultValidation) { Session::flash('messages.error', $validator->messages()->all('<p>:message</p>')); } else { if (!$resultAntispam) { Session::flash('messages.error', $antispam->message()); } } return Redirect::to(URL::previous())->withInput(); } } else { App::abort(401); // Unauthorized } }
/** * Creates a new paste via the API * * @param string $mode * @return \Illuminate\Support\Facades\View */ public function postCreate($mode) { $api = API::make($mode); // Set custom messages for validation module $custom = array('title.max' => 'title_max_30', 'data.required' => 'data_required', 'data.auth' => 'cannot_post', 'data.mbmax' => 'data_too_big', 'language.required' => 'lang_required', 'language.in' => 'lang_invalid', 'expire.integer' => 'expire_integer', 'expire.in' => 'expire_invalid'); // Define validation rules $validator = Validator::make(Input::all(), array('title' => 'max:30', 'data' => 'required|auth|mbmax:' . Site::config('general')->maxPasteSize, 'language' => 'required|in:' . Highlighter::make()->languages(TRUE), 'expire' => 'integer|in:' . Paste::getExpiration('create', TRUE)), $custom); // Run validations if ($validator->fails()) { return $api->error($validator->messages()->first()); } // Set custom messages for the antispam module $custom = array('ipban' => 'antispam_ipban', 'stealth' => 'antispam_stealth', 'censor' => 'antispam_censor', 'noflood' => 'antispam_noflood', 'php' => 'antispam_php'); // Instantiate the antispam module $antispam = Antispam::make('api_call', 'data', $custom); // Run the anti-spam modules if ($antispam->fails()) { return $api->error($antispam->message()); } // Create the paste like a boss! $paste = Paste::createNew('api', Input::all()); // All done! Now we need to output the urlkey and hash $data = array('urlkey' => $paste->urlkey, 'hash' => $paste->hash); // Return the output return $api->out('create', $data); }
/** * Creates a new paste revision * * @return \Illuminate\Support\Facades\Redirect */ public function postRevision() { $oldId = Input::get('id'); // First and foremost, validate the ID of the revision if (Session::get('paste.revision') != $oldId) { App::abort(401); // Unauthorized } // Define validation rules. We don't validate the title and language // here as we don't allow to change that for a revision. Instead, we // will use the data from the old paste $validator = Validator::make(Input::all(), array('data' => 'required|auth', 'expire' => 'in:' . Paste::getExpiration('create', TRUE))); // Generate anti-spam modules $antispam = Antispam::make('paste', 'data'); // Run validations $resultValidation = $validator->passes(); // Execute antispam services $resultAntispam = $antispam->passes(); if ($resultValidation and $resultAntispam) { // Get the paste being revised $oldPaste = Paste::findOrFail($oldId); // If the old paste's content is same as the revision, // we simply redirect to the old paste itself if (crc32($oldPaste->data) == crc32(Input::get('data'))) { return Redirect::to($oldPaste->urlkey); } // We use some data from the old paste $data = array('project' => $oldPaste->project, 'title' => $oldPaste->title, 'language' => $oldPaste->language, 'private' => NULL, 'password' => NULL, 'attachment' => NULL); // Merge it with the input to override the values the user submitted Input::merge($data); // All set, create the new revision $newPaste = Paste::createNew('web', Input::all()); // We now need to update the revisions table. One entry will be // created for this revision. We will also create entries for // any past revisions and link it to this new paste $revData = array(array('paste_id' => $newPaste->id, 'urlkey' => $oldPaste->urlkey, 'author' => $oldPaste->author, 'timestamp' => $oldPaste->timestamp)); foreach ($oldPaste->revisions as $revision) { $revData[] = array('paste_id' => $newPaste->id, 'urlkey' => $revision->urlkey, 'author' => $revision->author, 'timestamp' => $revision->timestamp); } // Now insert this batch data to the revisions table Revision::insert($revData); // Whoa, finally we are done, take the user to the shiny new // paste. Since this is a public paste, we don't need the url // hash or password shebang return Redirect::to($newPaste->urlkey); } else { // Set the error message as flashdata if (!$resultValidation) { Session::flash('messages.error', $validator->messages()->all('<p>:message</p>')); } else { if (!$resultAntispam) { Session::flash('messages.error', $antispam->message()); } } } return Redirect::to(URL::previous())->withInput(); }
/** * Searches for a paste by its content * * @access public * @param string $term * @return \Illuminate\Support\Facades\View */ public function getSearch() { $term = Input::get('q'); $config = Site::config('general'); // Initialize the antispam filters $antispam = Antispam::make('search', 'q'); if ($config->pasteSearch and strlen($term) >= 5) { if ($antispam->passes() or Session::has('search.exempt')) { // Show all pastes to admins if (Auth::roles()->admin) { $query = Paste::query(); } else { $query = Paste::where('private', '<>', 1); } // Append the search term $query = $query->where('data', 'like', "%{$term}%"); // Filter by project if (!empty($this->project)) { $query = $query->where('project', $this->project); } // Get number of results to show per page $perPage = $config->perPage; // Query the search results $pastes = $query->orderBy('id', 'desc')->paginate($perPage); // Append the search term to pagination URLs $pastes->appends('q', $term); // We will not run antispam if it passed once and there are // multiple pages. But we exempt it only for the next request. Session::flash('search.exempt', $perPage > $pastes->count()); return $this->getList($pastes, TRUE); } else { Session::flash('messages.error', $antispam->message()); } } return Redirect::to('all')->withInput(); }