Handles traffic limiting, so no user does more than one call per 10 seconds.
/**
* Set nickname.
*
* @access public
* @param string $nickname
* @throws Exception
* @return void
*/
public function setNickname($nickname)
{
if (!Sjcl::isValid($nickname)) {
throw new Exception('Invalid data.', 66);
}
$this->_data->meta->nickname = $nickname;
// If a nickname is provided, we generate an icon based on a SHA512 HMAC
// of the users IP. (We assume that if the user did not enter a nickname,
// the user wants to be anonymous and we will not generate an icon.)
$icon = $this->_conf->getKey('icon');
if ($icon != 'none') {
$pngdata = '';
$hmac = TrafficLimiter::getHash();
if ($icon == 'identicon') {
$identicon = new Identicon();
$pngdata = $identicon->getImageDataUri($hmac, 16);
} elseif ($icon == 'vizhash') {
$vh = new Vizhash16x16();
$pngdata = 'data:image/png;base64,' . base64_encode($vh->generate($hmac));
}
if ($pngdata != '') {
$this->_data->meta->vizhash = $pngdata;
}
}
// Once the icon is generated, we do not keep the IP address hash.
}
/**
* Store new paste or comment
*
* POST contains one or both:
* data = json encoded SJCL encrypted text (containing keys: iv,v,iter,ks,ts,mode,adata,cipher,salt,ct)
* attachment = json encoded SJCL encrypted text (containing keys: iv,v,iter,ks,ts,mode,adata,cipher,salt,ct)
*
* All optional data will go to meta information:
* expire (optional) = expiration delay (never,5min,10min,1hour,1day,1week,1month,1year,burn) (default:never)
* formatter (optional) = format to display the paste as (plaintext,syntaxhighlighting,markdown) (default:syntaxhighlighting)
* burnafterreading (optional) = if this paste may only viewed once ? (0/1) (default:0)
* opendiscusssion (optional) = is the discussion allowed on this paste ? (0/1) (default:0)
* attachmentname = json encoded SJCL encrypted text (containing keys: iv,v,iter,ks,ts,mode,adata,cipher,salt,ct)
* nickname (optional) = in discussion, encoded SJCL encrypted text nickname of author of comment (containing keys: iv,v,iter,ks,ts,mode,adata,cipher,salt,ct)
* parentid (optional) = in discussion, which comment this comment replies to.
* pasteid (optional) = in discussion, which paste this comment belongs to.
*
* @access private
* @return string
*/
private function _create()
{
// Ensure last paste from visitors IP address was more than configured amount of seconds ago.
TrafficLimiter::setConfiguration($this->_conf);
if (!TrafficLimiter::canPass()) {
return $this->_return_message(1, I18n::_('Please wait %d seconds between each post.', $this->_conf->getKey('limit', 'traffic')));
}
$data = $this->_request->getParam('data');
$attachment = $this->_request->getParam('attachment');
$attachmentname = $this->_request->getParam('attachmentname');
// Ensure content is not too big.
$sizelimit = $this->_conf->getKey('sizelimit');
if (strlen($data) + strlen($attachment) + strlen($attachmentname) > $sizelimit) {
return $this->_return_message(1, I18n::_('Paste is limited to %s of encrypted data.', Filter::formatHumanReadableSize($sizelimit)));
}
// Ensure attachment did not get lost due to webserver limits or Suhosin
if (strlen($attachmentname) > 0 && strlen($attachment) == 0) {
return $this->_return_message(1, 'Attachment missing in data received by server. Please check your webserver or suhosin configuration for maximum POST parameter limitations.');
}
// The user posts a comment.
$pasteid = $this->_request->getParam('pasteid');
$parentid = $this->_request->getParam('parentid');
if (!empty($pasteid) && !empty($parentid)) {
$paste = $this->_model->getPaste($pasteid);
if ($paste->exists()) {
try {
$comment = $paste->getComment($parentid);
$nickname = $this->_request->getParam('nickname');
if (!empty($nickname)) {
$comment->setNickname($nickname);
}
$comment->setData($data);
$comment->store();
} catch (Exception $e) {
return $this->_return_message(1, $e->getMessage());
}
$this->_return_message(0, $comment->getId());
} else {
$this->_return_message(1, 'Invalid data.');
}
} else {
$this->_model->purge();
$paste = $this->_model->getPaste();
try {
$paste->setData($data);
if (!empty($attachment)) {
$paste->setAttachment($attachment);
if (!empty($attachmentname)) {
$paste->setAttachmentName($attachmentname);
}
}
$expire = $this->_request->getParam('expire');
if (!empty($expire)) {
$paste->setExpiration($expire);
}
$burnafterreading = $this->_request->getParam('burnafterreading');
if (!empty($burnafterreading)) {
$paste->setBurnafterreading($burnafterreading);
}
$opendiscussion = $this->_request->getParam('opendiscussion');
if (!empty($opendiscussion)) {
$paste->setOpendiscussion($opendiscussion);
}
$formatter = $this->_request->getParam('formatter');
if (!empty($formatter)) {
$paste->setFormatter($formatter);
}
$paste->store();
} catch (Exception $e) {
return $this->_return_message(1, $e->getMessage());
}
$this->_return_message(0, $paste->getId(), array('deletetoken' => $paste->getDeleteToken()));
}
}
