summaryrefslogtreecommitdiffstats
path: root/application/models/file_mod.php
AgeCommit message (Collapse)AuthorFilesLines
2012-04-13Hide delete button if user doesn't own the idFlorian Pritz1-1/+1
It won't work anyway. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-12CSP: add unsafe-inline to style-srcFlorian Pritz1-1/+1
chromium rejects inline css with this. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-11Add filesize to history viewFlorian Pritz1-3/+4
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09random_id() -> random_alphanum(); allow single argumentFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09Move is_cli_client() and random_id() to helperFlorian Pritz1-29/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09muser: fix handling of cli clients without accountFlorian Pritz1-0/+12
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09fix missing $username when including header from file_modFlorian Pritz1-24/+27
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09improve page titlesFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-04-09start working on usersFlorian Pritz1-27/+11
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-03-28add scheme highlightingFlorian Pritz1-0/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-03-09CSP: allow object-srcFlorian Pritz1-1/+1
Video files won't play without this. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-02-26fix handling of ocaml mimetypeFlorian Pritz1-0/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-02-19Implement CSP for direct file downloadsFlorian Pritz1-0/+3
With this header we tell the browser to ignore javascript, frames and objects which decreases the exploitability of simple html pastes if viewed raw ("<domain>/<id>", without a tailing slash) quite a lot. You can still upload arbitrary files containing javascript code, but the browser will refuse to execute it. References: https://wiki.mozilla.org/Security/CSP/Specification Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-02-19encode special chars in some placesFlorian Pritz1-2/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2012-02-14bump geshi to 1.0.8.10Florian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-18remove superfluous spaceFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-18fix left over mime2extension call and commentsFlorian Pritz1-4/+4
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-18factorise mode detectionFlorian Pritz1-8/+36
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-18improve readability of download()Florian Pritz1-13/+17
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-18use the same date for if-modified-since everywhereFlorian Pritz1-2/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-12-17use perl from PATH and copy markdown.pl to scripts/Florian Pritz1-6/+5
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-11-18use full path to perl executable when calling mimetypeFlorian Pritz1-1/+1
Everywhere else we already do it like that. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-11-05fix position of commentFlorian Pritz1-1/+3
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-09-15valid_id: bail early if we can't get the file dataFlorian Pritz1-0/+3
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-09-15remove unneeded call to filename2extensionFlorian Pritz1-1/+0
mime2extension tells us if the file is text that can be highlit. filename2extension leeds to unwanted behaviour if the filename is for example "PKGBUILD", but the file is a binary. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-09-08fix markdown.pl pathFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-08-15rewrite scripts/mimetype to support ascii with color codesFlorian Pritz1-1/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-08-15export sane $PATHFlorian Pritz1-0/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-07-01add ascii highlighting with escape color supportFlorian Pritz1-4/+10
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-06-23fix copyright yearFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-06-23remove compatibility mimetype generationFlorian Pritz1-2/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-06-11support simple request ranges for direct downloadsFlorian Pritz1-10/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-06-11file_mod->download() remove useless checkFlorian Pritz1-1/+1
valid_id() cleans up the database if the file doesn't exists. This code didn't. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2011-06-04fix status code for redirect in show_urlFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@server-speed.net>
2011-06-01support .smlFlorian Pritz1-0/+1
Signed-off-by: Florian Pritz <bluewind@server-speed.net>
2011-05-28.slax -> textFlorian Pritz1-0/+1
Signed-off-by: Florian Pritz <bluewind@server-speed.net>
2011-05-18add .xsl -> xmlFlorian Pritz1-0/+1
Signed-off-by: Florian Pritz <bluewind@server-speed.net>
2011-05-16add highlighting for .dtd filesFlorian Pritz1-0/+1
Signed-off-by: Florian Pritz <bluewind@server-speed.net>
2011-05-16make file_mod->download easier to readFlorian Pritz1-112/+143
Signed-off-by: Florian Pritz <bluewind@server-speed.net>
2011-04-29add s -> asm aliasFlorian Pritz1-0/+1
Signed-off-by: Florian Pritz <bluewind@server-speed.net>
2011-04-23add pl->perl aliasFlorian Pritz1-1/+2
Signed-off-by: Florian Pritz <bluewind@server-speed.net>
2011-03-21remove file_mod->check_client_version()Florian Pritz1-11/+0
The interfaces shouldn't change anymore. Signed-off-by: Florian Pritz <bluewind@server-speed.net>
2011-02-15rework cli_client supportFlorian Pritz1-13/+12
Signed-off-by: Florian Pritz <bluewind@server-speed.net>
2011-02-02fix bug when using client to downloadFlorian Pritz1-0/+11
Do not check the client version when downloading because this breaks curl. Probably because we output and later set HTTP headers in file_mod->download(). Signed-off-by: Florian Pritz <bluewind@server-speed.net>
2011-02-02add sh -> bash aliasFlorian Pritz1-1/+2
Signed-off-by: Florian Pritz <bluewind@server-speed.net>
2011-01-28update to CI 2.0Florian Pritz1-0/+419
Signed-off-by: Florian Pritz <bluewind@server-speed.net>