protected function actionContent($params) { if (!isset($params['slug'])) { $params['slug'] = ''; } $content = \GO\Site\Model\Content::model()->findBySlug($params['slug']); if (!$content) { header("HTTP/1.0 404 Not Found"); header("Status: 404 Not Found"); echo $this->render('/site/404'); } else { $this->setPageTitle($content->metaTitle); if (!empty($content->meta_description)) { \Site::scripts()->registerMetaTag($content->meta_description, 'description'); } if (!empty($content->meta_keywords)) { \Site::scripts()->registerMetaTag($content->meta_keywords, 'keywords'); } // Check if the template is not empty if (empty($content->template)) { $defaultTemplate = \Site::config()->getDefaultTemplate(); if (!empty($defaultTemplate)) { $content->template = $defaultTemplate; } } echo $this->render($content->template, array('content' => $content)); } }
/** * Verifies 'enforce private' setting when creating pastes */ public function testPostCreatePrivateSite() { $this->initTestStep(); Site::config('general', array('paste_visibility' => 'private')); $key = 'UnitTest::Protected' . str_random(64); $response = $this->call('POST', 'create', array('title' => 'UnitTest::Title', 'data' => $key, 'language' => 'text')); Site::config('general', array('paste_visibility' => 'default')); $this->assertRedirectedTo($response->getTargetUrl()); $this->assertEquals(Paste::where('data', $key)->first()->private, 1); }
/** * Tests the postRegister method of the controller */ public function testPostRegister() { $this->initTestStep(); // Disable the captcha Site::config('auth', array('db_show_captcha' => 0, 'db_allow_reg' => 1)); // Generate a random user key $key = 'unittest' . time(); $this->call('POST', 'user/register', array('username' => $key, 'password' => $key, 'email' => "{$key}@test.com")); $this->assertRedirectedTo('user/login'); $this->assertEquals(User::where('username', $key)->count(), 1); }
/** * Execute the console command. * * @return mixed */ public function fire() { // Get the config group, key and value $group = $this->option('group'); $key = $this->option('key'); $value = $this->option('value'); // Group, key and value are mandatory options if (!empty($group) and !empty($key) and !empty($value)) { Site::config($group, array($key => $value)); $this->info('Configuration data saved successfully. Please delete the contents of `app/storage/cache` folder for your changes to take effect.'); } else { $this->error('Insufficient arguments specified.'); $this->error('Usage: snconfig:get --group="..." --key="..." --value="..."'); } }
/** * Execute the console command. * * @return mixed */ public function fire() { // Get the config group and key $group = $this->option('group'); $key = $this->option('key'); // Both group and key are mandatory options if (!empty($group) and !empty($key)) { $values = Site::config($group); if (isset($values->{$key})) { $this->info($values->{$key}); } else { $this->error('No config data exists for given key.'); } } else { $this->error('Insufficient arguments specified.'); $this->error('Usage: snconfig:get --group="..." --key="..."'); } }
/** * Creates a new paste item * * @return \Illuminate\Support\Facades\Redirect */ public function postCreate() { // Get the site configuration $site = Site::config('general'); // Define validation rules $validator = Validator::make(Input::all(), array('title' => 'max:30', 'data' => 'required|auth|mbmax:' . $site->maxPasteSize, 'language' => 'required|in:' . Highlighter::make()->languages(TRUE), 'expire' => 'in:' . Paste::getExpiration('create', TRUE))); // Generate anti-spam modules $antispam = Antispam::make('paste', 'data'); // Run validations $resultValidation = $validator->passes(); // Execute antispam services $resultAntispam = $antispam->passes(); // Get the paste language. We use it to store a language history $language = Input::get('language'); $historyLangs = Cookie::get('languages'); // History languages must always be an array $historyLangs = is_array($historyLangs) ? $historyLangs : array(); // No dulicates allowed in the history if (in_array($language, $historyLangs)) { $key = array_search($language, $historyLangs); unset($historyLangs[$key]); } else { if (count($historyLangs) >= 10) { $historyLangs = array_slice($historyLangs, 1, count($historyLangs)); } } // Add current language to the history array_push($historyLangs, $language); $cookie = Cookie::forever('languages', $historyLangs); // Evaluate validation results if ($resultValidation and $resultAntispam) { // We inject the project into the input so that // it is also inserted into the DB accordingly Input::merge(array('project' => $this->project)); // All OK! Create the paste already!! $paste = Paste::createNew('web', Input::all()); // Now, save the attachment, if any (and if enabled) if ($site->allowAttachment and Input::hasFile('attachment')) { $file = Input::file('attachment'); if ($file->isValid()) { $file->move(storage_path() . '/uploads', $paste->urlkey); } } // Redirect to paste if there's no password // Otherwise, just show a link if ($paste->password) { $url = link_to("{$paste->urlkey}/{$paste->hash}"); $message = sprintf(Lang::get('create.click_for_paste'), $url); Session::flash('messages.success', $message); } else { return Redirect::to(Paste::getUrl($paste))->withCookie($cookie); } } else { // Set the error message as flashdata if (!$resultValidation) { Session::flash('messages.error', $validator->messages()->all('<p>:message</p>')); } else { if (!$resultAntispam) { Session::flash('messages.error', $antispam->message()); } } } return Redirect::to(URL::previous())->withInput()->withCookie($cookie); }
return TRUE; }); Validator::replacer('mbmax', function ($message, $attribute, $rule, $parameters) { return str_replace(':max', $parameters[0], $message); }); /* |-------------------------------------------------------------------------- | Trust proxy headers |-------------------------------------------------------------------------- | | Checks if the site is behind a proxy server (or a load balancer) and | set whether to trust the client IP sent in the request that comes via | the proxy intermediary. | */ if (Site::config('general')->proxy) { // Trust the client proxy address Request::setTrustedProxies(array(Request::getClientIp())); // Trust the client IP header Request::setTrustedHeaderName(\Symfony\Component\HttpFoundation\Request::HEADER_CLIENT_IP, 'X-Forwarded-For'); // Trust the client protocol header Request::setTrustedHeaderName(\Symfony\Component\HttpFoundation\Request::HEADER_CLIENT_PROTO, 'X-Forwarded-Proto'); } /* |-------------------------------------------------------------------------- | Handle application errors |-------------------------------------------------------------------------- | | Shows custom screens for app errors. This is mainly done to show a | friendly error message and to throw errors with ease from the view. |
/** * Creates a new paste via the API * * @param string $mode * @return \Illuminate\Support\Facades\View */ public function postCreate($mode) { $api = API::make($mode); // Set custom messages for validation module $custom = array('title.max' => 'title_max_30', 'data.required' => 'data_required', 'data.auth' => 'cannot_post', 'data.mbmax' => 'data_too_big', 'language.required' => 'lang_required', 'language.in' => 'lang_invalid', 'expire.integer' => 'expire_integer', 'expire.in' => 'expire_invalid'); // Define validation rules $validator = Validator::make(Input::all(), array('title' => 'max:30', 'data' => 'required|auth|mbmax:' . Site::config('general')->maxPasteSize, 'language' => 'required|in:' . Highlighter::make()->languages(TRUE), 'expire' => 'integer|in:' . Paste::getExpiration('create', TRUE)), $custom); // Run validations if ($validator->fails()) { return $api->error($validator->messages()->first()); } // Set custom messages for the antispam module $custom = array('ipban' => 'antispam_ipban', 'stealth' => 'antispam_stealth', 'censor' => 'antispam_censor', 'noflood' => 'antispam_noflood', 'php' => 'antispam_php'); // Instantiate the antispam module $antispam = Antispam::make('api_call', 'data', $custom); // Run the anti-spam modules if ($antispam->fails()) { return $api->error($antispam->message()); } // Create the paste like a boss! $paste = Paste::createNew('api', Input::all()); // All done! Now we need to output the urlkey and hash $data = array('urlkey' => $paste->urlkey, 'hash' => $paste->hash); // Return the output return $api->out('create', $data); }
/** * Handles the paste password submission * * @param string $urlkey * @param string $hash * @return \Illuminate\Support\Facades\Redirect|null */ public function postComment() { if (Site::config('general')->comments) { // Define validation rules $validator = Validator::make(Input::all(), array('comment' => 'required|auth|min:5|max:1024')); // Generate anti-spam modules $antispam = Antispam::make('comment', 'comment'); // Run validations $resultValidation = $validator->passes(); // Execute antispam services $resultAntispam = $antispam->passes(); if ($resultValidation and $resultAntispam) { // Get the associated paste $paste = Paste::findOrFail(Input::get('id')); // Insert the new comment if (!is_null($paste)) { $comment = new Comment(); $comment->paste_id = $paste->id; $comment->data = nl2br(strip_tags(Input::get('comment'))); $comment->author = Auth::check() ? Auth::user()->username : Lang::get('global.anonymous'); $comment->timestamp = time(); $comment->save(); } return Redirect::to(URL::previous()); } else { // Set the error message as flashdata if (!$resultValidation) { Session::flash('messages.error', $validator->messages()->all('<p>:message</p>')); } else { if (!$resultAntispam) { Session::flash('messages.error', $antispam->message()); } } return Redirect::to(URL::previous())->withInput(); } } else { App::abort(401); // Unauthorized } }
}); }); // API routes Route::get('api/{mode}/parameter/{param}', 'ApiController@getParameter'); Route::get('api/{mode}/show/{urlkey}/{hash?}/{password?}', 'ApiController@getShow'); Route::get('api/{mode}/list/{page?}', 'ApiController@getList'); Route::post('api/{mode}/create', 'ApiController@postCreate'); // Feed routes Route::get('feed/{type?}', 'FeedController@getFeed')->where('type', 'rss'); // AJAX routes Route::controller('ajax', 'AjaxController'); // Application setup routes Route::controller('setup', 'SetupController'); // Documentation routes Route::get('docs', function () { return Redirect::to(Site::config('services')->docsUrl); }); // User operation routes Route::get('user/login', 'UserController@getLogin'); Route::post('user/login', 'UserController@postLogin'); Route::get('user/logout', 'UserController@getLogout'); Route::get('user/register', 'UserController@getRegister'); Route::get('user/forgot', 'UserController@getForgot'); // DB-only user operations Route::group(array('before' => 'auth.config'), function () { // Submit user registration Route::post('user/register', 'UserController@postRegister'); // Submit forgot password Route::post('user/forgot', 'UserController@postForgot'); // Submit user profile Route::group(array('before' => 'auth'), function () {
/** * Handles POST requests on the registration screen * * @access public * @return \Illuminate\Support\Facades\Redirect */ public function postRegister() { // Define validation rules $rules = array('username' => 'required|max:50|alpha_dash|unique:users,username,-1,id,type,db', 'email' => 'required|max:100|email|unique:users,email,-1,id,type,db', 'dispname' => 'max:100', 'password' => 'required|min:5'); // Check if captcha is enabled, and if it is, validate it if (Site::config('auth')->dbShowCaptcha) { $rules['captcha'] = 'required|captcha'; } $validator = Validator::make(Input::all(), $rules); // Run the validator if ($validator->passes()) { $user = new User(); $user->username = Input::get('username'); $user->email = Input::get('email'); $user->dispname = Input::get('dispname'); $user->salt = str_random(5); $user->password = PHPass::make()->create(Input::get('password'), $user->salt); $user->admin = 0; $user->save(); Session::flash('messages.success', Lang::get('user.register_done')); return Redirect::to('user/login'); } else { Session::flash('messages.error', $validator->messages()->all('<p>:message</p>')); return Redirect::to('user/register')->withInput(); } }
function preparePageConfiguration() { self::$config = Map::getPageConfiguration(array_values(self::$request_uri_array)); }
<?php return array('driver' => 'stickynotes' . Site::config('auth')->method, 'model' => 'User', 'table' => 'users', 'reminder' => array('email' => 'emails.auth.reminder', 'table' => 'password_reminders', 'expire' => 60));
/** * Check if the paste cannot expire * * @static * @return bool */ public static function noExpire() { $noExpire = FALSE; // Admins can always create permanent pastes if (Auth::roles()->admin) { $noExpire = TRUE; } // Check if only registered users can create permanent pastes if (Site::config('general')->noExpire == 'user' and Auth::roles()->user) { $noExpire = TRUE; } // Check if everyone can create permanent pastes if (Site::config('general')->noExpire == 'all') { $noExpire = TRUE; } return $noExpire; }
if (File::exists($configFile)) { include $configFile; // Import site settings Site::config('general', array_map('html_entity_decode', array('title' => $site_name, 'copyright' => $site_copyright, 'googleApi' => $google_api_key))); // Import antispam settings Site::config('antispam', array_map('html_entity_decode', array('services' => $sg_services, 'phpKey' => $sg_php_key, 'phpDays' => $sg_php_days, 'phpScore' => $sg_php_score, 'phpType' => $sg_php_type, 'censor' => $sg_censor))); // Import authentication settings Site::config('auth', array_map('html_entity_decode', array('method' => $auth_method, 'ldapServer' => $ldap_server, 'ldapPort' => $ldap_port, 'ldapBaseDn' => $ldap_base_dn, 'ldapUid' => $ldap_uid, 'ldapFilter' => $ldap_filter, 'ldapUserDn' => $ldap_user_dn, 'ldapPassword' => $ldap_password))); // Import SMTP settings Site::config('mail', array_map('html_entity_decode', array('host' => $smtp_host, 'port' => $smtp_port, 'encryption' => $smtp_crypt, 'username' => $smtp_username, 'password' => $smtp_password, 'address' => $smtp_from))); // If auth method is LDAP, notify the user to set // an admin filter. if ($auth_method == 'ldap') { Setup::messages('0.4', Lang::get('setup.ldap_update_warn')); } // Remove the old config file File::delete($configFile); } }), '1.0' => array(), '1.1' => array('closure' => function () { $config = Site::config('general'); // Modify config values if (isset($config->googleApi)) { Site::config('services', array('googleApiKey' => $config->googleApi)); } }), '1.2' => array('newTables' => array('comments' => array((object) array('name' => 'id', 'type' => 'increments'), (object) array('name' => 'paste_id', 'type' => 'integer'), (object) array('name' => 'data', 'type' => 'text'), (object) array('name' => 'author', 'type' => 'string', 'length' => 50, 'nullable' => TRUE, 'default' => NULL), (object) array('name' => 'timestamp', 'type' => 'integer')))), '1.3' => array('newTables' => array('statistics' => array((object) array('name' => 'id', 'type' => 'increments'), (object) array('name' => 'date', 'type' => 'date'), (object) array('name' => 'web', 'type' => 'integer', 'default' => 0), (object) array('name' => 'api', 'type' => 'integer', 'default' => 0)))), '1.4' => array(), '1.5' => array(), '1.6' => array('modifyTables' => array('main' => array((object) array('name' => 'flagged', 'type' => 'boolean', 'default' => 0), (object) array('name' => 'attachment', 'type' => 'boolean', 'default' => 0)), 'users' => array((object) array('name' => 'remember_token', 'type' => 'string', 'length' => 60, 'default' => '')))), '1.7' => array('closure' => function () { $config = Site::config('general'); // Modify config values if (isset($config->privateSite) and $config->privateSite) { Site::config('general', array('pasteVisibility' => 'private')); } })));
/** * Handles POST requests to the servics config form * * @access public * @return \Illuminate\Support\Facades\Redirect */ public function postServices() { Site::config('services', Input::all()); Session::flash('messages.success', Lang::get('admin.services_updated')); return Redirect::to('admin/services'); }
function track($i = -1) { if (Site::config()->isDevMode()) { echo $i == -1 ? 'Track<br />' : 'Track ' . $i . ' <br />'; } }
/** * Parses and displays a list * * @param \Illuminate\Database\Eloquent\Model $pastes * @param bool $showFilters * @param bool $showSearch * @return \Illuminate\Support\Facades\View */ private function getList($pastes, $showSearch = FALSE, $showFilters = FALSE) { // Check if no pastes were found if ($pastes->count() === 0) { App::abort(418); // No pastes found } // Output the view $data = array('pastes' => $pastes, 'pages' => $pastes->links(), 'filters' => $showFilters, 'search' => $showSearch and Site::config('general')->pasteSearch); return View::make('site/list', $data); }
| */ Route::filter('installed', function () { // Determine if the system is installed $installed = System::installed(); // Now we get the app and DB versions // If there is no version data in the DB, the function will return 0 $appVersion = System::version(Config::get('app.version')); $dbVersion = System::version(Site::config('general')->version); // We clear the cache to verify if there is a version mismatch // This usually should not be required but we do this to avoid the // update screen from popping up when we the user updates the // sticky-notes code if ($appVersion > $dbVersion) { Cache::flush(); $dbVersion = System::version(Site::config('general')->version); } // Redirect to setup pages based on version checks if (Request::segment(1) != 'setup') { // Redirect to the installer if (!$installed) { Setup::start(); return Redirect::to('setup/install'); } else { if (Request::segment(2) != 'login') { if ($appVersion > $dbVersion) { Setup::start(); return Redirect::to('setup/update'); } else { // Run Google Analytics visitor tracking Service::analytics();
/** * Tests the postServices method of the controller */ public function testPostServices() { $this->initTestStep(); $key = 'google' . time(); $this->call('POST', 'admin/services', array('google_api_key' => $key, 'google_analytics_id' => '')); $this->assertSessionHas('messages.success'); $this->assertRedirectedTo('admin/services'); $this->assertEquals(Site::config('services')->googleApiKey, $key); }
/** * Tests the postCreate method of the controller without * guest posts enabled */ public function testPostCreateNoGuest() { $this->initTestStep(FALSE); Site::config('general', array('guest_posts' => '0')); $key = 'UnitTest::Protected' . str_random(64); $response = $this->call('POST', 'create', array('title' => 'UnitTest::Title', 'data' => $key, 'language' => 'text')); $this->assertSessionHas('messages.error'); $this->assertEquals(Paste::where('data', $key)->count(), 0); }
<?php return array('1800' => array('expire_30mins', TRUE), '21600' => array('expire_6hrs', TRUE), '86400' => array('expire_1day', TRUE), '604800' => array('expire_1week', TRUE), '2592000' => array('expire_1month', TRUE), '31536000' => array('expire_1year', TRUE), '0' => array('expire_forever', Site::config('general')->noExpire or Auth::roles()->admin));
// Import antispam settings Site::config('antispam', array_map('html_entity_decode', array('services' => $sg_services, 'phpKey' => $sg_php_key, 'phpDays' => $sg_php_days, 'phpScore' => $sg_php_score, 'phpType' => $sg_php_type, 'censor' => $sg_censor))); // Import authentication settings Site::config('auth', array_map('html_entity_decode', array('method' => $auth_method, 'ldapServer' => $ldap_server, 'ldapPort' => $ldap_port, 'ldapBaseDn' => $ldap_base_dn, 'ldapUid' => $ldap_uid, 'ldapFilter' => $ldap_filter, 'ldapUserDn' => $ldap_user_dn, 'ldapPassword' => $ldap_password))); // Import SMTP settings Site::config('mail', array_map('html_entity_decode', array('host' => $smtp_host, 'port' => $smtp_port, 'encryption' => $smtp_crypt, 'username' => $smtp_username, 'password' => $smtp_password, 'address' => $smtp_from))); // If auth method is LDAP, notify the user to set // an admin filter. if ($auth_method == 'ldap') { Setup::messages('0.4', Lang::get('setup.ldap_update_warn')); } // Remove the old config file File::delete($configFile); } }), '1.0' => array(), '1.1' => array('closure' => function () { $config = Site::config('general'); // Modify config values if (isset($config->googleApi)) { Site::config('services', array('googleApiKey' => $config->googleApi)); } }), '1.2' => array('newTables' => array('comments' => array((object) array('name' => 'id', 'type' => 'increments'), (object) array('name' => 'paste_id', 'type' => 'integer'), (object) array('name' => 'data', 'type' => 'text'), (object) array('name' => 'author', 'type' => 'string', 'length' => 50, 'nullable' => TRUE, 'default' => NULL), (object) array('name' => 'timestamp', 'type' => 'integer')))), '1.3' => array('newTables' => array('statistics' => array((object) array('name' => 'id', 'type' => 'increments'), (object) array('name' => 'date', 'type' => 'date'), (object) array('name' => 'web', 'type' => 'integer', 'default' => 0), (object) array('name' => 'api', 'type' => 'integer', 'default' => 0)))), '1.4' => array(), '1.5' => array(), '1.6' => array('modifyTables' => array('main' => array((object) array('name' => 'flagged', 'type' => 'boolean', 'default' => 0), (object) array('name' => 'attachment', 'type' => 'boolean', 'default' => 0)), 'users' => array((object) array('name' => 'remember_token', 'type' => 'string', 'length' => 60, 'default' => '')))), '1.7' => array('closure' => function () { $config = Site::config('general'); // Modify config values if (isset($config->privateSite) and $config->privateSite) { Site::config('general', array('pasteVisibility' => 'private')); } }), '1.8' => array('closure' => function () { $config = Site::config('general'); $noExpire = isset($config->noExpire) and !$config->noExpire ? 'none' : 'all'; Site::config('general', array('noExpire' => $noExpire)); })));
<?php return array('driver' => Site::config('mail')->driver, 'host' => Site::config('mail')->host, 'port' => Site::config('mail')->port, 'from' => array('address' => Site::config('mail')->address, 'name' => Site::config('mail')->name), 'encryption' => Site::config('mail')->encryption, 'username' => Site::config('mail')->username, 'password' => Site::config('mail')->password, 'sendmail' => Site::config('mail')->sendmail, 'pretend' => Site::config('mail')->pretend);
/** * Creates a new paste with the data supplied * * @static * @param string $source * @param array $data * @return Illuminate\Database\Eloquent\Model */ public static function createNew($source, $data) { // Get the site's configuration $site = Site::config('general'); // Set the paste protected flag $protected = !empty($data['password']); // Set the private paste flag $private = !empty($data['private']); // We use an alphanumeric URL key to identify pastes // This is done so that users do not have access to the // actual primary key in the database and therefore, cannot // mass download all data $urlkey = static::makeUrlKey(); // This hash is used for identifying private pastes // Unless being opened by the paste author, sticky notes // makes passing this hass as a part of the URL mandatory // for private pastes $hash = static::getHash(); // Encrypt the password with a salt $password = ''; $salt = str_random(5); if (!empty($data['password'])) { $password = PHPass::make()->create($data['password'], $salt); } // Set the paste visibility based on the site's config switch ($site->pasteVisibility) { case 'public': $protected = $private = FALSE; $password = ''; break; case 'private': $private = TRUE; break; } // Set the paste author if (Auth::check()) { $user = Auth::user(); $authorId = $user->id; $author = $user->username; } else { $authorId = 0; $author = NULL; } // Set the paste expiration time default if (!isset($data['expire']) or $data['expire'] < 0) { $data['expire'] = $site->pasteAge; } // Check if we have an attachment if ($site->allowAttachment and isset($data['attachment']) and is_array($data['attachment'])) { $attachment = empty($data['attachment'][0]) ? 0 : 1; } else { $attachment = 0; } // Set up the new paste $paste = new Paste(); $paste->project = empty($data['project']) ? NULL : $data['project']; $paste->title = empty($data['title']) ? NULL : $data['title']; $paste->data = $data['data']; $paste->language = $data['language']; $paste->private = ($protected or $private) ? 1 : 0; $paste->password = $password; $paste->salt = $salt; $paste->hash = $hash; $paste->urlkey = $urlkey; $paste->author = $author; $paste->author_id = $authorId; $paste->timestamp = time(); $paste->expire = $data['expire'] > 0 ? time() + $data['expire'] : 0; $paste->ip = Request::getClientIp(); $paste->attachment = $attachment; $paste->hits = 0; $paste->flagged = 0; $paste->save(); // Insert paste count to the statistics table $stat = Statistics::firstOrNew(array('date' => date('Y-m-d'))); $stat->{$source}++; $stat->save(); // Return the created paste return $paste; }