Age | Commit message (Collapse) | Author | Files | Lines |
|
This can be used to track data for all kinds of one-time actions like
invitations and password resets.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
This change *should* be backwards compatible.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
The DB col is set to ascii_general_ci so if the username doesn't pass
the charset check we shouldn't even bother query the db because that can
trigger a collation error (utf-8 vs ascii).
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Initial-work-by: Oliver Mader <b52@reaktor42.de>
Additional-work-by: Markus Cisler <mrkscslr@gmail.com>
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Passing the authentication headers is slightly complicated with fastcgi
so we support both and let the users choose.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Pygments calls it that and mode was an undescriptive name anyway.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Previously we displayed an empty page since stderr usually goes to the
error log of the web server.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Pygments has lexers with space in the name and those won't work unless
we decode them.
Example: "Duel View"
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Assuming utf8 breaks if the input file is latin1. This automaticaly
guesses if it's utf8 or latin1. If this isn't enough, we can switch to
chardet, but that adds a new dependency.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Trigger: echo test | curl -F "file=@-;filename=stdin" <url>
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Most sessions are just people viewing a paste. Those don't need a
session until they want to log in so we don't have to pollute the
database and waste resources.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
No need to repeat that for every line.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
- faster than geshi
- easier to modify the css because there is only one
- geshi upstream seems pretty dead
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Muser already uses this scheme as it is easier to type.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Models shouldn't really call views
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
var is deprecated since ages and in strict mode we have to initialize
$this->var as a generic object before using it.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
CLI clients are expected to only request deletion when the users wants
it.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
This removes the old form which was used to delete a single upload and
replaces it with checkboxes on the history page. All checked IDs will be
removed at once, instead of requiring the user to click through multiple
pages.
The old file/delete page is kept for compatibility with CLI clients.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
The table is shared with the old delete_form, but it doesn't display the
delete button in info mode.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
If you only uploaded short filenames "Filename" could e longer than any
filename, resulting in a broken table.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Unowned files expire whenever a session expires because the user won't
be able to reclaim them anymore.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
If a user keeps the browser open until his session expires and then
tries to upload something we now add it to the database, add the ID to
the new session and when someone logs in with that session the ID is
assigned. Until then even if you guess it correctly, you won't be able
to download it.
If the user still manages to let the 2nd session expire because he can't
find his password, the upload will be lost. Shit happens.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
It won't work anyway.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
This can be used to remove an ID and all other IDs referencing the same
hash.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
If the session has timed out, javascript will get the login page and try
to redirect to "base_url/$htmlcode" which will obviously fail. Instead
of fixing the js code, reintroduce do_paste and use it.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
Some users might expect confirmation emails, but we don't send those
(yet?).
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|
|
The db field is 32 chars long.
Signed-off-by: Florian Pritz <bluewind@xinu.at>
|