summaryrefslogtreecommitdiffstats
path: root/application
AgeCommit message (Collapse)AuthorFilesLines
2016-07-13Improve insufficient permisions error messageFlorian Pritz3-3/+11
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2016-07-13Add site URL to authentication errorFlorian Pritz3-3/+3
This might help users if they run their own installation, but forget to set the URL in the client config and then run into this error. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2016-07-13Throw public exception when accessing CLI only functionsFlorian Pritz4-9/+14
We actually don't need to hide this from the user. The error should be shown rather than a blank page being returned. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2016-07-13muser: Improve invalid action key error messageFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2016-07-13controllers/user: Deduplicate email verificationFlorian Pritz1-5/+14
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2016-07-13controllers/user: Deduplicate username verificationFlorian Pritz1-2/+15
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2016-07-13Fix missing phpdoc for \service\userFlorian Pritz1-4/+6
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2016-07-13Remove incorrect TODO about $new_file being unsetFlorian Pritz1-1/+0
I think this is left over from developing the feature. This seems to have been incorrect in the inital commit of the code. Just drop it. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2016-07-13Fix typoFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2016-07-13Remove duplicate TODO for supporting multiple type for thumbnailsFlorian Pritz1-1/+0
Already in \libraries\Exif Signed-off-by: Florian Pritz <bluewind@xinu.at>
2016-07-12Fix incorrect width of thumbnail listFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2016-07-12Link single paste to autodetection in video/audio/asciinema fragemntsFlorian Pritz3-3/+3
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2016-07-12Add asciinema supportFlorian Pritz4-3/+18
This bypasses require.js for asciinema because apparently require.js can't deal with the embedded React library. The result is that React is not loaded properly and the asciinema player is unable to find it. Just load it like upstream tells you to. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2016-07-10Make delete button fixed on upload history pageFlorian Pritz3-9/+18
Also make the navigation fixed because otherwise this looks hideous and the space is already occupied anyway. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2016-07-10Fix login page being to wide on mobile devicesFlorian Pritz1-1/+1
Same fix as in 7e4912fc03111ab5071e8e7478db48422597777a. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2016-07-10Fix display issue on paste pageFlorian Pritz1-1/+1
Proper fix this time. container is not necessary here. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2016-07-10Revert "Fix display issues with new bootstrap"Florian Pritz5-5/+5
This reverts commit f0d3b633f04c9afa2237b1dad83ad8240da68b38. That commit causes breakage on the history page due to missing padding.
2016-07-04Add popover with filenames of multipaste to historyFlorian Pritz1-0/+20
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2016-07-04service\files->get_multipaste_history: Add sort order from DBFlorian Pritz3-2/+18
Keep this field private for now. I may be exposed at a later time. The returned values are already normalized so they can be safely exposed. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2016-07-04Add function to ellipsize textFlorian Pritz2-0/+70
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2016-07-04Harden XSS escapingFlorian Pritz2-3/+3
This could lead to XSS if the html attribute values weren't quoted with double quotes. By default htmlentities only encodes double quotes and not single quotes. If the quotes are ever changed this could lead to exploitable XSS. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2016-07-04file/history: Add support to display preview of entries on hoverFlorian Pritz2-1/+6
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2016-07-04Update API v2 version info to 2.1.0Florian Pritz1-1/+1
The documentation already refers to 2.1.0 and lists a new feature of the file/history endpoint, but requests for 2.1.0 are not yet accepted because the server doesn't know that it actually supports this version. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2016-07-04Fix display issues with new bootstrapFlorian Pritz5-5/+5
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2016-06-16Remove old TODOFlorian Pritz1-1/+0
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2016-06-12Switch to PHP based markdown renderer (parsedown)Florian Pritz2-4/+6
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2016-06-09Use PHP library for QR codesFlorian Pritz3-1/+8
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2016-06-09Autoloader: Support PSR-4 style namespace/directory mappingFlorian Pritz1-8/+15
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2016-06-07file/download: Delete invalid multipastesFlorian Pritz1-0/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2016-06-07mmultipaste->valid_id: Detect empty multipastes as invalidFlorian Pritz1-0/+4
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2016-06-05config: Clarify comment about password hashing settingsFlorian Pritz1-1/+2
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2016-06-05Fix redirect on login after registering new accountFlorian Pritz3-1/+4
Previously the login box in the navigation would redirect to the current page, but this page will throw an error in the case of the registration page since that's the page with the invition key and that key is no longer valid. Fix this by redirecting to the $redirect_uri and ensure that this value is set for all requests. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2016-05-24mfile/valid_id: Remove duplicate codeFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2016-05-24Fix TypeError when getting thumbnail for invalid IDFlorian Pritz1-0/+5
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2016-04-01Fix typoFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2016-04-01Support rehashing of passwords not conforming to configFlorian Pritz2-0/+7
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2016-04-01muser: Add set_passwordFlorian Pritz2-4/+8
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2016-04-01Support changing password hashing settingsFlorian Pritz2-1/+15
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2016-03-29Catch potential password hashing errorsFlorian Pritz1-1/+5
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2016-03-29Increase size of password field in DBFlorian Pritz2-1/+28
The php documentation for password_hash recommends 255. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2016-03-29Use PHP's password_hash functionFlorian Pritz3-259/+2
This drops a third party library, but bumps our required php version to 5.5 which is currently old stable. Earlier versions are no longer supported by php upstream nor by us. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2016-02-26Fix MYSQL error in migration 14/15Florian Pritz2-24/+16
Error was: You can't specify target table 'testsuite_prefix_file_storage' for update in FROM clause The new code is ported from the existing postgres migration. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2016-02-19view/user/profile: Fix typoFlorian Pritz1-1/+1
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2016-01-24PHP7: Ignore Notice when getting mimetype0.9.10Florian Pritz1-0/+5
Sometimes php7 throws an internal notice in this function which we convert to an exception. Catching the exception will however not set $mimetype so this error needs to be ignored. This should be removed once php has fixed the bug. References: https://bugs.php.net/bug.php?id=71434 Signed-off-by: Florian Pritz <bluewind@xinu.at>
2015-12-14PasswordHash: Fix PHP7 compatability0.9.9Florian Pritz1-1/+1
Using the class name for the constructor is deprecated. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2015-11-23l/Pygments: Fix exception for filenames ending with a dotFlorian Pritz2-1/+11
Signed-off-by: Florian Pritz <bluewind@xinu.at>
2015-11-02view/client: Hardcode URLsFlorian Pritz3-7/+4
Clients are only hosted on paste.xinu.at and everywhere else the links will point to missing files so they become useless. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2015-11-02l/Image/D/imagemagick: Allow output on stderrFlorian Pritz1-1/+1
Imagemagick sometimes output warnings about files that do not conform to standards, but still renders them. Signed-off-by: Florian Pritz <bluewind@xinu.at>
2015-09-30Bring a/views/file_plaintext in line with a/v/fileFlorian Pritz8-4/+30
- Add missing files - Fix paths missing FCPATH - Remove left over header/footer Signed-off-by: Florian Pritz <bluewind@xinu.at>
2015-09-28Fix login redirect with multipate URLFlorian Pritz1-1/+1
The - from m-ID was missing in the regex. Signed-off-by: Florian Pritz <bluewind@xinu.at>