Merge branch 'master' into php8

.github/workflows/codeql-analysis.yml

@@ -33,11 +33,11 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v2
+      uses: actions/checkout@v3
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v1
+      uses: github/codeql-action/init@v2
       with:
         languages: ${{ matrix.language }}
         # If you wish to specify custom queries, you can do so here or in a config file.
@@ -46,4 +46,4 @@ jobs:
         # queries: ./path/to/local/query, your-org/your-repo/queries@main
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v1
+      uses: github/codeql-action/analyze@v2

.github/workflows/refresh-php8.yml

@@ -13,7 +13,7 @@ jobs:
 
     steps:
       - name: Checkout php8 branch
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
         with:
           # directly checkout the php8 branch
           ref: php8

.github/workflows/snyk-scan.yml

@@ -13,7 +13,7 @@ jobs:
   snyk-php:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@master
+      - uses: actions/checkout@v3
       - name: Install Google Cloud Storage
         run: composer require --no-update google/cloud-storage && composer update --no-dev
       - name: Run Snyk to check for vulnerabilities

.github/workflows/tests.yml

@@ -7,7 +7,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - name: Checkout
-      uses: actions/checkout@v2
+      uses: actions/checkout@v3
     - name: Validate composer.json and composer.lock
       run: composer validate
     - name: Install dependencies
@@ -27,7 +27,7 @@ jobs:
     
     # let's get started!
     - name: Checkout
-      uses: actions/checkout@v2
+      uses: actions/checkout@v3
       
     # cache PHP extensions
     - name: Setup cache environment
@@ -39,7 +39,7 @@ jobs:
         key: ${{ runner.os }}-${{ env.extensions-cache-key }}
 
     - name: Cache extensions
-      uses: actions/cache@v2
+      uses: actions/cache@v3
       with:
         path: ${{ steps.extcache.outputs.dir }}
         key: ${{ steps.extcache.outputs.key }}
@@ -76,7 +76,7 @@ jobs:
       shell: bash
     
     - name: Cache dependencies
-      uses: actions/cache@v2
+      uses: actions/cache@v3
       with:
         path: ${{ steps.composer-cache.outputs.dir }}
         key: ${{ runner.os }}-composer-${{ steps.get-date.outputs.date }}-${{ hashFiles('**/composer.json') }}
@@ -99,23 +99,23 @@ jobs:
     steps:
     
     - name: Checkout
-      uses: actions/checkout@v2
+      uses: actions/checkout@v3
       
     - name: Setup Node
-      uses: actions/setup-node@v2
+      uses: actions/setup-node@v3
       with:
-        node-version: '12'
+        node-version: '16'
         cache: 'npm'
-        cache-dependency-path: 'js/package.json'
+        cache-dependency-path: 'js/package-lock.json'
         
     - name: Setup Mocha
       run: npm install -g mocha
       
     - name: Setup Node modules
-      run: npm install
+      run: npm ci
       working-directory: js
       
     - name: Run unit tests
-      run: mocha
+      run: npm test
       working-directory: js
 

CHANGELOG.md

@@ -3,6 +3,8 @@
   * **1.4.1 (not yet released)**
     * ADDED: Translations for Turkish
     * CHANGED: Avoid `SUPER` privilege for setting the `sql_mode` for MariaDB/MySQL (#919)
+    * FIXED: Revert to CREATE INDEX without IF NOT EXISTS clauses, to support MySQL (#943)
+    * FIXED: Apply table prefix to indexes as well, to support multiple instances sharing a single database (#943)
   * **1.4 (2022-04-09)**
     * ADDED: Translations for Corsican, Estonian, Finnish and Lojban
     * ADDED: new HTTP headers improving security (#765)

i18n/es.json

@@ -2,7 +2,7 @@
     "PrivateBin": "PrivateBin",
     "%s is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted %sin the browser%s using 256 bits AES.": "%s es un \"pastebin\" en línea minimalista de código abierto, donde el servidor no tiene ningún conocimiento de los datos guardados. Los datos son cifrados/descifrados %sen el navegador%s usando 256 bits AES.",
     "More information on the <a href=\"https://privatebin.info/\">project page</a>.": "Más información en la <a href=\"https://privatebin.info/\">página del proyecto</a>.",
-    "Because ignorance is bliss": "Porque la ignorancia es dicha",
+    "Because ignorance is bliss": "Porque la ignorancia es felicidad",
     "en": "es",
     "Paste does not exist, has expired or has been deleted.": "El \"paste\" no existe, ha caducado o ha sido eliminado.",
     "%s requires php %s or above to work. Sorry.": "%s requiere php %s o superior para funcionar. Lo siento.",
@@ -186,5 +186,5 @@
     "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.": "Visite este enlace para ver la nota. Dar la URL a cualquier persona también les permite acceder a la nota.",
     "URL shortener may expose your decrypt key in URL.": "El acortador de URL puede exponer su clave de descifrado en el URL.",
     "Save paste": "Guardar \"paste\"",
-    "Your IP is not authorized to create pastes.": "Your IP is not authorized to create pastes."
+    "Your IP is not authorized to create pastes.": "Tu IP no está autorizada para crear contenido."
 }

i18n/lt.json

@@ -186,5 +186,5 @@
     "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.": "Norėdami matyti užrašus, aplankykite šį tinklalapį. Pasidalinus šiuo URL adresu su kitais žmonėmis, jiems taip pat bus leidžiama prieiga prie šių užrašų.",
     "URL shortener may expose your decrypt key in URL.": "URL trumpinimo įrankis gali atskleisti URL adrese jūsų iššifravimo raktą.",
     "Save paste": "Įrašyti įdėjimą",
-    "Your IP is not authorized to create pastes.": "Your IP is not authorized to create pastes."
+    "Your IP is not authorized to create pastes.": "Jūsų IP adresas neturi įgaliojimų kurti įdėjimų."
 }

lib/Data/Database.php

@@ -837,8 +837,10 @@ class Database extends AbstractData
                 end;'
             );
         } else {
+            // CREATE INDEX IF NOT EXISTS not supported as of Oracle MySQL <= 8.0
             self::$_db->exec(
-                'CREATE INDEX IF NOT EXISTS "comment_parent" ON "' .
+                'CREATE INDEX "' .
+                self::_sanitizeIdentifier('comment_parent') . '" ON "' .
                 self::_sanitizeIdentifier('comment') . '" ("pasteid")'
             );
         }
@@ -941,16 +943,20 @@ class Database extends AbstractData
                     );
                 } else {
                     self::$_db->exec(
-                        'CREATE UNIQUE INDEX IF NOT EXISTS "paste_dataid" ON "' .
+                        'CREATE UNIQUE INDEX IF NOT EXISTS "' .
+                        self::_sanitizeIdentifier('paste_dataid') . '" ON "' .
                         self::_sanitizeIdentifier('paste') . '" ("dataid")'
                     );
                     self::$_db->exec(
-                        'CREATE UNIQUE INDEX IF NOT EXISTS "comment_dataid" ON "' .
+                        'CREATE UNIQUE INDEX IF NOT EXISTS "' .
+                        self::_sanitizeIdentifier('comment_dataid') . '" ON "' .
                         self::_sanitizeIdentifier('comment') . '" ("dataid")'
                     );
                 }
+                // CREATE INDEX IF NOT EXISTS not supported as of Oracle MySQL <= 8.0
                 self::$_db->exec(
-                    'CREATE INDEX IF NOT EXISTS "comment_parent" ON "' .
+                    'CREATE INDEX "' .
+                    self::_sanitizeIdentifier('comment_parent') . '" ON "' .
                     self::_sanitizeIdentifier('comment') . '" ("pasteid")'
                 );
                 // no break, continue with updates for 0.22 and later