Handles traffic limiting, so no user does more than one call per 10 seconds.
Inheritance: extends AbstractPersistence
Exemple #1
0
 /**
  * Set nickname.
  *
  * @access public
  * @param string $nickname
  * @throws Exception
  * @return void
  */
 public function setNickname($nickname)
 {
     if (!Sjcl::isValid($nickname)) {
         throw new Exception('Invalid data.', 66);
     }
     $this->_data->meta->nickname = $nickname;
     // If a nickname is provided, we generate an icon based on a SHA512 HMAC
     // of the users IP. (We assume that if the user did not enter a nickname,
     // the user wants to be anonymous and we will not generate an icon.)
     $icon = $this->_conf->getKey('icon');
     if ($icon != 'none') {
         $pngdata = '';
         $hmac = TrafficLimiter::getHash();
         if ($icon == 'identicon') {
             $identicon = new Identicon();
             $pngdata = $identicon->getImageDataUri($hmac, 16);
         } elseif ($icon == 'vizhash') {
             $vh = new Vizhash16x16();
             $pngdata = 'data:image/png;base64,' . base64_encode($vh->generate($hmac));
         }
         if ($pngdata != '') {
             $this->_data->meta->vizhash = $pngdata;
         }
     }
     // Once the icon is generated, we do not keep the IP address hash.
 }
Exemple #2
0
 /**
  * Store new paste or comment
  *
  * POST contains one or both:
  * data = json encoded SJCL encrypted text (containing keys: iv,v,iter,ks,ts,mode,adata,cipher,salt,ct)
  * attachment = json encoded SJCL encrypted text (containing keys: iv,v,iter,ks,ts,mode,adata,cipher,salt,ct)
  *
  * All optional data will go to meta information:
  * expire (optional) = expiration delay (never,5min,10min,1hour,1day,1week,1month,1year,burn) (default:never)
  * formatter (optional) = format to display the paste as (plaintext,syntaxhighlighting,markdown) (default:syntaxhighlighting)
  * burnafterreading (optional) = if this paste may only viewed once ? (0/1) (default:0)
  * opendiscusssion (optional) = is the discussion allowed on this paste ? (0/1) (default:0)
  * attachmentname = json encoded SJCL encrypted text (containing keys: iv,v,iter,ks,ts,mode,adata,cipher,salt,ct)
  * nickname (optional) = in discussion, encoded SJCL encrypted text nickname of author of comment (containing keys: iv,v,iter,ks,ts,mode,adata,cipher,salt,ct)
  * parentid (optional) = in discussion, which comment this comment replies to.
  * pasteid (optional) = in discussion, which paste this comment belongs to.
  *
  * @access private
  * @return string
  */
 private function _create()
 {
     // Ensure last paste from visitors IP address was more than configured amount of seconds ago.
     TrafficLimiter::setConfiguration($this->_conf);
     if (!TrafficLimiter::canPass()) {
         return $this->_return_message(1, I18n::_('Please wait %d seconds between each post.', $this->_conf->getKey('limit', 'traffic')));
     }
     $data = $this->_request->getParam('data');
     $attachment = $this->_request->getParam('attachment');
     $attachmentname = $this->_request->getParam('attachmentname');
     // Ensure content is not too big.
     $sizelimit = $this->_conf->getKey('sizelimit');
     if (strlen($data) + strlen($attachment) + strlen($attachmentname) > $sizelimit) {
         return $this->_return_message(1, I18n::_('Paste is limited to %s of encrypted data.', Filter::formatHumanReadableSize($sizelimit)));
     }
     // Ensure attachment did not get lost due to webserver limits or Suhosin
     if (strlen($attachmentname) > 0 && strlen($attachment) == 0) {
         return $this->_return_message(1, 'Attachment missing in data received by server. Please check your webserver or suhosin configuration for maximum POST parameter limitations.');
     }
     // The user posts a comment.
     $pasteid = $this->_request->getParam('pasteid');
     $parentid = $this->_request->getParam('parentid');
     if (!empty($pasteid) && !empty($parentid)) {
         $paste = $this->_model->getPaste($pasteid);
         if ($paste->exists()) {
             try {
                 $comment = $paste->getComment($parentid);
                 $nickname = $this->_request->getParam('nickname');
                 if (!empty($nickname)) {
                     $comment->setNickname($nickname);
                 }
                 $comment->setData($data);
                 $comment->store();
             } catch (Exception $e) {
                 return $this->_return_message(1, $e->getMessage());
             }
             $this->_return_message(0, $comment->getId());
         } else {
             $this->_return_message(1, 'Invalid data.');
         }
     } else {
         $this->_model->purge();
         $paste = $this->_model->getPaste();
         try {
             $paste->setData($data);
             if (!empty($attachment)) {
                 $paste->setAttachment($attachment);
                 if (!empty($attachmentname)) {
                     $paste->setAttachmentName($attachmentname);
                 }
             }
             $expire = $this->_request->getParam('expire');
             if (!empty($expire)) {
                 $paste->setExpiration($expire);
             }
             $burnafterreading = $this->_request->getParam('burnafterreading');
             if (!empty($burnafterreading)) {
                 $paste->setBurnafterreading($burnafterreading);
             }
             $opendiscussion = $this->_request->getParam('opendiscussion');
             if (!empty($opendiscussion)) {
                 $paste->setOpendiscussion($opendiscussion);
             }
             $formatter = $this->_request->getParam('formatter');
             if (!empty($formatter)) {
                 $paste->setFormatter($formatter);
             }
             $paste->store();
         } catch (Exception $e) {
             return $this->_return_message(1, $e->getMessage());
         }
         $this->_return_message(0, $paste->getId(), array('deletetoken' => $paste->getDeleteToken()));
     }
 }