From b6b8a6587c399bfd89e13e92ce04ee8486688e6e Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Tue, 18 Jan 2011 19:12:36 +0100 Subject: disable do_paste due to bot problems There are still bots which are able to trick the hidden email field and they upload phishing pages which let to paste.xinu.at being listed. Signed-off-by: Florian Pritz --- system/application/views/file/client.php | 9 ++++++--- system/application/views/file/upload_form.php | 7 +++++-- 2 files changed, 11 insertions(+), 5 deletions(-) (limited to 'system/application/views') diff --git a/system/application/views/file/client.php b/system/application/views/file/client.php index d9470a216..0ebc20791 100644 --- a/system/application/views/file/client.php +++ b/system/application/views/file/client.php @@ -1,8 +1,11 @@

Shell:

-curl -n -F "content=<-"  < file      (not binary safe)
-cat file | curl -n -F "content=<-"   (not binary safe)
-curl -n -F "file=@/home/user/foo"    (binary safe)
+
+>curl -n -F "content=<-"  < file      (not binary safe)
+cat file | curl -n -F "content=<-"   (not binary safe)
+
+curl -n -F "file=@/home/user/foo"    (binary safe)
+cat file | curl -n -F "file=@-;filename=stdin"    (binary safe)

Client:

Development (git): http://git.server-speed.net/users/flo/fb/
diff --git a/system/application/views/file/upload_form.php b/system/application/views/file/upload_form.php index 0f90bab0e..4b23783dd 100644 --- a/system/application/views/file/upload_form.php +++ b/system/application/views/file/upload_form.php @@ -5,7 +5,9 @@
Optional password (for deletion):

- + +

Pasting text directly has been disabled due to extensive bot problems. Please use the file upload instead.

+

OR

@@ -13,7 +15,8 @@

Email:
Optional password (for deletion):
-

+

+
-- cgit v1.2.3-24-g4f1b