Update -> refactor and optimize UI , code ,...
This commit is contained in:
@@ -1,31 +1,31 @@
|
||||
<?php
|
||||
require __DIR__ . '/../core/security.php';
|
||||
$pdo = require __DIR__ . '/../core/db.php';
|
||||
require __DIR__ . '/../models/Paste.php';
|
||||
require_once __DIR__ . '/../core/security.php';
|
||||
$pdo = require __DIR__ . '/../core/db.php';
|
||||
require_once __DIR__ . '/../models/Paste.php';
|
||||
$config = require __DIR__ . '/../config/config.php';
|
||||
|
||||
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
|
||||
header('Location: /index.php');
|
||||
header('Location: /');
|
||||
exit;
|
||||
}
|
||||
$text = $_POST['text'] ?? '';
|
||||
|
||||
$text = trim($_POST['text'] ?? '');
|
||||
$password = $_POST['password'] ?? '';
|
||||
$expire = isset($_POST['expire']) ? intval($_POST['expire']) : 0;
|
||||
if (trim($text) === '') {
|
||||
die('Text is required');
|
||||
$expire = isset($_POST['expire']) ? (int)$_POST['expire'] : 0;
|
||||
|
||||
if ($text === '') {
|
||||
jsonResponse(['success' => false, 'message' => 'Text cannot be empty.'], 422);
|
||||
}
|
||||
$id = generateId();
|
||||
$enc = encryptText($text, $config['master_key']);
|
||||
|
||||
$id = generateId();
|
||||
$enc = encryptText($text, $config['app']['master_key']);
|
||||
$password_hash = $password !== '' ? password_hash($password, PASSWORD_DEFAULT) : null;
|
||||
$expire_time = $expire > 0 ? time() + $expire : null;
|
||||
$expire_time = $expire > 0 ? time() + $expire : null;
|
||||
|
||||
$paste = new Paste($pdo);
|
||||
$paste->save($id, $enc['cipher'], $enc['iv'], $expire_time, $password_hash);
|
||||
|
||||
$paste->save($id, $enc['cipher'], $enc['iv'], $expire_time,$password_hash);
|
||||
$base = rtrim($config['app']['base_url'] ?: ('http' . (isset($_SERVER['HTTPS']) ? 's' : '') . '://' . $_SERVER['HTTP_HOST']), '/');
|
||||
$url = $base . '/view/' . $id;
|
||||
|
||||
|
||||
$url = "http://" . $_SERVER['HTTP_HOST'] . "/view.php?id=" . $id;
|
||||
|
||||
echo json_encode([
|
||||
"success" => true,
|
||||
"url" => $url
|
||||
]);
|
||||
exit;
|
||||
jsonResponse(['success' => true, 'url' => $url]);
|
||||
|
||||
@@ -1,59 +1,56 @@
|
||||
<?php
|
||||
require __DIR__ . '/../core/security.php';
|
||||
$pdo = require __DIR__ . '/../core/db.php';
|
||||
require __DIR__ . '/../models/Paste.php';
|
||||
require_once __DIR__ . '/../core/security.php';
|
||||
$pdo = require __DIR__ . '/../core/db.php';
|
||||
require_once __DIR__ . '/../models/Paste.php';
|
||||
$config = require __DIR__ . '/../config/config.php';
|
||||
|
||||
$id = $_GET['id'] ?? '';
|
||||
$id = preg_replace('/[^a-f0-9]/i', '', $_GET['id'] ?? '');
|
||||
|
||||
if ($id === '') {
|
||||
$errorCode = 404;
|
||||
$errorMessage = 'Invalid paste ID.';
|
||||
require __DIR__ . '/../../public/error.php';
|
||||
exit;
|
||||
}
|
||||
|
||||
$paste = new Paste($pdo);
|
||||
$data = $paste->get($id);
|
||||
$data = $paste->get($id);
|
||||
|
||||
if (!$data) {
|
||||
die('Paste not found.');
|
||||
$errorCode = 404;
|
||||
$errorMessage = 'Paste not found.';
|
||||
require __DIR__ . '/../../public/error.php';
|
||||
exit;
|
||||
}
|
||||
|
||||
if ($data['expire_time'] !== null && time() > (int)$data['expire_time']) {
|
||||
die('Paste has expired.');
|
||||
$errorCode = 410;
|
||||
$errorMessage = 'This paste has expired.';
|
||||
require __DIR__ . '/../../public/error.php';
|
||||
exit;
|
||||
}
|
||||
|
||||
if ($data['password_hash']) {
|
||||
if (!isset($_POST['password'])) {
|
||||
echo "<link rel='stylesheet' href='/assets/css/style.css'>";
|
||||
echo "<form method='post'>";
|
||||
echo "<input type='password' class='usepassword' name='password' placeholder='Password'>";
|
||||
echo "<button type='submit'>View</button>";
|
||||
echo "</form>";
|
||||
$needsPassword = (bool)$data['password_hash'];
|
||||
$wrongPassword = false;
|
||||
$decrypted = null;
|
||||
|
||||
if ($needsPassword) {
|
||||
$submitted = $_POST['password'] ?? null;
|
||||
if ($submitted !== null) {
|
||||
if (password_verify($submitted, $data['password_hash'])) {
|
||||
$needsPassword = false;
|
||||
} else {
|
||||
$wrongPassword = true;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (!$needsPassword) {
|
||||
$decrypted = decryptText($data['encrypted_text'], $data['iv'], $config['app']['master_key']);
|
||||
if ($decrypted === false) {
|
||||
$errorCode = 500;
|
||||
$errorMessage = 'Decryption failed. The paste may be corrupted.';
|
||||
require __DIR__ . '/../../public/error.php';
|
||||
exit;
|
||||
}
|
||||
|
||||
if (!password_verify($_POST['password'], $data['password_hash'])) {
|
||||
die('Wrong password.');
|
||||
}
|
||||
}
|
||||
|
||||
$decrypted = decryptText($data['encrypted_text'], $data['iv'], $config['master_key']);
|
||||
|
||||
if ($decrypted === false) {
|
||||
die('Decryption failed.');
|
||||
}
|
||||
?>
|
||||
|
||||
<!DOCTYPE html>
|
||||
<html>
|
||||
|
||||
<head>
|
||||
<title>View Paste</title>
|
||||
<link rel="stylesheet" href="/assets/css/style.css">
|
||||
</head>
|
||||
|
||||
<body>
|
||||
<div class="container">
|
||||
<h1>Your Paste</h1>
|
||||
<div class="paste-box">
|
||||
<button id="copyBtn">Copy</button>
|
||||
<pre id="pasteContent"><?= htmlspecialchars($decrypted) ?></pre>
|
||||
</div>
|
||||
</div>
|
||||
</body>
|
||||
</html>
|
||||
Reference in New Issue
Block a user