Filebin - The software behind paste.xinu.at

Age	Commit message (Collapse)	Author	Files	Lines
2013-09-10	Add file/get_max_size to csrf whitelist	Florian Pritz	1	-0/+1
	Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-08	user/create_apikey: Add JSON support	Florian Pritz	1	-0/+5
	Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-05	Disable CSRF for cli clients on user/create_apikey	Florian Pritz	1	-0/+1
	Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-05	Update jquery to 2.0.3	Florian Pritz	5	-7/+8837
	Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-04	Fix off-by-one error in random_alphanum()	Florian Pritz	1	-1/+1
	This could result in too short strings Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-04	Remove left over var_dump()	Florian Pritz	1	-2/+0
	Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-04	Remove unneeded "as" in sql query	Florian Pritz	1	-1/+1
	Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-04	Add support for enabling the profiler	Florian Pritz	2	-0/+7
	Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-04	Replace is_cli_client() with stateful_client where applicable	Florian Pritz	3	-7/+5
	Stateless clients (cli client and clients using api keys) can't reclaim IDs (no cookie) so they should be required to log in asap and they will always get an error if they didn't log in. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-04	Only store session information for stateful clients	Florian Pritz	2	-0/+53
	Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-04	Generalize request_type() to static_storage()	Florian Pritz	5	-13/+17
	Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-04	Set login session data in one go	Florian Pritz	2	-8/+12
	This reduces the amount of db queries and cookies we create since each update triggers an db update and (which is a bug) sets a new cookie. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-04	Only renew uri flashdata when needed.	Florian Pritz	1	-1/+1
	This saves us 2 to 4 (useless) db queries per page. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-03	Merge branch 'working'	Florian Pritz	19	-821/+190

2013-09-02	Autofocus username text box on upload_form	Tillmann Karras	1	-1/+1
	Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-02	Disable CSRF checks for CLI requests	Florian Pritz	1	-1/+1
	Otherwise we get an error in the Security class trying to access $_SERVER["REQUEST_METHOD"]. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-02	Add GET parameter for json output	Florian Pritz	1	-0/+6
	Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-02	mfile/delete_id: Remove require_access call	Florian Pritz	1	-1/+0
	We expect the controller to take care of that, no need to double check. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-02	claim_id: Fix error when called directly without last_upload data	Florian Pritz	1	-0/+7
	Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-02	Replace echo with show_error; misc cleanup	Florian Pritz	1	-9/+8
	Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-02	Add CSRF protection	Florian Pritz	4	-5/+51
	Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-02	Provide json output for api functions	Florian Pritz	10	-51/+84
	Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-02	muser: always verify api credentials; improve error messages	Florian Pritz	1	-17/+18
	Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-02	Allow to override config_item() options; add modification comments	Florian Pritz	2	-1/+15
	Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-02	user_logged_in(): always load muser	Florian Pritz	1	-0/+1
	Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-02	remove left over security library	Florian Pritz	1	-737/+0
	Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-09-02	Display domain of email address when resetting password	Florian Pritz	2	-2/+3
	Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-26	add readme	Florian Pritz	1	-0/+3
	Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-22	Remove empty line after ansi2html	Florian Pritz	1	-4/+8
	Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-22	Deduplicate initialisation code in controllers	Florian Pritz	3	-34/+40
	Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-22	Only determine latest client version when needed	Florian Pritz	1	-6/+3
	Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-22	Add comment about ID blacklist	Florian Pritz	1	-0/+2
	Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-22	Validate IDs when generating thumbnail history	Florian Pritz	1	-0/+5
	The thumbnail function generates an invalid image (HTML error message) if the ID is invalid resulting in empty images. Catch those when creating the page to prevent that. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-17	add NEWS file to track important changes	Florian Pritz	1	-0/+4
	Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-15	INSTALL: perl is no longer needed for a dev install	Florian Pritz	1	-1/+0
	Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-15	Switch to CI's caching class	Florian Pritz	9	-224/+31
	This supports more caching backends and doesn't force users to install the memcache extension. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-14	Use python-ansi2html instead of cpan module	Florian Pritz	4	-35/+518
	Way, way, way, way faster. Did I mention it is faster? Also we now have line numbers because we can. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-13	Coding style fixes	Florian Pritz	2	-8/+7
	Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-13	remove caching code from history	Florian Pritz	1	-61/+52
	Simply enabling it again would cause breakage (json handling). Just get rid of it. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-12	apikeys: allow any chars in comment	Florian Pritz	2	-4/+3
	No real point in restricting those, just leads to people wanting to use special chars that don't work. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-11	Merge branch 'working-split/api-keys' into working	Florian Pritz	13	-19/+206

2013-08-11	Allow more chars in apikey comment	Florian Pritz	1	-2/+2
	"fb-client user@host" will be used by fb-client so this should work... Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-11	Document API keys on client page	Florian Pritz	1	-0/+8
	Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-11	Remove api keys dependency on username	Florian Pritz	4	-8/+11
	We don't need it and getting the user name from the user drivers is way more complicated. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-11	Add API keys link to nav	Florian Pritz	1	-0/+1
	Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-11	Add API key support	Florian Pritz	8	-16/+191
	Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-11	data/local: add missing examples and gitignore	Florian Pritz	3	-0/+3
	Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-09	Add logo to header	Florian Pritz	1	-1/+8
	Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-09	Add delete support to thumbnail history	Florian Pritz	3	-2/+54
	Signed-off-by: Florian Pritz <bluewind@xinu.at>
2013-08-08	Add delete button to info popup on paste page	Florian Pritz	1	-0/+4
	Signed-off-by: Florian Pritz <bluewind@xinu.at>