/** * Read an existing paste or comment * * @access private * @param string $dataid * @return void */ private function _read($dataid) { $isJson = false; if (($pos = strpos($dataid, '&json')) !== false) { $isJson = true; $dataid = substr($dataid, 0, $pos); } // Is this a valid paste identifier? if (!filter::is_valid_paste_id($dataid)) { $this->_error = 'Invalid paste ID.'; return; } // Check that paste exists. if ($this->_model()->exists($dataid)) { // Get the paste itself. $paste = $this->_model()->read($dataid); // See if paste has expired. if (isset($paste->meta->expire_date) && $paste->meta->expire_date < time()) { // Delete the paste $this->_model()->delete($dataid); $this->_error = self::GENERIC_ERROR; } else { // We kindly provide the remaining time before expiration (in seconds) if (property_exists($paste->meta, 'expire_date')) { $paste->meta->remaining_time = $paste->meta->expire_date - time(); } // The paste itself is the first in the list of encrypted messages. $messages = array($paste); // If it's a discussion, get all comments. if (property_exists($paste->meta, 'opendiscussion') && $paste->meta->opendiscussion) { $messages = array_merge($messages, $this->_model()->readComments($dataid)); } // set formatter for for the view. if (!property_exists($paste->meta, 'formatter')) { // support < 0.21 syntax highlighting if (property_exists($paste->meta, 'syntaxcoloring') && $paste->meta->syntaxcoloring === true) { $paste->meta->formatter = 'syntaxhighlighting'; } else { $paste->meta->formatter = $this->_getMainConfig('defaultformatter', 'syntaxhighlighting'); } } $this->_data = json_encode($messages); } } else { $this->_error = self::GENERIC_ERROR; } if ($isJson) { if (strlen($this->_error)) { $this->_return_message(1, $this->_error); } else { $this->_return_message(0, $dataid, array('messages' => $messages)); } } }
/** * Read an existing paste or comment * * @access private * @param string $dataid * @return void */ private function _read($dataid) { // Is this a valid paste identifier? if (!filter::is_valid_paste_id($dataid)) { $this->_error = 'Invalid paste ID.'; return; } // Check that paste exists. if ($this->_model()->exists($dataid)) { // Get the paste itself. $paste = $this->_model()->read($dataid); // See if paste has expired. if (isset($paste->meta->expire_date) && $paste->meta->expire_date < time()) { // Delete the paste $this->_model()->delete($dataid); $this->_error = 'Paste does not exist, has expired or has been deleted.'; } else { // We kindly provide the remaining time before expiration (in seconds) if (property_exists($paste->meta, 'expire_date')) { $paste->meta->remaining_time = $paste->meta->expire_date - time(); } // The paste itself is the first in the list of encrypted messages. $messages = array($paste); // If it's a discussion, get all comments. if (property_exists($paste->meta, 'opendiscussion') && $paste->meta->opendiscussion) { $messages = array_merge($messages, $this->_model()->readComments($dataid)); } $this->_data = json_encode($messages); // If the paste was meant to be read only once, delete it. if (property_exists($paste->meta, 'burnafterreading') && $paste->meta->burnafterreading) { $this->_model()->delete($dataid); } } } else { $this->_error = 'Paste does not exist or has expired.'; } }
public function testPasteIdValidation() { $this->assertTrue(filter::is_valid_paste_id('a242ab7bdfb2581a'), 'valid paste id'); $this->assertFalse(filter::is_valid_paste_id('foo'), 'invalid hex values'); $this->assertFalse(filter::is_valid_paste_id('../bar/baz'), 'path attack'); }