mirror of
https://github.com/PrivateBin/PrivateBin.git
synced 2024-03-22 13:10:41 +08:00
Added an optional password protection
This commit is contained in:
parent
d600ae7319
commit
3b537eda40
|
@ -18,14 +18,26 @@ sjcl.random.startCollectors();
|
||||||
* @param int seconds
|
* @param int seconds
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
function secondsToHuman(seconds)
|
function secondsToHuman(seconds) {
|
||||||
{
|
if (seconds < 60) {
|
||||||
if (seconds<60) { var v=Math.floor(seconds); return v+' second'+((v>1)?'s':''); }
|
var v = Math.floor(seconds);
|
||||||
if (seconds<60*60) { var v=Math.floor(seconds/60); return v+' minute'+((v>1)?'s':''); }
|
return v + ' second' + ((v > 1) ? 's' : '');
|
||||||
if (seconds<60*60*24) { var v=Math.floor(seconds/(60*60)); return v+' hour'+((v>1)?'s':''); }
|
}
|
||||||
|
if (seconds < 60 * 60) {
|
||||||
|
var v = Math.floor(seconds / 60);
|
||||||
|
return v + ' minute' + ((v > 1) ? 's' : '');
|
||||||
|
}
|
||||||
|
if (seconds < 60 * 60 * 24) {
|
||||||
|
var v = Math.floor(seconds / (60 * 60));
|
||||||
|
return v + ' hour' + ((v > 1) ? 's' : '');
|
||||||
|
}
|
||||||
// If less than 2 months, display in days:
|
// If less than 2 months, display in days:
|
||||||
if (seconds<60*60*24*60) { var v=Math.floor(seconds/(60*60*24)); return v+' day'+((v>1)?'s':''); }
|
if (seconds < 60 * 60 * 24 * 60) {
|
||||||
var v=Math.floor(seconds/(60*60*24*30)); return v+' month'+((v>1)?'s':'');
|
var v = Math.floor(seconds / (60 * 60 * 24));
|
||||||
|
return v + ' day' + ((v > 1) ? 's' : '');
|
||||||
|
}
|
||||||
|
var v = Math.floor(seconds / (60 * 60 * 24 * 30));
|
||||||
|
return v + ' month' + ((v > 1) ? 's' : '');
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -35,13 +47,10 @@ function secondsToHuman(seconds)
|
||||||
* @param object associative_array Object to be serialized
|
* @param object associative_array Object to be serialized
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
function hashToParameterString(associativeArray)
|
function hashToParameterString(associativeArray) {
|
||||||
{
|
|
||||||
var parameterString = ""
|
var parameterString = ""
|
||||||
for (key in associativeArray)
|
for (key in associativeArray) {
|
||||||
{
|
if (parameterString === "") {
|
||||||
if( parameterString === "" )
|
|
||||||
{
|
|
||||||
parameterString = encodeURIComponent(key);
|
parameterString = encodeURIComponent(key);
|
||||||
parameterString += "=" + encodeURIComponent(associativeArray[key]);
|
parameterString += "=" + encodeURIComponent(associativeArray[key]);
|
||||||
} else {
|
} else {
|
||||||
|
@ -61,8 +70,7 @@ function hashToParameterString(associativeArray)
|
||||||
* @param string parameter_string String containing parameters
|
* @param string parameter_string String containing parameters
|
||||||
* @return object
|
* @return object
|
||||||
*/
|
*/
|
||||||
function parameterStringToHash(parameterString)
|
function parameterStringToHash(parameterString) {
|
||||||
{
|
|
||||||
var parameterHash = {};
|
var parameterHash = {};
|
||||||
var parameterArray = parameterString.split("&");
|
var parameterArray = parameterString.split("&");
|
||||||
for (var i = 0; i < parameterArray.length; i++) {
|
for (var i = 0; i < parameterArray.length; i++) {
|
||||||
|
@ -81,8 +89,7 @@ function parameterStringToHash(parameterString)
|
||||||
*
|
*
|
||||||
* @return object
|
* @return object
|
||||||
**/
|
**/
|
||||||
function getParameterHash()
|
function getParameterHash() {
|
||||||
{
|
|
||||||
var hashIndex = window.location.href.indexOf("#");
|
var hashIndex = window.location.href.indexOf("#");
|
||||||
if (hashIndex >= 0) {
|
if (hashIndex >= 0) {
|
||||||
return parameterStringToHash(window.location.href.substring(hashIndex + 1));
|
return parameterStringToHash(window.location.href.substring(hashIndex + 1));
|
||||||
|
@ -116,8 +123,11 @@ function decompress(data) {
|
||||||
* @return encrypted string data
|
* @return encrypted string data
|
||||||
*/
|
*/
|
||||||
function zeroCipher(key, message) {
|
function zeroCipher(key, message) {
|
||||||
|
if ($('input#password').val().length == 0) {
|
||||||
return sjcl.encrypt(key, compress(message));
|
return sjcl.encrypt(key, compress(message));
|
||||||
}
|
}
|
||||||
|
return sjcl.encrypt(key + sjcl.codec.hex.fromBits(sjcl.hash.sha256.hash($("input#password").val())), compress(message));
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Decrypt message with key, then decompress.
|
* Decrypt message with key, then decompress.
|
||||||
|
@ -127,7 +137,14 @@ function zeroCipher(key, message) {
|
||||||
* @return string readable message
|
* @return string readable message
|
||||||
*/
|
*/
|
||||||
function zeroDecipher(key, data) {
|
function zeroDecipher(key, data) {
|
||||||
|
if (data != undefined) {
|
||||||
|
try {
|
||||||
return decompress(sjcl.decrypt(key, data));
|
return decompress(sjcl.decrypt(key, data));
|
||||||
|
} catch (err) {
|
||||||
|
var password = prompt("Please enter the password for this paste.", "");
|
||||||
|
return decompress(sjcl.decrypt(key + sjcl.codec.hex.fromBits(sjcl.hash.sha256.hash(password)), data));
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -211,7 +228,8 @@ function displayMessages(key, comments) {
|
||||||
var cleartext = "[Could not decrypt comment ; Wrong key ?]";
|
var cleartext = "[Could not decrypt comment ; Wrong key ?]";
|
||||||
try {
|
try {
|
||||||
cleartext = zeroDecipher(key, comment.data);
|
cleartext = zeroDecipher(key, comment.data);
|
||||||
} catch(err) { }
|
} catch (err) {
|
||||||
|
}
|
||||||
var place = $('div#comments');
|
var place = $('div#comments');
|
||||||
// If parent comment exists, display below (CSS will automatically shift it right.)
|
// If parent comment exists, display below (CSS will automatically shift it right.)
|
||||||
var cname = 'div#comment_' + comment.meta.parentid
|
var cname = 'div#comment_' + comment.meta.parentid
|
||||||
|
@ -232,7 +250,8 @@ function displayMessages(key, comments) {
|
||||||
// Try to get optional nickname:
|
// Try to get optional nickname:
|
||||||
try {
|
try {
|
||||||
divComment.find('span.nickname').text(zeroDecipher(key, comment.meta.nickname));
|
divComment.find('span.nickname').text(zeroDecipher(key, comment.meta.nickname));
|
||||||
} catch(err) { }
|
} catch (err) {
|
||||||
|
}
|
||||||
divComment.find('span.commentdate').text(' (' + (new Date(comment.meta.postdate * 1000).toString()) + ')').attr('title', 'CommentID: ' + comment.meta.commentid);
|
divComment.find('span.commentdate').text(' (' + (new Date(comment.meta.postdate * 1000).toString()) + ')').attr('title', 'CommentID: ' + comment.meta.commentid);
|
||||||
|
|
||||||
// If an avatar is available, display it.
|
// If an avatar is available, display it.
|
||||||
|
@ -285,7 +304,8 @@ function send_comment(parentid) {
|
||||||
if (nick != '' && nick != 'Optional nickname...') {
|
if (nick != '' && nick != 'Optional nickname...') {
|
||||||
ciphernickname = zeroCipher(pageKey(), nick);
|
ciphernickname = zeroCipher(pageKey(), nick);
|
||||||
}
|
}
|
||||||
var data_to_send = { data:cipherdata,
|
var data_to_send = {
|
||||||
|
data: cipherdata,
|
||||||
parentid: parentid,
|
parentid: parentid,
|
||||||
pasteid: pasteID(),
|
pasteid: pasteID(),
|
||||||
nickname: ciphernickname
|
nickname: ciphernickname
|
||||||
|
@ -320,10 +340,11 @@ function send_data() {
|
||||||
}
|
}
|
||||||
|
|
||||||
// If sjcl has not collected enough entropy yet, display a message.
|
// If sjcl has not collected enough entropy yet, display a message.
|
||||||
if (!sjcl.random.isReady())
|
if (!sjcl.random.isReady()) {
|
||||||
{
|
|
||||||
showStatus('Sending paste (Please move your mouse for more entropy)...', spin = true);
|
showStatus('Sending paste (Please move your mouse for more entropy)...', spin = true);
|
||||||
sjcl.random.addEventListener('seeded', function(){ send_data(); });
|
sjcl.random.addEventListener('seeded', function () {
|
||||||
|
send_data();
|
||||||
|
});
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -331,7 +352,8 @@ function send_data() {
|
||||||
|
|
||||||
var randomkey = sjcl.codec.base64.fromBits(sjcl.random.randomWords(8, 0), 0);
|
var randomkey = sjcl.codec.base64.fromBits(sjcl.random.randomWords(8, 0), 0);
|
||||||
var cipherdata = zeroCipher(randomkey, $('textarea#message').val());
|
var cipherdata = zeroCipher(randomkey, $('textarea#message').val());
|
||||||
var data_to_send = { data: cipherdata,
|
var data_to_send = {
|
||||||
|
data: cipherdata,
|
||||||
expire: $('select#pasteExpiration').val(),
|
expire: $('select#pasteExpiration').val(),
|
||||||
burnafterreading: $('input#burnafterreading').is(':checked') ? 1 : 0,
|
burnafterreading: $('input#burnafterreading').is(':checked') ? 1 : 0,
|
||||||
opendiscussion: $('input#opendiscussion').is(':checked') ? 1 : 0
|
opendiscussion: $('input#opendiscussion').is(':checked') ? 1 : 0
|
||||||
|
@ -400,6 +422,7 @@ function stateNewPaste() {
|
||||||
$('div#remainingtime').addClass('hidden');
|
$('div#remainingtime').addClass('hidden');
|
||||||
$('div#burnafterreadingoption').removeClass('hidden');
|
$('div#burnafterreadingoption').removeClass('hidden');
|
||||||
$('div#opendisc').removeClass('hidden');
|
$('div#opendisc').removeClass('hidden');
|
||||||
|
$('#password').show();
|
||||||
$('button#newbutton').removeClass('hidden');
|
$('button#newbutton').removeClass('hidden');
|
||||||
$('div#pasteresult').addClass('hidden');
|
$('div#pasteresult').addClass('hidden');
|
||||||
$('textarea#message').text('');
|
$('textarea#message').text('');
|
||||||
|
@ -437,8 +460,7 @@ function stateExistingPaste() {
|
||||||
|
|
||||||
/** Return raw text
|
/** Return raw text
|
||||||
*/
|
*/
|
||||||
function rawText()
|
function rawText() {
|
||||||
{
|
|
||||||
var paste = $('div#cleartext').html();
|
var paste = $('div#cleartext').html();
|
||||||
var newDoc = document.open('text/html', 'replace');
|
var newDoc = document.open('text/html', 'replace');
|
||||||
newDoc.write('<pre>' + paste + '</pre>');
|
newDoc.write('<pre>' + paste + '</pre>');
|
||||||
|
@ -533,10 +555,16 @@ function pageKey() {
|
||||||
// We will strip any additional data.
|
// We will strip any additional data.
|
||||||
|
|
||||||
// First, strip everything after the equal sign (=) which signals end of base64 string.
|
// First, strip everything after the equal sign (=) which signals end of base64 string.
|
||||||
i = key.indexOf('='); if (i>-1) { key = key.substring(0,i+1); }
|
i = key.indexOf('=');
|
||||||
|
if (i > -1) {
|
||||||
|
key = key.substring(0, i + 1);
|
||||||
|
}
|
||||||
|
|
||||||
// If the equal sign was not present, some parameters may remain:
|
// If the equal sign was not present, some parameters may remain:
|
||||||
i = key.indexOf('&'); if (i>-1) { key = key.substring(0,i); }
|
i = key.indexOf('&');
|
||||||
|
if (i > -1) {
|
||||||
|
key = key.substring(0, i);
|
||||||
|
}
|
||||||
|
|
||||||
// Then add trailing equal sign if it's missing
|
// Then add trailing equal sign if it's missing
|
||||||
if (key.charAt(key.length - 1) !== '=') key += '=';
|
if (key.charAt(key.length - 1) !== '=') key += '=';
|
||||||
|
|
|
@ -65,6 +65,7 @@
|
||||||
<input type="checkbox" id="opendiscussion" name="opendiscussion" {if="!$OPENDISCUSSION"} disabled="disabled"{/if} />
|
<input type="checkbox" id="opendiscussion" name="opendiscussion" {if="!$OPENDISCUSSION"} disabled="disabled"{/if} />
|
||||||
<label for="opendiscussion">Open discussion</label>
|
<label for="opendiscussion">Open discussion</label>
|
||||||
</div>
|
</div>
|
||||||
|
<input id="password" placeholder="Optional password (recommended)" size="32" />
|
||||||
</div>
|
</div>
|
||||||
<div id="pasteresult" class="hidden">
|
<div id="pasteresult" class="hidden">
|
||||||
<div id="deletelink"></div>
|
<div id="deletelink"></div>
|
||||||
|
|
Loading…
Reference in New Issue
Block a user