Merge branch 'master' into linkregex

.gitattributes

@@ -11,6 +11,8 @@ js/test/ export-ignore
 .gitattributes export-ignore
 .github export-ignore
 .gitignore export-ignore
+.jshintrc export-ignore
+.nsprc export-ignore
 .php_cs export-ignore
 .styleci.yml export-ignore
 .travis.yml export-ignore

CHANGELOG.md

@@ -1,6 +1,7 @@
 # PrivateBin version history
 
-  * **1.2 (not yet released)**
+  * **1.3 (not yet released)**
+  * **1.2 (2018-07-22)**
     * ADDED: Translations for Spanish, Occitan, Norwegian, Portuguese, Dutch and Hungarian
     * ADDED: Option in configuration to change the default "PrivateBin" title of the site
     * ADDED: Added display of video, audio & PDF, drag & drop, preview of attachments (#182)
@@ -11,7 +12,7 @@
     * CHANGED: Shipped .htaccess files were updated for Apache 2.4 (#192)
     * CHANGED: Cleanup of bootstrap template variants and moved icons to `img` directory
     * CHANGED: Removed option to hide clone button on expiring pastes, since this requires reading the paste for rendering the template, which leaks information on the pastes state
-    * CHANGED: Upgrading libraries to: SJCL 1.0.7, jQuery 3.3.1, Base64 2.4.5, Showdown 1.8.6 & DOMpurify 1.0.5
+    * CHANGED: Upgrading libraries to: SJCL 1.0.7, jQuery 3.3.1, Base64 2.4.5, Showdown 1.8.6, DOMpurify 1.0.5 & Prettify 453bd5f
     * CHANGED: Refactored JavaScript code, making it modular with private and public functions, making it much easier to maintain (#178)
     * FIXED: To counteract regressions introduced by the refactoring, we finally introduced property based unit testing for the JavaScript code, this caught several regressions, but also some very old bugs not found so far (#32)
   * **1.1.1 (2017-10-06)**

README.md

@@ -102,7 +102,7 @@ file](https://github.com/PrivateBin/PrivateBin/wiki/Configuration):
 
 ## Further resources
 
-* [Installation guide](https://github.com/PrivateBin/PrivateBin/blob/master/INSTALL.md)
+* [Installation guide](https://github.com/PrivateBin/PrivateBin/blob/master/INSTALL.md#installation)
 
 * [Upgrading from ZeroBin 0.19 Alpha](https://github.com/PrivateBin/PrivateBin/wiki/Upgrading-from-ZeroBin-0.19-Alpha)
 

cfg/conf.sample.php

@@ -70,7 +70,7 @@ languageselection = false
 ; Check the documentation at https://content-security-policy.com/
 ; Note: If you use a bootstrap theme, you can remove the allow-popups from the sandbox restrictions.
 ; By default this disallows to load images from third-party servers, e.g. when they are embedded in pastes. If you wish to allow that, you can adjust the policy here. See https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-it-load-embedded-images for details.
-; cspheader = "default-src 'none'; manifest-src 'self'; connect-src *; script-src 'self'; style-src 'self'; font-src 'self'; img-src 'self' data:; media-src data:; object-src data:; Referrer-Policy: 'no-referrer'; sandbox allow-same-origin allow-scripts allow-forms allow-popups"
+; cspheader = "default-src 'none'; manifest-src 'self'; connect-src *; script-src 'self'; style-src 'self'; font-src 'self'; img-src 'self' data:; media-src data:; object-src data:; Referrer-Policy: 'no-referrer'; sandbox allow-same-origin allow-scripts allow-forms allow-popups allow-modals"
 
 ; stay compatible with PrivateBin Alpha 0.19, less secure
 ; if enabled will use base64.js version 1.7 instead of 2.1.9 and sha1 instead of

composer.json

@@ -13,7 +13,7 @@
     },
     "require": {
         "php": "^5.4.0 || ^7.0",
-        "paragonie/random_compat": "2.0.4",
+        "paragonie/random_compat": "2.0.15",
         "yzalis/identicon": "1.1.0"
     },
     "require-dev": {

css/prettify/desert.css

@@ -1 +1 @@
-pre.prettyprint{display:block;background-color:#333}pre .nocode{background-color:none;color:#000}pre .str{color:#ffa0a0}pre .kwd{color:#f0e68c;font-weight:bold}pre .com{color:#87ceeb}pre .typ{color:#98fb98}pre .lit{color:#cd5c5c}pre .pun{color:#fff}pre .pln{color:#fff}pre .tag{color:#f0e68c;font-weight:bold}pre .atn{color:#bdb76b;font-weight:bold}pre .atv{color:#ffa0a0}pre .dec{color:#98fb98}ol.linenums{margin-top:0;margin-bottom:0;color:#aeaeae}li.L0,li.L1,li.L2,li.L3,li.L5,li.L6,li.L7,li.L8{list-style-type:none}@media print{pre.prettyprint{background-color:none}pre .str,code .str{color:#060}pre .kwd,code .kwd{color:#006;font-weight:bold}pre .com,code .com{color:#600;font-style:italic}pre .typ,code .typ{color:#404;font-weight:bold}pre .lit,code .lit{color:#044}pre .pun,code .pun{color:#440}pre .pln,code .pln{color:#000}pre .tag,code .tag{color:#006;font-weight:bold}pre .atn,code .atn{color:#404}pre .atv,code .atv{color:#060}}
+pre .atn,pre .kwd,pre .tag{font-weight:700}pre.prettyprint{display:block;background-color:#333}pre .nocode{background-color:none;color:#000}pre .str{color:#ffa0a0}pre .kwd{color:khaki}pre .com{color:#87ceeb}pre .typ{color:#98fb98}pre .lit{color:#cd5c5c}pre .pln,pre .pun{color:#fff}pre .tag{color:khaki}pre .atn{color:#bdb76b}pre .atv{color:#ffa0a0}pre .dec{color:#98fb98}ol.linenums{margin-top:0;margin-bottom:0;color:#AEAEAE}li.L0,li.L1,li.L2,li.L3,li.L5,li.L6,li.L7,li.L8{list-style-type:none}@media print{pre.prettyprint{background-color:none}code .str,pre .str{color:#060}code .kwd,pre .kwd{color:#006;font-weight:700}code .com,pre .com{color:#600;font-style:italic}code .typ,pre .typ{color:#404;font-weight:700}code .lit,pre .lit{color:#044}code .pun,pre .pun{color:#440}code .pln,pre .pln{color:#000}code .tag,pre .tag{color:#006;font-weight:700}code .atn,pre .atn{color:#404}code .atv,pre .atv{color:#060}}

css/prettify/doxy.css

@@ -1 +1 @@
-pre .str,code .str{color:#fec243}pre .kwd,code .kwd{color:#8470ff}pre .com,code .com{color:#32cd32;font-style:italic}pre .typ,code .typ{color:#6ecbcc}pre .lit,code .lit{color:#d06}pre .pun,code .pun{color:#8b8970}pre .pln,code .pln{color:#f0f0f0}pre .tag,code .tag{color:#9c9cff}pre .htm,code .htm{color:#dda0dd}pre .xsl,code .xsl{color:#d0a0d0}pre .atn,code .atn{color:#46eeee;font-weight:normal}pre .atv,code .atv{color:#eeb4b4}pre .dec,code .dec{color:#3387cc}a{text-decoration:none}pre.prettyprint,code.prettyprint{font-family:'Droid Sans Mono','CPMono_v07 Bold','Droid Sans';font-weight:bold;font-size:9pt;background-color:#0f0f0f;-moz-border-radius:8px;-webkit-border-radius:8px;-o-border-radius:8px;-ms-border-radius:8px;-khtml-border-radius:8px;border-radius:8px}pre.prettyprint{width:95%;margin:1em auto;padding:1em;white-space:pre-wrap}pre.prettyprint a,code.prettyprint a{text-decoration:none}ol.linenums{margin-top:0;margin-bottom:0;color:#8b8970}li.L0,li.L1,li.L2,li.L3,li.L5,li.L6,li.L7,li.L8{list-style-type:none}@media print{pre.prettyprint,code.prettyprint{background-color:#fff}pre .str,code .str{color:#088}pre .kwd,code .kwd{color:#006;font-weight:bold}pre .com,code .com{color:#0c3;font-style:italic}pre .typ,code .typ{color:#404;font-weight:bold}pre .lit,code .lit{color:#044}pre .pun,code .pun{color:#440}pre .pln,code .pln{color:#000}pre .tag,code .tag{color:#b66ff7;font-weight:bold}pre .htm,code .htm{color:#606;font-weight:bold}pre .xsl,code .xsl{color:#606;font-weight:bold}pre .atn,code .atn{color:#c71585;font-weight:normal}pre .atv,code .atv{color:#088;font-weight:normal}}
+a,code.prettyprint a,pre.prettyprint a{text-decoration:none}code .str,pre .str{color:#fec243}code .kwd,pre .kwd{color:#8470FF}code .com,pre .com{color:#32cd32;font-style:italic}code .typ,pre .typ{color:#6ecbcc}code .lit,pre .lit{color:#d06}code .pun,pre .pun{color:#8B8970}code .pln,pre .pln{color:#f0f0f0}code .tag,pre .tag{color:#9c9cff}code .htm,pre .htm{color:plum}code .xsl,pre .xsl{color:#d0a0d0}code .atn,pre .atn{color:#46eeee;font-weight:400}code .atv,pre .atv{color:#EEB4B4}code .dec,pre .dec{color:#3387CC}code.prettyprint,pre.prettyprint{font-family:'Droid Sans Mono','CPMono_v07 Bold','Droid Sans';font-weight:700;font-size:9pt;background-color:#0f0f0f;-moz-border-radius:8px;-webkit-border-radius:8px;-o-border-radius:8px;-ms-border-radius:8px;-khtml-border-radius:8px;border-radius:8px}pre.prettyprint{width:95%;margin:1em auto;padding:1em;white-space:pre-wrap}ol.linenums{margin-top:0;margin-bottom:0;color:#8B8970}li.L0,li.L1,li.L2,li.L3,li.L5,li.L6,li.L7,li.L8{list-style-type:none}@media print{code.prettyprint,pre.prettyprint{background-color:#fff}code .str,pre .str{color:#088}code .kwd,pre .kwd{color:#006;font-weight:700}code .com,pre .com{color:#oc3;font-style:italic}code .typ,pre .typ{color:#404;font-weight:700}code .lit,pre .lit{color:#044}code .pun,pre .pun{color:#440}code .pln,pre .pln{color:#000}code .tag,pre .tag{color:#b66ff7;font-weight:700}code .htm,code .xsl,pre .htm,pre .xsl{color:#606;font-weight:700}code .atn,pre .atn{color:#c71585;font-weight:400}code .atv,pre .atv{color:#088;font-weight:400}}

css/prettify/prettify.css

@@ -1 +1 @@
-.pln{color:#000}@media screen{.str{color:#080}.kwd{color:#008}.com{color:#800}.typ{color:#606}.lit{color:#066}.pun,.opn,.clo{color:#660}.tag{color:#008}.atn{color:#606}.atv{color:#080}.dec,.var{color:#606}.fun{color:red}}@media print,projection{.str{color:#060}.kwd{color:#006;font-weight:bold}.com{color:#600;font-style:italic}.typ{color:#404;font-weight:bold}.lit{color:#044}.pun,.opn,.clo{color:#440}.tag{color:#006;font-weight:bold}.atn{color:#404}.atv{color:#060}}pre.prettyprint{padding:2px;border:1px solid #888}ol.linenums{margin-top:0;margin-bottom:0}li.L0,li.L1,li.L2,li.L3,li.L5,li.L6,li.L7,li.L8{list-style-type:none}li.L1,li.L3,li.L5,li.L7,li.L9{background:#eee}
+.pln{color:#000}@media screen{.str{color:#080}.kwd{color:#008}.com{color:#800}.typ{color:#606}.lit{color:#066}.clo,.opn,.pun{color:#660}.tag{color:#008}.atn{color:#606}.atv{color:#080}.dec,.var{color:#606}.fun{color:red}}@media print,projection{.kwd,.tag,.typ{font-weight:700}.str{color:#060}.kwd{color:#006}.com{color:#600;font-style:italic}.typ{color:#404}.lit{color:#044}.clo,.opn,.pun{color:#440}.tag{color:#006}.atn{color:#404}.atv{color:#060}}pre.prettyprint{padding:2px;border:1px solid #888}ol.linenums{margin-top:0;margin-bottom:0}li.L0,li.L1,li.L2,li.L3,li.L5,li.L6,li.L7,li.L8{list-style-type:none}li.L1,li.L3,li.L5,li.L7,li.L9{background:#eee}

css/prettify/sons-of-obsidian.css

@@ -1 +1 @@
-.str{color:#ec7600}.kwd{color:#93c763}.com{color:#66747b}.typ{color:#678cb1}.lit{color:#facd22}.pun{color:#f1f2f3}.pln{color:#f1f2f3}.tag{color:#8ac763}.atn{color:#e0e2e4}.atv{color:#ec7600}.dec{color:purple}pre.prettyprint{border:0 solid #888}ol.linenums{margin-top:0;margin-bottom:0}.prettyprint{background:#000}li.L0,li.L1,li.L2,li.L3,li.L4,li.L5,li.L6,li.L7,li.L8,li.L9{color:#555;list-style-type:decimal}li.L1,li.L3,li.L5,li.L7,li.L9{background:#111}@media print{.str{color:#060}.kwd{color:#006;font-weight:bold}.com{color:#600;font-style:italic}.typ{color:#404;font-weight:bold}.lit{color:#044}.pun{color:#440}.pln{color:#000}.tag{color:#006;font-weight:bold}.atn{color:#404}.atv{color:#060}}
+.str{color:#EC7600}.kwd{color:#93C763}.com{color:#66747B}.typ{color:#678CB1}.lit{color:#FACD22}.pln,.pun{color:#F1F2F3}.tag{color:#8AC763}.atn{color:#E0E2E4}.atv{color:#EC7600}.dec{color:purple}pre.prettyprint{border:0 solid #888}ol.linenums{margin-top:0;margin-bottom:0}.prettyprint{background:#000}li.L0,li.L1,li.L2,li.L3,li.L4,li.L5,li.L6,li.L7,li.L8,li.L9{color:#555;list-style-type:decimal}li.L1,li.L3,li.L5,li.L7,li.L9{background:#111}@media print{.kwd,.tag,.typ{font-weight:700}.str{color:#060}.kwd{color:#006}.com{color:#600;font-style:italic}.typ{color:#404}.lit{color:#044}.pun{color:#440}.pln{color:#000}.tag{color:#006}.atn{color:#404}.atv{color:#060}}

css/prettify/sunburst.css

@@ -1 +1 @@
-pre .str,code .str{color:#65b042}pre .kwd,code .kwd{color:#e28964}pre .com,code .com{color:#aeaeae;font-style:italic}pre .typ,code .typ{color:#89bdff}pre .lit,code .lit{color:#3387cc}pre .pun,code .pun{color:#fff}pre .pln,code .pln{color:#fff}pre .tag,code .tag{color:#89bdff}pre .atn,code .atn{color:#bdb76b}pre .atv,code .atv{color:#65b042}pre .dec,code .dec{color:#3387cc}pre.prettyprint,code.prettyprint{background-color:#000;-moz-border-radius:8px;-webkit-border-radius:8px;-o-border-radius:8px;-ms-border-radius:8px;-khtml-border-radius:8px;border-radius:8px}pre.prettyprint{width:95%;margin:1em auto;padding:1em;white-space:pre-wrap}ol.linenums{margin-top:0;margin-bottom:0;color:#aeaeae}li.L0,li.L1,li.L2,li.L3,li.L5,li.L6,li.L7,li.L8{list-style-type:none}@media print{pre .str,code .str{color:#060}pre .kwd,code .kwd{color:#006;font-weight:bold}pre .com,code .com{color:#600;font-style:italic}pre .typ,code .typ{color:#404;font-weight:bold}pre .lit,code .lit{color:#044}pre .pun,code .pun{color:#440}pre .pln,code .pln{color:#000}pre .tag,code .tag{color:#006;font-weight:bold}pre .atn,code .atn{color:#404}pre .atv,code .atv{color:#060}}
+code .str,pre .str{color:#65B042}code .kwd,pre .kwd{color:#E28964}code .com,pre .com{color:#AEAEAE;font-style:italic}code .typ,pre .typ{color:#89bdff}code .lit,pre .lit{color:#3387CC}code .pln,code .pun,pre .pln,pre .pun{color:#fff}code .tag,pre .tag{color:#89bdff}code .atn,pre .atn{color:#bdb76b}code .atv,pre .atv{color:#65B042}code .dec,pre .dec{color:#3387CC}code.prettyprint,pre.prettyprint{background-color:#000;border-radius:8px}pre.prettyprint{width:95%;margin:1em auto;padding:1em;white-space:pre-wrap}ol.linenums{margin-top:0;margin-bottom:0;color:#AEAEAE}li.L0,li.L1,li.L2,li.L3,li.L5,li.L6,li.L7,li.L8{list-style-type:none}@media print{code .str,pre .str{color:#060}code .kwd,pre .kwd{color:#006;font-weight:700}code .com,pre .com{color:#600;font-style:italic}code .typ,pre .typ{color:#404;font-weight:700}code .lit,pre .lit{color:#044}code .pun,pre .pun{color:#440}code .pln,pre .pln{color:#000}code .tag,pre .tag{color:#006;font-weight:700}code .atn,pre .atn{color:#404}code .atv,pre .atv{color:#060}}

i18n/de.json

@@ -153,5 +153,7 @@
     "Preparing new paste…": "Bereite neues Paste vor…",
     "In case this message never disappears please have a look at <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">this FAQ for information to troubleshoot</a>.":
         "Wenn diese Nachricht nicht mehr verschwindet, schau bitte in <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">die FAQ</a> (englisch), um zu sehen, wie der Fehler behoben werden kann.",
-    "+++ no paste text +++": "+++ kein Paste-Text +++"
-}
+    "+++ no paste text +++": "+++ kein Paste-Text +++",
+    "Could not get paste data: %s":
+        "Konnte Paste nicht laden: %s"
+}

i18n/es.json

@@ -153,5 +153,7 @@
     "Preparing new paste…": "Preparando texto nuevo…",
     "In case this message never disappears please have a look at <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">this FAQ for information to troubleshoot</a>.":
         "En caso de que este mensaje nunca desaparezca por favor revise <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">este FAQ para obtener información para solucionar problemas</a>.",
-    "+++ no paste text +++": "+++ sin texto +++"
-}
+    "+++ no paste text +++": "+++ sin texto +++",
+    "Could not get paste data: %s":
+        "Could not get paste data: %s"
+}

i18n/fr.json

@@ -162,5 +162,7 @@
     "Preparing new paste…": "Préparation du paste…",
     "In case this message never disappears please have a look at <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">this FAQ for information to troubleshoot</a>.":
         "Si ce message ne disparaîssait pas, jetez un oeil à <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">cette FAQ pour des idées de résolution</a> (en Anglais).",
-    "+++ no paste text +++": "+++ pas de paste-text +++"
-}
+    "+++ no paste text +++": "+++ pas de paste-text +++",
+    "Could not get paste data: %s":
+        "Could not get paste data: %s"
+}

i18n/hu.json

@@ -153,5 +153,7 @@
     "Preparing new paste…": "Új bejegyzés előkészítése...",
     "In case this message never disappears please have a look at <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">this FAQ for information to troubleshoot</a>.":
         "Abban az esetben, ha ez az üzenet mindig látható lenne, látogass el a <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">Gyakran Ismételt Kérdések szekcióba a megoldásához</a>.",
-    "+++ no paste text +++": "+++ nincs beillesztett szöveg +++"
-}
+    "+++ no paste text +++": "+++ nincs beillesztett szöveg +++",
+    "Could not get paste data: %s":
+        "Could not get paste data: %s"
+}

i18n/it.json

@@ -153,5 +153,7 @@
     "Preparing new paste…": "Preparo il nuovo messaggio…",
     "In case this message never disappears please have a look at <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">this FAQ for information to troubleshoot</a>.":
         "Nel caso questo messaggio non scompaia, controlla questa <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">FAQ</a> per trovare informazioni su come risolvere il problema (in Inglese).",
-    "+++ no paste text +++": "+++ nessun testo nel messaggio +++"
-}
+    "+++ no paste text +++": "+++ nessun testo nel messaggio +++",
+    "Could not get paste data: %s":
+        "Could not get paste data: %s"
+}

i18n/nl.json

@@ -153,5 +153,7 @@
     "Preparing new paste…": "Nieuwe geplakte tekst voorbereiden…",
     "In case this message never disappears please have a look at <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">this FAQ for information to troubleshoot</a>.":
         "In het geval dat dit bericht nooit verdwijnt, kijkt u dan eens naar <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\"> veelgestelde vragen voor informatie over het oplossen van problemen </a>.",
-    "+++ no paste text +++": "+++ geen geplakte tekst +++"
-}
+    "+++ no paste text +++": "+++ geen geplakte tekst +++",
+    "Could not get paste data: %s":
+        "Could not get paste data: %s"
+}

i18n/no.json

@@ -153,5 +153,7 @@
     "Preparing new paste…": "Klargjør nytt innlegg…",
     "In case this message never disappears please have a look at <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">this FAQ for information to troubleshoot</a>.":
         "Hvis denne meldingen ikke forsvinner kan du ta en titt på siden med <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">ofte stilte spørsmål</a> for informasjon om feilsøking.",
-    "+++ no paste text +++": "+++ ingen innleggstekst +++"
-}
+    "+++ no paste text +++": "+++ ingen innleggstekst +++",
+    "Could not get paste data: %s":
+        "Could not get paste data: %s"
+}

i18n/oc.json

@@ -162,5 +162,7 @@
     "Preparing new paste…": "Preparacion…",
     "In case this message never disappears please have a look at <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">this FAQ for information to troubleshoot</a>.":
         "Se per cas aqueste messatge quita pas de s’afichar mercés de gaitar <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">aquesta FAQ per las solucions</a> (en anglés).",
-    "+++ no paste text +++": "+++ cap de tèxte pegat +++"
-}
+    "+++ no paste text +++": "+++ cap de tèxte pegat +++",
+    "Could not get paste data: %s":
+        "Could not get paste data: %s"
+}

i18n/pl.json

@@ -153,5 +153,7 @@
     "Preparing new paste…": "Preparing new paste…",
     "In case this message never disappears please have a look at <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">this FAQ for information to troubleshoot</a>.":
         "In case this message never disappears please have a look at <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">this FAQ for information to troubleshoot</a> (in English).",
-    "+++ no paste text +++": "+++ no paste text +++"
-}
+    "+++ no paste text +++": "+++ no paste text +++",
+    "Could not get paste data: %s":
+        "Could not get paste data: %s"
+}

i18n/pt.json

@@ -153,5 +153,7 @@
     "Preparing new paste…": "Preparando nova cópia…",
     "In case this message never disappears please have a look at <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">this FAQ for information to troubleshoot</a>.":
         "Caso essa mensagem nunca desapareça, por favor veja <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">este FAQ para saber como resolver os problemas</a>.",
-    "+++ no paste text +++": "+++ sem texto de cópia +++"
-}
+    "+++ no paste text +++": "+++ sem texto de cópia +++",
+    "Could not get paste data: %s":
+        "Could not get paste data: %s"
+}

i18n/ru.json

@@ -142,8 +142,8 @@
     "The cloned file '%s' was attached to this paste.":
         "Дубликат файла '%s' был прикреплен к этой записи.",
     "Attach a file": "Прикрепить файл",
-    "alternatively drag & drop a file or paste an image from the clipboard": "alternatively drag & drop a file or paste an image from the clipboard",
-    "File too large, to display a preview. Please download the attachment.": "File too large, to display a preview. Please download the attachment.",
+    "alternatively drag & drop a file or paste an image from the clipboard": "так же можно перенести файл в окно браузера или вставить изображение из буфера",
+    "File too large, to display a preview. Please download the attachment.": "Файл слишком большой для отображения предпросмотра. Пожалуйста скачайте прикрепленный файл.",
     "Remove attachment": "Удалить вложение",
     "Your browser does not support uploading encrypted files. Please use a newer browser.":
         "Ваш браузер не поддерживает отправку зашифрованных файлов. Используйте более новый браузер.",
@@ -163,5 +163,7 @@
     "Preparing new paste…": "Подготовка новой записи…",
     "In case this message never disappears please have a look at <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">this FAQ for information to troubleshoot</a>.":
         "Если данное сообщение не исчезает длительное время, посмотрите <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">этот FAQ с информацией о возможном решении проблемы (на английском)</a>.",
-    "+++ no paste text +++": "+++ в записи нет текста +++"
+    "+++ no paste text +++": "+++ в записи нет текста +++",
+    "Could not get paste data: %s":
+        "Не удалось получить данные записи: %s"
 }

i18n/sl.json

@@ -162,5 +162,7 @@
     "Preparing new paste…": "Preparing new paste…",
     "In case this message never disappears please have a look at <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">this FAQ for information to troubleshoot</a>.":
         "In case this message never disappears please have a look at <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">this FAQ for information to troubleshoot</a> (in English).",
-    "+++ no paste text +++": "+++ no paste text +++"
+    "+++ no paste text +++": "+++ no paste text +++",
+    "Could not get paste data: %s":
+        "Could not get paste data: %s"
 }

i18n/zh.json

@@ -153,5 +153,7 @@
     "Preparing new paste…": "正在准备新的粘贴",
     "In case this message never disappears please have a look at <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">this FAQ for information to troubleshoot</a>.":
         "如果这个消息一直不消失，请参考 <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">这里的 FAQ 进行故障排除</a> (英文版)。",
-    "+++ no paste text +++": "+++ 没有粘贴内容 +++"
+    "+++ no paste text +++": "+++ 没有粘贴内容 +++",
+    "Could not get paste data: %s":
+        "Could not get paste data: %s"
 }

index.php

@@ -7,7 +7,7 @@
  * @link      https://github.com/PrivateBin/PrivateBin
  * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
  * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   1.1
+ * @version   1.2
  */
 
 // change this, if your php files and data is outside of your webservers document root
@@ -15,4 +15,4 @@ define('PATH', '');
 
 define('PUBLIC_PATH', __DIR__);
 require PATH . 'vendor' . DIRECTORY_SEPARATOR . 'autoload.php';
-new PrivateBin\PrivateBin;
+new PrivateBin\Controller;

js/prettify.js

@@ -1,30 +1,30 @@
-!function(){var q=null;window.PR_SHOULD_USE_CONTINUATION=!0;
-(function(){function R(a){function d(e){var b=e.charCodeAt(0);if(b!==92)return b;var a=e.charAt(1);return(b=r[a])?b:"0"<=a&&a<="7"?parseInt(e.substring(1),8):a==="u"||a==="x"?parseInt(e.substring(2),16):e.charCodeAt(1)}function g(e){if(e<32)return(e<16?"\\x0":"\\x")+e.toString(16);e=String.fromCharCode(e);return e==="\\"||e==="-"||e==="]"||e==="^"?"\\"+e:e}function b(e){var b=e.substring(1,e.length-1).match(/\\u[\dA-Fa-f]{4}|\\x[\dA-Fa-f]{2}|\\[0-3][0-7]{0,2}|\\[0-7]{1,2}|\\[\S\s]|[^\\]/g),e=[],a=
-b[0]==="^",c=["["];a&&c.push("^");for(var a=a?1:0,f=b.length;a<f;++a){var h=b[a];if(/\\[bdsw]/i.test(h))c.push(h);else{var h=d(h),l;a+2<f&&"-"===b[a+1]?(l=d(b[a+2]),a+=2):l=h;e.push([h,l]);l<65||h>122||(l<65||h>90||e.push([Math.max(65,h)|32,Math.min(l,90)|32]),l<97||h>122||e.push([Math.max(97,h)&-33,Math.min(l,122)&-33]))}}e.sort(function(e,a){return e[0]-a[0]||a[1]-e[1]});b=[];f=[];for(a=0;a<e.length;++a)h=e[a],h[0]<=f[1]+1?f[1]=Math.max(f[1],h[1]):b.push(f=h);for(a=0;a<b.length;++a)h=b[a],c.push(g(h[0])),
-h[1]>h[0]&&(h[1]+1>h[0]&&c.push("-"),c.push(g(h[1])));c.push("]");return c.join("")}function s(e){for(var a=e.source.match(/\[(?:[^\\\]]|\\[\S\s])*]|\\u[\dA-Fa-f]{4}|\\x[\dA-Fa-f]{2}|\\\d+|\\[^\dux]|\(\?[!:=]|[()^]|[^()[\\^]+/g),c=a.length,d=[],f=0,h=0;f<c;++f){var l=a[f];l==="("?++h:"\\"===l.charAt(0)&&(l=+l.substring(1))&&(l<=h?d[l]=-1:a[f]=g(l))}for(f=1;f<d.length;++f)-1===d[f]&&(d[f]=++x);for(h=f=0;f<c;++f)l=a[f],l==="("?(++h,d[h]||(a[f]="(?:")):"\\"===l.charAt(0)&&(l=+l.substring(1))&&l<=h&&
-(a[f]="\\"+d[l]);for(f=0;f<c;++f)"^"===a[f]&&"^"!==a[f+1]&&(a[f]="");if(e.ignoreCase&&m)for(f=0;f<c;++f)l=a[f],e=l.charAt(0),l.length>=2&&e==="["?a[f]=b(l):e!=="\\"&&(a[f]=l.replace(/[A-Za-z]/g,function(a){a=a.charCodeAt(0);return"["+String.fromCharCode(a&-33,a|32)+"]"}));return a.join("")}for(var x=0,m=!1,j=!1,k=0,c=a.length;k<c;++k){var i=a[k];if(i.ignoreCase)j=!0;else if(/[a-z]/i.test(i.source.replace(/\\u[\da-f]{4}|\\x[\da-f]{2}|\\[^UXux]/gi,""))){m=!0;j=!1;break}}for(var r={b:8,t:9,n:10,v:11,
-f:12,r:13},n=[],k=0,c=a.length;k<c;++k){i=a[k];if(i.global||i.multiline)throw Error(""+i);n.push("(?:"+s(i)+")")}return RegExp(n.join("|"),j?"gi":"g")}function S(a,d){function g(a){var c=a.nodeType;if(c==1){if(!b.test(a.className)){for(c=a.firstChild;c;c=c.nextSibling)g(c);c=a.nodeName.toLowerCase();if("br"===c||"li"===c)s[j]="\n",m[j<<1]=x++,m[j++<<1|1]=a}}else if(c==3||c==4)c=a.nodeValue,c.length&&(c=d?c.replace(/\r\n?/g,"\n"):c.replace(/[\t\n\r ]+/g," "),s[j]=c,m[j<<1]=x,x+=c.length,m[j++<<1|1]=
-a)}var b=/(?:^|\s)nocode(?:\s|$)/,s=[],x=0,m=[],j=0;g(a);return{a:s.join("").replace(/\n$/,""),d:m}}function H(a,d,g,b){d&&(a={a:d,e:a},g(a),b.push.apply(b,a.g))}function T(a){for(var d=void 0,g=a.firstChild;g;g=g.nextSibling)var b=g.nodeType,d=b===1?d?a:g:b===3?U.test(g.nodeValue)?a:d:d;return d===a?void 0:d}function D(a,d){function g(a){for(var j=a.e,k=[j,"pln"],c=0,i=a.a.match(s)||[],r={},n=0,e=i.length;n<e;++n){var z=i[n],w=r[z],t=void 0,f;if(typeof w==="string")f=!1;else{var h=b[z.charAt(0)];
-if(h)t=z.match(h[1]),w=h[0];else{for(f=0;f<x;++f)if(h=d[f],t=z.match(h[1])){w=h[0];break}t||(w="pln")}if((f=w.length>=5&&"lang-"===w.substring(0,5))&&!(t&&typeof t[1]==="string"))f=!1,w="src";f||(r[z]=w)}h=c;c+=z.length;if(f){f=t[1];var l=z.indexOf(f),B=l+f.length;t[2]&&(B=z.length-t[2].length,l=B-f.length);w=w.substring(5);H(j+h,z.substring(0,l),g,k);H(j+h+l,f,I(w,f),k);H(j+h+B,z.substring(B),g,k)}else k.push(j+h,w)}a.g=k}var b={},s;(function(){for(var g=a.concat(d),j=[],k={},c=0,i=g.length;c<i;++c){var r=
-g[c],n=r[3];if(n)for(var e=n.length;--e>=0;)b[n.charAt(e)]=r;r=r[1];n=""+r;k.hasOwnProperty(n)||(j.push(r),k[n]=q)}j.push(/[\S\s]/);s=R(j)})();var x=d.length;return g}function v(a){var d=[],g=[];a.tripleQuotedStrings?d.push(["str",/^(?:'''(?:[^'\\]|\\[\S\s]|''?(?=[^']))*(?:'''|$)|"""(?:[^"\\]|\\[\S\s]|""?(?=[^"]))*(?:"""|$)|'(?:[^'\\]|\\[\S\s])*(?:'|$)|"(?:[^"\\]|\\[\S\s])*(?:"|$))/,q,"'\""]):a.multiLineStrings?d.push(["str",/^(?:'(?:[^'\\]|\\[\S\s])*(?:'|$)|"(?:[^"\\]|\\[\S\s])*(?:"|$)|`(?:[^\\`]|\\[\S\s])*(?:`|$))/,
-q,"'\"`"]):d.push(["str",/^(?:'(?:[^\n\r'\\]|\\.)*(?:'|$)|"(?:[^\n\r"\\]|\\.)*(?:"|$))/,q,"\"'"]);a.verbatimStrings&&g.push(["str",/^@"(?:[^"]|"")*(?:"|$)/,q]);var b=a.hashComments;b&&(a.cStyleComments?(b>1?d.push(["com",/^#(?:##(?:[^#]|#(?!##))*(?:###|$)|.*)/,q,"#"]):d.push(["com",/^#(?:(?:define|e(?:l|nd)if|else|error|ifn?def|include|line|pragma|undef|warning)\b|[^\n\r]*)/,q,"#"]),g.push(["str",/^<(?:(?:(?:\.\.\/)*|\/?)(?:[\w-]+(?:\/[\w-]+)+)?[\w-]+\.h(?:h|pp|\+\+)?|[a-z]\w*)>/,q])):d.push(["com",
-/^#[^\n\r]*/,q,"#"]));a.cStyleComments&&(g.push(["com",/^\/\/[^\n\r]*/,q]),g.push(["com",/^\/\*[\S\s]*?(?:\*\/|$)/,q]));if(b=a.regexLiterals){var s=(b=b>1?"":"\n\r")?".":"[\\S\\s]";g.push(["lang-regex",RegExp("^(?:^^\\.?|[+-]|[!=]=?=?|\\#|%=?|&&?=?|\\(|\\*=?|[+\\-]=|->|\\/=?|::?|<<?=?|>>?>?=?|,|;|\\?|@|\\[|~|{|\\^\\^?=?|\\|\\|?=?|break|case|continue|delete|do|else|finally|instanceof|return|throw|try|typeof)\\s*("+("/(?=[^/*"+b+"])(?:[^/\\x5B\\x5C"+b+"]|\\x5C"+s+"|\\x5B(?:[^\\x5C\\x5D"+b+"]|\\x5C"+
-s+")*(?:\\x5D|$))+/")+")")])}(b=a.types)&&g.push(["typ",b]);b=(""+a.keywords).replace(/^ | $/g,"");b.length&&g.push(["kwd",RegExp("^(?:"+b.replace(/[\s,]+/g,"|")+")\\b"),q]);d.push(["pln",/^\s+/,q," \r\n\t\u00a0"]);b="^.[^\\s\\w.$@'\"`/\\\\]*";a.regexLiterals&&(b+="(?!s*/)");g.push(["lit",/^@[$_a-z][\w$@]*/i,q],["typ",/^(?:[@_]?[A-Z]+[a-z][\w$@]*|\w+_t\b)/,q],["pln",/^[$_a-z][\w$@]*/i,q],["lit",/^(?:0x[\da-f]+|(?:\d(?:_\d+)*\d*(?:\.\d*)?|\.\d\+)(?:e[+-]?\d+)?)[a-z]*/i,q,"0123456789"],["pln",/^\\[\S\s]?/,
-q],["pun",RegExp(b),q]);return D(d,g)}function J(a,d,g){function b(a){var c=a.nodeType;if(c==1&&!x.test(a.className))if("br"===a.nodeName)s(a),a.parentNode&&a.parentNode.removeChild(a);else for(a=a.firstChild;a;a=a.nextSibling)b(a);else if((c==3||c==4)&&g){var d=a.nodeValue,i=d.match(m);if(i)c=d.substring(0,i.index),a.nodeValue=c,(d=d.substring(i.index+i[0].length))&&a.parentNode.insertBefore(j.createTextNode(d),a.nextSibling),s(a),c||a.parentNode.removeChild(a)}}function s(a){function b(a,c){var d=
-c?a.cloneNode(!1):a,e=a.parentNode;if(e){var e=b(e,1),g=a.nextSibling;e.appendChild(d);for(var i=g;i;i=g)g=i.nextSibling,e.appendChild(i)}return d}for(;!a.nextSibling;)if(a=a.parentNode,!a)return;for(var a=b(a.nextSibling,0),d;(d=a.parentNode)&&d.nodeType===1;)a=d;c.push(a)}for(var x=/(?:^|\s)nocode(?:\s|$)/,m=/\r\n?|\n/,j=a.ownerDocument,k=j.createElement("li");a.firstChild;)k.appendChild(a.firstChild);for(var c=[k],i=0;i<c.length;++i)b(c[i]);d===(d|0)&&c[0].setAttribute("value",d);var r=j.createElement("ol");
-r.className="linenums";for(var d=Math.max(0,d-1|0)||0,i=0,n=c.length;i<n;++i)k=c[i],k.className="L"+(i+d)%10,k.firstChild||k.appendChild(j.createTextNode("\u00a0")),r.appendChild(k);a.appendChild(r)}function p(a,d){for(var g=d.length;--g>=0;){var b=d[g];F.hasOwnProperty(b)?E.console&&console.warn("cannot override language handler %s",b):F[b]=a}}function I(a,d){if(!a||!F.hasOwnProperty(a))a=/^\s*</.test(d)?"default-markup":"default-code";return F[a]}function K(a){var d=a.h;try{var g=S(a.c,a.i),b=g.a;
-a.a=b;a.d=g.d;a.e=0;I(d,b)(a);var s=/\bMSIE\s(\d+)/.exec(navigator.userAgent),s=s&&+s[1]<=8,d=/\n/g,x=a.a,m=x.length,g=0,j=a.d,k=j.length,b=0,c=a.g,i=c.length,r=0;c[i]=m;var n,e;for(e=n=0;e<i;)c[e]!==c[e+2]?(c[n++]=c[e++],c[n++]=c[e++]):e+=2;i=n;for(e=n=0;e<i;){for(var p=c[e],w=c[e+1],t=e+2;t+2<=i&&c[t+1]===w;)t+=2;c[n++]=p;c[n++]=w;e=t}c.length=n;var f=a.c,h;if(f)h=f.style.display,f.style.display="none";try{for(;b<k;){var l=j[b+2]||m,B=c[r+2]||m,t=Math.min(l,B),A=j[b+1],G;if(A.nodeType!==1&&(G=x.substring(g,
-t))){s&&(G=G.replace(d,"\r"));A.nodeValue=G;var L=A.ownerDocument,o=L.createElement("span");o.className=c[r+1];var v=A.parentNode;v.replaceChild(o,A);o.appendChild(A);g<l&&(j[b+1]=A=L.createTextNode(x.substring(t,l)),v.insertBefore(A,o.nextSibling))}g=t;g>=l&&(b+=2);g>=B&&(r+=2)}}finally{if(f)f.style.display=h}}catch(u){E.console&&console.log(u&&u.stack||u)}}var E=window,y=["break,continue,do,else,for,if,return,while"],C=[[y,"auto,case,char,const,default,double,enum,extern,float,goto,inline,int,long,register,short,signed,sizeof,static,struct,switch,typedef,union,unsigned,void,volatile"],
-"catch,class,delete,false,import,new,operator,private,protected,public,this,throw,true,try,typeof"],M=[C,"alignof,align_union,asm,axiom,bool,concept,concept_map,const_cast,constexpr,decltype,delegate,dynamic_cast,explicit,export,friend,generic,late_check,mutable,namespace,nullptr,property,reinterpret_cast,static_assert,static_cast,template,typeid,typename,using,virtual,where"],V=[C,"abstract,assert,boolean,byte,extends,final,finally,implements,import,instanceof,interface,null,native,package,strictfp,super,synchronized,throws,transient"],
-N=[C,"abstract,as,base,bool,by,byte,checked,decimal,delegate,descending,dynamic,event,finally,fixed,foreach,from,group,implicit,in,interface,internal,into,is,let,lock,null,object,out,override,orderby,params,partial,readonly,ref,sbyte,sealed,stackalloc,string,select,uint,ulong,unchecked,unsafe,ushort,var,virtual,where"],C=[C,"debugger,eval,export,function,get,null,set,undefined,var,with,Infinity,NaN"],O=[y,"and,as,assert,class,def,del,elif,except,exec,finally,from,global,import,in,is,lambda,nonlocal,not,or,pass,print,raise,try,with,yield,False,True,None"],
-P=[y,"alias,and,begin,case,class,def,defined,elsif,end,ensure,false,in,module,next,nil,not,or,redo,rescue,retry,self,super,then,true,undef,unless,until,when,yield,BEGIN,END"],W=[y,"as,assert,const,copy,drop,enum,extern,fail,false,fn,impl,let,log,loop,match,mod,move,mut,priv,pub,pure,ref,self,static,struct,true,trait,type,unsafe,use"],y=[y,"case,done,elif,esac,eval,fi,function,in,local,set,then,until"],Q=/^(DIR|FILE|vector|(de|priority_)?queue|list|stack|(const_)?iterator|(multi)?(set|map)|bitset|u?(int|float)\d*)\b/,
-U=/\S/,X=v({keywords:[M,N,C,"caller,delete,die,do,dump,elsif,eval,exit,foreach,for,goto,if,import,last,local,my,next,no,our,print,package,redo,require,sub,undef,unless,until,use,wantarray,while,BEGIN,END",O,P,y],hashComments:!0,cStyleComments:!0,multiLineStrings:!0,regexLiterals:!0}),F={};p(X,["default-code"]);p(D([],[["pln",/^[^<?]+/],["dec",/^<!\w[^>]*(?:>|$)/],["com",/^<\!--[\S\s]*?(?:--\>|$)/],["lang-",/^<\?([\S\s]+?)(?:\?>|$)/],["lang-",/^<%([\S\s]+?)(?:%>|$)/],["pun",/^(?:<[%?]|[%?]>)/],["lang-",
-/^<xmp\b[^>]*>([\S\s]+?)<\/xmp\b[^>]*>/i],["lang-js",/^<script\b[^>]*>([\S\s]*?)(<\/script\b[^>]*>)/i],["lang-css",/^<style\b[^>]*>([\S\s]*?)(<\/style\b[^>]*>)/i],["lang-in.tag",/^(<\/?[a-z][^<>]*>)/i]]),["default-markup","htm","html","mxml","xhtml","xml","xsl"]);p(D([["pln",/^\s+/,q," \t\r\n"],["atv",/^(?:"[^"]*"?|'[^']*'?)/,q,"\"'"]],[["tag",/^^<\/?[a-z](?:[\w-.:]*\w)?|\/?>$/i],["atn",/^(?!style[\s=]|on)[a-z](?:[\w:-]*\w)?/i],["lang-uq.val",/^=\s*([^\s"'>]*(?:[^\s"'/>]|\/(?=\s)))/],["pun",/^[/<->]+/],
-["lang-js",/^on\w+\s*=\s*"([^"]+)"/i],["lang-js",/^on\w+\s*=\s*'([^']+)'/i],["lang-js",/^on\w+\s*=\s*([^\s"'>]+)/i],["lang-css",/^style\s*=\s*"([^"]+)"/i],["lang-css",/^style\s*=\s*'([^']+)'/i],["lang-css",/^style\s*=\s*([^\s"'>]+)/i]]),["in.tag"]);p(D([],[["atv",/^[\S\s]+/]]),["uq.val"]);p(v({keywords:M,hashComments:!0,cStyleComments:!0,types:Q}),["c","cc","cpp","cxx","cyc","m"]);p(v({keywords:"null,true,false"}),["json"]);p(v({keywords:N,hashComments:!0,cStyleComments:!0,verbatimStrings:!0,types:Q}),
-["cs"]);p(v({keywords:V,cStyleComments:!0}),["java"]);p(v({keywords:y,hashComments:!0,multiLineStrings:!0}),["bash","bsh","csh","sh"]);p(v({keywords:O,hashComments:!0,multiLineStrings:!0,tripleQuotedStrings:!0}),["cv","py","python"]);p(v({keywords:"caller,delete,die,do,dump,elsif,eval,exit,foreach,for,goto,if,import,last,local,my,next,no,our,print,package,redo,require,sub,undef,unless,until,use,wantarray,while,BEGIN,END",hashComments:!0,multiLineStrings:!0,regexLiterals:2}),["perl","pl","pm"]);p(v({keywords:P,
-hashComments:!0,multiLineStrings:!0,regexLiterals:!0}),["rb","ruby"]);p(v({keywords:C,cStyleComments:!0,regexLiterals:!0}),["javascript","js"]);p(v({keywords:"all,and,by,catch,class,else,extends,false,finally,for,if,in,is,isnt,loop,new,no,not,null,of,off,on,or,return,super,then,throw,true,try,unless,until,when,while,yes",hashComments:3,cStyleComments:!0,multilineStrings:!0,tripleQuotedStrings:!0,regexLiterals:!0}),["coffee"]);p(v({keywords:W,cStyleComments:!0,multilineStrings:!0}),["rc","rs","rust"]);
-p(D([],[["str",/^[\S\s]+/]]),["regex"]);var Y=E.PR={createSimpleLexer:D,registerLangHandler:p,sourceDecorator:v,PR_ATTRIB_NAME:"atn",PR_ATTRIB_VALUE:"atv",PR_COMMENT:"com",PR_DECLARATION:"dec",PR_KEYWORD:"kwd",PR_LITERAL:"lit",PR_NOCODE:"nocode",PR_PLAIN:"pln",PR_PUNCTUATION:"pun",PR_SOURCE:"src",PR_STRING:"str",PR_TAG:"tag",PR_TYPE:"typ",prettyPrintOne:E.prettyPrintOne=function(a,d,g){var b=document.createElement("div");b.innerHTML="<pre>"+a+"</pre>";b=b.firstChild;g&&J(b,g,!0);K({h:d,j:g,c:b,i:1});
-return b.innerHTML},prettyPrint:E.prettyPrint=function(a,d){function g(){for(var b=E.PR_SHOULD_USE_CONTINUATION?c.now()+250:Infinity;i<p.length&&c.now()<b;i++){for(var d=p[i],j=h,k=d;k=k.previousSibling;){var m=k.nodeType,o=(m===7||m===8)&&k.nodeValue;if(o?!/^\??prettify\b/.test(o):m!==3||/\S/.test(k.nodeValue))break;if(o){j={};o.replace(/\b(\w+)=([\w%+\-.:]+)/g,function(a,b,c){j[b]=c});break}}k=d.className;if((j!==h||e.test(k))&&!v.test(k)){m=!1;for(o=d.parentNode;o;o=o.parentNode)if(f.test(o.tagName)&&
-o.className&&e.test(o.className)){m=!0;break}if(!m){d.className+=" prettyprinted";m=j.lang;if(!m){var m=k.match(n),y;if(!m&&(y=T(d))&&t.test(y.tagName))m=y.className.match(n);m&&(m=m[1])}if(w.test(d.tagName))o=1;else var o=d.currentStyle,u=s.defaultView,o=(o=o?o.whiteSpace:u&&u.getComputedStyle?u.getComputedStyle(d,q).getPropertyValue("white-space"):0)&&"pre"===o.substring(0,3);u=j.linenums;if(!(u=u==="true"||+u))u=(u=k.match(/\blinenums\b(?::(\d+))?/))?u[1]&&u[1].length?+u[1]:!0:!1;u&&J(d,u,o);r=
-{h:m,c:d,j:u,i:o};K(r)}}}i<p.length?setTimeout(g,250):"function"===typeof a&&a()}for(var b=d||document.body,s=b.ownerDocument||document,b=[b.getElementsByTagName("pre"),b.getElementsByTagName("code"),b.getElementsByTagName("xmp")],p=[],m=0;m<b.length;++m)for(var j=0,k=b[m].length;j<k;++j)p.push(b[m][j]);var b=q,c=Date;c.now||(c={now:function(){return+new Date}});var i=0,r,n=/\blang(?:uage)?-([\w.]+)(?!\S)/,e=/\bprettyprint\b/,v=/\bprettyprinted\b/,w=/pre|xmp/i,t=/^code$/i,f=/^(?:pre|code|xmp)$/i,
-h={};g()}};typeof define==="function"&&define.amd&&define("google-code-prettify",[],function(){return Y})})();}()
+!function(){"undefined"!==typeof window&&(window.PR_SHOULD_USE_CONTINUATION=!0);
+(function(){function T(a){function d(e){var a=e.charCodeAt(0);if(92!==a)return a;var c=e.charAt(1);return(a=w[c])?a:"0"<=c&&"7">=c?parseInt(e.substring(1),8):"u"===c||"x"===c?parseInt(e.substring(2),16):e.charCodeAt(1)}function f(e){if(32>e)return(16>e?"\\x0":"\\x")+e.toString(16);e=String.fromCharCode(e);return"\\"===e||"-"===e||"]"===e||"^"===e?"\\"+e:e}function c(e){var c=e.substring(1,e.length-1).match(RegExp("\\\\u[0-9A-Fa-f]{4}|\\\\x[0-9A-Fa-f]{2}|\\\\[0-3][0-7]{0,2}|\\\\[0-7]{1,2}|\\\\[\\s\\S]|-|[^-\\\\]","g"));
+e=[];var a="^"===c[0],b=["["];a&&b.push("^");for(var a=a?1:0,g=c.length;a<g;++a){var h=c[a];if(/\\[bdsw]/i.test(h))b.push(h);else{var h=d(h),k;a+2<g&&"-"===c[a+1]?(k=d(c[a+2]),a+=2):k=h;e.push([h,k]);65>k||122<h||(65>k||90<h||e.push([Math.max(65,h)|32,Math.min(k,90)|32]),97>k||122<h||e.push([Math.max(97,h)&-33,Math.min(k,122)&-33]))}}e.sort(function(e,a){return e[0]-a[0]||a[1]-e[1]});c=[];g=[];for(a=0;a<e.length;++a)h=e[a],h[0]<=g[1]+1?g[1]=Math.max(g[1],h[1]):c.push(g=h);for(a=0;a<c.length;++a)h=
+c[a],b.push(f(h[0])),h[1]>h[0]&&(h[1]+1>h[0]&&b.push("-"),b.push(f(h[1])));b.push("]");return b.join("")}function m(e){for(var a=e.source.match(RegExp("(?:\\[(?:[^\\x5C\\x5D]|\\\\[\\s\\S])*\\]|\\\\u[A-Fa-f0-9]{4}|\\\\x[A-Fa-f0-9]{2}|\\\\[0-9]+|\\\\[^ux0-9]|\\(\\?[:!=]|[\\(\\)\\^]|[^\\x5B\\x5C\\(\\)\\^]+)","g")),b=a.length,d=[],g=0,h=0;g<b;++g){var k=a[g];"("===k?++h:"\\"===k.charAt(0)&&(k=+k.substring(1))&&(k<=h?d[k]=-1:a[g]=f(k))}for(g=1;g<d.length;++g)-1===d[g]&&(d[g]=++E);for(h=g=0;g<b;++g)k=a[g],
+"("===k?(++h,d[h]||(a[g]="(?:")):"\\"===k.charAt(0)&&(k=+k.substring(1))&&k<=h&&(a[g]="\\"+d[k]);for(g=0;g<b;++g)"^"===a[g]&&"^"!==a[g+1]&&(a[g]="");if(e.ignoreCase&&q)for(g=0;g<b;++g)k=a[g],e=k.charAt(0),2<=k.length&&"["===e?a[g]=c(k):"\\"!==e&&(a[g]=k.replace(/[a-zA-Z]/g,function(a){a=a.charCodeAt(0);return"["+String.fromCharCode(a&-33,a|32)+"]"}));return a.join("")}for(var E=0,q=!1,l=!1,n=0,b=a.length;n<b;++n){var p=a[n];if(p.ignoreCase)l=!0;else if(/[a-z]/i.test(p.source.replace(/\\u[0-9a-f]{4}|\\x[0-9a-f]{2}|\\[^ux]/gi,
+""))){q=!0;l=!1;break}}for(var w={b:8,t:9,n:10,v:11,f:12,r:13},r=[],n=0,b=a.length;n<b;++n){p=a[n];if(p.global||p.multiline)throw Error(""+p);r.push("(?:"+m(p)+")")}return new RegExp(r.join("|"),l?"gi":"g")}function U(a,d){function f(a){var b=a.nodeType;if(1==b){if(!c.test(a.className)){for(b=a.firstChild;b;b=b.nextSibling)f(b);b=a.nodeName.toLowerCase();if("br"===b||"li"===b)m[l]="\n",q[l<<1]=E++,q[l++<<1|1]=a}}else if(3==b||4==b)b=a.nodeValue,b.length&&(b=d?b.replace(/\r\n?/g,"\n"):b.replace(/[ \t\r\n]+/g,
+" "),m[l]=b,q[l<<1]=E,E+=b.length,q[l++<<1|1]=a)}var c=/(?:^|\s)nocode(?:\s|$)/,m=[],E=0,q=[],l=0;f(a);return{a:m.join("").replace(/\n$/,""),c:q}}function J(a,d,f,c,m){f&&(a={h:a,l:1,j:null,m:null,a:f,c:null,i:d,g:null},c(a),m.push.apply(m,a.g))}function V(a){for(var d=void 0,f=a.firstChild;f;f=f.nextSibling)var c=f.nodeType,d=1===c?d?a:f:3===c?W.test(f.nodeValue)?a:d:d;return d===a?void 0:d}function G(a,d){function f(a){for(var l=a.i,n=a.h,b=[l,"pln"],p=0,q=a.a.match(m)||[],r={},e=0,t=q.length;e<
+t;++e){var z=q[e],v=r[z],g=void 0,h;if("string"===typeof v)h=!1;else{var k=c[z.charAt(0)];if(k)g=z.match(k[1]),v=k[0];else{for(h=0;h<E;++h)if(k=d[h],g=z.match(k[1])){v=k[0];break}g||(v="pln")}!(h=5<=v.length&&"lang-"===v.substring(0,5))||g&&"string"===typeof g[1]||(h=!1,v="src");h||(r[z]=v)}k=p;p+=z.length;if(h){h=g[1];var A=z.indexOf(h),C=A+h.length;g[2]&&(C=z.length-g[2].length,A=C-h.length);v=v.substring(5);J(n,l+k,z.substring(0,A),f,b);J(n,l+k+A,h,K(v,h),b);J(n,l+k+C,z.substring(C),f,b)}else b.push(l+
+k,v)}a.g=b}var c={},m;(function(){for(var f=a.concat(d),l=[],n={},b=0,p=f.length;b<p;++b){var w=f[b],r=w[3];if(r)for(var e=r.length;0<=--e;)c[r.charAt(e)]=w;w=w[1];r=""+w;n.hasOwnProperty(r)||(l.push(w),n[r]=null)}l.push(/[\0-\uffff]/);m=T(l)})();var E=d.length;return f}function x(a){var d=[],f=[];a.tripleQuotedStrings?d.push(["str",/^(?:\'\'\'(?:[^\'\\]|\\[\s\S]|\'{1,2}(?=[^\']))*(?:\'\'\'|$)|\"\"\"(?:[^\"\\]|\\[\s\S]|\"{1,2}(?=[^\"]))*(?:\"\"\"|$)|\'(?:[^\\\']|\\[\s\S])*(?:\'|$)|\"(?:[^\\\"]|\\[\s\S])*(?:\"|$))/,
+null,"'\""]):a.multiLineStrings?d.push(["str",/^(?:\'(?:[^\\\']|\\[\s\S])*(?:\'|$)|\"(?:[^\\\"]|\\[\s\S])*(?:\"|$)|\`(?:[^\\\`]|\\[\s\S])*(?:\`|$))/,null,"'\"`"]):d.push(["str",/^(?:\'(?:[^\\\'\r\n]|\\.)*(?:\'|$)|\"(?:[^\\\"\r\n]|\\.)*(?:\"|$))/,null,"\"'"]);a.verbatimStrings&&f.push(["str",/^@\"(?:[^\"]|\"\")*(?:\"|$)/,null]);var c=a.hashComments;c&&(a.cStyleComments?(1<c?d.push(["com",/^#(?:##(?:[^#]|#(?!##))*(?:###|$)|.*)/,null,"#"]):d.push(["com",/^#(?:(?:define|e(?:l|nd)if|else|error|ifn?def|include|line|pragma|undef|warning)\b|[^\r\n]*)/,
+null,"#"]),f.push(["str",/^<(?:(?:(?:\.\.\/)*|\/?)(?:[\w-]+(?:\/[\w-]+)+)?[\w-]+\.h(?:h|pp|\+\+)?|[a-z]\w*)>/,null])):d.push(["com",/^#[^\r\n]*/,null,"#"]));a.cStyleComments&&(f.push(["com",/^\/\/[^\r\n]*/,null]),f.push(["com",/^\/\*[\s\S]*?(?:\*\/|$)/,null]));if(c=a.regexLiterals){var m=(c=1<c?"":"\n\r")?".":"[\\S\\s]";f.push(["lang-regex",RegExp("^(?:^^\\.?|[+-]|[!=]=?=?|\\#|%=?|&&?=?|\\(|\\*=?|[+\\-]=|->|\\/=?|::?|<<?=?|>>?>?=?|,|;|\\?|@|\\[|~|{|\\^\\^?=?|\\|\\|?=?|break|case|continue|delete|do|else|finally|instanceof|return|throw|try|typeof)\\s*("+
+("/(?=[^/*"+c+"])(?:[^/\\x5B\\x5C"+c+"]|\\x5C"+m+"|\\x5B(?:[^\\x5C\\x5D"+c+"]|\\x5C"+m+")*(?:\\x5D|$))+/")+")")])}(c=a.types)&&f.push(["typ",c]);c=(""+a.keywords).replace(/^ | $/g,"");c.length&&f.push(["kwd",new RegExp("^(?:"+c.replace(/[\s,]+/g,"|")+")\\b"),null]);d.push(["pln",/^\s+/,null," \r\n\t\u00a0"]);c="^.[^\\s\\w.$@'\"`/\\\\]*";a.regexLiterals&&(c+="(?!s*/)");f.push(["lit",/^@[a-z_$][a-z_$@0-9]*/i,null],["typ",/^(?:[@_]?[A-Z]+[a-z][A-Za-z_$@0-9]*|\w+_t\b)/,null],["pln",/^[a-z_$][a-z_$@0-9]*/i,
+null],["lit",/^(?:0x[a-f0-9]+|(?:\d(?:_\d+)*\d*(?:\.\d*)?|\.\d\+)(?:e[+\-]?\d+)?)[a-z]*/i,null,"0123456789"],["pln",/^\\[\s\S]?/,null],["pun",new RegExp(c),null]);return G(d,f)}function L(a,d,f){function c(a){var b=a.nodeType;if(1==b&&!t.test(a.className))if("br"===a.nodeName.toLowerCase())m(a),a.parentNode&&a.parentNode.removeChild(a);else for(a=a.firstChild;a;a=a.nextSibling)c(a);else if((3==b||4==b)&&f){var e=a.nodeValue,d=e.match(q);d&&(b=e.substring(0,d.index),a.nodeValue=b,(e=e.substring(d.index+
+d[0].length))&&a.parentNode.insertBefore(l.createTextNode(e),a.nextSibling),m(a),b||a.parentNode.removeChild(a))}}function m(a){function c(a,b){var e=b?a.cloneNode(!1):a,k=a.parentNode;if(k){var k=c(k,1),d=a.nextSibling;k.appendChild(e);for(var f=d;f;f=d)d=f.nextSibling,k.appendChild(f)}return e}for(;!a.nextSibling;)if(a=a.parentNode,!a)return;a=c(a.nextSibling,0);for(var e;(e=a.parentNode)&&1===e.nodeType;)a=e;b.push(a)}for(var t=/(?:^|\s)nocode(?:\s|$)/,q=/\r\n?|\n/,l=a.ownerDocument,n=l.createElement("li");a.firstChild;)n.appendChild(a.firstChild);
+for(var b=[n],p=0;p<b.length;++p)c(b[p]);d===(d|0)&&b[0].setAttribute("value",d);var w=l.createElement("ol");w.className="linenums";d=Math.max(0,d-1|0)||0;for(var p=0,r=b.length;p<r;++p)n=b[p],n.className="L"+(p+d)%10,n.firstChild||n.appendChild(l.createTextNode("\u00a0")),w.appendChild(n);a.appendChild(w)}function t(a,d){for(var f=d.length;0<=--f;){var c=d[f];I.hasOwnProperty(c)?D.console&&console.warn("cannot override language handler %s",c):I[c]=a}}function K(a,d){a&&I.hasOwnProperty(a)||(a=/^\s*</.test(d)?
+"default-markup":"default-code");return I[a]}function M(a){var d=a.j;try{var f=U(a.h,a.l),c=f.a;a.a=c;a.c=f.c;a.i=0;K(d,c)(a);var m=/\bMSIE\s(\d+)/.exec(navigator.userAgent),m=m&&8>=+m[1],d=/\n/g,t=a.a,q=t.length,f=0,l=a.c,n=l.length,c=0,b=a.g,p=b.length,w=0;b[p]=q;var r,e;for(e=r=0;e<p;)b[e]!==b[e+2]?(b[r++]=b[e++],b[r++]=b[e++]):e+=2;p=r;for(e=r=0;e<p;){for(var x=b[e],z=b[e+1],v=e+2;v+2<=p&&b[v+1]===z;)v+=2;b[r++]=x;b[r++]=z;e=v}b.length=r;var g=a.h;a="";g&&(a=g.style.display,g.style.display="none");
+try{for(;c<n;){var h=l[c+2]||q,k=b[w+2]||q,v=Math.min(h,k),A=l[c+1],C;if(1!==A.nodeType&&(C=t.substring(f,v))){m&&(C=C.replace(d,"\r"));A.nodeValue=C;var N=A.ownerDocument,u=N.createElement("span");u.className=b[w+1];var B=A.parentNode;B.replaceChild(u,A);u.appendChild(A);f<h&&(l[c+1]=A=N.createTextNode(t.substring(v,h)),B.insertBefore(A,u.nextSibling))}f=v;f>=h&&(c+=2);f>=k&&(w+=2)}}finally{g&&(g.style.display=a)}}catch(y){D.console&&console.log(y&&y.stack||y)}}var D="undefined"!==typeof window?
+window:{},B=["break,continue,do,else,for,if,return,while"],F=[[B,"auto,case,char,const,default,double,enum,extern,float,goto,inline,int,long,register,restrict,short,signed,sizeof,static,struct,switch,typedef,union,unsigned,void,volatile"],"catch,class,delete,false,import,new,operator,private,protected,public,this,throw,true,try,typeof"],H=[F,"alignas,alignof,align_union,asm,axiom,bool,concept,concept_map,const_cast,constexpr,decltype,delegate,dynamic_cast,explicit,export,friend,generic,late_check,mutable,namespace,noexcept,noreturn,nullptr,property,reinterpret_cast,static_assert,static_cast,template,typeid,typename,using,virtual,where"],
+O=[F,"abstract,assert,boolean,byte,extends,finally,final,implements,import,instanceof,interface,null,native,package,strictfp,super,synchronized,throws,transient"],P=[F,"abstract,add,alias,as,ascending,async,await,base,bool,by,byte,checked,decimal,delegate,descending,dynamic,event,finally,fixed,foreach,from,get,global,group,implicit,in,interface,internal,into,is,join,let,lock,null,object,out,override,orderby,params,partial,readonly,ref,remove,sbyte,sealed,select,set,stackalloc,string,select,uint,ulong,unchecked,unsafe,ushort,value,var,virtual,where,yield"],
+F=[F,"abstract,async,await,constructor,debugger,enum,eval,export,from,function,get,import,implements,instanceof,interface,let,null,of,set,undefined,var,with,yield,Infinity,NaN"],Q=[B,"and,as,assert,class,def,del,elif,except,exec,finally,from,global,import,in,is,lambda,nonlocal,not,or,pass,print,raise,try,with,yield,False,True,None"],R=[B,"alias,and,begin,case,class,def,defined,elsif,end,ensure,false,in,module,next,nil,not,or,redo,rescue,retry,self,super,then,true,undef,unless,until,when,yield,BEGIN,END"],
+B=[B,"case,done,elif,esac,eval,fi,function,in,local,set,then,until"],S=/^(DIR|FILE|array|vector|(de|priority_)?queue|(forward_)?list|stack|(const_)?(reverse_)?iterator|(unordered_)?(multi)?(set|map)|bitset|u?(int|float)\d*)\b/,W=/\S/,X=x({keywords:[H,P,O,F,"caller,delete,die,do,dump,elsif,eval,exit,foreach,for,goto,if,import,last,local,my,next,no,our,print,package,redo,require,sub,undef,unless,until,use,wantarray,while,BEGIN,END",Q,R,B],hashComments:!0,cStyleComments:!0,multiLineStrings:!0,regexLiterals:!0}),
+I={};t(X,["default-code"]);t(G([],[["pln",/^[^<?]+/],["dec",/^<!\w[^>]*(?:>|$)/],["com",/^<\!--[\s\S]*?(?:-\->|$)/],["lang-",/^<\?([\s\S]+?)(?:\?>|$)/],["lang-",/^<%([\s\S]+?)(?:%>|$)/],["pun",/^(?:<[%?]|[%?]>)/],["lang-",/^<xmp\b[^>]*>([\s\S]+?)<\/xmp\b[^>]*>/i],["lang-js",/^<script\b[^>]*>([\s\S]*?)(<\/script\b[^>]*>)/i],["lang-css",/^<style\b[^>]*>([\s\S]*?)(<\/style\b[^>]*>)/i],["lang-in.tag",/^(<\/?[a-z][^<>]*>)/i]]),"default-markup htm html mxml xhtml xml xsl".split(" "));t(G([["pln",/^[\s]+/,
+null," \t\r\n"],["atv",/^(?:\"[^\"]*\"?|\'[^\']*\'?)/,null,"\"'"]],[["tag",/^^<\/?[a-z](?:[\w.:-]*\w)?|\/?>$/i],["atn",/^(?!style[\s=]|on)[a-z](?:[\w:-]*\w)?/i],["lang-uq.val",/^=\s*([^>\'\"\s]*(?:[^>\'\"\s\/]|\/(?=\s)))/],["pun",/^[=<>\/]+/],["lang-js",/^on\w+\s*=\s*\"([^\"]+)\"/i],["lang-js",/^on\w+\s*=\s*\'([^\']+)\'/i],["lang-js",/^on\w+\s*=\s*([^\"\'>\s]+)/i],["lang-css",/^style\s*=\s*\"([^\"]+)\"/i],["lang-css",/^style\s*=\s*\'([^\']+)\'/i],["lang-css",/^style\s*=\s*([^\"\'>\s]+)/i]]),["in.tag"]);
+t(G([],[["atv",/^[\s\S]+/]]),["uq.val"]);t(x({keywords:H,hashComments:!0,cStyleComments:!0,types:S}),"c cc cpp cxx cyc m".split(" "));t(x({keywords:"null,true,false"}),["json"]);t(x({keywords:P,hashComments:!0,cStyleComments:!0,verbatimStrings:!0,types:S}),["cs"]);t(x({keywords:O,cStyleComments:!0}),["java"]);t(x({keywords:B,hashComments:!0,multiLineStrings:!0}),["bash","bsh","csh","sh"]);t(x({keywords:Q,hashComments:!0,multiLineStrings:!0,tripleQuotedStrings:!0}),["cv","py","python"]);t(x({keywords:"caller,delete,die,do,dump,elsif,eval,exit,foreach,for,goto,if,import,last,local,my,next,no,our,print,package,redo,require,sub,undef,unless,until,use,wantarray,while,BEGIN,END",
+hashComments:!0,multiLineStrings:!0,regexLiterals:2}),["perl","pl","pm"]);t(x({keywords:R,hashComments:!0,multiLineStrings:!0,regexLiterals:!0}),["rb","ruby"]);t(x({keywords:F,cStyleComments:!0,regexLiterals:!0}),["javascript","js","ts","typescript"]);t(x({keywords:"all,and,by,catch,class,else,extends,false,finally,for,if,in,is,isnt,loop,new,no,not,null,of,off,on,or,return,super,then,throw,true,try,unless,until,when,while,yes",hashComments:3,cStyleComments:!0,multilineStrings:!0,tripleQuotedStrings:!0,
+regexLiterals:!0}),["coffee"]);t(G([],[["str",/^[\s\S]+/]]),["regex"]);var Y=D.PR={createSimpleLexer:G,registerLangHandler:t,sourceDecorator:x,PR_ATTRIB_NAME:"atn",PR_ATTRIB_VALUE:"atv",PR_COMMENT:"com",PR_DECLARATION:"dec",PR_KEYWORD:"kwd",PR_LITERAL:"lit",PR_NOCODE:"nocode",PR_PLAIN:"pln",PR_PUNCTUATION:"pun",PR_SOURCE:"src",PR_STRING:"str",PR_TAG:"tag",PR_TYPE:"typ",prettyPrintOne:D.prettyPrintOne=function(a,d,f){f=f||!1;d=d||null;var c=document.createElement("div");c.innerHTML="<pre>"+a+"</pre>";
+c=c.firstChild;f&&L(c,f,!0);M({j:d,m:f,h:c,l:1,a:null,i:null,c:null,g:null});return c.innerHTML},prettyPrint:D.prettyPrint=function(a,d){function f(){for(var c=D.PR_SHOULD_USE_CONTINUATION?b.now()+250:Infinity;p<x.length&&b.now()<c;p++){for(var d=x[p],l=g,n=d;n=n.previousSibling;){var m=n.nodeType,u=(7===m||8===m)&&n.nodeValue;if(u?!/^\??prettify\b/.test(u):3!==m||/\S/.test(n.nodeValue))break;if(u){l={};u.replace(/\b(\w+)=([\w:.%+-]+)/g,function(a,b,c){l[b]=c});break}}n=d.className;if((l!==g||r.test(n))&&
+!e.test(n)){m=!1;for(u=d.parentNode;u;u=u.parentNode)if(v.test(u.tagName)&&u.className&&r.test(u.className)){m=!0;break}if(!m){d.className+=" prettyprinted";m=l.lang;if(!m){var m=n.match(w),q;!m&&(q=V(d))&&z.test(q.tagName)&&(m=q.className.match(w));m&&(m=m[1])}if(B.test(d.tagName))u=1;else var u=d.currentStyle,y=t.defaultView,u=(u=u?u.whiteSpace:y&&y.getComputedStyle?y.getComputedStyle(d,null).getPropertyValue("white-space"):0)&&"pre"===u.substring(0,3);y=l.linenums;(y="true"===y||+y)||(y=(y=n.match(/\blinenums\b(?::(\d+))?/))?
+y[1]&&y[1].length?+y[1]:!0:!1);y&&L(d,y,u);M({j:m,h:d,m:y,l:u,a:null,i:null,c:null,g:null})}}}p<x.length?D.setTimeout(f,250):"function"===typeof a&&a()}for(var c=d||document.body,t=c.ownerDocument||document,c=[c.getElementsByTagName("pre"),c.getElementsByTagName("code"),c.getElementsByTagName("xmp")],x=[],q=0;q<c.length;++q)for(var l=0,n=c[q].length;l<n;++l)x.push(c[q][l]);var c=null,b=Date;b.now||(b={now:function(){return+new Date}});var p=0,w=/\blang(?:uage)?-([\w.]+)(?!\S)/,r=/\bprettyprint\b/,
+e=/\bprettyprinted\b/,B=/pre|xmp/i,z=/^code$/i,v=/^(?:pre|code|xmp)$/i,g={};f()}},H=D.define;"function"===typeof H&&H.amd&&H("google-code-prettify",[],function(){return Y})})();}()

js/privatebin.js

@@ -25,6 +25,8 @@
 
 // Immediately start random number generator collector.
 sjcl.random.startCollectors();
+// Setting this to 10 ensures 1024 bits of entropy get collected before generating the paste key
+sjcl.random.setDefaultParanoia(10);
 
 // main application start, called when DOM is fully loaded
 jQuery(document).ready(function() {
@@ -230,7 +232,8 @@ jQuery.PrivateBin = (function($, sjcl, Base64, RawDeflate) {
                 return baseUri;
             }
 
-            baseUri = window.location.origin + window.location.pathname;
+            // window.location.origin is a newer alternative, but requires FF 21 / Chrome 31 / Safari 7 / IE 11
+            baseUri = window.location.protocol + '//' + window.location.host + window.location.pathname;
             return baseUri;
         };
 
@@ -641,7 +644,7 @@ jQuery.PrivateBin = (function($, sjcl, Base64, RawDeflate) {
          */
         me.getSymmetricKey = function()
         {
-            return sjcl.codec.base64.fromBits(sjcl.random.randomWords(8, 0), 0);
+            return sjcl.codec.base64.fromBits(sjcl.random.randomWords(8, 10), 0);
         };
 
         return me;
@@ -718,7 +721,7 @@ jQuery.PrivateBin = (function($, sjcl, Base64, RawDeflate) {
                 TopNav.showViewButtons();
 
                 // show error message
-                Alert.showError(Uploader.parseUploadError(status, data, 'getting paste data'));
+                Alert.showError(Uploader.parseUploadError(status, data, 'get paste data'));
             });
             Uploader.setSuccess(function (status, data) {
                 pasteData = data;
@@ -1441,16 +1444,15 @@ jQuery.PrivateBin = (function($, sjcl, Base64, RawDeflate) {
             }
 
             // fallback to old method for page template
-            var newPassword = prompt(I18n._('Please enter the password for this paste:'), '');
-            if (newPassword === null) {
+            password = prompt(I18n._('Please enter the password for this paste:'), '');
+            if (password === null) {
                 throw 'password prompt canceled';
             }
             if (password.length === 0) {
                 // recurse…
                 return me.requestPassword();
             }
-
-            password = newPassword;
+            PasteDecrypter.run();
         };
 
         /**
@@ -1774,7 +1776,9 @@ jQuery.PrivateBin = (function($, sjcl, Base64, RawDeflate) {
                     var converter = new showdown.Converter({
                         strikethrough: true,
                         tables: true,
-                        tablesHeaderId: true
+                        tablesHeaderId: true,
+                        simplifiedAutoLink: true,
+                        excludeTrailingPunctuationFromURLs: true
                     });
                     // let showdown convert the HTML and sanitize HTML *afterwards*!
                     $plainText.html(
@@ -2208,12 +2212,12 @@ jQuery.PrivateBin = (function($, sjcl, Base64, RawDeflate) {
         };
 
         /**
-         * read file data as dataURL using the FileReader API
+         * read file data as data URL using the FileReader API
          *
          * @name   AttachmentViewer.readFileData
          * @private
          * @function
-         * @param {object} loadedFile The loaded file.
+         * @param {object} loadedFile (optional) loaded file object
          * @see {@link https://developer.mozilla.org/en-US/docs/Web/API/FileReader#readAsDataURL()}
          */
         function readFileData(loadedFile) {
@@ -2252,8 +2256,8 @@ jQuery.PrivateBin = (function($, sjcl, Base64, RawDeflate) {
          *
          * @name   AttachmentViewer.handleAttachmentPreview
          * @function
-         * @argument {jQuery} $targetElement where the preview should be appended.
-         * @argument {File Data} data of the file to be displayed.
+         * @argument {jQuery} $targetElement element where the preview should be appended
+         * @argument {string} file as a data URL
          */
         me.handleAttachmentPreview = function ($targetElement, data) {
             if (data) {
@@ -3971,17 +3975,6 @@ jQuery.PrivateBin = (function($, sjcl, Base64, RawDeflate) {
                 // show prompt
                 Prompt.requestPassword();
 
-                // if password is there instantly (legacy method), re-try encryption
-                if (Prompt.getPassword().length !== 0) {
-                    // recursive
-                    // note: an infinite loop is prevented as the previous if
-                    // clause checks whether a password is already set and ignores
-                    // errors when a password has been passed
-                    return decryptOrPromptPassword(key, password, cipherdata);
-                }
-
-                // if password could not be received yet, the new modal is used,
-                // which uses asyncronous event-driven methods to get the password.
                 // Thus, we cannot do anything yet, we need to wait for the user
                 // input.
                 return false;

lib/Configuration.php

@@ -53,7 +53,7 @@ class Configuration
             'urlshortener'             => '',
             'qrcode'                   => true,
             'icon'                     => 'identicon',
-            'cspheader'                => 'default-src \'none\'; manifest-src \'self\'; connect-src *; script-src \'self\'; style-src \'self\'; font-src \'self\'; img-src \'self\' data:; media-src data:; object-src data:; Referrer-Policy: \'no-referrer\'; sandbox allow-same-origin allow-scripts allow-forms allow-popups',
+            'cspheader'                => 'default-src \'none\'; manifest-src \'self\'; connect-src *; script-src \'self\'; style-src \'self\'; font-src \'self\'; img-src \'self\' data:; media-src data:; object-src data:; Referrer-Policy: \'no-referrer\'; sandbox allow-same-origin allow-scripts allow-forms allow-popups allow-modals',
             'zerobincompatibility'     => false,
         ),
         'expire' => array(

lib/Controller.php

@@ -17,11 +17,11 @@ use PrivateBin\Persistence\ServerSalt;
 use PrivateBin\Persistence\TrafficLimiter;
 
 /**
- * PrivateBin
+ * Controller
  *
- * Controller, puts it all together.
+ * Puts it all together.
  */
-class PrivateBin
+class Controller
 {
     /**
      * version
@@ -151,7 +151,7 @@ class PrivateBin
     }
 
     /**
-     * initialize privatebin
+     * initialize PrivateBin
      *
      * @access private
      */
@@ -368,7 +368,7 @@ class PrivateBin
     }
 
     /**
-     * Display PrivateBin frontend.
+     * Display frontend.
      *
      * @access private
      */

lib/Data/Database.php

@@ -15,7 +15,7 @@ namespace PrivateBin\Data;
 use Exception;
 use PDO;
 use PDOException;
-use PrivateBin\PrivateBin;
+use PrivateBin\Controller;
 use stdClass;
 
 /**
@@ -122,7 +122,7 @@ class Database extends AbstractData
                 }
 
                 // create config table if necessary
-                $db_version = PrivateBin::VERSION;
+                $db_version = Controller::VERSION;
                 if (!in_array(self::_sanitizeIdentifier('config'), $tables)) {
                     self::_createConfigTable();
                     // if we only needed to create the config table, the DB is older then 0.22
@@ -134,7 +134,7 @@ class Database extends AbstractData
                 }
 
                 // update database structure if necessary
-                if (version_compare($db_version, PrivateBin::VERSION, '<')) {
+                if (version_compare($db_version, Controller::VERSION, '<')) {
                     self::_upgradeDatabase($db_version);
                 }
             } else {
@@ -623,7 +623,7 @@ class Database extends AbstractData
         self::_exec(
             'INSERT INTO ' . self::_sanitizeIdentifier('config') .
             ' VALUES(?,?)',
-            array('VERSION', PrivateBin::VERSION)
+            array('VERSION', Controller::VERSION)
         );
     }
 
@@ -698,7 +698,7 @@ class Database extends AbstractData
                 self::_exec(
                     'UPDATE ' . self::_sanitizeIdentifier('config') .
                     ' SET value = ? WHERE id = ?',
-                    array(PrivateBin::VERSION, 'VERSION')
+                    array(Controller::VERSION, 'VERSION')
                 );
         }
     }

lib/Model/Paste.php

@@ -13,8 +13,8 @@
 namespace PrivateBin\Model;
 
 use Exception;
+use PrivateBin\Controller;
 use PrivateBin\Persistence\ServerSalt;
-use PrivateBin\PrivateBin;
 use PrivateBin\Sjcl;
 
 /**
@@ -35,14 +35,14 @@ class Paste extends AbstractModel
     {
         $data = $this->_store->read($this->getId());
         if ($data === false) {
-            throw new Exception(PrivateBin::GENERIC_ERROR, 64);
+            throw new Exception(Controller::GENERIC_ERROR, 64);
         }
 
         // check if paste has expired and delete it if neccessary.
         if (property_exists($data->meta, 'expire_date')) {
             if ($data->meta->expire_date < time()) {
                 $this->delete();
-                throw new Exception(PrivateBin::GENERIC_ERROR, 63);
+                throw new Exception(Controller::GENERIC_ERROR, 63);
             }
             // We kindly provide the remaining time before expiration (in seconds)
             $data->meta->remaining_time = $data->meta->expire_date - time();

lib/Persistence/PurgeLimiter.php

@@ -70,23 +70,18 @@ class PurgeLimiter extends AbstractPersistence
             return true;
         }
 
-        $file    = 'purge_limiter.php';
-        $now     = time();
-        $content = '<?php' . PHP_EOL . '$GLOBALS[\'purge_limiter\'] = ' . $now . ';' . PHP_EOL;
-        if (!self::_exists($file)) {
-            self::_store($file, $content);
+        $now  = time();
+        $file = 'purge_limiter.php';
+        if (self::_exists($file)) {
+            require self::getPath($file);
+            $pl = $GLOBALS['purge_limiter'];
+            if ($pl + self::$_limit >= $now) {
+                return false;
+            }
         }
 
-        $path = self::getPath($file);
-        require $path;
-        $pl = $GLOBALS['purge_limiter'];
-
-        if ($pl + self::$_limit >= $now) {
-            $result = false;
-        } else {
-            $result = true;
-            self::_store($file, $content);
-        }
-        return $result;
+        $content = '<?php' . PHP_EOL . '$GLOBALS[\'purge_limiter\'] = ' . $now . ';';
+        self::_store($file, $content);
+        return true;
     }
 }

lib/Persistence/ServerSalt.php

@@ -83,7 +83,7 @@ class ServerSalt extends AbstractPersistence
             self::$_salt = self::generate();
             self::_store(
                 self::$_file,
-                '<?php /* |' . self::$_salt . '| */ ?>'
+                '<?php # |' . self::$_salt . '|'
             );
         }
         return self::$_salt;

lib/Persistence/TrafficLimiter.php

@@ -101,27 +101,22 @@ class TrafficLimiter extends AbstractPersistence
         }
 
         $file = 'traffic_limiter.php';
-        if (!self::_exists($file)) {
-            self::_store(
-                $file,
-                '<?php' . PHP_EOL .
-                '$GLOBALS[\'traffic_limiter\'] = array();' . PHP_EOL
-            );
+        if (self::_exists($file)) {
+            require self::getPath($file);
+            $tl = $GLOBALS['traffic_limiter'];
+        } else {
+            $tl = array();
         }
 
-        $path = self::getPath($file);
-        require $path;
-        $now = time();
-        $tl  = $GLOBALS['traffic_limiter'];
-
         // purge file of expired hashes to keep it small
+        $now = time();
         foreach ($tl as $key => $time) {
             if ($time + self::$_limit < $now) {
                 unset($tl[$key]);
             }
         }
 
-        // this hash is used as an array key, hence a shorter hash is used
+        // this hash is used as an array key, hence a shorter algo is used
         $hash = self::getHash('sha256');
         if (array_key_exists($hash, $tl) && ($tl[$hash] + self::$_limit >= $now)) {
             $result = false;
@@ -132,8 +127,7 @@ class TrafficLimiter extends AbstractPersistence
         self::_store(
             $file,
             '<?php' . PHP_EOL .
-            '$GLOBALS[\'traffic_limiter\'] = ' .
-            var_export($tl, true) . ';' . PHP_EOL
+            '$GLOBALS[\'traffic_limiter\'] = ' . var_export($tl, true) . ';'
         );
         return $result;
     }

tpl/bootstrap.php

@@ -65,17 +65,17 @@ endif;
 <?php
 if ($SYNTAXHIGHLIGHTING):
 ?>
-		<script type="text/javascript" data-cfasync="false" src="js/prettify.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-m8iHxoN+Fe12xxFwWNdY/TS4KoFntHp29qY0xUzBnPd0bkKMOR/dFhEdTWydpt0b/fIXyhB+znGYUvgjfJ2RzQ==" crossorigin="anonymous"></script>
+		<script type="text/javascript" data-cfasync="false" src="js/prettify.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-puO0Ogy++IoA2Pb9IjSxV1n4+kQkKXYAEUtVzfZpQepyDPyXk8hokiYDS7ybMogYlyyEIwMLpZqVhCkARQWLMg==" crossorigin="anonymous"></script>
 <?php
 endif;
 if ($MARKDOWN):
 ?>
-		<script type="text/javascript" data-cfasync="false" src="js/showdown-1.8.6.js" integrity="sha512-IWAOP5QX4d1WA8ZSKXJtMWdAW8fOifwB0LyZFKaq2WcvsWF/Xmg8aQwxMOUpCjSaYY/V+NASlReVD6uCSDDvHg==" crossorigin="anonymous"></script>
-		<script type="text/javascript" data-cfasync="false" src="js/purify-1.0.5.js" integrity="sha512-y68WmhxZiNWBzbhCnMOhRIQDLQPN2zPTCbLHsjggRAjvLVzt4wihsvaMAdtz+VpoFP/SYXFJQUB6h6BH3gvDpA==" crossorigin="anonymous"></script>
+		<script type="text/javascript" data-cfasync="false" src="js/showdown-1.8.6.js" integrity="sha512-YFg2sBCGT00I6X5KzgCLP4VqRlmPMRhkVvJS9oJKk5LxiUzzcjzV5m4fNf6mQMctLrhgS5LFKiFF3vzIuXbjAw==" crossorigin="anonymous"></script>
+		<script type="text/javascript" data-cfasync="false" src="js/purify-1.0.5.js" integrity="sha512-IpCJCwlqipmuhbr7fdEOTA4ENcBURsQSDAqXqbr/3dcA2swwJon7D6IStGUQntycGCNCdIM/FdPciBq0gUrLJA==" crossorigin="anonymous"></script>
 <?php
 endif;
 ?>
-		<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-2M6U9Blp1VbBq+FEvFaUCgCeiwPAePSi5Mba0BmOxbibFhB86N6gj/IY7ZzRZSC2/UQHFZwFGNGxUTsk8p7IZg==" crossorigin="anonymous"></script>
+		<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-QQHntL2l+OT3v1sze1FcuhjYpzvNVgo6IADzlUXeLjM6wBvHvz9WbEos1j4frW5O6ZzGI4GbRnFj1A6fYnmUKA==" crossorigin="anonymous"></script>
 		<!--[if lt IE 10]>
 		<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
 		<![endif]-->
@@ -100,7 +100,7 @@ endif;
 						<form id="passwordform" role="form">
 							<div class="form-group">
 								<label for="passworddecrypt"><span class="glyphicon glyphicon-eye-open"></span> <?php echo I18n::_('Please enter the password for this paste:') ?></label>
-								<input id="passworddecrypt" type="password" class="form-control" placeholder="<?php echo I18n::_('Enter password') ?>">
+								<input id="passworddecrypt" type="password" class="form-control" placeholder="<?php echo I18n::_('Enter password') ?>" required="required">
 							</div>
 							<button type="submit" class="btn btn-success btn-block"><span class="glyphicon glyphicon-off"></span> <?php echo I18n::_('Decrypt') ?></button>
 						</form>

tpl/page.php

@@ -22,8 +22,12 @@ endif;
 ?>
 		<script type="text/javascript" data-cfasync="false" src="js/jquery-3.3.1.js" integrity="sha512-+NqPlbbtM1QqiK8ZAo4Yrj2c4lNQoGv8P79DPtKzj++l5jnN39rHA/xsqn8zE9l0uSoxaCdrOgFs6yjyfbBxSg==" crossorigin="anonymous"></script>
 		<script type="text/javascript" data-cfasync="false" src="js/sjcl-1.0.7.js" integrity="sha512-J2eNenPwyfXkMVNMFz9Q54kKfYi5AA3mQWpNgtjSJzsKHtpbhUt/7bvcjGwwmzE8ZUVWMI/ndagIX1lG+SfxGA==" crossorigin="anonymous"></script>
-		<script type="text/javascript" data-cfasync="false" src="js/kjua.min.js" integrity="sha512-hmvfOhcr4J8bjQ2GuNVzfSbuulv72wgQCJpgnXc2+cCHKqvYo8pK2nc0Q4Esem2973zo1radyIMTEkt+xJlhBA==" crossorigin="anonymous"></script>
 <?php
+if ($QRCODE):
+?>
+		<script async type="text/javascript" data-cfasync="false" src="js/kjua-0.1.2.js" integrity="sha512-hmvfOhcr4J8bjQ2GuNVzfSbuulv72wgQCJpgnXc2+cCHKqvYo8pK2nc0Q4Esem2973zo1radyIMTEkt+xJlhBA==" crossorigin="anonymous"></script>
+<?php
+endif;
 if ($ZEROBINCOMPATIBILITY):
 ?>
 		<script type="text/javascript" data-cfasync="false" src="js/base64-1.7.js" integrity="sha512-JdwsSP3GyHR+jaCkns9CL9NTt4JUJqm/BsODGmYhBcj5EAPKcHYh+OiMfyHbcDLECe17TL0hjXADFkusAqiYgA==" crossorigin="anonymous"></script>
@@ -39,22 +43,17 @@ endif;
 <?php
 if ($SYNTAXHIGHLIGHTING):
 ?>
-		<script type="text/javascript" data-cfasync="false" src="js/prettify.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-m8iHxoN+Fe12xxFwWNdY/TS4KoFntHp29qY0xUzBnPd0bkKMOR/dFhEdTWydpt0b/fIXyhB+znGYUvgjfJ2RzQ==" crossorigin="anonymous"></script>
+		<script type="text/javascript" data-cfasync="false" src="js/prettify.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-puO0Ogy++IoA2Pb9IjSxV1n4+kQkKXYAEUtVzfZpQepyDPyXk8hokiYDS7ybMogYlyyEIwMLpZqVhCkARQWLMg==" crossorigin="anonymous"></script>
 <?php
 endif;
 if ($MARKDOWN):
 ?>
-		<script type="text/javascript" data-cfasync="false" src="js/showdown-1.8.6.js" integrity="sha512-IWAOP5QX4d1WA8ZSKXJtMWdAW8fOifwB0LyZFKaq2WcvsWF/Xmg8aQwxMOUpCjSaYY/V+NASlReVD6uCSDDvHg==" crossorigin="anonymous"></script>
-		<script type="text/javascript" data-cfasync="false" src="js/purify-1.0.5.js" integrity="sha512-y68WmhxZiNWBzbhCnMOhRIQDLQPN2zPTCbLHsjggRAjvLVzt4wihsvaMAdtz+VpoFP/SYXFJQUB6h6BH3gvDpA==" crossorigin="anonymous"></script>
-<?php
-endif;
-if ($QRCODE):
-?>
-		<script async type="text/javascript" data-cfasync="false" src="js/kjua-0.1.2.js" integrity="sha512-hmvfOhcr4J8bjQ2GuNVzfSbuulv72wgQCJpgnXc2+cCHKqvYo8pK2nc0Q4Esem2973zo1radyIMTEkt+xJlhBA==" crossorigin="anonymous"></script>
+		<script type="text/javascript" data-cfasync="false" src="js/showdown-1.8.6.js" integrity="sha512-YFg2sBCGT00I6X5KzgCLP4VqRlmPMRhkVvJS9oJKk5LxiUzzcjzV5m4fNf6mQMctLrhgS5LFKiFF3vzIuXbjAw==" crossorigin="anonymous"></script>
+		<script type="text/javascript" data-cfasync="false" src="js/purify-1.0.5.js" integrity="sha512-IpCJCwlqipmuhbr7fdEOTA4ENcBURsQSDAqXqbr/3dcA2swwJon7D6IStGUQntycGCNCdIM/FdPciBq0gUrLJA==" crossorigin="anonymous"></script>
 <?php
 endif;
 ?>
-		<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-2M6U9Blp1VbBq+FEvFaUCgCeiwPAePSi5Mba0BmOxbibFhB86N6gj/IY7ZzRZSC2/UQHFZwFGNGxUTsk8p7IZg==" crossorigin="anonymous"></script>
+		<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-QQHntL2l+OT3v1sze1FcuhjYpzvNVgo6IADzlUXeLjM6wBvHvz9WbEos1j4frW5O6ZzGI4GbRnFj1A6fYnmUKA==" crossorigin="anonymous"></script>
 		<!--[if lt IE 10]>
 		<style type="text/css">body {padding-left:60px;padding-right:60px;} #ienotice {display:block;} #oldienotice {display:block;}</style>
 		<![endif]-->
@@ -140,11 +139,7 @@ if ($DISCUSSION):
 ?> checked="checked"<?php
     endif;
 ?> />
-						<label for="opendiscussion" <?php
-    if (!$OPENDISCUSSION):
-?> style="color: #BBBBBB;"<?php
-    endif;
-?>><?php echo I18n::_('Open discussion'); ?></label>
+						<label for="opendiscussion"><?php echo I18n::_('Open discussion'); ?></label>
 					</div>
 <?php
 endif;

tst/ConfigurationTestGenerator.php

@@ -11,8 +11,8 @@
  */
 include 'Bootstrap.php';
 
-$vrd  = array('view', 'read', 'delete');
-$vcud = array('view', 'create', 'read', 'delete');
+$vd  = array('view', 'delete');
+$vcd = array('view', 'create', 'delete');
 
 new ConfigurationTestGenerator(array(
     'main/discussion' => array(
@@ -20,10 +20,10 @@ new ConfigurationTestGenerator(array(
             'setting' => true,
             'tests'   => array(
                 array(
-                    'conditions' => array('steps' => $vrd),
+                    'conditions' => array('steps' => $vd),
                     'type'       => 'RegExp',
                     'args'       => array(
-                        '#<div[^>]*id="opendisc"[^>]*>#',
+                        '#<div[^>]*id="opendiscussionoption"[^>]*>#',
                         '$content',
                         'outputs enabled discussion correctly',
                     ),
@@ -46,20 +46,20 @@ new ConfigurationTestGenerator(array(
                     ),
                 ),
             ),
-            'affects' => $vcud,
+            'affects' => $vcd,
         ), array(
             'setting' => false,
             'tests'   => array(
                 array(
                     'type' => 'NotRegExp',
                     'args' => array(
-                        '#<div[^>]*id="opendisc"[^>]*>#',
+                        '#<div[^>]*id="opendiscussionoption"[^>]*>#',
                         '$content',
                         'outputs disabled discussion correctly',
                     ),
                 ),
             ),
-            'affects' => $vrd,
+            'affects' => $vd,
         ),
     ),
     'main/opendiscussion' => array(
@@ -76,7 +76,7 @@ new ConfigurationTestGenerator(array(
                     ),
                 ),
             ),
-            'affects' => $vrd,
+            'affects' => $vd,
         ), array(
             'setting' => false,
             'tests'   => array(
@@ -90,7 +90,7 @@ new ConfigurationTestGenerator(array(
                     ),
                 ),
             ),
-            'affects' => $vrd,
+            'affects' => $vd,
         ),
     ),
     'main/burnafterreadingselected' => array(
@@ -135,7 +135,7 @@ new ConfigurationTestGenerator(array(
                     ),
                 ),
             ),
-            'affects' => $vrd,
+            'affects' => $vd,
         ), array(
             'setting' => false,
             'tests'   => array(
@@ -149,7 +149,7 @@ new ConfigurationTestGenerator(array(
                     ),
                 ),
             ),
-            'affects' => $vrd,
+            'affects' => $vd,
         ),
     ),
     'main/template' => array(
@@ -172,7 +172,7 @@ new ConfigurationTestGenerator(array(
                     ),
                 ),
             ),
-            'affects' => $vrd,
+            'affects' => $vd,
         ), array(
             'setting' => 'bootstrap',
             'tests'   => array(
@@ -192,7 +192,7 @@ new ConfigurationTestGenerator(array(
                     ),
                 ),
             ),
-            'affects' => $vrd,
+            'affects' => $vd,
         ),
     ),
     'main/sizelimit' => array(
@@ -507,6 +507,7 @@ EOT;
                 $code .= PHP_EOL . <<<'EOT'
         $this->_model->create(Helper::getPasteId(), Helper::getPaste());
         $_SERVER['QUERY_STRING'] = Helper::getPasteId();
+        $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
 EOT;
                 break;
             case 'Delete':
@@ -539,11 +540,10 @@ EOT;
             case 'Read':
                 $code .= <<<'EOT'
 
-        $this->assertContains(
-            htmlspecialchars(json_encode(Helper::getPaste()['data']), ENT_NOQUOTES),
-            $content,
-            'outputs data correctly'
-        );
+        $response = json_decode($content, true);
+        $this->assertEquals(0, $response['status'], 'outputs success status');
+        $this->assertEquals(Helper::getPasteId(), $response['id'], 'outputs id correctly');
+        $this->assertEquals(Helper::getPaste()['data'], $response['data'], 'outputs data correctly');
 EOT;
                 break;
             case 'Delete':

tst/ControllerTest.php

@@ -1,11 +1,11 @@
 <?php
 
+use PrivateBin\Controller;
 use PrivateBin\Data\Filesystem;
 use PrivateBin\Persistence\ServerSalt;
 use PrivateBin\Persistence\TrafficLimiter;
-use PrivateBin\PrivateBin;
 
-class PrivateBinTest extends PHPUnit_Framework_TestCase
+class ControllerTest extends PHPUnit_Framework_TestCase
 {
     protected $_model;
 
@@ -49,7 +49,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
     public function testView()
     {
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         $this->assertContains(
@@ -74,7 +74,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
         Helper::createIniFile(CONF, $options);
         $_COOKIE['lang'] = 'de';
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         $this->assertContains(
@@ -95,7 +95,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
         Helper::createIniFile(CONF, $options);
         $_COOKIE['lang'] = 'de';
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         $this->assertContains(
@@ -116,7 +116,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
         Helper::createIniFile(CONF, $options);
         $_COOKIE['lang'] = 'de';
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         $this->assertRegExp(
@@ -139,7 +139,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
         $_SERVER['REQUEST_METHOD']        = 'POST';
         $_SERVER['REMOTE_ADDR']           = '::1';
         ob_start();
-        new PrivateBin;
+        new Controller;
         ob_end_clean();
 
         $this->assertFileExists($file, 'htaccess recreated');
@@ -152,7 +152,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
     public function testConf()
     {
         file_put_contents(CONF, '');
-        new PrivateBin;
+        new Controller;
     }
 
     /**
@@ -168,7 +168,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
         $_SERVER['REQUEST_METHOD']        = 'POST';
         $_SERVER['REMOTE_ADDR']           = '::1';
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         $response = json_decode($content, true);
@@ -196,7 +196,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
         $_SERVER['REMOTE_ADDR']           = '::1';
         TrafficLimiter::canPass();
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         $response = json_decode($content, true);
@@ -224,7 +224,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
         $_SERVER['REQUEST_METHOD']        = 'POST';
         $_SERVER['REMOTE_ADDR']           = '::1';
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         $response = json_decode($content, true);
@@ -246,7 +246,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
         $_SERVER['REQUEST_METHOD']        = 'POST';
         $_SERVER['REMOTE_ADDR']           = '::1';
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         $response = json_decode($content, true);
@@ -274,7 +274,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
         $_SERVER['REQUEST_METHOD']        = 'POST';
         $_SERVER['REMOTE_ADDR']           = '::1';
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         $response = json_decode($content, true);
@@ -298,7 +298,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
         $_SERVER['REMOTE_ADDR']           = '::1';
         $time                             = time();
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         $response = json_decode($content, true);
@@ -329,7 +329,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
         $_SERVER['REMOTE_ADDR']           = '::1';
         $time                             = time();
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         $response = json_decode($content, true);
@@ -359,7 +359,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
         $_SERVER['REQUEST_METHOD']        = 'POST';
         $_SERVER['REMOTE_ADDR']           = '::1';
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         $response = json_decode($content, true);
@@ -387,7 +387,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
         $_SERVER['REQUEST_METHOD']        = 'POST';
         $_SERVER['REMOTE_ADDR']           = '::1';
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         $response = json_decode($content, true);
@@ -409,7 +409,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
         $_SERVER['REQUEST_METHOD']        = 'POST';
         $_SERVER['REMOTE_ADDR']           = '::1';
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         $response = json_decode($content, true);
@@ -432,7 +432,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
         $_SERVER['REMOTE_ADDR']           = '::1';
         $this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste does not exists before posting data');
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         $response = json_decode($content, true);
@@ -469,7 +469,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
         $_SERVER['REMOTE_ADDR']           = '::1';
         $this->assertFalse($this->_model->exists(Helper::getPasteId()), 'paste does not exists before posting data');
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         $response = json_decode($content, true);
@@ -487,11 +487,11 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
         $_SERVER['REQUEST_METHOD']        = 'POST';
         $_SERVER['REMOTE_ADDR']           = '::1';
         ob_start();
-        new PrivateBin;
+        new Controller;
         ob_end_clean();
         $this->_model->delete(Helper::getPasteId());
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         $response = json_decode($content, true);
@@ -513,7 +513,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
         $_SERVER['REQUEST_METHOD']        = 'POST';
         $_SERVER['REMOTE_ADDR']           = '::1';
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         $response = json_decode($content, true);
@@ -544,7 +544,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
         $_SERVER['REMOTE_ADDR']           = '::1';
         $this->_model->create(Helper::getPasteId(), Helper::getPaste());
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         $response = json_decode($content, true);
@@ -568,7 +568,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
         $_SERVER['REMOTE_ADDR']           = '::1';
         $this->_model->create(Helper::getPasteId(), Helper::getPaste());
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         $response = json_decode($content, true);
@@ -592,7 +592,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
         $_SERVER['REMOTE_ADDR']           = '::1';
         $this->_model->create(Helper::getPasteId(), Helper::getPaste());
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         $response = json_decode($content, true);
@@ -617,7 +617,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
         $paste                            = Helper::getPaste(array('opendiscussion' => false));
         $this->_model->create(Helper::getPasteId(), $paste);
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         $response = json_decode($content, true);
@@ -640,7 +640,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
         $_SERVER['REQUEST_METHOD']        = 'POST';
         $_SERVER['REMOTE_ADDR']           = '::1';
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         $response = json_decode($content, true);
@@ -666,7 +666,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
         $_SERVER['REQUEST_METHOD']        = 'POST';
         $_SERVER['REMOTE_ADDR']           = '::1';
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         $response = json_decode($content, true);
@@ -682,7 +682,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
         $_SERVER['QUERY_STRING']          = 'foo';
         $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         $response = json_decode($content, true);
@@ -698,7 +698,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
         $_SERVER['QUERY_STRING']          = Helper::getPasteId();
         $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         $response = json_decode($content, true);
@@ -716,7 +716,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
         $_SERVER['QUERY_STRING']          = Helper::getPasteId();
         $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         $response = json_decode($content, true);
@@ -734,7 +734,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
         $_SERVER['QUERY_STRING']          = Helper::getPasteId();
         $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         $response = json_decode($content, true);
@@ -762,7 +762,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
         $_SERVER['QUERY_STRING']          = Helper::getPasteId();
         $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         $response = json_decode($content, true);
@@ -792,7 +792,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
         $_SERVER['QUERY_STRING']          = Helper::getPasteId();
         $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         $response = json_decode($content, true);
@@ -818,7 +818,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
         $_GET['pasteid']     = Helper::getPasteId();
         $_GET['deletetoken'] = hash_hmac('sha256', Helper::getPasteId(), $paste->meta->salt);
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         $this->assertRegExp(
@@ -838,7 +838,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
         $_GET['pasteid']     = 'foo';
         $_GET['deletetoken'] = 'bar';
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         $this->assertRegExp(
@@ -857,7 +857,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
         $_GET['pasteid']     = Helper::getPasteId();
         $_GET['deletetoken'] = 'bar';
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         $this->assertRegExp(
@@ -876,7 +876,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
         $_GET['pasteid']     = Helper::getPasteId();
         $_GET['deletetoken'] = 'bar';
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         $this->assertRegExp(
@@ -900,7 +900,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
         $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
         $_SERVER['REQUEST_METHOD']        = 'POST';
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         $response = json_decode($content, true);
@@ -920,7 +920,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
         $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
         $_SERVER['REQUEST_METHOD']        = 'POST';
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         $response = json_decode($content, true);
@@ -940,7 +940,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
         $_GET['pasteid']     = Helper::getPasteId();
         $_GET['deletetoken'] = 'does not matter in this context, but has to be set';
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         $this->assertRegExp(
@@ -963,7 +963,7 @@ class PrivateBinTest extends PHPUnit_Framework_TestCase
         $_GET['pasteid']     = Helper::getPasteId();
         $_GET['deletetoken'] = hash_hmac('sha256', Helper::getPasteId(), ServerSalt::get());
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         $this->assertRegExp(

tst/ControllerWithDbTest.php

@@ -2,9 +2,9 @@
 
 use PrivateBin\Data\Database;
 
-require_once 'PrivateBinTest.php';
+require_once 'ControllerTest.php';
 
-class PrivateBinWithDbTest extends PrivateBinTest
+class ControllerWithDbTest extends ControllerTest
 {
     private $_options = array(
         'usr' => null,

tst/Data/DatabaseTest.php

@@ -1,7 +1,7 @@
 <?php
 
+use PrivateBin\Controller;
 use PrivateBin\Data\Database;
-use PrivateBin\PrivateBin;
 
 class DatabaseTest extends PHPUnit_Framework_TestCase
 {
@@ -318,7 +318,7 @@ class DatabaseTest extends PHPUnit_Framework_TestCase
         $statement->execute(array('VERSION'));
         $result = $statement->fetch(PDO::FETCH_ASSOC);
         $statement->closeCursor();
-        $this->assertEquals(PrivateBin::VERSION, $result['value']);
+        $this->assertEquals(Controller::VERSION, $result['value']);
         Helper::rmDir($this->_path);
     }
 }

tst/JsonApiTest.php

@@ -1,8 +1,8 @@
 <?php
 
+use PrivateBin\Controller;
 use PrivateBin\Data\Filesystem;
 use PrivateBin\Persistence\ServerSalt;
-use PrivateBin\PrivateBin;
 use PrivateBin\Request;
 
 class JsonApiTest extends PHPUnit_Framework_TestCase
@@ -53,7 +53,7 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
         $_SERVER['REQUEST_METHOD']        = 'POST';
         $_SERVER['REMOTE_ADDR']           = '::1';
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         $response = json_decode($content, true);
@@ -86,7 +86,7 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
         $_SERVER['REQUEST_METHOD']        = 'PUT';
         $_SERVER['REMOTE_ADDR']           = '::1';
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         unlink($file);
@@ -120,7 +120,7 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
         $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
         $_SERVER['REQUEST_METHOD']        = 'DELETE';
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         unlink($file);
@@ -144,7 +144,7 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
         $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
         $_SERVER['REQUEST_METHOD']        = 'POST';
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         $response = json_decode($content, true);
@@ -166,7 +166,7 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
         $_SERVER['QUERY_STRING']          = Helper::getPasteId();
         $_SERVER['HTTP_X_REQUESTED_WITH'] = 'JSONHttpRequest';
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         $response = json_decode($content, true);
@@ -192,7 +192,7 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
         $this->_model->create(Helper::getPasteId(), $paste);
         $_GET['jsonld'] = 'paste';
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         $this->assertEquals(str_replace(
@@ -211,7 +211,7 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
         $this->_model->create(Helper::getPasteId(), $paste);
         $_GET['jsonld'] = 'comment';
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         $this->assertEquals(str_replace(
@@ -230,7 +230,7 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
         $this->_model->create(Helper::getPasteId(), $paste);
         $_GET['jsonld'] = 'pastemeta';
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         $this->assertEquals(str_replace(
@@ -249,7 +249,7 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
         $this->_model->create(Helper::getPasteId(), $paste);
         $_GET['jsonld'] = 'commentmeta';
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         $this->assertEquals(str_replace(
@@ -268,7 +268,7 @@ class JsonApiTest extends PHPUnit_Framework_TestCase
         $this->_model->create(Helper::getPasteId(), $paste);
         $_GET['jsonld'] = CONF;
         ob_start();
-        new PrivateBin;
+        new Controller;
         $content = ob_get_contents();
         ob_end_clean();
         $this->assertEquals('{}', $content, 'does not output nasty data');

tst/Persistence/PurgeLimiterTest.php

@@ -25,10 +25,10 @@ class PurgeLimiterTest extends PHPUnit_Framework_TestCase
     public function testLimit()
     {
         // initialize it
+        PurgeLimiter::setLimit(1);
         PurgeLimiter::canPurge();
 
         // try setting it
-        PurgeLimiter::setLimit(1);
         $this->assertEquals(false, PurgeLimiter::canPurge());
         sleep(2);
         $this->assertEquals(true, PurgeLimiter::canPurge());

vendor/autoload.php

@@ -2,6 +2,6 @@
 
 // autoload.php @generated by Composer
 
-require_once __DIR__ . '/composer' . '/autoload_real.php';
+require_once __DIR__ . '/composer/autoload_real.php';
 
 return ComposerAutoloaderInitDontChange::getLoader();

vendor/composer/ClassLoader.php

@@ -53,8 +53,9 @@ class ClassLoader
 
     private $useIncludePath = false;
     private $classMap = array();
-
     private $classMapAuthoritative = false;
+    private $missingClasses = array();
+    private $apcuPrefix;
 
     public function getPrefixes()
     {
@@ -271,6 +272,26 @@ class ClassLoader
         return $this->classMapAuthoritative;
     }
 
+    /**
+     * APCu prefix to use to cache found/not-found classes, if the extension is enabled.
+     *
+     * @param string|null $apcuPrefix
+     */
+    public function setApcuPrefix($apcuPrefix)
+    {
+        $this->apcuPrefix = function_exists('apcu_fetch') && ini_get('apc.enabled') ? $apcuPrefix : null;
+    }
+
+    /**
+     * The APCu prefix in use, or null if APCu caching is not enabled.
+     *
+     * @return string|null
+     */
+    public function getApcuPrefix()
+    {
+        return $this->apcuPrefix;
+    }
+
     /**
      * Registers this instance as an autoloader.
      *
@@ -313,29 +334,34 @@ class ClassLoader
      */
     public function findFile($class)
     {
-        // work around for PHP 5.3.0 - 5.3.2 https://bugs.php.net/50731
-        if ('\\' == $class[0]) {
-            $class = substr($class, 1);
-        }
-
         // class map lookup
         if (isset($this->classMap[$class])) {
             return $this->classMap[$class];
         }
-        if ($this->classMapAuthoritative) {
+        if ($this->classMapAuthoritative || isset($this->missingClasses[$class])) {
             return false;
         }
+        if (null !== $this->apcuPrefix) {
+            $file = apcu_fetch($this->apcuPrefix.$class, $hit);
+            if ($hit) {
+                return $file;
+            }
+        }
 
         $file = $this->findFileWithExtension($class, '.php');
 
         // Search for Hack files if we are running on HHVM
-        if ($file === null && defined('HHVM_VERSION')) {
+        if (false === $file && defined('HHVM_VERSION')) {
             $file = $this->findFileWithExtension($class, '.hh');
         }
 
-        if ($file === null) {
+        if (null !== $this->apcuPrefix) {
+            apcu_add($this->apcuPrefix.$class, $file);
+        }
+
+        if (false === $file) {
             // Remember that this class does not exist.
-            return $this->classMap[$class] = false;
+            $this->missingClasses[$class] = true;
         }
 
         return $file;
@@ -348,10 +374,14 @@ class ClassLoader
 
         $first = $class[0];
         if (isset($this->prefixLengthsPsr4[$first])) {
-            foreach ($this->prefixLengthsPsr4[$first] as $prefix => $length) {
-                if (0 === strpos($class, $prefix)) {
-                    foreach ($this->prefixDirsPsr4[$prefix] as $dir) {
-                        if (file_exists($file = $dir . DIRECTORY_SEPARATOR . substr($logicalPathPsr4, $length))) {
+            $subPath = $class;
+            while (false !== $lastPos = strrpos($subPath, '\\')) {
+                $subPath = substr($subPath, 0, $lastPos);
+                $search = $subPath.'\\';
+                if (isset($this->prefixDirsPsr4[$search])) {
+                    $pathEnd = DIRECTORY_SEPARATOR . substr($logicalPathPsr4, $lastPos + 1);
+                    foreach ($this->prefixDirsPsr4[$search] as $dir) {
+                        if (file_exists($file = $dir . $pathEnd)) {
                             return $file;
                         }
                     }
@@ -399,6 +429,8 @@ class ClassLoader
         if ($this->useIncludePath && $file = stream_resolve_include_path($logicalPathPsr0)) {
             return $file;
         }
+
+        return false;
     }
 }
 

vendor/composer/autoload_classmap.php

@@ -12,6 +12,7 @@ return array(
     'Identicon\\Generator\\ImageMagickGenerator' => $vendorDir . '/yzalis/identicon/src/Identicon/Generator/ImageMagickGenerator.php',
     'Identicon\\Identicon' => $vendorDir . '/yzalis/identicon/src/Identicon/Identicon.php',
     'PrivateBin\\Configuration' => $baseDir . '/lib/Configuration.php',
+    'PrivateBin\\Controller' => $baseDir . '/lib/Controller.php',
     'PrivateBin\\Data\\AbstractData' => $baseDir . '/lib/Data/AbstractData.php',
     'PrivateBin\\Data\\Database' => $baseDir . '/lib/Data/Database.php',
     'PrivateBin\\Data\\Filesystem' => $baseDir . '/lib/Data/Filesystem.php',
@@ -27,7 +28,6 @@ return array(
     'PrivateBin\\Persistence\\PurgeLimiter' => $baseDir . '/lib/Persistence/PurgeLimiter.php',
     'PrivateBin\\Persistence\\ServerSalt' => $baseDir . '/lib/Persistence/ServerSalt.php',
     'PrivateBin\\Persistence\\TrafficLimiter' => $baseDir . '/lib/Persistence/TrafficLimiter.php',
-    'PrivateBin\\PrivateBin' => $baseDir . '/lib/PrivateBin.php',
     'PrivateBin\\Request' => $baseDir . '/lib/Request.php',
     'PrivateBin\\Sjcl' => $baseDir . '/lib/Sjcl.php',
     'PrivateBin\\View' => $baseDir . '/lib/View.php',

vendor/composer/autoload_real.php

@@ -23,7 +23,7 @@ class ComposerAutoloaderInitDontChange
         self::$loader = $loader = new \Composer\Autoload\ClassLoader();
         spl_autoload_unregister(array('ComposerAutoloaderInitDontChange', 'loadClassLoader'));
 
-        $useStaticLoader = PHP_VERSION_ID >= 50600 && !defined('HHVM_VERSION');
+        $useStaticLoader = PHP_VERSION_ID >= 50600 && !defined('HHVM_VERSION') && (!function_exists('zend_loader_file_encoded') || !zend_loader_file_encoded());
         if ($useStaticLoader) {
             require_once __DIR__ . '/autoload_static.php';
 

vendor/composer/autoload_static.php

@@ -41,6 +41,7 @@ class ComposerStaticInitDontChange
         'Identicon\\Generator\\ImageMagickGenerator' => __DIR__ . '/..' . '/yzalis/identicon/src/Identicon/Generator/ImageMagickGenerator.php',
         'Identicon\\Identicon' => __DIR__ . '/..' . '/yzalis/identicon/src/Identicon/Identicon.php',
         'PrivateBin\\Configuration' => __DIR__ . '/../..' . '/lib/Configuration.php',
+        'PrivateBin\\Controller' => __DIR__ . '/../..' . '/lib/Controller.php',
         'PrivateBin\\Data\\AbstractData' => __DIR__ . '/../..' . '/lib/Data/AbstractData.php',
         'PrivateBin\\Data\\Database' => __DIR__ . '/../..' . '/lib/Data/Database.php',
         'PrivateBin\\Data\\Filesystem' => __DIR__ . '/../..' . '/lib/Data/Filesystem.php',
@@ -56,7 +57,6 @@ class ComposerStaticInitDontChange
         'PrivateBin\\Persistence\\PurgeLimiter' => __DIR__ . '/../..' . '/lib/Persistence/PurgeLimiter.php',
         'PrivateBin\\Persistence\\ServerSalt' => __DIR__ . '/../..' . '/lib/Persistence/ServerSalt.php',
         'PrivateBin\\Persistence\\TrafficLimiter' => __DIR__ . '/../..' . '/lib/Persistence/TrafficLimiter.php',
-        'PrivateBin\\PrivateBin' => __DIR__ . '/../..' . '/lib/PrivateBin.php',
         'PrivateBin\\Request' => __DIR__ . '/../..' . '/lib/Request.php',
         'PrivateBin\\Sjcl' => __DIR__ . '/../..' . '/lib/Sjcl.php',
         'PrivateBin\\View' => __DIR__ . '/../..' . '/lib/View.php',

vendor/paragonie/random_compat/lib/byte_safe_strings.php

@@ -5,7 +5,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015 - 2016 Paragon Initiative Enterprises
+ * Copyright (c) 2015 - 2018 Paragon Initiative Enterprises
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -51,7 +51,7 @@ if (!is_callable('RandomCompat_strlen')) {
                 );
             }
 
-            return mb_strlen($binary_string, '8bit');
+            return (int) mb_strlen($binary_string, '8bit');
         }
 
     } else {
@@ -73,7 +73,7 @@ if (!is_callable('RandomCompat_strlen')) {
                     'RandomCompat_strlen() expects a string'
                 );
             }
-            return strlen($binary_string);
+            return (int) strlen($binary_string);
         }
     }
 }
@@ -118,7 +118,7 @@ if (!is_callable('RandomCompat_substr')) {
                  * mb_substr($str, 0, NULL, '8bit') returns an empty string on
                  * PHP 5.3, so we have to find the length ourselves.
                  */
-                $length = RandomCompat_strlen($length) - $start;
+                $length = RandomCompat_strlen($binary_string) - $start;
             } elseif (!is_int($length)) {
                 throw new TypeError(
                     'RandomCompat_substr(): Third argument should be an integer, or omitted'
@@ -130,10 +130,10 @@ if (!is_callable('RandomCompat_substr')) {
                 return '';
             }
             if ($start > RandomCompat_strlen($binary_string)) {
-                return false;
+                return '';
             }
 
-            return mb_substr($binary_string, $start, $length, '8bit');
+            return (string) mb_substr($binary_string, $start, $length, '8bit');
         }
 
     } else {
@@ -172,10 +172,10 @@ if (!is_callable('RandomCompat_substr')) {
                     );
                 }
 
-                return substr($binary_string, $start, $length);
+                return (string) substr($binary_string, $start, $length);
             }
 
-            return substr($binary_string, $start);
+            return (string) substr($binary_string, $start);
         }
     }
 }

vendor/paragonie/random_compat/lib/cast_to_int.php

@@ -5,7 +5,7 @@
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015 - 2016 Paragon Initiative Enterprises
+ * Copyright (c) 2015 - 2018 Paragon Initiative Enterprises
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -38,15 +38,18 @@ if (!is_callable('RandomCompat_intval')) {
      * through.
      * 
      * @param int|float $number    The number we want to convert to an int
-     * @param boolean   $fail_open Set to true to not throw an exception
+     * @param bool      $fail_open Set to true to not throw an exception
      * 
-     * @return int (or float if $fail_open)
+     * @return float|int
+     * @psalm-suppress InvalidReturnType
      *
      * @throws TypeError
      */
     function RandomCompat_intval($number, $fail_open = false)
     {
-        if (is_numeric($number)) {
+        if (is_int($number) || is_float($number)) {
+            $number += 0;
+        } elseif (is_numeric($number)) {
             $number += 0;
         }
 
@@ -60,12 +63,13 @@ if (!is_callable('RandomCompat_intval')) {
             $number = (int) $number;
         }
 
-        if (is_int($number) || $fail_open) {
-            return $number;
+        if (is_int($number)) {
+            return (int) $number;
+        } elseif (!$fail_open) {
+            throw new TypeError(
+                'Expected an integer.'
+            );
         }
-
-        throw new TypeError(
-            'Expected an integer.'
-        );
+        return $number;
     }
 }

vendor/paragonie/random_compat/lib/error_polyfill.php

@@ -5,7 +5,7 @@
  * 
  * The MIT License (MIT)
  *
- * Copyright (c) 2015 - 2016 Paragon Initiative Enterprises
+ * Copyright (c) 2015 - 2018 Paragon Initiative Enterprises
  * 
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal

vendor/paragonie/random_compat/lib/random.php

@@ -3,12 +3,12 @@
  * Random_* Compatibility Library
  * for using the new PHP 7 random_* API in PHP 5 projects
  *
- * @version 2.0.4
- * @released 2016-11-07
+ * @version 2.0.15
+ * @released 2018-06-08
  *
  * The MIT License (MIT)
  *
- * Copyright (c) 2015 - 2016 Paragon Initiative Enterprises
+ * Copyright (c) 2015 - 2018 Paragon Initiative Enterprises
  *
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -44,172 +44,183 @@ if (!defined('PHP_VERSION_ID')) {
 /**
  * PHP 7.0.0 and newer have these functions natively.
  */
-if (PHP_VERSION_ID < 70000) {
-    if (!defined('RANDOM_COMPAT_READ_BUFFER')) {
-        define('RANDOM_COMPAT_READ_BUFFER', 8);
+if (PHP_VERSION_ID >= 70000) {
+    return;
+}
+
+if (!defined('RANDOM_COMPAT_READ_BUFFER')) {
+    define('RANDOM_COMPAT_READ_BUFFER', 8);
+}
+
+$RandomCompatDIR = dirname(__FILE__);
+
+require_once $RandomCompatDIR . DIRECTORY_SEPARATOR . 'byte_safe_strings.php';
+require_once $RandomCompatDIR . DIRECTORY_SEPARATOR . 'cast_to_int.php';
+require_once $RandomCompatDIR . DIRECTORY_SEPARATOR . 'error_polyfill.php';
+
+if (!is_callable('random_bytes')) {
+    /**
+     * PHP 5.2.0 - 5.6.x way to implement random_bytes()
+     *
+     * We use conditional statements here to define the function in accordance
+     * to the operating environment. It's a micro-optimization.
+     *
+     * In order of preference:
+     *   1. Use libsodium if available.
+     *   2. fread() /dev/urandom if available (never on Windows)
+     *   3. mcrypt_create_iv($bytes, MCRYPT_DEV_URANDOM)
+     *   4. COM('CAPICOM.Utilities.1')->GetRandom()
+     *
+     * See RATIONALE.md for our reasoning behind this particular order
+     */
+    if (extension_loaded('libsodium')) {
+        // See random_bytes_libsodium.php
+        if (PHP_VERSION_ID >= 50300 && is_callable('\\Sodium\\randombytes_buf')) {
+            require_once $RandomCompatDIR . DIRECTORY_SEPARATOR . 'random_bytes_libsodium.php';
+        } elseif (method_exists('Sodium', 'randombytes_buf')) {
+            require_once $RandomCompatDIR . DIRECTORY_SEPARATOR . 'random_bytes_libsodium_legacy.php';
+        }
     }
 
-    $RandomCompatDIR = dirname(__FILE__);
+    /**
+     * Reading directly from /dev/urandom:
+     */
+    if (DIRECTORY_SEPARATOR === '/') {
+        // DIRECTORY_SEPARATOR === '/' on Unix-like OSes -- this is a fast
+        // way to exclude Windows.
+        $RandomCompatUrandom = true;
+        $RandomCompat_basedir = ini_get('open_basedir');
 
-    require_once $RandomCompatDIR.'/byte_safe_strings.php';
-    require_once $RandomCompatDIR.'/cast_to_int.php';
-    require_once $RandomCompatDIR.'/error_polyfill.php';
+        if (!empty($RandomCompat_basedir)) {
+            $RandomCompat_open_basedir = explode(
+                PATH_SEPARATOR,
+                strtolower($RandomCompat_basedir)
+            );
+            $RandomCompatUrandom = (array() !== array_intersect(
+                array('/dev', '/dev/', '/dev/urandom'),
+                $RandomCompat_open_basedir
+            ));
+            $RandomCompat_open_basedir = null;
+        }
 
+        if (
+            !is_callable('random_bytes')
+            &&
+            $RandomCompatUrandom
+            &&
+            @is_readable('/dev/urandom')
+        ) {
+            // Error suppression on is_readable() in case of an open_basedir
+            // or safe_mode failure. All we care about is whether or not we
+            // can read it at this point. If the PHP environment is going to
+            // panic over trying to see if the file can be read in the first
+            // place, that is not helpful to us here.
+
+            // See random_bytes_dev_urandom.php
+            require_once $RandomCompatDIR . DIRECTORY_SEPARATOR . 'random_bytes_dev_urandom.php';
+        }
+        // Unset variables after use
+        $RandomCompat_basedir = null;
+    } else {
+        $RandomCompatUrandom = false;
+    }
+
+    /**
+     * mcrypt_create_iv()
+     *
+     * We only want to use mcypt_create_iv() if:
+     *
+     * - random_bytes() hasn't already been defined
+     * - the mcrypt extensions is loaded
+     * - One of these two conditions is true:
+     *   - We're on Windows (DIRECTORY_SEPARATOR !== '/')
+     *   - We're not on Windows and /dev/urandom is readabale
+     *     (i.e. we're not in a chroot jail)
+     * - Special case:
+     *   - If we're not on Windows, but the PHP version is between
+     *     5.6.10 and 5.6.12, we don't want to use mcrypt. It will
+     *     hang indefinitely. This is bad.
+     *   - If we're on Windows, we want to use PHP >= 5.3.7 or else
+     *     we get insufficient entropy errors.
+     */
+    if (
+        !is_callable('random_bytes')
+        &&
+        // Windows on PHP < 5.3.7 is broken, but non-Windows is not known to be.
+        (DIRECTORY_SEPARATOR === '/' || PHP_VERSION_ID >= 50307)
+        &&
+        // Prevent this code from hanging indefinitely on non-Windows;
+        // see https://bugs.php.net/bug.php?id=69833
+        (
+            DIRECTORY_SEPARATOR !== '/' ||
+            (PHP_VERSION_ID <= 50609 || PHP_VERSION_ID >= 50613)
+        )
+        &&
+        extension_loaded('mcrypt')
+    ) {
+        // See random_bytes_mcrypt.php
+        require_once $RandomCompatDIR . DIRECTORY_SEPARATOR . 'random_bytes_mcrypt.php';
+    }
+    $RandomCompatUrandom = null;
+
+    /**
+     * This is a Windows-specific fallback, for when the mcrypt extension
+     * isn't loaded.
+     */
+    if (
+        !is_callable('random_bytes')
+        &&
+        extension_loaded('com_dotnet')
+        &&
+        class_exists('COM')
+    ) {
+        $RandomCompat_disabled_classes = preg_split(
+            '#\s*,\s*#',
+            strtolower(ini_get('disable_classes'))
+        );
+
+        if (!in_array('com', $RandomCompat_disabled_classes)) {
+            try {
+                $RandomCompatCOMtest = new COM('CAPICOM.Utilities.1');
+                if (method_exists($RandomCompatCOMtest, 'GetRandom')) {
+                    // See random_bytes_com_dotnet.php
+                    require_once $RandomCompatDIR . DIRECTORY_SEPARATOR . 'random_bytes_com_dotnet.php';
+                }
+            } catch (com_exception $e) {
+                // Don't try to use it.
+            }
+        }
+        $RandomCompat_disabled_classes = null;
+        $RandomCompatCOMtest = null;
+    }
+
+    /**
+     * throw new Exception
+     */
     if (!is_callable('random_bytes')) {
         /**
-         * PHP 5.2.0 - 5.6.x way to implement random_bytes()
+         * We don't have any more options, so let's throw an exception right now
+         * and hope the developer won't let it fail silently.
          *
-         * We use conditional statements here to define the function in accordance
-         * to the operating environment. It's a micro-optimization.
-         *
-         * In order of preference:
-         *   1. Use libsodium if available.
-         *   2. fread() /dev/urandom if available (never on Windows)
-         *   3. mcrypt_create_iv($bytes, MCRYPT_DEV_URANDOM)
-         *   4. COM('CAPICOM.Utilities.1')->GetRandom()
-         *   5. openssl_random_pseudo_bytes() (absolute last resort)
-         *
-         * See RATIONALE.md for our reasoning behind this particular order
+         * @param mixed $length
+         * @psalm-suppress MissingReturnType
+         * @psalm-suppress InvalidReturnType
+         * @throws Exception
+         * @return string
          */
-        if (extension_loaded('libsodium')) {
-            // See random_bytes_libsodium.php
-            if (PHP_VERSION_ID >= 50300 && is_callable('\\Sodium\\randombytes_buf')) {
-                require_once $RandomCompatDIR.'/random_bytes_libsodium.php';
-            } elseif (method_exists('Sodium', 'randombytes_buf')) {
-                require_once $RandomCompatDIR.'/random_bytes_libsodium_legacy.php';
-            }
-        }
-
-        /**
-         * Reading directly from /dev/urandom:
-         */
-        if (DIRECTORY_SEPARATOR === '/') {
-            // DIRECTORY_SEPARATOR === '/' on Unix-like OSes -- this is a fast
-            // way to exclude Windows.
-            $RandomCompatUrandom = true;
-            $RandomCompat_basedir = ini_get('open_basedir');
-
-            if (!empty($RandomCompat_basedir)) {
-                $RandomCompat_open_basedir = explode(
-                    PATH_SEPARATOR,
-                    strtolower($RandomCompat_basedir)
-                );
-                $RandomCompatUrandom = (array() !== array_intersect(
-                    array('/dev', '/dev/', '/dev/urandom'),
-                    $RandomCompat_open_basedir
-                ));
-                $RandomCompat_open_basedir = null;
-            }
-
-            if (
-                !is_callable('random_bytes')
-                &&
-                $RandomCompatUrandom
-                &&
-                @is_readable('/dev/urandom')
-            ) {
-                // Error suppression on is_readable() in case of an open_basedir
-                // or safe_mode failure. All we care about is whether or not we
-                // can read it at this point. If the PHP environment is going to
-                // panic over trying to see if the file can be read in the first
-                // place, that is not helpful to us here.
-
-                // See random_bytes_dev_urandom.php
-                require_once $RandomCompatDIR.'/random_bytes_dev_urandom.php';
-            }
-            // Unset variables after use
-            $RandomCompat_basedir = null;
-        } else {
-            $RandomCompatUrandom = false;
-        }
-
-        /**
-         * mcrypt_create_iv()
-         *
-         * We only want to use mcypt_create_iv() if:
-         *
-         * - random_bytes() hasn't already been defined
-         * - PHP >= 5.3.7
-         * - the mcrypt extensions is loaded
-         * - One of these two conditions is true:
-         *   - We're on Windows (DIRECTORY_SEPARATOR !== '/')
-         *   - We're not on Windows and /dev/urandom is readabale
-         *     (i.e. we're not in a chroot jail)
-         * - Special case:
-         *   - If we're not on Windows, but the PHP version is between
-         *     5.6.10 and 5.6.12, we don't want to use mcrypt. It will
-         *     hang indefinitely. This is bad.
-         */
-        if (
-            !is_callable('random_bytes')
-            &&
-            PHP_VERSION_ID >= 50307
-            &&
-            extension_loaded('mcrypt')
-        ) {
-            // Prevent this code from hanging indefinitely on non-Windows;
-            // see https://bugs.php.net/bug.php?id=69833
-            if (
-                DIRECTORY_SEPARATOR !== '/' || 
-                (PHP_VERSION_ID <= 50609 || PHP_VERSION_ID >= 50613)
-            ) {
-                // See random_bytes_mcrypt.php
-                require_once $RandomCompatDIR.'/random_bytes_mcrypt.php';
-            }
-        }
-        $RandomCompatUrandom = null;
-
-        /**
-         * This is a Windows-specific fallback, for when the mcrypt extension
-         * isn't loaded.
-         */
-        if (
-            !is_callable('random_bytes')
-            &&
-            extension_loaded('com_dotnet')
-            &&
-            class_exists('COM')
-        ) {
-            $RandomCompat_disabled_classes = preg_split(
-                '#\s*,\s*#',
-                strtolower(ini_get('disable_classes'))
+        function random_bytes($length)
+        {
+            unset($length); // Suppress "variable not used" warnings.
+            throw new Exception(
+                'There is no suitable CSPRNG installed on your system'
             );
-
-            if (!in_array('com', $RandomCompat_disabled_classes)) {
-                try {
-                    $RandomCompatCOMtest = new COM('CAPICOM.Utilities.1');
-                    if (method_exists($RandomCompatCOMtest, 'GetRandom')) {
-                        // See random_bytes_com_dotnet.php
-                        require_once $RandomCompatDIR.'/random_bytes_com_dotnet.php';
-                    }
-                } catch (com_exception $e) {
-                    // Don't try to use it.
-                }
-            }
-            $RandomCompat_disabled_classes = null;
-            $RandomCompatCOMtest = null;
-        }
-
-        /**
-         * throw new Exception
-         */
-        if (!is_callable('random_bytes')) {
-            /**
-             * We don't have any more options, so let's throw an exception right now
-             * and hope the developer won't let it fail silently.
-             */
-            function random_bytes($length)
-            {
-                throw new Exception(
-                    'There is no suitable CSPRNG installed on your system'
-                );
-            }
+            return '';
         }
     }
-
-    if (!is_callable('random_int')) {
-        require_once $RandomCompatDIR.'/random_int.php';
-    }
-
-    $RandomCompatDIR = null;
 }
+
+if (!is_callable('random_int')) {
+    require_once $RandomCompatDIR . DIRECTORY_SEPARATOR . 'random_int.php';
+}
+
+$RandomCompatDIR = null;

vendor/paragonie/random_compat/lib/random_bytes_com_dotnet.php

@@ -5,7 +5,7 @@
  * 
  * The MIT License (MIT)
  * 
- * Copyright (c) 2015 - 2016 Paragon Initiative Enterprises
+ * Copyright (c) 2015 - 2018 Paragon Initiative Enterprises
  * 
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -55,6 +55,11 @@ if (!is_callable('random_bytes')) {
         }
 
         $buf = '';
+        if (!class_exists('COM')) {
+            throw new Error(
+                'COM does not exist'
+            );
+        }
         $util = new COM('CAPICOM.Utilities.1');
         $execCount = 0;
 

vendor/paragonie/random_compat/lib/random_bytes_dev_urandom.php

@@ -5,7 +5,7 @@
  * 
  * The MIT License (MIT)
  *
- * Copyright (c) 2015 - 2016 Paragon Initiative Enterprises
+ * Copyright (c) 2015 - 2018 Paragon Initiative Enterprises
  * 
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -104,33 +104,50 @@ if (!is_callable('random_bytes')) {
          * page load.
          */
         if (!empty($fp)) {
+            /**
+             * @var int
+             */
             $remaining = $bytes;
+
+            /**
+             * @var string|bool
+             */
             $buf = '';
 
             /**
              * We use fread() in a loop to protect against partial reads
              */
             do {
+                /**
+                 * @var string|bool
+                 */
                 $read = fread($fp, $remaining);
-                if ($read === false) {
-                    /**
-                     * We cannot safely read from the file. Exit the
-                     * do-while loop and trigger the exception condition
-                     */
-                    $buf = false;
-                    break;
+                if (!is_string($read)) {
+                    if ($read === false) {
+                        /**
+                         * We cannot safely read from the file. Exit the
+                         * do-while loop and trigger the exception condition
+                         *
+                         * @var string|bool
+                         */
+                        $buf = false;
+                        break;
+                    }
                 }
                 /**
                  * Decrease the number of bytes returned from remaining
                  */
                 $remaining -= RandomCompat_strlen($read);
-                $buf .= $read;
+                /**
+                 * @var string|bool
+                 */
+                $buf = $buf . $read;
             } while ($remaining > 0);
 
             /**
              * Is our result valid?
              */
-            if ($buf !== false) {
+            if (is_string($buf)) {
                 if (RandomCompat_strlen($buf) === $bytes) {
                     /**
                      * Return our random entropy buffer here:

vendor/paragonie/random_compat/lib/random_bytes_libsodium.php

@@ -5,7 +5,7 @@
  * 
  * The MIT License (MIT)
  *
- * Copyright (c) 2015 - 2016 Paragon Initiative Enterprises
+ * Copyright (c) 2015 - 2018 Paragon Initiative Enterprises
  * 
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal

vendor/paragonie/random_compat/lib/random_bytes_libsodium_legacy.php

@@ -5,7 +5,7 @@
  * 
  * The MIT License (MIT)
  *
- * Copyright (c) 2015 - 2016 Paragon Initiative Enterprises
+ * Copyright (c) 2015 - 2018 Paragon Initiative Enterprises
  * 
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal
@@ -56,23 +56,27 @@ if (!is_callable('random_bytes')) {
             );
         }
 
+        /**
+         * @var string
+         */
+        $buf = '';
+
         /**
          * \Sodium\randombytes_buf() doesn't allow more than 2147483647 bytes to be
          * generated in one invocation.
          */
         if ($bytes > 2147483647) {
-            $buf = '';
             for ($i = 0; $i < $bytes; $i += 1073741824) {
                 $n = ($bytes - $i) > 1073741824
                     ? 1073741824
                     : $bytes - $i;
-                $buf .= Sodium::randombytes_buf($n);
+                $buf .= Sodium::randombytes_buf((int) $n);
             }
         } else {
-            $buf = Sodium::randombytes_buf($bytes);
+            $buf .= Sodium::randombytes_buf((int) $bytes);
         }
 
-        if ($buf !== false) {
+        if (is_string($buf)) {
             if (RandomCompat_strlen($buf) === $bytes) {
                 return $buf;
             }

vendor/paragonie/random_compat/lib/random_bytes_mcrypt.php

@@ -5,7 +5,7 @@
  * 
  * The MIT License (MIT)
  *
- * Copyright (c) 2015 - 2016 Paragon Initiative Enterprises
+ * Copyright (c) 2015 - 2018 Paragon Initiative Enterprises
  * 
  * Permission is hereby granted, free of charge, to any person obtaining a copy
  * of this software and associated documentation files (the "Software"), to deal

vendor/paragonie/random_compat/lib/random_int.php

@@ -1,191 +1,190 @@
 <?php
-/**
- * Random_* Compatibility Library 
- * for using the new PHP 7 random_* API in PHP 5 projects
- * 
- * The MIT License (MIT)
- *
- * Copyright (c) 2015 - 2016 Paragon Initiative Enterprises
- * 
- * Permission is hereby granted, free of charge, to any person obtaining a copy
- * of this software and associated documentation files (the "Software"), to deal
- * in the Software without restriction, including without limitation the rights
- * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
- * copies of the Software, and to permit persons to whom the Software is
- * furnished to do so, subject to the following conditions:
- * 
- * The above copyright notice and this permission notice shall be included in
- * all copies or substantial portions of the Software.
- * 
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
- * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
- * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
- * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
- * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
- * SOFTWARE.
- */
 
-/**
- * Fetch a random integer between $min and $max inclusive
- * 
- * @param int $min
- * @param int $max
- * 
- * @throws Exception
- * 
- * @return int
- */
-function random_int($min, $max)
-{
+if (!is_callable('random_int')) {
     /**
-     * Type and input logic checks
-     * 
-     * If you pass it a float in the range (~PHP_INT_MAX, PHP_INT_MAX)
-     * (non-inclusive), it will sanely cast it to an int. If you it's equal to
-     * ~PHP_INT_MAX or PHP_INT_MAX, we let it fail as not an integer. Floats 
-     * lose precision, so the <= and => operators might accidentally let a float
-     * through.
+     * Random_* Compatibility Library
+     * for using the new PHP 7 random_* API in PHP 5 projects
+     *
+     * The MIT License (MIT)
+     *
+     * Copyright (c) 2015 - 2018 Paragon Initiative Enterprises
+     *
+     * Permission is hereby granted, free of charge, to any person obtaining a copy
+     * of this software and associated documentation files (the "Software"), to deal
+     * in the Software without restriction, including without limitation the rights
+     * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+     * copies of the Software, and to permit persons to whom the Software is
+     * furnished to do so, subject to the following conditions:
+     *
+     * The above copyright notice and this permission notice shall be included in
+     * all copies or substantial portions of the Software.
+     *
+     * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+     * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+     * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+     * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+     * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+     * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+     * SOFTWARE.
      */
-    
-    try {
-        $min = RandomCompat_intval($min);
-    } catch (TypeError $ex) {
-        throw new TypeError(
-            'random_int(): $min must be an integer'
-        );
-    }
-
-    try {
-        $max = RandomCompat_intval($max);
-    } catch (TypeError $ex) {
-        throw new TypeError(
-            'random_int(): $max must be an integer'
-        );
-    }
-    
-    /**
-     * Now that we've verified our weak typing system has given us an integer,
-     * let's validate the logic then we can move forward with generating random
-     * integers along a given range.
-     */
-    if ($min > $max) {
-        throw new Error(
-            'Minimum value must be less than or equal to the maximum value'
-        );
-    }
-
-    if ($max === $min) {
-        return $min;
-    }
 
     /**
-     * Initialize variables to 0
-     * 
-     * We want to store:
-     * $bytes => the number of random bytes we need
-     * $mask => an integer bitmask (for use with the &) operator
-     *          so we can minimize the number of discards
+     * Fetch a random integer between $min and $max inclusive
+     *
+     * @param int $min
+     * @param int $max
+     *
+     * @throws Exception
+     *
+     * @return int
      */
-    $attempts = $bits = $bytes = $mask = $valueShift = 0;
+    function random_int($min, $max)
+    {
+        /**
+         * Type and input logic checks
+         *
+         * If you pass it a float in the range (~PHP_INT_MAX, PHP_INT_MAX)
+         * (non-inclusive), it will sanely cast it to an int. If you it's equal to
+         * ~PHP_INT_MAX or PHP_INT_MAX, we let it fail as not an integer. Floats
+         * lose precision, so the <= and => operators might accidentally let a float
+         * through.
+         */
 
-    /**
-     * At this point, $range is a positive number greater than 0. It might
-     * overflow, however, if $max - $min > PHP_INT_MAX. PHP will cast it to
-     * a float and we will lose some precision.
-     */
-    $range = $max - $min;
+        try {
+            $min = RandomCompat_intval($min);
+        } catch (TypeError $ex) {
+            throw new TypeError(
+                'random_int(): $min must be an integer'
+            );
+        }
 
-    /**
-     * Test for integer overflow:
-     */
-    if (!is_int($range)) {
+        try {
+            $max = RandomCompat_intval($max);
+        } catch (TypeError $ex) {
+            throw new TypeError(
+                'random_int(): $max must be an integer'
+            );
+        }
 
         /**
-         * Still safely calculate wider ranges.
-         * Provided by @CodesInChaos, @oittaa
-         * 
-         * @ref https://gist.github.com/CodesInChaos/03f9ea0b58e8b2b8d435
-         * 
-         * We use ~0 as a mask in this case because it generates all 1s
-         * 
-         * @ref https://eval.in/400356 (32-bit)
-         * @ref http://3v4l.org/XX9r5  (64-bit)
+         * Now that we've verified our weak typing system has given us an integer,
+         * let's validate the logic then we can move forward with generating random
+         * integers along a given range.
          */
-        $bytes = PHP_INT_SIZE;
-        $mask = ~0;
+        if ($min > $max) {
+            throw new Error(
+                'Minimum value must be less than or equal to the maximum value'
+            );
+        }
 
-    } else {
+        if ($max === $min) {
+            return (int) $min;
+        }
 
         /**
-         * $bits is effectively ceil(log($range, 2)) without dealing with 
-         * type juggling
+         * Initialize variables to 0
+         *
+         * We want to store:
+         * $bytes => the number of random bytes we need
+         * $mask => an integer bitmask (for use with the &) operator
+         *          so we can minimize the number of discards
          */
-        while ($range > 0) {
-            if ($bits % 8 === 0) {
-               ++$bytes;
+        $attempts = $bits = $bytes = $mask = $valueShift = 0;
+
+        /**
+         * At this point, $range is a positive number greater than 0. It might
+         * overflow, however, if $max - $min > PHP_INT_MAX. PHP will cast it to
+         * a float and we will lose some precision.
+         */
+        $range = $max - $min;
+
+        /**
+         * Test for integer overflow:
+         */
+        if (!is_int($range)) {
+
+            /**
+             * Still safely calculate wider ranges.
+             * Provided by @CodesInChaos, @oittaa
+             *
+             * @ref https://gist.github.com/CodesInChaos/03f9ea0b58e8b2b8d435
+             *
+             * We use ~0 as a mask in this case because it generates all 1s
+             *
+             * @ref https://eval.in/400356 (32-bit)
+             * @ref http://3v4l.org/XX9r5  (64-bit)
+             */
+            $bytes = PHP_INT_SIZE;
+            $mask = ~0;
+
+        } else {
+
+            /**
+             * $bits is effectively ceil(log($range, 2)) without dealing with
+             * type juggling
+             */
+            while ($range > 0) {
+                if ($bits % 8 === 0) {
+                    ++$bytes;
+                }
+                ++$bits;
+                $range >>= 1;
+                $mask = $mask << 1 | 1;
             }
-            ++$bits;
-            $range >>= 1;
-            $mask = $mask << 1 | 1;
-        }
-        $valueShift = $min;
-    }
-
-    /**
-     * Now that we have our parameters set up, let's begin generating
-     * random integers until one falls between $min and $max
-     */
-    do {
-        /**
-         * The rejection probability is at most 0.5, so this corresponds
-         * to a failure probability of 2^-128 for a working RNG
-         */
-        if ($attempts > 128) {
-            throw new Exception(
-                'random_int: RNG is broken - too many rejections'
-            );
+            $valueShift = $min;
         }
 
-        /**
-         * Let's grab the necessary number of random bytes
-         */
-        $randomByteString = random_bytes($bytes);
-        if ($randomByteString === false) {
-            throw new Exception(
-                'Random number generator failure'
-            );
-        }
-
-        /**
-         * Let's turn $randomByteString into an integer
-         * 
-         * This uses bitwise operators (<< and |) to build an integer
-         * out of the values extracted from ord()
-         * 
-         * Example: [9F] | [6D] | [32] | [0C] =>
-         *   159 + 27904 + 3276800 + 201326592 =>
-         *   204631455
-         */
         $val = 0;
-        for ($i = 0; $i < $bytes; ++$i) {
-            $val |= ord($randomByteString[$i]) << ($i * 8);
-        }
-
         /**
-         * Apply mask
+         * Now that we have our parameters set up, let's begin generating
+         * random integers until one falls between $min and $max
          */
-        $val &= $mask;
-        $val += $valueShift;
+        do {
+            /**
+             * The rejection probability is at most 0.5, so this corresponds
+             * to a failure probability of 2^-128 for a working RNG
+             */
+            if ($attempts > 128) {
+                throw new Exception(
+                    'random_int: RNG is broken - too many rejections'
+                );
+            }
 
-        ++$attempts;
-        /**
-         * If $val overflows to a floating point number,
-         * ... or is larger than $max,
-         * ... or smaller than $min,
-         * then try again.
-         */
-    } while (!is_int($val) || $val > $max || $val < $min);
+            /**
+             * Let's grab the necessary number of random bytes
+             */
+            $randomByteString = random_bytes($bytes);
 
-    return (int) $val;
+            /**
+             * Let's turn $randomByteString into an integer
+             *
+             * This uses bitwise operators (<< and |) to build an integer
+             * out of the values extracted from ord()
+             *
+             * Example: [9F] | [6D] | [32] | [0C] =>
+             *   159 + 27904 + 3276800 + 201326592 =>
+             *   204631455
+             */
+            $val &= 0;
+            for ($i = 0; $i < $bytes; ++$i) {
+                $val |= ord($randomByteString[$i]) << ($i * 8);
+            }
+
+            /**
+             * Apply mask
+             */
+            $val &= $mask;
+            $val += $valueShift;
+
+            ++$attempts;
+            /**
+             * If $val overflows to a floating point number,
+             * ... or is larger than $max,
+             * ... or smaller than $min,
+             * then try again.
+             */
+        } while (!is_int($val) || $val > $max || $val < $min);
+
+        return (int) $val;
+    }
 }

vendor/paragonie/random_compat/psalm-autoload.php

@@ -0,0 +1,9 @@
+<?php
+
+require_once 'lib/byte_safe_strings.php';
+require_once 'lib/cast_to_int.php';
+require_once 'lib/error_polyfill.php';
+require_once 'other/ide_stubs/libsodium.php';
+require_once 'lib/random.php';
+
+$int = random_int(0, 65536);