updating docs, bumping version to 0.20

2015-09-03 22:22:59 +02:00 · 2015-09-03 22:22:59 +02:00 · 2d79ba8243
parent 5dacd409ee
commit 2d79ba8243
19 changed files with 89 additions and 80 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -1,55 +1,18 @@
 # ZeroBin version history #

-  * **Alpha 0.8 (2012-04-11):**
-    * Source code not published yet.
-    * Interface completely redesigned. Icons added.
-    * Now properly supports IE6/7 (ugly display, but it works. "Clone" button is disabled though.)
-    * Added one level of depth for storage directories (This is better for higher load servers).
-    * php version is now checked (min: 5.2.6)
-    * Better checks on posted json data on server.
-    * Added "1 year" expiration.
-    * URLs are now converted to clickable links. This include http, https, ftp and magnet links.
-    * Clickable links include ''rel="nofollow"'' to discourage SEO.
-    * On my public service (http://sebsauvage.net/paste/)
-      * All data will be deleted (you were warned - this is a test service)
-      * Default paste expiration is now 1 month to prevent clogging-up my host.
-  * **Alpha 0.9 (2012-04-11):**
-    * Oh bummer... IE 8 is as shitty as IE6/7: Its does not seem to support ''white-space:pre-wrap'' correctly. I had to activate the special handling mode. I still have to test IE 9.
-  * **Alpha 0.10 (2012-04-12):**
-    * IE9 does not seem to correctly support ''pre-wrap'' either. Special handling mode activated for all version of IE<10. (Note: **ALL other browsers** correctly support this feature.) 
-  * **Alpha 0.11 (2012-04-12):**
-    * Automatically ignore parameters (such as &utm_source=...) added //after// the anchor by some stupid Web 2.0 services.
-    * First public release.
-  * **Alpha 0.12 (2012-04-18):**
-    * **DISCUSSIONS !** Now you can enable discussions on your pastes. Of course, posted comments and nickname are also encrypted and the server cannot see them.
-    * This feature implies a change in storage format. You will have to delete all previous pastes in your ZeroBin. 
-    * Added [[php:vizhash_gd|Vizhash]] as avatars, so you can match posters IP addresses without revealing them. (Same image = same IP). Of course the IP address cannot be deduced from the Vizhash.
-    * Remaining time before expiration is now displayed.
-    * Explicit tags were added to CSS and jQuery selectors (eg. div#aaa instead of #aaa) to speed up browser. 
-    * Better cleaning of the URL (to make sure the key is not broken by some stupid redirection service)
-  * **Alpha 0.13 (2012-04-18):**
-    * FIXED: ''imageantialias()'' call removed because it's not really usefull and can be a problem on most hosts (if GD is not compiled in php).
-    * FIXED: $error not properly initialized in index.php
-  * **Alpha 0.14 (2012-04-20):**
-    * ADDED: GD presence is checked. 
-    * CHANGED: Traffic limiter data files moved to data/ (→easier rights management)
-    * ADDED: "Burn after reading" implemented. Opening the URL will display the paste and immediately destroy it on server.
-  * **Alpha 0.15 (2012-04-20):**
-    * FIXED: 2 minor corrections to avoid notices in php log.
-    * FIXED: Sources converted to UTF-8.
-  * **Alpha 0.15 (2012-04-20):**
-    * FIXED: 2 minor corrections to avoid notices in php log.
-    * FIXED: Sources converted to UTF-8.
-  * **Alpha 0.16**:
-    * FIXED minor php warnings.
-    * FIXED: zerobin.js reformated and properly commented.
-    * FIXED: Directory structure re-organized.
-    * CHANGED: URL shortening button was removed. (It was bad for privacy.)
-  * **Alpha 0.17 (2013-02-23)**:
-    * ADDED: Deletion URL.
-    * small refactoring.
-    * improved regex checks.
-    * larger server alt on installation.
+  * **0.20 (2015-09-03)**:
+    * ADDED: Password protected pastes (optional)
+    * ADDED: configuration options for highlighting, password, discussions, expiration times, rate limiting
+    * ADDED: JSON-only retrieval of paste incl. discussion, used to be able to refresh paste when posting a comment
+    * ADDED: bootstrap CSS based template
+    * CHANGE: "Burn after reading" pastes are now deleted only after the paste was successfully decrypted via callback. This prevents accidental deletion by chatbots following URLs and the like. Usage of a password is suggested to ensure only the desired recipient is able to encrypt it.
+    * CHANGE: the "opendiscussion" option now only controls if the discussion checkbox is preselected. Use "discussion = false" to disable the discussion feature completely (which also removes the checkbox from the template).
+    * FIXING: Behaviour of several conflicting configuration options. As a general measure unit tests for 9 of the options and all their possible configurations were added via a unit test generator.
+    * updated JS libraries: jquery to 1.11.3, sjcl to 1.0.2, base64.js to 2.1.9, deflate to 0.5, inflate to 0.3 and prettify to latest
+    * generally improved documentation, both inline phpdoc / JSdoc source code documentation, as well as Wiki pages on installation, configuration, development and JSON-API
+  * **Alpha 0.19 (2013-07-05)**:
+    * Corrected XSS security flaw which affected IE<10. Other browsers were not affected.
+    * Corrected spacing display in IE<10.
  * **Alpha 0.18 (2013-02-24)**:
    * ADDED: The resulting URL is automatically selected after pressing "Send". You just have to press CTRL+C.
    * ADDED: Automatic syntax highlighting for 53 languages using highlight.js
@ -63,7 +26,50 @@
    * ADDED: Better json checking (including entropy).
    * ADDED: Added version to js/css assets URLs in order to prevent some abusive caches to serve an obsolete version of these files when ZeroBin is upgraded.
    * "Burn after reading" option has been moved out of Expiration combo to a separate checkbox. Reason is: You can prevent a read-once paste to be available ad vitam eternam on the net.
-  * **Alpha 0.19 (2013-07-05)**:
-    * Corrected XSS security flaw which affected IE<10. Other browsers were not affected.
-    * Corrected spacing display in IE<10.
-
+  * **Alpha 0.17 (2013-02-23)**:
+    * ADDED: Deletion URL.
+    * small refactoring.
+    * improved regex checks.
+    * larger server alt on installation.
+  * **Alpha 0.16**:
+    * FIXED minor php warnings.
+    * FIXED: zerobin.js reformated and properly commented.
+    * FIXED: Directory structure re-organized.
+    * CHANGED: URL shortening button was removed. (It was bad for privacy.)
+  * **Alpha 0.15 (2012-04-20):**
+    * FIXED: 2 minor corrections to avoid notices in php log.
+    * FIXED: Sources converted to UTF-8.
+  * **Alpha 0.14 (2012-04-20):**
+    * ADDED: GD presence is checked. 
+    * CHANGED: Traffic limiter data files moved to data/ (→easier rights management)
+    * ADDED: "Burn after reading" implemented. Opening the URL will display the paste and immediately destroy it on server.
+  * **Alpha 0.13 (2012-04-18):**
+    * FIXED: ''imageantialias()'' call removed because it's not really usefull and can be a problem on most hosts (if GD is not compiled in php).
+    * FIXED: $error not properly initialized in index.php
+  * **Alpha 0.12 (2012-04-18):**
+    * **DISCUSSIONS !** Now you can enable discussions on your pastes. Of course, posted comments and nickname are also encrypted and the server cannot see them.
+    * This feature implies a change in storage format. You will have to delete all previous pastes in your ZeroBin. 
+    * Added [[php:vizhash_gd|Vizhash]] as avatars, so you can match posters IP addresses without revealing them. (Same image = same IP). Of course the IP address cannot be deduced from the Vizhash.
+    * Remaining time before expiration is now displayed.
+    * Explicit tags were added to CSS and jQuery selectors (eg. div#aaa instead of #aaa) to speed up browser. 
+    * Better cleaning of the URL (to make sure the key is not broken by some stupid redirection service)
+  * **Alpha 0.11 (2012-04-12):**
+    * Automatically ignore parameters (such as &utm_source=...) added //after// the anchor by some stupid Web 2.0 services.
+    * First public release.
+  * **Alpha 0.10 (2012-04-12):**
+    * IE9 does not seem to correctly support ''pre-wrap'' either. Special handling mode activated for all version of IE<10. (Note: **ALL other browsers** correctly support this feature.) 
+  * **Alpha 0.9 (2012-04-11):**
+    * Oh bummer... IE 8 is as shitty as IE6/7: Its does not seem to support ''white-space:pre-wrap'' correctly. I had to activate the special handling mode. I still have to test IE 9.
+  * **Alpha 0.8 (2012-04-11):**
+    * Source code not published yet.
+    * Interface completely redesigned. Icons added.
+    * Now properly supports IE6/7 (ugly display, but it works. "Clone" button is disabled though.)
+    * Added one level of depth for storage directories (This is better for higher load servers).
+    * php version is now checked (min: 5.2.6)
+    * Better checks on posted json data on server.
+    * Added "1 year" expiration.
+    * URLs are now converted to clickable links. This include http, https, ftp and magnet links.
+    * Clickable links include ''rel="nofollow"'' to discourage SEO.
+    * On my public service (http://sebsauvage.net/paste/)
+      * All data will be deleted (you were warned - this is a test service)
+      * Default paste expiration is now 1 month to prevent clogging-up my host.
--- a/CREDITS.md
+++ b/CREDITS.md
@ -6,3 +6,4 @@ Alexey Gladkov - syntax highlighting
 Greg Knaddison - robots.txt
 MrKooky - HTML5 markup, CSS cleanup
 Simon Rupf - MVC refactoring, configuration support and unit tests
+Hexalyse - Password protection
--- a/README.md
+++ b/README.md
@ -1,4 +1,4 @@
-# ZeroBin 0.19 Alpha
+# ZeroBin 0.20

 ZeroBin is a minimalist, opensource online pastebin where the server has zero 
 knowledge of pasted data.
@ -21,18 +21,18 @@ without loosing any data.

 - Encryption of data sent to server, even if it does not provide HTTPS.

- Possibility to set a password which is asked when the paste is opened.
-  It further protects a paste and prevent people stumbling upon your paste's link
-  from being able to read it without this password.
+- Possibility to set a password which is required to read the paste. It further 
+  protects a paste and prevents people stumbling upon your paste's link
+  from being able to read it without the password.

 ## What it doesn't provide

 - As a user you have to trust the server administrator, your internet provider 
-  and any country the traffic passes not to inject any malicious code.
+  and any country the traffic passes not to inject any malicious javascript code.

 - The "key" used to encrypt the paste is part of the URL. If you publicly post
-  a non-passworded paste URL, everybody can read it. Use a password if you want
-  your paste to be "private".
+  the URL of a paste that is not password-protected, everybody can read it.
+  Use a password if you want your paste to be private.

 - A server admin might be forced to hand over access logs to the authorities.
  ZeroBin encrypts your text and the discussion contents, but who accessed it
@ -43,14 +43,16 @@ without loosing any data.
 Some features are optional and can be enabled or disabled in the [configuration
 file](https://github.com/elrido/ZeroBin/wiki/Configuration):

+- Password protection
+
 - Discussions

 - Expiration times, including a "forever" and "burn after reading" option

 - Syntax highlighting using prettify.js, including 4 prettify themes

- Templates: By default there is a "classic" and a bootstrap based theme, but it
-  is easy to adapt these to your own websites layout.
+- Templates: By default there is a bootstrap based and a "classic ZeroBin" theme
+  and it is easy to adapt these to your own websites layout or create your own.

 ## Further resources

--- a/cfg/conf.ini
+++ b/cfg/conf.ini
@ -5,7 +5,7 @@
 ; @link      http://sebsauvage.net/wiki/doku.php?id=php:zerobin
 ; @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
 ; @license   http://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
-; @version   0.19
+; @version   0.20

 [main]
 ; enable or disable the discussion feature, defaults to true
--- a/css/bootstrap/zerobin.css
+++ b/css/bootstrap/zerobin.css
@ -1,4 +1,4 @@
-/* ZeroBin 0.19 - http://sebsauvage.net/wiki/doku.php?id=php:zerobin */
+/* ZeroBin 0.20 - http://sebsauvage.net/wiki/doku.php?id=php:zerobin */


 body {
--- a/css/zerobin.css
+++ b/css/zerobin.css
@ -1,4 +1,4 @@
-/* ZeroBin 0.19 - http://sebsauvage.net/wiki/doku.php?id=php:zerobin */
+/* ZeroBin 0.20 - http://sebsauvage.net/wiki/doku.php?id=php:zerobin */


 /*  CSS Reset from YUI 3.4.1 (build 4118) - Copyright 2011 Yahoo! Inc. All rights reserved.
--- a/index.php
+++ b/index.php
@ -7,7 +7,7 @@
 * @link      http://sebsauvage.net/wiki/doku.php?id=php:zerobin
 * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
 * @license   http://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   0.19
+ * @version   0.20
 */

 // change this, if your php files and data is outside of your webservers document root
--- a/js/zerobin.js
+++ b/js/zerobin.js
@ -6,7 +6,7 @@
 * @link      http://sebsauvage.net/wiki/doku.php?id=php:zerobin
 * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
 * @license   http://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   0.19
+ * @version   0.20
 */

 // Immediately start random number generator collector.
--- a/lib/auto.php
+++ b/lib/auto.php
@ -7,7 +7,7 @@
 * @link      http://sebsauvage.net/wiki/doku.php?id=php:zerobin
 * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
 * @license   http://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   0.19
+ * @version   0.20
 */

 spl_autoload_register('auto::loader');
--- a/lib/filter.php
+++ b/lib/filter.php
@ -7,7 +7,7 @@
 * @link      http://sebsauvage.net/wiki/doku.php?id=php:zerobin
 * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
 * @license   http://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   0.19
+ * @version   0.20
 */

 /**
--- a/lib/persistence.php
+++ b/lib/persistence.php
@ -7,7 +7,7 @@
 * @link      http://sebsauvage.net/wiki/doku.php?id=php:zerobin
 * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
 * @license   http://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   0.19
+ * @version   0.20
 */

 /**
--- a/lib/serversalt.php
+++ b/lib/serversalt.php
@ -7,7 +7,7 @@
 * @link      http://sebsauvage.net/wiki/doku.php?id=php:zerobin
 * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
 * @license   http://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   0.19
+ * @version   0.20
 */

 /**
--- a/lib/sjcl.php
+++ b/lib/sjcl.php
@ -7,7 +7,7 @@
 * @link      http://sebsauvage.net/wiki/doku.php?id=php:zerobin
 * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
 * @license   http://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   0.19
+ * @version   0.20
 */

 /**
--- a/lib/trafficlimiter.php
+++ b/lib/trafficlimiter.php
@ -7,7 +7,7 @@
 * @link      http://sebsauvage.net/wiki/doku.php?id=php:zerobin
 * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
 * @license   http://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   0.19
+ * @version   0.20
 */

 /**
--- a/lib/vizhash16x16.php
+++ b/lib/vizhash16x16.php
@ -8,7 +8,7 @@
 * @link      http://sebsauvage.net/wiki/doku.php?id=php:vizhash_gd
 * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
 * @license   http://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   0.0.4 beta ZeroBin 0.19
+ * @version   0.0.4 beta ZeroBin 0.20
 */

 /**
--- a/lib/zerobin.php
+++ b/lib/zerobin.php
@ -7,7 +7,7 @@
 * @link      http://sebsauvage.net/wiki/doku.php?id=php:zerobin
 * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
 * @license   http://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   0.19
+ * @version   0.20
 */

 /**
@ -22,7 +22,7 @@ class zerobin
     *
     * @const string
     */
-    const VERSION = 'Alpha 0.19';
+    const VERSION = '0.20';

    /**
     * show the same error message if the paste expired or does not exist
--- a/lib/zerobin/abstract.php
+++ b/lib/zerobin/abstract.php
@ -7,7 +7,7 @@
 * @link      http://sebsauvage.net/wiki/doku.php?id=php:zerobin
 * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
 * @license   http://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   0.19
+ * @version   0.20
 */

 /**
--- a/lib/zerobin/data.php
+++ b/lib/zerobin/data.php
@ -7,7 +7,7 @@
 * @link      http://sebsauvage.net/wiki/doku.php?id=php:zerobin
 * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
 * @license   http://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   0.19
+ * @version   0.20
 */

 /**
--- a/lib/zerobin/db.php
+++ b/lib/zerobin/db.php
@ -7,7 +7,7 @@
 * @link      http://sebsauvage.net/wiki/doku.php?id=php:zerobin
 * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
 * @license   http://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   0.19
+ * @version   0.20
 */

 /**