This is a random string which is unique to each PrivateBin installation.
It is automatically created if not present.
Salt is used:
- to generate unique VizHash in discussions (which are not reproductible across PrivateBin servers)
- to generate unique deletion token (which are not re-usable across PrivateBin servers)
/** * Get paste data. * * @access public * @throws Exception * @return stdClass */ public function get() { $data = $this->_store->read($this->getId()); if ($data === false) { throw new Exception(PrivateBin::GENERIC_ERROR, 64); } // check if paste has expired and delete it if neccessary. if (property_exists($data->meta, 'expire_date')) { if ($data->meta->expire_date < time()) { $this->delete(); throw new Exception(PrivateBin::GENERIC_ERROR, 63); } // We kindly provide the remaining time before expiration (in seconds) $data->meta->remaining_time = $data->meta->expire_date - time(); } // set formatter for for the view. if (!property_exists($data->meta, 'formatter')) { // support < 0.21 syntax highlighting if (property_exists($data->meta, 'syntaxcoloring') && $data->meta->syntaxcoloring === true) { $data->meta->formatter = 'syntaxhighlighting'; } else { $data->meta->formatter = $this->_conf->getKey('defaultformatter'); } } // support old paste format with server wide salt if (!property_exists($data->meta, 'salt')) { $data->meta->salt = ServerSalt::get(); } $data->comments = array_values($this->getComments()); $data->comment_count = count($data->comments); $data->comment_offset = 0; $data->{'@context'} = 'js/paste.jsonld'; $this->_data = $data; return $this->_data; }
/** * get a HMAC of the current visitors IP address * * @access public * @static * @param string $algo * @return string */ public static function getHash($algo = 'sha512') { return hash_hmac($algo, $_SERVER[self::$_ipKey], ServerSalt::get()); }
/** * initialize privatebin * * @access private * @return void */ private function _init() { foreach (array('cfg', 'lib') as $dir) { if (!is_file(PATH . $dir . DIRECTORY_SEPARATOR . '.htaccess')) { file_put_contents(PATH . $dir . DIRECTORY_SEPARATOR . '.htaccess', 'Allow from none' . PHP_EOL . 'Deny from all' . PHP_EOL, LOCK_EX); } } $this->_conf = new Configuration(); $this->_model = new Model($this->_conf); $this->_request = new Request(); $this->_urlBase = array_key_exists('REQUEST_URI', $_SERVER) ? htmlspecialchars($_SERVER['REQUEST_URI']) : '/'; ServerSalt::setPath($this->_conf->getKey('dir', 'traffic')); // set default language $lang = $this->_conf->getKey('languagedefault'); I18n::setLanguageFallback($lang); // force default language, if language selection is disabled and a default is set if (!$this->_conf->getKey('languageselection') && strlen($lang) == 2) { $_COOKIE['lang'] = $lang; setcookie('lang', $lang); } }