tedkulp/PrivateBin
1
0
Fork 0
mirror of https://github.com/PrivateBin/PrivateBin.git synced 2026-04-18 21:48:24 -04:00
Code Issues Packages Projects Releases Wiki Activity
3,940 Commits 11 Branches 40 Tags
a1a50ee3a593187bdf791debdfc5eeb6e9df38c0
Commit Graph

346 Commits

Author SHA1 Message Date
El RIDO 83b5d1fbba use realpath and validate tpl directory contents 
to ensure only php files inside the tpl dir can get used as templates
 2025-11-12 11:37:29 +01:00
El RIDO db251732d2 partially revert #1559 
Instead of automatically adding custom templates, we log an error if
that template is missing in the available templates. Still mitigates
arbitrary file inclusion, as the string is now checked against a fixed
allow list.
 2025-11-12 11:37:08 +01:00
El RIDO 964b4da50a Merge pull request #1545 from PrivateBin/fixes 
Fixes for zlib caching & handling undefined globals
 2025-06-27 16:49:00 +02:00
Ribas160 44f8cfbfb8 Fix error when a custom template is not in the default available templates list 2025-06-18 14:51:11 +03:00
El RIDO c08a792f01 handle undefined global, fixes #1544 2025-05-18 21:15:39 +02:00
El RIDO 6347b6193e replicate reported error 2025-05-18 20:52:46 +02:00
El RIDO 50a695b609 add missing method added upstream 2025-04-23 19:14:47 +02:00
El RIDO bac849d98a Merge pull request #1526 from PrivateBin/pass-by-reference 
Pass by reference & drop ctype
 2025-03-17 06:52:48 +01:00
El RIDO 46c49e5455 apply StyleCI recommendation 2025-03-13 09:32:39 +01:00
El RIDO 8ad6300c1c pass by reference, closes #858 2025-03-13 09:22:27 +01:00
Jacques Bodin-Hullin c04a551215 feat: Allow to change the Configuration in the _construct 
So, now we can change the Configuration class, override it even if we
want.
 2025-03-13 09:22:22 +01:00
El RIDO 7825471d70 avoid duplication of ID check 2025-03-13 08:14:01 +01:00
El RIDO 629f263cf5 pass by reference, closes #858 2025-03-11 08:22:21 +01:00
Michael Kuilboer 9221629d8d Fix available templates configuration and adding custom themes 2025-03-06 02:27:31 +01:00
Ribas160 b90967a14b Apply StyleCI changes 2025-02-14 15:33:34 +02:00
Ribas160 5b54f2cdb0 Use the traditional "template" config key, update unit-tests 2025-02-10 18:19:36 +02:00
Ribas160 c7a4ced9e1 Added the ability to web users to change the theme 2025-02-05 15:24:15 +02:00
El RIDO e27e3ace16 fix google cloud sdk tests 
Adds new method required by interface since https://github.com/googleapis/google-cloud-php/pull/7966
 2025-01-11 20:37:50 +01:00
El RIDO c27c18faf9 fix google cloud sdk tests 
Adds new method required by interface since https://github.com/googleapis/google-cloud-php/pull/7966
 2025-01-11 20:29:03 +01:00
ribas160 f9e2373e62 - str_starts_with, str_contains used instead of strpos === 0, strpos !== 0, strpos === false, strpos !== false 
- symfony/polyfill-php80 installed to introduce the polyfill and support php7.3 using php8 functions
- symfony/polyfill-ctype installed to introduce ctype functions in case somebody doesn't have the ctype extension installed
 2025-01-04 00:46:20 +02:00
El RIDO 8752354d63 apply StyleCI fixes 2024-10-25 07:12:30 +02:00
El RIDO 0268e01ab5 experiment: add return types to a unit test facility 2024-10-25 07:09:13 +02:00
El RIDO 93a2b97d69 add failing test case, dedup code 2024-10-23 08:17:13 +02:00
parthiv-m 788146012e Fix failing tests, update button icon and text according to feedback 2024-10-17 21:56:27 -04:00
El RIDO a36d72e914 handle potential key cast 
since we introduced strict types, this test occasionally fails when a ID consisting only of decimal numbers gets generated
 2024-10-11 07:13:20 +02:00
El RIDO 0040531057 fix Czech translation tests, test strings now use a non-breaking space 2024-10-09 07:04:12 +02:00
El RIDO 93bc122086 apply StyleCI recommendation 2024-07-19 08:20:15 +02:00
El RIDO 2b76898546 preserve configured SRI hashes 2024-07-19 08:05:40 +02:00
El RIDO 4b6c8356f5 clarify use of cache buster, avoid using regex 2024-07-09 22:35:21 +02:00
El RIDO 3c6df4573e apply StyleCI recommendation 2024-07-09 22:21:01 +02:00
El RIDO 6261c94fc9 break unit tests if mismatch between JS files and SRI configuration array is detected 2024-07-09 22:20:08 +02:00
El RIDO 118c919663 adjust regex due to StyleCI spacing change 2024-07-09 21:51:19 +02:00
El RIDO e051cde317 apply StyleCI recommendation 2024-07-09 21:48:40 +02:00
El RIDO 7294ea7847 Merge branch 'master' into sri-into-config 2024-07-09 21:32:42 +02:00
El RIDO 0c4e810e67 Merge branch 'shorten-non-self-url' 2024-07-09 20:33:54 +02:00
El RIDO 8b3b16be44 SRI hashes are now configurable, no longer hardcoded in templates 
- addresses #1365
- should make upgrades easier for those using custom templates
- if the JS files got customized, the default SRI hashes can be replaced in the conf.php file, added commented section in conf.sample.php
 2024-07-07 16:36:52 +02:00
El RIDO 3cba170f32 re-order stubs to the end of the file for easier maintenance 2024-07-07 15:10:17 +02:00
El RIDO 8e6e31db5c fix test, basepath needs to be set 2024-06-30 07:45:06 +02:00
El RIDO 2c711e9d3c prevent bypassing YOURLS proxy URL filter, allowing to shorten non-self URLs 2024-06-29 20:28:18 +02:00
El RIDO 68ccaaace0 address unit test failures due to strict typing 2024-06-04 07:27:45 +02:00
El RIDO cebc9acce6 enable strict types in PHP 2024-06-04 07:13:55 +02:00
El RIDO 259a171067 apply StyleCI recommendation 2024-05-05 11:19:52 +02:00
El RIDO a6058705a4 add test for new setting 2024-05-05 11:18:25 +02:00
El RIDO 5421e8e558 fix unit test 2024-05-01 21:13:24 +02:00
El RIDO b2db26998d remove the old keys, if they are still stored 2024-05-01 20:32:39 +02:00
El RIDO a9f1926b96 implement chrono privacy for pastes, addresses #1290 2024-05-01 20:16:03 +02:00
El RIDO 65a626f940 inputs sanitation & remove some obsolete version checks 
using filter_vars instead of filter_input, because our unit tests depend on manipulating global arrays, which are not used by filter_input - we would have to mock the function in the unit testing, it therefore is cleaner to use the same code paths in testing as in production

some inputs in I18n and TrafficLimiter remain unfiltered, since we already validate them by other means (IP lib and/or preg_match)

our minimum PHP version is 7.3, so we can drop the two < 5.6 fallback checks
 2024-03-23 11:27:25 +01:00
Aaron Sherber 7c9cc7754f Allow for shortenviayourls in query params 2024-03-16 16:55:49 -04:00
El RIDO d49be80ffb prevent regression around presence or absence of en.json 
it gets excluded in the release archive, it's absence should not make
any difference
 2023-12-18 21:49:21 +01:00
El RIDO 8c1310c334 update unit test doc & PHP 8 fixes 
having had to re-do all of these steps on a new environment, I noticed
some inconsistencies and updated the doc:
- moved unit testing doc into common doc folder, so it is easier to find
- removed no longer supported Janitor reference
- removed note regarding generated test duration, current version takes
  less than a minute
- addressed each function removal & phpunit deprecations
 2023-12-03 13:40:04 +01:00