summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2012-05-12Hide notice when getting key from memcacheFlorian Pritz1-1/+9
This looks horrible, but gets the job done... Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-05-12fix missing object initialization and properly declare class variablesFlorian Pritz3-3/+11
var is deprecated since ages and in strict mode we have to initialize $this->var as a generic object before using it. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-05-10Prevent browsers from deleting filesFlorian Pritz1-0/+5
CLI clients are expected to only request deletion when the users wants it. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-05-10Replace timeout (delete) link with info linkFlorian Pritz1-1/+2
The delete link won't ask for confirmation anymore, so don't use it. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-05-05Rework file deletion; allow to delete multiple IDs at onceFlorian Pritz6-82/+119
This removes the old form which was used to delete a single upload and replaces it with checkboxes on the history page. All checked IDs will be removed at once, instead of requiring the user to click through multiple pages. The old file/delete page is kept for compatibility with CLI clients. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-05-03user/hash_password: add form to support normal browsersFlorian Pritz2-2/+42
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-05-03document ID/info modeFlorian Pritz2-4/+10
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-05-03remove password column from `files`Florian Pritz2-1/+22
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-05-03add ID/info to display more information about a fileFlorian Pritz3-21/+45
The table is shared with the old delete_form, but it doesn't display the delete button in info mode. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-05-01use function to generate links to css filesFlorian Pritz4-4/+15
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-05-01move file link generation from controller to viewFlorian Pritz2-12/+7
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-05-01move etag handling into handle_etag()Florian Pritz1-27/+23
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-21Disable cache for upload_history for now.Florian Pritz1-1/+3
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-15upload_hstory: Initialize $lengths correctlyFlorian Pritz2-11/+22
If you only uploaded short filenames "Filename" could e longer than any filename, resulting in a broken table. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-14Make sure we keep the uri flashdataFlorian Pritz1-0/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-14claim_id: Fix wrong variable nameFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-14cron: Remove expired, unowned filesFlorian Pritz1-4/+10
Unowned files expire whenever a session expires because the user won't be able to reclaim them anymore. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-14Allow to keep and reclaim uploads without being logged inFlorian Pritz3-8/+59
If a user keeps the browser open until his session expires and then tries to upload something we now add it to the database, add the ID to the new session and when someone logs in with that session the ID is assigned. Until then even if you guess it correctly, you won't be able to download it. If the user still manages to let the 2nd session expire because he can't find his password, the upload will be lost. Shit happens. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-14v/upload_form: Reword primary goalFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-13Hide delete button if user doesn't own the idFlorian Pritz3-3/+9
It won't work anyway. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-13Add nuke_id() commandFlorian Pritz1-0/+26
This can be used to remove an ID and all other IDs referencing the same hash. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-13Add do_paste() and remove ajax from upload_formFlorian Pritz3-62/+46
If the session has timed out, javascript will get the login page and try to redirect to "base_url/$htmlcode" which will obviously fail. Instead of fixing the js code, reintroduce do_paste and use it. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-12CSP: add unsafe-inline to style-srcFlorian Pritz1-1/+1
chromium rejects inline css with this. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-11Display login boxes on upload_formFlorian Pritz3-26/+8
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-11Use phpass for password hashingFlorian Pritz2-2/+258
The current implementation sometimes failed to generate valid hashes (had something to do with the random salt). Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-11Fix password verificationFlorian Pritz1-1/+9
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-11Add filesize to history viewFlorian Pritz6-7/+65
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-11Show confirmation after loginFlorian Pritz2-0/+7
Some users might expect confirmation emails, but we don't send those (yet?). Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-10Fix syntax error in migration 2Florian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09Fix plaintext client viewFlorian Pritz1-3/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09header: hide login box until hoverFlorian Pritz2-5/+26
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09muser: decrease cost parameter for cryptFlorian Pritz1-1/+1
09 should take long enough and not waste too much time. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09Add invite link to headerFlorian Pritz1-1/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09Fix HTML syntax errorFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09Add information about acceptable usage and accounts.Florian Pritz2-1/+11
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09css: limit width of <p> and <li> to 800pxFlorian Pritz8-7/+19
Long lines streching across the entire screen are hard to read on wide screens. 800px should be a good compromise Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09user/register: restrict username to max 32 charsFlorian Pritz1-1/+1
The db field is 32 chars long. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09user/register: restrict username to a-z0-9Florian Pritz1-2/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09add register functionFlorian Pritz3-1/+100
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09random_id() -> random_alphanum(); allow single argumentFlorian Pritz3-5/+9
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09Implement simple referral systemFlorian Pritz4-1/+93
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09Move is_cli_client() and random_id() to helperFlorian Pritz5-32/+32
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09c/file: Style changesFlorian Pritz1-1/+3
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09c/file: remove old commentFlorian Pritz1-2/+0
It doesn't really apply anymore. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09upload_form: Display everything but forms if not logged in.Florian Pritz1-1/+3
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09Fix netrc information on client page.Florian Pritz1-2/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09add history link to header; fix indentationFlorian Pritz1-6/+7
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09Redirect to / if log in successfulFlorian Pritz2-5/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09upload_form(): don't require a userFlorian Pritz1-2/+0
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09Don't show delete button when not foundFlorian Pritz1-25/+25
Signed-off-by: Florian Pritz <bluewind@xinu.at>