summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2012-04-10Fix syntax error in migration 2Florian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09Fix plaintext client viewFlorian Pritz1-3/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09header: hide login box until hoverFlorian Pritz2-5/+26
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09muser: decrease cost parameter for cryptFlorian Pritz1-1/+1
09 should take long enough and not waste too much time. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09Add invite link to headerFlorian Pritz1-1/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09Fix HTML syntax errorFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09Add information about acceptable usage and accounts.Florian Pritz2-1/+11
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09css: limit width of <p> and <li> to 800pxFlorian Pritz8-7/+19
Long lines streching across the entire screen are hard to read on wide screens. 800px should be a good compromise Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09user/register: restrict username to max 32 charsFlorian Pritz1-1/+1
The db field is 32 chars long. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09user/register: restrict username to a-z0-9Florian Pritz1-2/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09add register functionFlorian Pritz3-1/+100
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09random_id() -> random_alphanum(); allow single argumentFlorian Pritz3-5/+9
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09Implement simple referral systemFlorian Pritz4-1/+93
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09Move is_cli_client() and random_id() to helperFlorian Pritz5-32/+32
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09c/file: Style changesFlorian Pritz1-1/+3
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09c/file: remove old commentFlorian Pritz1-2/+0
It doesn't really apply anymore. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09upload_form: Display everything but forms if not logged in.Florian Pritz1-1/+3
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09Fix netrc information on client page.Florian Pritz1-2/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09add history link to header; fix indentationFlorian Pritz1-6/+7
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09Redirect to / if log in successfulFlorian Pritz2-5/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09upload_form(): don't require a userFlorian Pritz1-2/+0
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09Don't show delete button when not foundFlorian Pritz1-25/+25
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09muser: fix handling of cli clients without accountFlorian Pritz3-11/+18
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09Improve handling of cli clients without accountFlorian Pritz1-2/+6
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09fix missing $username when including header from file_modFlorian Pritz2-25/+28
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09declare used class variablesFlorian Pritz1-0/+3
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09do_upload(): fix errors if no file was uploadedFlorian Pritz1-1/+6
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09remove password from text formFlorian Pritz2-3/+0
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09Revert "Disable paste box"Florian Pritz3-23/+86
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09improve page titlesFlorian Pritz2-5/+6
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09more user changesFlorian Pritz5-56/+60
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09start working on usersFlorian Pritz17-68/+280
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09add helper script to create split css filesFlorian Pritz1-0/+26
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09update geshi css filesFlorian Pritz59-18/+1161
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09improve start page for cli clientsFlorian Pritz2-4/+20
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09Set 404 if a paste doesn't existFlorian Pritz1-0/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09Remove upload box on UI.Florian Pritz1-0/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09Fix HTML syntax errorFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09Disable paste boxFlorian Pritz3-85/+22
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-05Disable search indexingFlorian Pritz2-0/+3
All links will become invalid pretty soon so this just leads to lots of dead links in the bots search index. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-02Fix "Unknown ID" typoFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-03-28add scheme highlightingFlorian Pritz1-0/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-03-09CSP: allow object-srcFlorian Pritz1-1/+1
Video files won't play without this. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-02-26fix handling of ocaml mimetypeFlorian Pritz1-0/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-02-19move stale file removal to it's own functionFlorian Pritz1-5/+9
This shouldn't be needed and it's also pretty slow. No need to run it with ever cronjob. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-02-19file/cron: make accessible via CLI onlyFlorian Pritz1-1/+6
In production environments the cronjob might run quite some time and could be used to overload the server. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-02-19file/cron: close dir handles after useFlorian Pritz1-0/+3
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-02-19file/cron: clean up stale filesFlorian Pritz1-0/+33
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-02-19Implement CSP for direct file downloadsFlorian Pritz1-0/+3
With this header we tell the browser to ignore javascript, frames and objects which decreases the exploitability of simple html pastes if viewed raw ("<domain>/<id>", without a tailing slash) quite a lot. You can still upload arbitrary files containing javascript code, but the browser will refuse to execute it. References: https://wiki.mozilla.org/Security/CSP/Specification Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-02-19encode special chars in some placesFlorian Pritz2-3/+3
Signed-off-by: Florian Pritz <bluewind@xinu.at>