/** * Handles the paste password submission * * @param string $urlkey * @param string $hash * @return \Illuminate\Support\Facades\Redirect|null */ public function postComment() { if (Site::config('general')->comments) { // Define validation rules $validator = Validator::make(Input::all(), array('comment' => 'required|auth|min:5|max:1024')); // Generate anti-spam modules $antispam = Antispam::make('comment', 'comment'); // Run validations $resultValidation = $validator->passes(); // Execute antispam services $resultAntispam = $antispam->passes(); if ($resultValidation and $resultAntispam) { // Get the associated paste $paste = Paste::findOrFail(Input::get('id')); // Insert the new comment if (!is_null($paste)) { $comment = new Comment(); $comment->paste_id = $paste->id; $comment->data = nl2br(strip_tags(Input::get('comment'))); $comment->author = Auth::check() ? Auth::user()->username : Lang::get('global.anonymous'); $comment->timestamp = time(); $comment->save(); } return Redirect::to(URL::previous()); } else { // Set the error message as flashdata if (!$resultValidation) { Session::flash('messages.error', $validator->messages()->all('<p>:message</p>')); } else { if (!$resultAntispam) { Session::flash('messages.error', $antispam->message()); } } return Redirect::to(URL::previous())->withInput(); } } else { App::abort(401); // Unauthorized } }
}); /* |-------------------------------------------------------------------------- | Numeric paste ID filter |-------------------------------------------------------------------------- | | This filter gets a paste by its numeric ID. This is here purely for | backward compatibility as 0.4 and older versions had an optional / did | not have a alphanumeric URLkey. | */ Route::filter('numeric', function () { $key = Request::segment(1); $hash = Request::segment(2); if (is_numeric($key) and $key <= Site::config('general')->preMigrate) { $paste = Paste::findOrFail($key); return Redirect::to("{$paste->urlkey}/{$hash}"); } }); /* |-------------------------------------------------------------------------- | Setup validation filter |-------------------------------------------------------------------------- | | This filter checks if Sticky Notes is marked as installed. | | The following checks are done: | - If the main table does not exist, it is a fresh install | - If the main table is there, but versions mismatch, it is an update | - If main table is there and versions match, we should get out of setup |
/** * Creates a new paste revision * * @return \Illuminate\Support\Facades\Redirect */ public function postRevision() { $oldId = Input::get('id'); // First and foremost, validate the ID of the revision if (Session::get('paste.revision') != $oldId) { App::abort(401); // Unauthorized } // Define validation rules. We don't validate the title and language // here as we don't allow to change that for a revision. Instead, we // will use the data from the old paste $validator = Validator::make(Input::all(), array('data' => 'required|auth', 'expire' => 'in:' . Paste::getExpiration('create', TRUE))); // Generate anti-spam modules $antispam = Antispam::make('paste', 'data'); // Run validations $resultValidation = $validator->passes(); // Execute antispam services $resultAntispam = $antispam->passes(); if ($resultValidation and $resultAntispam) { // Get the paste being revised $oldPaste = Paste::findOrFail($oldId); // If the old paste's content is same as the revision, // we simply redirect to the old paste itself if (crc32($oldPaste->data) == crc32(Input::get('data'))) { return Redirect::to($oldPaste->urlkey); } // We use some data from the old paste $data = array('project' => $oldPaste->project, 'title' => $oldPaste->title, 'language' => $oldPaste->language, 'private' => NULL, 'password' => NULL, 'attachment' => NULL); // Merge it with the input to override the values the user submitted Input::merge($data); // All set, create the new revision $newPaste = Paste::createNew('web', Input::all()); // We now need to update the revisions table. One entry will be // created for this revision. We will also create entries for // any past revisions and link it to this new paste $revData = array(array('paste_id' => $newPaste->id, 'urlkey' => $oldPaste->urlkey, 'author' => $oldPaste->author, 'timestamp' => $oldPaste->timestamp)); foreach ($oldPaste->revisions as $revision) { $revData[] = array('paste_id' => $newPaste->id, 'urlkey' => $revision->urlkey, 'author' => $revision->author, 'timestamp' => $revision->timestamp); } // Now insert this batch data to the revisions table Revision::insert($revData); // Whoa, finally we are done, take the user to the shiny new // paste. Since this is a public paste, we don't need the url // hash or password shebang return Redirect::to($newPaste->urlkey); } else { // Set the error message as flashdata if (!$resultValidation) { Session::flash('messages.error', $validator->messages()->all('<p>:message</p>')); } else { if (!$resultAntispam) { Session::flash('messages.error', $antispam->message()); } } } return Redirect::to(URL::previous())->withInput(); }
<?php Route::get('/', ['as' => 'create', 'uses' => 'PasteController@index']); Route::post('/', ['as' => 'store', 'uses' => 'PasteController@store']); Route::get('{paste}', ['as' => 'show', 'uses' => 'PasteController@show']); Route::get('{paste}/fork', ['as' => 'fork', 'uses' => 'PasteController@fork']); Route::get('{paste}/raw', ['as' => 'raw', 'uses' => 'PasteController@raw']); Route::get('{paste}/diff', ['as' => 'diff', 'uses' => 'PasteController@diff']); Route::bind('paste', function ($value) { try { $paste = Paste::findOrFail(Math::to_base_10($value)); } catch (Exception $e) { App::abort(404); } return $paste; });