followed Style CI code style recommendations, forgot one

Fixes https://github.com/PrivateBin/PrivateBin/issues/181

.codeclimate.yml

@@ -0,0 +1,39 @@
+---
+engines:
+  csslint:
+    enabled: true
+  duplication:
+    enabled: true
+    config:
+      languages:
+      - javascript
+      - php
+  eslint:
+    enabled: true
+  fixme:
+    enabled: true
+  phpmd:
+    enabled: true
+    checks:
+      Controversial/CamelCaseClassName:
+        enabled: false
+      Controversial/CamelCaseMethodName:
+        enabled: false
+      Controversial/CamelCasePropertyName:
+        enabled: false
+      Controversial/CamelCaseVariableName:
+        enabled: false
+      Controversial/Superglobals:
+        enabled: false
+      CleanCode/ElseExpression:
+        enabled: false
+      CleanCode/StaticAccess:
+        enabled: false
+ratings:
+  paths:
+  - "css/privatebin.css"
+  - "css/bootstrap/privatebin.css"
+  - "js/privatebin.js"
+  - "lib/**.php"
+  - "index.php"
+exclude_paths: []

.csslintrc

@@ -0,0 +1,2 @@
+--exclude-exts=.min.css
+--ignore=adjoining-classes,box-model,ids,order-alphabetical,unqualified-attributes

.dockerignore

@@ -0,0 +1,18 @@
+# Documentation, might leak version number
+CHANGELOG.md
+LICENSE.md
+CREDITS.md
+INSTALL.md
+README.md
+doc/
+
+# Dotfiles, pointless
+.codeclimate.yml
+.csslintrc
+.editorconfig
+.eslint*
+.git*
+.php_cs
+.styleci.yml
+.travis.yml
+.github

.editorconfig

@@ -0,0 +1,43 @@
+# editorconfig.org
+
+root = true
+
+[*]
+# Unix style files
+end_of_line = lf
+charset = utf-8
+trim_trailing_whitespace = true
+insert_final_newline = true
+
+[*.css]
+indent_style = tab
+indent_size = 4
+
+[*.js]
+indent_style = space
+indent_size = 4
+
+[*.json]
+indent_style = space
+indent_size = 4
+
+[*.jsonld]
+indent_style = tab
+indent_size = 4
+
+[*.php]
+indent_style = space
+indent_size = 4
+
+[*.{htm,html}]
+indent_style = tab
+indent_size = 4
+
+[*.{md,markdown}]
+indent_style = space
+indent_size = 2
+trim_trailing_whitespace = false
+
+[*.yml]
+indent_style = space
+indent_size = 2

.eslintignore

@@ -0,0 +1 @@
+**/*{.,-}min.js

.eslintrc

@@ -0,0 +1,216 @@
+ecmaFeatures:
+  modules: true
+  jsx: true
+
+env:
+  amd: true
+  browser: true
+  es6: true
+  jquery: true
+  node: true
+
+globals:
+  sjcl: false
+
+# http://eslint.org/docs/rules/
+rules:
+  # Possible Errors
+  comma-dangle: [2, never]
+  no-cond-assign: 2
+  no-console: 0
+  no-constant-condition: 2
+  no-control-regex: 2
+  no-debugger: 2
+  no-dupe-args: 2
+  no-dupe-keys: 2
+  no-duplicate-case: 2
+  no-empty: 2
+  no-empty-character-class: 2
+  no-ex-assign: 2
+  no-extra-boolean-cast: 2
+  no-extra-parens: 0
+  no-extra-semi: 2
+  no-func-assign: 2
+  no-inner-declarations: [2, functions]
+  no-invalid-regexp: 2
+  no-irregular-whitespace: 2
+  no-negated-in-lhs: 2
+  no-obj-calls: 2
+  no-regex-spaces: 2
+  no-sparse-arrays: 2
+  no-unexpected-multiline: 2
+  no-unreachable: 2
+  use-isnan: 2
+  valid-jsdoc: 0
+  valid-typeof: 2
+
+  # Best Practices
+  accessor-pairs: 2
+  block-scoped-var: 0
+  complexity: [2, 6]
+  consistent-return: 0
+  curly: 0
+  default-case: 0
+  dot-location: 0
+  dot-notation: 0
+  eqeqeq: 2
+  guard-for-in: 2
+  no-alert: 0
+  no-caller: 2
+  no-case-declarations: 2
+  no-div-regex: 2
+  no-else-return: 0
+  no-empty-label: 2
+  no-empty-pattern: 2
+  no-eq-null: 2
+  no-eval: 2
+  no-extend-native: 2
+  no-extra-bind: 2
+  no-fallthrough: 2
+  no-floating-decimal: 0
+  no-implicit-coercion: 0
+  no-implied-eval: 2
+  no-invalid-this: 0
+  no-iterator: 2
+  no-labels: 0
+  no-lone-blocks: 2
+  no-loop-func: 2
+  no-magic-number: 0
+  no-multi-spaces: 0
+  no-multi-str: 0
+  no-native-reassign: 2
+  no-new-func: 2
+  no-new-wrappers: 2
+  no-new: 2
+  no-octal-escape: 2
+  no-octal: 2
+  no-proto: 2
+  no-redeclare: 2
+  no-return-assign: 2
+  no-script-url: 2
+  no-self-compare: 2
+  no-sequences: 0
+  no-throw-literal: 0
+  no-unused-expressions: 2
+  no-useless-call: 2
+  no-useless-concat: 2
+  no-void: 2
+  no-warning-comments: 0
+  no-with: 2
+  radix: 2
+  vars-on-top: 0
+  wrap-iife: 2
+  yoda: 0
+
+  # Strict
+  strict: 0
+
+  # Variables
+  init-declarations: 0
+  no-catch-shadow: 2
+  no-delete-var: 2
+  no-label-var: 2
+  no-shadow-restricted-names: 2
+  no-shadow: 0
+  no-undef-init: 2
+  no-undef: 0
+  no-undefined: 0
+  no-unused-vars: 0
+  no-use-before-define: 0
+
+  # Node.js and CommonJS
+  callback-return: 2
+  global-require: 2
+  handle-callback-err: 2
+  no-mixed-requires: 0
+  no-new-require: 0
+  no-path-concat: 2
+  no-process-exit: 2
+  no-restricted-modules: 0
+  no-sync: 0
+
+  # Stylistic Issues
+  array-bracket-spacing: 0
+  block-spacing: 0
+  brace-style: 0
+  camelcase: 0
+  comma-spacing: 0
+  comma-style: 0
+  computed-property-spacing: 0
+  consistent-this: 0
+  eol-last: 0
+  func-names: 0
+  func-style: 0
+  id-length: 0
+  id-match: 0
+  indent: 0
+  jsx-quotes: 0
+  key-spacing: 0
+  linebreak-style: 0
+  lines-around-comment: 0
+  max-depth: 0
+  max-len: 0
+  max-nested-callbacks: 0
+  max-params: 0
+  max-statements: [2, 30]
+  new-cap: 0
+  new-parens: 0
+  newline-after-var: 0
+  no-array-constructor: 0
+  no-bitwise: 0
+  no-continue: 0
+  no-inline-comments: 0
+  no-lonely-if: 0
+  no-mixed-spaces-and-tabs: 0
+  no-multiple-empty-lines: 0
+  no-negated-condition: 0
+  no-nested-ternary: 0
+  no-new-object: 0
+  no-plusplus: 0
+  no-restricted-syntax: 0
+  no-spaced-func: 0
+  no-ternary: 0
+  no-trailing-spaces: 0
+  no-underscore-dangle: 0
+  no-unneeded-ternary: 0
+  object-curly-spacing: 0
+  one-var: 0
+  operator-assignment: 0
+  operator-linebreak: 0
+  padded-blocks: 0
+  quote-props: 0
+  quotes: 0
+  require-jsdoc: 0
+  semi-spacing: 0
+  semi: 0
+  sort-vars: 0
+  space-after-keywords: 0
+  space-before-blocks: 0
+  space-before-function-paren: 0
+  space-before-keywords: 0
+  space-in-parens: 0
+  space-infix-ops: 0
+  space-return-throw-case: 0
+  space-unary-ops: 0
+  spaced-comment: 0
+  wrap-regex: 0
+
+  # ECMAScript 6
+  arrow-body-style: 0
+  arrow-parens: 0
+  arrow-spacing: 0
+  constructor-super: 0
+  generator-star-spacing: 0
+  no-arrow-condition: 0
+  no-class-assign: 0
+  no-const-assign: 0
+  no-dupe-class-members: 0
+  no-this-before-super: 0
+  no-var: 0
+  object-shorthand: 0
+  prefer-arrow-callback: 0
+  prefer-const: 0
+  prefer-reflect: 0
+  prefer-spread: 0
+  prefer-template: 0
+  require-yield: 0

.gitattributes

@@ -1,4 +1,19 @@
 doc/ export-ignore
 tst/ export-ignore
+js/.istanbul.yml export-ignore
+js/test.js export-ignore
+js/mocha-3.2.0.js export-ignore
+css/mocha-3.2.0.css export-ignore
+.codeclimate.yml export-ignore
+.csslintrc export-ignore
+.dockerignore export-ignore
+.editorconfig export-ignore
+.eslintignore export-ignore
+.eslintrc export-ignore
 .gitattributes export-ignore
+.github export-ignore
 .gitignore export-ignore
+.php_cs export-ignore
+.styleci.yml export-ignore
+.travis.yml export-ignore
+Dockerfile export-ignore

.github/CONTRIBUTING.md

@@ -0,0 +1,8 @@
+# Contributing
+
+At first, awesome you take the time to make PrivateBin better! :tada: :+1:
+
+Have a look at our [contributing guide](https://github.com/PrivateBin/PrivateBin/wiki/Development) if you want to hack on the code.
+If you want to translate PrivateBin into your language have a look at the [translation guide](https://github.com/PrivateBin/PrivateBin/wiki/Translation).
+
+Except this also opening [issues](https://github.com/PrivateBin/PrivateBin/issues) helps much. Just describe your problem detailed enough and fill out our template.

.github/ISSUE_TEMPLATE.md

@@ -0,0 +1,39 @@
+<!-- Please have a look at our FAQ before submitting an issue: https://github.com/PrivateBin/PrivateBin/wiki/FAQ -->
+<!-- This is a template for a bug report. If you would like to suggest a feature, feel free to delete the part below. -->
+
+## Steps to reproduce
+<!-- Tell us how to reproduce the problem. -->
+1.
+2.
+
+### What happens
+
+
+### What should happen
+
+
+## Additional information
+<!--
+Here you can add screenshots. If the issue is e.g. a client-side issue (= an issue, which happens in your browser) press F12 and copy and paste the console output or add a screenshot.
+If you have access to the server log files, also copy them here.
+-->
+
+## Basic information
+
+<!-- If you use a public server enter the address of it here. -->
+**Server address**:
+
+<!-- The Operation System of your server -->
+**Server OS:**
+
+<!-- The webserver running on your server, preferrably including the version -->
+**Webserver:**
+
+<!-- The version of your browser (when it is a client-side issue) -->
+**Browser:**
+
+<!-- The version of PrivateBin, if you use an unstable version paste the commit hash or the GitHub link to the commit here (you can get it by running `git rev-parse HEAD`) -->
+**PrivateBin version:**
+
+* I can reproduce this issue on <https://privatebin.net>: Yes / No
+

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,17 @@
+<!-- This is a template for your Pull Request. This are just some suggestions for you. You do not have to use all of them. -->
+
+<!-- If your PR fixes an issue, mention it here. You can also just copy the URL - GitHub will convert it for you.
+If this PR fixes several issues, please prepend each issue url/number with the word "fix"/"fixes" or "close"/"closes" as this automatically closes the issues you mentioned when the PR is merged.
+-->
+This PR fixes 
+
+## Changes
+<!-- List all the changes you have done -->
+* 
+* 
+
+## ToDo
+<!-- Add things, you still want to do. It is recommend to put "[DNM]", "[DONOTMERGE]", "[WIP]" or "[WORKINPROGRESS]" **into the title** of your PR if you still want to work on this PR, but just do not want to have it merged yet. -->
+* [ ] 
+* [ ] 
+* [ ] 

.gitignore

@@ -1,12 +1,35 @@
-# Ignore data/ and tmp/
-data/
-tmp/
-# Ignore for safety
+# Ignore server files for safety
 .htaccess
 .htpasswd
-# Ignore unit testing logs, api docs and eclipse project files
+
+# Ignore data/
+data/
+
+# Ignore PhpDoc
+doc/*
+!doc/*.md
+
+# Ignore developers composer status so it isn't accidentally checked in,
+# see https://github.com/PrivateBin/PrivateBin/issues/84
+composer.lock
+
+# Ignore vendor dir of Composer except PHP files
+vendor/*.*
+vendor/*/*.*
+vendor/*/*/*.*
+vendor/*/*/*/*.*
+vendor/*/*/*/*/*.*
+vendor/*/*/*/*/*/*.*
+vendor/**/LICENSE
+vendor/**/test
+vendor/**/tst
+vendor/**/tests
+vendor/**/build_phar.php
+!vendor/**/*.php
+
+# Ignore local node modules, unit testing logs, api docs and eclipse project files
+js/node_modules/
 tst/log/
-doc/
 .settings
 .buildpath
 .project

.htaccess.disabled

@@ -0,0 +1,3 @@
+RewriteEngine on
+RewriteCond %{HTTP_USER_AGENT} ^.*(bot|spider|crawl|https?://|WhatsApp|SkypeUriPreview|facebookexternalhit) [NC]
+RewriteRule .* - [R=403,L]

.php_cs

@@ -0,0 +1,23 @@
+<?php
+/**
+ * Configuration file for PHP Coding Standards Fixer (php-cs-fixer).
+ *
+ * On GitHub: https://github.com/FriendsOfPhp/php-cs-fixer
+ * More information: http://cs.sensiolabs.org/
+ */
+
+$finder = Symfony\CS\Finder\DefaultFinder::create()
+    ->in('lib')
+;
+
+return Symfony\CS\Config\Config::create()
+    ->level(Symfony\CS\FixerInterface::PSR2_LEVEL)
+    ->fixers(['concat_with_spaces', 'long_array_syntax', 'standardize_not_equal',
+              'operators_spaces', 'duplicate_semicolon',
+              'remove_leading_slash_use', 'align_equals',
+              'single_array_no_trailing_comma', 'phpdoc_indent', 'phpdoc_order',
+              'phpdoc_scalar', 'phpdoc_to_comment', 'phpdoc_trim',
+              'phpdoc_types', 'print_to_echo', 'self_accessor', 'single_quote',
+              'spaces_cast', 'ternary_spaces'])
+    ->finder($finder)
+;

.styleci.yml

@@ -0,0 +1,26 @@
+preset: recommended
+
+risky: false
+
+enabled:
+  - no_empty_comment
+  - align_equals
+  - long_array_syntax
+  - concat_with_spaces
+
+disabled:
+  - blank_line_after_opening_tag
+  - blank_line_before_return
+  - concat_without_spaces
+  - declare_equal_normalize
+  - heredoc_to_nowdoc
+  - method_argument_space
+  - new_with_braces
+  - phpdoc_align
+  - phpdoc_no_access
+  - phpdoc_separation
+  - phpdoc_single_line_var_spacing
+  - phpdoc_summary
+  - short_array_syntax
+  - single_line_after_imports
+  - unalign_equals

.travis.yml

@@ -0,0 +1,17 @@
+language: php
+sudo: false
+php:
+  - 5.5
+  - 5.6
+  - 7.0
+
+before_script:
+  - composer install -n
+
+script:
+  - cd tst && ../vendor/phpunit/phpunit/phpunit
+
+after_script:
+  - cd ..
+  - vendor/bin/codacycoverage clover tst/log/coverage-clover.xml
+  - vendor/bin/test-reporter --coverage-report tst/log/coverage-clover.xml

CHANGELOG.md

@@ -1,5 +1,61 @@
-# ZeroBin version history #
+# PrivateBin version history
 
+  * **next (not yet released)**
+    * ADDED: Translations for Spanish, Occitan and Norwegian
+    * ADDED: Option in configuration to change the default "PrivateBin" title of the site
+    * CHANGED: Cleanup of bootstrap template variants and moved icons to `img` directory
+  * **1.1 (2016-12-26)**
+    * ADDED: Translations for Italian and Russian
+    * ADDED: Loading message displayed until decryption succeeded for slower (in terms of CPU or network) systems
+    * ADDED: Dockerfile for docker container creation
+    * CHANGED: Using modal dialog to request password input instead of native JS input window (#69)
+    * CHANGED: Suppressed referrer HTTP header sending when following links in a paste or comment (#96) and added additional HTTP headers for XSS mitigation (#91)
+    * CHANGED: Updated random_compat and jQuery libraries
+    * FIXED: XSS using JavaScript stored as markdown formatted paste, after clicking on Raw paste button (#137)
+    * FIXED: Automatic purging deleting non-expiring pastes, when using database store (#149)
+  * **1.0 (2016-08-25)**
+    * ADDED: Translations for Slowene and Chinese
+    * ADDED: re-introduced (optional) URL shortener support, which was removed back in version 0.16 for privacy concerns
+    * ADDED: Preview tab, helpful for writing markdown code or check the source code rendering
+    * ADDED: Automatic purging of expired pastes, done on paste creation
+    * ADDED: Option to disable icons in discussions (will only affect newly created pastes)
+    * ADDED: Composer support
+    * CHANGED: Renamed the ZeroBin fork to PrivateBin
+    * CHANGED: Removed unmaintained RainTPL template engine, replacing the templates with straight forward PHP files
+    * CHANGED: New logo and favicons
+    * CHANGED: Upgrading SJCL library to 1.0.4
+    * CHANGED: Switched to GCM instead of CCM mode for AES encryption for newly created pastes
+    * CHANGED: Use backported random bytes function from PHP7 for older PHP versions instead of mcrypt
+    * CHANGED: Switched to a SHA256 HMAC of the IP in traffic limiter instead of storing it in plain text on the server
+    * CHANGED: Introduced content security policy header to reduce cross site scripting (XSS) risks
+    * CHANGED: Added SHA512 subresource integrity hashes for all javascript includes to reduce the risk of manipulated scripts and easier detection of such
+    * CHANGED: Refactored PHP code to conform to PSR-4 and PSR-2 standards
+    * CHANGED: Switched to Identicons as the default for comments with nicknames
+    * CHANGED: Vizhash is now optional and based on (128 byte) SHA512 HMAC instead of (144 byte) combination of MD5, SHA1 and a reversal of that string
+    * FIXED: Content-type negociation for HTML in certain uncommon browser configurations
+    * FIXED: JavaScript error displayed before page is loaded or during attachment load
+    * FIXED: Don't strip space characters at beginning or end of optional password
+    * FIXED: Various UI glitches in mobile version or on smaller desktops with language menu, button spacing and long URLs
+    * FIXED: Back button now works as expected after switching to raw text view of a paste
+    * FIXED: Reactivated second error message above send comment button to ensure its visibility when the main error message is outside the viewport
+    * FIXED: Raw text now displays original markdown instead of rendered HTML
+    * FIXED: Removed unused code detected with the help of various code review tools
+    * FIXED: Table format for PostgreSQL, making it possible to use PostgreSQL as backend in addition to MySQL, SQLite and flat files
+  * **0.22 (2015-11-09)**:
+    * ADDED: Tab character input support
+    * ADDED: Dark bootstrap theme
+    * ADDED: Option to hide clone button on expiring pastes
+    * ADDED: Option to set a different default language then English and/or enforce it as the only language
+    * ADDED: Database now contains version to allow automatic update of structure, only if necessary; removing database structure check on each request
+    * ADDED: Favicons
+    * FIXING: Regressions in database layer, prohibiting pastes from being stored
+    * FIXING: Fixing "missing" comments when they were posted during the same second to the same paste
+    * FIXING: JS failing when password input disabled
+    * CHANGED: Switching positions of "New" and "Send" button, highlighting the latter to improve workflow
+    * CHANGED: Renamed config file to make updates easier
+    * CHANGED: Switching to JSON-based REST-API
+    * CHANGED: Database structure to store attachments, allowing larger attachments to be stored (depending on maximum BLOB size of database backend)
+    * CHANGED: Refactored data model, traffic limiting & request handling
   * **0.21.1 (2015-09-21)**:
     * FIXING: lost meta data when using DB model instead of flat files
     * FIXING: mobile navbar getting triggered on load
@@ -18,10 +74,10 @@
       * for simpler maintenance the functions were grouped into objects: zerobin (display logic, event handling), filter (compression,
 encryption), i18n (translation, counterpart of i18n.php) and helper (stateless utilities)
     * Wiki pages were added to address common topics:
-      * [Upgrading from ZeroBin 0.19 Alpha](https://github.com/elrido/ZeroBin/wiki/Upgrading-from-ZeroBin-0.19-Alpha)
-      * [ZeroBin Directory of public servers](https://github.com/elrido/ZeroBin/wiki/ZeroBin-Directory)
-      * [Translation](https://github.com/elrido/ZeroBin/wiki/Translation)
-      * [Templates](https://github.com/elrido/ZeroBin/wiki/Templates)
+      * [Upgrading from ZeroBin 0.19 Alpha](https://github.com/PrivateBin/PrivateBin/wiki/Upgrading-from-ZeroBin-0.19-Alpha)
+      * [Directory of public PrivateBin servers](https://github.com/PrivateBin/PrivateBin/wiki/PrivateBin-Directory)
+      * [Translation](https://github.com/PrivateBin/PrivateBin/wiki/Translation)
+      * [Templates](https://github.com/PrivateBin/PrivateBin/wiki/Templates)
   * **0.20 (2015-09-03)**:
     * ADDED: Password protected pastes (optional)
     * ADDED: configuration options for highlighting, password, discussions, expiration times, rate limiting

CREDITS.md

@@ -1,16 +1,37 @@
-Credits
-=======
+# Credits
+
+## Active contributors
+
+Simon Rupf - current developer and maintainer  
+rugk - security review, doc improvment & various other stuff
+
+## Past contributions
+
 Sébastien Sauvage - original idea and main developer
 
-Alexey Gladkov - syntax highlighting
-Greg Knaddison - robots.txt
-MrKooky - HTML5 markup, CSS cleanup
-Simon Rupf - MVC refactoring, configuration, i18n and unit tests
-Hexalyse - Password protection
-Viktor Stanchev - File upload support
+* Alexey Gladkov - syntax highlighting
+* Greg Knaddison - robots.txt
+* MrKooky - HTML5 markup, CSS cleanup
+* Simon Rupf - MVC refactoring, configuration, i18n and unit tests
+* Hexalyse - Password protection
+* Viktor Stanchev - File upload support
+* azlux - Tab character input support
+* Adam Fisher - old Favicons
+* rugk - new logo/icons
+* Sobak - PSR-4 and PSR-2 refactoring
+* Nathaniel Olsen - jQuery upgrade
+* Alexander Demenshin - modal password dialog
+* PunKeel - Dockerfile
 
-Translations:
-Hexalyse - French
-Kuba Niewiarowski - Polish
-Gabbalo - German
-Draky50110 - French
+## Translations
+* Hexalyse - French
+* Kuba Niewiarowski - Polish
+* Gabbalo - German
+* Draky50110 - French
+* Filip Muki Dobranić - Slovene
+* Jiawei Zhou - Chinese
+* Stefano Marty - Italian
+* R4SAS - Russian
+* Alfredo Fabián Altamirano Tena - Spanish
+* Quent-in - Occitan
+* idarlund - Norwegian

Dockerfile

@@ -0,0 +1,17 @@
+FROM php:apache
+
+RUN apt-get update && apt-get install -y \
+        libfreetype6-dev \
+        libjpeg62-turbo-dev \
+        libpng12-dev \
+        wget \
+        zip \
+        unzip; \
+    # We install and enable php-gd
+    docker-php-ext-configure gd --with-freetype-dir=/usr/include/ --with-jpeg-dir=/usr/include/; \
+    docker-php-ext-install -j$(nproc) gd; \
+
+    # We enable Apache's mod_rewrite
+    a2enmod rewrite
+
+COPY . .

INSTALL.md

@@ -1,31 +1,54 @@
-Installation
-============
+# Installation
+
+**TL;DR:** Download the
+[latest release archive](https://github.com/PrivateBin/PrivateBin/releases/latest)
+and extract it in your web hosts folder where you want to install your PrivateBin
+instance. We try to provide a safe default configuration, but we advise you to
+check the options and adjust them as you see fit.
 
 ## Basic installation
 
-**TL;DR:** Download the [latest release archive](https://github.com/elrido/ZeroBin/releases/latest)
-and extract it in your web hosts folder were you want to install your ZeroBin instance.
-
 ### Requirements
 
-- PHP version 5.2.6 or above
+- PHP version 5.3 or above
+- _one_ of the following sources of cryptographically safe randomness is required:
+  - PHP 7 or higher
+  - [Libsodium](https://download.libsodium.org/libsodium/content/installation/) and it's [PHP extension](https://paragonie.com/book/pecl-libsodium/read/00-intro.md#installing-libsodium)
+  - open_basedir access to `/dev/urandom`
+  - mcrypt extension
+  - com_dotnet extension
+  
+  Mcrypt needs to be able to access `/dev/urandom`. This means if `open_basedir` is set, it must include this file.
 - GD extension
-- mcrypt extension (recommended)
-- some disk space or (optional) a database supported by PDO
+- some disk space or (optional) a database supported by [PDO](https://secure.php.net/manual/book.pdo.php)
+- ability to create files and folders in the installation directory and the PATH
 - A web browser with javascript support
 
 ### Configuration
 
-In the file `cfg/conf.ini` you can configure ZeroBin. The config file is divided
-into multiple sections, which are enclosed in square brackets.
+In the file `cfg/conf.ini` you can configure PrivateBin. A `cfg/conf.ini.sample`
+is provided containing all options and default values. You can copy it to
+`cfg/conf.ini` and adapt it as needed. The config file is divided into multiple
+sections, which are enclosed in square brackets.
 
-In the `[main]` section you can enable or disable the discussion feature, set the
-limit of stored pastes and comments in bytes. The `[traffic]` section lets you
-set a time limit in seconds. Users may not post more often then this limit to
-your ZeroBin installation.
+In the `[main]` section you can enable or disable the discussion feature, set
+the limit of stored pastes and comments in bytes. The `[traffic]` section lets
+you set a time limit in seconds. Users may not post more often then this limit
+to your PrivateBin installation.
 
 More details can be found in the
-[configuration documentation](https://github.com/elrido/ZeroBin/wiki/Configuration).
+[configuration documentation](https://github.com/PrivateBin/PrivateBin/wiki/Configuration).
+
+## Further configuration
+
+After (or before) setting up PrivateBin, also set up HTTPS, as without HTTPS
+PrivateBin is not secure. (
+[More information](https://github.com/PrivateBin/PrivateBin/wiki/FAQ#how-should-i-setup-https))
+
+If you want to use PrivateBin behind Cloudflare, make sure you disabled Rocket
+loader and unchecked "Javascript" for Auto Minify, found in your domain settings,
+under "Speed". (More information
+[in this FAQ entry](https://github.com/PrivateBin/PrivateBin/wiki/FAQ#user-content-how-to-make-privatebin-work-when-using-cloudflare-for-ddos-protection))
 
 ## Advanced installation
 
@@ -33,61 +56,94 @@ More details can be found in the
 
 In the index.php you can define a different `PATH`. This is useful to secure your
 installation. You can move the configuration, data files, templates and PHP
-libraries (directories cfg, data, lib, tpl, tmp and tst) outside of your document
-root. This new location must still be accessible to your webserver / PHP process
-([open_basedir setting](http://php.net/manual/en/ini.core.php#ini.open-basedir)).
+libraries (directories cfg, doc, data, lib, tpl, tst and vendor) outside of your
+document root. This new location must still be accessible to your webserver / PHP
+process (see also
+[open_basedir setting](https://secure.php.net/manual/en/ini.core.php#ini.open-basedir)).
 
 > #### PATH Example
-> Your zerobin installation lives in a subfolder called "paste" inside of your
-> document root. The URL looks like this:
+> Your PrivateBin installation lives in a subfolder called "paste" inside of
+> your document root. The URL looks like this:
 > http://example.com/paste/
-> The full path of ZeroBin on your webserver is:
+>
+> The full path of PrivateBin on your webserver is:
 > /home/example.com/htdocs/paste
 > 
 > When setting the path like this:
-> define('PATH', '../../secret/zerobin/');
-> ZeroBin will look for your includes here:
-> /home/example.com/secret/zerobin
+> define('PATH', '../../secret/privatebin/');
+>
+> PrivateBin will look for your includes / data here:
+> /home/example.com/secret/privatebin
+
+### Web server configuration
+
+A `robots.txt` file is provided in the root dir of PrivateBin. It disallows all
+robots from accessing your pastes. It is recommend to place it into the root of
+your web directory if you have installed PrivateBin in a subdirectory. Make sure
+to adjust it, so that the file paths match your installation. Of course also
+adjust the file if you already use a `robots.txt`.
+
+A `.htaccess.disabled` file is provided in the root dir of PrivateBin. It blocks
+some known robots and link-scanning bots. If you use Apache, you can rename the
+file to `.htaccess` to enable this feature. If you use another webserver, you
+have to configure it manually to do the same.
 
 ### Using a database instead of flat files
 
 In the configuration file the `[model]` and `[model_options]` sections let you
-configure your favourite way of storing the pastes and discussions on your server.
+configure your favourite way of storing the pastes and discussions on your
+server.
 
-`zerobin_data` is the default model, which stores everything in files in the data
-folder. This is the recommended setup for most sites.
+`Filesystem` is the default model, which stores everything in files in the
+data folder. This is the recommended setup for most sites.
 
 Under high load, in distributed setups or if you are not allowed to store files
-locally, you might want to switch to the `zerobin_db` model. This lets you store
-your data in a database. Basically all databases that are supported by
-[PDO](http://php.net/manual/en/book.pdo.php) may be used. Automatic table
+locally, you might want to switch to the `Database` model. This lets you
+store your data in a database. Basically all databases that are supported by
+[PDO](https://secure.php.net/manual/en/book.pdo.php) may be used. Automatic table
 creation is provided for `pdo_ibm`, `pdo_informix`, `pdo_mssql`, `pdo_mysql`,
 `pdo_oci`, `pdo_pgsql` and `pdo_sqlite`. You may want to provide a table prefix,
-if you have to share the zerobin database with another application. The table
-prefix option is called `tbl`.
+if you have to share the PrivateBin database with another application or you want
+to use a prefix for
+[security reasons](https://security.stackexchange.com/questions/119510/is-using-a-db-prefix-for-tables-more-secure).
+The table prefix option is called `tbl`.
 
 > #### Note
-> The "zerobin_db" model has only been tested with SQLite and MySQL, although it
-would not be recommended to use SQLite in a production environment. If you gain
-any experience running ZeroBin on other RDBMS, please let us know.
+> The `Database` model has only been tested with SQLite, MySQL and PostgreSQL,
+> although it would not be recommended to use SQLite in a production environment.
+> If you gain any experience running PrivateBin on other RDBMS, please let us
+> know.
 
-For reference or if you want to create the table schema for yourself:
+For reference or if you want to create the table schema for yourself (replace
+`prefix_` with your own table prefix and create the table schema with phpMyAdmin
+or the MYSQL console):
 
     CREATE TABLE prefix_paste (
-        dataid CHAR(16),
-        data TEXT,
+        dataid CHAR(16) NOT NULL,
+        data BLOB,
         postdate INT,
         expiredate INT,
         opendiscussion INT,
-        burnafterreading INT
+        burnafterreading INT,
+        meta TEXT,
+        attachment MEDIUMBLOB,
+        attachmentname BLOB,
+        PRIMARY KEY (dataid)
     );
     
     CREATE TABLE prefix_comment (
         dataid CHAR(16),
         pasteid CHAR(16),
         parentid CHAR(16),
-        data TEXT,
-        nickname VARCHAR(255),
-        vizhash TEXT,
-        postdate INT
+        data BLOB,
+        nickname BLOB,
+        vizhash BLOB,
+        postdate INT,
+        PRIMARY KEY (dataid)
     );
+    CREATE INDEX parent ON prefix_comment(pasteid);
+    
+    CREATE TABLE prefix_config (
+        id CHAR(16) NOT NULL, value TEXT, PRIMARY KEY (id)
+    );
+    INSERT INTO prefix_config VALUES('VERSION', '1.1');

LICENSE.md

@@ -0,0 +1,954 @@
+# License
+
+PrivateBin consists of PHP and JS code which was originally written by Sébastien
+Sauvage in 2012 and falls unter the Zlib/libpng license. Also included are
+libraries that fall under the GPLv2 (SJCL, rawinflate, rawdeflate), BSD
+2-clause (SJCL), BSD 3-clause (base64.js version 2.1.9, Showdown), MIT
+(base64.js version 1.7, Bootstrap, Identicon, random_compat), Apache
+(prettify.js) and CC-BY (favicon, icon, logo) licenses. All of these license
+terms can be found here below:
+
+## Zlib/libpng license for PrivateBin
+
+Copyright © 2012 Sébastien Sauvage
+
+This software is provided 'as-is', without any express or implied warranty. In
+no event will the authors be held liable for any damages arising from the use
+of this software.
+
+Permission is granted to anyone to use this software for any purpose, including
+commercial applications, and to alter it and redistribute it freely, subject to
+the following restrictions:
+
+1. The origin of this software must not be misrepresented; you must not claim
+   that you wrote the original software. If you use this software in a product,
+   an acknowledgment in the product documentation would be appreciated but is
+   not required.
+
+2. Altered source versions must be plainly marked as such, and must not be
+   misrepresented as being the original software.
+
+3. This notice may not be removed or altered from any source distribution.
+
+## GNU General Public License, version 2.0, for SJCL, rawdeflate and rawinflate
+
+_Version 2, June 1991_
+_Copyright © 1989, 1991 Free Software Foundation, Inc.,_
+_51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA_
+
+Everyone is permitted to copy and distribute verbatim copies
+of this license document, but changing it is not allowed.
+
+### Preamble
+
+The licenses for most software are designed to take away your
+freedom to share and change it.  By contrast, the GNU General Public
+License is intended to guarantee your freedom to share and change free
+software--to make sure the software is free for all its users.  This
+General Public License applies to most of the Free Software
+Foundation's software and to any other program whose authors commit to
+using it.  (Some other Free Software Foundation software is covered by
+the GNU Lesser General Public License instead.)  You can apply it to
+your programs, too.
+
+When we speak of free software, we are referring to freedom, not
+price.  Our General Public Licenses are designed to make sure that you
+have the freedom to distribute copies of free software (and charge for
+this service if you wish), that you receive source code or can get it
+if you want it, that you can change the software or use pieces of it
+in new free programs; and that you know you can do these things.
+
+To protect your rights, we need to make restrictions that forbid
+anyone to deny you these rights or to ask you to surrender the rights.
+These restrictions translate to certain responsibilities for you if you
+distribute copies of the software, or if you modify it.
+
+For example, if you distribute copies of such a program, whether
+gratis or for a fee, you must give the recipients all the rights that
+you have.  You must make sure that they, too, receive or can get the
+source code.  And you must show them these terms so they know their
+rights.
+
+We protect your rights with two steps: **(1)** copyright the software, and
+**(2)** offer you this license which gives you legal permission to copy,
+distribute and/or modify the software.
+
+Also, for each author's protection and ours, we want to make certain
+that everyone understands that there is no warranty for this free
+software.  If the software is modified by someone else and passed on, we
+want its recipients to know that what they have is not the original, so
+that any problems introduced by others will not reflect on the original
+authors' reputations.
+
+Finally, any free program is threatened constantly by software
+patents.  We wish to avoid the danger that redistributors of a free
+program will individually obtain patent licenses, in effect making the
+program proprietary.  To prevent this, we have made it clear that any
+patent must be licensed for everyone's free use or not licensed at all.
+
+The precise terms and conditions for copying, distribution and
+modification follow.
+
+### TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+
+**0.** This License applies to any program or other work which contains
+a notice placed by the copyright holder saying it may be distributed
+under the terms of this General Public License.  The “Program”, below,
+refers to any such program or work, and a “work based on the Program”
+means either the Program or any derivative work under copyright law:
+that is to say, a work containing the Program or a portion of it,
+either verbatim or with modifications and/or translated into another
+language.  (Hereinafter, translation is included without limitation in
+the term “modification”.)  Each licensee is addressed as “you”.
+
+Activities other than copying, distribution and modification are not
+covered by this License; they are outside its scope.  The act of
+running the Program is not restricted, and the output from the Program
+is covered only if its contents constitute a work based on the
+Program (independent of having been made by running the Program).
+Whether that is true depends on what the Program does.
+
+**1.** You may copy and distribute verbatim copies of the Program's
+source code as you receive it, in any medium, provided that you
+conspicuously and appropriately publish on each copy an appropriate
+copyright notice and disclaimer of warranty; keep intact all the
+notices that refer to this License and to the absence of any warranty;
+and give any other recipients of the Program a copy of this License
+along with the Program.
+
+You may charge a fee for the physical act of transferring a copy, and
+you may at your option offer warranty protection in exchange for a fee.
+
+**2.** You may modify your copy or copies of the Program or any portion
+of it, thus forming a work based on the Program, and copy and
+distribute such modifications or work under the terms of Section 1
+above, provided that you also meet all of these conditions:
+
+* **a)** You must cause the modified files to carry prominent notices
+stating that you changed the files and the date of any change.
+* **b)** You must cause any work that you distribute or publish, that in
+whole or in part contains or is derived from the Program or any
+part thereof, to be licensed as a whole at no charge to all third
+parties under the terms of this License.
+* **c)** If the modified program normally reads commands interactively
+when run, you must cause it, when started running for such
+interactive use in the most ordinary way, to print or display an
+announcement including an appropriate copyright notice and a
+notice that there is no warranty (or else, saying that you provide
+a warranty) and that users may redistribute the program under
+these conditions, and telling the user how to view a copy of this
+License.  (Exception: if the Program itself is interactive but
+does not normally print such an announcement, your work based on
+the Program is not required to print an announcement.)
+
+These requirements apply to the modified work as a whole.  If
+identifiable sections of that work are not derived from the Program,
+and can be reasonably considered independent and separate works in
+themselves, then this License, and its terms, do not apply to those
+sections when you distribute them as separate works.  But when you
+distribute the same sections as part of a whole which is a work based
+on the Program, the distribution of the whole must be on the terms of
+this License, whose permissions for other licensees extend to the
+entire whole, and thus to each and every part regardless of who wrote it.
+
+Thus, it is not the intent of this section to claim rights or contest
+your rights to work written entirely by you; rather, the intent is to
+exercise the right to control the distribution of derivative or
+collective works based on the Program.
+
+In addition, mere aggregation of another work not based on the Program
+with the Program (or with a work based on the Program) on a volume of
+a storage or distribution medium does not bring the other work under
+the scope of this License.
+
+**3.** You may copy and distribute the Program (or a work based on it,
+under Section 2) in object code or executable form under the terms of
+Sections 1 and 2 above provided that you also do one of the following:
+
+* **a)** Accompany it with the complete corresponding machine-readable
+source code, which must be distributed under the terms of Sections
+1 and 2 above on a medium customarily used for software interchange; or,
+* **b)** Accompany it with a written offer, valid for at least three
+years, to give any third party, for a charge no more than your
+cost of physically performing source distribution, a complete
+machine-readable copy of the corresponding source code, to be
+distributed under the terms of Sections 1 and 2 above on a medium
+customarily used for software interchange; or,
+* **c)** Accompany it with the information you received as to the offer
+to distribute corresponding source code.  (This alternative is
+allowed only for noncommercial distribution and only if you
+received the program in object code or executable form with such
+an offer, in accord with Subsection b above.)
+
+The source code for a work means the preferred form of the work for
+making modifications to it.  For an executable work, complete source
+code means all the source code for all modules it contains, plus any
+associated interface definition files, plus the scripts used to
+control compilation and installation of the executable.  However, as a
+special exception, the source code distributed need not include
+anything that is normally distributed (in either source or binary
+form) with the major components (compiler, kernel, and so on) of the
+operating system on which the executable runs, unless that component
+itself accompanies the executable.
+
+If distribution of executable or object code is made by offering
+access to copy from a designated place, then offering equivalent
+access to copy the source code from the same place counts as
+distribution of the source code, even though third parties are not
+compelled to copy the source along with the object code.
+
+**4.** You may not copy, modify, sublicense, or distribute the Program
+except as expressly provided under this License.  Any attempt
+otherwise to copy, modify, sublicense or distribute the Program is
+void, and will automatically terminate your rights under this License.
+However, parties who have received copies, or rights, from you under
+this License will not have their licenses terminated so long as such
+parties remain in full compliance.
+
+**5.** You are not required to accept this License, since you have not
+signed it.  However, nothing else grants you permission to modify or
+distribute the Program or its derivative works.  These actions are
+prohibited by law if you do not accept this License.  Therefore, by
+modifying or distributing the Program (or any work based on the
+Program), you indicate your acceptance of this License to do so, and
+all its terms and conditions for copying, distributing or modifying
+the Program or works based on it.
+
+**6.** Each time you redistribute the Program (or any work based on the
+Program), the recipient automatically receives a license from the
+original licensor to copy, distribute or modify the Program subject to
+these terms and conditions.  You may not impose any further
+restrictions on the recipients' exercise of the rights granted herein.
+You are not responsible for enforcing compliance by third parties to
+this License.
+
+**7.** If, as a consequence of a court judgment or allegation of patent
+infringement or for any other reason (not limited to patent issues),
+conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License.  If you cannot
+distribute so as to satisfy simultaneously your obligations under this
+License and any other pertinent obligations, then as a consequence you
+may not distribute the Program at all.  For example, if a patent
+license would not permit royalty-free redistribution of the Program by
+all those who receive copies directly or indirectly through you, then
+the only way you could satisfy both it and this License would be to
+refrain entirely from distribution of the Program.
+
+If any portion of this section is held invalid or unenforceable under
+any particular circumstance, the balance of the section is intended to
+apply and the section as a whole is intended to apply in other
+circumstances.
+
+It is not the purpose of this section to induce you to infringe any
+patents or other property right claims or to contest validity of any
+such claims; this section has the sole purpose of protecting the
+integrity of the free software distribution system, which is
+implemented by public license practices.  Many people have made
+generous contributions to the wide range of software distributed
+through that system in reliance on consistent application of that
+system; it is up to the author/donor to decide if he or she is willing
+to distribute software through any other system and a licensee cannot
+impose that choice.
+
+This section is intended to make thoroughly clear what is believed to
+be a consequence of the rest of this License.
+
+**8.** If the distribution and/or use of the Program is restricted in
+certain countries either by patents or by copyrighted interfaces, the
+original copyright holder who places the Program under this License
+may add an explicit geographical distribution limitation excluding
+those countries, so that distribution is permitted only in or among
+countries not thus excluded.  In such case, this License incorporates
+the limitation as if written in the body of this License.
+
+**9.** The Free Software Foundation may publish revised and/or new versions
+of the General Public License from time to time.  Such new versions will
+be similar in spirit to the present version, but may differ in detail to
+address new problems or concerns.
+
+Each version is given a distinguishing version number.  If the Program
+specifies a version number of this License which applies to it and “any
+later version”, you have the option of following the terms and conditions
+either of that version or of any later version published by the Free
+Software Foundation.  If the Program does not specify a version number of
+this License, you may choose any version ever published by the Free Software
+Foundation.
+
+**10.** If you wish to incorporate parts of the Program into other free
+programs whose distribution conditions are different, write to the author
+to ask for permission.  For software which is copyrighted by the Free
+Software Foundation, write to the Free Software Foundation; we sometimes
+make exceptions for this.  Our decision will be guided by the two goals
+of preserving the free status of all derivatives of our free software and
+of promoting the sharing and reuse of software generally.
+
+### NO WARRANTY
+
+**11.** BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
+FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW.  EXCEPT WHEN
+OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
+PROVIDE THE PROGRAM “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
+OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.  THE ENTIRE RISK AS
+TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU.  SHOULD THE
+PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
+REPAIR OR CORRECTION.
+
+**12.** IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
+REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
+INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
+OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
+TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
+YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
+PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
+POSSIBILITY OF SUCH DAMAGES.
+
+END OF TERMS AND CONDITIONS
+
+## BSD 2-Clause License for SJCL
+
+_Copyright © 2009-2015, Emily Stark, Mike Hamburg and Dan Boneh at Stanford University._
+_All rights reserved._
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+1. Redistributions of source code must retain the above copyright notice, this
+   list of conditions and the following disclaimer.
+2. Redistributions in binary form must reproduce the above copyright notice,
+   this list of conditions and the following disclaimer in the documentation
+   and/or other materials provided with the distribution. 
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS “AS IS” AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
+ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+## BSD 3-Clause License for Showdown
+
+Showdown Copyright © 2007, John Fraser
+<http://www.attacklab.net/>
+All rights reserved.
+
+Original Markdown copyright © 2004, John Gruber
+<http://daringfireball.net/>
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+* Redistributions of source code must retain the above copyright notice, this
+  list of conditions and the following disclaimer.
+
+* Redistributions in binary form must reproduce the above copyright notice,
+  this list of conditions and the following disclaimer in the documentation
+  and/or other materials provided with the distribution.
+
+* Neither the name "Markdown" nor the names of its contributors may be used
+  to endorse or promote products derived from this software without specific
+  prior written permission.
+
+This software is provided by the copyright holders and contributors "as is" and
+any express or implied warranties, including, but not limited to, the implied
+warranties of merchantability and fitness for a particular purpose are
+disclaimed. In no event shall the copyright owner or contributors be liable for
+any direct, indirect, incidental, special, exemplary, or consequential damages
+(including, but not limited to, procurement of substitute goods or services;
+loss of use, data, or profits; or business interruption) however caused and on
+any theory of liability, whether in contract, strict liability, or tort
+(including negligence or otherwise) arising in any way out of the use of this
+software, even if advised of the possibility of such damage.
+
+## BSD 3-Clause License for base64.js version 2.1.9
+
+Copyright © 2014, Dan Kogai
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+* Redistributions of source code must retain the above copyright notice, this
+  list of conditions and the following disclaimer.
+
+* Redistributions in binary form must reproduce the above copyright notice,
+  this list of conditions and the following disclaimer in the documentation
+  and/or other materials provided with the distribution.
+
+* Neither the name of base64.js nor the names of its contributors may be used
+  to endorse or promote products derived from this software without specific
+  prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+## MIT License for base64.js version 1.7
+
+Copyright © 2012 Dan Kogai
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+
+## MIT License for Bootstrap
+
+Copyright © 2011-2016 Twitter, Inc.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+
+## MIT License for Identicon
+
+Copyright © 2013 Benjamin Laugueux <benjamin@yzalis.com>
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is furnished
+to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+
+## MIT License for random_compat
+
+Copyright © 2015 Paragon Initiative Enterprises
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
+
+## MIT license for Composer
+
+Copyright (c) 2016 Nils Adermann, Jordi Boggiano
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is furnished
+to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+
+## Apache License for prettify.js
+
+_Version 2.0, January 2004_
+_<http://www.apache.org/licenses/>_
+
+### Terms and Conditions for use, reproduction, and distribution
+
+#### 1. Definitions
+
+“License” shall mean the terms and conditions for use, reproduction, and
+distribution as defined by Sections 1 through 9 of this document.
+
+“Licensor” shall mean the copyright owner or entity authorized by the copyright
+owner that is granting the License.
+
+“Legal Entity” shall mean the union of the acting entity and all other entities
+that control, are controlled by, or are under common control with that entity.
+For the purposes of this definition, “control” means **(i)** the power, direct or
+indirect, to cause the direction or management of such entity, whether by
+contract or otherwise, or **(ii)** ownership of fifty percent (50%) or more of the
+outstanding shares, or **(iii)** beneficial ownership of such entity.
+
+“You” (or “Your”) shall mean an individual or Legal Entity exercising
+permissions granted by this License.
+
+“Source” form shall mean the preferred form for making modifications, including
+but not limited to software source code, documentation source, and configuration
+files.
+
+“Object” form shall mean any form resulting from mechanical transformation or
+translation of a Source form, including but not limited to compiled object code,
+generated documentation, and conversions to other media types.
+
+“Work” shall mean the work of authorship, whether in Source or Object form, made
+available under the License, as indicated by a copyright notice that is included
+in or attached to the work (an example is provided in the Appendix below).
+
+“Derivative Works” shall mean any work, whether in Source or Object form, that
+is based on (or derived from) the Work and for which the editorial revisions,
+annotations, elaborations, or other modifications represent, as a whole, an
+original work of authorship. For the purposes of this License, Derivative Works
+shall not include works that remain separable from, or merely link (or bind by
+name) to the interfaces of, the Work and Derivative Works thereof.
+
+“Contribution” shall mean any work of authorship, including the original version
+of the Work and any modifications or additions to that Work or Derivative Works
+thereof, that is intentionally submitted to Licensor for inclusion in the Work
+by the copyright owner or by an individual or Legal Entity authorized to submit
+on behalf of the copyright owner. For the purposes of this definition,
+“submitted” means any form of electronic, verbal, or written communication sent
+to the Licensor or its representatives, including but not limited to
+communication on electronic mailing lists, source code control systems, and
+issue tracking systems that are managed by, or on behalf of, the Licensor for
+the purpose of discussing and improving the Work, but excluding communication
+that is conspicuously marked or otherwise designated in writing by the copyright
+owner as “Not a Contribution.”
+
+“Contributor” shall mean Licensor and any individual or Legal Entity on behalf
+of whom a Contribution has been received by Licensor and subsequently
+incorporated within the Work.
+
+#### 2. Grant of Copyright License
+
+Subject to the terms and conditions of this License, each Contributor hereby
+grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free,
+irrevocable copyright license to reproduce, prepare Derivative Works of,
+publicly display, publicly perform, sublicense, and distribute the Work and such
+Derivative Works in Source or Object form.
+
+#### 3. Grant of Patent License
+
+Subject to the terms and conditions of this License, each Contributor hereby
+grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free,
+irrevocable (except as stated in this section) patent license to make, have
+made, use, offer to sell, sell, import, and otherwise transfer the Work, where
+such license applies only to those patent claims licensable by such Contributor
+that are necessarily infringed by their Contribution(s) alone or by combination
+of their Contribution(s) with the Work to which such Contribution(s) was
+submitted. If You institute patent litigation against any entity (including a
+cross-claim or counterclaim in a lawsuit) alleging that the Work or a
+Contribution incorporated within the Work constitutes direct or contributory
+patent infringement, then any patent licenses granted to You under this License
+for that Work shall terminate as of the date such litigation is filed.
+
+#### 4. Redistribution
+
+You may reproduce and distribute copies of the Work or Derivative Works thereof
+in any medium, with or without modifications, and in Source or Object form,
+provided that You meet the following conditions:
+
+* **(a)** You must give any other recipients of the Work or Derivative Works a
+copy of this License; and
+* **(b)** You must cause any modified files to carry prominent notices stating
+that You changed the files; and
+* **(c)** You must retain, in the Source form of any Derivative Works that You
+distribute, all copyright, patent, trademark, and attribution notices from the
+Source form of the Work, excluding those notices that do not pertain to any part
+of the Derivative Works; and
+* **(d)** If the Work includes a “NOTICE” text file as part of its distribution,
+then any Derivative Works that You distribute must include a readable copy of the
+attribution notices contained within such NOTICE file, excluding those notices
+that do not pertain to any part of the Derivative Works, in at least one of the
+following places: within a NOTICE text file distributed as part of the
+Derivative Works; within the Source form or documentation, if provided along
+with the Derivative Works; or, within a display generated by the Derivative
+Works, if and wherever such third-party notices normally appear. The contents of
+the NOTICE file are for informational purposes only and do not modify the
+License. You may add Your own attribution notices within Derivative Works that
+You distribute, alongside or as an addendum to the NOTICE text from the Work,
+provided that such additional attribution notices cannot be construed as
+modifying the License.
+
+You may add Your own copyright statement to Your modifications and may provide
+additional or different license terms and conditions for use, reproduction, or
+distribution of Your modifications, or for any such Derivative Works as a whole,
+provided Your use, reproduction, and distribution of the Work otherwise complies
+with the conditions stated in this License.
+
+#### 5. Submission of Contributions
+
+Unless You explicitly state otherwise, any Contribution intentionally submitted
+for inclusion in the Work by You to the Licensor shall be under the terms and
+conditions of this License, without any additional terms or conditions.
+Notwithstanding the above, nothing herein shall supersede or modify the terms of
+any separate license agreement you may have executed with Licensor regarding
+such Contributions.
+
+#### 6. Trademarks
+
+This License does not grant permission to use the trade names, trademarks,
+service marks, or product names of the Licensor, except as required for
+reasonable and customary use in describing the origin of the Work and
+reproducing the content of the NOTICE file.
+
+#### 7. Disclaimer of Warranty
+
+Unless required by applicable law or agreed to in writing, Licensor provides the
+Work (and each Contributor provides its Contributions) on an “AS IS” BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied,
+including, without limitation, any warranties or conditions of TITLE,
+NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are
+solely responsible for determining the appropriateness of using or
+redistributing the Work and assume any risks associated with Your exercise of
+permissions under this License.
+
+#### 8. Limitation of Liability
+
+In no event and under no legal theory, whether in tort (including negligence),
+contract, or otherwise, unless required by applicable law (such as deliberate
+and grossly negligent acts) or agreed to in writing, shall any Contributor be
+liable to You for damages, including any direct, indirect, special, incidental,
+or consequential damages of any character arising as a result of this License or
+out of the use or inability to use the Work (including but not limited to
+damages for loss of goodwill, work stoppage, computer failure or malfunction, or
+any and all other commercial damages or losses), even if such Contributor has
+been advised of the possibility of such damages.
+
+#### 9. Accepting Warranty or Additional Liability
+
+While redistributing the Work or Derivative Works thereof, You may choose to
+offer, and charge a fee for, acceptance of support, warranty, indemnity, or
+other liability obligations and/or rights consistent with this License. However,
+in accepting such obligations, You may act only on Your own behalf and on Your
+sole responsibility, not on behalf of any other Contributor, and only if You
+agree to indemnify, defend, and hold each Contributor harmless for any liability
+incurred by, or claims asserted against, such Contributor by reason of your
+accepting any such warranty or additional liability.
+
+## [Creative Commons Attribution 4.0 International Public License](https://creativecommons.org/licenses/by/4.0/) for [PrivateBin favicons, icons & logos](https://github.com/PrivateBin/assets) by [rugk](https://github.com/rugk)
+
+By exercising the Licensed Rights (defined below), You accept and agree to be
+bound by the terms and conditions of this Creative Commons Attribution 4.0
+International Public License ("Public License"). To the extent this Public
+License may be interpreted as a contract, You are granted the Licensed Rights in
+consideration of Your acceptance of these terms and conditions, and the Licensor
+grants You such rights in consideration of benefits the Licensor receives from
+making the Licensed Material available under these terms and conditions.
+
+### Section 1 – Definitions.
+
+a. __Adapted Material__ means material subject to Copyright and Similar Rights
+that is derived from or based upon the Licensed Material and in which the
+Licensed Material is translated, altered, arranged, transformed, or otherwise
+modified in a manner requiring permission under the Copyright and Similar Rights
+held by the Licensor. For purposes of this Public License, where the Licensed
+Material is a musical work, performance, or sound recording, Adapted Material is
+always produced where the Licensed Material is synched in timed relation with a
+moving image.
+
+b. __Adapter's License__ means the license You apply to Your Copyright and
+Similar Rights in Your contributions to Adapted Material in accordance with the
+terms and conditions of this Public License.
+
+c. __Copyright and Similar Rights__ means copyright and/or similar rights
+closely related to copyright including, without limitation, performance,
+broadcast, sound recording, and Sui Generis Database Rights, without regard to
+how the rights are labeled or categorized. For purposes of this Public License,
+the rights specified in Section 2(b)(1)-(2) are not Copyright and Similar Rights.
+
+d. __Effective Technological Measures__ means those measures that, in the
+absence of proper authority, may not be circumvented under laws fulfilling
+obligations under Article 11 of the WIPO Copyright Treaty adopted on December
+20, 1996, and/or similar international agreements.
+
+e. __Exceptions and Limitations__ means fair use, fair dealing, and/or any other
+exception or limitation to Copyright and Similar Rights that applies to Your use
+of the Licensed Material.
+
+f. __Licensed Material__ means the artistic or literary work, database, or other
+material to which the Licensor applied this Public License.
+
+g. __Licensed Rights__ means the rights granted to You subject to the terms and
+conditions of this Public License, which are limited to all Copyright and
+Similar Rights that apply to Your use of the Licensed Material and that the
+Licensor has authority to license.
+
+h. __Licensor__ means the individual(s) or entity(ies) granting rights under
+this Public License.
+
+i. __Share__ means to provide material to the public by any means or process
+that requires permission under the Licensed Rights, such as reproduction, public
+display, public performance, distribution, dissemination, communication, or
+importation, and to make material available to the public including in ways that
+members of the public may access the material from a place and at a time
+individually chosen by them.
+
+j. __Sui Generis Database Rights__ means rights other than copyright resulting
+from Directive 96/9/EC of the European Parliament and of the Council of 11 March
+1996 on the legal protection of databases, as amended and/or succeeded, as well
+as other essentially equivalent rights anywhere in the world.
+
+k. __You__ means the individual or entity exercising the Licensed Rights under
+this Public License. Your has a corresponding meaning.
+
+### Section 2 – Scope.
+
+a. ___License grant.___
+
+    1. Subject to the terms and conditions of this Public License, the Licensor
+       hereby grants You a worldwide, royalty-free, non-sublicensable,
+       non-exclusive, irrevocable license to exercise the Licensed Rights in the
+       Licensed Material to:
+
+        A. reproduce and Share the Licensed Material, in whole or in part; and
+
+        B. produce, reproduce, and Share Adapted Material.
+
+    2. __Exceptions and Limitations.__ For the avoidance of doubt, where
+       Exceptions and Limitations apply to Your use, this Public License does
+       not apply, and You do not need to comply with its terms and conditions.
+
+    3. __Term.__ The term of this Public License is specified in Section 6(a).
+
+    4. __Media and formats; technical modifications allowed.__ The Licensor
+       authorizes You to exercise the Licensed Rights in all media and formats
+       whether now known or hereafter created, and to make technical
+       modifications necessary to do so. The Licensor waives and/or agrees not
+       to assert any right or authority to forbid You from making technical
+       modifications necessary to exercise the Licensed Rights, including
+       technical modifications necessary to circumvent Effective Technological
+       Measures. For purposes of this Public License, simply making
+       modifications authorized by this Section 2(a)(4) never produces Adapted
+       Material.
+
+    5. __Downstream recipients.__
+
+        A. __Offer from the Licensor – Licensed Material.__ Every recipient of
+           the Licensed Material automatically receives an offer from the
+           Licensor to exercise the Licensed Rights under the terms and
+           conditions of this Public License.
+
+        B. __No downstream restrictions.__ You may not offer or impose any
+           additional or different terms or conditions on, or apply any
+           Effective Technological Measures to, the Licensed Material if doing
+           so restricts exercise of the Licensed Rights by any recipient of the
+           Licensed Material.
+
+    6. __No endorsement.__ Nothing in this Public License constitutes or may be
+       construed as permission to assert or imply that You are, or that Your use
+       of the Licensed Material is, connected with, or sponsored, endorsed, or
+       granted official status by, the Licensor or others designated to receive
+       attribution as provided in Section 3(a)(1)(A)(i).
+
+b. ___Other rights.___
+
+    1. Moral rights, such as the right of integrity, are not licensed under this
+       Public License, nor are publicity, privacy, and/or other similar
+       personality rights; however, to the extent possible, the Licensor waives
+       and/or agrees not to assert any such rights held by the Licensor to the
+       limited extent necessary to allow You to exercise the Licensed Rights,
+       but not otherwise.
+
+    2. Patent and trademark rights are not licensed under this Public License.
+
+    3. To the extent possible, the Licensor waives any right to collect
+       royalties from You for the exercise of the Licensed Rights, whether
+       directly or through a collecting society under any voluntary or waivable
+       statutory or compulsory licensing scheme. In all other cases the Licensor
+       expressly reserves any right to collect such royalties.
+
+### Section 3 – License Conditions.
+
+Your exercise of the Licensed Rights is expressly made subject to the following
+conditions.
+
+a. ___Attribution.___
+
+    1. If You Share the Licensed Material (including in modified form), You must:
+
+        A. retain the following if it is supplied by the Licensor with the
+           Licensed Material:
+
+            i. identification of the creator(s) of the Licensed Material and any
+               others designated to receive attribution, in any reasonable
+               manner requested by the Licensor (including by pseudonym if
+               designated);
+
+            ii. a copyright notice;
+
+            iii. a notice that refers to this Public License;
+
+            iv. a notice that refers to the disclaimer of warranties;
+
+            v. a URI or hyperlink to the Licensed Material to the extent
+               reasonably practicable;
+
+        B. indicate if You modified the Licensed Material and retain an
+           indication of any previous modifications; and
+
+        C. indicate the Licensed Material is licensed under this Public License,
+           and include the text of, or the URI or hyperlink to, this Public
+           License.
+
+    2. You may satisfy the conditions in Section 3(a)(1) in any reasonable
+       manner based on the medium, means, and context in which You Share the
+       Licensed Material. For example, it may be reasonable to satisfy the
+       conditions by providing a URI or hyperlink to a resource that includes
+       the required information.
+
+    3. If requested by the Licensor, You must remove any of the information
+       required by Section 3(a)(1)(A) to the extent reasonably practicable.
+
+    4. If You Share Adapted Material You produce, the Adapter's License You
+       apply must not prevent recipients of the Adapted Material from complying
+       with this Public License.
+
+### Section 4 – Sui Generis Database Rights.
+
+Where the Licensed Rights include Sui Generis Database Rights that apply to Your
+use of the Licensed Material:
+
+a. for the avoidance of doubt, Section 2(a)(1) grants You the right to extract,
+   reuse, reproduce, and Share all or a substantial portion of the contents of
+   the database;
+
+b. if You include all or a substantial portion of the database contents in a
+   database in which You have Sui Generis Database Rights, then the database in
+   which You have Sui Generis Database Rights (but not its individual contents)
+   is Adapted Material; and
+
+c. You must comply with the conditions in Section 3(a) if You Share all or a
+   substantial portion of the contents of the database.
+
+For the avoidance of doubt, this Section 4 supplements and does not replace Your
+obligations under this Public License where the Licensed Rights include other
+Copyright and Similar Rights.
+
+### Section 5 – Disclaimer of Warranties and Limitation of Liability.
+
+a. __Unless otherwise separately undertaken by the Licensor, to the extent
+   possible, the Licensor offers the Licensed Material as-is and as-available,
+   and makes no representations or warranties of any kind concerning the
+   Licensed Material, whether express, implied, statutory, or other. This
+   includes, without limitation, warranties of title, merchantability, fitness
+   for a particular purpose, non-infringement, absence of latent or other
+   defects, accuracy, or the presence or absence of errors, whether or not known
+   or discoverable. Where disclaimers of warranties are not allowed in full or
+   in part, this disclaimer may not apply to You.__
+
+b. __To the extent possible, in no event will the Licensor be liable to You on
+   any legal theory (including, without limitation, negligence) or otherwise for
+   any direct, special, indirect, incidental, consequential, punitive,
+   exemplary, or other losses, costs, expenses, or damages arising out of this
+   Public License or use of the Licensed Material, even if the Licensor has been
+   advised of the possibility of such losses, costs, expenses, or damages. Where
+   a limitation of liability is not allowed in full or in part, this limitation
+   may not apply to You.__
+
+c. The disclaimer of warranties and limitation of liability provided above shall
+   be interpreted in a manner that, to the extent possible, most closely
+   approximates an absolute disclaimer and waiver of all liability.
+
+### Section 6 – Term and Termination.
+
+a. This Public License applies for the term of the Copyright and Similar Rights
+   licensed here. However, if You fail to comply with this Public License, then
+   Your rights under this Public License terminate automatically.
+
+b. Where Your right to use the Licensed Material has terminated under Section
+   6(a), it reinstates:
+
+    1. automatically as of the date the violation is cured, provided it is cured
+       within 30 days of Your discovery of the violation; or
+
+    2. upon express reinstatement by the Licensor.
+
+    For the avoidance of doubt, this Section 6(b) does not affect any right the
+    Licensor may have to seek remedies for Your violations of this Public
+    License.
+
+c. For the avoidance of doubt, the Licensor may also offer the Licensed Material
+   under separate terms or conditions or stop distributing the Licensed Material
+   at any time; however, doing so will not terminate this Public License.
+
+d. Sections 1, 5, 6, 7, and 8 survive termination of this Public License.
+
+### Section 7 – Other Terms and Conditions.
+
+a. The Licensor shall not be bound by any additional or different terms or
+   conditions communicated by You unless expressly agreed.
+
+b. Any arrangements, understandings, or agreements regarding the Licensed
+   Material not stated herein are separate from and independent of the terms and
+   conditions of this Public License.
+
+### Section 8 – Interpretation.
+
+a. For the avoidance of doubt, this Public License does not, and shall not be
+   interpreted to, reduce, limit, restrict, or impose conditions on any use of
+   the Licensed Material that could lawfully be made without permission under
+   this Public License.
+
+b. To the extent possible, if any provision of this Public License is deemed
+   unenforceable, it shall be automatically reformed to the minimum extent
+   necessary to make it enforceable. If the provision cannot be reformed, it
+   shall be severed from this Public License without affecting the
+   enforceability of the remaining terms and conditions.
+
+c. No term or condition of this Public License will be waived and no failure to
+   comply consented to unless expressly agreed to by the Licensor.
+
+d. Nothing in this Public License constitutes or may be interpreted as a
+   limitation upon, or waiver of, any privileges and immunities that apply to
+   the Licensor or You, including from the legal processes of any jurisdiction
+   or authority.

README.md

@@ -1,16 +1,27 @@
-# ZeroBin 0.21.1
+# [<img alt="PrivateBin" src="https://cdn.rawgit.com/PrivateBin/assets/master/images/minified/logo.svg" width="500" />](https://privatebin.info/)
+[![Build Status](https://travis-ci.org/PrivateBin/PrivateBin.svg?branch=master)](https://travis-ci.org/PrivateBin/PrivateBin) [![Build Status](https://scrutinizer-ci.com/g/PrivateBin/PrivateBin/badges/build.png?b=master)](https://scrutinizer-ci.com/g/PrivateBin/PrivateBin/build-status/master)  
+[![Codacy Badge](https://api.codacy.com/project/badge/Grade/094500f62abf4c9aa0c8a8a4520e4789)](https://www.codacy.com/app/PrivateBin/PrivateBin)
+[![Code Climate](https://codeclimate.com/github/PrivateBin/PrivateBin/badges/gpa.svg)](https://codeclimate.com/github/PrivateBin/PrivateBin)
+[![Scrutinizer Code Quality](https://scrutinizer-ci.com/g/PrivateBin/PrivateBin/badges/quality-score.png?b=master)](https://scrutinizer-ci.com/g/PrivateBin/PrivateBin/?branch=master)
+[![SensioLabsInsight](https://insight.sensiolabs.com/projects/57c9e74e-c6f9-4de6-a876-df66ec2ea1ff/mini.png)](https://insight.sensiolabs.com/projects/57c9e74e-c6f9-4de6-a876-df66ec2ea1ff)  
+[![Codacy Badge](https://api.codacy.com/project/badge/Coverage/094500f62abf4c9aa0c8a8a4520e4789)](https://www.codacy.com/app/PrivateBin/PrivateBin)
+[![Test Coverage](https://codeclimate.com/github/PrivateBin/PrivateBin/badges/coverage.svg)](https://codeclimate.com/github/PrivateBin/PrivateBin/coverage) [![Code Coverage](https://scrutinizer-ci.com/g/PrivateBin/PrivateBin/badges/coverage.png?b=master)](https://scrutinizer-ci.com/g/PrivateBin/PrivateBin/?branch=master)
 
-ZeroBin is a minimalist, opensource online pastebin where the server has zero 
-knowledge of pasted data.
+*Current version: 1.1*
 
-Data is encrypted/decrypted in the browser using 256 bit AES.
+**PrivateBin** is a minimalist, open source online pastebin where the server has
+zero knowledge of pasted data.
 
-This fork of ZeroBin refactored the source code to allow easier and cleaner 
-extensions. It is still fully compatible to the original ZeroBin 0.19 data 
-storage scheme. Therefore such installations can be upgraded to this fork 
+Data is encrypted/decrypted in the browser using 256bit AES in [Galois Counter mode](https://en.wikipedia.org/wiki/Galois/Counter_Mode).
+
+This is a fork of ZeroBin, originally developed by
+[Sébastien Sauvage](https://github.com/sebsauvage/ZeroBin). It was refactored
+to allow easier and cleaner extensions and has now much more features than the
+original. It is however still fully compatible to the original ZeroBin 0.19
+data storage scheme. Therefore such installations can be upgraded to this fork
 without loosing any data.
 
-## What ZeroBin provides
+## What PrivateBin provides
 
 + As a server administrator you don't have to worry if your users post content
   that is considered illegal in your country. You have no knowledge of any
@@ -19,62 +30,87 @@ without loosing any data.
 
 + Pastebin-like system to store text documents, code samples, etc.
 
-+ Encryption of data sent to server, even if it does not provide HTTPS.
++ Encryption of data sent to server.
 
-+ Possibility to set a password which is required to read the paste. It further 
++ Possibility to set a password which is required to read the paste. It further
   protects a paste and prevents people stumbling upon your paste's link
   from being able to read it without the password.
 
 ## What it doesn't provide
 
-- As a user you have to trust the server administrator, your internet provider 
+- As a user you have to trust the server administrator, your internet provider
   and any country the traffic passes not to inject any malicious javascript code.
+  For a basic security the PrivateBin installation *has to provide HTTPS*!
+  Additionally it should be secured by
+  [HSTS](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) and
+  ideally by [HPKP](https://en.wikipedia.org/wiki/HTTP_Public_Key_Pinning) using a
+  certificate either validated by a trusted third party (check the certificate
+  when first using a new PrivateBin instance) or self-signed by the server
+  operator, validated using a
+  [DNSSEC](https://en.wikipedia.org/wiki/Domain_Name_System_Security_Extensions)
+  protected
+  [DANE](https://en.wikipedia.org/wiki/DNS-based_Authentication_of_Named_Entities)
+  record.
 
 - The "key" used to encrypt the paste is part of the URL. If you publicly post
   the URL of a paste that is not password-protected, everybody can read it.
-  Use a password if you want your paste to be private.
+  Use a password if you want your paste to be private. In this case make sure to
+  use a strong password and do only share it privately and end-to-end-encrypted.
 
 - A server admin might be forced to hand over access logs to the authorities.
-  ZeroBin encrypts your text and the discussion contents, but who accessed it
+  PrivateBin encrypts your text and the discussion contents, but who accessed it
   first might still be disclosed via such access logs.
 
+- In case of a server breach your data is secure as it is only stored encrypted
+  on the server. However the server could be misused or the server admin could
+  be legally forced into sending malicious JavaScript to all web users, which
+  grabs the decryption key and send it to the server when a user accesses a
+  PrivateBin.  
+  Therefore do not access any PrivateBin instance if you think it has been
+  compromised. As long as no user accesses this instance with a previously
+  generated URL, the content can''t be decrypted.
+
 ## Options
 
 Some features are optional and can be enabled or disabled in the [configuration
-file](https://github.com/elrido/ZeroBin/wiki/Configuration):
+file](https://github.com/PrivateBin/PrivateBin/wiki/Configuration):
 
 * Password protection
 
-* Discussions
+* Discussions, anonymous or with nicknames and IP based identicons or vizhashes
 
 * Expiration times, including a "forever" and "burn after reading" option
 
-* Markdown format support for HTML formatted pastes
+* Markdown format support for HTML formatted pastes, including preview function
 
-* Syntax highlighting for source code using prettify.js, including 4 prettify themes
+* Syntax highlighting for source code using prettify.js, including 4 prettify
+  themes
 
-* File upload support, images get displayed (disabled by default, possibility to adjust size limit)
+* File upload support, images get displayed (disabled by default, possibility
+  to adjust size limit)
 
-* Templates: By default there is a bootstrap CSS and a "classic ZeroBin" theme
-  and it is easy to adapt these to your own websites layout or create your own.
+* Templates: By default there are bootstrap CSS, darkstrap and "classic ZeroBin"
+  themes and it is easy to adapt these to your own websites layout or create
+  your own.
 
-* Translation system and automatic browser language detection (if enabled in browser)
+* Translation system and automatic browser language detection (if enabled in
+  browser)
 
 * Language selection (disabled by default, as it uses a session cookie)
 
 ## Further resources
 
-* [Installation guide](https://github.com/elrido/ZeroBin/wiki/Installation)
+* [Installation guide](https://github.com/PrivateBin/PrivateBin/wiki/Installation)
 
-* [Upgrading from 0.19 Alpha](https://github.com/elrido/ZeroBin/wiki/Upgrading-from-ZeroBin-0.19-Alpha)
+* [Upgrading from ZeroBin 0.19 Alpha](https://github.com/PrivateBin/PrivateBin/wiki/Upgrading-from-ZeroBin-0.19-Alpha)
 
-* [Configuration guide](https://github.com/elrido/ZeroBin/wiki/Configuration)
+* [Configuration guide](https://github.com/PrivateBin/PrivateBin/wiki/Configuration)
 
-* [Templates](https://github.com/elrido/ZeroBin/wiki/Templates)
+* [Templates](https://github.com/PrivateBin/PrivateBin/wiki/Templates)
 
-* [Translation guide](https://github.com/elrido/ZeroBin/wiki/Translation)
+* [Translation guide](https://github.com/PrivateBin/PrivateBin/wiki/Translation)
 
-* [Developer guide](https://github.com/elrido/ZeroBin/wiki/Development)
+* [Developer guide](https://github.com/PrivateBin/PrivateBin/wiki/Development)
 
-Run into any issues? Have ideas for further developments? Please 
-[report](https://github.com/elrido/ZeroBin/issues) them!
+Run into any issues? Have ideas for further developments? Please
+[report](https://github.com/PrivateBin/PrivateBin/issues) them!

browserconfig.xml

@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="utf-8"?>
+<browserconfig>
+  <msapplication>
+    <tile>
+      <square150x150logo src="img/mstile-150x150.png"/>
+      <square310x310logo src="img/mstile-310x310.png"/>
+      <wide310x150logo src="img/mstile-310x150.png"/>
+      <TileColor>#ffc40d</TileColor>
+    </tile>
+  </msapplication>
+</browserconfig>

cfg/.gitignore

@@ -0,0 +1 @@
+/conf.ini

cfg/conf.ini

@@ -1,111 +0,0 @@
-; ZeroBin
-;
-; a zero-knowledge paste bin
-;
-; @link      http://sebsauvage.net/wiki/doku.php?id=php:zerobin
-; @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
-; @license   http://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
-; @version   0.21.1
-
-[main]
-; enable or disable the discussion feature, defaults to true
-discussion = true
-
-; preselect the discussion feature, defaults to false
-opendiscussion = false
-
-; enable or disable the password feature, defaults to true
-password = true
-
-; enable or disable the file upload feature, defaults to false
-fileupload = false
-
-; preselect the burn-after-reading feature, defaults to false
-burnafterreadingselected = false
-
-; which display mode to preselect by default, defaults to "plaintext"
-; make sure the value exists in [formatter_options]
-defaultformatter = "plaintext"
-
-; (optional) set a syntax highlighting theme, as found in css/prettify/
-; syntaxhighlightingtheme = "sons-of-obsidian"
-
-; size limit per paste or comment in bytes, defaults to 2 Mibibytes
-sizelimit = 2097152
-
-; template to include, default is "bootstrap" (tpl/bootstrap.html)
-template = "bootstrap"
-
-; (optional) notice to display
-; notice = "Note: This is a test service: Data may be deleted anytime. Kittens will die if you abuse this service."
-
-; base64.js library version, defaults to 2.1.9
-; use "1.7" if you are upgrading from a ZeroBin Alpha 0.19 installation
-base64version = "2.1.9"
-
-; by default ZeroBin will guess the visitors language based on the browsers
-; settings. Optionally you can enable the language selection menu, which uses
-; a session cookie to store the choice until the browser is closed.
-languageselection = false
-
-[expire]
-; expire value that is selected per default
-; make sure the value exists in [expire_options]
-default = "1week"
-
-[expire_options]
-; Set each one of these to the number of seconds in the expiration period,
-; or 0 if it should never expire
-5min = 300
-10min = 600
-1hour = 3600
-1day = 86400
-1week = 604800
-; Well this is not *exactly* one month, it's 30 days:
-1month = 2592000
-1year = 31536000
-never = 0
-
-[formatter_options]
-; Set available formatters, their order and their labels
-plaintext = "Plain Text"
-syntaxhighlighting = "Source Code"
-markdown = "Markdown"
-
-[traffic]
-; time limit between calls from the same IP address in seconds
-; Set this to 0 to disable rate limiting.
-limit = 10
-
-; (optional) if your website runs behind a reverse proxy or load balancer,
-; set the HTTP header containing the visitors IP address, i.e. X_FORWARDED_FOR
-; header = "X_FORWARDED_FOR"
-
-; directory to store the traffic limits in
-dir = PATH "data"
-
-[model]
-; name of data model class to load and directory for storage
-; the default model "zerobin_data" stores everything in the filesystem
-class = zerobin_data
-[model_options]
-dir = PATH "data"
-
-;[model]
-; example of DB configuration for MySQL
-;class = zerobin_db
-;[model_options]
-;dsn = "mysql:host=localhost;dbname=zerobin;charset=UTF8"
-;tbl = "zerobin_"	; table prefix
-;usr = "zerobin"
-;pwd = "Z3r0P4ss"
-;opt[12] = true	  ; PDO::ATTR_PERSISTENT
-
-;[model]
-; example of DB configuration for SQLite
-;class = zerobin_db
-;[model_options]
-;dsn = "sqlite:" PATH "data/db.sq3"
-;usr = null
-;pwd = null
-;opt[12] = true	; PDO::ATTR_PERSISTENT

cfg/conf.ini.sample

@@ -0,0 +1,152 @@
+; config file for PrivateBin
+;
+; An explanation of each setting can be find online at https://github.com/PrivateBin/PrivateBin/wiki/Configuration.
+
+[main]
+; (optional) set a project name to be displayed on the website
+; name = "PrivateBin"
+
+; enable or disable the discussion feature, defaults to true
+discussion = true
+
+; preselect the discussion feature, defaults to false
+opendiscussion = false
+
+; enable or disable the password feature, defaults to true
+password = true
+
+; enable or disable the file upload feature, defaults to false
+fileupload = false
+
+; preselect the burn-after-reading feature, defaults to false
+burnafterreadingselected = false
+
+; which display mode to preselect by default, defaults to "plaintext"
+; make sure the value exists in [formatter_options]
+defaultformatter = "plaintext"
+
+; (optional) set a syntax highlighting theme, as found in css/prettify/
+; syntaxhighlightingtheme = "sons-of-obsidian"
+
+; size limit per paste or comment in bytes, defaults to 2 Mebibytes
+sizelimit = 2097152
+
+; template to include, default is "bootstrap" (tpl/bootstrap.php)
+template = "bootstrap"
+
+; (optional) notice to display
+; notice = "Note: This is a test service: Data may be deleted anytime. Kittens will die if you abuse this service."
+
+; by default PrivateBin will guess the visitors language based on the browsers
+; settings. Optionally you can enable the language selection menu, which uses
+; a session cookie to store the choice until the browser is closed.
+languageselection = false
+
+; set the language your installs defaults to, defaults to English
+; if this is set and language selection is disabled, this will be the only language
+; languagedefault = "en"
+
+; (optional) URL shortener address to offer after a new paste is created
+; it is suggested to only use this with self-hosted shorteners as this will leak
+; the pastes encryption key
+; urlshortener = "https://shortener.example.com/api?link="
+
+; (optional) IP based icons are a weak mechanism to detect if a comment was from
+; a different user when the same username was used in a comment. It might be
+; used to get the IP of a non anonymous comment poster if the server salt is
+; leaked and a SHA256 HMAC rainbow table is generated for all (relevant) IPs.
+; Can be set to one these values: none / vizhash / identicon (default).
+; icon = none
+
+; Content Security Policy headers allow a website to restrict what sources are
+; allowed to be accessed in its context. You need to change this if you added
+; custom scripts from third-party domains to your templates, e.g. tracking
+; scripts or run your site behind certain DDoS-protection services.
+; Check the documentation at https://content-security-policy.com/
+; Note: If you use a bootstrap theme, you can remove the allow-popups from the sandbox restrictions.
+; cspheader = "default-src 'none'; manifest-src 'self'; connect-src *; script-src 'self'; style-src 'self'; font-src 'self'; img-src 'self' data:; referrer no-referrer; sandbox allow-same-origin allow-scripts allow-forms allow-popups"
+
+; stay compatible with PrivateBin Alpha 0.19, less secure
+; if enabled will use base64.js version 1.7 instead of 2.1.9 and sha1 instead of
+; sha256 in HMAC for the deletion token
+zerobincompatibility = false
+
+[expire]
+; expire value that is selected per default
+; make sure the value exists in [expire_options]
+default = "1week"
+
+; optionally the "clone" button can be disabled on expiring pastes
+; note that this only hides the button, copy & paste is still possible
+; clone = false
+
+[expire_options]
+; Set each one of these to the number of seconds in the expiration period,
+; or 0 if it should never expire
+5min = 300
+10min = 600
+1hour = 3600
+1day = 86400
+1week = 604800
+; Well this is not *exactly* one month, it's 30 days:
+1month = 2592000
+1year = 31536000
+never = 0
+
+[formatter_options]
+; Set available formatters, their order and their labels
+plaintext = "Plain Text"
+syntaxhighlighting = "Source Code"
+markdown = "Markdown"
+
+[traffic]
+; time limit between calls from the same IP address in seconds
+; Set this to 0 to disable rate limiting.
+limit = 10
+
+; (optional) if your website runs behind a reverse proxy or load balancer,
+; set the HTTP header containing the visitors IP address, i.e. X_FORWARDED_FOR
+; header = "X_FORWARDED_FOR"
+
+; directory to store the traffic limits in
+dir = PATH "data"
+
+[purge]
+; minimum time limit between two purgings of expired pastes, it is only
+; triggered when pastes are created
+; Set this to 0 to run a purge every time a paste is created.
+limit = 300
+
+; maximum amount of expired pastes to delete in one purge
+; Set this to 0 to disable purging. Set it higher, if you are running a large
+; site
+batchsize = 10
+
+; directory to store the purge limit in
+dir = PATH "data"
+
+[model]
+; name of data model class to load and directory for storage
+; the default model "Filesystem" stores everything in the filesystem
+class = Filesystem
+[model_options]
+dir = PATH "data"
+
+;[model]
+; example of DB configuration for MySQL
+;class = Database
+;[model_options]
+;dsn = "mysql:host=localhost;dbname=privatebin;charset=UTF8"
+;tbl = "privatebin_"	; table prefix
+;usr = "privatebin"
+;pwd = "Z3r0P4ss"
+;opt[12] = true	  ; PDO::ATTR_PERSISTENT
+
+;[model]
+; example of DB configuration for SQLite
+;class = Database
+;[model_options]
+;dsn = "sqlite:" PATH "data/db.sq3"
+;usr = null
+;pwd = null
+;opt[12] = true	; PDO::ATTR_PERSISTENT

composer.json

@@ -0,0 +1,38 @@
+{
+    "name": "privatebin/privatebin",
+    "description": "PrivateBin is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted in the browser using 256 bit AES in Galois Counter mode (GCM).",
+    "type": "project",
+    "keywords": ["private", "secure", "end-to-end-encrypted", "e2e", "paste", "pastebin", "zero", "zero-knowledge", "encryption", "encrypted", "AES"],
+    "homepage": "https://github.com/PrivateBin",
+    "license":"zlib-acknowledgement",
+    "support": {
+        "issues": "https://github.com/PrivateBin/PrivateBin/issues",
+        "wiki": "https://github.com/PrivateBin/PrivateBin/wiki",
+        "source": "https://github.com/PrivateBin/PrivateBin",
+        "docs": "https://zerobin.dssr.ch/documentation/"
+    },
+    "repositories": [
+        {
+            "type": "vcs",
+            "url": "https://github.com/PrivateBin/PrivateBin"
+        }
+    ],
+    "require": {
+        "php": "^5.3.0 || ^7.0",
+        "paragonie/random_compat": "2.0.4",
+        "yzalis/identicon": "1.1.0"
+    },
+    "require-dev": {
+        "codacy/coverage": "dev-master",
+        "codeclimate/php-test-reporter": "dev-master",
+        "giorgiosironi/eris": "dev-master"
+    },
+    "autoload": {
+        "psr-4": {
+            "PrivateBin\\": "lib/"
+        }
+    },
+    "config": {
+        "autoloader-suffix": "DontChange"
+    }
+}

css/bootstrap/privatebin.css

@@ -1,5 +1,13 @@
-/* ZeroBin 0.21.1 - http://sebsauvage.net/wiki/doku.php?id=php:zerobin */
-
+/**
+ * PrivateBin
+ *
+ * a zero-knowledge paste bin
+ *
+ * @link      https://github.com/PrivateBin/PrivateBin
+ * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
+ * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
+ * @version   1.1
+ */
 
 body {
 	padding: 0 0 30px;
@@ -9,10 +17,26 @@ body.navbar-spacing {
 	padding-top: 70px;
 }
 
+.buttondisabled {
+	opacity: 0.3;
+}
+
 .navbar-nav {
 	margin: 0 8px;
 }
 
+.nav.navbar-nav > li {
+	margin-left: 8px;
+}
+
+.navbar-brand {
+	padding: 6px 4px 0 8px;
+}
+
+.navbar-form {
+	padding: 0;
+}
+
 .dropdown-menu > li > label, .dropdown-menu > li > div {
 	clear: both;
 	display: block;
@@ -32,6 +56,14 @@ body.navbar-spacing {
 	cursor: default;
 }
 
+.pull-right .dropdown-menu {
+	margin-left: -5em;
+}
+
+#language {
+	margin-right: 8px;
+}
+
 #image img {
 	max-width: 100%;
 	height: auto;
@@ -46,6 +78,14 @@ body.navbar-spacing {
 	display: inline;
 }
 
+#pastelink > a {
+	word-wrap: break-word;
+}
+
+#preview {
+	margin-bottom: 10px;
+}
+
 #message {
 	font-family: monospace;
 }
@@ -70,4 +110,4 @@ footer h4 {
 
 li.L0, li.L1, li.L2, li.L3, li.L5, li.L6, li.L7, li.L8 {
 	list-style-type: decimal !important;
-}
+}

css/noscript.css

@@ -0,0 +1,15 @@
+/**
+ * PrivateBin
+ *
+ * CSS file only loaded when no JavaScript available.
+ *
+ * @link      https://github.com/PrivateBin/PrivateBin
+ * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
+ * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
+ * @version   1.0
+ */
+
+/* When there is no script at all other */
+.noscript-hide {
+	display: none;
+}

css/prettify/doxy.css

@@ -1 +1 @@
-pre .str,code .str{color:#fec243}pre .kwd,code .kwd{color:#8470ff}pre .com,code .com{color:#32cd32;font-style:italic}pre .typ,code .typ{color:#6ecbcc}pre .lit,code .lit{color:#d06}pre .pun,code .pun{color:#8b8970}pre .pln,code .pln{color:#f0f0f0}pre .tag,code .tag{color:#9c9cff}pre .htm,code .htm{color:#dda0dd}pre .xsl,code .xsl{color:#d0a0d0}pre .atn,code .atn{color:#46eeee;font-weight:normal}pre .atv,code .atv{color:#eeb4b4}pre .dec,code .dec{color:#3387cc}a{text-decoration:none}pre.prettyprint,code.prettyprint{font-family:'Droid Sans Mono','CPMono_v07 Bold','Droid Sans';font-weight:bold;font-size:9pt;background-color:#0f0f0f;-moz-border-radius:8px;-webkit-border-radius:8px;-o-border-radius:8px;-ms-border-radius:8px;-khtml-border-radius:8px;border-radius:8px}pre.prettyprint{width:95%;margin:1em auto;padding:1em;white-space:pre-wrap}pre.prettyprint a,code.prettyprint a{text-decoration:none}ol.linenums{margin-top:0;margin-bottom:0;color:#8b8970}li.L0,li.L1,li.L2,li.L3,li.L5,li.L6,li.L7,li.L8{list-style-type:none}@media print{pre.prettyprint,code.prettyprint{background-color:#fff}pre .str,code .str{color:#088}pre .kwd,code .kwd{color:#006;font-weight:bold}pre .com,code .com{color:#oc3;font-style:italic}pre .typ,code .typ{color:#404;font-weight:bold}pre .lit,code .lit{color:#044}pre .pun,code .pun{color:#440}pre .pln,code .pln{color:#000}pre .tag,code .tag{color:#b66ff7;font-weight:bold}pre .htm,code .htm{color:#606;font-weight:bold}pre .xsl,code .xsl{color:#606;font-weight:bold}pre .atn,code .atn{color:#c71585;font-weight:normal}pre .atv,code .atv{color:#088;font-weight:normal}}
+pre .str,code .str{color:#fec243}pre .kwd,code .kwd{color:#8470ff}pre .com,code .com{color:#32cd32;font-style:italic}pre .typ,code .typ{color:#6ecbcc}pre .lit,code .lit{color:#d06}pre .pun,code .pun{color:#8b8970}pre .pln,code .pln{color:#f0f0f0}pre .tag,code .tag{color:#9c9cff}pre .htm,code .htm{color:#dda0dd}pre .xsl,code .xsl{color:#d0a0d0}pre .atn,code .atn{color:#46eeee;font-weight:normal}pre .atv,code .atv{color:#eeb4b4}pre .dec,code .dec{color:#3387cc}a{text-decoration:none}pre.prettyprint,code.prettyprint{font-family:'Droid Sans Mono','CPMono_v07 Bold','Droid Sans';font-weight:bold;font-size:9pt;background-color:#0f0f0f;-moz-border-radius:8px;-webkit-border-radius:8px;-o-border-radius:8px;-ms-border-radius:8px;-khtml-border-radius:8px;border-radius:8px}pre.prettyprint{width:95%;margin:1em auto;padding:1em;white-space:pre-wrap}pre.prettyprint a,code.prettyprint a{text-decoration:none}ol.linenums{margin-top:0;margin-bottom:0;color:#8b8970}li.L0,li.L1,li.L2,li.L3,li.L5,li.L6,li.L7,li.L8{list-style-type:none}@media print{pre.prettyprint,code.prettyprint{background-color:#fff}pre .str,code .str{color:#088}pre .kwd,code .kwd{color:#006;font-weight:bold}pre .com,code .com{color:#0c3;font-style:italic}pre .typ,code .typ{color:#404;font-weight:bold}pre .lit,code .lit{color:#044}pre .pun,code .pun{color:#440}pre .pln,code .pln{color:#000}pre .tag,code .tag{color:#b66ff7;font-weight:bold}pre .htm,code .htm{color:#606;font-weight:bold}pre .xsl,code .xsl{color:#606;font-weight:bold}pre .atn,code .atn{color:#c71585;font-weight:normal}pre .atv,code .atv{color:#088;font-weight:normal}}

css/privatebin.css

@@ -1,5 +1,13 @@
-/* ZeroBin 0.21.1 - http://sebsauvage.net/wiki/doku.php?id=php:zerobin */
-
+/**
+ * PrivateBin
+ *
+ * Main CSS file.
+ *
+ * @link      https://github.com/PrivateBin/PrivateBin
+ * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
+ * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
+ * @version   1.1
+ */
 
 /*  CSS Reset from YUI 3.4.1 (build 4118) - Copyright 2011 Yahoo! Inc. All rights reserved.
 Licensed under the BSD License. - http://yuilibrary.com/license/    */
@@ -109,7 +117,7 @@ h3.title {
 #pasteresult { 
 	background-color: #1F2833;
 	color: #fff;
-	padding: 4px 12px; 
+	padding: 4px 12px;
 	clear: both;
 	-moz-box-shadow: inset 0 2px 2px #000;
 	-webkit-box-shadow: inset 0 2px 2px #000;
@@ -153,7 +161,7 @@ button, .button {
 	background-clip: padding-box;
 }
 
-button:hover  { 
+button:hover  {
 	background-image: linear-gradient(bottom, #424b57 0%, #61707e 100%);
 	background-image: -o-linear-gradient(bottom, #424b57 0%, #61707e 100%);
 	background-image: -moz-linear-gradient(bottom, #424b57 0%, #61707e 100%);
@@ -185,8 +193,8 @@ button img {
 	top: 2px;
 }
 
-.button { 
-	background-color: #414d5a; 
+.button {
+	background-color: #414d5a;
 	padding: 6px 8px;
 	margin: 0 5px 0 0;
 	position: relative;
@@ -210,7 +218,7 @@ button img {
 }
 
 #remainingtime, #password {
-	color: #94a3b4; 
+	color: #94a3b4;
 	display: inline;
 	font-size: 0.85em;
 }
@@ -277,6 +285,10 @@ input {
 	color:#ff0;
 }
 
+.small {
+	font-size: 80%;
+}
+
 /* --- discussion related CSS ------- */
 
 #discussion {  /* Discussion container */
@@ -290,7 +302,7 @@ h4.title {
 	font-size: 1.2em;
 	color: #94a3b4;
 	font-style: italic;
-	font-weight: bold; 
+	font-weight: bold;
 	position: relative;
 	margin-left: 30px;
 }
@@ -348,7 +360,7 @@ h4.title {
 	background-clip: padding-box;
 }
 
-.comment button:hover  { 
+.comment button:hover  {
 	background-image: linear-gradient(bottom, #ccd 0, #fff 100%);
 	background-image: -o-linear-gradient(bottom, #ccd 0, #fff 100%);
 	background-image: -moz-linear-gradient(bottom, #ccd 0, #fff 100%);
@@ -394,6 +406,10 @@ img.vizhash {
 	font-size: 1.2em;
 }
 
+#prettyprint.prettyprinted {
+	overflow: auto;
+}
+
 #cleartext {
 	padding: 10px;
 }

doc/README.md

@@ -1,19 +1,60 @@
-Generating documentation
-========================
+Generating PHP documentation
+============================
 
 In order to generate the documentation, you will need to install the following
 packages and its dependencies:
 * phpdoc
 * graphviz
 
-Details about [installing phpDocumentor](http://phpdoc.org/docs/latest/getting-started/installing.html)
-can be found in its own documentation.
+Details about
+[installing phpDocumentor](https://phpdoc.org/docs/latest/getting-started/installing.html)
+can be found in that projects documentation.
 
 Example for Debian and Ubuntu:
-    $ sudo aptitude install php-pear graphviz
-    $ sudo pear channel-discover pear.phpdoc.org
-    $ sudo pear install phpdoc/phpDocumentor
+```console
+$ sudo apt install php-pear graphviz
+$ sudo pear channel-discover pear.phpdoc.org
+$ sudo pear install phpdoc/phpDocumentor
+```
 
 To generate the documentation, change into the main directory and run phpdoc:
-    $ cd ZeroBin
-    $ phpdoc -d lib/ -t doc/
+```console
+$ cd PrivateBin
+$ phpdoc -t doc/phpdoc -d lib/
+```
+
+**Note:** When used with PHP 7, the prerelease of phpDocumentator 2.9 needs to be
+manually installed by downloading it from
+[GitHub](https://github.com/phpDocumentor/phpDocumentor2/releases/download/v2.9.0/phpDocumentor.phar)
+and then manually moving it to e.g. `/usr/local/bin` and making it executable.
+
+Generating JS documentation
+============================
+
+In order to generate the documentation, you will need to install the following
+packages and its dependencies:
+* npm
+
+Then you can use the node package manager to install the latest stable release
+of jsdoc globally:
+
+```console
+$ npm install -g jsdoc
+```
+
+Example for Debian and Ubuntu, including steps to allow current user to install
+node modules globally:
+```console
+$ sudo apt install npm
+$ sudo mkdir /usr/local/lib/node_modules
+$ sudo chown -R $(whoami) $(npm config get prefix)/{lib/node_modules,bin,share}
+$ npm install -g jsdoc
+$ ln -s /usr/bin/nodejs /usr/local/bin/node
+```
+
+To generate the documentation, change into the main directory and run phpdoc:
+```console
+$ cd PrivateBin
+$ jsdoc -d doc/jsdoc js/privatebin.js
+```
+

i18n/de.json

@@ -1,11 +1,16 @@
 {
+    "PrivateBin": "PrivateBin",
+    "%s is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted <i>in the browser</i> using 256 bits AES. More information on the <a href=\"https://privatebin.info/\">project page</a>.":
+        "%s ist ein minimalistischer, quelloffener \"Pastebin\"-artiger Dienst, bei dem der Server keinerlei Kenntnis der Inhalte hat. Die Daten werden <i>im Browser</i> mit 256 Bit AES ver- und entschlüsselt. Weitere Informationen sind auf der <a href=\"https://privatebin.info/\">Projektseite</a> zu finden.",
+    "Because ignorance is bliss":
+        "Unwissenheit ist ein Segen",
     "en": "de",
     "Paste does not exist, has expired or has been deleted.":
         "Diesen Text gibt es nicht, er ist abgelaufen oder wurde gelöscht.",
-    "ZeroBin requires php 5.2.6 or above to work. Sorry.":
-        "ZeroBin benötigt PHP 5.2.6 oder höher, um zu funktionieren. Sorry.",
-    "ZeroBin requires configuration section [%s] to be present in configuration file.":
-        "ZeroBin benötigt den Konfigurationsabschnitt [%s] in der Konfigurationsdatei um zu funktionieren.",
+    "%s requires php 5.3.0 or above to work. Sorry.":
+        "%s benötigt PHP 5.3.0 oder höher, um zu funktionieren. Sorry.",
+    "%s requires configuration section [%s] to be present in configuration file.":
+        "%s benötigt den Konfigurationsabschnitt [%s] in der Konfigurationsdatei um zu funktionieren.",
     "Please wait %d seconds between each post.":
         "Bitte warte %d Sekunden zwischen dem Absenden.",
     "Paste is limited to %s of encrypted data.":
@@ -26,15 +31,10 @@
         "Falscher Lösch-Code. Text wurde nicht gelöscht.",
     "Paste was properly deleted.":
         "Text wurde erfolgreich gelöscht.",
-    "ZeroBin": "ZeroBin",
-    "ZeroBin is a minimalist, opensource online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted <i>in the browser</i> using 256 bits AES. More information on the <a href=\"https://github.com/elrido/ZeroBin/wiki\">project page</a>.":
-        "ZeroBin ist ein minimalistischer, quelloffener \"Pastebin\"-artiger Dienst, bei dem der Server keinerlei Kenntnis der Inhalte hat. Die Daten werden <i>im Browser</i> mit 256 Bit AES ver- und entschlüsselt. Weitere Informationen sind auf der <a href=\"https://github.com/elrido/ZeroBin/wiki\">Projektseite</a> zu finden.",
-    "Because ignorance is bliss":
-        "Unwissenheit ist ein Segen",
-    "Javascript is required for ZeroBin to work.<br />Sorry for the inconvenience.":
-        "Javascript ist eine Voraussetzung, um ZeroBin zu nutzen.<br />Bitte entschuldige die Unannehmlichkeiten.",
-    "ZeroBin requires a modern browser to work.":
-        "ZeroBin setzt einen modernen Browser voraus, um funktionieren zu können.",
+    "JavaScript is required for %s to work.<br />Sorry for the inconvenience.":
+        "JavaScript ist eine Voraussetzung, um %s zu nutzen.<br />Bitte entschuldige die Unannehmlichkeiten.",
+    "%s requires a modern browser to work.":
+        "%s setzt einen modernen Browser voraus, um funktionieren zu können.",
     "Still using Internet Explorer? Do yourself a favor, switch to a modern browser:":
         "Du benutzt immer noch den Internet Explorer? Tu Dir einen Gefallen und wechsle zu einem moderneren Browser:",
     "New":
@@ -67,7 +67,7 @@
     "Never":
         "Nie",
     "Note: This is a test service: Data may be deleted anytime. Kittens will die if you abuse this service.":
-        "Hinweis: Dies ist ein Versuchsdienst. Daten können jederzeit gelöscht werden. Kätzchen werden sterben wenn Du diesen Dienst missbrauchst.",
+        "Hinweis: Dies ist ein Versuchsdienst. Daten können jederzeit gelöscht werden. Kätzchen werden sterben wenn du diesen Dienst missbrauchst.",
     "This document will expire in %d seconds.":
         ["Dieses Dokument läuft in einer Sekunde ab.", "Dieses Dokument läuft in %d Sekunden ab."],
     "This document will expire in %d minutes.":
@@ -123,7 +123,7 @@
     "Could not create paste: %s":
         "Konnte Text nicht erstellen: %s",
     "Cannot decrypt paste: Decryption key missing in URL (Did you use a redirector or an URL shortener which strips part of the URL?)":
-        "Konnte Text nicht entschlüsseln: Der Schlüssel fehlt in der Adresse (Hast Du eine Umleitung oder einen URL-Verkürzer benutzt, der Teile der Adresse entfernt?)",
+        "Konnte Text nicht entschlüsseln: Der Schlüssel fehlt in der Adresse (Hast du eine Umleitung oder einen URL-Verkürzer benutzt, der Teile der Adresse entfernt?)",
     "Format": "Format",
     "Plain Text": "Nur Text",
     "Source Code": "Quellcode",
@@ -135,5 +135,17 @@
     "Your browser does not support uploading encrypted files. Please use a newer browser.":
         "Dein Browser unterstützt das hochladen von verschlüsselten Dateien nicht. Bitte verwende einen neueren Browser.",
     "Invalid attachment.": "Ungültiger Datei-Anhang.",
-    "Options": "Optionen"
+    "Options": "Optionen",
+    "Shorten URL": "URL verkürzen",
+    "Editor": "Bearbeiten",
+    "Preview": "Vorschau",
+    "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.":
+        "Der PATH muss bei %s mit einem \"%s\" enden. Bitte passe Deinen PATH in Deiner index.php an.",
+    "Decrypt":
+        "Entschlüsseln",
+    "Enter password":
+        "Passwort eingeben",
+    "Loading…": "Lädt…",
+    "In case this message never disappears please have a look at <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">this FAQ for information to troubleshoot</a>.":
+        "Wenn diese Nachricht nicht mehr verschwindet, schau bitte in <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">die FAQ</a> (englisch), um zu sehen, wie der Fehler behoben werden kann."
 }

i18n/es.json

@@ -0,0 +1,151 @@
+{
+    "PrivateBin": "PrivateBin",
+    "%s is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted <i>in the browser</i> using 256 bits AES. More information on the <a href=\"https://privatebin.info/\">project page</a>.":
+        "%s es un servicio de tipo \"Pastebin\" minimalista de código abierto, donde el servidor no tiene ningún conocimiento de los datos guardados. Los datos son cifrados/descifrados <i>en el navegador</i> usando 256 bits AES. Más información en la <a href=\"https://privatebin.info/\">página del proyecto</a>.",
+    "Because ignorance is bliss":
+        "Porque la ignorancia es dicha",
+    "en": "es",
+    "Paste does not exist, has expired or has been deleted.":
+        "El texto no existe, ha caducado o ha sido eliminado.",
+    "%s requires php 5.3.0 or above to work. Sorry.":
+        "%s requiere php 5.3.0 o superior para funcionar. Lo siento.",
+    "%s requires configuration section [%s] to be present in configuration file.":
+        "%s requiere que la sección de configuración [% s] esté presente en el archivo de configuración.",
+    "Please wait %d seconds between each post.":
+        "Por favor espere %d segundos entre cada publicación.",
+    "Paste is limited to %s of encrypted data.":
+        "El texto está limitado a %s de datos cifrados.",
+    "Invalid data.":
+        "Datos inválidos.",
+    "You are unlucky. Try again.":
+        "Tienes mala suerte. Inténtalo de nuevo",
+    "Error saving comment. Sorry.":
+        "Error al guardar el comentario. Lo siento.",
+    "Error saving paste. Sorry.":
+        "Error al guardar el texto. Lo siento",
+    "Invalid paste ID.":
+        "ID del texto inválido.",
+    "Paste is not of burn-after-reading type.":
+        "El texto no es del tipo \"destruir despues de leer\".",
+    "Wrong deletion token. Paste was not deleted.":
+        "Token de eliminación erróneo. El texto no fue eliminado.",
+    "Paste was properly deleted.":
+        "El texto se ha eliminado correctamente.",
+    "JavaScript is required for %s to work.<br />Sorry for the inconvenience.":
+        "JavaScript es necesario para que %s funcione.<br />Sentimos los inconvenientes ocasionados.",
+    "%s requires a modern browser to work.":
+        "%s requiere un navegador moderno para funcionar.",
+    "Still using Internet Explorer? Do yourself a favor, switch to a modern browser:":
+        "¿Sigues usando Internet Explorer? Hazte un favor, cambia a un navegador moderno:",
+    "New":
+        "Nuevo",
+    "Send":
+        "Enviar",
+    "Clone":
+        "Clonar",
+    "Raw text":
+        "Texto sin formato",
+    "Expires":
+        "Caducar en",
+    "Burn after reading":
+        "Destruir después de leer",
+    "Open discussion":
+        "Discusión abierta",
+    "Password (recommended)":
+        "Contraseña (recomendado)",
+    "Discussion":
+        "Discusión",
+    "Toggle navigation":
+        "Cambiar navegación",
+    "%d seconds": ["%d segundo", "%d segundos"],
+    "%d minutes": ["%d minuto", "%d minutos"],
+    "%d hours": ["%d hora", "%d horas"],
+    "%d days": ["%d día", "%d días"],
+    "%d weeks": ["%d semana", "%d semanas"],
+    "%d months": ["%d mes", "%d meses"],
+    "%d years": ["%d año", "%d años"],
+    "Never":
+        "Nunca",
+    "Note: This is a test service: Data may be deleted anytime. Kittens will die if you abuse this service.":
+        "Nota: Este es un servicio de prueba. Los datos pueden ser eliminados en cualquier momento. Gatitos morirán si se abusa de este servicio.",
+    "This document will expire in %d seconds.":
+        ["Este documento caducará en un segundo.", "Este documento caducará en %d segundos."],
+    "This document will expire in %d minutes.":
+        ["Este documento caducará en un minuto.", "Este documento caducará en %d minutos."],
+    "This document will expire in %d hours.":
+        ["Este documento caducará en una hora.", "Este documento caducará en %d horas."],
+    "This document will expire in %d days.":
+        ["Este documento caducará en un día.", "Este documento caducará en %d días."],
+    "This document will expire in %d months.":
+        ["Este documento caducará en un mes.", "Este documento caducará en %d meses."],
+    "Please enter the password for this paste:":
+        "Por favor ingrese la contraseña para este documento:",
+    "Could not decrypt data (Wrong key?)":
+        "No fue posible descifrar los datos (¿Clave errónea?)",
+    "Could not delete the paste, it was not stored in burn after reading mode.":
+        "No fue posible eliminar el documento, no fue guardado en modo \"destruir despues de leer\".",
+    "FOR YOUR EYES ONLY. Don't close this window, this message can't be displayed again.":
+        "SÓLO PARA TUS OJOS. No cierre esta ventana, este mensaje no se puede volver a mostrar.",
+    "Could not decrypt comment; Wrong key?":
+        "No se pudo descifrar el comentario; ¿Llave incorrecta?",
+    "Reply":
+        "Responder",
+    "Anonymous":
+        "Anónimo",
+    "Anonymous avatar (Vizhash of the IP address)":
+        "Avatar anónimo (Vizhash de la dirección IP)",
+    "Add comment":
+        "Añadir comentario",
+    "Optional nickname...":
+        "Seudónimo opcional...",
+    "Post comment":
+        "Publicar comentario",
+    "Sending comment...":
+        "Enviando comentario...",
+    "Comment posted.":
+        "Comentario publicado.",
+    "Could not refresh display: %s":
+        "No se pudo actualizar la vista: %s",
+    "unknown status":
+        "Estado desconocido",
+    "server error or not responding":
+        "Error del servidor o el servidor no responde",
+    "Could not post comment: %s":
+        "No fue posible publicar comentario: %s",
+    "Sending paste (Please move your mouse for more entropy)...":
+        "Enviando texto (Por favor, mueva el ratón para mayor entropía)...",
+    "Sending paste...":
+        "Enviando texto...",
+    "Your paste is <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Hit [Ctrl]+[c] to copy)</span>":
+        "Su texto está en <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Presione [Ctrl]+[c] para copiar)</span>",
+    "Delete data":
+        "Eliminar datos",
+    "Could not create paste: %s":
+        "No fue posible crear el archivo: %s",
+    "Cannot decrypt paste: Decryption key missing in URL (Did you use a redirector or an URL shortener which strips part of the URL?)":
+        "No es posible descifrar el documento: Falta la clave de descifrado en la URL (¿Utilizó un redirector o un acortador de URL que quite parte de la URL?)",
+    "Format": "Formato",
+    "Plain Text": "Texto sin formato",
+    "Source Code": "Código fuente",
+    "Markdown": "Markdown",
+    "Download attachment": "Descargar adjunto",
+    "Cloned file attached.": "Archivo clonado adjunto.",
+    "Attach a file": "Adjuntar archivo",
+    "Remove attachment": "Remover adjunto",
+    "Your browser does not support uploading encrypted files. Please use a newer browser.":
+        "Tu navegador no admite la carga de archivos cifrados. Utilice un navegador más reciente.",
+    "Invalid attachment.": "Adjunto inválido.",
+    "Options": "Opciones",
+    "Shorten URL": "Acortar URL",
+    "Editor": "Editor",
+    "Preview": "Previsualización",
+    "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.":
+        "%s requiere que el PATH termine en \"%s\". Por favor, actualice el PATH en su index.php.",
+    "Decrypt":
+        "Descifrar",
+    "Enter password":
+        "Ingrese contraseña",
+    "Loading…": "Cargando…",
+    "In case this message never disappears please have a look at <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">this FAQ for information to troubleshoot</a>.":
+        "En caso de que este mensaje nunca desaparezca por favor revise <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">este FAQ para obtener información para solucionar problemas</a>."
+}

i18n/fr.json

@@ -1,11 +1,16 @@
 {
+    "PrivateBin": "PrivateBin",
+    "%s is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted <i>in the browser</i> using 256 bits AES. More information on the <a href=\"https://privatebin.info/\">project page</a>.":
+        "%s est un 'pastebin' (ou gestionnaire d'extraits de texte et de code source) minimaliste et open source, dans lequel le serveur n'a aucune connaissance des données envoyées. Les données sont chiffrées/déchiffrées <i>dans le navigateur</i> par un chiffrage AES 256 bits. Plus d'informations sur <a href=\"https://privatebin.info/\">la page du projet</a>.",
+    "Because ignorance is bliss":
+        "Parce que l'ignorance c'est le bonheur",
     "en": "fr",
     "Paste does not exist, has expired or has been deleted.":
         "Le paste n'existe pas, a expiré, ou a été supprimé.",
-    "ZeroBin requires php 5.2.6 or above to work. Sorry.":
-        "Désolé, ZeroBin nécessite php 5.2.6 ou supérieur pour fonctionner.",
-    "ZeroBin requires configuration section [%s] to be present in configuration file.":
-        "ZeroBin a besoin de la section de configuration [%s] dans le fichier de configuration pour fonctionner.",
+    "%s requires php 5.3.0 or above to work. Sorry.":
+        "Désolé, %s nécessite php 5.3.0 ou supérieur pour fonctionner.",
+    "%s requires configuration section [%s] to be present in configuration file.":
+        "%s a besoin de la section de configuration [%s] dans le fichier de configuration pour fonctionner.",
     "Please wait %d seconds between each post.":
         "Merci d'attendre %d secondes entre chaque publication.",
     "Paste is limited to %s of encrypted data.":
@@ -26,15 +31,10 @@
         "Jeton de suppression incorrect. Le paste n'a pas été supprimé.",
     "Paste was properly deleted.":
         "Le paste a été correctement supprimé.",
-    "ZeroBin": "ZeroBin",
-    "ZeroBin is a minimalist, opensource online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted <i>in the browser</i> using 256 bits AES. More information on the <a href=\"https://github.com/elrido/ZeroBin/wiki\">project page</a>.":
-        "Zerobin est un 'pastebin' (ou gestionnaire d'extraits de texte et de code source) minimaliste et open source, dans lequel le serveur n'a aucune connaissance des données envoyées. Les données sont chiffrées/déchiffrées <i>dans le navigateur</i> par un chiffrage AES 256 bits. Plus d'informations sur <a href=\"https://github.com/elrido/ZeroBin/wiki\">la page du projet</a>.",
-    "Because ignorance is bliss":
-        "Parce que l'ignorance est le bonheur",
-    "Javascript is required for ZeroBin to work.<br />Sorry for the inconvenience.":
-        "Javascript est requis pour faire fonctionner ZeroBin. <br />Désolé pour cet inconvénient.",
-    "ZeroBin requires a modern browser to work.":
-        "ZeroBin nécessite un navigateur moderne pour fonctionner.",
+    "JavaScript is required for %s to work.<br />Sorry for the inconvenience.":
+        "JavaScript est requis pour faire fonctionner %s. <br />Désolé pour cet inconvénient.",
+    "%s requires a modern browser to work.":
+        "%s nécessite un navigateur moderne pour fonctionner.",
     "Still using Internet Explorer? Do yourself a favor, switch to a modern browser:":
         "Encore sur Internet Explorer ? Faites-vous une faveur, passez à un navigateur moderne :",
     "New":
@@ -87,7 +87,7 @@
     "FOR YOUR EYES ONLY. Don't close this window, this message can't be displayed again.":
         "POUR VOS YEUX UNIQUEMENT. Ne fermez pas cette fenêtre, ce paste ne pourra plus être affiché.",
     "Could not decrypt comment; Wrong key?":
-        "Umpossible de déchiffrer le commentaire ; mauvaise clé ?",
+        "Impossible de déchiffrer le commentaire ; mauvaise clé ?",
     "Reply":
         "Répondre",
     "Anonymous":
@@ -144,5 +144,17 @@
     "Your browser does not support uploading encrypted files. Please use a newer browser.":
         "Votre navigateur ne supporte pas l'envoi de fichiers chiffrés. Merci d'utiliser un navigateur plus récent.",
     "Invalid attachment.": "Attachement invalide.",
-    "Options": "Options"
+    "Options": "Options",
+    "Shorten URL": "Raccourcir URL",
+    "Editor": "Éditer",
+    "Preview": "Prévisualiser",
+    "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.":
+        "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.",
+    "Decrypt":
+        "Decrypt",
+    "Enter password":
+        "Entrez le mot de passe",
+    "Loading…": "Loading…",
+    "In case this message never disappears please have a look at <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">this FAQ for information to troubleshoot</a>.":
+        "In case this message never disappears please have a look at <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">this FAQ for information to troubleshoot</a> (in English)."
 }

i18n/it.json

@@ -0,0 +1,151 @@
+{
+    "PrivateBin": "PrivateBin",
+    "%s is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted <i>in the browser</i> using 256 bits AES. More information on the <a href=\"https://privatebin.info/\">project page</a>.":
+        "%s è un sistema di tipo \"Pastebin\" online, open source, minimalista. Il server non possiede alcuna conoscenza (\"Zero Knowledge\") del contenuto dei dati inviati. I dati sono cifrati/decifrati <i>nel Browser</i> con algoritmo AES a 256 Bit. Per ulteriori informazioni, vedi <a href=\"https://privatebin.info/\">Sito del progetto</a>.",
+    "Because ignorance is bliss":
+        "Perché l'ignoranza è una benedizione (Because ignorance is bliss)",
+    "en": "it",
+    "Paste does not exist, has expired or has been deleted.":
+        "Questo messaggio non esiste, è scaduto o è stato cancellato.",
+    "%s requires php 5.3.0 or above to work. Sorry.":
+        "%s richiede PHP 5.3.0 o superiore.",
+    "%s requires configuration section [%s] to be present in configuration file.":
+        "%s richiede la presenza della sezione [%s] nei file di configurazione.",
+    "Please wait %d seconds between each post.":
+        "Attendi per favore %d secondi prima di ciascun invio.",
+    "Paste is limited to %s of encrypted data.":
+        "La dimensione del messaggio è limitata a %s di dati cifrati.",
+    "Invalid data.":
+        "Dati non validi.",
+    "You are unlucky. Try again.":
+        "Riprova, sarai più fortunato.",
+    "Error saving comment. Sorry.":
+        "Errore durante il salvataggio del commento.",
+    "Error saving paste. Sorry.":
+        "Errore durante il salvataggio del messaggio.",
+    "Invalid paste ID.":
+        "ID-Messaggio non valido.",
+    "Paste is not of burn-after-reading type.":
+        "Il messaggio non è di tipo Distruggi-dopo-lettura.",
+    "Wrong deletion token. Paste was not deleted.":
+        "Codice cancellazione errato. Il messaggio NON è stato cancellato.",
+    "Paste was properly deleted.":
+        "Il messaggio è stato correttamente cancellato.",
+    "JavaScript is required for %s to work.<br />Sorry for the inconvenience.":
+        "%s funziona solo con JavaScript attivo.<br />Ci dispiace per l'inconveniente.",
+    "%s requires a modern browser to work.":
+        "%s richiede un browser moderno e aggiornato per funzionare.",
+    "Still using Internet Explorer? Do yourself a favor, switch to a modern browser:":
+        "Usi ancora Internet Explorer? Ti consigliamo di passare ad un browser più sicuro:",
+    "New":
+        "Nuovo",
+    "Send":
+        "Invia",
+    "Clone":
+        "Clona",
+    "Raw text":
+        "Testo Raw",
+    "Expires":
+        "Scade",
+    "Burn after reading":
+        "Distruggi dopo lettura",
+    "Open discussion":
+        "Apri discussione",
+    "Password (recommended)":
+        "Password (raccomandato)",
+    "Discussion":
+        "Discussione",
+    "Toggle navigation":
+        "Scambia Navigazione",
+    "%d seconds": ["%d secondo", "%d secondi"],
+    "%d minutes": ["%d minuto", "%d minuti"],
+    "%d hours": ["%d ora", "%d ore"],
+    "%d days": ["%d giorno", "%d giorni"],
+    "%d weeks": ["%d settimana", "%d settimane"],
+    "%d months": ["%d mese", "%d mesi"],
+    "%d years": ["%d anno", "%d anni"],
+    "Never":
+        "Mai",
+    "Note: This is a test service: Data may be deleted anytime. Kittens will die if you abuse this service.":
+        "Nota: questo è un servizio di prova, i dati possono essere cancellati in qualsiasi momento. Ti preghiamo di non abusare di questo servizio, grazie.",
+    "This document will expire in %d seconds.":
+        ["Questo documento scadrà tra un secondo.", "Questo documento scadrà in %d secondi."],
+    "This document will expire in %d minutes.":
+        ["Questo documento scadrà tra un minuto.", "Questo documento scadrà in %d minuti."],
+    "This document will expire in %d hours.":
+        ["Questo documento scadrà tra un'ora.", "Questo documento scadrà in %d ore."],
+    "This document will expire in %d days.":
+        ["Questo documento scadrà tra un giorno.", "Questo documento scadrà in %d giorni."],
+    "This document will expire in %d months.":
+        ["Questo documento scadrà tra un mese.", "Questo documento scadrà in %d mesi."],
+    "Please enter the password for this paste:":
+        "Inserisci la password per questo messaggio:",
+    "Could not decrypt data (Wrong key?)":
+        "Non riesco a decifrari i dati (Chiave errata?)",
+    "Could not delete the paste, it was not stored in burn after reading mode.":
+        "Non riesco a cancellare il messaggio, non è stato salvato in modalità Distruggi-dopo-lettora.",
+    "FOR YOUR EYES ONLY. Don't close this window, this message can't be displayed again.":
+        "FOR YOUR EYES ONLY. Non chiudere questa finestra, il messaggio non può essere visualizzato una seconda volta.",
+    "Could not decrypt comment; Wrong key?":
+        "Non riesco a decifrari il commento (Chiave errata?)",
+    "Reply":
+        "Rispondi",
+    "Anonymous":
+        "Anonimo",
+    "Anonymous avatar (Vizhash of the IP address)":
+        "Avatar Anonino (Vizhash dell'indirizzo IP)",
+    "Add comment":
+        "Aggiungi un commento",
+    "Optional nickname...":
+        "Nickname opzionale...",
+    "Post comment":
+        "Invia commento",
+    "Sending comment...":
+        "Commento in fase di invio...",
+    "Comment posted.":
+        "Commento inviato.",
+    "Could not refresh display: %s":
+        "Non riesco ad aggiornare il display: %s",
+    "unknown status":
+        "errore sconosciuto",
+    "server error or not responding":
+        "errore o mancata risposta dal server",
+    "Could not post comment: %s":
+        "Impossibile inviare il commento: %s",
+    "Sending paste (Please move your mouse for more entropy)...":
+        "Invio messaggio (Muovi il mouse in modo casuale, per generare maggior entropia)...",
+    "Sending paste...":
+        "Messaggio in fase di invio...",
+    "Your paste is <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Hit [Ctrl]+[c] to copy)</span>":
+        "Il tuo messaggio è qui: <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">([CTRL | CMD]+[C] per copiare il link)</span>",
+    "Delete data":
+        "Cancella i dati",
+    "Could not create paste: %s":
+        "Non rieco a creare il messaggio: %s",
+    "Cannot decrypt paste: Decryption key missing in URL (Did you use a redirector or an URL shortener which strips part of the URL?)":
+        "Non riesco a decifrare il messaggio: manca la chiave di decifrazione nell'URL (La chiave è parte integrante dell'URL. Per caso hai usato un Redirector o un altro servizio che ha rimosso una parte dell'URL?)",
+    "Format": "Formato",
+    "Plain Text": "Solo Testo",
+    "Source Code": "Codice Sorgente",
+    "Markdown": "Markdown",
+    "Download attachment": "Scarica Allegato",
+    "Cloned file attached.": "Copia del file allegata.",
+    "Attach a file": "Allega un file",
+    "Remove attachment": "Rimuovi allegato",
+    "Your browser does not support uploading encrypted files. Please use a newer browser.":
+        "Il tuo browser non supporta l'invio di file cifrati. Utilizza un browser più recente.",
+    "Invalid attachment.": "Allegato non valido.",
+    "Options": "Opzioni",
+    "Shorten URL": "Accorcia URL",
+    "Editor": "Editor",
+    "Preview": "Preview",
+    "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.":
+        "%s necessita che PATH termini con \"%s\". Aggiorna la variabile PATH nel tuo index.php.",
+    "Decrypt":
+        "Decrypt",
+    "Enter password":
+        "Inserisci la password",
+    "Loading…": "Loading…",
+    "In case this message never disappears please have a look at <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">this FAQ for information to troubleshoot</a>.":
+        "In case this message never disappears please have a look at <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">this FAQ for information to troubleshoot</a> (in English)."
+}

i18n/languages.json

@@ -122,7 +122,7 @@
     "pa": ["ਪੰਜਾਬੀ", "Punjabi"],
     "pi": ["पाऴि", "Pāli"],
     "fa": ["فارسی", "Persian"],
-    "pl": ["polszczyzna", "Polish"],
+    "pl": ["polski", "Polish"],
     "ps": ["پښتو", "Pashto"],
     "pt": ["português", "Portuguese"],
     "qu": ["Runa Simi", "Quechua"],

i18n/no.json

@@ -0,0 +1,151 @@
+{
+    "PrivateBin": "PrivateBin",
+    "%s is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted <i>in the browser</i> using 256 bits AES. More information on the <a href=\"https://privatebin.info/\">project page</a>.":
+        "%s er en minimalistisk, åpen kildekode, elektronisk tilgjengelig pastebin hvor serveren ikke har kunnskap om dataene som limes inn. Dataene krypteres/dekrypteres <i>i nettleseren</i> ved hjelp av 256 bits AES. Mer informasjon om prosjektet på  <a href=\"https://privatebin.info/\">prosjektsiden</a>.",
+    "Because ignorance is bliss":
+        "Fordi uvitenhet er lykke",
+    "en": "no",
+    "Paste does not exist, has expired or has been deleted.":
+        "Innlegget eksisterer ikke, er utløpt eller har blitt slettet.",
+    "%s requires php 5.3.0 or above to work. Sorry.":
+        "Beklager, %s krever php 5.3.0 eller nyere for å kjøre.",
+    "%s requires configuration section [%s] to be present in configuration file.":
+        "%s krever konfigurasjonsdel [%s] å være til stede i konfigurasjonsfilen .",
+    "Please wait %d seconds between each post.":
+        "Vennligst vent %d sekunder mellom hvert innlegg.",
+    "Paste is limited to %s of encrypted data.":
+        "Innlegg er begrenset til %s av kryptert data.",
+    "Invalid data.":
+        "Ugyldige data.",
+    "You are unlucky. Try again.":
+        "Du er uheldig. Prøv igjen.",
+    "Error saving comment. Sorry.":
+        "Beklager, det oppstod en feil ved lagring kommentar.",
+    "Error saving paste. Sorry.":
+        "Beklager, det oppstod en feil ved lagring innlegg.",
+    "Invalid paste ID.":
+        "Feil innlegg ID.",
+    "Paste is not of burn-after-reading type.":
+        "Innlegg er ikke av type slett-etter-lesing.",
+    "Wrong deletion token. Paste was not deleted.":
+        "Feil slettingsnøkkel. Innlegg ble ikke fjernet.",
+    "Paste was properly deleted.":
+        "Innlegget er slettet.",
+    "JavaScript is required for %s to work.<br />Sorry for the inconvenience.":
+        "Javascript kreves for at %s skal fungere<br />Beklager ulempene.",
+    "%s requires a modern browser to work.":
+        "%s krever en moderne nettleser for å fungere.",
+    "Still using Internet Explorer? Do yourself a favor, switch to a modern browser:":
+        "Fortsatt bruker av Internet Explorer? Gjør deg selv en tjeneste og bytt til en moderne nettleser:",
+    "New":
+        "Ny",
+    "Send":
+        "Send",
+    "Clone":
+        "Kopier",
+    "Raw text":
+        "Ren tekst",
+    "Expires":
+        "Utgår",
+    "Burn after reading":
+        "Slett etter lesing",
+    "Open discussion":
+        "Åpen diskusjon",
+    "Password (recommended)":
+        "Passord (anbefalt)",
+    "Discussion":
+        "Diskusjon",
+    "Toggle navigation":
+        "Veksle navigasjon",
+    "%d seconds": ["%d sekund", "%d sekunder"],
+    "%d minutes": ["%d minutt", "%d minutter"],
+    "%d hours": ["%d time", "%d timer"],
+    "%d days": ["%d dag", "%d dager"],
+    "%d weeks": ["%d uke", "%d uker"],
+    "%d months": ["%d måned", "%d måneder"],
+    "%d years": ["%d år", "%d år"],
+    "Never":
+        "Aldri",
+    "Note: This is a test service: Data may be deleted anytime. Kittens will die if you abuse this service.":
+        "Merk: Dette er en test tjeneste: Data kan slettes når som helst. Kattunger vil dø hvis du misbruker denne tjenesten.",
+    "This document will expire in %d seconds.":
+        ["Dette dokumentet vil utløpe om %d sekund.", "Dette dokumentet vil utløpe om %d sekunder."],
+    "This document will expire in %d minutes.":
+        ["Dette dokumentet vil utløpe om %d minutt.", "Dette dokumentet vil utløpe om %d minutter."],
+    "This document will expire in %d hours.":
+        ["Dette dokumentet vil utløpe om %d time.", "Dette dokumentet vil utløpe om %d timer."],
+    "This document will expire in %d days.":
+        ["Dette dokumentet vil utløpe om %d dag.", "Dette dokumentet vil utløpe om %d dager."],
+    "This document will expire in %d months.":
+        ["Dette dokumentet vil utløpe om %d måned.", "Dette dokumentet vil utløpe om %d måneder."],
+    "Please enter the password for this paste:":
+        "Vennligst skriv inn passordet for dette innlegget:",
+    "Could not decrypt data (Wrong key?)":
+        "Kunne ikke dekryptere data (Feil nøkkel?)",
+    "Could not delete the paste, it was not stored in burn after reading mode.":
+        "Kan ikke slette innlegget, det ble ikke lagret i slett-etter-les modus.",
+    "FOR YOUR EYES ONLY. Don't close this window, this message can't be displayed again.":
+        "KUN FOR DINE ØYNE. Ikke lukk dette vinduet, denne meldingen kan ikke bli vist igjen.",
+    "Could not decrypt comment; Wrong key?":
+        "Kan ikke dekryptere kommentar; Feil nøkkel?",
+    "Reply":
+        "Svar",
+    "Anonymous":
+        "Anonym",
+    "Anonymous avatar (Vizhash of the IP address)":
+        "Anonym avatar (Vizhash av IP adressen)",
+    "Add comment":
+        "Legg til kommentar",
+    "Optional nickname...":
+        "Valgfritt kallenavn...",
+    "Post comment":
+        "Send kommentar",
+    "Sending comment...":
+        "Sender Kommentar...",
+    "Comment posted.":
+        "Kommentar sendt.",
+    "Could not refresh display: %s":
+        "Kunne ikke oppdatere skjermen: %s",
+    "unknown status":
+        "ukjent status",
+    "server error or not responding":
+        "server feilet eller svarer ikke",
+    "Could not post comment: %s":
+        "Kunne ikke sende kommentar: %s",
+    "Sending paste (Please move your mouse for more entropy)...":
+        "Sender innlegg (Flytt musen for mere entropi)...",
+    "Sending paste...":
+        "Sender innlegg...",
+    "Your paste is <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Hit [Ctrl]+[c] to copy)</span>":
+        "Ditt innlegg er <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Trykk [Ctrl]+[c] for å kopiere)</span>",
+    "Delete data":
+        "Slett data",
+    "Could not create paste: %s":
+        "Kunne ikke opprette innlegg: %s",
+    "Cannot decrypt paste: Decryption key missing in URL (Did you use a redirector or an URL shortener which strips part of the URL?)":
+        "Kan ikke dekryptere innlegg: Dekrypteringsnøkkelen mangler i adressen (Har du bruket en redirector eller en URL forkorter som fjerner en del av addressen?)",
+    "Format": "Format",
+    "Plain Text": "Ren Tekst",
+    "Source Code": "Kildekode",
+    "Markdown": "Oppmerket",
+    "Download attachment": "Last ned vedlegg",
+    "Cloned file attached.": "Kopier vedlegg.",
+    "Attach a file": "Legg til fil",
+    "Remove attachment": "Slett vedlegg",
+    "Your browser does not support uploading encrypted files. Please use a newer browser.":
+        "Nettleseren din støtter ikke å laste opp krypterte filer. Vennligst bruk en nyere nettleser.",
+    "Invalid attachment.": "Ugyldig vedlegg.",
+    "Options": "Alternativer",
+    "Shorten URL": "Adresse-forkorter",
+    "Editor": "Rediger",
+    "Preview": "Forhåndsvis",
+    "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.":
+        "%s krever at PATH ender på \"%s\". Vennligst oppdater PATH i index.php.",
+    "Decrypt":
+        "Dekrypter",
+    "Enter password":
+        "Skriv inn passord",
+    "Loading…": "Laster…",
+    "In case this message never disappears please have a look at <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">this FAQ for information to troubleshoot</a>.":
+        "Hvis denne meldingen ikke forsvinner kan du ta en titt på siden med <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">ofte stilte spørsmål</a> for informasjon om feilsøking."
+}

i18n/oc.json

@@ -0,0 +1,160 @@
+{
+    "PrivateBin": "PrivateBin",
+    "%s is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted <i>in the browser</i> using 256 bits AES. More information on the <a href=\"https://privatebin.info/\">project page</a>.":
+        "%s es un 'pastebin' (o gestionari d'extrachs de tèxte e còdi font) minimalista e open source, dins lo qual lo servidor a pas cap de coneissença de las donadas mandadas. Las donadas son chifradas/deschifradas <i>dins lo navigator</i> per un chiframent AES 256 bits. Mai informacions sus <a href=\"https://privatebin.info/\">la pagina del projècte</a>.",
+    "Because ignorance is bliss":
+        "Perque l'ignorància es bonaür",
+    "en": "oc",
+    "Paste does not exist, has expired or has been deleted.":
+        "Lo tèxte existís pas, a expirat, o es estat suprimit.",
+    "%s requires php 5.3.0 or above to work. Sorry.":
+        "O planhèm, %s necessita php 5.3.0 o superior per foncionar.",
+    "%s requires configuration section [%s] to be present in configuration file.":
+        "%s fa besonh de la seccion de configuracion [%s] dins lo fichièr de configuracion per foncionar.",
+    "Please wait %d seconds between each post.":
+        "Mercés d'esperar %d segondas entre cada publicacion.",
+    "Paste is limited to %s of encrypted data.":
+        "Lo tèxte es limitat a %s de donadas chifradas.",
+    "Invalid data.":
+        "Donadas invalidas.",
+    "You are unlucky. Try again.":
+        "Pas cap de fortuna. Tornatz ensajar.",
+    "Error saving comment. Sorry.":
+        "Error al moment de salvagardar lo comentari. O planhèm.",
+    "Error saving paste. Sorry.":
+        "Error al moment de salvagardar lo tèxte. O planhèm.",
+    "Invalid paste ID.":
+        "ID del tèxte invalid.",
+    "Paste is not of burn-after-reading type.":
+        "Lo tèxte es pas del tip \"Escafar aprèp lectura\".",
+    "Wrong deletion token. Paste was not deleted.":
+        "Geton de supression incorrècte. Lo tèxte es pas estat suprimit.",
+    "Paste was properly deleted.":
+        "Lo tèxte es estat correctament suprimit.",
+    "JavaScript is required for %s to work.<br />Sorry for the inconvenience.":
+        "JavaScript es requesit per far foncionar %s. <br />O planhèm per l'inconvenient.",
+    "%s requires a modern browser to work.":
+        "%s necessita un navigator modèrn per foncionar.",
+    "Still using Internet Explorer? Do yourself a favor, switch to a modern browser:":
+        "Encora sus Internet Explorer ? Fasètz-vos una favor, passatz a un navigator modèrn :",
+    "New":
+        "Nòu",
+    "Send":
+        "Mandar",
+    "Clone":
+        "Clonar",
+    "Raw text":
+        "Tèxte brut",
+    "Expires":
+        "Expira",
+    "Burn after reading":
+        "Escafar aprèp lectura",
+    "Open discussion":
+        "Autorizar la discussion",
+    "Password (recommended)":
+        "Senhal (recomandat)",
+    "Discussion":
+        "Discussion",
+    "Toggle navigation":
+        "Virar la navigacion",
+    "%d seconds": ["%d segonda", "%d segondas"],
+    "%d minutes": ["%d minuta", "%d minutas"],
+    "%d hours": ["%d ora", "%d oras"],
+    "%d days": ["%d jorn", "%d jorns"],
+    "%d weeks": ["%d setmana", "%d setmanas"],
+    "%d months": ["%d mes", "%d meses"],
+    "%d years": ["%d an", "%d ans"],
+    "Never":
+        "Jamai",
+    "Note: This is a test service: Data may be deleted anytime. Kittens will die if you abuse this service.":
+        "Nota : Aquò es un servici d'espròva : las donadas pòdon èsser suprimidas a cada moment. De catons moriràn s'abusatz d'aqueste servici.",
+    "This document will expire in %d seconds.":
+        ["Ce document expirera dans %d seconde.", "Aqueste document expirarà dins %d segondas."],
+    "This document will expire in %d minutes.":
+        ["Ce document expirera dans %d minute.", "Aqueste document expirarà dins %d minutas."],
+    "This document will expire in %d hours.":
+        ["Ce document expirera dans %d heure.", "Aqueste document expirarà dins %d oras."],
+    "This document will expire in %d days.":
+        ["Ce document expirera dans %d jour.", "Aqueste document expirarà dins %d jorns."],
+    "This document will expire in %d months.":
+        ["Ce document expirera dans %d mois.", "Aqueste document expirarà dins %d meses."],
+    "Please enter the password for this paste:":
+        "Picatz lo senhal per aqueste tèxte :",
+    "Could not decrypt data (Wrong key?)":
+        "Impossible de deschifrar las donadas (marrida clau ?)",
+    "Could not delete the paste, it was not stored in burn after reading mode.":
+        "Impossible de suprimir lo tèxte, perque es pas estat gardat en mòde \"Escafar aprèp lectura\".",
+    "FOR YOUR EYES ONLY. Don't close this window, this message can't be displayed again.":
+        "PER VÒSTRES UÈLHS SOLAMENT. Tampetz pas aquesta fenèstra, aqueste tèxte poirà pas mai èsser afichat.",
+    "Could not decrypt comment; Wrong key?":
+        "Impossible de deschifrar lo comentari ; marrida clau ?",
+    "Reply":
+        "Respondre",
+    "Anonymous":
+        "Anonime",
+    "Anonymous avatar (Vizhash of the IP address)":
+        "Avatar anonime (Vizhash de l'adreça IP)",
+    "Add comment":
+        "Apondre un comentari",
+    "Optional nickname...":
+        "Escais opcional...",
+    "Post comment":
+        "Mandar lo comentari",
+    "Sending comment...":
+        "Mandadís del comentari...",
+    "Comment posted.":
+        "Comentari mandat.",
+    "Could not refresh display: %s":
+        "Impossible d'actualizar l'afichatge : %s",
+    "unknown status":
+        "Estatut desconegut",
+    "server error or not responding":
+        "Lo servidor respond pas o a rencontrat una error",
+    "Could not post comment: %s":
+        "Impossible de mandar lo comentari : %s",
+    "Sending paste (Please move your mouse for more entropy)...":
+        "Mandadís del tèxte (Mercés de bolegar vòstra mirga per mai entropia)...",
+    "Sending paste...":
+        "Mandadís del tèxte...",
+    "Your paste is <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Hit [Ctrl]+[c] to copy)</span>":
+        "Vòstre tèxte es disponible a l'adreça <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Picatz sus [Ctrl]+[c] per copiar)</span>",
+    "Delete data":
+        "Supprimir las donadas del tèxte",
+    "Could not create paste: %s":
+        "Impossible de crear lo tèxte : %s",
+    "Cannot decrypt paste: Decryption key missing in URL (Did you use a redirector or an URL shortener which strips part of the URL?)":
+        "Impossible de deschifrar lo tèxte : Clau de deschiframent absenta de l'URL (Avètz utilizat un redirector o un site de reduccion d'URL que suprimís una partida de l'URL ?)",
+    "B": "o",
+    "KiB": "Kio",
+    "MiB": "Mio",
+    "GiB": "Gio",
+    "TiB": "Tio",
+    "PiB": "Pio",
+    "EiB": "Eio",
+    "ZiB": "Zio",
+    "YiB": "Yio",
+    "Format": "Format",
+    "Plain Text": "Tèxte brut",
+    "Source Code": "Còdi font",
+    "Markdown": "Markdown",
+    "Download attachment": "Telecargar la pèça junta",
+    "Cloned file attached.": "Clonar lo fichièr junt.",
+    "Attach a file": "Juntar un fichièr ",
+    "Remove attachment": "Levar la pèca junta",
+    "Your browser does not support uploading encrypted files. Please use a newer browser.":
+        "Vòstre navigator es pas compatible amb lo mandadís de fichièrs chifrats. Mercés d'emplegar un navigator mai recent.",
+    "Invalid attachment.": "Pèça junta invalida.",
+    "Options": "Opcions",
+    "Shorten URL": "Acorchir l'URL",
+    "Editor": "Editar",
+    "Preview": "Previsualizar",
+    "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.":
+        "%s demanda que lo PATH termine en \"%s\". Mercés de metre a jorn lo PATH dins vòstre index.php.",
+    "Decrypt":
+        "Deschifrar",
+    "Enter password":
+        "Picatz lo senhal",
+    "Loading…": "Cargament…",
+    "In case this message never disappears please have a look at <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">this FAQ for information to troubleshoot</a>.":
+        "Se per cas aqueste messatge quita pas de s'afichar mercés de gaitar <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">aquesta FAQ per las solucions</a> (en Anglés)."
+}

i18n/pl.json

@@ -1,11 +1,16 @@
 {
+    "PrivateBin": "PrivateBin",
+    "%s is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted <i>in the browser</i> using 256 bits AES. More information on the <a href=\"https://privatebin.info/\">project page</a>.":
+        "%s jest minimalistycznym, otwartoźródłowym serwisem typu pastebin, w którym serwer nie ma jakichkolwiek informacji o tym, co jest wklejane. Dane są szyfrowane i deszyfrowane <i>w przeglądarce</i> z użyciem 256-bitowego klucza AES. Więcej informacji na <a href=\"https://privatebin.info/\">stronie projektu</a>.",
+    "Because ignorance is bliss":
+        "Ponieważ ignorancja jest cnotą",
     "en": "pl",
     "Paste does not exist, has expired or has been deleted.":
         "Wklejka nie istnieje, wygasła albo została usunięta.",
-    "ZeroBin requires php 5.2.6 or above to work. Sorry.":
-        "ZeroBin wymaga PHP w wersji 5.2.6 lub nowszej, sorry.",
-    "ZeroBin requires configuration section [%s] to be present in configuration file.":
-        "ZeroBin wymaga obecności sekcji [%s] w pliku konfiguracyjnym.",
+    "%s requires php 5.3.0 or above to work. Sorry.":
+        "%s wymaga PHP w wersji 5.3.0 lub nowszej, sorry.",
+    "%s requires configuration section [%s] to be present in configuration file.":
+        "%s wymaga obecności sekcji [%s] w pliku konfiguracyjnym.",
     "Please wait %d seconds between each post.":
         "Poczekaj %d sekund pomiędzy każdą wklejką.",
     "Paste is limited to %s of encrypted data.":
@@ -26,15 +31,10 @@
         "Nieprawidłowy token usuwania. Wklejka nie została usunięta.",
     "Paste was properly deleted.":
         "Wklejka usunięta poprawnie.",
-    "ZeroBin": "ZeroBin",
-    "ZeroBin is a minimalist, opensource online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted <i>in the browser</i> using 256 bits AES. More information on the <a href=\"https://github.com/elrido/ZeroBin/wiki\">project page</a>.":
-        "ZeroBin jest minimalistycznym, otwartoźródłowym serwisem typu pastebin, w którym serwer nie ma jakichkolwiek informacji o tym, co jest wklejane. Dane są szyfrowane i deszyfrowane <i>w przeglądarce</i> z użyciem 256-bitowego klucza AES. Więcej informacji na <a href=\"https://github.com/elrido/ZeroBin/wiki\">stronie projektu</a>.",
-    "Because ignorance is bliss":
-        "Ponieważ ignorancja jest cnotą",
-    "Javascript is required for ZeroBin to work.<br />Sorry for the inconvenience.":
-        "Do działania ZeroBina jest wymagany JavaScript. Przepraszamy za tę niedogodność.",
-    "ZeroBin requires a modern browser to work.":
-        "ZeroBin wymaga do działania nowoczesnej przeglądarki.",
+    "JavaScript is required for %s to work.<br />Sorry for the inconvenience.":
+        "Do działania %sa jest wymagany JavaScript. Przepraszamy za tę niedogodność.",
+    "%s requires a modern browser to work.":
+        "%s wymaga do działania nowoczesnej przeglądarki.",
     "Still using Internet Explorer? Do yourself a favor, switch to a modern browser:":
         "Cały czas używasz Internet Explorera? Zrób sobie przysługę, przesiądź się na nowoczesną przeglądarkę:",
     "New":
@@ -46,7 +46,7 @@
     "Raw text":
         "Czysty tekst",
     "Expires":
-        "Wygasa",
+        "Wygasa za",
     "Burn after reading":
         "Zniszcz po przeczytaniu",
     "Open discussion":
@@ -59,81 +59,93 @@
         "Przełącz nawigację",
     "%d seconds": ["%d second", "%d second", "%d second"],
     "%d minutes": ["%d minut", "%d minut", "%d minut"],
-    "%d hours": ["%d godzina", "%d godzina", "%d godzina"],
+    "%d hours": ["%d godzina", "%d godzina", "%d godzinę"],
     "%d days": ["%d dzień", "%d dzień", "%d dzień"],
     "%d weeks": ["%d tydzień", "%d tydzień", "%d tydzień"],
     "%d months": ["%d miesiąc", "%d miesiąc", "%d miesiąc"],
     "%d years": ["%d rok", "%d rok", "%d rok"],
     "Never":
-        "Nigdy",
+        "nigdy",
     "Note: This is a test service: Data may be deleted anytime. Kittens will die if you abuse this service.":
         "Notka: To jest usługa testowa. Dane mogą zostać usunięte w dowolnym momencie. Kociątka umrą, jeśli nadużyjesz tej usługi.",
     "This document will expire in %d seconds.":
-        ["This document will expire in %d second.", "This document will expire in %d seconds."],
+        ["Ten dokument wygaśnie za %d sekundę.", "Ten dokument wygaśnie za %d sekund."],
     "This document will expire in %d minutes.":
-        ["This document will expire in %d minute.", "This document will expire in %d minutes."],
+        ["Ten dokument wygaśnie za %d minutę.", "Ten dokument wygaśnie za %d minut."],
     "This document will expire in %d hours.":
-        ["This document will expire in %d hour.", "This document will expire in %d hours."],
+        ["Ten dokument wygaśnie za godzinę.", "Ten dokument wygaśnie za %d godzin."],
     "This document will expire in %d days.":
-        ["This document will expire in %d day.", "This document will expire in %d days."],
+        ["Ten dokument wygaśnie za %d dzień.", "Ten dokument wygaśnie za %d dni."],
     "This document will expire in %d months.":
-        ["This document will expire in %d month.", "This document will expire in %d months."],
+        ["Ten dokument wygaśnie za miesiąc.", "Ten dokument wygaśnie za %d miesięcy."],
     "Please enter the password for this paste:":
-        "Please enter the password for this paste:",
+        "Wpisz hasło dla tej wklejki:",
     "Could not decrypt data (Wrong key?)":
-        "Could not decrypt data (Wrong key?)",
+        "Nie udało się odszyfrować danych (zły klucz?)",
     "Could not delete the paste, it was not stored in burn after reading mode.":
-        "Could not delete the paste, it was not stored in burn after reading mode.",
+        "Nie udało się usunąć wklejki, nie została zapisana w trybie zniszczenia po przeczytaniu.",
     "FOR YOUR EYES ONLY. Don't close this window, this message can't be displayed again.":
-        "FOR YOUR EYES ONLY. Don't close this window, this message can't be displayed again.",
+        "TYLKO DO TWOJEGO WGLĄDU. Nie zamykaj tego okna, ta wiadomość nie będzie mogła być wyświetlona ponownie.",
     "Could not decrypt comment; Wrong key?":
-        "Could not decrypt comment; Wrong key?",
+        "Nie udało się odszyfrować komentarza; zły klucz?",
     "Reply":
-        "Reply",
+        "Odpowiedz",
     "Anonymous":
-        "Anonymous",
+        "Anonim",
     "Anonymous avatar (Vizhash of the IP address)":
-        "Anonymous avatar (Vizhash of the IP address)",
+        "Anonimowy avatar (Vizhash z adresu IP)",
     "Add comment":
-        "Add comment",
+        "Dodaj komentarz",
     "Optional nickname...":
-        "Optional nickname...",
+        "Opcjonalny nick...",
     "Post comment":
-        "Post comment",
+        "Wyślij komentarz",
     "Sending comment...":
-        "Sending comment...",
+        "Wysyłanie komentarza...",
     "Comment posted.":
-        "Comment posted.",
+        "Wysłano komentarz.",
     "Could not refresh display: %s":
-        "Could not refresh display: %s",
+        "Nie można odświeżyć widoku: %s",
     "unknown status":
-        "unknown status",
+        "nieznany status",
     "server error or not responding":
-        "server error or not responding",
+        "bląd serwera lub brak odpowiedzi",
     "Could not post comment: %s":
-        "Could not post comment: %s",
+        "Nie udało się wysłać komentarza: %s",
     "Sending paste (Please move your mouse for more entropy)...":
-        "Sending paste (Please move your mouse for more entropy)...",
+        "Wysyłanie wklejki (proszę poruszać myszą aby uzyskać większą entropię)...",
     "Sending paste...":
-        "Sending paste...",
+        "Wysyłanie wklejki...",
     "Your paste is <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Hit [Ctrl]+[c] to copy)</span>":
-        "Your paste is <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Hit [Ctrl]+[c] to copy)</span>",
+        "Twoja wklejka to <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(wciśnij [Ctrl]+[c] aby skopiować)</span>",
     "Delete data":
-        "Delete data",
+        "Skasuj dane",
     "Could not create paste: %s":
-        "Could not create paste: %s",
+        "Nie udało się utworzyć wklejki: %s",
     "Cannot decrypt paste: Decryption key missing in URL (Did you use a redirector or an URL shortener which strips part of the URL?)":
-        "Cannot decrypt paste: Decryption key missing in URL (Did you use a redirector or an URL shortener which strips part of the URL?)",
+        "Nie udało się odszyfrować wklejki - brak klucza deszyfrującego w adresie (użyłeś skracacza linków, który ucina część adresu?)",
     "Format": "Format",
-    "Plain Text": "Plain Text",
-    "Source Code": "Source Code",
+    "Plain Text": "Czysty tekst",
+    "Source Code": "Kod źródłowy",
     "Markdown": "Markdown",
-    "Download attachment": "Download attachment",
-    "Cloned file attached.": "Cloned file attached.",
-    "Attach a file": "Attach a file",
-    "Remove attachment": "Remove attachment",
+    "Download attachment": "Pobierz załącznik",
+    "Cloned file attached.": "Sklonowano załączony plik.",
+    "Attach a file": "Załącz plik",
+    "Remove attachment": "Usuń załącznik",
     "Your browser does not support uploading encrypted files. Please use a newer browser.":
-        "Your browser does not support uploading encrypted files. Please use a newer browser.",
-    "Invalid attachment.": "Invalid attachment.",
-    "Options": "Options"
+        "Twoja przeglądarka nie wspiera wysyłania zaszyfrowanych plików. Użyj nowszej przeglądarki.",
+    "Invalid attachment.": "Nieprawidłowy załącznik.",
+    "Options": "Opcje",
+    "Shorten URL": "Skróć adres URL",
+    "Editor": "Edytować",
+    "Preview": "Zapowiedź",
+    "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.":
+        "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.",
+    "Decrypt":
+        "Decrypt",
+    "Enter password":
+        "Wpisz hasło",
+    "Loading…": "Loading…",
+    "In case this message never disappears please have a look at <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">this FAQ for information to troubleshoot</a>.":
+        "In case this message never disappears please have a look at <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">this FAQ for information to troubleshoot</a> (in English)."
 }

i18n/ru.json

@@ -0,0 +1,159 @@
+{
+    "PrivateBin": "PrivateBin",
+    "%s is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted <i>in the browser</i> using 256 bits AES. More information on the <a href=\"https://privatebin.info/\">project page</a>.":
+        "%s это минималистичный Open Source проект для создания заметок, где сервер не знает ничего о сохраняемых данных. Данные шифруются/расшифровываются <i>в браузере</i> с использованием 256 битного шифрования AES. Подробнее можно узнать на <a href=\"https://privatebin.info/\">сайте проекта</a>.",
+    "Because ignorance is bliss":
+        "Потому что неведение - благо",
+    "en": "ru",
+    "Paste does not exist, has expired or has been deleted.":
+        "Запись не существует, просрочена или была удалена.",
+    "%s requires php 5.3.0 or above to work. Sorry.":
+        "Для работы %s требуется PHP 5.3.0 или выше. Извините.",
+    "%s requires configuration section [%s] to be present in configuration file.":
+        "%s необходимо наличие секции [%s] в конфигурационном файле.",
+    "Please wait %d seconds between each post.":
+        ["Пожалуйста ожидайте %d секунду между каждыми записями.", "Пожалуйста ожидайте %d секунды между каждыми записями.", "Пожалуйста ожидайте %d секунд между каждыми записями."],
+    "Paste is limited to %s of encrypted data.":
+        "Размер записи ограничен %s зашифрованных данных.",
+    "Invalid data.":
+        "Неверные данные.",
+    "You are unlucky. Try again.":
+        "Вам не повезло. Попробуйте еще раз.",
+    "Error saving comment. Sorry.":
+        "Ошибка при сохранении комментария. Извините.",
+    "Error saving paste. Sorry.":
+        "Ошибка при сохранении записи. Извините.",
+    "Invalid paste ID.":
+        "Неверный ID записи.",
+    "Paste is not of burn-after-reading type.":
+        "Тип записи не \"Удалить после прочтения\".",
+    "Wrong deletion token. Paste was not deleted.":
+        "Неверный ключ удаления записи. Запись не удалена",
+    "Paste was properly deleted.":
+        "Запись была успешно удалена.",
+    "JavaScript is required for %s to work.<br />Sorry for the inconvenience.":
+        "Для работы %s требуется включенный JavaScript.<br />Приносим извинения за неудобства..",
+    "%s requires a modern browser to work.":
+        "Для работы %s требуется более современный браузер.",
+    "Still using Internet Explorer? Do yourself a favor, switch to a modern browser:":
+        "До сих пор используете Internet Explorer? Пожалейте себя, перейдите на более современный браузер:",
+    "New":
+        "Новая запись",
+    "Send":
+        "Отправить",
+    "Clone":
+        "Дублировать",
+    "Raw text":
+        "Исходный текст",
+    "Expires":
+        "Удалить через",
+    "Burn after reading":
+        "Удалить после прочтения",
+    "Open discussion":
+        "Открыть обсуждение",
+    "Password (recommended)":
+        "Пароль (рекомендуется)",
+    "Discussion":
+        "Обсуждение",
+    "Toggle navigation":
+        "Переключить навигацию",
+    "%d seconds": ["%d секунду", "%d секунды", "%d секунд"],
+    "%d minutes": ["%d минуту", "%d минуты", "%d минут"],
+    "%d hours": ["%d час", "%d часа", "%d часов"],
+    "%d days": ["%d день", "%d дня", "%d дней"],
+    "%d weeks": ["%d неделю", "%d недели", "%d недель"],
+    "%d months": ["%d месяц", "%d месяца", "%d месяцев"],
+    "%d years": ["%d год", "%d года", "%d лет"],
+    "Never":
+        "Никогда",
+    "Note: This is a test service: Data may be deleted anytime. Kittens will die if you abuse this service.":
+        "Примечание: Этот сервис тестовый: Данные могут быть удалены в любое время. Котята умрут, если вы будете злоупотреблять серсисом.",
+    "This document will expire in %d seconds.":
+        ["Документ будет удален через %d секунду.", "Документ будет удален через %d секунды.", "Документ будет удален через %d секунд."],
+    "This document will expire in %d minutes.":
+        ["Документ будет удален через %d минуту.", "Документ будет удален через %d минуты.", "Документ будет удален через %d минут."],
+    "This document will expire in %d hours.":
+        ["Документ будет удален через %d час.", "Документ будет удален через %d часа.", "Документ будет удален через %d часов."],
+    "This document will expire in %d days.":
+        ["Документ будет удален через %d день.", "Документ будет удален через %d дня.", "Документ будет удален через %d дней."],
+    "This document will expire in %d months.":
+        ["Документ будет удален через %d месяц.", "Документ будет удален через %d месяца.", "Документ будет удален через %d месяцев."],
+    "Please enter the password for this paste:":
+        "Пожалуйста введите пароль от записи:",
+    "Could not decrypt data (Wrong key?)":
+        "Невозможно расшифровать данные (Неверный ключ?)",
+    "Could not delete the paste, it was not stored in burn after reading mode.":
+        "Невозможно удалить запись, она не была сохранена в режиме удаления после прочтения",
+    "FOR YOUR EYES ONLY. Don't close this window, this message can't be displayed again.":
+        "ТОЛЬКО ДЛЯ ВАШИХ ГЛАЗ. Не закрывайте это окно, это сообщение не может быть показано снова.",
+    "Could not decrypt comment; Wrong key?":
+        "Невозможно расшифровать комментарий; Неверный ключ?",
+    "Reply":
+        "Ответить",
+    "Anonymous":
+        "Аноним",
+    "Anonymous avatar (Vizhash of the IP address)":
+        "Анонимный аватар (Vizhash IP адреса)",
+    "Add comment":
+        "Добавить комментарий",
+    "Optional nickname...":
+        "Опциональный никнейм...",
+    "Post comment":
+        "Отправить комментарий",
+    "Sending comment...":
+        "Отправка комментария...",
+    "Comment posted.":
+        "Комментарий опубликован.",
+    "Could not refresh display: %s":
+        "Невозможно обновить данные: %s",
+    "unknown status":
+        "неизвестная причина",
+    "server error or not responding":
+        "ошибка сервера или нет ответа",
+    "Could not post comment: %s":
+        "Не удалось опубликовать комментарий: %s",
+    "Sending paste (Please move your mouse for more entropy)...":
+        "Отправка записи (Пожалуйста двигайте мышкой для большей энтропии)...",
+    "Sending paste...":
+        "Отправка записи...",
+    "Your paste is <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Hit [Ctrl]+[c] to copy)</span>":
+        "Ссылка на запись <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Нажмите [Ctrl]+[c] чтобы скопировать ссылку)</span>",
+    "Delete data":
+        "Удалить запись",
+    "Could not create paste: %s":
+        "Не удалось опубликовать запись: %s",
+    "Cannot decrypt paste: Decryption key missing in URL (Did you use a redirector or an URL shortener which strips part of the URL?)":
+        "Невозможно расшифровать запись: Ключ расшифровки отсутствует в ссылке (Может быть вы используете сокращатель ссылок, который удаляет часть ссылки?)",
+    "B": "байт",
+    "KiB": "Кбайт",
+    "MiB": "Мбайт",
+    "GiB": "Гбайт",
+    "TiB": "Тбайт",
+    "PiB": "Пбайт",
+    "EiB": "Эбайт",
+    "ZiB": "Збайт",
+    "YiB": "Йбайт",
+    "Format": "Формат",
+    "Plain Text": "Обычный текст",
+    "Source Code": "Исходный код",
+    "Markdown": "Язык разметки",
+    "Download attachment": "Скачать прикрепленный файл",
+    "Cloned file attached.": "Дубль файла прикреплен.",
+    "Attach a file": "Прикрепить файл",
+    "Remove attachment": "Удалить вложение",
+    "Your browser does not support uploading encrypted files. Please use a newer browser.":
+        "Ваш браузер не поддерживает отправку зашифрованных файлов. Используйте более новый браузер.",
+    "Invalid attachment.": "Неизвестное вложение.",
+    "Options": "Опции",
+    "Shorten URL": "Короткая ссылка",
+    "Editor": "Редактор",
+    "Preview": "Предпросмотр",
+    "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.":
+        "Переменная PATH необходима %s в конце \"%s\". Пожалуйста обновите переменную PATH в вашем index.php.",
+    "Decrypt":
+        "Расшифровать",
+    "Enter password":
+        "Введите пароль",
+    "Uploading paste… Please wait.":
+        "Отправка записи... Пожалуйста подождите."
+}

i18n/sl.json

@@ -0,0 +1,160 @@
+{
+    "PrivateBin": "PrivateBin",
+    "%s is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted <i>in the browser</i> using 256 bits AES. More information on the <a href=\"https://privatebin.info/\">project page</a>.":
+        "%s je minimalističen, odprtokodni spletni 'pastebin', kjer server ne ve ničesar o prilepljenih podatkih. Podatki so zakodirani/odkodirani <i>v brskalniku</i> z uporabo 256 bitnega AES. Več informacij na < href=\"https://privatebin.info/\">spletni strani projekta.</a>.",
+    "Because ignorance is bliss":
+        "Ker kar ne veš ne boli.",
+    "en": "sl",
+    "Paste does not exist, has expired or has been deleted.":
+        "Prilepek ne obstaja, mu je potekla življenjska doba, ali pa je izbrisan.",
+    "%s requires php 5.3.0 or above to work. Sorry.":
+        "Oprosti, %s za delovanje potrebuje vsaj php 5.3.0.",
+    "%s requires configuration section [%s] to be present in configuration file.":
+        "%s potrebuje sekcijo konfiguracij [%s] v konfiguracijski datoteki.",
+    "Please wait %d seconds between each post.":
+        "Prosim počakaj vsaj %d sekund pred vsako naslednjo objavo.",
+    "Paste is limited to %s of encrypted data.":
+        "Velikost prilepka je omejena na %s zakodiranih podatkov.",
+    "Invalid data.":
+        "Neveljavni podatki.",
+    "You are unlucky. Try again.":
+        "Nimaš sreče, poskusi ponovno.",
+    "Error saving comment. Sorry.":
+        "Nekaj je šlo narobe pri shranjevanju komentarja. Oprosti.",
+    "Error saving paste. Sorry.":
+        "Nekaj je šlo narobe pri shranjevanju prilepka. Oprosti.",
+    "Invalid paste ID.":
+        "Napačen ID prilepka.",
+    "Paste is not of burn-after-reading type.":
+        "Prilepek ni tipa zažgi-po-branju.",
+    "Wrong deletion token. Paste was not deleted.":
+        "Napačen token za izbris. Prilepek ni bil izbrisan..",
+    "Paste was properly deleted.":
+        "Prilepek je uspešno izbrisan.",
+    "JavaScript is required for %s to work.<br />Sorry for the inconvenience.":
+        "Da %s deluje, moraš vklopiti JavaScript.<br />Oprosti za povročene nevšečnosti.",
+    "%s requires a modern browser to work.":
+        "%s za svoje delovanje potrebuje moderen brskalnik.",
+    "Still using Internet Explorer? Do yourself a favor, switch to a modern browser:":
+        "Še vedno uporabljaš Internet Explorer? Naredi si uslugo, preklopi na moderen brskalnik:",
+    "New":
+        "Nov prilepek",
+    "Send":
+        "Pošlji",
+    "Clone":
+        "Kloniraj",
+    "Raw text":
+        "Surov tekst",
+    "Expires":
+        "Poteče",
+    "Burn after reading":
+        "Zažgi (pobriši) po branju",
+    "Open discussion":
+        "Dovoli razpravo",
+    "Password (recommended)":
+        "Geslo (priporočeno)",
+    "Discussion":
+        "Razprava",
+    "Toggle navigation":
+        "Preklopi navigacijo",
+    "%d seconds": ["%d sekunda", "%d sekundi", "%d sekunde", "%d sekund"],
+    "%d minutes": ["%d minuta", "%d minuti", "%d minute", "%d minut"],
+    "%d hours": ["%d ura", "%d uri", "%d ure", "%d ur"],
+    "%d days": ["%d dan", "%d dneva", "%d dnevi", "%d dni"],
+    "%d weeks": ["%d teden", "%d tedna", "%d tedni", "%d tednov"],
+    "%d months": ["%d mesec", "%d meseca", "%d meseci", "%d mesecev"],
+    "%d years": ["%d leto", "%d leti", "%d leta", "%d let"],
+    "Never":
+        "Nikoli",
+    "Note: This is a test service: Data may be deleted anytime. Kittens will die if you abuse this service.":
+        "Ne pozabi: To je testna storitev: Podatki so lahko kadarkoli pobrisani. Mucki bodo umrli, če boš zlorabljala to storitev.",
+    "This document will expire in %d seconds.":
+        ["Ta dokument bo potekel čez %d sekundo.", "Ta dokument bo potekel čez %d sekundi.", "Ta dokument bo potekel čez %d sekunde.", "Ta dokument bo potekel čez %d sekund."],
+    "This document will expire in %d minutes.":
+        ["Ta dokument bo potekel čez %d minuto.", "Ta dokument bo potekel čez %d minuti.", "Ta dokument bo potekel čez %d minute.", "Ta dokument bo potekel čez %d minut."],
+    "This document will expire in %d hours.":
+        ["Ta dokument bo potekel čez %d uro.", "Ta dokument bo potekel čez %d uri.", "Ta dokument bo potekel čez %d ure.", "Ta dokument bo potekel čez %d ur."],
+    "This document will expire in %d days.":
+        ["Ta dokument bo potekel čez %d dan.", "Ta dokument bo potekel čez %d dni.", "Ta dokument bo potekel čez %d dni.", "Ta dokument bo potekel čez %d dni."],
+    "This document will expire in %d months.":
+        ["Ta dokument bo potekel čez %d mesec.", "Ta dokument bo potekel čez %d meseca.", "Ta dokument bo potekel čez %d mesece.", "Ta dokument bo potekel čez %d mesecev."],
+    "Please enter the password for this paste:":
+        "Prosim vnesi geslo tega prilepka:",
+    "Could not decrypt data (Wrong key?)":
+        "Nemogoče odkodirati podakte (Imaš napačen ključ?)",
+    "Could not delete the paste, it was not stored in burn after reading mode.":
+        "Prilepek je nemogoče izbrisati, ni bil shranjen v načinu \"zažgi po branju\".",
+    "FOR YOUR EYES ONLY. Don't close this window, this message can't be displayed again.":
+        "SAMO ZA TVOJE OČI. Ne zapri tega okna (zavihka), to sporočilo ne bo prikazano nikoli več.",
+    "Could not decrypt comment; Wrong key?":
+        "Ne morem odkodirati komentarja: Imaš napačen ključ?",
+    "Reply":
+        "Odgovori",
+    "Anonymous":
+        "Aninomno",
+    "Anonymous avatar (Vizhash of the IP address)":
+        "Anonimen avatar (Vizhash IP naslova)",
+    "Add comment":
+        "Dodaj komentar",
+    "Optional nickname...":
+        "Uporabniško ime (lahko izpustiš)",
+    "Post comment":
+        "Objavi komentar",
+    "Sending comment...":
+        "Pošiljam komentar ...",
+    "Comment posted.":
+        "Komentar poslan.",
+    "Could not refresh display: %s":
+        "Ne morem osvežiti zaslona : %s",
+    "unknown status":
+        "neznan status",
+    "server error or not responding":
+        "napaka na strežniku, ali pa se strežnik ne odziva",
+    "Could not post comment: %s":
+        "Komentarja ni bilo mogoče objaviti : %s",
+    "Sending paste (Please move your mouse for more entropy)...":
+        "Pošiljam prilepek (prosim premakni svojo miško za več entropije) ...",
+    "Sending paste...":
+        "Pošiljam prilepek...",
+    "Your paste is <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Hit [Ctrl]+[c] to copy)</span>":
+        "Tvoj prilepek je dostopen na naslovu: <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Pritisni [Ctrl]+[c] ali [Cmd] + [c] in skopiraj)</span>",
+    "Delete data":
+        "Izbriši podatke",
+    "Could not create paste: %s":
+        "Ne morem ustvariti prilepka: %s",
+    "Cannot decrypt paste: Decryption key missing in URL (Did you use a redirector or an URL shortener which strips part of the URL?)":
+        "Ne morem odkodirati prilepka: V URL-ju manjka ključ (A si uporabil krajšalnik URL-jev, ki odstrani del URL-ja?)",
+    "B": "o",
+    "KiB": "KB",
+    "MiB": "MB",
+    "GiB": "GB",
+    "TiB": "TB",
+    "PiB": "PB",
+    "EiB": "EB",
+    "ZiB": "ZB",
+    "YiB": "YB",
+    "Format": "Format",
+    "Plain Text": "Surov tekst",
+    "Source Code": "Odprta koda",
+    "Markdown": "Markdown",
+    "Download attachment": "Pretoči priponko",
+    "Cloned file attached.": "Pripeta datoteka klonirana",
+    "Attach a file": "Pripni datoteko",
+    "Remove attachment": "Odstrani priponko",
+    "Your browser does not support uploading encrypted files. Please use a newer browser.":
+        "Tvoj brskalnik ne omogoča nalaganje zakodiranih datotek. Prosim uporabi novejši brskalnik.",
+    "Invalid attachment.": "Neveljavna priponka.",
+    "Options": "Možnosti",
+    "Shorten URL": "Skrajšajte URL",
+    "Editor": "Uredi",
+    "Preview": "Predogled",
+    "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.":
+        "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.",
+    "Decrypt":
+        "Decrypt",
+    "Enter password":
+        "Prosim vnesi geslo",
+    "Loading…": "Loading…",
+    "In case this message never disappears please have a look at <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">this FAQ for information to troubleshoot</a>.":
+        "In case this message never disappears please have a look at <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">this FAQ for information to troubleshoot</a> (in English)."
+}

i18n/zh.json

@@ -0,0 +1,151 @@
+{
+    "PrivateBin": "PrivateBin",
+    "%s is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted <i>in the browser</i> using 256 bits AES. More information on the <a href=\"https://privatebin.info/\">project page</a>.":
+        "%s是一个极简，开源，对粘贴内容毫不知情的在线粘贴板，数据<i>在浏览器内</i>进行AES-256加密。更多信息请查看<a href=\"https://privatebin.info/\">项目主页</a>。",
+    "Because ignorance is bliss":
+        "因为无知是福",
+    "en": "zh",
+    "Paste does not exist, has expired or has been deleted.":
+        "粘贴不存在，已过期或者已被删除。",
+    "%s requires php 5.3.0 or above to work. Sorry.":
+        "%s需要工作于PHP 5.3.0及以上版本，抱歉。",
+    "%s requires configuration section [%s] to be present in configuration file.":
+        "%s需要设置配置文件中 [%s] 的部分。",
+    "Please wait %d seconds between each post.":
+        "每 %d 秒只能粘贴一次。",
+    "Paste is limited to %s of encrypted data.":
+        "粘贴受限于 %s 加密数据。",
+    "Invalid data.":
+        "无效的数据。",
+    "You are unlucky. Try again.":
+        "请再试一次。",
+    "Error saving comment. Sorry.":
+        "存储评论时出现错误，抱歉。",
+    "Error saving paste. Sorry.":
+        "存储粘贴时出现错误，抱歉。",
+    "Invalid paste ID.":
+        "无效的ID。",
+    "Paste is not of burn-after-reading type.":
+        "粘贴不是阅后即焚类型。",
+    "Wrong deletion token. Paste was not deleted.":
+        "错误的删除token，粘贴没有被删除。",
+    "Paste was properly deleted.":
+        "粘贴已被正确删除。",
+    "JavaScript is required for %s to work.<br />Sorry for the inconvenience.":
+        "%s需要JavaScript来进行加解密。<br />带来的不便敬请谅解。",
+    "%s requires a modern browser to work.":
+        "%s需要工作于现代化的浏览器。",
+    "Still using Internet Explorer? Do yourself a favor, switch to a modern browser:":
+        "还在使用Internet Explorer？帮自己个忙，换上一个现代化的浏览器：",
+    "New":
+        "新建",
+    "Send":
+        "送出",
+    "Clone":
+        "克隆",
+    "Raw text":
+        "纯文本",
+    "Expires":
+        "有效期",
+    "Burn after reading":
+        "阅后即焚",
+    "Open discussion":
+        "开放讨论",
+    "Password (recommended)":
+        "密码 (推荐)",
+    "Discussion":
+        "讨论",
+    "Toggle navigation":
+        "切换导航栏",
+    "%d seconds": ["%d 秒", "%d 秒"],
+    "%d minutes": ["%d 分钟", "%d 分钟"],
+    "%d hours": ["%d 小时", "%d 小时"],
+    "%d days": ["%d 天", "%d 天"],
+    "%d weeks": ["%d 周", "%d 周"],
+    "%d months": ["%d 个月", "%d 个月"],
+    "%d years": ["%d 年", "%d 年"],
+    "Never":
+        "永不过期",
+    "Note: This is a test service: Data may be deleted anytime. Kittens will die if you abuse this service.":
+        "注意：这是一个测试服务，数据随时可能被删除。如果你滥用这个服务的话，小猫咪会死的。",
+    "This document will expire in %d seconds.":
+        ["这份文档将在一秒后过期。", "这份文档将在 %d 秒后过期"],
+    "This document will expire in %d minutes.":
+        ["这份文档将在一分钟后过期。", "这份文档将在 %d 分钟后过期。"],
+    "This document will expire in %d hours.":
+        ["这份文档将在一小时后过期。", "这份文档将在 %d 小时后过期。"],
+    "This document will expire in %d days.":
+        ["这份文档将在一天后过期。", "这份文档将在 %d 天后过期。"],
+    "This document will expire in %d months.":
+        ["这份文档将在一个月后过期。", "这份文档将在 %d 个月后过期。"],
+    "Please enter the password for this paste:":
+        "请输入这份粘贴的密码：",
+    "Could not decrypt data (Wrong key?)":
+        "无法解密数据 (密钥错误？)",
+    "Could not delete the paste, it was not stored in burn after reading mode.":
+        "无法删除此粘贴，它没有以阅后即焚模式存储。",
+    "FOR YOUR EYES ONLY. Don't close this window, this message can't be displayed again.":
+        "看！仔！细！了！ 不要关闭窗口，否则你再也见不到这条消息了。",
+    "Could not decrypt comment; Wrong key?":
+        "无法解密评论; 密钥错误？",
+    "Reply":
+        "回复",
+    "Anonymous":
+        "匿名",
+    "Anonymous avatar (Vizhash of the IP address)":
+        "匿名头像 (由IP地址生成Vizhash)",
+    "Add comment":
+        "添加评论",
+    "Optional nickname...":
+        "可选昵称...",
+    "Post comment":
+        "评论",
+    "Sending comment...":
+        "评论发送中...",
+    "Comment posted.":
+        "评论已发送。",
+    "Could not refresh display: %s":
+        "无法刷新显示： %s",
+    "unknown status":
+        "未知状态",
+    "server error or not responding":
+        "服务器错误或无回应",
+    "Could not post comment: %s":
+        "无法发送评论： %s",
+    "Sending paste (Please move your mouse for more entropy)...":
+        "粘贴提交中 (请移动鼠标以产生更多熵)...",
+    "Sending paste...":
+        "粘贴提交中...",
+    "Your paste is <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Hit [Ctrl]+[c] to copy)</span>":
+        "您的粘贴的链接是<a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(按下 [Ctrl]+[c] 以复制)</span>",
+    "Delete data":
+        "删除数据",
+    "Could not create paste: %s":
+        "无法创建粘贴： %s",
+    "Cannot decrypt paste: Decryption key missing in URL (Did you use a redirector or an URL shortener which strips part of the URL?)":
+        "无法解密粘贴： URL中缺失解密密钥 (是否使用了重定向或者短链接导致密钥丢失？)",
+    "Format": "格式",
+    "Plain Text": "纯文本",
+    "Source Code": "源代码",
+    "Markdown": "Markdown",
+    "Download attachment": "下载附件",
+    "Cloned file attached.": "已附加克隆的文件",
+    "Attach a file": "添加一个附件",
+    "Remove attachment": "移除附件",
+    "Your browser does not support uploading encrypted files. Please use a newer browser.":
+        "您的浏览器不支持上传加密的文件，请使用更新的浏览器。",
+    "Invalid attachment.": "无效的附件",
+    "Options": "选项",
+    "Shorten URL": "缩短链接",
+    "Editor": "編輯",
+    "Preview": "預習",
+    "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.":
+        "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.",
+    "Decrypt":
+        "Decrypt",
+    "Enter password":
+        "Enter password",
+    "Loading…": "Loading…",
+    "In case this message never disappears please have a look at <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">this FAQ for information to troubleshoot</a>.":
+        "In case this message never disappears please have a look at <a href=\"https://github.com/PrivateBin/PrivateBin/wiki/FAQ#why-does-not-the-loading-message-go-away\">this FAQ for information to troubleshoot</a> (in English)."
+}

img/icon.svg

@@ -0,0 +1 @@
+<svg xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns="http://www.w3.org/2000/svg" height="38" width="38" version="1.1" xmlns:cc="http://creativecommons.org/ns#" xmlns:xlink="http://www.w3.org/1999/xlink" viewBox="0 0 38 38" xmlns:dc="http://purl.org/dc/elements/1.1/"><defs><radialGradient id="a" gradientUnits="userSpaceOnUse" cx="261" cy="240" r="341" gradientTransform="matrix(1.3 .000949 -.00102 1.4 -89.2 -86.2)"><stop stop-color="#ff0" offset="0"/><stop stop-color="#fa0" offset="1"/></radialGradient></defs><path stroke-linejoin="round" d="m250 3.16-227 123-0.42 247 227 124 227-123 0.42-247zm-0.711 97.9v0.006c3.78 0 7.6 0.297 11.5 0.875 41.1 6.17 72.2 40.6 66.4 70.5-5.8 29.8-33.3 56-40.1 61.7s37.1 165 37.1 165h-149s46.2-157 36.5-165c-9.7-8.14-41.2-36.9-36.4-68.9 4.81-32.1 37.6-64 74.2-64.1z" transform="matrix(.0709 0 0 .0709 1.4 1.38)" stroke="#000" stroke-linecap="round" stroke-width="10.6" fill="url(#a)"/></svg>

img/logo.svg

@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" viewBox="0 0 2500 500" height="500" width="2500"><defs><linearGradient id="a"><stop offset="0" stop-color="#ffab00"/><stop offset=".206" stop-color="orange"/><stop offset=".247" stop-color="#ffab00"/><stop offset="1" stop-color="#f80"/></linearGradient><radialGradient spreadMethod="pad" r="60%" fy="50%" fx="50%" id="b" xlink:href="#a"/><filter id="c" color-interpolation-filters="sRGB"><feGaussianBlur stdDeviation="3" result="result1"/><feBlend in="result1" mode="multiply" result="result5" in2="result1"/><feGaussianBlur stdDeviation="1" result="result6" in="result5"/><feComposite operator="xor" in="result6" in2="result5" result="result8"/><feComposite in2="result8" operator="xor" result="fbSourceGraphic" in="result6"/><feSpecularLighting specularExponent="55" specularConstant="2.2" surfaceScale="2" lighting-color="#fff" result="result1" in="fbSourceGraphic"><fePointLight z="20000" y="-10000" x="-5000"/></feSpecularLighting><feComposite operator="in" result="result2" in="result1" in2="fbSourceGraphic"/><feComposite in2="result2" k3="1" k2="2" operator="arithmetic" result="result4" in="fbSourceGraphic"/><feComposite result="result91" operator="in" in="result4" in2="result4"/><feBlend in2="result91" mode="darken"/></filter></defs><g stroke="#000"><path transform="matrix(.95665 0 0 .95665 10.837 10.837)" d="M250.418 3.158L23.301 126.238l-.42 246.84 226.701 123.764 227.117-123.08.42-246.84zm-.711 97.865v.006c3.78 0 7.604.297 11.457.875 41.101 6.166 72.183 40.64 66.384 70.457-5.798 29.816-33.28 55.978-40.085 61.672-6.805 5.695 37.096 164.944 37.096 164.944h-149.12s46.181-156.802 36.486-164.944c-9.695-8.142-41.197-36.872-36.388-68.935 4.81-32.064 37.627-63.975 74.17-64.074z" fill="url(#b)" stroke-width="15.68" stroke-linecap="round" stroke-linejoin="round" filter="url(#c)"/><text y="949.388" x="1510.89" style="line-height:125%" font-weight="400" font-size="28.614" font-family="sans-serif" letter-spacing="0" word-spacing="0" fill="#ff920f" stroke-width="7" filter="url(#c)" transform="translate(0 -552.362)"><tspan rotate="0 0 0 0 0 0 0 0 0 0 0" dx="0" style="-inkscape-font-specification:Arial;text-align:center" y="949.388" x="1510.89" font-size="412.044" font-family="Arial" letter-spacing="-2.15" text-anchor="middle"><tspan letter-spacing="0"><tspan letter-spacing="-10">P</tspan><tspan letter-spacing="10">r</tspan><tspan letter-spacing="7">i</tspan><tspan letter-spacing="-7">v</tspan><tspan letter-spacing="-5">a</tspan><tspan letter-spacing="5">t</tspan><tspan letter-spacing="15">e</tspan>Bin</tspan></tspan></text></g></svg>

img/safari-pinned-tab.svg

@@ -0,0 +1 @@
+<svg version="1" xmlns="http://www.w3.org/2000/svg" width="933.333" height="933.333" viewBox="0 0 700.000000 700.000000"><path d="M339 3.3c-7.3 3-301.3 158.2-306.7 161.8-5.9 4.1-10.1 9.6-11.8 15.4-1.1 4.2-1.4 32-1.7 170l-.3 165 2.3 5c3 6.5 7.2 10.8 15.2 15.5 8.1 4.8 291.3 155.3 299.4 159.1 7.4 3.5 14.5 4.4 21.2 2.6 5.1-1.3 301.3-156.9 311.2-163.5 3-1.9 6.4-5.1 7.8-7.1 5.5-8.3 5.1 1.5 5.5-177.2l.4-165.4-2.3-5c-3-6.5-7.2-10.8-15.2-15.5-3.6-2.1-42.3-22.8-86-46s-83.1-44.2-87.5-46.5c-4.4-2.4-22.2-11.8-39.5-21S416.4 32.1 412.5 30c-29.8-16-46.6-24.7-51.4-26.7-7.3-3-14.9-3-22.1 0zm9.3 1.2c-6.6 1.2-20.7 8.4-160.3 82.1-98.2 51.8-154.6 82.1-157.4 84.5-2.4 2.1-5.1 5.3-6 7.1l-1.7 3.3.6-3c.8-3.7 4.5-8.6 8.6-11.6 3.1-2.2 299-158.6 306.4-162 2.6-1.1 6.3-1.8 10.5-1.7h6.5l-7.2 1.3zm1 3.1c-3.4.7-9 2.7-12.3 4.4-6.1 3.1-263.3 138.7-288.8 152.3-10.3 5.4-14.4 8.3-18.2 12.4-3.3 3.6-4.6 4.6-4.2 3 .3-1.2 2.8-4.4 5.6-7.1 4.4-4.3 23.5-14.7 138.6-75.3C355.4-.5 342.6 6 349.7 6.1l5.8.1-6.2 1.4zm7.2 4.6c3.9 1.8 3 2.4-3.9 2.6-3.6.1-7.6.6-9.1 1.2-3.9 1.5-296.2 155.7-301.8 159.3-2.7 1.7-6 4.8-7.4 6.9-4 6-5.8 4.4-2.9-2.7 1.9-4.4 6.8-7.8 24.5-17.1 15.3-8 26.9-14.2 38.6-20.4 3.9-2.1 12.4-6.6 19-10 6.6-3.5 14.7-7.7 18-9.5 3.3-1.8 11.9-6.3 19-10 7.2-3.7 19.1-10 26.5-14 7.4-4 19.8-10.5 27.5-14.5 7.7-4 14.5-7.6 15-8 .6-.4 9.1-4.9 19-10s18.5-9.6 19-10c.6-.4 8.7-4.7 18-9.5 9.4-4.8 17.5-9.1 18-9.5.6-.4 9.1-4.9 19-10s19.5-10.2 21.3-11.3c9.2-5.5 16.1-6.5 22.7-3.5zm7.1 4.4c1.8 1.4 1.8 1.4-.6.3-3.1-1.4-3.6-1.9-2.4-1.9.6 0 1.9.7 3 1.6zm5.5 3.1c1.3 1.5 1.2 1.5-.8.4-2.4-1.2-2.9-2.1-1.4-2.1.5 0 1.5.7 2.2 1.7zm12.4 6.3c.3.6-.1.7-.9.4-1.8-.7-2.1-1.4-.7-1.4.6 0 1.3.4 1.6 1zm15 8c.3.6-.1.7-.9.4-1.8-.7-2.1-1.4-.7-1.4.6 0 1.3.4 1.6 1zm-9 36.7c49.4 26.2 218.7 116.4 230.9 123 6 3.2 11.9 7.1 13 8.7 2 2.6 2.1 4 2.4 37.4.1 19.1-.1 84.8-.5 145.9l-.8 111.3-2.5 2.4c-1.4 1.4-40.7 22.7-87.5 47.4-189.1 99.9-188.7 99.7-193 99.7-4.3 0-1 1.7-88.5-44.8-160.9-85.3-190.4-101.3-192.4-104l-2.1-2.9.1-144.3c.1-113.5.4-145.1 1.4-147.4.7-1.7 2.6-3.9 4.4-5 3.2-2 78.3-41.7 188.6-99.8 95.1-50.2 85.9-45.6 90.5-45 2.7.3 14.7 6.1 36 17.4zm88 5.3c.3.6-.1.7-.9.4-1.8-.7-2.1-1.4-.7-1.4.6 0 1.3.4 1.6 1z"/><path d="M327.5 137c-40.4 8.7-76.5 38.9-91.6 76.7-15.4 38.4-5 75.7 32.3 115 11 11.6 11.6 13.1 9.9 24.5-4.4 28.5-24.5 106.7-43.2 168.1-6.8 22.2-6.9 28.9-.3 36.5 7 8.2-.3 7.7 115.4 7.7 96.9 0 102.8-.1 107.2-1.8 9.5-3.7 14.9-13.9 12.9-24.4-.5-2.6-3-12-5.5-20.8-14.7-52.3-28.9-107.3-36.6-142-5.4-23.8-6.7-32.5-5.6-36.8.3-1.4 4.2-6.5 8.7-11.3 17.3-18.9 31.1-39.9 37.9-57.6 6.7-17.5 8.2-35.9 4.1-51.2-9.1-34-41.4-65-81.4-78-14.1-4.6-21.5-5.8-38.7-6.2-13.6-.3-18.1 0-25.5 1.6zm35.8 46.5c30.9 5.4 59 27.2 63.7 49.5 1.1 5.2 1.1 7-.4 12.8-4 16.3-15.1 33.4-34.7 53.7-9.5 9.8-14.7 16-16.1 19.2-3 6.6-3.5 19.9-1.4 33.4C377.9 373.9 390 425 406 485c3.8 14.5 7 27.7 7 29.2 0 2.3-.5 2.8-3.2 3.3-4.8.9-121.5.1-122.4-.8-.9-.9-.1-4.2 8.6-35.2 13.6-48.4 25.7-99.3 29.5-123.9 1.1-7 1.6-14.6 1.3-21.5-.5-15.4-2.5-19.1-17.4-33.4-13.7-13.2-22.2-24.1-27.7-35.6-3.5-7.2-4.1-9.5-4.5-16.6-.8-15 5.1-28.4 18.8-42.8 19.4-20.5 41.9-28.6 67.3-24.2zm75 68.9c-5 17.3-17.2 36.2-36.3 56-8.1 8.4-14.7 16.3-15.9 18.8l-2 4.3-.1-3.3c0-6 2.8-10.2 16.2-24 7.3-7.6 15.9-17.4 19.1-21.9 6.6-9.3 14.7-24.4 17.2-32.2 2.2-6.9 3.9-4.8 1.8 2.3zm-14.7 10.3c-6.5 13.1-15.7 25.4-29.2 39.2-7.2 7.5-14.1 15.2-15.3 17.1-1.8 2.8-2.1 3-1.6 1 1.3-4.6 4.3-8.4 14.5-18.5 5.6-5.5 12.9-13.5 16.3-17.8 6.1-7.8 17.7-26.1 17.7-28 0-.6.3-.8.6-.5.3.3-1 3.7-3 7.5zm2.1 2.6c-6.7 13.5-15.4 25.3-30.7 41.2-7.4 7.7-14 15-14.7 16-1.2 2-1.2 2-.6 0 1.3-4 3.9-7.2 16.3-20 13.9-14.4 23.1-26.8 29.3-39.2 2.3-4.5 4.3-8 4.6-7.8.2.3-1.6 4.7-4.2 9.8zM416 517.8c0 3.1-2.7 3.2-65.2 3.2-41.2 0-62.8-.3-62.8-1s21.5-1 62.4-1c40.6 0 62.7-.4 63.1-1 .7-1.2 2.5-1.3 2.5-.2zm4 3.8c0 1.1.6 1.5 1.8 1.1 4.5-1.2 4.7-1.2 4.7 1.2 0 1.5-1.1 3.2-2.8 4.5-2.8 2.1-3.2 2.1-72 2.1-64.3 0-69.4-.1-71.7-1.8-2.3-1.6.5-1.7 66.2-1.7 37.7 0 69.3-.3 70.2-.6.9-.3 1.6-1 1.6-1.5s-28.1-.9-66.4-.9c-36.6 0-66.7-.3-66.9-.8-.3-.4 29.1-.7 65.3-.7 51.4 0 66.2-.3 67.2-1.3 1.7-1.7 2.8-1.5 2.8.4z"/></svg>

index.php

@@ -1,18 +1,18 @@
 <?php
 /**
- * ZeroBin
+ * PrivateBin
  *
  * a zero-knowledge paste bin
  *
- * @link      http://sebsauvage.net/wiki/doku.php?id=php:zerobin
+ * @link      https://github.com/PrivateBin/PrivateBin
  * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
- * @license   http://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   0.21
+ * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
+ * @version   1.1
  */
 
 // change this, if your php files and data is outside of your webservers document root
 define('PATH', '');
 
-define('PUBLIC_PATH', dirname(__FILE__));
-require PATH . 'lib/auto.php';
-new zerobin;
+define('PUBLIC_PATH', __DIR__);
+require PATH . 'vendor' . DIRECTORY_SEPARATOR . 'autoload.php';
+new PrivateBin\PrivateBin;

js/.istanbul.yml

@@ -0,0 +1,7 @@
+---
+instrumentation:
+  excludes:
+    - jquery-3.1.1.js
+  baseline-file: ../tst/log/js-coverage-baseline.json
+reporting:
+  dir: ../tst/log/js-coverage-report

js/base64-1.7.js

@@ -2,10 +2,10 @@
  * $Id: base64.js,v 1.7 2012/08/23 10:30:18 dankogai Exp dankogai $
  *
  *  Licensed under the MIT license.
- *  http://www.opensource.org/licenses/mit-license.php
+ *  https://www.opensource.org/licenses/mit-license.php
  *
  *  References:
- *    http://en.wikipedia.org/wiki/Base64
+ *    https://en.wikipedia.org/wiki/Base64
  */
 
 (function(global){

js/comment.jsonld

@@ -0,0 +1,16 @@
+{
+	"@context": {
+		"so": "https://schema.org/",
+		"status": "so:Integer",
+		"id": "so:name",
+		"parentid": "so:name",
+		"url: {
+			"@id": "so:url",
+			"@type": "@id"
+		},
+		"data": "so:Text",
+		"meta": {
+			"@id": "?jsonld=commentmeta"
+		}
+	}
+}

js/commentmeta.jsonld

@@ -0,0 +1,8 @@
+{
+	"@context": {
+		"so": "https://schema.org/",
+		"postdate": "so:Integer",
+		"nickname": "so:Text",
+		"vizhash": "so:Text"
+	}
+}

js/paste.jsonld

@@ -0,0 +1,24 @@
+{
+	"@context": {
+		"so": "https://schema.org/",
+		"status": {"@id": "so:Integer"},
+		"id": {"@id": "so:name"},
+		"deletetoken": {"@id": "so:Text"},
+		"url": {
+			"@type": "@id",
+			"@id": "so:url"
+		},
+		"data": {"@id": "so:Text"},
+		"attachment": {"@id": "so:Text"},
+		"attachmentname": {"@id": "so:Text"},
+		"meta": {
+			"@id": "?jsonld=pastemeta"
+		},
+		"comments": {
+			"@id": "?jsonld=comment",
+			"@container": "@list"
+		},
+		"comment_count": {"@id": "so:Integer"},
+		"comment_offset": {"@id": "so:Integer"}
+	}
+}

js/pastemeta.jsonld

@@ -0,0 +1,11 @@
+{
+	"@context": {
+		"so": "https://schema.org/",
+		"formatter": {"@id": "so:Text"},
+		"postdate": {"@id": "so:Integer"},
+		"opendiscussion": {"@id": "so:True"},
+		"burnafterreading": {"@id": "so:True"},
+		"expire_date": {"@id": "so:Integer"},
+		"remaining_time": {"@id": "so:Integer"}
+	}
+}

js/rawdeflate-0.5.js

@@ -2,7 +2,7 @@
  * $Id: rawdeflate.js,v 0.5 2013/04/09 14:25:38 dankogai Exp dankogai $
  *
  * GNU General Public License, version 2 (GPL-2.0)
- *   http://opensource.org/licenses/GPL-2.0
+ *   https://opensource.org/licenses/GPL-2.0
  * Original:
  *  http://www.onicos.com/staff/iz/amuse/javascript/expert/deflate.txt
  */

js/rawinflate-0.3.js

@@ -2,7 +2,7 @@
  * $Id: rawinflate.js,v 0.3 2013/04/09 14:25:38 dankogai Exp dankogai $
  *
  * GNU General Public License, version 2 (GPL-2.0)
- *   http://opensource.org/licenses/GPL-2.0
+ *   https://opensource.org/licenses/GPL-2.0
  * original:
  *   http://www.onicos.com/staff/iz/amuse/javascript/expert/inflate.txt
  */

js/sjcl-1.0.2.js

@@ -1,54 +0,0 @@
-"use strict";function q(a){throw a;}var s=void 0,u=!1;var sjcl={cipher:{},hash:{},keyexchange:{},mode:{},misc:{},codec:{},exception:{corrupt:function(a){this.toString=function(){return"CORRUPT: "+this.message};this.message=a},invalid:function(a){this.toString=function(){return"INVALID: "+this.message};this.message=a},bug:function(a){this.toString=function(){return"BUG: "+this.message};this.message=a},notReady:function(a){this.toString=function(){return"NOT READY: "+this.message};this.message=a}}};
-"undefined"!==typeof module&&module.exports&&(module.exports=sjcl);"function"===typeof define&&define([],function(){return sjcl});
-sjcl.cipher.aes=function(a){this.k[0][0][0]||this.D();var b,c,d,e,f=this.k[0][4],g=this.k[1];b=a.length;var h=1;4!==b&&(6!==b&&8!==b)&&q(new sjcl.exception.invalid("invalid aes key size"));this.b=[d=a.slice(0),e=[]];for(a=b;a<4*b+28;a++){c=d[a-1];if(0===a%b||8===b&&4===a%b)c=f[c>>>24]<<24^f[c>>16&255]<<16^f[c>>8&255]<<8^f[c&255],0===a%b&&(c=c<<8^c>>>24^h<<24,h=h<<1^283*(h>>7));d[a]=d[a-b]^c}for(b=0;a;b++,a--)c=d[b&3?a:a-4],e[b]=4>=a||4>b?c:g[0][f[c>>>24]]^g[1][f[c>>16&255]]^g[2][f[c>>8&255]]^g[3][f[c&
-255]]};
-sjcl.cipher.aes.prototype={encrypt:function(a){return w(this,a,0)},decrypt:function(a){return w(this,a,1)},k:[[[],[],[],[],[]],[[],[],[],[],[]]],D:function(){var a=this.k[0],b=this.k[1],c=a[4],d=b[4],e,f,g,h=[],l=[],k,n,m,p;for(e=0;0x100>e;e++)l[(h[e]=e<<1^283*(e>>7))^e]=e;for(f=g=0;!c[f];f^=k||1,g=l[g]||1){m=g^g<<1^g<<2^g<<3^g<<4;m=m>>8^m&255^99;c[f]=m;d[m]=f;n=h[e=h[k=h[f]]];p=0x1010101*n^0x10001*e^0x101*k^0x1010100*f;n=0x101*h[m]^0x1010100*m;for(e=0;4>e;e++)a[e][f]=n=n<<24^n>>>8,b[e][m]=p=p<<24^p>>>8}for(e=
-0;5>e;e++)a[e]=a[e].slice(0),b[e]=b[e].slice(0)}};
-function w(a,b,c){4!==b.length&&q(new sjcl.exception.invalid("invalid aes block size"));var d=a.b[c],e=b[0]^d[0],f=b[c?3:1]^d[1],g=b[2]^d[2];b=b[c?1:3]^d[3];var h,l,k,n=d.length/4-2,m,p=4,t=[0,0,0,0];h=a.k[c];a=h[0];var r=h[1],v=h[2],y=h[3],z=h[4];for(m=0;m<n;m++)h=a[e>>>24]^r[f>>16&255]^v[g>>8&255]^y[b&255]^d[p],l=a[f>>>24]^r[g>>16&255]^v[b>>8&255]^y[e&255]^d[p+1],k=a[g>>>24]^r[b>>16&255]^v[e>>8&255]^y[f&255]^d[p+2],b=a[b>>>24]^r[e>>16&255]^v[f>>8&255]^y[g&255]^d[p+3],p+=4,e=h,f=l,g=k;for(m=0;4>
-m;m++)t[c?3&-m:m]=z[e>>>24]<<24^z[f>>16&255]<<16^z[g>>8&255]<<8^z[b&255]^d[p++],h=e,e=f,f=g,g=b,b=h;return t}
-sjcl.bitArray={bitSlice:function(a,b,c){a=sjcl.bitArray.P(a.slice(b/32),32-(b&31)).slice(1);return c===s?a:sjcl.bitArray.clamp(a,c-b)},extract:function(a,b,c){var d=Math.floor(-b-c&31);return((b+c-1^b)&-32?a[b/32|0]<<32-d^a[b/32+1|0]>>>d:a[b/32|0]>>>d)&(1<<c)-1},concat:function(a,b){if(0===a.length||0===b.length)return a.concat(b);var c=a[a.length-1],d=sjcl.bitArray.getPartial(c);return 32===d?a.concat(b):sjcl.bitArray.P(b,d,c|0,a.slice(0,a.length-1))},bitLength:function(a){var b=a.length;return 0===
-b?0:32*(b-1)+sjcl.bitArray.getPartial(a[b-1])},clamp:function(a,b){if(32*a.length<b)return a;a=a.slice(0,Math.ceil(b/32));var c=a.length;b&=31;0<c&&b&&(a[c-1]=sjcl.bitArray.partial(b,a[c-1]&2147483648>>b-1,1));return a},partial:function(a,b,c){return 32===a?b:(c?b|0:b<<32-a)+0x10000000000*a},getPartial:function(a){return Math.round(a/0x10000000000)||32},equal:function(a,b){if(sjcl.bitArray.bitLength(a)!==sjcl.bitArray.bitLength(b))return u;var c=0,d;for(d=0;d<a.length;d++)c|=a[d]^b[d];return 0===
-c},P:function(a,b,c,d){var e;e=0;for(d===s&&(d=[]);32<=b;b-=32)d.push(c),c=0;if(0===b)return d.concat(a);for(e=0;e<a.length;e++)d.push(c|a[e]>>>b),c=a[e]<<32-b;e=a.length?a[a.length-1]:0;a=sjcl.bitArray.getPartial(e);d.push(sjcl.bitArray.partial(b+a&31,32<b+a?c:d.pop(),1));return d},l:function(a,b){return[a[0]^b[0],a[1]^b[1],a[2]^b[2],a[3]^b[3]]},byteswapM:function(a){var b,c;for(b=0;b<a.length;++b)c=a[b],a[b]=c>>>24|c>>>8&0xff00|(c&0xff00)<<8|c<<24;return a}};
-sjcl.codec.utf8String={fromBits:function(a){var b="",c=sjcl.bitArray.bitLength(a),d,e;for(d=0;d<c/8;d++)0===(d&3)&&(e=a[d/4]),b+=String.fromCharCode(e>>>24),e<<=8;return decodeURIComponent(escape(b))},toBits:function(a){a=unescape(encodeURIComponent(a));var b=[],c,d=0;for(c=0;c<a.length;c++)d=d<<8|a.charCodeAt(c),3===(c&3)&&(b.push(d),d=0);c&3&&b.push(sjcl.bitArray.partial(8*(c&3),d));return b}};
-sjcl.codec.hex={fromBits:function(a){var b="",c;for(c=0;c<a.length;c++)b+=((a[c]|0)+0xf00000000000).toString(16).substr(4);return b.substr(0,sjcl.bitArray.bitLength(a)/4)},toBits:function(a){var b,c=[],d;a=a.replace(/\s|0x/g,"");d=a.length;a+="00000000";for(b=0;b<a.length;b+=8)c.push(parseInt(a.substr(b,8),16)^0);return sjcl.bitArray.clamp(c,4*d)}};
-sjcl.codec.base64={J:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/",fromBits:function(a,b,c){var d="",e=0,f=sjcl.codec.base64.J,g=0,h=sjcl.bitArray.bitLength(a);c&&(f=f.substr(0,62)+"-_");for(c=0;6*d.length<h;)d+=f.charAt((g^a[c]>>>e)>>>26),6>e?(g=a[c]<<6-e,e+=26,c++):(g<<=6,e-=6);for(;d.length&3&&!b;)d+="=";return d},toBits:function(a,b){a=a.replace(/\s|=/g,"");var c=[],d,e=0,f=sjcl.codec.base64.J,g=0,h;b&&(f=f.substr(0,62)+"-_");for(d=0;d<a.length;d++)h=f.indexOf(a.charAt(d)),
-0>h&&q(new sjcl.exception.invalid("this isn't base64!")),26<e?(e-=26,c.push(g^h>>>e),g=h<<32-e):(e+=6,g^=h<<32-e);e&56&&c.push(sjcl.bitArray.partial(e&56,g,1));return c}};sjcl.codec.base64url={fromBits:function(a){return sjcl.codec.base64.fromBits(a,1,1)},toBits:function(a){return sjcl.codec.base64.toBits(a,1)}};sjcl.hash.sha256=function(a){this.b[0]||this.D();a?(this.r=a.r.slice(0),this.o=a.o.slice(0),this.h=a.h):this.reset()};sjcl.hash.sha256.hash=function(a){return(new sjcl.hash.sha256).update(a).finalize()};
-sjcl.hash.sha256.prototype={blockSize:512,reset:function(){this.r=this.N.slice(0);this.o=[];this.h=0;return this},update:function(a){"string"===typeof a&&(a=sjcl.codec.utf8String.toBits(a));var b,c=this.o=sjcl.bitArray.concat(this.o,a);b=this.h;a=this.h=b+sjcl.bitArray.bitLength(a);for(b=512+b&-512;b<=a;b+=512)x(this,c.splice(0,16));return this},finalize:function(){var a,b=this.o,c=this.r,b=sjcl.bitArray.concat(b,[sjcl.bitArray.partial(1,1)]);for(a=b.length+2;a&15;a++)b.push(0);b.push(Math.floor(this.h/
-4294967296));for(b.push(this.h|0);b.length;)x(this,b.splice(0,16));this.reset();return c},N:[],b:[],D:function(){function a(a){return 0x100000000*(a-Math.floor(a))|0}var b=0,c=2,d;a:for(;64>b;c++){for(d=2;d*d<=c;d++)if(0===c%d)continue a;8>b&&(this.N[b]=a(Math.pow(c,0.5)));this.b[b]=a(Math.pow(c,1/3));b++}}};
-function x(a,b){var c,d,e,f=b.slice(0),g=a.r,h=a.b,l=g[0],k=g[1],n=g[2],m=g[3],p=g[4],t=g[5],r=g[6],v=g[7];for(c=0;64>c;c++)16>c?d=f[c]:(d=f[c+1&15],e=f[c+14&15],d=f[c&15]=(d>>>7^d>>>18^d>>>3^d<<25^d<<14)+(e>>>17^e>>>19^e>>>10^e<<15^e<<13)+f[c&15]+f[c+9&15]|0),d=d+v+(p>>>6^p>>>11^p>>>25^p<<26^p<<21^p<<7)+(r^p&(t^r))+h[c],v=r,r=t,t=p,p=m+d|0,m=n,n=k,k=l,l=d+(k&n^m&(k^n))+(k>>>2^k>>>13^k>>>22^k<<30^k<<19^k<<10)|0;g[0]=g[0]+l|0;g[1]=g[1]+k|0;g[2]=g[2]+n|0;g[3]=g[3]+m|0;g[4]=g[4]+p|0;g[5]=g[5]+t|0;g[6]=
-g[6]+r|0;g[7]=g[7]+v|0}
-sjcl.mode.ccm={name:"ccm",encrypt:function(a,b,c,d,e){var f,g=b.slice(0),h=sjcl.bitArray,l=h.bitLength(c)/8,k=h.bitLength(g)/8;e=e||64;d=d||[];7>l&&q(new sjcl.exception.invalid("ccm: iv must be at least 7 bytes"));for(f=2;4>f&&k>>>8*f;f++);f<15-l&&(f=15-l);c=h.clamp(c,8*(15-f));b=sjcl.mode.ccm.L(a,b,c,d,e,f);g=sjcl.mode.ccm.p(a,g,c,b,e,f);return h.concat(g.data,g.tag)},decrypt:function(a,b,c,d,e){e=e||64;d=d||[];var f=sjcl.bitArray,g=f.bitLength(c)/8,h=f.bitLength(b),l=f.clamp(b,h-e),k=f.bitSlice(b,
-h-e),h=(h-e)/8;7>g&&q(new sjcl.exception.invalid("ccm: iv must be at least 7 bytes"));for(b=2;4>b&&h>>>8*b;b++);b<15-g&&(b=15-g);c=f.clamp(c,8*(15-b));l=sjcl.mode.ccm.p(a,l,c,k,e,b);a=sjcl.mode.ccm.L(a,l.data,c,d,e,b);f.equal(l.tag,a)||q(new sjcl.exception.corrupt("ccm: tag doesn't match"));return l.data},L:function(a,b,c,d,e,f){var g=[],h=sjcl.bitArray,l=h.l;e/=8;(e%2||4>e||16<e)&&q(new sjcl.exception.invalid("ccm: invalid tag length"));(0xffffffff<d.length||0xffffffff<b.length)&&q(new sjcl.exception.bug("ccm: can't deal with 4GiB or more data"));
-f=[h.partial(8,(d.length?64:0)|e-2<<2|f-1)];f=h.concat(f,c);f[3]|=h.bitLength(b)/8;f=a.encrypt(f);if(d.length){c=h.bitLength(d)/8;65279>=c?g=[h.partial(16,c)]:0xffffffff>=c&&(g=h.concat([h.partial(16,65534)],[c]));g=h.concat(g,d);for(d=0;d<g.length;d+=4)f=a.encrypt(l(f,g.slice(d,d+4).concat([0,0,0])))}for(d=0;d<b.length;d+=4)f=a.encrypt(l(f,b.slice(d,d+4).concat([0,0,0])));return h.clamp(f,8*e)},p:function(a,b,c,d,e,f){var g,h=sjcl.bitArray;g=h.l;var l=b.length,k=h.bitLength(b);c=h.concat([h.partial(8,
-f-1)],c).concat([0,0,0]).slice(0,4);d=h.bitSlice(g(d,a.encrypt(c)),0,e);if(!l)return{tag:d,data:[]};for(g=0;g<l;g+=4)c[3]++,e=a.encrypt(c),b[g]^=e[0],b[g+1]^=e[1],b[g+2]^=e[2],b[g+3]^=e[3];return{tag:d,data:h.clamp(b,k)}}};
-sjcl.mode.ocb2={name:"ocb2",encrypt:function(a,b,c,d,e,f){128!==sjcl.bitArray.bitLength(c)&&q(new sjcl.exception.invalid("ocb iv must be 128 bits"));var g,h=sjcl.mode.ocb2.H,l=sjcl.bitArray,k=l.l,n=[0,0,0,0];c=h(a.encrypt(c));var m,p=[];d=d||[];e=e||64;for(g=0;g+4<b.length;g+=4)m=b.slice(g,g+4),n=k(n,m),p=p.concat(k(c,a.encrypt(k(c,m)))),c=h(c);m=b.slice(g);b=l.bitLength(m);g=a.encrypt(k(c,[0,0,0,b]));m=l.clamp(k(m.concat([0,0,0]),g),b);n=k(n,k(m.concat([0,0,0]),g));n=a.encrypt(k(n,k(c,h(c))));d.length&&
-(n=k(n,f?d:sjcl.mode.ocb2.pmac(a,d)));return p.concat(l.concat(m,l.clamp(n,e)))},decrypt:function(a,b,c,d,e,f){128!==sjcl.bitArray.bitLength(c)&&q(new sjcl.exception.invalid("ocb iv must be 128 bits"));e=e||64;var g=sjcl.mode.ocb2.H,h=sjcl.bitArray,l=h.l,k=[0,0,0,0],n=g(a.encrypt(c)),m,p,t=sjcl.bitArray.bitLength(b)-e,r=[];d=d||[];for(c=0;c+4<t/32;c+=4)m=l(n,a.decrypt(l(n,b.slice(c,c+4)))),k=l(k,m),r=r.concat(m),n=g(n);p=t-32*c;m=a.encrypt(l(n,[0,0,0,p]));m=l(m,h.clamp(b.slice(c),p).concat([0,0,0]));
-k=l(k,m);k=a.encrypt(l(k,l(n,g(n))));d.length&&(k=l(k,f?d:sjcl.mode.ocb2.pmac(a,d)));h.equal(h.clamp(k,e),h.bitSlice(b,t))||q(new sjcl.exception.corrupt("ocb: tag doesn't match"));return r.concat(h.clamp(m,p))},pmac:function(a,b){var c,d=sjcl.mode.ocb2.H,e=sjcl.bitArray,f=e.l,g=[0,0,0,0],h=a.encrypt([0,0,0,0]),h=f(h,d(d(h)));for(c=0;c+4<b.length;c+=4)h=d(h),g=f(g,a.encrypt(f(h,b.slice(c,c+4))));c=b.slice(c);128>e.bitLength(c)&&(h=f(h,d(h)),c=e.concat(c,[-2147483648,0,0,0]));g=f(g,c);return a.encrypt(f(d(f(h,
-d(h))),g))},H:function(a){return[a[0]<<1^a[1]>>>31,a[1]<<1^a[2]>>>31,a[2]<<1^a[3]>>>31,a[3]<<1^135*(a[0]>>>31)]}};
-sjcl.mode.gcm={name:"gcm",encrypt:function(a,b,c,d,e){var f=b.slice(0);b=sjcl.bitArray;d=d||[];a=sjcl.mode.gcm.p(!0,a,f,d,c,e||128);return b.concat(a.data,a.tag)},decrypt:function(a,b,c,d,e){var f=b.slice(0),g=sjcl.bitArray,h=g.bitLength(f);e=e||128;d=d||[];e<=h?(b=g.bitSlice(f,h-e),f=g.bitSlice(f,0,h-e)):(b=f,f=[]);a=sjcl.mode.gcm.p(u,a,f,d,c,e);g.equal(a.tag,b)||q(new sjcl.exception.corrupt("gcm: tag doesn't match"));return a.data},Z:function(a,b){var c,d,e,f,g,h=sjcl.bitArray.l;e=[0,0,0,0];f=b.slice(0);
-for(c=0;128>c;c++){(d=0!==(a[Math.floor(c/32)]&1<<31-c%32))&&(e=h(e,f));g=0!==(f[3]&1);for(d=3;0<d;d--)f[d]=f[d]>>>1|(f[d-1]&1)<<31;f[0]>>>=1;g&&(f[0]^=-0x1f000000)}return e},g:function(a,b,c){var d,e=c.length;b=b.slice(0);for(d=0;d<e;d+=4)b[0]^=0xffffffff&c[d],b[1]^=0xffffffff&c[d+1],b[2]^=0xffffffff&c[d+2],b[3]^=0xffffffff&c[d+3],b=sjcl.mode.gcm.Z(b,a);return b},p:function(a,b,c,d,e,f){var g,h,l,k,n,m,p,t,r=sjcl.bitArray;m=c.length;p=r.bitLength(c);t=r.bitLength(d);h=r.bitLength(e);g=b.encrypt([0,
-0,0,0]);96===h?(e=e.slice(0),e=r.concat(e,[1])):(e=sjcl.mode.gcm.g(g,[0,0,0,0],e),e=sjcl.mode.gcm.g(g,e,[0,0,Math.floor(h/0x100000000),h&0xffffffff]));h=sjcl.mode.gcm.g(g,[0,0,0,0],d);n=e.slice(0);d=h.slice(0);a||(d=sjcl.mode.gcm.g(g,h,c));for(k=0;k<m;k+=4)n[3]++,l=b.encrypt(n),c[k]^=l[0],c[k+1]^=l[1],c[k+2]^=l[2],c[k+3]^=l[3];c=r.clamp(c,p);a&&(d=sjcl.mode.gcm.g(g,h,c));a=[Math.floor(t/0x100000000),t&0xffffffff,Math.floor(p/0x100000000),p&0xffffffff];d=sjcl.mode.gcm.g(g,d,a);l=b.encrypt(e);d[0]^=l[0];
-d[1]^=l[1];d[2]^=l[2];d[3]^=l[3];return{tag:r.bitSlice(d,0,f),data:c}}};sjcl.misc.hmac=function(a,b){this.M=b=b||sjcl.hash.sha256;var c=[[],[]],d,e=b.prototype.blockSize/32;this.n=[new b,new b];a.length>e&&(a=b.hash(a));for(d=0;d<e;d++)c[0][d]=a[d]^909522486,c[1][d]=a[d]^1549556828;this.n[0].update(c[0]);this.n[1].update(c[1]);this.G=new b(this.n[0])};
-sjcl.misc.hmac.prototype.encrypt=sjcl.misc.hmac.prototype.mac=function(a){this.Q&&q(new sjcl.exception.invalid("encrypt on already updated hmac called!"));this.update(a);return this.digest(a)};sjcl.misc.hmac.prototype.reset=function(){this.G=new this.M(this.n[0]);this.Q=u};sjcl.misc.hmac.prototype.update=function(a){this.Q=!0;this.G.update(a)};sjcl.misc.hmac.prototype.digest=function(){var a=this.G.finalize(),a=(new this.M(this.n[1])).update(a).finalize();this.reset();return a};
-sjcl.misc.pbkdf2=function(a,b,c,d,e){c=c||1E3;(0>d||0>c)&&q(sjcl.exception.invalid("invalid params to pbkdf2"));"string"===typeof a&&(a=sjcl.codec.utf8String.toBits(a));"string"===typeof b&&(b=sjcl.codec.utf8String.toBits(b));e=e||sjcl.misc.hmac;a=new e(a);var f,g,h,l,k=[],n=sjcl.bitArray;for(l=1;32*k.length<(d||1);l++){e=f=a.encrypt(n.concat(b,[l]));for(g=1;g<c;g++){f=a.encrypt(f);for(h=0;h<f.length;h++)e[h]^=f[h]}k=k.concat(e)}d&&(k=n.clamp(k,d));return k};
-sjcl.prng=function(a){this.c=[new sjcl.hash.sha256];this.i=[0];this.F=0;this.s={};this.C=0;this.K={};this.O=this.d=this.j=this.W=0;this.b=[0,0,0,0,0,0,0,0];this.f=[0,0,0,0];this.A=s;this.B=a;this.q=u;this.w={progress:{},seeded:{}};this.m=this.V=0;this.t=1;this.u=2;this.S=0x10000;this.I=[0,48,64,96,128,192,0x100,384,512,768,1024];this.T=3E4;this.R=80};
-sjcl.prng.prototype={randomWords:function(a,b){var c=[],d;d=this.isReady(b);var e;d===this.m&&q(new sjcl.exception.notReady("generator isn't seeded"));if(d&this.u){d=!(d&this.t);e=[];var f=0,g;this.O=e[0]=(new Date).valueOf()+this.T;for(g=0;16>g;g++)e.push(0x100000000*Math.random()|0);for(g=0;g<this.c.length&&!(e=e.concat(this.c[g].finalize()),f+=this.i[g],this.i[g]=0,!d&&this.F&1<<g);g++);this.F>=1<<this.c.length&&(this.c.push(new sjcl.hash.sha256),this.i.push(0));this.d-=f;f>this.j&&(this.j=f);this.F++;
-this.b=sjcl.hash.sha256.hash(this.b.concat(e));this.A=new sjcl.cipher.aes(this.b);for(d=0;4>d&&!(this.f[d]=this.f[d]+1|0,this.f[d]);d++);}for(d=0;d<a;d+=4)0===(d+1)%this.S&&A(this),e=B(this),c.push(e[0],e[1],e[2],e[3]);A(this);return c.slice(0,a)},setDefaultParanoia:function(a,b){0===a&&"Setting paranoia=0 will ruin your security; use it only for testing"!==b&&q("Setting paranoia=0 will ruin your security; use it only for testing");this.B=a},addEntropy:function(a,b,c){c=c||"user";var d,e,f=(new Date).valueOf(),
-g=this.s[c],h=this.isReady(),l=0;d=this.K[c];d===s&&(d=this.K[c]=this.W++);g===s&&(g=this.s[c]=0);this.s[c]=(this.s[c]+1)%this.c.length;switch(typeof a){case "number":b===s&&(b=1);this.c[g].update([d,this.C++,1,b,f,1,a|0]);break;case "object":c=Object.prototype.toString.call(a);if("[object Uint32Array]"===c){e=[];for(c=0;c<a.length;c++)e.push(a[c]);a=e}else{"[object Array]"!==c&&(l=1);for(c=0;c<a.length&&!l;c++)"number"!==typeof a[c]&&(l=1)}if(!l){if(b===s)for(c=b=0;c<a.length;c++)for(e=a[c];0<e;)b++,
-e>>>=1;this.c[g].update([d,this.C++,2,b,f,a.length].concat(a))}break;case "string":b===s&&(b=a.length);this.c[g].update([d,this.C++,3,b,f,a.length]);this.c[g].update(a);break;default:l=1}l&&q(new sjcl.exception.bug("random: addEntropy only supports number, array of numbers or string"));this.i[g]+=b;this.d+=b;h===this.m&&(this.isReady()!==this.m&&C("seeded",Math.max(this.j,this.d)),C("progress",this.getProgress()))},isReady:function(a){a=this.I[a!==s?a:this.B];return this.j&&this.j>=a?this.i[0]>this.R&&
-(new Date).valueOf()>this.O?this.u|this.t:this.t:this.d>=a?this.u|this.m:this.m},getProgress:function(a){a=this.I[a?a:this.B];return this.j>=a?1:this.d>a?1:this.d/a},startCollectors:function(){this.q||(this.a={loadTimeCollector:D(this,this.aa),mouseCollector:D(this,this.ba),keyboardCollector:D(this,this.$),accelerometerCollector:D(this,this.U),touchCollector:D(this,this.da)},window.addEventListener?(window.addEventListener("load",this.a.loadTimeCollector,u),window.addEventListener("mousemove",this.a.mouseCollector,
-u),window.addEventListener("keypress",this.a.keyboardCollector,u),window.addEventListener("devicemotion",this.a.accelerometerCollector,u),window.addEventListener("touchmove",this.a.touchCollector,u)):document.attachEvent?(document.attachEvent("onload",this.a.loadTimeCollector),document.attachEvent("onmousemove",this.a.mouseCollector),document.attachEvent("keypress",this.a.keyboardCollector)):q(new sjcl.exception.bug("can't attach event")),this.q=!0)},stopCollectors:function(){this.q&&(window.removeEventListener?
-(window.removeEventListener("load",this.a.loadTimeCollector,u),window.removeEventListener("mousemove",this.a.mouseCollector,u),window.removeEventListener("keypress",this.a.keyboardCollector,u),window.removeEventListener("devicemotion",this.a.accelerometerCollector,u),window.removeEventListener("touchmove",this.a.touchCollector,u)):document.detachEvent&&(document.detachEvent("onload",this.a.loadTimeCollector),document.detachEvent("onmousemove",this.a.mouseCollector),document.detachEvent("keypress",
-this.a.keyboardCollector)),this.q=u)},addEventListener:function(a,b){this.w[a][this.V++]=b},removeEventListener:function(a,b){var c,d,e=this.w[a],f=[];for(d in e)e.hasOwnProperty(d)&&e[d]===b&&f.push(d);for(c=0;c<f.length;c++)d=f[c],delete e[d]},$:function(){E(1)},ba:function(a){var b,c;try{b=a.x||a.clientX||a.offsetX||0,c=a.y||a.clientY||a.offsetY||0}catch(d){c=b=0}0!=b&&0!=c&&sjcl.random.addEntropy([b,c],2,"mouse");E(0)},da:function(a){a=a.touches[0]||a.changedTouches[0];sjcl.random.addEntropy([a.pageX||
-a.clientX,a.pageY||a.clientY],1,"touch");E(0)},aa:function(){E(2)},U:function(a){a=a.accelerationIncludingGravity.x||a.accelerationIncludingGravity.y||a.accelerationIncludingGravity.z;if(window.orientation){var b=window.orientation;"number"===typeof b&&sjcl.random.addEntropy(b,1,"accelerometer")}a&&sjcl.random.addEntropy(a,2,"accelerometer");E(0)}};function C(a,b){var c,d=sjcl.random.w[a],e=[];for(c in d)d.hasOwnProperty(c)&&e.push(d[c]);for(c=0;c<e.length;c++)e[c](b)}
-function E(a){"undefined"!==typeof window&&window.performance&&"function"===typeof window.performance.now?sjcl.random.addEntropy(window.performance.now(),a,"loadtime"):sjcl.random.addEntropy((new Date).valueOf(),a,"loadtime")}function A(a){a.b=B(a).concat(B(a));a.A=new sjcl.cipher.aes(a.b)}function B(a){for(var b=0;4>b&&!(a.f[b]=a.f[b]+1|0,a.f[b]);b++);return a.A.encrypt(a.f)}function D(a,b){return function(){b.apply(a,arguments)}}sjcl.random=new sjcl.prng(6);
-a:try{var F,G,H,I;if(I="undefined"!==typeof module){var J;if(J=module.exports){var K;try{K=require("crypto")}catch(L){K=null}J=(G=K)&&G.randomBytes}I=J}if(I)F=G.randomBytes(128),F=new Uint32Array((new Uint8Array(F)).buffer),sjcl.random.addEntropy(F,1024,"crypto['randomBytes']");else if("undefined"!==typeof window&&"undefined"!==typeof Uint32Array){H=new Uint32Array(32);if(window.crypto&&window.crypto.getRandomValues)window.crypto.getRandomValues(H);else if(window.msCrypto&&window.msCrypto.getRandomValues)window.msCrypto.getRandomValues(H);
-else break a;sjcl.random.addEntropy(H,1024,"crypto['getRandomValues']")}}catch(M){"undefined"!==typeof window&&window.console&&(console.log("There was an error collecting entropy from the browser:"),console.log(M))}
-sjcl.json={defaults:{v:1,iter:1E3,ks:128,ts:64,mode:"ccm",adata:"",cipher:"aes"},Y:function(a,b,c,d){c=c||{};d=d||{};var e=sjcl.json,f=e.e({iv:sjcl.random.randomWords(4,0)},e.defaults),g;e.e(f,c);c=f.adata;"string"===typeof f.salt&&(f.salt=sjcl.codec.base64.toBits(f.salt));"string"===typeof f.iv&&(f.iv=sjcl.codec.base64.toBits(f.iv));(!sjcl.mode[f.mode]||!sjcl.cipher[f.cipher]||"string"===typeof a&&100>=f.iter||64!==f.ts&&96!==f.ts&&128!==f.ts||128!==f.ks&&192!==f.ks&&0x100!==f.ks||2>f.iv.length||4<
-f.iv.length)&&q(new sjcl.exception.invalid("json encrypt: invalid parameters"));"string"===typeof a?(g=sjcl.misc.cachedPbkdf2(a,f),a=g.key.slice(0,f.ks/32),f.salt=g.salt):sjcl.ecc&&a instanceof sjcl.ecc.elGamal.publicKey&&(g=a.kem(),f.kemtag=g.tag,a=g.key.slice(0,f.ks/32));"string"===typeof b&&(b=sjcl.codec.utf8String.toBits(b));"string"===typeof c&&(f.adata=c=sjcl.codec.utf8String.toBits(c));g=new sjcl.cipher[f.cipher](a);e.e(d,f);d.key=a;f.ct=sjcl.mode[f.mode].encrypt(g,b,f.iv,c,f.ts);return f},
-encrypt:function(a,b,c,d){var e=sjcl.json,f=e.Y.apply(e,arguments);return e.encode(f)},X:function(a,b,c,d){c=c||{};d=d||{};var e=sjcl.json;b=e.e(e.e(e.e({},e.defaults),b),c,!0);var f,g;f=b.adata;"string"===typeof b.salt&&(b.salt=sjcl.codec.base64.toBits(b.salt));"string"===typeof b.iv&&(b.iv=sjcl.codec.base64.toBits(b.iv));(!sjcl.mode[b.mode]||!sjcl.cipher[b.cipher]||"string"===typeof a&&100>=b.iter||64!==b.ts&&96!==b.ts&&128!==b.ts||128!==b.ks&&192!==b.ks&&0x100!==b.ks||!b.iv||2>b.iv.length||4<b.iv.length)&&
-q(new sjcl.exception.invalid("json decrypt: invalid parameters"));"string"===typeof a?(g=sjcl.misc.cachedPbkdf2(a,b),a=g.key.slice(0,b.ks/32),b.salt=g.salt):sjcl.ecc&&a instanceof sjcl.ecc.elGamal.secretKey&&(a=a.unkem(sjcl.codec.base64.toBits(b.kemtag)).slice(0,b.ks/32));"string"===typeof f&&(f=sjcl.codec.utf8String.toBits(f));g=new sjcl.cipher[b.cipher](a);f=sjcl.mode[b.mode].decrypt(g,b.ct,b.iv,f,b.ts);e.e(d,b);d.key=a;return 1===c.raw?f:sjcl.codec.utf8String.fromBits(f)},decrypt:function(a,b,
-c,d){var e=sjcl.json;return e.X(a,e.decode(b),c,d)},encode:function(a){var b,c="{",d="";for(b in a)if(a.hasOwnProperty(b))switch(b.match(/^[a-z0-9]+$/i)||q(new sjcl.exception.invalid("json encode: invalid property name")),c+=d+'"'+b+'":',d=",",typeof a[b]){case "number":case "boolean":c+=a[b];break;case "string":c+='"'+escape(a[b])+'"';break;case "object":c+='"'+sjcl.codec.base64.fromBits(a[b],0)+'"';break;default:q(new sjcl.exception.bug("json encode: unsupported type"))}return c+"}"},decode:function(a){a=
-a.replace(/\s/g,"");a.match(/^\{.*\}$/)||q(new sjcl.exception.invalid("json decode: this isn't json!"));a=a.replace(/^\{|\}$/g,"").split(/,/);var b={},c,d;for(c=0;c<a.length;c++)(d=a[c].match(/^\s*(?:(["']?)([a-z][a-z0-9]*)\1)\s*:\s*(?:(-?\d+)|"([a-z0-9+\/%*_.@=\-]*)"|(true|false))$/i))||q(new sjcl.exception.invalid("json decode: this isn't json!")),d[3]?b[d[2]]=parseInt(d[3],10):d[4]?b[d[2]]=d[2].match(/^(ct|adata|salt|iv)$/)?sjcl.codec.base64.toBits(d[4]):unescape(d[4]):d[5]&&(b[d[2]]="true"===
-d[5]);return b},e:function(a,b,c){a===s&&(a={});if(b===s)return a;for(var d in b)b.hasOwnProperty(d)&&(c&&(a[d]!==s&&a[d]!==b[d])&&q(new sjcl.exception.invalid("required parameter overridden")),a[d]=b[d]);return a},fa:function(a,b){var c={},d;for(d in a)a.hasOwnProperty(d)&&a[d]!==b[d]&&(c[d]=a[d]);return c},ea:function(a,b){var c={},d;for(d=0;d<b.length;d++)a[b[d]]!==s&&(c[b[d]]=a[b[d]]);return c}};sjcl.encrypt=sjcl.json.encrypt;sjcl.decrypt=sjcl.json.decrypt;sjcl.misc.ca={};
-sjcl.misc.cachedPbkdf2=function(a,b){var c=sjcl.misc.ca,d;b=b||{};d=b.iter||1E3;c=c[a]=c[a]||{};d=c[d]=c[d]||{firstSalt:b.salt&&b.salt.length?b.salt.slice(0):sjcl.random.randomWords(2,0)};c=b.salt===s?d.firstSalt:b.salt;d[c]=d[c]||sjcl.misc.pbkdf2(a,c,b.iter);return{key:d[c].slice(0),salt:c.slice(0)}};

js/sjcl-1.0.6.js

@@ -0,0 +1,60 @@
+"use strict";var sjcl={cipher:{},hash:{},keyexchange:{},mode:{},misc:{},codec:{},exception:{corrupt:function(a){this.toString=function(){return"CORRUPT: "+this.message};this.message=a},invalid:function(a){this.toString=function(){return"INVALID: "+this.message};this.message=a},bug:function(a){this.toString=function(){return"BUG: "+this.message};this.message=a},notReady:function(a){this.toString=function(){return"NOT READY: "+this.message};this.message=a}}};
+sjcl.cipher.aes=function(a){this.s[0][0][0]||this.O();var b,c,d,e,f=this.s[0][4],g=this.s[1];b=a.length;var h=1;if(4!==b&&6!==b&&8!==b)throw new sjcl.exception.invalid("invalid aes key size");this.b=[d=a.slice(0),e=[]];for(a=b;a<4*b+28;a++){c=d[a-1];if(0===a%b||8===b&&4===a%b)c=f[c>>>24]<<24^f[c>>16&255]<<16^f[c>>8&255]<<8^f[c&255],0===a%b&&(c=c<<8^c>>>24^h<<24,h=h<<1^283*(h>>7));d[a]=d[a-b]^c}for(b=0;a;b++,a--)c=d[b&3?a:a-4],e[b]=4>=a||4>b?c:g[0][f[c>>>24]]^g[1][f[c>>16&255]]^g[2][f[c>>8&255]]^g[3][f[c&
+255]]};
+sjcl.cipher.aes.prototype={encrypt:function(a){return t(this,a,0)},decrypt:function(a){return t(this,a,1)},s:[[[],[],[],[],[]],[[],[],[],[],[]]],O:function(){var a=this.s[0],b=this.s[1],c=a[4],d=b[4],e,f,g,h=[],k=[],l,n,m,p;for(e=0;0x100>e;e++)k[(h[e]=e<<1^283*(e>>7))^e]=e;for(f=g=0;!c[f];f^=l||1,g=k[g]||1)for(m=g^g<<1^g<<2^g<<3^g<<4,m=m>>8^m&255^99,c[f]=m,d[m]=f,n=h[e=h[l=h[f]]],p=0x1010101*n^0x10001*e^0x101*l^0x1010100*f,n=0x101*h[m]^0x1010100*m,e=0;4>e;e++)a[e][f]=n=n<<24^n>>>8,b[e][m]=p=p<<24^p>>>8;for(e=
+0;5>e;e++)a[e]=a[e].slice(0),b[e]=b[e].slice(0)}};
+function t(a,b,c){if(4!==b.length)throw new sjcl.exception.invalid("invalid aes block size");var d=a.b[c],e=b[0]^d[0],f=b[c?3:1]^d[1],g=b[2]^d[2];b=b[c?1:3]^d[3];var h,k,l,n=d.length/4-2,m,p=4,r=[0,0,0,0];h=a.s[c];a=h[0];var q=h[1],v=h[2],w=h[3],x=h[4];for(m=0;m<n;m++)h=a[e>>>24]^q[f>>16&255]^v[g>>8&255]^w[b&255]^d[p],k=a[f>>>24]^q[g>>16&255]^v[b>>8&255]^w[e&255]^d[p+1],l=a[g>>>24]^q[b>>16&255]^v[e>>8&255]^w[f&255]^d[p+2],b=a[b>>>24]^q[e>>16&255]^v[f>>8&255]^w[g&255]^d[p+3],p+=4,e=h,f=k,g=l;for(m=
+0;4>m;m++)r[c?3&-m:m]=x[e>>>24]<<24^x[f>>16&255]<<16^x[g>>8&255]<<8^x[b&255]^d[p++],h=e,e=f,f=g,g=b,b=h;return r}
+sjcl.bitArray={bitSlice:function(a,b,c){a=sjcl.bitArray.$(a.slice(b/32),32-(b&31)).slice(1);return void 0===c?a:sjcl.bitArray.clamp(a,c-b)},extract:function(a,b,c){var d=Math.floor(-b-c&31);return((b+c-1^b)&-32?a[b/32|0]<<32-d^a[b/32+1|0]>>>d:a[b/32|0]>>>d)&(1<<c)-1},concat:function(a,b){if(0===a.length||0===b.length)return a.concat(b);var c=a[a.length-1],d=sjcl.bitArray.getPartial(c);return 32===d?a.concat(b):sjcl.bitArray.$(b,d,c|0,a.slice(0,a.length-1))},bitLength:function(a){var b=a.length;return 0===
+b?0:32*(b-1)+sjcl.bitArray.getPartial(a[b-1])},clamp:function(a,b){if(32*a.length<b)return a;a=a.slice(0,Math.ceil(b/32));var c=a.length;b=b&31;0<c&&b&&(a[c-1]=sjcl.bitArray.partial(b,a[c-1]&2147483648>>b-1,1));return a},partial:function(a,b,c){return 32===a?b:(c?b|0:b<<32-a)+0x10000000000*a},getPartial:function(a){return Math.round(a/0x10000000000)||32},equal:function(a,b){if(sjcl.bitArray.bitLength(a)!==sjcl.bitArray.bitLength(b))return!1;var c=0,d;for(d=0;d<a.length;d++)c|=a[d]^b[d];return 0===
+c},$:function(a,b,c,d){var e;e=0;for(void 0===d&&(d=[]);32<=b;b-=32)d.push(c),c=0;if(0===b)return d.concat(a);for(e=0;e<a.length;e++)d.push(c|a[e]>>>b),c=a[e]<<32-b;e=a.length?a[a.length-1]:0;a=sjcl.bitArray.getPartial(e);d.push(sjcl.bitArray.partial(b+a&31,32<b+a?c:d.pop(),1));return d},i:function(a,b){return[a[0]^b[0],a[1]^b[1],a[2]^b[2],a[3]^b[3]]},byteswapM:function(a){var b,c;for(b=0;b<a.length;++b)c=a[b],a[b]=c>>>24|c>>>8&0xff00|(c&0xff00)<<8|c<<24;return a}};
+sjcl.codec.utf8String={fromBits:function(a){var b="",c=sjcl.bitArray.bitLength(a),d,e;for(d=0;d<c/8;d++)0===(d&3)&&(e=a[d/4]),b+=String.fromCharCode(e>>>24),e<<=8;return decodeURIComponent(escape(b))},toBits:function(a){a=unescape(encodeURIComponent(a));var b=[],c,d=0;for(c=0;c<a.length;c++)d=d<<8|a.charCodeAt(c),3===(c&3)&&(b.push(d),d=0);c&3&&b.push(sjcl.bitArray.partial(8*(c&3),d));return b}};
+sjcl.codec.hex={fromBits:function(a){var b="",c;for(c=0;c<a.length;c++)b+=((a[c]|0)+0xf00000000000).toString(16).substr(4);return b.substr(0,sjcl.bitArray.bitLength(a)/4)},toBits:function(a){var b,c=[],d;a=a.replace(/\s|0x/g,"");d=a.length;a=a+"00000000";for(b=0;b<a.length;b+=8)c.push(parseInt(a.substr(b,8),16)^0);return sjcl.bitArray.clamp(c,4*d)}};
+sjcl.codec.base32={B:"ABCDEFGHIJKLMNOPQRSTUVWXYZ234567",X:"0123456789ABCDEFGHIJKLMNOPQRSTUV",BITS:32,BASE:5,REMAINING:27,fromBits:function(a,b,c){var d=sjcl.codec.base32.BASE,e=sjcl.codec.base32.REMAINING,f="",g=0,h=sjcl.codec.base32.B,k=0,l=sjcl.bitArray.bitLength(a);c&&(h=sjcl.codec.base32.X);for(c=0;f.length*d<l;)f+=h.charAt((k^a[c]>>>g)>>>e),g<d?(k=a[c]<<d-g,g+=e,c++):(k<<=d,g-=d);for(;f.length&7&&!b;)f+="=";return f},toBits:function(a,b){a=a.replace(/\s|=/g,"").toUpperCase();var c=sjcl.codec.base32.BITS,
+d=sjcl.codec.base32.BASE,e=sjcl.codec.base32.REMAINING,f=[],g,h=0,k=sjcl.codec.base32.B,l=0,n,m="base32";b&&(k=sjcl.codec.base32.X,m="base32hex");for(g=0;g<a.length;g++){n=k.indexOf(a.charAt(g));if(0>n){if(!b)try{return sjcl.codec.base32hex.toBits(a)}catch(p){}throw new sjcl.exception.invalid("this isn't "+m+"!");}h>e?(h-=e,f.push(l^n>>>h),l=n<<c-h):(h+=d,l^=n<<c-h)}h&56&&f.push(sjcl.bitArray.partial(h&56,l,1));return f}};
+sjcl.codec.base32hex={fromBits:function(a,b){return sjcl.codec.base32.fromBits(a,b,1)},toBits:function(a){return sjcl.codec.base32.toBits(a,1)}};
+sjcl.codec.base64={B:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/",fromBits:function(a,b,c){var d="",e=0,f=sjcl.codec.base64.B,g=0,h=sjcl.bitArray.bitLength(a);c&&(f=f.substr(0,62)+"-_");for(c=0;6*d.length<h;)d+=f.charAt((g^a[c]>>>e)>>>26),6>e?(g=a[c]<<6-e,e+=26,c++):(g<<=6,e-=6);for(;d.length&3&&!b;)d+="=";return d},toBits:function(a,b){a=a.replace(/\s|=/g,"");var c=[],d,e=0,f=sjcl.codec.base64.B,g=0,h;b&&(f=f.substr(0,62)+"-_");for(d=0;d<a.length;d++){h=f.indexOf(a.charAt(d));
+if(0>h)throw new sjcl.exception.invalid("this isn't base64!");26<e?(e-=26,c.push(g^h>>>e),g=h<<32-e):(e+=6,g^=h<<32-e)}e&56&&c.push(sjcl.bitArray.partial(e&56,g,1));return c}};sjcl.codec.base64url={fromBits:function(a){return sjcl.codec.base64.fromBits(a,1,1)},toBits:function(a){return sjcl.codec.base64.toBits(a,1)}};sjcl.hash.sha256=function(a){this.b[0]||this.O();a?(this.F=a.F.slice(0),this.A=a.A.slice(0),this.l=a.l):this.reset()};sjcl.hash.sha256.hash=function(a){return(new sjcl.hash.sha256).update(a).finalize()};
+sjcl.hash.sha256.prototype={blockSize:512,reset:function(){this.F=this.Y.slice(0);this.A=[];this.l=0;return this},update:function(a){"string"===typeof a&&(a=sjcl.codec.utf8String.toBits(a));var b,c=this.A=sjcl.bitArray.concat(this.A,a);b=this.l;a=this.l=b+sjcl.bitArray.bitLength(a);if(0x1fffffffffffff<a)throw new sjcl.exception.invalid("Cannot hash more than 2^53 - 1 bits");if("undefined"!==typeof Uint32Array){var d=new Uint32Array(c),e=0;for(b=512+b-(512+b&0x1ff);b<=a;b+=512)u(this,d.subarray(16*e,
+16*(e+1))),e+=1;c.splice(0,16*e)}else for(b=512+b-(512+b&0x1ff);b<=a;b+=512)u(this,c.splice(0,16));return this},finalize:function(){var a,b=this.A,c=this.F,b=sjcl.bitArray.concat(b,[sjcl.bitArray.partial(1,1)]);for(a=b.length+2;a&15;a++)b.push(0);b.push(Math.floor(this.l/0x100000000));for(b.push(this.l|0);b.length;)u(this,b.splice(0,16));this.reset();return c},Y:[],b:[],O:function(){function a(a){return 0x100000000*(a-Math.floor(a))|0}for(var b=0,c=2,d,e;64>b;c++){e=!0;for(d=2;d*d<=c;d++)if(0===c%d){e=
+!1;break}e&&(8>b&&(this.Y[b]=a(Math.pow(c,.5))),this.b[b]=a(Math.pow(c,1/3)),b++)}}};
+function u(a,b){var c,d,e,f=a.F,g=a.b,h=f[0],k=f[1],l=f[2],n=f[3],m=f[4],p=f[5],r=f[6],q=f[7];for(c=0;64>c;c++)16>c?d=b[c]:(d=b[c+1&15],e=b[c+14&15],d=b[c&15]=(d>>>7^d>>>18^d>>>3^d<<25^d<<14)+(e>>>17^e>>>19^e>>>10^e<<15^e<<13)+b[c&15]+b[c+9&15]|0),d=d+q+(m>>>6^m>>>11^m>>>25^m<<26^m<<21^m<<7)+(r^m&(p^r))+g[c],q=r,r=p,p=m,m=n+d|0,n=l,l=k,k=h,h=d+(k&l^n&(k^l))+(k>>>2^k>>>13^k>>>22^k<<30^k<<19^k<<10)|0;f[0]=f[0]+h|0;f[1]=f[1]+k|0;f[2]=f[2]+l|0;f[3]=f[3]+n|0;f[4]=f[4]+m|0;f[5]=f[5]+p|0;f[6]=f[6]+r|0;f[7]=
+f[7]+q|0}
+sjcl.mode.ccm={name:"ccm",G:[],listenProgress:function(a){sjcl.mode.ccm.G.push(a)},unListenProgress:function(a){a=sjcl.mode.ccm.G.indexOf(a);-1<a&&sjcl.mode.ccm.G.splice(a,1)},fa:function(a){var b=sjcl.mode.ccm.G.slice(),c;for(c=0;c<b.length;c+=1)b[c](a)},encrypt:function(a,b,c,d,e){var f,g=b.slice(0),h=sjcl.bitArray,k=h.bitLength(c)/8,l=h.bitLength(g)/8;e=e||64;d=d||[];if(7>k)throw new sjcl.exception.invalid("ccm: iv must be at least 7 bytes");for(f=2;4>f&&l>>>8*f;f++);f<15-k&&(f=15-k);c=h.clamp(c,
+8*(15-f));b=sjcl.mode.ccm.V(a,b,c,d,e,f);g=sjcl.mode.ccm.C(a,g,c,b,e,f);return h.concat(g.data,g.tag)},decrypt:function(a,b,c,d,e){e=e||64;d=d||[];var f=sjcl.bitArray,g=f.bitLength(c)/8,h=f.bitLength(b),k=f.clamp(b,h-e),l=f.bitSlice(b,h-e),h=(h-e)/8;if(7>g)throw new sjcl.exception.invalid("ccm: iv must be at least 7 bytes");for(b=2;4>b&&h>>>8*b;b++);b<15-g&&(b=15-g);c=f.clamp(c,8*(15-b));k=sjcl.mode.ccm.C(a,k,c,l,e,b);a=sjcl.mode.ccm.V(a,k.data,c,d,e,b);if(!f.equal(k.tag,a))throw new sjcl.exception.corrupt("ccm: tag doesn't match");
+return k.data},na:function(a,b,c,d,e,f){var g=[],h=sjcl.bitArray,k=h.i;d=[h.partial(8,(b.length?64:0)|d-2<<2|f-1)];d=h.concat(d,c);d[3]|=e;d=a.encrypt(d);if(b.length)for(c=h.bitLength(b)/8,65279>=c?g=[h.partial(16,c)]:0xffffffff>=c&&(g=h.concat([h.partial(16,65534)],[c])),g=h.concat(g,b),b=0;b<g.length;b+=4)d=a.encrypt(k(d,g.slice(b,b+4).concat([0,0,0])));return d},V:function(a,b,c,d,e,f){var g=sjcl.bitArray,h=g.i;e/=8;if(e%2||4>e||16<e)throw new sjcl.exception.invalid("ccm: invalid tag length");
+if(0xffffffff<d.length||0xffffffff<b.length)throw new sjcl.exception.bug("ccm: can't deal with 4GiB or more data");c=sjcl.mode.ccm.na(a,d,c,e,g.bitLength(b)/8,f);for(d=0;d<b.length;d+=4)c=a.encrypt(h(c,b.slice(d,d+4).concat([0,0,0])));return g.clamp(c,8*e)},C:function(a,b,c,d,e,f){var g,h=sjcl.bitArray;g=h.i;var k=b.length,l=h.bitLength(b),n=k/50,m=n;c=h.concat([h.partial(8,f-1)],c).concat([0,0,0]).slice(0,4);d=h.bitSlice(g(d,a.encrypt(c)),0,e);if(!k)return{tag:d,data:[]};for(g=0;g<k;g+=4)g>n&&(sjcl.mode.ccm.fa(g/
+k),n+=m),c[3]++,e=a.encrypt(c),b[g]^=e[0],b[g+1]^=e[1],b[g+2]^=e[2],b[g+3]^=e[3];return{tag:d,data:h.clamp(b,l)}}};
+sjcl.mode.ocb2={name:"ocb2",encrypt:function(a,b,c,d,e,f){if(128!==sjcl.bitArray.bitLength(c))throw new sjcl.exception.invalid("ocb iv must be 128 bits");var g,h=sjcl.mode.ocb2.S,k=sjcl.bitArray,l=k.i,n=[0,0,0,0];c=h(a.encrypt(c));var m,p=[];d=d||[];e=e||64;for(g=0;g+4<b.length;g+=4)m=b.slice(g,g+4),n=l(n,m),p=p.concat(l(c,a.encrypt(l(c,m)))),c=h(c);m=b.slice(g);b=k.bitLength(m);g=a.encrypt(l(c,[0,0,0,b]));m=k.clamp(l(m.concat([0,0,0]),g),b);n=l(n,l(m.concat([0,0,0]),g));n=a.encrypt(l(n,l(c,h(c))));
+d.length&&(n=l(n,f?d:sjcl.mode.ocb2.pmac(a,d)));return p.concat(k.concat(m,k.clamp(n,e)))},decrypt:function(a,b,c,d,e,f){if(128!==sjcl.bitArray.bitLength(c))throw new sjcl.exception.invalid("ocb iv must be 128 bits");e=e||64;var g=sjcl.mode.ocb2.S,h=sjcl.bitArray,k=h.i,l=[0,0,0,0],n=g(a.encrypt(c)),m,p,r=sjcl.bitArray.bitLength(b)-e,q=[];d=d||[];for(c=0;c+4<r/32;c+=4)m=k(n,a.decrypt(k(n,b.slice(c,c+4)))),l=k(l,m),q=q.concat(m),n=g(n);p=r-32*c;m=a.encrypt(k(n,[0,0,0,p]));m=k(m,h.clamp(b.slice(c),p).concat([0,
+0,0]));l=k(l,m);l=a.encrypt(k(l,k(n,g(n))));d.length&&(l=k(l,f?d:sjcl.mode.ocb2.pmac(a,d)));if(!h.equal(h.clamp(l,e),h.bitSlice(b,r)))throw new sjcl.exception.corrupt("ocb: tag doesn't match");return q.concat(h.clamp(m,p))},pmac:function(a,b){var c,d=sjcl.mode.ocb2.S,e=sjcl.bitArray,f=e.i,g=[0,0,0,0],h=a.encrypt([0,0,0,0]),h=f(h,d(d(h)));for(c=0;c+4<b.length;c+=4)h=d(h),g=f(g,a.encrypt(f(h,b.slice(c,c+4))));c=b.slice(c);128>e.bitLength(c)&&(h=f(h,d(h)),c=e.concat(c,[-2147483648,0,0,0]));g=f(g,c);
+return a.encrypt(f(d(f(h,d(h))),g))},S:function(a){return[a[0]<<1^a[1]>>>31,a[1]<<1^a[2]>>>31,a[2]<<1^a[3]>>>31,a[3]<<1^135*(a[0]>>>31)]}};
+sjcl.mode.gcm={name:"gcm",encrypt:function(a,b,c,d,e){var f=b.slice(0);b=sjcl.bitArray;d=d||[];a=sjcl.mode.gcm.C(!0,a,f,d,c,e||128);return b.concat(a.data,a.tag)},decrypt:function(a,b,c,d,e){var f=b.slice(0),g=sjcl.bitArray,h=g.bitLength(f);e=e||128;d=d||[];e<=h?(b=g.bitSlice(f,h-e),f=g.bitSlice(f,0,h-e)):(b=f,f=[]);a=sjcl.mode.gcm.C(!1,a,f,d,c,e);if(!g.equal(a.tag,b))throw new sjcl.exception.corrupt("gcm: tag doesn't match");return a.data},ka:function(a,b){var c,d,e,f,g,h=sjcl.bitArray.i;e=[0,0,
+0,0];f=b.slice(0);for(c=0;128>c;c++){(d=0!==(a[Math.floor(c/32)]&1<<31-c%32))&&(e=h(e,f));g=0!==(f[3]&1);for(d=3;0<d;d--)f[d]=f[d]>>>1|(f[d-1]&1)<<31;f[0]>>>=1;g&&(f[0]^=-0x1f000000)}return e},j:function(a,b,c){var d,e=c.length;b=b.slice(0);for(d=0;d<e;d+=4)b[0]^=0xffffffff&c[d],b[1]^=0xffffffff&c[d+1],b[2]^=0xffffffff&c[d+2],b[3]^=0xffffffff&c[d+3],b=sjcl.mode.gcm.ka(b,a);return b},C:function(a,b,c,d,e,f){var g,h,k,l,n,m,p,r,q=sjcl.bitArray;m=c.length;p=q.bitLength(c);r=q.bitLength(d);h=q.bitLength(e);
+g=b.encrypt([0,0,0,0]);96===h?(e=e.slice(0),e=q.concat(e,[1])):(e=sjcl.mode.gcm.j(g,[0,0,0,0],e),e=sjcl.mode.gcm.j(g,e,[0,0,Math.floor(h/0x100000000),h&0xffffffff]));h=sjcl.mode.gcm.j(g,[0,0,0,0],d);n=e.slice(0);d=h.slice(0);a||(d=sjcl.mode.gcm.j(g,h,c));for(l=0;l<m;l+=4)n[3]++,k=b.encrypt(n),c[l]^=k[0],c[l+1]^=k[1],c[l+2]^=k[2],c[l+3]^=k[3];c=q.clamp(c,p);a&&(d=sjcl.mode.gcm.j(g,h,c));a=[Math.floor(r/0x100000000),r&0xffffffff,Math.floor(p/0x100000000),p&0xffffffff];d=sjcl.mode.gcm.j(g,d,a);k=b.encrypt(e);
+d[0]^=k[0];d[1]^=k[1];d[2]^=k[2];d[3]^=k[3];return{tag:q.bitSlice(d,0,f),data:c}}};sjcl.misc.hmac=function(a,b){this.W=b=b||sjcl.hash.sha256;var c=[[],[]],d,e=b.prototype.blockSize/32;this.w=[new b,new b];a.length>e&&(a=b.hash(a));for(d=0;d<e;d++)c[0][d]=a[d]^909522486,c[1][d]=a[d]^1549556828;this.w[0].update(c[0]);this.w[1].update(c[1]);this.R=new b(this.w[0])};
+sjcl.misc.hmac.prototype.encrypt=sjcl.misc.hmac.prototype.mac=function(a){if(this.aa)throw new sjcl.exception.invalid("encrypt on already updated hmac called!");this.update(a);return this.digest(a)};sjcl.misc.hmac.prototype.reset=function(){this.R=new this.W(this.w[0]);this.aa=!1};sjcl.misc.hmac.prototype.update=function(a){this.aa=!0;this.R.update(a)};sjcl.misc.hmac.prototype.digest=function(){var a=this.R.finalize(),a=(new this.W(this.w[1])).update(a).finalize();this.reset();return a};
+sjcl.misc.pbkdf2=function(a,b,c,d,e){c=c||1E4;if(0>d||0>c)throw new sjcl.exception.invalid("invalid params to pbkdf2");"string"===typeof a&&(a=sjcl.codec.utf8String.toBits(a));"string"===typeof b&&(b=sjcl.codec.utf8String.toBits(b));e=e||sjcl.misc.hmac;a=new e(a);var f,g,h,k,l=[],n=sjcl.bitArray;for(k=1;32*l.length<(d||1);k++){e=f=a.encrypt(n.concat(b,[k]));for(g=1;g<c;g++)for(f=a.encrypt(f),h=0;h<f.length;h++)e[h]^=f[h];l=l.concat(e)}d&&(l=n.clamp(l,d));return l};
+sjcl.prng=function(a){this.c=[new sjcl.hash.sha256];this.m=[0];this.P=0;this.H={};this.N=0;this.U={};this.Z=this.f=this.o=this.ha=0;this.b=[0,0,0,0,0,0,0,0];this.h=[0,0,0,0];this.L=void 0;this.M=a;this.D=!1;this.K={progress:{},seeded:{}};this.u=this.ga=0;this.I=1;this.J=2;this.ca=0x10000;this.T=[0,48,64,96,128,192,0x100,384,512,768,1024];this.da=3E4;this.ba=80};
+sjcl.prng.prototype={randomWords:function(a,b){var c=[],d;d=this.isReady(b);var e;if(d===this.u)throw new sjcl.exception.notReady("generator isn't seeded");if(d&this.J){d=!(d&this.I);e=[];var f=0,g;this.Z=e[0]=(new Date).valueOf()+this.da;for(g=0;16>g;g++)e.push(0x100000000*Math.random()|0);for(g=0;g<this.c.length&&(e=e.concat(this.c[g].finalize()),f+=this.m[g],this.m[g]=0,d||!(this.P&1<<g));g++);this.P>=1<<this.c.length&&(this.c.push(new sjcl.hash.sha256),this.m.push(0));this.f-=f;f>this.o&&(this.o=
+f);this.P++;this.b=sjcl.hash.sha256.hash(this.b.concat(e));this.L=new sjcl.cipher.aes(this.b);for(d=0;4>d&&(this.h[d]=this.h[d]+1|0,!this.h[d]);d++);}for(d=0;d<a;d+=4)0===(d+1)%this.ca&&y(this),e=z(this),c.push(e[0],e[1],e[2],e[3]);y(this);return c.slice(0,a)},setDefaultParanoia:function(a,b){if(0===a&&"Setting paranoia=0 will ruin your security; use it only for testing"!==b)throw new sjcl.exception.invalid("Setting paranoia=0 will ruin your security; use it only for testing");this.M=a},addEntropy:function(a,
+b,c){c=c||"user";var d,e,f=(new Date).valueOf(),g=this.H[c],h=this.isReady(),k=0;d=this.U[c];void 0===d&&(d=this.U[c]=this.ha++);void 0===g&&(g=this.H[c]=0);this.H[c]=(this.H[c]+1)%this.c.length;switch(typeof a){case "number":void 0===b&&(b=1);this.c[g].update([d,this.N++,1,b,f,1,a|0]);break;case "object":c=Object.prototype.toString.call(a);if("[object Uint32Array]"===c){e=[];for(c=0;c<a.length;c++)e.push(a[c]);a=e}else for("[object Array]"!==c&&(k=1),c=0;c<a.length&&!k;c++)"number"!==typeof a[c]&&
+(k=1);if(!k){if(void 0===b)for(c=b=0;c<a.length;c++)for(e=a[c];0<e;)b++,e=e>>>1;this.c[g].update([d,this.N++,2,b,f,a.length].concat(a))}break;case "string":void 0===b&&(b=a.length);this.c[g].update([d,this.N++,3,b,f,a.length]);this.c[g].update(a);break;default:k=1}if(k)throw new sjcl.exception.bug("random: addEntropy only supports number, array of numbers or string");this.m[g]+=b;this.f+=b;h===this.u&&(this.isReady()!==this.u&&A("seeded",Math.max(this.o,this.f)),A("progress",this.getProgress()))},
+isReady:function(a){a=this.T[void 0!==a?a:this.M];return this.o&&this.o>=a?this.m[0]>this.ba&&(new Date).valueOf()>this.Z?this.J|this.I:this.I:this.f>=a?this.J|this.u:this.u},getProgress:function(a){a=this.T[a?a:this.M];return this.o>=a?1:this.f>a?1:this.f/a},startCollectors:function(){if(!this.D){this.a={loadTimeCollector:B(this,this.ma),mouseCollector:B(this,this.oa),keyboardCollector:B(this,this.la),accelerometerCollector:B(this,this.ea),touchCollector:B(this,this.qa)};if(window.addEventListener)window.addEventListener("load",
+this.a.loadTimeCollector,!1),window.addEventListener("mousemove",this.a.mouseCollector,!1),window.addEventListener("keypress",this.a.keyboardCollector,!1),window.addEventListener("devicemotion",this.a.accelerometerCollector,!1),window.addEventListener("touchmove",this.a.touchCollector,!1);else if(document.attachEvent)document.attachEvent("onload",this.a.loadTimeCollector),document.attachEvent("onmousemove",this.a.mouseCollector),document.attachEvent("keypress",this.a.keyboardCollector);else throw new sjcl.exception.bug("can't attach event");
+this.D=!0}},stopCollectors:function(){this.D&&(window.removeEventListener?(window.removeEventListener("load",this.a.loadTimeCollector,!1),window.removeEventListener("mousemove",this.a.mouseCollector,!1),window.removeEventListener("keypress",this.a.keyboardCollector,!1),window.removeEventListener("devicemotion",this.a.accelerometerCollector,!1),window.removeEventListener("touchmove",this.a.touchCollector,!1)):document.detachEvent&&(document.detachEvent("onload",this.a.loadTimeCollector),document.detachEvent("onmousemove",
+this.a.mouseCollector),document.detachEvent("keypress",this.a.keyboardCollector)),this.D=!1)},addEventListener:function(a,b){this.K[a][this.ga++]=b},removeEventListener:function(a,b){var c,d,e=this.K[a],f=[];for(d in e)e.hasOwnProperty(d)&&e[d]===b&&f.push(d);for(c=0;c<f.length;c++)d=f[c],delete e[d]},la:function(){C(this,1)},oa:function(a){var b,c;try{b=a.x||a.clientX||a.offsetX||0,c=a.y||a.clientY||a.offsetY||0}catch(d){c=b=0}0!=b&&0!=c&&this.addEntropy([b,c],2,"mouse");C(this,0)},qa:function(a){a=
+a.touches[0]||a.changedTouches[0];this.addEntropy([a.pageX||a.clientX,a.pageY||a.clientY],1,"touch");C(this,0)},ma:function(){C(this,2)},ea:function(a){a=a.accelerationIncludingGravity.x||a.accelerationIncludingGravity.y||a.accelerationIncludingGravity.z;if(window.orientation){var b=window.orientation;"number"===typeof b&&this.addEntropy(b,1,"accelerometer")}a&&this.addEntropy(a,2,"accelerometer");C(this,0)}};
+function A(a,b){var c,d=sjcl.random.K[a],e=[];for(c in d)d.hasOwnProperty(c)&&e.push(d[c]);for(c=0;c<e.length;c++)e[c](b)}function C(a,b){"undefined"!==typeof window&&window.performance&&"function"===typeof window.performance.now?a.addEntropy(window.performance.now(),b,"loadtime"):a.addEntropy((new Date).valueOf(),b,"loadtime")}function y(a){a.b=z(a).concat(z(a));a.L=new sjcl.cipher.aes(a.b)}function z(a){for(var b=0;4>b&&(a.h[b]=a.h[b]+1|0,!a.h[b]);b++);return a.L.encrypt(a.h)}
+function B(a,b){return function(){b.apply(a,arguments)}}sjcl.random=new sjcl.prng(6);
+a:try{var D,E,F,G;if(G="undefined"!==typeof module&&module.exports){var H;try{H=require("crypto")}catch(a){H=null}G=E=H}if(G&&E.randomBytes)D=E.randomBytes(128),D=new Uint32Array((new Uint8Array(D)).buffer),sjcl.random.addEntropy(D,1024,"crypto['randomBytes']");else if("undefined"!==typeof window&&"undefined"!==typeof Uint32Array){F=new Uint32Array(32);if(window.crypto&&window.crypto.getRandomValues)window.crypto.getRandomValues(F);else if(window.msCrypto&&window.msCrypto.getRandomValues)window.msCrypto.getRandomValues(F);
+else break a;sjcl.random.addEntropy(F,1024,"crypto['getRandomValues']")}}catch(a){"undefined"!==typeof window&&window.console&&(console.log("There was an error collecting entropy from the browser:"),console.log(a))}
+sjcl.json={defaults:{v:1,iter:1E4,ks:128,ts:64,mode:"ccm",adata:"",cipher:"aes"},ja:function(a,b,c,d){c=c||{};d=d||{};var e=sjcl.json,f=e.g({iv:sjcl.random.randomWords(4,0)},e.defaults),g;e.g(f,c);c=f.adata;"string"===typeof f.salt&&(f.salt=sjcl.codec.base64.toBits(f.salt));"string"===typeof f.iv&&(f.iv=sjcl.codec.base64.toBits(f.iv));if(!sjcl.mode[f.mode]||!sjcl.cipher[f.cipher]||"string"===typeof a&&100>=f.iter||64!==f.ts&&96!==f.ts&&128!==f.ts||128!==f.ks&&192!==f.ks&&0x100!==f.ks||2>f.iv.length||
+4<f.iv.length)throw new sjcl.exception.invalid("json encrypt: invalid parameters");"string"===typeof a?(g=sjcl.misc.cachedPbkdf2(a,f),a=g.key.slice(0,f.ks/32),f.salt=g.salt):sjcl.ecc&&a instanceof sjcl.ecc.elGamal.publicKey&&(g=a.kem(),f.kemtag=g.tag,a=g.key.slice(0,f.ks/32));"string"===typeof b&&(b=sjcl.codec.utf8String.toBits(b));"string"===typeof c&&(f.adata=c=sjcl.codec.utf8String.toBits(c));g=new sjcl.cipher[f.cipher](a);e.g(d,f);d.key=a;f.ct="ccm"===f.mode&&sjcl.arrayBuffer&&sjcl.arrayBuffer.ccm&&
+b instanceof ArrayBuffer?sjcl.arrayBuffer.ccm.encrypt(g,b,f.iv,c,f.ts):sjcl.mode[f.mode].encrypt(g,b,f.iv,c,f.ts);return f},encrypt:function(a,b,c,d){var e=sjcl.json,f=e.ja.apply(e,arguments);return e.encode(f)},ia:function(a,b,c,d){c=c||{};d=d||{};var e=sjcl.json;b=e.g(e.g(e.g({},e.defaults),b),c,!0);var f,g;f=b.adata;"string"===typeof b.salt&&(b.salt=sjcl.codec.base64.toBits(b.salt));"string"===typeof b.iv&&(b.iv=sjcl.codec.base64.toBits(b.iv));if(!sjcl.mode[b.mode]||!sjcl.cipher[b.cipher]||"string"===
+typeof a&&100>=b.iter||64!==b.ts&&96!==b.ts&&128!==b.ts||128!==b.ks&&192!==b.ks&&0x100!==b.ks||!b.iv||2>b.iv.length||4<b.iv.length)throw new sjcl.exception.invalid("json decrypt: invalid parameters");"string"===typeof a?(g=sjcl.misc.cachedPbkdf2(a,b),a=g.key.slice(0,b.ks/32),b.salt=g.salt):sjcl.ecc&&a instanceof sjcl.ecc.elGamal.secretKey&&(a=a.unkem(sjcl.codec.base64.toBits(b.kemtag)).slice(0,b.ks/32));"string"===typeof f&&(f=sjcl.codec.utf8String.toBits(f));g=new sjcl.cipher[b.cipher](a);f="ccm"===
+b.mode&&sjcl.arrayBuffer&&sjcl.arrayBuffer.ccm&&b.ct instanceof ArrayBuffer?sjcl.arrayBuffer.ccm.decrypt(g,b.ct,b.iv,b.tag,f,b.ts):sjcl.mode[b.mode].decrypt(g,b.ct,b.iv,f,b.ts);e.g(d,b);d.key=a;return 1===c.raw?f:sjcl.codec.utf8String.fromBits(f)},decrypt:function(a,b,c,d){var e=sjcl.json;return e.ia(a,e.decode(b),c,d)},encode:function(a){var b,c="{",d="";for(b in a)if(a.hasOwnProperty(b)){if(!b.match(/^[a-z0-9]+$/i))throw new sjcl.exception.invalid("json encode: invalid property name");c+=d+'"'+
+b+'":';d=",";switch(typeof a[b]){case "number":case "boolean":c+=a[b];break;case "string":c+='"'+escape(a[b])+'"';break;case "object":c+='"'+sjcl.codec.base64.fromBits(a[b],0)+'"';break;default:throw new sjcl.exception.bug("json encode: unsupported type");}}return c+"}"},decode:function(a){a=a.replace(/\s/g,"");if(!a.match(/^\{.*\}$/))throw new sjcl.exception.invalid("json decode: this isn't json!");a=a.replace(/^\{|\}$/g,"").split(/,/);var b={},c,d;for(c=0;c<a.length;c++){if(!(d=a[c].match(/^\s*(?:(["']?)([a-z][a-z0-9]*)\1)\s*:\s*(?:(-?\d+)|"([a-z0-9+\/%*_.@=\-]*)"|(true|false))$/i)))throw new sjcl.exception.invalid("json decode: this isn't json!");
+null!=d[3]?b[d[2]]=parseInt(d[3],10):null!=d[4]?b[d[2]]=d[2].match(/^(ct|adata|salt|iv)$/)?sjcl.codec.base64.toBits(d[4]):unescape(d[4]):null!=d[5]&&(b[d[2]]="true"===d[5])}return b},g:function(a,b,c){void 0===a&&(a={});if(void 0===b)return a;for(var d in b)if(b.hasOwnProperty(d)){if(c&&void 0!==a[d]&&a[d]!==b[d])throw new sjcl.exception.invalid("required parameter overridden");a[d]=b[d]}return a},sa:function(a,b){var c={},d;for(d in a)a.hasOwnProperty(d)&&a[d]!==b[d]&&(c[d]=a[d]);return c},ra:function(a,
+b){var c={},d;for(d=0;d<b.length;d++)void 0!==a[b[d]]&&(c[b[d]]=a[b[d]]);return c}};sjcl.encrypt=sjcl.json.encrypt;sjcl.decrypt=sjcl.json.decrypt;sjcl.misc.pa={};sjcl.misc.cachedPbkdf2=function(a,b){var c=sjcl.misc.pa,d;b=b||{};d=b.iter||1E3;c=c[a]=c[a]||{};d=c[d]=c[d]||{firstSalt:b.salt&&b.salt.length?b.salt.slice(0):sjcl.random.randomWords(2,0)};c=void 0===b.salt?d.firstSalt:b.salt;d[c]=d[c]||sjcl.misc.pbkdf2(a,c,b.iter);return{key:d[c].slice(0),salt:c.slice(0)}};
+"undefined"!==typeof module&&module.exports&&(module.exports=sjcl);"function"===typeof define&&define([],function(){return sjcl});

js/test.js

@@ -0,0 +1,158 @@
+'use strict';
+var jsc = require('jsverify'),
+    jsdom = require('jsdom-global'),
+    cleanup = jsdom(),
+
+    a2zString = ['a','b','c','d','e','f','g','h','i','j','k','l','m',
+                 'n','o','p','q','r','s','t','u','v','w','x','y','z'],
+    alnumString = a2zString.concat(['0','1','2','3','4','5','6','7','8','9']),
+    queryString = alnumString.concat(['+','%','&','.','*','-','_']),
+    base64String = alnumString.concat(['+','/','=']).concat(
+        a2zString.map(function(c) {
+            return c.toUpperCase();
+        })
+    );
+
+global.$ = global.jQuery = require('./jquery-3.1.1');
+global.sjcl = require('./sjcl-1.0.6');
+global.Base64 = require('./base64-2.1.9');
+global.RawDeflate = require('./rawdeflate-0.5');
+require('./rawinflate-0.3');
+require('./privatebin');
+
+describe('helper', function () {
+    describe('secondsToHuman', function () {
+        after(function () {
+            cleanup();
+        });
+
+        jsc.property('returns an array with a number and a word', 'integer', function (number) {
+            var result = $.PrivateBin.helper.secondsToHuman(number);
+            return Array.isArray(result) &&
+                result.length === 2 &&
+                result[0] === parseInt(result[0], 10) &&
+                typeof result[1] === 'string';
+        });
+        jsc.property('returns seconds on the first array position', 'integer 59', function (number) {
+            return $.PrivateBin.helper.secondsToHuman(number)[0] === number;
+        });
+        jsc.property('returns seconds on the second array position', 'integer 59', function (number) {
+            return $.PrivateBin.helper.secondsToHuman(number)[1] === 'second';
+        });
+        jsc.property('returns minutes on the first array position', 'integer 60 3599', function (number) {
+            return $.PrivateBin.helper.secondsToHuman(number)[0] === Math.floor(number / 60);
+        });
+        jsc.property('returns minutes on the second array position', 'integer 60 3599', function (number) {
+            return $.PrivateBin.helper.secondsToHuman(number)[1] === 'minute';
+        });
+        jsc.property('returns hours on the first array position', 'integer 3600 86399', function (number) {
+            return $.PrivateBin.helper.secondsToHuman(number)[0] === Math.floor(number / (60 * 60));
+        });
+        jsc.property('returns hours on the second array position', 'integer 3600 86399', function (number) {
+            return $.PrivateBin.helper.secondsToHuman(number)[1] === 'hour';
+        });
+        jsc.property('returns days on the first array position', 'integer 86400 5184000', function (number) {
+            return $.PrivateBin.helper.secondsToHuman(number)[0] === Math.floor(number / (60 * 60 * 24));
+        });
+        jsc.property('returns days on the second array position', 'integer 86400 5184000', function (number) {
+            return $.PrivateBin.helper.secondsToHuman(number)[1] === 'day';
+        });
+        // max safe integer as per http://ecma262-5.com/ELS5_HTML.htm#Section_8.5
+        jsc.property('returns months on the first array position', 'integer 5184000 9007199254740991', function (number) {
+            return $.PrivateBin.helper.secondsToHuman(number)[0] === Math.floor(number / (60 * 60 * 24 * 30));
+        });
+        jsc.property('returns months on the second array position', 'integer 5184000 9007199254740991', function (number) {
+            return $.PrivateBin.helper.secondsToHuman(number)[1] === 'month';
+        });
+    });
+
+    describe('scriptLocation', function () {
+        jsc.property(
+            'returns the URL without query & fragment',
+            jsc.nearray(jsc.elements(a2zString)),
+            jsc.nearray(jsc.elements(a2zString)),
+            jsc.array(jsc.elements(queryString)),
+            'string',
+            function (schema, address, query, fragment) {
+                var expected = schema.join('') + '://' + address.join('') + '/',
+                    clean = jsdom('', {url: expected + '?' + query.join('') + '#' + fragment}),
+                    result = $.PrivateBin.helper.scriptLocation();
+                clean();
+                return expected === result;
+            }
+        );
+    });
+
+    describe('pasteId', function () {
+        jsc.property(
+            'returns the query string without separator, if any',
+            jsc.nearray(jsc.elements(a2zString)),
+            jsc.nearray(jsc.elements(a2zString)),
+            jsc.array(jsc.elements(queryString)),
+            'string',
+            function (schema, address, query, fragment) {
+                var queryString = query.join(''),
+                    clean = jsdom('', {
+                        url: schema.join('') + '://' + address.join('') +
+                             '/?' + queryString + '#' + fragment
+                    }),
+                    result = $.PrivateBin.helper.pasteId();
+                clean();
+                return queryString === result;
+            }
+        );
+    });
+
+    describe('pageKey', function () {
+        jsc.property(
+            'returns the fragment of the URL',
+            jsc.nearray(jsc.elements(a2zString)),
+            jsc.nearray(jsc.elements(a2zString)),
+            jsc.array(jsc.elements(queryString)),
+            jsc.array(jsc.elements(base64String)),
+            function (schema, address, query, fragment) {
+                var fragmentString = fragment.join(''),
+                    clean = jsdom('', {
+                        url: schema.join('') + '://' + address.join('') +
+                             '/?' + query.join('') + '#' + fragmentString
+                    }),
+                    result = $.PrivateBin.helper.pageKey();
+                clean();
+                return fragmentString === result;
+            }
+        );
+        jsc.property(
+            'returns the fragment stripped of trailing query parts',
+            jsc.nearray(jsc.elements(a2zString)),
+            jsc.nearray(jsc.elements(a2zString)),
+            jsc.array(jsc.elements(queryString)),
+            jsc.array(jsc.elements(base64String)),
+            jsc.array(jsc.elements(queryString)),
+            function (schema, address, query, fragment, trail) {
+                var fragmentString = fragment.join(''),
+                    clean = jsdom('', {
+                        url: schema.join('') + '://' + address.join('') + '/?' +
+                             query.join('') + '#' + fragmentString + '&' + trail.join('')
+                    }),
+                    result = $.PrivateBin.helper.pageKey();
+                clean();
+                return fragmentString === result;
+            }
+        );
+    });
+
+    describe('htmlEntities', function () {
+        after(function () {
+            cleanup();
+        });
+
+        jsc.property(
+            'removes all HTML entities from any given string',
+            'string',
+            function (string) {
+                var result = $.PrivateBin.helper.htmlEntities(string);
+                return !(/[<>"'`=\/]/.test(result)) && !(string.indexOf('&') > -1 && !(/&amp;/.test(result)));
+            }
+        );
+    });
+});

lib/Configuration.php

@@ -0,0 +1,247 @@
+<?php
+/**
+ * PrivateBin
+ *
+ * a zero-knowledge paste bin
+ *
+ * @link      https://github.com/PrivateBin/PrivateBin
+ * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
+ * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
+ * @version   1.1
+ */
+
+namespace PrivateBin;
+
+use Exception;
+use PDO;
+
+/**
+ * Configuration
+ *
+ * parses configuration file, ensures default values present
+ */
+class Configuration
+{
+    /**
+     * parsed configuration
+     *
+     * @var array
+     */
+    private $_configuration;
+
+    /**
+     * default configuration
+     *
+     * @var array
+     */
+    private static $_defaults = array(
+        'main' => array(
+            'name'                     => 'PrivateBin',
+            'discussion'               => true,
+            'opendiscussion'           => false,
+            'password'                 => true,
+            'fileupload'               => false,
+            'burnafterreadingselected' => false,
+            'defaultformatter'         => 'plaintext',
+            'syntaxhighlightingtheme'  => null,
+            'sizelimit'                => 2097152,
+            'template'                 => 'bootstrap',
+            'notice'                   => '',
+            'languageselection'        => false,
+            'languagedefault'          => '',
+            'urlshortener'             => '',
+            'icon'                     => 'identicon',
+            'cspheader'                => 'default-src \'none\'; manifest-src \'self\'; connect-src *; script-src \'self\'; style-src \'self\'; font-src \'self\'; img-src \'self\' data:; referrer no-referrer; sandbox allow-same-origin allow-scripts allow-forms allow-popups',
+            'zerobincompatibility'     => false,
+        ),
+        'expire' => array(
+            'default' => '1week',
+            'clone'   => true,
+        ),
+        'expire_options' => array(
+            '5min'   => 300,
+            '10min'  => 600,
+            '1hour'  => 3600,
+            '1day'   => 86400,
+            '1week'  => 604800,
+            '1month' => 2592000,
+            '1year'  => 31536000,
+            'never'  => 0,
+        ),
+        'formatter_options' => array(
+            'plaintext'          => 'Plain Text',
+            'syntaxhighlighting' => 'Source Code',
+            'markdown'           => 'Markdown',
+        ),
+        'traffic' => array(
+            'limit'  => 10,
+            'header' => null,
+            'dir'    => 'data',
+        ),
+        'purge' => array(
+            'limit'     => 300,
+            'batchsize' => 10,
+            'dir'       => 'data',
+        ),
+        'model' => array(
+            'class' => 'Filesystem',
+        ),
+        'model_options' => array(
+            'dir' => 'data',
+        ),
+    );
+
+    /**
+     * parse configuration file and ensure default configuration values are present
+     *
+     * @throws Exception
+     */
+    public function __construct()
+    {
+        $config     = array();
+        $configFile = PATH . 'cfg' . DIRECTORY_SEPARATOR . 'conf.ini';
+        if (is_readable($configFile)) {
+            $config = parse_ini_file($configFile, true);
+            foreach (array('main', 'model', 'model_options') as $section) {
+                if (!array_key_exists($section, $config)) {
+                    throw new Exception(I18n::_('PrivateBin requires configuration section [%s] to be present in configuration file.', $section), 2);
+                }
+            }
+        }
+        $opts = '_options';
+        foreach (self::getDefaults() as $section => $values) {
+            // fill missing sections with default values
+            if (!array_key_exists($section, $config) || count($config[$section]) == 0) {
+                $this->_configuration[$section] = $values;
+                if (array_key_exists('dir', $this->_configuration[$section])) {
+                    $this->_configuration[$section]['dir'] = PATH . $this->_configuration[$section]['dir'];
+                }
+                continue;
+            }
+            // provide different defaults for database model
+            elseif (
+                $section == 'model_options' && in_array(
+                    $this->_configuration['model']['class'],
+                    array('Database', 'privatebin_db', 'zerobin_db')
+                )
+            ) {
+                $values = array(
+                    'dsn' => 'sqlite:' . PATH . 'data' . DIRECTORY_SEPARATOR . 'db.sq3',
+                    'tbl' => null,
+                    'usr' => null,
+                    'pwd' => null,
+                    'opt' => array(PDO::ATTR_PERSISTENT => true),
+                );
+            }
+
+            // "*_options" sections don't require all defaults to be set
+            if (
+                $section !== 'model_options' &&
+                ($from = strlen($section) - strlen($opts)) >= 0 &&
+                strpos($section, $opts, $from) !== false
+            ) {
+                if (is_int(current($values))) {
+                    $config[$section] = array_map('intval', $config[$section]);
+                }
+                $this->_configuration[$section] = $config[$section];
+            }
+            // check for missing keys and set defaults if necessary
+            else {
+                foreach ($values as $key => $val) {
+                    if ($key == 'dir') {
+                        $val = PATH . $val;
+                    }
+                    $result = $val;
+                    if (array_key_exists($key, $config[$section])) {
+                        if ($val === null) {
+                            $result = $config[$section][$key];
+                        } elseif (is_bool($val)) {
+                            $val = strtolower($config[$section][$key]);
+                            if (in_array($val, array('true', 'yes', 'on'))) {
+                                $result = true;
+                            } elseif (in_array($val, array('false', 'no', 'off'))) {
+                                $result = false;
+                            } else {
+                                $result = (bool) $config[$section][$key];
+                            }
+                        } elseif (is_int($val)) {
+                            $result = (int) $config[$section][$key];
+                        } elseif (is_string($val) && !empty($config[$section][$key])) {
+                            $result = (string) $config[$section][$key];
+                        }
+                    }
+                    $this->_configuration[$section][$key] = $result;
+                }
+            }
+        }
+
+        // support for old config file format, before the fork was renamed and PSR-4 introduced
+        $this->_configuration['model']['class'] = str_replace(
+            'zerobin_', 'privatebin_',
+            $this->_configuration['model']['class']
+        );
+
+        $this->_configuration['model']['class'] = str_replace(
+            array('privatebin_data', 'privatebin_db'),
+            array('Filesystem', 'Database'),
+            $this->_configuration['model']['class']
+        );
+
+        // ensure a valid expire default key is set
+        if (!array_key_exists($this->_configuration['expire']['default'], $this->_configuration['expire_options'])) {
+            $this->_configuration['expire']['default'] = key($this->_configuration['expire_options']);
+        }
+    }
+
+    /**
+     * get configuration as array
+     *
+     * return array
+     */
+    public function get()
+    {
+        return $this->_configuration;
+    }
+
+    /**
+     * get default configuration as array
+     *
+     * return array
+     */
+    public static function getDefaults()
+    {
+        return self::$_defaults;
+    }
+
+    /**
+     * get a key from the configuration, typically the main section or all keys
+     *
+     * @param string $key
+     * @param string $section defaults to main
+     * @throws Exception
+     * return mixed
+     */
+    public function getKey($key, $section = 'main')
+    {
+        $options = $this->getSection($section);
+        if (!array_key_exists($key, $options)) {
+            throw new Exception(I18n::_('Invalid data.') . " $section / $key", 4);
+        }
+        return $this->_configuration[$section][$key];
+    }
+
+    /**
+     * get a section from the configuration, must exist
+     *
+     * @param string $section
+     * @throws Exception
+     * return mixed
+     */
+    public function getSection($section)
+    {
+        if (!array_key_exists($section, $this->_configuration)) {
+            throw new Exception(I18n::_('%s requires configuration section [%s] to be present in configuration file.', I18n::_($this->getKey('name')), $section), 3);
+        }
+        return $this->_configuration[$section];
+    }
+}

lib/Data/AbstractData.php

@@ -0,0 +1,185 @@
+<?php
+/**
+ * PrivateBin
+ *
+ * a zero-knowledge paste bin
+ *
+ * @link      https://github.com/PrivateBin/PrivateBin
+ * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
+ * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
+ * @version   1.1
+ */
+
+namespace PrivateBin\Data;
+
+use stdClass;
+
+/**
+ * AbstractData
+ *
+ * Abstract model for PrivateBin data access, implemented as a singleton.
+ */
+abstract class AbstractData
+{
+    /**
+     * singleton instance
+     *
+     * @access protected
+     * @static
+     * @var AbstractData
+     */
+    protected static $_instance = null;
+
+    /**
+     * enforce singleton, disable constructor
+     *
+     * Instantiate using {@link getInstance()}, privatebin is a singleton object.
+     *
+     * @access protected
+     */
+    protected function __construct()
+    {
+    }
+
+    /**
+     * enforce singleton, disable cloning
+     *
+     * Instantiate using {@link getInstance()}, privatebin is a singleton object.
+     *
+     * @access private
+     */
+    private function __clone()
+    {
+    }
+
+    /**
+     * get instance of singleton
+     *
+     * @access public
+     * @static
+     * @param  array $options
+     * @return privatebin_abstract
+     */
+    public static function getInstance($options)
+    {
+    }
+
+    /**
+     * Create a paste.
+     *
+     * @access public
+     * @param  string $pasteid
+     * @param  array  $paste
+     * @return bool
+     */
+    abstract public function create($pasteid, $paste);
+
+    /**
+     * Read a paste.
+     *
+     * @access public
+     * @param  string $pasteid
+     * @return stdClass|false
+     */
+    abstract public function read($pasteid);
+
+    /**
+     * Delete a paste and its discussion.
+     *
+     * @access public
+     * @param  string $pasteid
+     * @return void
+     */
+    abstract public function delete($pasteid);
+
+    /**
+     * Test if a paste exists.
+     *
+     * @access public
+     * @param  string $pasteid
+     * @return bool
+     */
+    abstract public function exists($pasteid);
+
+    /**
+     * Create a comment in a paste.
+     *
+     * @access public
+     * @param  string $pasteid
+     * @param  string $parentid
+     * @param  string $commentid
+     * @param  array  $comment
+     * @return bool
+     */
+    abstract public function createComment($pasteid, $parentid, $commentid, $comment);
+
+    /**
+     * Read all comments of paste.
+     *
+     * @access public
+     * @param  string $pasteid
+     * @return array
+     */
+    abstract public function readComments($pasteid);
+
+    /**
+     * Test if a comment exists.
+     *
+     * @access public
+     * @param  string $pasteid
+     * @param  string $parentid
+     * @param  string $commentid
+     * @return bool
+     */
+    abstract public function existsComment($pasteid, $parentid, $commentid);
+
+    /**
+     * Returns up to batch size number of paste ids that have expired
+     *
+     * @access protected
+     * @param  int $batchsize
+     * @return array
+     */
+    abstract protected function _getExpiredPastes($batchsize);
+
+    /**
+     * Perform a purge of old pastes, at most the given batchsize is deleted.
+     *
+     * @access public
+     * @param  int $batchsize
+     * @return void
+     */
+    public function purge($batchsize)
+    {
+        if ($batchsize < 1) {
+            return;
+        }
+        $pastes = $this->_getExpiredPastes($batchsize);
+        if (count($pastes)) {
+            foreach ($pastes as $pasteid) {
+                $this->delete($pasteid);
+            }
+        }
+    }
+
+    /**
+     * Get next free slot for comment from postdate.
+     *
+     * @access public
+     * @param  array $comments
+     * @param  int|string $postdate
+     * @return int|string
+     */
+    protected function getOpenSlot(&$comments, $postdate)
+    {
+        if (array_key_exists($postdate, $comments)) {
+            $parts = explode('.', $postdate, 2);
+            if (!array_key_exists(1, $parts)) {
+                $parts[1] = 0;
+            }
+            ++$parts[1];
+            return $this->getOpenSlot($comments, implode('.', $parts));
+        }
+        return $postdate;
+    }
+}

lib/Data/Database.php

@@ -0,0 +1,712 @@
+<?php
+/**
+ * PrivateBin
+ *
+ * a zero-knowledge paste bin
+ *
+ * @link      https://github.com/PrivateBin/PrivateBin
+ * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
+ * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
+ * @version   1.1
+ */
+
+namespace PrivateBin\Data;
+
+use Exception;
+use PDO;
+use PDOException;
+use PrivateBin\PrivateBin;
+use stdClass;
+
+/**
+ * Database
+ *
+ * Model for database access, implemented as a singleton.
+ */
+class Database extends AbstractData
+{
+    /**
+     * cache for select queries
+     *
+     * @var array
+     */
+    private static $_cache = array();
+
+    /**
+     * instance of database connection
+     *
+     * @access private
+     * @static
+     * @var PDO
+     */
+    private static $_db;
+
+    /**
+     * table prefix
+     *
+     * @access private
+     * @static
+     * @var string
+     */
+    private static $_prefix = '';
+
+    /**
+     * database type
+     *
+     * @access private
+     * @static
+     * @var string
+     */
+    private static $_type = '';
+
+    /**
+     * get instance of singleton
+     *
+     * @access public
+     * @static
+     * @param  array $options
+     * @throws Exception
+     * @return Database
+     */
+    public static function getInstance($options = null)
+    {
+        // if needed initialize the singleton
+        if (!(self::$_instance instanceof self)) {
+            self::$_instance = new self;
+        }
+
+        if (is_array($options)) {
+            // set table prefix if given
+            if (array_key_exists('tbl', $options)) {
+                self::$_prefix = $options['tbl'];
+            }
+
+            // initialize the db connection with new options
+            if (
+                array_key_exists('dsn', $options) &&
+                array_key_exists('usr', $options) &&
+                array_key_exists('pwd', $options) &&
+                array_key_exists('opt', $options)
+            ) {
+                // set default options
+                $options['opt'][PDO::ATTR_ERRMODE]          = PDO::ERRMODE_EXCEPTION;
+                $options['opt'][PDO::ATTR_EMULATE_PREPARES] = false;
+                $options['opt'][PDO::ATTR_PERSISTENT]       = true;
+                $db_tables_exist                            = true;
+
+                // setup type and dabase connection
+                self::$_type = strtolower(
+                    substr($options['dsn'], 0, strpos($options['dsn'], ':'))
+                );
+                $tableQuery = self::_getTableQuery(self::$_type);
+                self::$_db  = new PDO(
+                    $options['dsn'],
+                    $options['usr'],
+                    $options['pwd'],
+                    $options['opt']
+                );
+
+                // check if the database contains the required tables
+                $tables = self::$_db->query($tableQuery)->fetchAll(PDO::FETCH_COLUMN, 0);
+
+                // create paste table if necessary
+                if (!in_array(self::_sanitizeIdentifier('paste'), $tables)) {
+                    self::_createPasteTable();
+                    $db_tables_exist = false;
+                }
+
+                // create comment table if necessary
+                if (!in_array(self::_sanitizeIdentifier('comment'), $tables)) {
+                    self::_createCommentTable();
+                    $db_tables_exist = false;
+                }
+
+                // create config table if necessary
+                $db_version = PrivateBin::VERSION;
+                if (!in_array(self::_sanitizeIdentifier('config'), $tables)) {
+                    self::_createConfigTable();
+                    // if we only needed to create the config table, the DB is older then 0.22
+                    if ($db_tables_exist) {
+                        $db_version = '0.21';
+                    }
+                } else {
+                    $db_version = self::_getConfig('VERSION');
+                }
+
+                // update database structure if necessary
+                if (version_compare($db_version, PrivateBin::VERSION, '<')) {
+                    self::_upgradeDatabase($db_version);
+                }
+            } else {
+                throw new Exception(
+                    'Missing configuration for key dsn, usr, pwd or opt in the section model_options, please check your configuration file', 6
+                );
+            }
+        }
+
+        return self::$_instance;
+    }
+
+    /**
+     * Create a paste.
+     *
+     * @access public
+     * @param  string $pasteid
+     * @param  array  $paste
+     * @return bool
+     */
+    public function create($pasteid, $paste)
+    {
+        if (
+            array_key_exists($pasteid, self::$_cache)
+        ) {
+            if (false !== self::$_cache[$pasteid]) {
+                return false;
+            } else {
+                unset(self::$_cache[$pasteid]);
+            }
+        }
+
+        $opendiscussion = $burnafterreading = false;
+        $attachment     = $attachmentname     = '';
+        $meta           = $paste['meta'];
+        unset($meta['postdate']);
+        $expire_date = 0;
+        if (array_key_exists('expire_date', $paste['meta'])) {
+            $expire_date = (int) $paste['meta']['expire_date'];
+            unset($meta['expire_date']);
+        }
+        if (array_key_exists('opendiscussion', $paste['meta'])) {
+            $opendiscussion = (bool) $paste['meta']['opendiscussion'];
+            unset($meta['opendiscussion']);
+        }
+        if (array_key_exists('burnafterreading', $paste['meta'])) {
+            $burnafterreading = (bool) $paste['meta']['burnafterreading'];
+            unset($meta['burnafterreading']);
+        }
+        if (array_key_exists('attachment', $paste['meta'])) {
+            $attachment = $paste['meta']['attachment'];
+            unset($meta['attachment']);
+        }
+        if (array_key_exists('attachmentname', $paste['meta'])) {
+            $attachmentname = $paste['meta']['attachmentname'];
+            unset($meta['attachmentname']);
+        }
+        return self::_exec(
+            'INSERT INTO ' . self::_sanitizeIdentifier('paste') .
+            ' VALUES(?,?,?,?,?,?,?,?,?)',
+            array(
+                $pasteid,
+                $paste['data'],
+                $paste['meta']['postdate'],
+                $expire_date,
+                (int) $opendiscussion,
+                (int) $burnafterreading,
+                json_encode($meta),
+                $attachment,
+                $attachmentname,
+            )
+        );
+    }
+
+    /**
+     * Read a paste.
+     *
+     * @access public
+     * @param  string $pasteid
+     * @return stdClass|false
+     */
+    public function read($pasteid)
+    {
+        if (
+            !array_key_exists($pasteid, self::$_cache)
+        ) {
+            self::$_cache[$pasteid] = false;
+            $paste                  = self::_select(
+                'SELECT * FROM ' . self::_sanitizeIdentifier('paste') .
+                ' WHERE dataid = ?', array($pasteid), true
+            );
+
+            if (false !== $paste) {
+                // create object
+                self::$_cache[$pasteid]       = new stdClass;
+                self::$_cache[$pasteid]->data = $paste['data'];
+
+                $meta = json_decode($paste['meta']);
+                if (!is_object($meta)) {
+                    $meta = new stdClass;
+                }
+
+                // support older attachments
+                if (property_exists($meta, 'attachment')) {
+                    self::$_cache[$pasteid]->attachment = $meta->attachment;
+                    unset($meta->attachment);
+                    if (property_exists($meta, 'attachmentname')) {
+                        self::$_cache[$pasteid]->attachmentname = $meta->attachmentname;
+                        unset($meta->attachmentname);
+                    }
+                }
+                // support current attachments
+                elseif (array_key_exists('attachment', $paste) && strlen($paste['attachment'])) {
+                    self::$_cache[$pasteid]->attachment = $paste['attachment'];
+                    if (array_key_exists('attachmentname', $paste) && strlen($paste['attachmentname'])) {
+                        self::$_cache[$pasteid]->attachmentname = $paste['attachmentname'];
+                    }
+                }
+                self::$_cache[$pasteid]->meta           = $meta;
+                self::$_cache[$pasteid]->meta->postdate = (int) $paste['postdate'];
+                $expire_date                            = (int) $paste['expiredate'];
+                if (
+                    $expire_date > 0
+                ) {
+                    self::$_cache[$pasteid]->meta->expire_date = $expire_date;
+                }
+                if (
+                    $paste['opendiscussion']
+                ) {
+                    self::$_cache[$pasteid]->meta->opendiscussion = true;
+                }
+                if (
+                    $paste['burnafterreading']
+                ) {
+                    self::$_cache[$pasteid]->meta->burnafterreading = true;
+                }
+            }
+        }
+
+        return self::$_cache[$pasteid];
+    }
+
+    /**
+     * Delete a paste and its discussion.
+     *
+     * @access public
+     * @param  string $pasteid
+     * @return void
+     */
+    public function delete($pasteid)
+    {
+        self::_exec(
+            'DELETE FROM ' . self::_sanitizeIdentifier('paste') .
+            ' WHERE dataid = ?', array($pasteid)
+        );
+        self::_exec(
+            'DELETE FROM ' . self::_sanitizeIdentifier('comment') .
+            ' WHERE pasteid = ?', array($pasteid)
+        );
+        if (
+            array_key_exists($pasteid, self::$_cache)
+        ) {
+            unset(self::$_cache[$pasteid]);
+        }
+    }
+
+    /**
+     * Test if a paste exists.
+     *
+     * @access public
+     * @param  string $pasteid
+     * @return bool
+     */
+    public function exists($pasteid)
+    {
+        if (
+            !array_key_exists($pasteid, self::$_cache)
+        ) {
+            self::$_cache[$pasteid] = $this->read($pasteid);
+        }
+        return (bool) self::$_cache[$pasteid];
+    }
+
+    /**
+     * Create a comment in a paste.
+     *
+     * @access public
+     * @param  string $pasteid
+     * @param  string $parentid
+     * @param  string $commentid
+     * @param  array  $comment
+     * @return bool
+     */
+    public function createComment($pasteid, $parentid, $commentid, $comment)
+    {
+        foreach (array('nickname', 'vizhash') as $key) {
+            if (!array_key_exists($key, $comment['meta'])) {
+                $comment['meta'][$key] = null;
+            }
+        }
+        return self::_exec(
+            'INSERT INTO ' . self::_sanitizeIdentifier('comment') .
+            ' VALUES(?,?,?,?,?,?,?)',
+            array(
+                $commentid,
+                $pasteid,
+                $parentid,
+                $comment['data'],
+                $comment['meta']['nickname'],
+                $comment['meta']['vizhash'],
+                $comment['meta']['postdate'],
+            )
+        );
+    }
+
+    /**
+     * Read all comments of paste.
+     *
+     * @access public
+     * @param  string $pasteid
+     * @return array
+     */
+    public function readComments($pasteid)
+    {
+        $rows = self::_select(
+            'SELECT * FROM ' . self::_sanitizeIdentifier('comment') .
+            ' WHERE pasteid = ?', array($pasteid)
+        );
+
+        // create comment list
+        $comments = array();
+        if (count($rows)) {
+            foreach ($rows as $row) {
+                $i                            = $this->getOpenSlot($comments, (int) $row['postdate']);
+                $comments[$i]                 = new stdClass;
+                $comments[$i]->id             = $row['dataid'];
+                $comments[$i]->parentid       = $row['parentid'];
+                $comments[$i]->data           = $row['data'];
+                $comments[$i]->meta           = new stdClass;
+                $comments[$i]->meta->postdate = (int) $row['postdate'];
+                if (array_key_exists('nickname', $row) && !empty($row['nickname'])) {
+                    $comments[$i]->meta->nickname = $row['nickname'];
+                }
+                if (array_key_exists('vizhash', $row) && !empty($row['vizhash'])) {
+                    $comments[$i]->meta->vizhash = $row['vizhash'];
+                }
+            }
+            ksort($comments);
+        }
+        return $comments;
+    }
+
+    /**
+     * Test if a comment exists.
+     *
+     * @access public
+     * @param  string $pasteid
+     * @param  string $parentid
+     * @param  string $commentid
+     * @return bool
+     */
+    public function existsComment($pasteid, $parentid, $commentid)
+    {
+        return (bool) self::_select(
+            'SELECT dataid FROM ' . self::_sanitizeIdentifier('comment') .
+            ' WHERE pasteid = ? AND parentid = ? AND dataid = ?',
+            array($pasteid, $parentid, $commentid), true
+        );
+    }
+
+    /**
+     * Returns up to batch size number of paste ids that have expired
+     *
+     * @access private
+     * @param  int $batchsize
+     * @return array
+     */
+    protected function _getExpiredPastes($batchsize)
+    {
+        $pastes = array();
+        $rows   = self::_select(
+            'SELECT dataid FROM ' . self::_sanitizeIdentifier('paste') .
+            ' WHERE expiredate < ? AND expiredate != ? LIMIT ?', array(time(), 0, $batchsize)
+        );
+        if (count($rows)) {
+            foreach ($rows as $row) {
+                $pastes[] = $row['dataid'];
+            }
+        }
+        return $pastes;
+    }
+
+    /**
+     * execute a statement
+     *
+     * @access private
+     * @static
+     * @param  string $sql
+     * @param  array $params
+     * @throws PDOException
+     * @return bool
+     */
+    private static function _exec($sql, array $params)
+    {
+        $statement = self::$_db->prepare($sql);
+        $result    = $statement->execute($params);
+        $statement->closeCursor();
+        return $result;
+    }
+
+    /**
+     * run a select statement
+     *
+     * @access private
+     * @static
+     * @param  string $sql
+     * @param  array $params
+     * @param  bool $firstOnly if only the first row should be returned
+     * @throws PDOException
+     * @return array
+     */
+    private static function _select($sql, array $params, $firstOnly = false)
+    {
+        $statement = self::$_db->prepare($sql);
+        $statement->execute($params);
+        $result = $firstOnly ?
+            $statement->fetch(PDO::FETCH_ASSOC) :
+            $statement->fetchAll(PDO::FETCH_ASSOC);
+        $statement->closeCursor();
+        return $result;
+    }
+
+    /**
+     * get table list query, depending on the database type
+     *
+     * @access private
+     * @static
+     * @param  string $type
+     * @throws Exception
+     * @return string
+     */
+    private static function _getTableQuery($type)
+    {
+        switch ($type) {
+            case 'ibm':
+                $sql = 'SELECT tabname FROM SYSCAT.TABLES ';
+                break;
+            case 'informix':
+                $sql = 'SELECT tabname FROM systables ';
+                break;
+            case 'mssql':
+                $sql = 'SELECT name FROM sysobjects '
+                     . "WHERE type = 'U' ORDER BY name";
+                break;
+            case 'mysql':
+                $sql = 'SHOW TABLES';
+                break;
+            case 'oci':
+                $sql = 'SELECT table_name FROM all_tables';
+                break;
+            case 'pgsql':
+                $sql = 'SELECT c.relname AS table_name '
+                     . 'FROM pg_class c, pg_user u '
+                     . "WHERE c.relowner = u.usesysid AND c.relkind = 'r' "
+                     . 'AND NOT EXISTS (SELECT 1 FROM pg_views WHERE viewname = c.relname) '
+                     . "AND c.relname !~ '^(pg_|sql_)' "
+                     . 'UNION '
+                     . 'SELECT c.relname AS table_name '
+                     . 'FROM pg_class c '
+                     . "WHERE c.relkind = 'r' "
+                     . 'AND NOT EXISTS (SELECT 1 FROM pg_views WHERE viewname = c.relname) '
+                     . 'AND NOT EXISTS (SELECT 1 FROM pg_user WHERE usesysid = c.relowner) '
+                     . "AND c.relname !~ '^pg_'";
+                break;
+            case 'sqlite':
+                $sql = "SELECT name FROM sqlite_master WHERE type='table' "
+                     . 'UNION ALL SELECT name FROM sqlite_temp_master '
+                     . "WHERE type='table' ORDER BY name";
+                break;
+            default:
+                throw new Exception(
+                    "PDO type $type is currently not supported.", 5
+                );
+        }
+        return $sql;
+    }
+
+    /**
+     * get a value by key from the config table
+     *
+     * @access private
+     * @static
+     * @param  string $key
+     * @throws PDOException
+     * @return string
+     */
+    private static function _getConfig($key)
+    {
+        $row = self::_select(
+            'SELECT value FROM ' . self::_sanitizeIdentifier('config') .
+            ' WHERE id = ?', array($key), true
+        );
+        return $row['value'];
+    }
+
+    /**
+     * get the primary key clauses, depending on the database driver
+     *
+     * @access private
+     * @static
+     * @param string $key
+     * @return array
+     */
+    private static function _getPrimaryKeyClauses($key = 'dataid')
+    {
+        $main_key = $after_key = '';
+        if (self::$_type === 'mysql') {
+            $after_key = ", PRIMARY KEY ($key)";
+        } else {
+            $main_key = ' PRIMARY KEY';
+        }
+        return array($main_key, $after_key);
+    }
+
+    /**
+     * create the paste table
+     *
+     * @access private
+     * @static
+     * @return void
+     */
+    private static function _createPasteTable()
+    {
+        list($main_key, $after_key) = self::_getPrimaryKeyClauses();
+        $dataType                   = self::$_type === 'pgsql' ? 'TEXT' : 'BLOB';
+        self::$_db->exec(
+            'CREATE TABLE ' . self::_sanitizeIdentifier('paste') . ' ( ' .
+            "dataid CHAR(16) NOT NULL$main_key, " .
+            "data $dataType, " .
+            'postdate INT, ' .
+            'expiredate INT, ' .
+            'opendiscussion INT, ' .
+            'burnafterreading INT, ' .
+            'meta TEXT, ' .
+            'attachment ' . (self::$_type === 'pgsql' ? 'TEXT' : 'MEDIUMBLOB') . ', ' .
+            "attachmentname $dataType$after_key );"
+        );
+    }
+
+    /**
+     * create the paste table
+     *
+     * @access private
+     * @static
+     * @return void
+     */
+    private static function _createCommentTable()
+    {
+        list($main_key, $after_key) = self::_getPrimaryKeyClauses();
+        $dataType                   = self::$_type === 'pgsql' ? 'text' : 'BLOB';
+        self::$_db->exec(
+            'CREATE TABLE ' . self::_sanitizeIdentifier('comment') . ' ( ' .
+            "dataid CHAR(16) NOT NULL$main_key, " .
+            'pasteid CHAR(16), ' .
+            'parentid CHAR(16), ' .
+            "data $dataType, " .
+            "nickname $dataType, " .
+            "vizhash $dataType, " .
+            "postdate INT$after_key );"
+        );
+        self::$_db->exec(
+            'CREATE INDEX IF NOT EXISTS comment_parent ON ' .
+            self::_sanitizeIdentifier('comment') . '(pasteid);'
+        );
+    }
+
+    /**
+     * create the paste table
+     *
+     * @access private
+     * @static
+     * @return void
+     */
+    private static function _createConfigTable()
+    {
+        list($main_key, $after_key) = self::_getPrimaryKeyClauses('id');
+        self::$_db->exec(
+            'CREATE TABLE ' . self::_sanitizeIdentifier('config') .
+            " ( id CHAR(16) NOT NULL$main_key, value TEXT$after_key );"
+        );
+        self::_exec(
+            'INSERT INTO ' . self::_sanitizeIdentifier('config') .
+            ' VALUES(?,?)',
+            array('VERSION', PrivateBin::VERSION)
+        );
+    }
+
+    /**
+     * sanitizes identifiers
+     *
+     * @access private
+     * @static
+     * @param  string $identifier
+     * @return string
+     */
+    private static function _sanitizeIdentifier($identifier)
+    {
+        return preg_replace('/[^A-Za-z0-9_]+/', '', self::$_prefix . $identifier);
+    }
+
+    /**
+     * upgrade the database schema from an old version
+     *
+     * @access private
+     * @static
+     * @param  string $oldversion
+     * @return void
+     */
+    private static function _upgradeDatabase($oldversion)
+    {
+        $dataType = self::$_type === 'pgsql' ? 'TEXT' : 'BLOB';
+        switch ($oldversion) {
+            case '0.21':
+                // create the meta column if necessary (pre 0.21 change)
+                try {
+                    self::$_db->exec('SELECT meta FROM ' . self::_sanitizeIdentifier('paste') . ' LIMIT 1;');
+                } catch (PDOException $e) {
+                    self::$_db->exec('ALTER TABLE ' . self::_sanitizeIdentifier('paste') . ' ADD COLUMN meta TEXT;');
+                }
+                // SQLite only allows one ALTER statement at a time...
+                self::$_db->exec(
+                    'ALTER TABLE ' . self::_sanitizeIdentifier('paste') .
+                    ' ADD COLUMN attachment ' .
+                    (self::$_type === 'pgsql' ? 'TEXT' : 'MEDIUMBLOB') . ';'
+                );
+                self::$_db->exec(
+                    'ALTER TABLE ' . self::_sanitizeIdentifier('paste') . " ADD COLUMN attachmentname $dataType;"
+                );
+                // SQLite doesn't support MODIFY, but it allows TEXT of similar
+                // size as BLOB, so there is no need to change it there
+                if (self::$_type !== 'sqlite') {
+                    self::$_db->exec(
+                        'ALTER TABLE ' . self::_sanitizeIdentifier('paste') .
+                        ' ADD PRIMARY KEY (dataid), MODIFY COLUMN data $dataType;'
+                    );
+                    self::$_db->exec(
+                        'ALTER TABLE ' . self::_sanitizeIdentifier('comment') .
+                        " ADD PRIMARY KEY (dataid), MODIFY COLUMN data $dataType, " .
+                        "MODIFY COLUMN nickname $dataType, MODIFY COLUMN vizhash $dataType;"
+                    );
+                } else {
+                    self::$_db->exec(
+                        'CREATE UNIQUE INDEX IF NOT EXISTS paste_dataid ON ' .
+                        self::_sanitizeIdentifier('paste') . '(dataid);'
+                    );
+                    self::$_db->exec(
+                        'CREATE UNIQUE INDEX IF NOT EXISTS comment_dataid ON ' .
+                        self::_sanitizeIdentifier('comment') . '(dataid);'
+                    );
+                }
+                self::$_db->exec(
+                    'CREATE INDEX IF NOT EXISTS comment_parent ON ' .
+                    self::_sanitizeIdentifier('comment') . '(pasteid);'
+                );
+                // no break, continue with updates for 0.22
+            case '0.22':
+            case '1.0':
+                self::_exec(
+                    'UPDATE ' . self::_sanitizeIdentifier('config') .
+                    ' SET value = ? WHERE id = ?',
+                    array(PrivateBin::VERSION, 'VERSION')
+                );
+        }
+    }
+}

lib/Data/Filesystem.php

@@ -0,0 +1,381 @@
+<?php
+/**
+ * PrivateBin
+ *
+ * a zero-knowledge paste bin
+ *
+ * @link      https://github.com/PrivateBin/PrivateBin
+ * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
+ * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
+ * @version   1.1
+ */
+
+namespace PrivateBin\Data;
+
+use PrivateBin\Json;
+use PrivateBin\Model\Paste;
+
+/**
+ * Filesystem
+ *
+ * Model for filesystem data access, implemented as a singleton.
+ */
+class Filesystem extends AbstractData
+{
+    /**
+     * directory where data is stored
+     *
+     * @access private
+     * @static
+     * @var string
+     */
+    private static $_dir = 'data/';
+
+    /**
+     * get instance of singleton
+     *
+     * @access public
+     * @static
+     * @param  array $options
+     * @return Filesystem
+     */
+    public static function getInstance($options = null)
+    {
+        // if given update the data directory
+        if (
+            is_array($options) &&
+            array_key_exists('dir', $options)
+        ) {
+            self::$_dir = $options['dir'] . DIRECTORY_SEPARATOR;
+        }
+        // if needed initialize the singleton
+        if (!(self::$_instance instanceof self)) {
+            self::$_instance = new self;
+            self::_init();
+        }
+        return self::$_instance;
+    }
+
+    /**
+     * Create a paste.
+     *
+     * @access public
+     * @param  string $pasteid
+     * @param  array  $paste
+     * @throws Exception
+     * @return bool
+     */
+    public function create($pasteid, $paste)
+    {
+        $storagedir = self::_dataid2path($pasteid);
+        if (is_file($storagedir . $pasteid)) {
+            return false;
+        }
+        if (!is_dir($storagedir)) {
+            mkdir($storagedir, 0700, true);
+        }
+        return (bool) file_put_contents($storagedir . $pasteid, Json::encode($paste));
+    }
+
+    /**
+     * Read a paste.
+     *
+     * @access public
+     * @param  string $pasteid
+     * @return stdClass|false
+     */
+    public function read($pasteid)
+    {
+        if (!$this->exists($pasteid)) {
+            return false;
+        }
+        $paste = json_decode(
+            file_get_contents(self::_dataid2path($pasteid) . $pasteid)
+        );
+        if (property_exists($paste->meta, 'attachment')) {
+            $paste->attachment = $paste->meta->attachment;
+            unset($paste->meta->attachment);
+            if (property_exists($paste->meta, 'attachmentname')) {
+                $paste->attachmentname = $paste->meta->attachmentname;
+                unset($paste->meta->attachmentname);
+            }
+        }
+        return $paste;
+    }
+
+    /**
+     * Delete a paste and its discussion.
+     *
+     * @access public
+     * @param  string $pasteid
+     * @return void
+     */
+    public function delete($pasteid)
+    {
+        $pastedir = self::_dataid2path($pasteid);
+        if (is_dir($pastedir)) {
+            // Delete the paste itself.
+            if (is_file($pastedir . $pasteid)) {
+                unlink($pastedir . $pasteid);
+            }
+
+            // Delete discussion if it exists.
+            $discdir = self::_dataid2discussionpath($pasteid);
+            if (is_dir($discdir)) {
+                // Delete all files in discussion directory
+                $dir = dir($discdir);
+                while (false !== ($filename = $dir->read())) {
+                    if (is_file($discdir . $filename)) {
+                        unlink($discdir . $filename);
+                    }
+                }
+                $dir->close();
+                rmdir($discdir);
+            }
+        }
+    }
+
+    /**
+     * Test if a paste exists.
+     *
+     * @access public
+     * @param  string $pasteid
+     * @return bool
+     */
+    public function exists($pasteid)
+    {
+        return is_file(self::_dataid2path($pasteid) . $pasteid);
+    }
+
+    /**
+     * Create a comment in a paste.
+     *
+     * @access public
+     * @param  string $pasteid
+     * @param  string $parentid
+     * @param  string $commentid
+     * @param  array  $comment
+     * @throws Exception
+     * @return bool
+     */
+    public function createComment($pasteid, $parentid, $commentid, $comment)
+    {
+        $storagedir = self::_dataid2discussionpath($pasteid);
+        $filename   = $pasteid . '.' . $commentid . '.' . $parentid;
+        if (is_file($storagedir . $filename)) {
+            return false;
+        }
+        if (!is_dir($storagedir)) {
+            mkdir($storagedir, 0700, true);
+        }
+        return (bool) file_put_contents($storagedir . $filename, Json::encode($comment));
+    }
+
+    /**
+     * Read all comments of paste.
+     *
+     * @access public
+     * @param  string $pasteid
+     * @return array
+     */
+    public function readComments($pasteid)
+    {
+        $comments = array();
+        $discdir  = self::_dataid2discussionpath($pasteid);
+        if (is_dir($discdir)) {
+            // Delete all files in discussion directory
+            $dir = dir($discdir);
+            while (false !== ($filename = $dir->read())) {
+                // Filename is in the form pasteid.commentid.parentid:
+                // - pasteid is the paste this reply belongs to.
+                // - commentid is the comment identifier itself.
+                // - parentid is the comment this comment replies to (It can be pasteid)
+                if (is_file($discdir . $filename)) {
+                    $comment = json_decode(file_get_contents($discdir . $filename));
+                    $items   = explode('.', $filename);
+                    // Add some meta information not contained in file.
+                    $comment->id       = $items[1];
+                    $comment->parentid = $items[2];
+
+                    // Store in array
+                    $key            = $this->getOpenSlot($comments, (int) $comment->meta->postdate);
+                    $comments[$key] = $comment;
+                }
+            }
+            $dir->close();
+
+            // Sort comments by date, oldest first.
+            ksort($comments);
+        }
+        return $comments;
+    }
+
+    /**
+     * Test if a comment exists.
+     *
+     * @access public
+     * @param  string $pasteid
+     * @param  string $parentid
+     * @param  string $commentid
+     * @return bool
+     */
+    public function existsComment($pasteid, $parentid, $commentid)
+    {
+        return is_file(
+            self::_dataid2discussionpath($pasteid) .
+            $pasteid . '.' . $commentid . '.' . $parentid
+        );
+    }
+
+    /**
+     * Returns up to batch size number of paste ids that have expired
+     *
+     * @access private
+     * @param  int $batchsize
+     * @return array
+     */
+    protected function _getExpiredPastes($batchsize)
+    {
+        $pastes     = array();
+        $firstLevel = array_filter(
+            scandir(self::$_dir),
+            'self::_isFirstLevelDir'
+        );
+        if (count($firstLevel) > 0) {
+            // try at most 10 times the $batchsize pastes before giving up
+            for ($i = 0, $max = $batchsize * 10; $i < $max; ++$i) {
+                $firstKey    = array_rand($firstLevel);
+                $secondLevel = array_filter(
+                    scandir(self::$_dir . $firstLevel[$firstKey]),
+                    'self::_isSecondLevelDir'
+                );
+
+                // skip this folder in the next checks if it is empty
+                if (count($secondLevel) == 0) {
+                    unset($firstLevel[$firstKey]);
+                    continue;
+                }
+
+                $secondKey = array_rand($secondLevel);
+                $path      = self::$_dir . $firstLevel[$firstKey] .
+                    DIRECTORY_SEPARATOR . $secondLevel[$secondKey];
+                if (!is_dir($path)) {
+                    continue;
+                }
+                $thirdLevel = array_filter(
+                    scandir($path),
+                    'PrivateBin\\Model\\Paste::isValidId'
+                );
+                if (count($thirdLevel) == 0) {
+                    continue;
+                }
+                $thirdKey = array_rand($thirdLevel);
+                $pasteid  = $thirdLevel[$thirdKey];
+                if (in_array($pasteid, $pastes)) {
+                    continue;
+                }
+
+                if ($this->exists($pasteid)) {
+                    $data = $this->read($pasteid);
+                    if (
+                        property_exists($data->meta, 'expire_date') &&
+                        $data->meta->expire_date < time()
+                    ) {
+                        $pastes[] = $pasteid;
+                        if (count($pastes) >= $batchsize) {
+                            break;
+                        }
+                    }
+                }
+            }
+        }
+        return $pastes;
+    }
+
+    /**
+     * initialize privatebin
+     *
+     * @access private
+     * @static
+     * @return void
+     */
+    private static function _init()
+    {
+        // Create storage directory if it does not exist.
+        if (!is_dir(self::$_dir)) {
+            mkdir(self::$_dir, 0700);
+        }
+        // Create .htaccess file if it does not exist.
+        if (!is_file(self::$_dir . '.htaccess')) {
+            file_put_contents(
+                self::$_dir . '.htaccess',
+                'Allow from none' . PHP_EOL .
+                'Deny from all' . PHP_EOL
+            );
+        }
+    }
+
+    /**
+     * Convert paste id to storage path.
+     *
+     * The idea is to creates subdirectories in order to limit the number of files per directory.
+     * (A high number of files in a single directory can slow things down.)
+     * eg. "f468483c313401e8" will be stored in "data/f4/68/f468483c313401e8"
+     * High-trafic websites may want to deepen the directory structure (like Squid does).
+     *
+     * eg. input 'e3570978f9e4aa90' --> output 'data/e3/57/'
+     *
+     * @access private
+     * @static
+     * @param  string $dataid
+     * @return string
+     */
+    private static function _dataid2path($dataid)
+    {
+        return self::$_dir . substr($dataid, 0, 2) . DIRECTORY_SEPARATOR .
+            substr($dataid, 2, 2) . DIRECTORY_SEPARATOR;
+    }
+
+    /**
+     * Convert paste id to discussion storage path.
+     *
+     * eg. input 'e3570978f9e4aa90' --> output 'data/e3/57/e3570978f9e4aa90.discussion/'
+     *
+     * @access private
+     * @static
+     * @param  string $dataid
+     * @return string
+     */
+    private static function _dataid2discussionpath($dataid)
+    {
+        return self::_dataid2path($dataid) . $dataid .
+            '.discussion' . DIRECTORY_SEPARATOR;
+    }
+
+    /**
+     * Check that the given element is a valid first level directory.
+     *
+     * @access private
+     * @static
+     * @param  string $element
+     * @return bool
+     */
+    private static function _isFirstLevelDir($element)
+    {
+        return self::_isSecondLevelDir($element) &&
+            is_dir(self::$_dir . DIRECTORY_SEPARATOR . $element);
+    }
+
+    /**
+     * Check that the given element is a valid second level directory.
+     *
+     * @access private
+     * @static
+     * @param  string $element
+     * @return bool
+     */
+    private static function _isSecondLevelDir($element)
+    {
+        return (bool) preg_match('/^[a-f0-9]{2}$/', $element);
+    }
+}

lib/Filter.php

@@ -1,21 +1,25 @@
 <?php
 /**
- * ZeroBin
+ * PrivateBin
  *
  * a zero-knowledge paste bin
  *
- * @link      http://sebsauvage.net/wiki/doku.php?id=php:zerobin
+ * @link      https://github.com/PrivateBin/PrivateBin
  * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
- * @license   http://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   0.21.1
+ * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
+ * @version   1.1
  */
 
+namespace PrivateBin;
+
+use Exception;
+
 /**
- * filter
+ * Filter
  *
  * Provides data filtering functions.
  */
-class filter
+class Filter
 {
     /**
      * strips slashes deeply
@@ -25,17 +29,19 @@ class filter
      * @param  mixed $value
      * @return mixed
      */
-    public static function stripslashes_deep($value)
+    public static function stripslashesDeep($value)
     {
         return is_array($value) ?
-            array_map('filter::stripslashes_deep', $value) :
+            array_map('self::stripslashesDeep', $value) :
             stripslashes($value);
     }
 
     /**
      * format a given time string into a human readable label (localized)
      *
-     * accepts times in the format "[integer][time unit]"
+     * accepts times in the format "[integer][time unit]", valid time units are:
+     * sec, second, seconds, min, minute, minutes, hour, hours, day, days, week,
+     * weeks, month, months, year, years
      *
      * @access public
      * @static
@@ -43,7 +49,7 @@ class filter
      * @throws Exception
      * @return string
      */
-    public static function time_humanreadable($time)
+    public static function formatHumanReadableTime($time)
     {
         if (preg_match('/^(\d+) *(\w+)$/', $time, $matches) !== 1) {
             throw new Exception("Error parsing time format '$time'", 30);
@@ -58,7 +64,7 @@ class filter
             default:
                 $unit = rtrim($matches[2], 's');
         }
-        return i18n::_(array('%d ' . $unit, '%d ' . $unit . 's'), (int) $matches[1]);
+        return I18n::_(array('%d ' . $unit, '%d ' . $unit . 's'), (int) $matches[1]);
     }
 
     /**
@@ -69,28 +75,15 @@ class filter
      * @param  int $size
      * @return string
      */
-    public static function size_humanreadable($size)
+    public static function formatHumanReadableSize($size)
     {
         $iec = array('B', 'KiB', 'MiB', 'GiB', 'TiB', 'PiB', 'EiB', 'ZiB', 'YiB');
-        $i = 0;
-        while ( ( $size / 1024 ) >= 1 ) {
-                $size = $size / 1024;
-                $i++;
+        $i   = 0;
+        while (($size / 1024) >= 1) {
+            $size = $size / 1024;
+            $i++;
         }
-        return number_format($size, ($i ? 2 : 0), '.', ' ') . ' ' . i18n::_($iec[$i]);
-    }
-
-    /**
-     * validate paste ID
-     *
-     * @access public
-     * @static
-     * @param  string $dataid
-     * @return bool
-     */
-    public static function is_valid_paste_id($dataid)
-    {
-        return (bool) preg_match('#\A[a-f\d]{16}\z#', $dataid);
+        return number_format($size, ($i ? 2 : 0), '.', ' ') . ' ' . I18n::_($iec[$i]);
     }
 
     /**
@@ -103,13 +96,12 @@ class filter
      * @param  string $b
      * @return bool
      */
-    public static function slow_equals($a, $b)
+    public static function slowEquals($a, $b)
     {
         $diff = strlen($a) ^ strlen($b);
-        for($i = 0; $i < strlen($a) && $i < strlen($b); $i++)
-        {
+        for ($i = 0; $i < strlen($a) && $i < strlen($b); $i++) {
             $diff |= ord($a[$i]) ^ ord($b[$i]);
         }
         return $diff === 0;
-     }
+    }
 }

lib/I18n.php

@@ -1,21 +1,23 @@
 <?php
 /**
- * ZeroBin
+ * PrivateBin
  *
  * a zero-knowledge paste bin
  *
- * @link      http://sebsauvage.net/wiki/doku.php?id=php:zerobin
+ * @link      https://github.com/PrivateBin/PrivateBin
  * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
- * @license   http://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   0.21.1
+ * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
+ * @version   1.1
  */
 
+namespace PrivateBin;
+
 /**
- * i18n
+ * I18n
  *
  * provides internationalization tools like translation, browser language detection, etc.
  */
-class i18n
+class I18n
 {
     /**
      * language
@@ -26,6 +28,15 @@ class i18n
      */
     protected static $_language = 'en';
 
+    /**
+     * language fallback
+     *
+     * @access protected
+     * @static
+     * @var    string
+     */
+    protected static $_languageFallback = 'en';
+
     /**
      * language labels
      *
@@ -73,7 +84,7 @@ class i18n
      */
     public static function _($messageId)
     {
-        return call_user_func_array(array('i18n', 'translate'), func_get_args());
+        return forward_static_call_array('self::translate', func_get_args());
     }
 
     /**
@@ -87,30 +98,31 @@ class i18n
      */
     public static function translate($messageId)
     {
-        if (empty($messageId)) return $messageId;
-        if (count(self::$_translations) === 0) self::loadTranslations();
+        if (empty($messageId)) {
+            return $messageId;
+        }
+        if (count(self::$_translations) === 0) {
+            self::loadTranslations();
+        }
         $messages = $messageId;
-        if (is_array($messageId))
-        {
+        if (is_array($messageId)) {
             $messageId = count($messageId) > 1 ? $messageId[1] : $messageId[0];
         }
-        if (!array_key_exists($messageId, self::$_translations))
-        {
+        if (!array_key_exists($messageId, self::$_translations)) {
             self::$_translations[$messageId] = $messages;
         }
         $args = func_get_args();
-        if (is_array(self::$_translations[$messageId]))
-        {
+        if (is_array(self::$_translations[$messageId])) {
             $number = (int) $args[1];
-            $key = self::_getPluralForm($number);
-            $max = count(self::$_translations[$messageId]) - 1;
-            if ($key > $max) $key = $max;
+            $key    = self::_getPluralForm($number);
+            $max    = count(self::$_translations[$messageId]) - 1;
+            if ($key > $max) {
+                $key = $max;
+            }
 
             $args[0] = self::$_translations[$messageId][$key];
             $args[1] = $number;
-        }
-        else
-        {
+        } else {
             $args[0] = self::$_translations[$messageId];
         }
         return call_user_func_array('sprintf', $args);
@@ -119,7 +131,7 @@ class i18n
     /**
      * loads translations
      *
-     * From: http://stackoverflow.com/questions/3770513/detect-browser-language-in-php#3771447
+     * From: https://stackoverflow.com/questions/3770513/detect-browser-language-in-php#3771447
      *
      * @access public
      * @static
@@ -130,20 +142,18 @@ class i18n
         $availableLanguages = self::getAvailableLanguages();
 
         // check if the lang cookie was set and that language exists
-        if (array_key_exists('lang', $_COOKIE) && in_array($_COOKIE['lang'], $availableLanguages))
-        {
+        if (array_key_exists('lang', $_COOKIE) && in_array($_COOKIE['lang'], $availableLanguages)) {
             $match = $_COOKIE['lang'];
         }
         // find a translation file matching the browsers language preferences
-        else
-        {
+        else {
             $match = self::_getMatchingLanguage(
                 self::getBrowserLanguages(), $availableLanguages
             );
         }
 
         // load translations
-        self::$_language = $match;
+        self::$_language     = $match;
         self::$_translations = ($match == 'en') ? array() : json_decode(
             file_get_contents(self::_getPath($match . '.json')),
             true
@@ -159,13 +169,10 @@ class i18n
      */
     public static function getAvailableLanguages()
     {
-        if (count(self::$_availableLanguages) == 0)
-        {
+        if (count(self::$_availableLanguages) == 0) {
             $i18n = dir(self::_getPath());
-            while (false !== ($file = $i18n->read()))
-            {
-                if (preg_match('/^([a-z]{2}).json$/', $file, $match) === 1)
-                {
+            while (false !== ($file = $i18n->read())) {
+                if (preg_match('/^([a-z]{2}).json$/', $file, $match) === 1) {
                     self::$_availableLanguages[] = $match[1];
                 }
             }
@@ -177,7 +184,7 @@ class i18n
     /**
      * detect the clients supported languages and return them ordered by preference
      *
-     * From: http://stackoverflow.com/questions/3770513/detect-browser-language-in-php#3771447
+     * From: https://stackoverflow.com/questions/3770513/detect-browser-language-in-php#3771447
      *
      * @access public
      * @static
@@ -186,25 +193,19 @@ class i18n
     public static function getBrowserLanguages()
     {
         $languages = array();
-        if (array_key_exists('HTTP_ACCEPT_LANGUAGE', $_SERVER))
-        {
+        if (array_key_exists('HTTP_ACCEPT_LANGUAGE', $_SERVER)) {
             $languageRanges = explode(',', trim($_SERVER['HTTP_ACCEPT_LANGUAGE']));
             foreach ($languageRanges as $languageRange) {
                 if (preg_match(
                     '/(\*|[a-zA-Z0-9]{1,8}(?:-[a-zA-Z0-9]{1,8})*)(?:\s*;\s*q\s*=\s*(0(?:\.\d{0,3})|1(?:\.0{0,3})))?/',
                     trim($languageRange), $match
-                ))
-                {
-                    if (!isset($match[2]))
-                    {
+                )) {
+                    if (!isset($match[2])) {
                         $match[2] = '1.0';
-                    }
-                    else
-                    {
+                    } else {
                         $match[2] = (string) floatval($match[2]);
                     }
-                    if (!isset($languages[$match[2]]))
-                    {
+                    if (!isset($languages[$match[2]])) {
                         $languages[$match[2]] = array();
                     }
                     $languages[$match[2]][] = strtolower($match[1]);
@@ -240,14 +241,30 @@ class i18n
     public static function getLanguageLabels($languages = array())
     {
         $file = self::_getPath('languages.json');
-        if (count(self::$_languageLabels) == 0 && is_readable($file))
-        {
+        if (count(self::$_languageLabels) == 0 && is_readable($file)) {
             self::$_languageLabels = json_decode(file_get_contents($file), true);
         }
-        if (count($languages) == 0) return self::$_languageLabels;
+        if (count($languages) == 0) {
+            return self::$_languageLabels;
+        }
         return array_intersect_key(self::$_languageLabels, array_flip($languages));
     }
 
+    /**
+     * set the default language
+     *
+     * @access public
+     * @static
+     * @param  string $lang
+     * @return void
+     */
+    public static function setLanguageFallback($lang)
+    {
+        if (in_array($lang, self::getAvailableLanguages())) {
+            self::$_languageFallback = $lang;
+        }
+    }
+
     /**
      * get language file path
      *
@@ -258,8 +275,7 @@ class i18n
      */
     protected static function _getPath($file = '')
     {
-        if (strlen(self::$_path) == 0)
-        {
+        if (strlen(self::$_path) == 0) {
             self::$_path = PUBLIC_PATH . DIRECTORY_SEPARATOR . 'i18n';
         }
         return self::$_path . (strlen($file) ? DIRECTORY_SEPARATOR . $file : '');
@@ -279,19 +295,25 @@ class i18n
     {
         switch (self::$_language) {
             case 'fr':
-                return ($n > 1 ? 1 : 0);
+            case 'oc':
+            case 'zh':
+                return $n > 1 ? 1 : 0;
             case 'pl':
-                return ($n == 1 ? 0 : $n%10 >= 2 && $n %10 <=4 && ($n%100 < 10 || $n%100 >= 20) ? 1 : 2);
-            // en, de
+                return $n == 1 ? 0 : ($n % 10 >= 2 && $n % 10 <= 4 && ($n % 100 < 10 || $n % 100 >= 20) ? 1 : 2);
+            case 'ru':
+                return $n % 10 == 1 && $n % 100 != 11 ? 0 : ($n % 10 >= 2 && $n % 10 <= 4 && ($n % 100 < 10 || $n % 100 >= 20) ? 1 : 2);
+            case 'sl':
+                return $n % 100 == 1 ? 1 : ($n % 100 == 2 ? 2 : ($n % 100 == 3 || $n % 100 == 4 ? 3 : 0));
+            // de, en, es, it, no
             default:
-                return ($n != 1 ? 1 : 0);
+                return $n != 1 ? 1 : 0;
         }
     }
 
     /**
      * compares two language preference arrays and returns the preferred match
      *
-     * From: http://stackoverflow.com/questions/3770513/detect-browser-language-in-php#3771447
+     * From: https://stackoverflow.com/questions/3770513/detect-browser-language-in-php#3771447
      *
      * @access protected
      * @static
@@ -299,47 +321,41 @@ class i18n
      * @param  array $availableLanguages
      * @return string
      */
-    protected static function _getMatchingLanguage($acceptedLanguages, $availableLanguages) {
+    protected static function _getMatchingLanguage($acceptedLanguages, $availableLanguages)
+    {
         $matches = array();
-        $any = false;
+        $any     = false;
         foreach ($acceptedLanguages as $acceptedQuality => $acceptedValues) {
             $acceptedQuality = floatval($acceptedQuality);
-            if ($acceptedQuality === 0.0) continue;
-            foreach ($availableLanguages as $availableValue)
-            {
+            if ($acceptedQuality === 0.0) {
+                continue;
+            }
+            foreach ($availableLanguages as $availableValue) {
                 $availableQuality = 1.0;
-                foreach ($acceptedValues as $acceptedValue)
-                {
-                    if ($acceptedValue === '*')
-                    {
+                foreach ($acceptedValues as $acceptedValue) {
+                    if ($acceptedValue === '*') {
                         $any = true;
                     }
                     $matchingGrade = self::_matchLanguage($acceptedValue, $availableValue);
-                    if ($matchingGrade > 0)
-                    {
+                    if ($matchingGrade > 0) {
                         $q = (string) ($acceptedQuality * $availableQuality * $matchingGrade);
-                        if (!isset($matches[$q]))
-                        {
+                        if (!isset($matches[$q])) {
                             $matches[$q] = array();
                         }
-                        if (!in_array($availableValue, $matches[$q]))
-                        {
+                        if (!in_array($availableValue, $matches[$q])) {
                             $matches[$q][] = $availableValue;
                         }
                     }
                 }
             }
         }
-        if (count($matches) === 0 && $any)
-        {
-            if (count($availableLanguages) > 0)
-            {
+        if (count($matches) === 0 && $any) {
+            if (count($availableLanguages) > 0) {
                 $matches['1.0'] = $availableLanguages;
             }
         }
-        if (count($matches) === 0)
-        {
-            return 'en';
+        if (count($matches) === 0) {
+            return self::$_languageFallback;
         }
         krsort($matches);
         $topmatches = current($matches);
@@ -349,7 +365,7 @@ class i18n
     /**
      * compare two language IDs and return the degree they match
      *
-     * From: http://stackoverflow.com/questions/3770513/detect-browser-language-in-php#3771447
+     * From: https://stackoverflow.com/questions/3770513/detect-browser-language-in-php#3771447
      *
      * @access protected
      * @static
@@ -357,12 +373,14 @@ class i18n
      * @param  string $b
      * @return float
      */
-    protected static function _matchLanguage($a, $b) {
+    protected static function _matchLanguage($a, $b)
+    {
         $a = explode('-', $a);
         $b = explode('-', $b);
-        for ($i=0, $n=min(count($a), count($b)); $i<$n; $i++)
-        {
-            if ($a[$i] !== $b[$i]) break;
+        for ($i = 0, $n = min(count($a), count($b)); $i < $n; ++$i) {
+            if ($a[$i] !== $b[$i]) {
+                break;
+            }
         }
         return $i === 0 ? 0 : (float) $i / count($a);
     }

lib/Json.php

@@ -0,0 +1,48 @@
+<?php
+/**
+ * PrivateBin
+ *
+ * a zero-knowledge paste bin
+ *
+ * @link      https://github.com/PrivateBin/PrivateBin
+ * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
+ * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
+ * @version   1.1
+ */
+
+namespace PrivateBin;
+
+use Exception;
+
+/**
+ * Json
+ *
+ * Provides JSON functions in an object oriented way.
+ */
+class Json
+{
+    /**
+     * Returns a string containing the JSON representation of the given input
+     *
+     * @access public
+     * @static
+     * @param  mixed $input
+     * @throws Exception
+     * @return string
+     */
+    public static function encode($input)
+    {
+        $jsonString = json_encode($input);
+        $errorCode  = json_last_error();
+        if ($errorCode === JSON_ERROR_NONE) {
+            return $jsonString;
+        }
+
+        $message = 'A JSON error occurred';
+        if (function_exists('json_last_error_msg')) {
+            $message .= ': ' . json_last_error_msg();
+        }
+        $message .= ' (' . $errorCode . ')';
+        throw new Exception($message, 90);
+    }
+}

lib/Model.php

@@ -0,0 +1,93 @@
+<?php
+/**
+ * PrivateBin
+ *
+ * a zero-knowledge paste bin
+ *
+ * @link      https://github.com/PrivateBin/PrivateBin
+ * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
+ * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
+ * @version   1.1
+ */
+
+namespace PrivateBin;
+
+use PrivateBin\Model\Paste;
+use PrivateBin\Persistence\PurgeLimiter;
+
+/**
+ * Model
+ *
+ * Factory of PrivateBin instance models.
+ */
+class Model
+{
+    /**
+     * Configuration.
+     *
+     * @var Configuration
+     */
+    private $_conf;
+
+    /**
+     * Data storage.
+     *
+     * @var AbstractData
+     */
+    private $_store = null;
+
+    /**
+     * Factory constructor.
+     *
+     * @param configuration $conf
+     * @return void
+     */
+    public function __construct(Configuration $conf)
+    {
+        $this->_conf = $conf;
+    }
+
+    /**
+     * Get a paste, optionally a specific instance.
+     *
+     * @param string $pasteId
+     * @return Paste
+     */
+    public function getPaste($pasteId = null)
+    {
+        $paste = new Paste($this->_conf, $this->_getStore());
+        if ($pasteId !== null) {
+            $paste->setId($pasteId);
+        }
+        return $paste;
+    }
+
+    /**
+     * Checks if a purge is necessary and triggers it if yes.
+     *
+     * @return void
+     */
+    public function purge()
+    {
+        PurgeLimiter::setConfiguration($this->_conf);
+        if (PurgeLimiter::canPurge()) {
+            $this->_getStore()->purge($this->_conf->getKey('batchsize', 'purge'));
+        }
+    }
+
+    /**
+     * Gets, and creates if neccessary, a store object
+     *
+     * @return AbstractData
+     */
+    private function _getStore()
+    {
+        if ($this->_store === null) {
+            $this->_store = forward_static_call(
+                'PrivateBin\\Data\\' . $this->_conf->getKey('class', 'model') . '::getInstance',
+                $this->_conf->getSection('model_options')
+            );
+        }
+        return $this->_store;
+    }
+}

lib/Model/AbstractModel.php

@@ -0,0 +1,169 @@
+<?php
+/**
+ * PrivateBin
+ *
+ * a zero-knowledge paste bin
+ *
+ * @link      https://github.com/PrivateBin/PrivateBin
+ * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
+ * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
+ * @version   1.1
+ */
+
+namespace PrivateBin\Model;
+
+use Exception;
+use PrivateBin\Configuration;
+use PrivateBin\Data\AbstractData;
+use PrivateBin\Sjcl;
+use stdClass;
+
+/**
+ * AbstractModel
+ *
+ * Abstract model for PrivateBin objects.
+ */
+abstract class AbstractModel
+{
+    /**
+     * Instance ID.
+     *
+     * @access protected
+     * @var string
+     */
+    protected $_id = '';
+
+    /**
+     * Instance data.
+     *
+     * @access protected
+     * @var stdClass
+     */
+    protected $_data;
+
+    /**
+     * Configuration.
+     *
+     * @access protected
+     * @var Configuration
+     */
+    protected $_conf;
+
+    /**
+     * Data storage.
+     *
+     * @access protected
+     * @var AbstractData
+     */
+    protected $_store;
+
+    /**
+     * Instance constructor.
+     *
+     * @access public
+     * @param  Configuration $configuration
+     * @param  AbstractData $storage
+     * @return void
+     */
+    public function __construct(Configuration $configuration, AbstractData $storage)
+    {
+        $this->_conf       = $configuration;
+        $this->_store      = $storage;
+        $this->_data       = new stdClass;
+        $this->_data->meta = new stdClass;
+    }
+
+    /**
+     * Get ID.
+     *
+     * @access public
+     * @return string
+     */
+    public function getId()
+    {
+        return $this->_id;
+    }
+
+    /**
+     * Set ID.
+     *
+     * @access public
+     * @param string $id
+     * @throws Exception
+     * @return void
+     */
+    public function setId($id)
+    {
+        if (!self::isValidId($id)) {
+            throw new Exception('Invalid paste ID.', 60);
+        }
+        $this->_id = $id;
+    }
+
+    /**
+     * Set data and recalculate ID.
+     *
+     * @access public
+     * @param string $data
+     * @throws Exception
+     * @return void
+     */
+    public function setData($data)
+    {
+        if (!Sjcl::isValid($data)) {
+            throw new Exception('Invalid data.', 61);
+        }
+        $this->_data->data = $data;
+
+        // We just want a small hash to avoid collisions:
+        // Half-MD5 (64 bits) will do the trick
+        $this->setId(substr(hash('md5', $data), 0, 16));
+    }
+
+    /**
+     * Get instance data.
+     *
+     * @access public
+     * @return stdClass
+     */
+    abstract public function get();
+
+    /**
+     * Store the instance's data.
+     *
+     * @access public
+     * @throws Exception
+     * @return void
+     */
+    abstract public function store();
+
+    /**
+     * Delete the current instance.
+     *
+     * @access public
+     * @throws Exception
+     * @return void
+     */
+    abstract public function delete();
+
+    /**
+     * Test if current instance exists in store.
+     *
+     * @access public
+     * @return bool
+     */
+    abstract public function exists();
+
+    /**
+     * Validate ID.
+     *
+     * @access public
+     * @static
+     * @param  string $id
+     * @return bool
+     */
+    public static function isValidId($id)
+    {
+        return (bool) preg_match('#\A[a-f\d]{16}\z#', (string) $id);
+    }
+}

lib/Model/Comment.php

@@ -0,0 +1,218 @@
+<?php
+/**
+ * PrivateBin
+ *
+ * a zero-knowledge paste bin
+ *
+ * @link      https://github.com/PrivateBin/PrivateBin
+ * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
+ * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
+ * @version   1.1
+ */
+
+namespace PrivateBin\Model;
+
+use Exception;
+use Identicon\Identicon;
+use PrivateBin\Persistence\TrafficLimiter;
+use PrivateBin\Sjcl;
+use PrivateBin\Vizhash16x16;
+
+/**
+ * Comment
+ *
+ * Model of a PrivateBin comment.
+ */
+class Comment extends AbstractModel
+{
+    /**
+     * Instance's parent.
+     *
+     * @access private
+     * @var Paste
+     */
+    private $_paste;
+
+    /**
+     * Get comment data.
+     *
+     * @access public
+     * @throws Exception
+     * @return stdClass
+     */
+    public function get()
+    {
+        // @todo add support to read specific comment
+        $comments = $this->_store->readComments($this->getPaste()->getId());
+        foreach ($comments as $comment) {
+            if (
+                $comment->parentid == $this->getParentId() &&
+                $comment->id == $this->getId()
+            ) {
+                $this->_data = $comment;
+                break;
+            }
+        }
+        return $this->_data;
+    }
+
+    /**
+     * Store the comment's data.
+     *
+     * @access public
+     * @throws Exception
+     * @return void
+     */
+    public function store()
+    {
+        // Make sure paste exists.
+        $pasteid = $this->getPaste()->getId();
+        if (!$this->getPaste()->exists()) {
+            throw new Exception('Invalid data.', 67);
+        }
+
+        // Make sure the discussion is opened in this paste and in configuration.
+        if (!$this->getPaste()->isOpendiscussion() || !$this->_conf->getKey('discussion')) {
+            throw new Exception('Invalid data.', 68);
+        }
+
+        // Check for improbable collision.
+        if ($this->exists()) {
+            throw new Exception('You are unlucky. Try again.', 69);
+        }
+
+        $this->_data->meta->postdate = time();
+
+        // store comment
+        if (
+            $this->_store->createComment(
+                $pasteid,
+                $this->getParentId(),
+                $this->getId(),
+                json_decode(json_encode($this->_data), true)
+            ) === false
+        ) {
+            throw new Exception('Error saving comment. Sorry.', 70);
+        }
+    }
+
+    /**
+     * Delete the comment.
+     *
+     * @access public
+     * @throws Exception
+     * @return void
+     */
+    public function delete()
+    {
+        throw new Exception('To delete a comment, delete its parent paste', 64);
+    }
+
+    /**
+     * Test if comment exists in store.
+     *
+     * @access public
+     * @return bool
+     */
+    public function exists()
+    {
+        return $this->_store->existsComment(
+            $this->getPaste()->getId(),
+            $this->getParentId(),
+            $this->getId()
+        );
+    }
+
+    /**
+     * Set paste.
+     *
+     * @access public
+     * @param Paste $paste
+     * @throws Exception
+     * @return void
+     */
+    public function setPaste(Paste $paste)
+    {
+        $this->_paste               = $paste;
+        $this->_data->meta->pasteid = $paste->getId();
+    }
+
+    /**
+     * Get paste.
+     *
+     * @access public
+     * @return Paste
+     */
+    public function getPaste()
+    {
+        return $this->_paste;
+    }
+
+    /**
+     * Set parent ID.
+     *
+     * @access public
+     * @param string $id
+     * @throws Exception
+     * @return void
+     */
+    public function setParentId($id)
+    {
+        if (!self::isValidId($id)) {
+            throw new Exception('Invalid paste ID.', 65);
+        }
+        $this->_data->meta->parentid = $id;
+    }
+
+    /**
+     * Get parent ID.
+     *
+     * @access public
+     * @return string
+     */
+    public function getParentId()
+    {
+        if (!property_exists($this->_data->meta, 'parentid')) {
+            $this->_data->meta->parentid = '';
+        }
+        return $this->_data->meta->parentid;
+    }
+
+    /**
+     * Set nickname.
+     *
+     * @access public
+     * @param string $nickname
+     * @throws Exception
+     * @return void
+     */
+    public function setNickname($nickname)
+    {
+        if (!Sjcl::isValid($nickname)) {
+            throw new Exception('Invalid data.', 66);
+        }
+        $this->_data->meta->nickname = $nickname;
+
+        // If a nickname is provided, we generate an icon based on a SHA512 HMAC
+        // of the users IP. (We assume that if the user did not enter a nickname,
+        // the user wants to be anonymous and we will not generate an icon.)
+        $icon = $this->_conf->getKey('icon');
+        if ($icon != 'none') {
+            $pngdata = '';
+            $hmac    = TrafficLimiter::getHash();
+            if ($icon == 'identicon') {
+                $identicon = new Identicon();
+                $pngdata   = $identicon->getImageDataUri($hmac, 16);
+            } elseif ($icon == 'vizhash') {
+                $vh      = new Vizhash16x16();
+                $pngdata = 'data:image/png;base64,' . base64_encode(
+                    $vh->generate($hmac)
+                );
+            }
+            if ($pngdata != '') {
+                $this->_data->meta->vizhash = $pngdata;
+            }
+        }
+        // Once the icon is generated, we do not keep the IP address hash.
+    }
+}

lib/Model/Paste.php

@@ -0,0 +1,325 @@
+<?php
+/**
+ * PrivateBin
+ *
+ * a zero-knowledge paste bin
+ *
+ * @link      https://github.com/PrivateBin/PrivateBin
+ * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
+ * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
+ * @version   1.1
+ */
+
+namespace PrivateBin\Model;
+
+use Exception;
+use PrivateBin\Persistence\ServerSalt;
+use PrivateBin\PrivateBin;
+use PrivateBin\Sjcl;
+
+/**
+ * Paste
+ *
+ * Model of a PrivateBin paste.
+ */
+class Paste extends AbstractModel
+{
+    /**
+     * Get paste data.
+     *
+     * @access public
+     * @throws Exception
+     * @return stdClass
+     */
+    public function get()
+    {
+        $data = $this->_store->read($this->getId());
+        if ($data === false) {
+            throw new Exception(PrivateBin::GENERIC_ERROR, 64);
+        }
+
+        // check if paste has expired and delete it if neccessary.
+        if (property_exists($data->meta, 'expire_date')) {
+            if ($data->meta->expire_date < time()) {
+                $this->delete();
+                throw new Exception(PrivateBin::GENERIC_ERROR, 63);
+            }
+            // We kindly provide the remaining time before expiration (in seconds)
+            $data->meta->remaining_time = $data->meta->expire_date - time();
+        }
+
+        // set formatter for for the view.
+        if (!property_exists($data->meta, 'formatter')) {
+            // support < 0.21 syntax highlighting
+            if (property_exists($data->meta, 'syntaxcoloring') && $data->meta->syntaxcoloring === true) {
+                $data->meta->formatter = 'syntaxhighlighting';
+            } else {
+                $data->meta->formatter = $this->_conf->getKey('defaultformatter');
+            }
+        }
+
+        // support old paste format with server wide salt
+        if (!property_exists($data->meta, 'salt')) {
+            $data->meta->salt = ServerSalt::get();
+        }
+        $data->comments       = array_values($this->getComments());
+        $data->comment_count  = count($data->comments);
+        $data->comment_offset = 0;
+        $data->{'@context'}   = 'js/paste.jsonld';
+        $this->_data          = $data;
+        return $this->_data;
+    }
+
+    /**
+     * Store the paste's data.
+     *
+     * @access public
+     * @throws Exception
+     * @return void
+     */
+    public function store()
+    {
+        // Check for improbable collision.
+        if ($this->exists()) {
+            throw new Exception('You are unlucky. Try again.', 75);
+        }
+
+        $this->_data->meta->postdate = time();
+        $this->_data->meta->salt     = serversalt::generate();
+
+        // store paste
+        if (
+            $this->_store->create(
+                $this->getId(),
+                json_decode(json_encode($this->_data), true)
+            ) === false
+        ) {
+            throw new Exception('Error saving paste. Sorry.', 76);
+        }
+    }
+
+    /**
+     * Delete the paste.
+     *
+     * @access public
+     * @throws Exception
+     * @return void
+     */
+    public function delete()
+    {
+        $this->_store->delete($this->getId());
+    }
+
+    /**
+     * Test if paste exists in store.
+     *
+     * @access public
+     * @return bool
+     */
+    public function exists()
+    {
+        return $this->_store->exists($this->getId());
+    }
+
+    /**
+     * Get a comment, optionally a specific instance.
+     *
+     * @access public
+     * @param string $parentId
+     * @param string $commentId
+     * @throws Exception
+     * @return Comment
+     */
+    public function getComment($parentId, $commentId = null)
+    {
+        if (!$this->exists()) {
+            throw new Exception('Invalid data.', 62);
+        }
+        $comment = new Comment($this->_conf, $this->_store);
+        $comment->setPaste($this);
+        $comment->setParentId($parentId);
+        if ($commentId !== null) {
+            $comment->setId($commentId);
+        }
+        return $comment;
+    }
+
+    /**
+     * Get all comments, if any.
+     *
+     * @access public
+     * @return array
+     */
+    public function getComments()
+    {
+        return $this->_store->readComments($this->getId());
+    }
+
+    /**
+     * Generate the "delete" token.
+     *
+     * The token is the hmac of the pastes ID signed with the server salt.
+     * The paste can be deleted by calling:
+     * http://example.com/privatebin/?pasteid=<pasteid>&deletetoken=<deletetoken>
+     *
+     * @access public
+     * @return string
+     */
+    public function getDeleteToken()
+    {
+        if (!property_exists($this->_data->meta, 'salt')) {
+            $this->get();
+        }
+        return hash_hmac(
+            $this->_conf->getKey('zerobincompatibility') ? 'sha1' : 'sha256',
+            $this->getId(),
+            $this->_data->meta->salt
+        );
+    }
+
+    /**
+     * Set paste's attachment.
+     *
+     * @access public
+     * @param string $attachment
+     * @throws Exception
+     * @return void
+     */
+    public function setAttachment($attachment)
+    {
+        if (!$this->_conf->getKey('fileupload') || !Sjcl::isValid($attachment)) {
+            throw new Exception('Invalid attachment.', 71);
+        }
+        $this->_data->meta->attachment = $attachment;
+    }
+
+    /**
+     * Set paste's attachment name.
+     *
+     * @access public
+     * @param string $attachmentname
+     * @throws Exception
+     * @return void
+     */
+    public function setAttachmentName($attachmentname)
+    {
+        if (!$this->_conf->getKey('fileupload') || !Sjcl::isValid($attachmentname)) {
+            throw new Exception('Invalid attachment.', 72);
+        }
+        $this->_data->meta->attachmentname = $attachmentname;
+    }
+
+    /**
+     * Set paste expiration.
+     *
+     * @access public
+     * @param string $expiration
+     * @return void
+     */
+    public function setExpiration($expiration)
+    {
+        $expire_options = $this->_conf->getSection('expire_options');
+        if (array_key_exists($expiration, $expire_options)) {
+            $expire = $expire_options[$expiration];
+        } else {
+            // using getKey() to ensure a default value is present
+            $expire = $this->_conf->getKey($this->_conf->getKey('default', 'expire'), 'expire_options');
+        }
+        if ($expire > 0) {
+            $this->_data->meta->expire_date = time() + $expire;
+        }
+    }
+
+    /**
+     * Set paste's burn-after-reading type.
+     *
+     * @access public
+     * @param string $burnafterreading
+     * @throws Exception
+     * @return void
+     */
+    public function setBurnafterreading($burnafterreading = '1')
+    {
+        if ($burnafterreading === '0') {
+            $this->_data->meta->burnafterreading = false;
+        } else {
+            if ($burnafterreading !== '1') {
+                throw new Exception('Invalid data.', 73);
+            }
+            $this->_data->meta->burnafterreading = true;
+            $this->_data->meta->opendiscussion   = false;
+        }
+    }
+
+    /**
+     * Set paste's discussion state.
+     *
+     * @access public
+     * @param string $opendiscussion
+     * @throws Exception
+     * @return void
+     */
+    public function setOpendiscussion($opendiscussion = '1')
+    {
+        if (
+            !$this->_conf->getKey('discussion') ||
+            $this->isBurnafterreading() ||
+            $opendiscussion === '0'
+        ) {
+            $this->_data->meta->opendiscussion = false;
+        } else {
+            if ($opendiscussion !== '1') {
+                throw new Exception('Invalid data.', 74);
+            }
+            $this->_data->meta->opendiscussion = true;
+        }
+    }
+
+    /**
+     * Set paste's format.
+     *
+     * @access public
+     * @param string $format
+     * @throws Exception
+     * @return void
+     */
+    public function setFormatter($format)
+    {
+        if (!array_key_exists($format, $this->_conf->getSection('formatter_options'))) {
+            $format = $this->_conf->getKey('defaultformatter');
+        }
+        $this->_data->meta->formatter = $format;
+    }
+
+    /**
+     * Check if paste is of burn-after-reading type.
+     *
+     * @access public
+     * @throws Exception
+     * @return bool
+     */
+    public function isBurnafterreading()
+    {
+        if (!property_exists($this->_data, 'data')) {
+            $this->get();
+        }
+        return property_exists($this->_data->meta, 'burnafterreading') &&
+               $this->_data->meta->burnafterreading === true;
+    }
+
+    /**
+     * Check if paste has discussions enabled.
+     *
+     * @access public
+     * @throws Exception
+     * @return bool
+     */
+    public function isOpendiscussion()
+    {
+        if (!property_exists($this->_data, 'data')) {
+            $this->get();
+        }
+        return property_exists($this->_data->meta, 'opendiscussion') &&
+               $this->_data->meta->opendiscussion === true;
+    }
+}

lib/Persistence/AbstractPersistence.php

@@ -1,21 +1,25 @@
 <?php
 /**
- * ZeroBin
+ * PrivateBin
  *
  * a zero-knowledge paste bin
  *
- * @link      http://sebsauvage.net/wiki/doku.php?id=php:zerobin
+ * @link      https://github.com/PrivateBin/PrivateBin
  * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
- * @license   http://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   0.21.1
+ * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
+ * @version   1.1
  */
 
+namespace PrivateBin\Persistence;
+
+use Exception;
+
 /**
- * persistence
+ * AbstractPersistence
  *
  * persists data in PHP files
  */
-abstract class persistence
+abstract class AbstractPersistence
 {
     /**
      * path in which to persist something
@@ -45,11 +49,11 @@ abstract class persistence
      * @access public
      * @static
      * @param  string $filename
-     * @return void
+     * @return string
      */
     public static function getPath($filename = null)
     {
-        if(strlen($filename)) {
+        if (strlen($filename)) {
             return self::$_path . DIRECTORY_SEPARATOR . $filename;
         } else {
             return self::$_path;
@@ -81,18 +85,19 @@ abstract class persistence
     protected static function _initialize()
     {
         // Create storage directory if it does not exist.
-        if (!is_dir(self::$_path))
-            if (!@mkdir(self::$_path))
+        if (!is_dir(self::$_path)) {
+            if (!@mkdir(self::$_path)) {
                 throw new Exception('unable to create directory ' . self::$_path, 10);
+            }
+        }
 
         // Create .htaccess file if it does not exist.
         $file = self::$_path . DIRECTORY_SEPARATOR . '.htaccess';
-        if (!is_file($file))
-        {
+        if (!is_file($file)) {
             $writtenBytes = @file_put_contents(
                 $file,
                 'Allow from none' . PHP_EOL .
-                'Deny from all'. PHP_EOL,
+                'Deny from all' . PHP_EOL,
                 LOCK_EX
             );
             if ($writtenBytes === false || $writtenBytes < 30) {
@@ -114,11 +119,12 @@ abstract class persistence
     protected static function _store($filename, $data)
     {
         self::_initialize();
-        $file = self::$_path . DIRECTORY_SEPARATOR . $filename;
+        $file         = self::$_path . DIRECTORY_SEPARATOR . $filename;
         $writtenBytes = @file_put_contents($file, $data, LOCK_EX);
         if ($writtenBytes === false || $writtenBytes < strlen($data)) {
             throw new Exception('unable to write to file ' . $file, 13);
         }
+        @chmod($file, 0640); // protect file access
         return $file;
     }
 }

lib/Persistence/PurgeLimiter.php

@@ -0,0 +1,94 @@
+<?php
+/**
+ * PrivateBin
+ *
+ * a zero-knowledge paste bin
+ *
+ * @link      https://github.com/PrivateBin/PrivateBin
+ * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
+ * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
+ * @version   1.1
+ */
+
+namespace PrivateBin\Persistence;
+
+use PrivateBin\Configuration;
+
+/**
+ * PurgeLimiter
+ *
+ * Handles purge limiting, so purging is not triggered too frequently.
+ */
+class PurgeLimiter extends AbstractPersistence
+{
+    /**
+     * time limit in seconds, defaults to 300s
+     *
+     * @access private
+     * @static
+     * @var    int
+     */
+    private static $_limit = 300;
+
+    /**
+     * set the time limit in seconds
+     *
+     * @access public
+     * @static
+     * @param  int $limit
+     * @return void
+     */
+    public static function setLimit($limit)
+    {
+        self::$_limit = $limit;
+    }
+
+    /**
+     * set configuration options of the traffic limiter
+     *
+     * @access public
+     * @static
+     * @param Configuration $conf
+     * @return void
+     */
+    public static function setConfiguration(Configuration $conf)
+    {
+        self::setLimit($conf->getKey('limit', 'purge'));
+        self::setPath($conf->getKey('dir', 'purge'));
+    }
+
+    /**
+     * check if the purge can be performed
+     *
+     * @access public
+     * @static
+     * @throws Exception
+     * @return bool
+     */
+    public static function canPurge()
+    {
+        // disable limits if set to less then 1
+        if (self::$_limit < 1) {
+            return true;
+        }
+
+        $file    = 'purge_limiter.php';
+        $now     = time();
+        $content = '<?php' . PHP_EOL . '$GLOBALS[\'purge_limiter\'] = ' . $now . ';' . PHP_EOL;
+        if (!self::_exists($file)) {
+            self::_store($file, $content);
+        }
+
+        $path = self::getPath($file);
+        require $path;
+        $pl = $GLOBALS['purge_limiter'];
+
+        if ($pl + self::$_limit >= $now) {
+            $result = false;
+        } else {
+            $result = true;
+            self::_store($file, $content);
+        }
+        return $result;
+    }
+}

lib/Persistence/ServerSalt.php

@@ -1,27 +1,40 @@
 <?php
 /**
- * ZeroBin
+ * PrivateBin
  *
  * a zero-knowledge paste bin
  *
- * @link      http://sebsauvage.net/wiki/doku.php?id=php:zerobin
+ * @link      https://github.com/PrivateBin/PrivateBin
  * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
- * @license   http://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   0.21.1
+ * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
+ * @version   1.1
  */
 
+namespace PrivateBin\Persistence;
+
+use Exception;
+
 /**
- * serversalt
+ * ServerSalt
  *
- * This is a random string which is unique to each ZeroBin installation.
+ * This is a random string which is unique to each PrivateBin installation.
  * It is automatically created if not present.
  *
  * Salt is used:
- * - to generate unique VizHash in discussions (which are not reproductible across ZeroBin servers)
- * - to generate unique deletion token (which are not re-usable across ZeroBin servers)
+ * - to generate unique VizHash in discussions (which are not reproductible across PrivateBin servers)
+ * - to generate unique deletion token (which are not re-usable across PrivateBin servers)
  */
-class serversalt extends persistence
+class ServerSalt extends AbstractPersistence
 {
+    /**
+     * file where salt is saved to
+     *
+     * @access private
+     * @static
+     * @var    string
+     */
+    private static $_file = 'salt.php';
+
     /**
      * generated salt
      *
@@ -40,17 +53,7 @@ class serversalt extends persistence
      */
     public static function generate()
     {
-        $randomSalt = '';
-        if (function_exists('mcrypt_create_iv'))
-        {
-            $randomSalt = bin2hex(mcrypt_create_iv(256, MCRYPT_DEV_URANDOM));
-        }
-        else // fallback to mt_rand()
-        {
-            for($i = 0; $i < 256; ++$i) {
-                $randomSalt .= base_convert(mt_rand(), 10, 16);
-            }
-        }
+        $randomSalt = bin2hex(random_bytes(256));
         return $randomSalt;
     }
 
@@ -64,20 +67,23 @@ class serversalt extends persistence
      */
     public static function get()
     {
-        if (strlen(self::$_salt)) return self::$_salt;
+        if (strlen(self::$_salt)) {
+            return self::$_salt;
+        }
 
-        $file = 'salt.php';
-        if (self::_exists($file)) {
-            $items = explode('|', @file_get_contents(self::getPath($file)));
-            if (!is_array($items) || count($items) != 3) {
-                throw new Exception('unable to read file ' . self::getPath($file), 20);
+        if (self::_exists(self::$_file)) {
+            if (is_readable(self::getPath(self::$_file))) {
+                $items = explode('|', file_get_contents(self::getPath(self::$_file)));
+            }
+            if (!isset($items) || !is_array($items) || count($items) != 3) {
+                throw new Exception('unable to read file ' . self::getPath(self::$_file), 20);
             }
             self::$_salt = $items[1];
         } else {
             self::$_salt = self::generate();
             self::_store(
-                $file,
-                '<?php /* |'. self::$_salt . '| */ ?>'
+                self::$_file,
+                '<?php /* |' . self::$_salt . '| */ ?>'
             );
         }
         return self::$_salt;
@@ -93,7 +99,7 @@ class serversalt extends persistence
      */
     public static function setPath($path)
     {
-    	self::$_salt = '';
+        self::$_salt = '';
         parent::setPath($path);
     }
 }

lib/Persistence/TrafficLimiter.php

@@ -0,0 +1,142 @@
+<?php
+/**
+ * PrivateBin
+ *
+ * a zero-knowledge paste bin
+ *
+ * @link      https://github.com/PrivateBin/PrivateBin
+ * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
+ * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
+ * @version   1.1
+ */
+
+namespace PrivateBin\Persistence;
+
+use PrivateBin\Configuration;
+
+/**
+ * TrafficLimiter
+ *
+ * Handles traffic limiting, so no user does more than one call per 10 seconds.
+ */
+class TrafficLimiter extends AbstractPersistence
+{
+    /**
+     * time limit in seconds, defaults to 10s
+     *
+     * @access private
+     * @static
+     * @var    int
+     */
+    private static $_limit = 10;
+
+    /**
+     * key to fetch IP address
+     *
+     * @access private
+     * @static
+     * @var    string
+     */
+    private static $_ipKey = 'REMOTE_ADDR';
+
+    /**
+     * set the time limit in seconds
+     *
+     * @access public
+     * @static
+     * @param  int $limit
+     * @return void
+     */
+    public static function setLimit($limit)
+    {
+        self::$_limit = $limit;
+    }
+
+    /**
+     * set configuration options of the traffic limiter
+     *
+     * @access public
+     * @static
+     * @param Configuration $conf
+     * @return void
+     */
+    public static function setConfiguration(Configuration $conf)
+    {
+        self::setLimit($conf->getKey('limit', 'traffic'));
+        self::setPath($conf->getKey('dir', 'traffic'));
+        if (($option = $conf->getKey('header', 'traffic')) !== null) {
+            $httpHeader = 'HTTP_' . $option;
+            if (array_key_exists($httpHeader, $_SERVER) && !empty($_SERVER[$httpHeader])) {
+                self::$_ipKey = $httpHeader;
+            }
+        }
+    }
+
+    /**
+     * get a HMAC of the current visitors IP address
+     *
+     * @access public
+     * @static
+     * @param  string $algo
+     * @return string
+     */
+    public static function getHash($algo = 'sha512')
+    {
+        return hash_hmac($algo, $_SERVER[self::$_ipKey], ServerSalt::get());
+    }
+
+    /**
+     * traffic limiter
+     *
+     * Make sure the IP address makes at most 1 request every 10 seconds.
+     *
+     * @access public
+     * @static
+     * @throws Exception
+     * @return bool
+     */
+    public static function canPass()
+    {
+        // disable limits if set to less then 1
+        if (self::$_limit < 1) {
+            return true;
+        }
+
+        $file = 'traffic_limiter.php';
+        if (!self::_exists($file)) {
+            self::_store(
+                $file,
+                '<?php' . PHP_EOL .
+                '$GLOBALS[\'traffic_limiter\'] = array();' . PHP_EOL
+            );
+        }
+
+        $path = self::getPath($file);
+        require $path;
+        $now = time();
+        $tl  = $GLOBALS['traffic_limiter'];
+
+        // purge file of expired hashes to keep it small
+        foreach ($tl as $key => $time) {
+            if ($time + self::$_limit < $now) {
+                unset($tl[$key]);
+            }
+        }
+
+        // this hash is used as an array key, hence a shorter hash is used
+        $hash = self::getHash('sha256');
+        if (array_key_exists($hash, $tl) && ($tl[$hash] + self::$_limit >= $now)) {
+            $result = false;
+        } else {
+            $tl[$hash] = time();
+            $result    = true;
+        }
+        self::_store(
+            $file,
+            '<?php' . PHP_EOL .
+            '$GLOBALS[\'traffic_limiter\'] = ' .
+            var_export($tl, true) . ';' . PHP_EOL
+        );
+        return $result;
+    }
+}

lib/PrivateBin.php

@@ -0,0 +1,515 @@
+<?php
+/**
+ * PrivateBin
+ *
+ * a zero-knowledge paste bin
+ *
+ * @link      https://github.com/PrivateBin/PrivateBin
+ * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
+ * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
+ * @version   1.1
+ */
+
+namespace PrivateBin;
+
+use Exception;
+use PrivateBin\Persistence\ServerSalt;
+use PrivateBin\Persistence\TrafficLimiter;
+
+/**
+ * PrivateBin
+ *
+ * Controller, puts it all together.
+ */
+class PrivateBin
+{
+    /**
+     * version
+     *
+     * @const string
+     */
+    const VERSION = '1.1';
+
+    /**
+     * show the same error message if the paste expired or does not exist
+     *
+     * @const string
+     */
+    const GENERIC_ERROR = 'Paste does not exist, has expired or has been deleted.';
+
+    /**
+     * configuration
+     *
+     * @access private
+     * @var    Configuration
+     */
+    private $_conf;
+
+    /**
+     * data
+     *
+     * @access private
+     * @var    string
+     */
+    private $_data = '';
+
+    /**
+     * does the paste expire
+     *
+     * @access private
+     * @var    bool
+     */
+    private $_doesExpire = false;
+
+    /**
+     * error message
+     *
+     * @access private
+     * @var    string
+     */
+    private $_error = '';
+
+    /**
+     * status message
+     *
+     * @access private
+     * @var    string
+     */
+    private $_status = '';
+
+    /**
+     * JSON message
+     *
+     * @access private
+     * @var    string
+     */
+    private $_json = '';
+
+    /**
+     * Factory of instance models
+     *
+     * @access private
+     * @var    model
+     */
+    private $_model;
+
+    /**
+     * request
+     *
+     * @access private
+     * @var    request
+     */
+    private $_request;
+
+    /**
+     * URL base
+     *
+     * @access private
+     * @var    string
+     */
+    private $_urlBase;
+
+    /**
+     * constructor
+     *
+     * initializes and runs PrivateBin
+     *
+     * @access public
+     * @throws Exception
+     * @return void
+     */
+    public function __construct()
+    {
+        if (version_compare(PHP_VERSION, '5.3.0') < 0) {
+            throw new Exception(I18n::_('%s requires php 5.3.0 or above to work. Sorry.', I18n::_('PrivateBin')), 1);
+        }
+        if (strlen(PATH) < 0 && substr(PATH, -1) !== DIRECTORY_SEPARATOR) {
+            throw new Exception(I18n::_('%s requires the PATH to end in a "%s". Please update the PATH in your index.php.', I18n::_('PrivateBin'), DIRECTORY_SEPARATOR), 5);
+        }
+
+        // load config from ini file, initialize required classes
+        $this->_init();
+
+        switch ($this->_request->getOperation()) {
+            case 'create':
+                $this->_create();
+                break;
+            case 'delete':
+                $this->_delete(
+                    $this->_request->getParam('pasteid'),
+                    $this->_request->getParam('deletetoken')
+                );
+                break;
+            case 'read':
+                $this->_read($this->_request->getParam('pasteid'));
+                break;
+            case 'jsonld':
+                $this->_jsonld($this->_request->getParam('jsonld'));
+                return;
+        }
+
+        // output JSON or HTML
+        if ($this->_request->isJsonApiCall()) {
+            header('Content-type: ' . Request::MIME_JSON);
+            header('Access-Control-Allow-Origin: *');
+            header('Access-Control-Allow-Methods: GET, POST, PUT, DELETE');
+            header('Access-Control-Allow-Headers: X-Requested-With, Content-Type');
+            echo $this->_json;
+        } else {
+            $this->_view();
+        }
+    }
+
+    /**
+     * initialize privatebin
+     *
+     * @access private
+     * @return void
+     */
+    private function _init()
+    {
+        foreach (array('cfg', 'lib') as $dir) {
+            if (!is_file(PATH . $dir . DIRECTORY_SEPARATOR . '.htaccess')) {
+                file_put_contents(
+                PATH . $dir . DIRECTORY_SEPARATOR . '.htaccess',
+                'Allow from none' . PHP_EOL .
+                'Deny from all' . PHP_EOL,
+                LOCK_EX
+            );
+            }
+        }
+
+        $this->_conf    = new Configuration;
+        $this->_model   = new Model($this->_conf);
+        $this->_request = new Request;
+        $this->_urlBase = array_key_exists('REQUEST_URI', $_SERVER) ?
+            htmlspecialchars($_SERVER['REQUEST_URI']) : '/';
+        ServerSalt::setPath($this->_conf->getKey('dir', 'traffic'));
+
+        // set default language
+        $lang = $this->_conf->getKey('languagedefault');
+        I18n::setLanguageFallback($lang);
+        // force default language, if language selection is disabled and a default is set
+        if (!$this->_conf->getKey('languageselection') && strlen($lang) == 2) {
+            $_COOKIE['lang'] = $lang;
+            setcookie('lang', $lang);
+        }
+    }
+
+    /**
+     * Store new paste or comment
+     *
+     * POST contains one or both:
+     * data = json encoded SJCL encrypted text (containing keys: iv,v,iter,ks,ts,mode,adata,cipher,salt,ct)
+     * attachment = json encoded SJCL encrypted text (containing keys: iv,v,iter,ks,ts,mode,adata,cipher,salt,ct)
+     *
+     * All optional data will go to meta information:
+     * expire (optional) = expiration delay (never,5min,10min,1hour,1day,1week,1month,1year,burn) (default:never)
+     * formatter (optional) = format to display the paste as (plaintext,syntaxhighlighting,markdown) (default:syntaxhighlighting)
+     * burnafterreading (optional) = if this paste may only viewed once ? (0/1) (default:0)
+     * opendiscusssion (optional) = is the discussion allowed on this paste ? (0/1) (default:0)
+     * attachmentname = json encoded SJCL encrypted text (containing keys: iv,v,iter,ks,ts,mode,adata,cipher,salt,ct)
+     * nickname (optional) = in discussion, encoded SJCL encrypted text nickname of author of comment (containing keys: iv,v,iter,ks,ts,mode,adata,cipher,salt,ct)
+     * parentid (optional) = in discussion, which comment this comment replies to.
+     * pasteid (optional) = in discussion, which paste this comment belongs to.
+     *
+     * @access private
+     * @return string
+     */
+    private function _create()
+    {
+        // Ensure last paste from visitors IP address was more than configured amount of seconds ago.
+        TrafficLimiter::setConfiguration($this->_conf);
+        if (!TrafficLimiter::canPass()) {
+            return $this->_return_message(
+            1, I18n::_(
+                'Please wait %d seconds between each post.',
+                $this->_conf->getKey('limit', 'traffic')
+            )
+        );
+        }
+
+        $data           = $this->_request->getParam('data');
+        $attachment     = $this->_request->getParam('attachment');
+        $attachmentname = $this->_request->getParam('attachmentname');
+
+        // Ensure content is not too big.
+        $sizelimit = $this->_conf->getKey('sizelimit');
+        if (
+            strlen($data) + strlen($attachment) + strlen($attachmentname) > $sizelimit
+        ) {
+            return $this->_return_message(
+            1,
+            I18n::_(
+                'Paste is limited to %s of encrypted data.',
+                Filter::formatHumanReadableSize($sizelimit)
+            )
+        );
+        }
+
+        // Ensure attachment did not get lost due to webserver limits or Suhosin
+        if (strlen($attachmentname) > 0 && strlen($attachment) == 0) {
+            return $this->_return_message(1, 'Attachment missing in data received by server. Please check your webserver or suhosin configuration for maximum POST parameter limitations.');
+        }
+
+        // The user posts a comment.
+        $pasteid  = $this->_request->getParam('pasteid');
+        $parentid = $this->_request->getParam('parentid');
+        if (!empty($pasteid) && !empty($parentid)) {
+            $paste = $this->_model->getPaste($pasteid);
+            if ($paste->exists()) {
+                try {
+                    $comment = $paste->getComment($parentid);
+
+                    $nickname = $this->_request->getParam('nickname');
+                    if (!empty($nickname)) {
+                        $comment->setNickname($nickname);
+                    }
+
+                    $comment->setData($data);
+                    $comment->store();
+                } catch (Exception $e) {
+                    return $this->_return_message(1, $e->getMessage());
+                }
+                $this->_return_message(0, $comment->getId());
+            } else {
+                $this->_return_message(1, 'Invalid data.');
+            }
+        }
+        // The user posts a standard paste.
+        else {
+            $this->_model->purge();
+            $paste = $this->_model->getPaste();
+            try {
+                $paste->setData($data);
+
+                if (!empty($attachment)) {
+                    $paste->setAttachment($attachment);
+                    if (!empty($attachmentname)) {
+                        $paste->setAttachmentName($attachmentname);
+                    }
+                }
+
+                $expire = $this->_request->getParam('expire');
+                if (!empty($expire)) {
+                    $paste->setExpiration($expire);
+                }
+
+                $burnafterreading = $this->_request->getParam('burnafterreading');
+                if (!empty($burnafterreading)) {
+                    $paste->setBurnafterreading($burnafterreading);
+                }
+
+                $opendiscussion = $this->_request->getParam('opendiscussion');
+                if (!empty($opendiscussion)) {
+                    $paste->setOpendiscussion($opendiscussion);
+                }
+
+                $formatter = $this->_request->getParam('formatter');
+                if (!empty($formatter)) {
+                    $paste->setFormatter($formatter);
+                }
+
+                $paste->store();
+            } catch (Exception $e) {
+                return $this->_return_message(1, $e->getMessage());
+            }
+            $this->_return_message(0, $paste->getId(), array('deletetoken' => $paste->getDeleteToken()));
+        }
+    }
+
+    /**
+     * Delete an existing paste
+     *
+     * @access private
+     * @param  string $dataid
+     * @param  string $deletetoken
+     * @return void
+     */
+    private function _delete($dataid, $deletetoken)
+    {
+        try {
+            $paste = $this->_model->getPaste($dataid);
+            if ($paste->exists()) {
+                // accessing this property ensures that the paste would be
+                // deleted if it has already expired
+                $burnafterreading = $paste->isBurnafterreading();
+                if (
+                    ($burnafterreading && $deletetoken == 'burnafterreading') ||
+                    Filter::slowEquals($deletetoken, $paste->getDeleteToken())
+                ) {
+                    // Paste exists and deletion token is valid: Delete the paste.
+                    $paste->delete();
+                    $this->_status = 'Paste was properly deleted.';
+                } else {
+                    if (!$burnafterreading && $deletetoken == 'burnafterreading') {
+                        $this->_error = 'Paste is not of burn-after-reading type.';
+                    } else {
+                        $this->_error = 'Wrong deletion token. Paste was not deleted.';
+                    }
+                }
+            } else {
+                $this->_error = self::GENERIC_ERROR;
+            }
+        } catch (Exception $e) {
+            $this->_error = $e->getMessage();
+        }
+        if ($this->_request->isJsonApiCall()) {
+            if (strlen($this->_error)) {
+                $this->_return_message(1, $this->_error);
+            } else {
+                $this->_return_message(0, $dataid);
+            }
+        }
+    }
+
+    /**
+     * Read an existing paste or comment
+     *
+     * @access private
+     * @param  string $dataid
+     * @return void
+     */
+    private function _read($dataid)
+    {
+        try {
+            $paste = $this->_model->getPaste($dataid);
+            if ($paste->exists()) {
+                $data              = $paste->get();
+                $this->_doesExpire = property_exists($data, 'meta') && property_exists($data->meta, 'expire_date');
+                if (property_exists($data->meta, 'salt')) {
+                    unset($data->meta->salt);
+                }
+                $this->_data = json_encode($data);
+            } else {
+                $this->_error = self::GENERIC_ERROR;
+            }
+        } catch (Exception $e) {
+            $this->_error = $e->getMessage();
+        }
+
+        if ($this->_request->isJsonApiCall()) {
+            if (strlen($this->_error)) {
+                $this->_return_message(1, $this->_error);
+            } else {
+                $this->_return_message(0, $dataid, json_decode($this->_data, true));
+            }
+        }
+    }
+
+    /**
+     * Display PrivateBin frontend.
+     *
+     * @access private
+     * @return void
+     */
+    private function _view()
+    {
+        // set headers to disable caching
+        $time = gmdate('D, d M Y H:i:s \G\M\T');
+        header('Cache-Control: no-store, no-cache, no-transform, must-revalidate');
+        header('Pragma: no-cache');
+        header('Expires: ' . $time);
+        header('Last-Modified: ' . $time);
+        header('Vary: Accept');
+        header('Content-Security-Policy: ' . $this->_conf->getKey('cspheader'));
+        header('X-Xss-Protection: 1; mode=block');
+        header('X-Frame-Options: DENY');
+        header('X-Content-Type-Options: nosniff');
+
+        // label all the expiration options
+        $expire = array();
+        foreach ($this->_conf->getSection('expire_options') as $time => $seconds) {
+            $expire[$time] = ($seconds == 0) ? I18n::_(ucfirst($time)) : Filter::formatHumanReadableTime($time);
+        }
+
+        // translate all the formatter options
+        $formatters = array_map('PrivateBin\\I18n::_', $this->_conf->getSection('formatter_options'));
+
+        // set language cookie if that functionality was enabled
+        $languageselection = '';
+        if ($this->_conf->getKey('languageselection')) {
+            $languageselection = I18n::getLanguage();
+            setcookie('lang', $languageselection);
+        }
+
+        $page = new View;
+        $page->assign('NAME', $this->_conf->getKey('name'));
+        $page->assign('CIPHERDATA', $this->_data);
+        $page->assign('ERROR', I18n::_($this->_error));
+        $page->assign('STATUS', I18n::_($this->_status));
+        $page->assign('VERSION', self::VERSION);
+        $page->assign('DISCUSSION', $this->_conf->getKey('discussion'));
+        $page->assign('OPENDISCUSSION', $this->_conf->getKey('opendiscussion'));
+        $page->assign('MARKDOWN', array_key_exists('markdown', $formatters));
+        $page->assign('SYNTAXHIGHLIGHTING', array_key_exists('syntaxhighlighting', $formatters));
+        $page->assign('SYNTAXHIGHLIGHTINGTHEME', $this->_conf->getKey('syntaxhighlightingtheme'));
+        $page->assign('FORMATTER', $formatters);
+        $page->assign('FORMATTERDEFAULT', $this->_conf->getKey('defaultformatter'));
+        $page->assign('NOTICE', I18n::_($this->_conf->getKey('notice')));
+        $page->assign('BURNAFTERREADINGSELECTED', $this->_conf->getKey('burnafterreadingselected'));
+        $page->assign('PASSWORD', $this->_conf->getKey('password'));
+        $page->assign('FILEUPLOAD', $this->_conf->getKey('fileupload'));
+        $page->assign('ZEROBINCOMPATIBILITY', $this->_conf->getKey('zerobincompatibility'));
+        $page->assign('LANGUAGESELECTION', $languageselection);
+        $page->assign('LANGUAGES', I18n::getLanguageLabels(I18n::getAvailableLanguages()));
+        $page->assign('EXPIRE', $expire);
+        $page->assign('EXPIREDEFAULT', $this->_conf->getKey('default', 'expire'));
+        $page->assign('EXPIRECLONE', !$this->_doesExpire || ($this->_doesExpire && $this->_conf->getKey('clone', 'expire')));
+        $page->assign('URLSHORTENER', $this->_conf->getKey('urlshortener'));
+        $page->draw($this->_conf->getKey('template'));
+    }
+
+    /**
+     * outputs requested JSON-LD context
+     *
+     * @access private
+     * @param string $type
+     * @return void
+     */
+    private function _jsonld($type)
+    {
+        if (
+            $type !== 'paste' && $type !== 'comment' &&
+            $type !== 'pastemeta' && $type !== 'commentmeta'
+        ) {
+            $type = '';
+        }
+        $content = '{}';
+        $file    = PUBLIC_PATH . DIRECTORY_SEPARATOR . 'js' . DIRECTORY_SEPARATOR . $type . '.jsonld';
+        if (is_readable($file)) {
+            $content = str_replace(
+                '?jsonld=',
+                $this->_urlBase . '?jsonld=',
+                file_get_contents($file)
+            );
+        }
+
+        header('Content-type: application/ld+json');
+        header('Access-Control-Allow-Origin: *');
+        header('Access-Control-Allow-Methods: GET');
+        echo $content;
+    }
+
+    /**
+     * prepares JSON encoded status message
+     *
+     * @access private
+     * @param  int $status
+     * @param  string $message
+     * @param  array $other
+     * @return void
+     */
+    private function _return_message($status, $message, $other = array())
+    {
+        $result = array('status' => $status);
+        if ($status) {
+            $result['message'] = I18n::_($message);
+        } else {
+            $result['id']  = $message;
+            $result['url'] = $this->_urlBase . '?' . $message;
+        }
+        $result += $other;
+        $this->_json = json_encode($result);
+    }
+}