From b6b8a6587c399bfd89e13e92ce04ee8486688e6e Mon Sep 17 00:00:00 2001
From: Florian Pritz
Date: Tue, 18 Jan 2011 19:12:36 +0100
Subject: disable do_paste due to bot problems
There are still bots which are able to trick the hidden email field and
they upload phishing pages which let to paste.xinu.at being listed.
Signed-off-by: Florian Pritz
---
system/application/controllers/file.php | 4 ++++
system/application/views/file/client.php | 9 ++++++---
system/application/views/file/upload_form.php | 7 +++++--
3 files changed, 15 insertions(+), 5 deletions(-)
(limited to 'system/application')
diff --git a/system/application/controllers/file.php b/system/application/controllers/file.php
index adde14927..a11255986 100644
--- a/system/application/controllers/file.php
+++ b/system/application/controllers/file.php
@@ -124,8 +124,12 @@ class File extends Controller {
// support textareas on the upload form
// XXX: This requires users of suhosin to adjust maxium post and request size
// TODO: merge with do_upload()
+ // XXX: this is too vulnerable to bots
function do_paste()
{
+ // FIXME: disable until bot problem is really fixed
+ return $this->upload_form();
+
$data = array();
$content = $this->input->post('content')."\n";
$extension = $this->input->post('extension');
diff --git a/system/application/views/file/client.php b/system/application/views/file/client.php
index d9470a216..0ebc20791 100644
--- a/system/application/views/file/client.php
+++ b/system/application/views/file/client.php
@@ -1,8 +1,11 @@