incrementing version

administrative script

.gitattributes

@@ -1,3 +1,5 @@
+bin/configuration-test-generator export-ignore
+bin/icon-test export-ignore
 doc/ export-ignore
 tst/ export-ignore
 img/browserstack.svg export-ignore

.github/dependabot.yml

@@ -0,0 +1,14 @@
+version: 2
+updates:
+  # Maintain dependencies for GitHub Actions
+  # src: https://github.com/marketplace/actions/build-and-push-docker-images#keep-up-to-date-with-github-dependabot
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"
+  # Also keep PHP (Composer) dependencies up-to-date
+  # see: https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#package-ecosystem
+  - package-ecosystem: "composer"
+    directory: "/"
+    schedule:
+      interval: "daily"

.github/workflows/codeql-analysis.yml

@@ -33,11 +33,11 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v2
+      uses: actions/checkout@v3
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v1
+      uses: github/codeql-action/init@v2
       with:
         languages: ${{ matrix.language }}
         # If you wish to specify custom queries, you can do so here or in a config file.
@@ -46,4 +46,4 @@ jobs:
         # queries: ./path/to/local/query, your-org/your-repo/queries@main
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v1
+      uses: github/codeql-action/analyze@v2

.github/workflows/refresh-php8.yml

@@ -2,9 +2,9 @@ name: Refresh PHP 8 branch
 
 on:
   push:
-    branches: [ master ]    
+    branches: [ master ]
   schedule:
-      - cron: '42 2 * * *'  
+      - cron: '42 2 * * *'
   workflow_dispatch:
 
 jobs:
@@ -12,8 +12,8 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - name: Checkout php8 branch 
-        uses: actions/checkout@v2
+      - name: Checkout php8 branch
+        uses: actions/checkout@v3
         with:
           # directly checkout the php8 branch
           ref: php8
@@ -28,7 +28,7 @@ jobs:
           git merge origin/master
 
       - name: Push new changes
-        uses: github-actions-x/commit@v2.8
+        uses: github-actions-x/commit@v2.9
         with:
           name: github-actions[bot]
           email: 41898282+github-actions[bot]@users.noreply.github.com

.github/workflows/snyk-scan.yml

@@ -13,7 +13,7 @@ jobs:
   snyk-php:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@master
+      - uses: actions/checkout@v3
       - name: Install Google Cloud Storage
         run: composer require --no-update google/cloud-storage && composer update --no-dev
       - name: Run Snyk to check for vulnerabilities
@@ -24,6 +24,6 @@ jobs:
         with:
           args: --sarif-file-output=snyk.sarif
       - name: Upload result to GitHub Code Scanning
-        uses: github/codeql-action/upload-sarif@v1
+        uses: github/codeql-action/upload-sarif@v2
         with:
           sarif_file: snyk.sarif

.github/workflows/tests.yml

@@ -7,7 +7,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - name: Checkout
-      uses: actions/checkout@v2
+      uses: actions/checkout@v3
     - name: Validate composer.json and composer.lock
       run: composer validate
     - name: Install dependencies
@@ -27,7 +27,7 @@ jobs:
     
     # let's get started!
     - name: Checkout
-      uses: actions/checkout@v2
+      uses: actions/checkout@v3
       
     # cache PHP extensions
     - name: Setup cache environment
@@ -39,7 +39,7 @@ jobs:
         key: ${{ runner.os }}-${{ env.extensions-cache-key }}
 
     - name: Cache extensions
-      uses: actions/cache@v2
+      uses: actions/cache@v3
       with:
         path: ${{ steps.extcache.outputs.dir }}
         key: ${{ steps.extcache.outputs.key }}
@@ -65,18 +65,17 @@ jobs:
       
     - name: Get composer cache directory
       id: composer-cache
-      run: echo "::set-output name=dir::$(composer config cache-files-dir)"
+      run: echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT
     
     # http://man7.org/linux/man-pages/man1/date.1.html
     # https://github.com/actions/cache#creating-a-cache-key
     - name: Get Date
       id: get-date
-      run: |
-        echo "::set-output name=date::$(/bin/date -u "+%Y%m%d")"
+      run: echo "date=$(/bin/date -u "+%Y%m%d")" >> $GITHUB_OUTPUT
       shell: bash
     
     - name: Cache dependencies
-      uses: actions/cache@v2
+      uses: actions/cache@v3
       with:
         path: ${{ steps.composer-cache.outputs.dir }}
         key: ${{ runner.os }}-composer-${{ steps.get-date.outputs.date }}-${{ hashFiles('**/composer.json') }}
@@ -99,23 +98,23 @@ jobs:
     steps:
     
     - name: Checkout
-      uses: actions/checkout@v2
+      uses: actions/checkout@v3
       
     - name: Setup Node
-      uses: actions/setup-node@v2
+      uses: actions/setup-node@v3
       with:
-        node-version: '12'
+        node-version: '16'
         cache: 'npm'
-        cache-dependency-path: 'js/package.json'
+        cache-dependency-path: 'js/package-lock.json'
         
     - name: Setup Mocha
       run: npm install -g mocha
       
     - name: Setup Node modules
-      run: npm install
+      run: npm ci
       working-directory: js
       
     - name: Run unit tests
-      run: mocha
+      run: npm test
       working-directory: js
 

CHANGELOG.md

@@ -1,18 +1,38 @@
 # PrivateBin version history
 
-  * **1.4 (not yet released)**
-    * ADDED: Translations for Estonian and Lojban
+  * **1.5.1 (2022-12-24)**
+    * ADDED: script for administrative tasks: deleting pastes (#274), removing empty directories (#277), purging expired pastes (#276) & statistics (#319)
+    * FIXED: Revert Filesystem purge to limited and randomized lookup (#1030)
+    * FIXED: Catch JSON decode errors when invalid data gets sent to the API (#1030)
+    * FIXED: Support sorting v1 format in mixed version comments in Filesystem backend (#1030)
+  * **1.5 (2022-12-11)**
+    * ADDED: script for data storage backend migrations (#1012)
+    * ADDED: Translations for Turkish, Slovak, Greek and Thai
+    * ADDED: S3 Storage backend (#994)
+    * ADDED: Jdenticons as an option for comment icons (#793)
+    * CHANGED: Avoid `SUPER` privilege for setting the `sql_mode` for MariaDB/MySQL (#919)
+    * CHANGED: Upgrading libraries to: DOMpurify 2.4.6, jQuery 3.6.1, Showdown 2.1.0 & zlib 1.2.13
+    * FIXED: Revert to CREATE INDEX without IF NOT EXISTS clauses, to support MySQL (#943)
+    * FIXED: Apply table prefix to indexes as well, to support multiple instances sharing a single database (#943)
+    * FIXED: YOURLS integration via new proxy, storing signature in configuration (#725)
+  * **1.4 (2022-04-09)**
+    * ADDED: Translations for Corsican, Estonian, Finnish and Lojban
     * ADDED: new HTTP headers improving security (#765)
     * ADDED: Download button for paste text (#774)
     * ADDED: Opt-out of federated learning of cohorts (FLoC) (#776)
     * ADDED: Configuration option to exempt IPs from the rate-limiter (#787)
     * ADDED: Google Cloud Storage backend support (#795)
     * ADDED: Oracle database support (#868)
+    * ADDED: Configuration option to limit paste creation and commenting to certain IPs (#883)
+    * ADDED: Set CSP also as meta tag, to deal with misconfigured webservers mangling the HTTP header
+    * ADDED: Sanitize SVG preview, preventing script execution in instance context
     * CHANGED: Language selection cookie only transmitted over HTTPS (#472)
-    * CHANGED: Upgrading libraries to: base-x 4.0.0, DOMpurify 2.3.6, ip-lib 1.18.0, jQuery 3.6.0, random_compat 2.0.21 & Showdown 2.0.0
+    * CHANGED: Upgrading libraries to: base-x 4.0.0, bootstrap 3.4.1 (JS), DOMpurify 2.3.6, ip-lib 1.18.0, jQuery 3.6.0, random_compat 2.0.21, Showdown 2.0.3 & zlib 1.2.12
     * CHANGED: Removed automatic `.ini` configuration file migration (#808)
     * CHANGED: Removed configurable `dir` for `traffic` & `purge` limiters (#419)
     * CHANGED: Server salt, traffic and purge limiter now stored in the storage backend (#419)
+    * CHANGED: Drop support for attachment download in IE
+    * FIXED: Error when attachments are disabled, but paste with attachment gets displayed
   * **1.3.5 (2021-04-05)**
     * ADDED: Translations for Hebrew, Lithuanian, Indonesian and Catalan
     * ADDED: Make the project info configurable (#681)
@@ -55,7 +75,7 @@
     * FIXED: HTML injection via unescaped attachment filename (#554)
     * FIXED: Password disabling option (#527)
   * **1.2.2 (2020-01-11)**
-    * CHANGED: Upgrading libraries to: bootstrap 3.4.1, DOMpurify 2.0.7, jQuery 3.4.1, kjua 0.6.0, Showdown 1.9.1 & SJCL 1.0.8
+    * CHANGED: Upgrading libraries to: bootstrap 3.4.1 (CSS), DOMpurify 2.0.7, jQuery 3.4.1, kjua 0.6.0, Showdown 1.9.1 & SJCL 1.0.8
     * FIXED: HTML injection via unescaped attachment filename (#554)
   * **1.3.1 (2019-09-22)**
     * ADDED: Translation for Bulgarian (#455)

CREDITS.md

@@ -2,18 +2,17 @@
 
 ## Active contributors
 
-Simon Rupf - current developer and maintainer  
-rugk - security review, doc improvment, JS refactoring & various other stuff  
-R4SAS - python client, compression, blob URI to support larger attachments
+* Simon Rupf - current developer and maintainer
+* rugk - security review, doc improvment, JS refactoring & various other stuff
+* R4SAS - python client, compression, blob URI to support larger attachments
 
 ## Past contributions
 
-Sébastien Sauvage - original idea and main developer
-
+* Sébastien Sauvage - original idea and main developer
 * Alexey Gladkov - syntax highlighting
 * Greg Knaddison - robots.txt
 * MrKooky - HTML5 markup, CSS cleanup
-* Simon Rupf - WebCrypto, unit tests, containers images, database backend, MVC, configuration, i18n
+* Simon Rupf - WebCrypto, unit tests, container images, database backend, MVC, configuration, i18n
 * Hexalyse - Password protection
 * Viktor Stanchev - File upload support
 * azlux - Tab character input support
@@ -30,6 +29,8 @@ Sébastien Sauvage - original idea and main developer
 * rodehoed - option to exempt ips from the rate-limiter
 * Mark van Holsteijn - Google Cloud Storage backend
 * Austin Huang - Oracle database support
+* Felix J. Ogris - S3 Storage backend, script for data backend migrations, dropped singleton behaviour of data backends
+* Mounir Idrassi & J. Mozdzen - secure YOURLS integration
 
 ## Translations
 * Hexalyse - French
@@ -55,3 +56,9 @@ Sébastien Sauvage - original idea and main developer
 * retiolus - Catalan
 * sarnane - Estonian
 * foxsouns - Lojban
+* Patriccollu di Santa Maria è Sichè - Corsican
+* Markus Mikkonen - Finnish
+* Emir Ensar Rahmanlar - Turkish
+* Stevo984 - Slovak
+* Christos Karamolegkos - Greek
+* jaideejung007 - Thai

INSTALL.md

@@ -1,39 +1,47 @@
 # Installation
 
 **TL;DR:** Download the
-[latest release archive](https://github.com/PrivateBin/PrivateBin/releases/latest) (with the link labelled as „Source code (…)“)
-and extract it in your web hosts folder where you want to install your PrivateBin
-instance. We try to provide a mostly safe default configuration, but we urge you to
-check the [security section](#hardening-and-security) below and the [configuration
-options](#configuration) to adjust as you see fit.
+[latest release archive](https://github.com/PrivateBin/PrivateBin/releases/latest)
+(with the link labelled as "Source code (…)") and extract it in your web hosts
+folder where you want to install your PrivateBin instance. We try to provide a
+mostly safe default configuration, but we urge you to check the
+[security section](#hardening-and-security) below and the
+[configuration options](#configuration) to adjust as you see fit.
 
-**NOTE:** See [our FAQ](https://github.com/PrivateBin/PrivateBin/wiki/FAQ#how-can-i-securely-clonedownload-your-project) for information how to securely download the PrivateBin release files.
+**NOTE:** See our [FAQ entry on securely downloading release files](https://github.com/PrivateBin/PrivateBin/wiki/FAQ#how-can-i-securely-clonedownload-your-project)
+for more information.
 
-**NOTE:** There is a [ansible](https://ansible.com) role by @e1mo available to install and configure PrivateBin on your server. It's available on [ansible galaxy](https://galaxy.ansible.com/e1mo/privatebin) ([source code](https://git.sr.ht/~e1mo/ansible-role-privatebin)).
+**NOTE:** There is a [ansible](https://ansible.com) role by @e1mo available to
+install and configure PrivateBin on your server. It's available on
+[ansible galaxy](https://galaxy.ansible.com/e1mo/privatebin)
+([source code](https://git.sr.ht/~e1mo/ansible-role-privatebin)).
 
-### Minimal requirements
+### Minimal Requirements
 
 - PHP version 7.0 or above
-  - Or PHP version 5.6 AND _one_ of the following sources of cryptographically safe randomness:
-    - [Libsodium](https://download.libsodium.org/libsodium/content/installation/) and it's [PHP extension](https://paragonie.com/book/pecl-libsodium/read/00-intro.md#installing-libsodium)
-    - open_basedir access to `/dev/urandom`
-    - mcrypt extension (mcrypt needs to be able to access `/dev/urandom`. This means if `open_basedir` is set, it must include this file.)
+  - Or PHP version 5.6 AND _one_ of the following sources of cryptographically
+    safe randomness:
+    - [Libsodium](https://download.libsodium.org/libsodium/content/installation/)
+      and it's [PHP extension](https://paragonie.com/book/pecl-libsodium/read/00-intro.md#installing-libsodium)
+    - `open_basedir` access to `/dev/urandom`
+    - mcrypt extension AND `open_basedir` access to `/dev/urandom`
     - com_dotnet extension
-- GD extension
+- GD extension (when using identicon or vizhash icons, jdenticon works without it)
 - zlib extension
-- some disk space or (optionally) a database supported by [PDO](https://php.net/manual/book.pdo.php)
-- ability to create files and folders in the installation directory and the PATH defined in index.php
-- A web browser with JavaScript support
+- some disk space or a database supported by [PDO](https://php.net/manual/book.pdo.php)
+- ability to create files and folders in the installation directory and the PATH
+  defined in index.php
+- A web browser with JavaScript and (optional) WebAssembly support
 
-## Hardening and security
+## Hardening and Security
 
-### Changing the path
+### Changing the Path
 
-In the index.php you can define a different `PATH`. This is useful to secure your
-installation. You can move the configuration, data files, templates and PHP
-libraries (directories cfg, doc, data, lib, tpl, tst and vendor) outside of your
-document root. This new location must still be accessible to your webserver / PHP
-process (see also
+In the index.php you can define a different `PATH`. This is useful to secure
+your installation. You can move the utilities, configuration, data files,
+templates and PHP libraries (directories bin, cfg, doc, data, lib, tpl, tst and
+vendor) outside of your document root. This new location must still be
+accessible to your webserver and PHP process (see also
 [open_basedir setting](https://secure.php.net/manual/en/ini.core.php#ini.open-basedir)).
 
 > #### PATH Example
@@ -42,24 +50,25 @@ process (see also
 > http://example.com/paste/
 >
 > The full path of PrivateBin on your webserver is:
-> /home/example.com/htdocs/paste
+> /srv/example.com/htdocs/paste
 >
 > When setting the path like this:
 > define('PATH', '../../secret/privatebin/');
 >
-> PrivateBin will look for your includes / data here:
-> /home/example.com/secret/privatebin
+> PrivateBin will look for your includes and data here:
+> /srv/example.com/secret/privatebin
 
 ### Changing the config path only
 
 In situations where you want to keep the PrivateBin static files separate from the
 rest of your data, or you want to reuse the installation files on multiple vhosts,
-you may only want to change the `conf.php`. In this instance, you can set the
+you may only want to change the `conf.php`. In this case, you can set the
 `CONFIG_PATH` environment variable to the absolute path to the `conf.php` file.
 This can be done in your web server's virtual host config, the PHP config, or in
-the index.php if you choose to customize it.
+the index.php, if you choose to customize it.
 
-Note that your PHP process will need read access to the config wherever it may be.
+Note that your PHP process will need read access to the configuration file,
+wherever it may be.
 
 > #### CONFIG_PATH example
 > Setting the value in an Apache Vhost:
@@ -73,23 +82,27 @@ Note that your PHP process will need read access to the config wherever it may b
 
 ### Transport security
 
-When setting up PrivateBin, also set up HTTPS, if you haven't already. Without HTTPS
-PrivateBin is not secure, as the JavaScript files could be manipulated during transmission.
-For more information on this, see our [FAQ entry on HTTPS setup](https://github.com/PrivateBin/PrivateBin/wiki/FAQ#how-should-i-setup-https).
+When setting up PrivateBin, also set up HTTPS, if you haven't already. Without
+HTTPS PrivateBin is not secure, as the JavaScript or WebAssembly files could be
+manipulated during transmission. For more information on this, see our
+[FAQ entry on HTTPS setup recommendations](https://github.com/PrivateBin/PrivateBin/wiki/FAQ#how-should-i-setup-https).
 
 ### File-level permissions
 
-After completing the installation, you should make sure, other users on the system cannot read the config file or the `data/` directory, as – depending on your configuration – potential secret information are saved there.
+After completing the installation, you should make sure, that other users on the
+system cannot read the config file or the `data/` directory, as – depending on
+your configuration – potentially sensitive information may be stored in there.
 
-See [this FAQ item](https://github.com/PrivateBin/PrivateBin/wiki/FAQ#what-are-the-recommended-file-and-folder-permissions-for-privatebin) for a detailed guide on how to "harden" the permissions of files and folders.
+See our [FAQ entry on permissions](https://github.com/PrivateBin/PrivateBin/wiki/FAQ#what-are-the-recommended-file-and-folder-permissions-for-privatebin)
+for a detailed guide on how to "harden" access to files and folders.
 
 ## Configuration
 
 In the file `cfg/conf.php` you can configure PrivateBin. A `cfg/conf.sample.php`
-is provided containing all options and default values. You can copy it to
-`cfg/conf.php` and adapt it as needed. Alternatively you can copy it anywhere and
-set the `CONFIG_PATH` environment variable (see above notes). The config file is
-divided into multiple sections, which are enclosed in square brackets.
+is provided containing all options and their default values. You can copy it to
+`cfg/conf.php` and change it as needed. Alternatively you can copy it anywhere
+and set the `CONFIG_PATH` environment variable (see above notes). The config
+file is divided into multiple sections, which are enclosed in square brackets.
 
 In the `[main]` section you can enable or disable the discussion feature, set
 the limit of stored pastes and comments in bytes. The `[traffic]` section lets
@@ -107,28 +120,28 @@ A `robots.txt` file is provided in the root dir of PrivateBin. It disallows all
 robots from accessing your pastes. It is recommend to place it into the root of
 your web directory if you have installed PrivateBin in a subdirectory. Make sure
 to adjust it, so that the file paths match your installation. Of course also
-adjust the file if you already use a `robots.txt`.
+adjust the file, if you already use a `robots.txt`.
 
 A `.htaccess.disabled` file is provided in the root dir of PrivateBin. It blocks
 some known robots and link-scanning bots. If you use Apache, you can rename the
 file to `.htaccess` to enable this feature. If you use another webserver, you
 have to configure it manually to do the same.
 
-### When using Cloudflare
+### On using Cloudflare
 
-If you want to use PrivateBin behind Cloudflare, make sure you have disabled the Rocket
-loader and unchecked "Javascript" for Auto Minify, found in your domain settings,
-under "Speed". (More information
-[in this FAQ entry](https://github.com/PrivateBin/PrivateBin/wiki/FAQ#user-content-how-to-make-privatebin-work-when-using-cloudflare-for-ddos-protection))
+If you want to use PrivateBin behind Cloudflare, make sure you have disabled the
+Rocket loader and unchecked "Javascript" for Auto Minify, found in your domain
+settings, under "Speed". More information can be found in our
+[FAQ entry on Cloudflare related issues](https://github.com/PrivateBin/PrivateBin/wiki/FAQ#user-content-how-to-make-privatebin-work-when-using-cloudflare-for-ddos-protection).
 
-### Using a database instead of flat files
+### Using a Database Instead of Flat Files
 
 In the configuration file the `[model]` and `[model_options]` sections let you
 configure your favourite way of storing the pastes and discussions on your
 server.
 
 `Filesystem` is the default model, which stores everything in files in the
-data folder. This is the recommended setup for most sites.
+data folder. This is the recommended setup for most sites on single hosts.
 
 Under high load, in distributed setups or if you are not allowed to store files
 locally, you might want to switch to the `Database` model. This lets you
@@ -142,21 +155,26 @@ to use a prefix for
 The table prefix option is called `tbl`.
 
 > #### Note
-> The `Database` model has only been tested with SQLite, MySQL and PostgreSQL,
-> although it would not be recommended to use SQLite in a production environment.
-> If you gain any experience running PrivateBin on other RDBMS, please let us
-> know.
+> The `Database` model has only been tested with SQLite, MariaDB/MySQL and
+> PostgreSQL, although it would not be recommended to use SQLite in a production
+> environment. If you gain any experience running PrivateBin on other RDBMS,
+> please let us know.
 
-The following GRANTs (privileges) are required for the PrivateBin user in **MySQL**. In normal operation:
+The following GRANTs (privileges) are required for the PrivateBin user in
+**MariaDB/MySQL**. In normal operation:
 - INSERT, SELECT, DELETE on the paste and comment tables
 - SELECT on the config table
 
-If you want PrivateBin to handle table creation (when you create the first paste) and updates (after you update PrivateBin to a new release), you need to give the user these additional privileges:
+If you want PrivateBin to handle table creation (when you create the first paste)
+and updates (after you update PrivateBin to a new release), you need to give the
+user these additional privileges:
 - CREATE, INDEX and ALTER on the database
 - INSERT and UPDATE on the config table
 
-For reference or if you want to create the table schema for yourself to avoid having to give PrivateBin too many permissions (replace
-`prefix_` with your own table prefix and create the table schema with your favourite MySQL console):
+For reference or if you want to create the table schema for yourself to avoid
+having to give PrivateBin too many permissions (replace `prefix_` with your own
+table prefix and create the table schema with your favourite MariaDB/MySQL
+client):
 
 ```sql
 CREATE TABLE prefix_paste (
@@ -187,7 +205,7 @@ CREATE INDEX parent ON prefix_comment(pasteid);
 CREATE TABLE prefix_config (
     id CHAR(16) NOT NULL, value TEXT, PRIMARY KEY (id)
 );
-INSERT INTO prefix_config VALUES('VERSION', '1.3.5');
+INSERT INTO prefix_config VALUES('VERSION', '1.5.1');
 ```
 
 In **PostgreSQL**, the `data`, `attachment`, `nickname` and `vizhash` columns
@@ -199,11 +217,11 @@ to be `CLOB` and not `BLOB` or `MEDIUMBLOB`, the `id` column in the `config`
 table needs to be `VARCHAR2(16)` and the `meta` column in the `paste` table
 and the `value` column in the `config` table need to be `VARCHAR2(4000)`.
 
-### Using Google Cloud Storage
+#### Using Google Cloud Storage
 If you want to deploy PrivateBin in a serverless manner in the Google Cloud, you
 can choose the `GoogleCloudStorage` as backend. To use this backend, you create
 a GCS bucket and specify the name as the model option `bucket`. Alternatively,
-you can set the name through the environment variable PASTEBIN_GCS_BUCKET.
+you can set the name through the environment variable `PRIVATEBIN_GCS_BUCKET`.
 
 The default prefix for pastes stored in the bucket is `pastes`. To change the
 prefix, specify the option `prefix`.
@@ -214,3 +232,42 @@ Platform using Google Cloud Run is easy and cheap.
 
 To use the Google Cloud Storage backend you have to install the suggested
 library using the command `composer require google/cloud-storage`.
+
+#### Using S3 Storage
+Similar to Google Cloud Storage, you can choose S3 as storage backend. It uses
+the AWS SDK for PHP, but can also talk to a Rados gateway as part of a CEPH
+cluster. To use this backend, you first have to install the SDK in the
+document root of PrivateBin: `composer require aws/aws-sdk-php`. You have to
+create the S3 bucket on the CEPH cluster before using the S3 backend.
+
+In the `[model]` section of cfg/conf.php, set `class` to `S3Storage`.
+
+You can set any combination of the following options in the `[model_options]`
+section:
+
+  * region
+  * version
+  * endpoint
+  * bucket
+  * prefix
+  * accesskey
+  * secretkey
+  * use_path_style_endpoint
+
+By default, prefix is empty. If set, the S3 backend will place all PrivateBin
+data beneath this prefix.
+
+For AWS, you have to provide at least `region`, `bucket`, `accesskey`, and
+`secretkey`.
+
+For CEPH, follow this example:
+
+```
+region = ""
+version = "2006-03-01"
+endpoint = "https://s3.my-ceph.invalid"
+use_path_style_endpoint = true
+bucket = "my-bucket"
+accesskey = "my-rados-user"
+secretkey = "my-rados-pass"
+```

Makefile

@@ -1,8 +1,8 @@
 .PHONY: all coverage coverage-js coverage-php doc doc-js doc-php increment sign test test-js test-php help
 
-CURRENT_VERSION = 1.3.5
-VERSION ?= 1.3.6
-VERSION_FILES = index.php cfg/ *.md css/ i18n/ img/ js/package.json js/privatebin.js lib/ Makefile tpl/ tst/
+CURRENT_VERSION = 1.5.1
+VERSION ?= 1.5.2
+VERSION_FILES = index.php bin/ cfg/ *.md css/ i18n/ img/ js/package.json js/privatebin.js lib/ Makefile tpl/ tst/
 REGEX_CURRENT_VERSION := $(shell echo $(CURRENT_VERSION) | sed "s/\./\\\./g")
 REGEX_VERSION := $(shell echo $(VERSION) | sed "s/\./\\\./g")
 
@@ -33,12 +33,13 @@ increment: ## Increment and commit new version number, set target version using
 	do \
 		sed -i "s/$(REGEX_CURRENT_VERSION)/$(REGEX_VERSION)/g" $$F; \
 	done
-	git add $(VERSION_FILES)
+	cd tst && phpunit --no-coverage && cd ..
+	git add $(VERSION_FILES) tpl/
 	git commit -m "incrementing version"
 
 sign: ## Sign a release.
-	git tag $(VERSION)
-	git push --tags
+	git tag --sign --message "Release v$(VERSION)" $(VERSION)
+	git push origin $(VERSION)
 	signrelease.sh
 
 test: test-js test-php ## Run all unit tests.

README.md

@@ -1,25 +1,27 @@
 # [![PrivateBin](https://cdn.rawgit.com/PrivateBin/assets/master/images/preview/logoSmall.png)](https://privatebin.info/)
 
-*Current version: 1.3.5*
+*Current version: 1.5.1*
 
-**PrivateBin** is a minimalist, open source online [pastebin](https://en.wikipedia.org/wiki/Pastebin)
+**PrivateBin** is a minimalist, open source online
+[pastebin](https://en.wikipedia.org/wiki/Pastebin)
 where the server has zero knowledge of pasted data.
 
-Data is encrypted and decrypted in the browser using 256bit AES in [Galois Counter mode](https://en.wikipedia.org/wiki/Galois/Counter_Mode).
+Data is encrypted and decrypted in the browser using 256bit AES in
+[Galois Counter mode](https://en.wikipedia.org/wiki/Galois/Counter_Mode).
 
 This is a fork of ZeroBin, originally developed by
-[Sébastien Sauvage](https://github.com/sebsauvage/ZeroBin). ZeroBin was refactored
-to allow easier and cleaner extensions. PrivateBin has many more features than the
-original ZeroBin. It is, however, still fully compatible to the original ZeroBin 0.19
+[Sébastien Sauvage](https://github.com/sebsauvage/ZeroBin). PrivateBin was
+refactored to allow easier and cleaner extensions and has many additional
+features. It is, however, still fully compatible to the original ZeroBin 0.19
 data storage scheme. Therefore, such installations can be upgraded to PrivateBin
 without losing any data.
 
 ## What PrivateBin provides
 
 + As a server administrator you don't have to worry if your users post content
-  that is considered illegal in your country. You have no knowledge of any
-  of the pastes content. If requested or enforced, you can delete any paste from
-  your system.
+  that is considered illegal in your country. You have plausible deniability of
+  any of the pastes content. If requested or enforced, you can delete any paste
+  from your system.
 
 + Pastebin-like system to store text documents, code samples, etc.
 
@@ -31,13 +33,13 @@ without losing any data.
 
 ## What it doesn't provide
 
-- As a user you have to trust the server administrator not to inject any malicious
-  javascript code.
-  For basic security, the PrivateBin installation *has to provide HTTPS*!
-  Otherwise you would also have to trust your internet provider, and any country
-  the traffic passes through.
-  Additionally the instance should be secured by
-  [HSTS](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security). It can use traditional certificate authorities and/or use
+- As a user you have to trust the server administrator not to inject any
+  malicious code. For security, a PrivateBin installation *has to be used over*
+  *HTTPS*! Otherwise you would also have to trust your internet provider, and
+  any jurisdiction the traffic passes through. Additionally the instance should
+  be secured by
+  [HSTS](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security). It can
+  use traditional certificate authorities and/or use a
   [DNSSEC](https://en.wikipedia.org/wiki/Domain_Name_System_Security_Extensions)
   protected
   [DANE](https://en.wikipedia.org/wiki/DNS-based_Authentication_of_Named_Entities)
@@ -45,18 +47,17 @@ without losing any data.
 
 - The "key" used to encrypt the paste is part of the URL. If you publicly post
   the URL of a paste that is not password-protected, anyone can read it.
-  Use a password if you want your paste to be private. In this case, make sure to
-  use a strong password and only share it privately and end-to-end-encrypted.
+  Use a password if you want your paste to remain private. In that case, make
+  sure to use a strong password and share it privately and end-to-end-encrypted.
 
-- A server admin might be forced to hand over access logs to the authorities.
+- A server admin can be forced to hand over access logs to the authorities.
   PrivateBin encrypts your text and the discussion contents, but who accessed a
   paste (first) might still be disclosed via access logs.
 
 - In case of a server breach your data is secure as it is only stored encrypted
-  on the server. However, the server could be misused or the server admin could
-  be legally forced into sending malicious JavaScript to all web users, which
-  grabs the decryption key and sends it to the server when a user accesses a
-  PrivateBin.  
+  on the server. However, the server could be absused or the server admin could
+  be legally forced into sending malicious code to their users, which logs
+  the decryption key and sends it to a server when a user accesses a paste.
   Therefore, do not access any PrivateBin instance if you think it has been
   compromised. As long as no user accesses this instance with a previously
   generated URL, the content can't be decrypted.
@@ -77,8 +78,8 @@ file](https://github.com/PrivateBin/PrivateBin/wiki/Configuration):
 * Syntax highlighting for source code using prettify.js, including 4 prettify
   themes
 
-* File upload support, images get displayed (disabled by default, possibility
-  to adjust size limit)
+* File upload support, image, media and PDF preview (disabled by default, size
+  limit adjustable)
 
 * Templates: By default there are bootstrap CSS, darkstrap and "classic ZeroBin"
   to choose from and it is easy to adapt these to your own websites layout or
@@ -89,7 +90,7 @@ file](https://github.com/PrivateBin/PrivateBin/wiki/Configuration):
 
 * Language selection (disabled by default, as it uses a session cookie)
 
-* QR code generation of URL, to easily transfer pastes over to a mobile device
+* QR code for paste URLs, to easily transfer them over to mobile devices
 
 ## Further resources
 

SECURITY.md

@@ -4,8 +4,8 @@
 
 | Version | Supported          |
 | ------- | ------------------ |
-| 1.3.5   | :heavy_check_mark: |
-| < 1.3.5 | :x:                |
+| 1.5.1   | :heavy_check_mark: |
+| < 1.5.1 | :x:                |
 
 ## Reporting a Vulnerability
 

bin/administration

@@ -0,0 +1,318 @@
+#!/usr/bin/env php
+<?php
+
+/**
+ * PrivateBin
+ *
+ * a zero-knowledge paste bin
+ *
+ * @link      https://github.com/PrivateBin/PrivateBin
+ * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
+ * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
+ * @version   1.5.1
+ */
+
+namespace PrivateBin;
+
+use PrivateBin\Configuration;
+use PrivateBin\Data\AbstractData;
+use PrivateBin\Model\Paste;
+
+define('PATH', dirname(__FILE__) . DIRECTORY_SEPARATOR . '..' . DIRECTORY_SEPARATOR);
+require PATH . 'vendor' . DIRECTORY_SEPARATOR . 'autoload.php';
+
+/**
+ * Administration
+ *
+ * Command line utility for administrative tasks.
+ */
+class Administration
+{
+    /**
+     * configuration
+     *
+     * @access private
+     * @var    Configuration
+     */
+    private $_conf;
+
+    /**
+     * options, parsed from the command line arguments
+     *
+     * @access private
+     * @var    array
+     */
+    private $_opts = array();
+
+    /**
+     * data storage model
+     *
+     * @access private
+     * @var    AbstractData
+     */
+    private $_store;
+
+    /**
+     * deletes the requested paste ID, if a valid ID and it exists
+     *
+     * @access private
+     * @param  string $pasteId
+     */
+    private function _delete($pasteId)
+    {
+        if (!Paste::isValidId($pasteId)) {
+            self::_error('given ID is not a valid paste ID (16 hexadecimal digits)', 5);
+        }
+        if (!$this->_store->exists($pasteId)) {
+            self::_error('given ID does not exist, has expired or was already deleted', 6);
+        }
+        $this->_store->delete($pasteId);
+        if ($this->_store->exists($pasteId)) {
+            self::_error('paste ID exists after deletion, permission problem?', 7);
+        }
+        exit("paste $pasteId successfully deleted" . PHP_EOL);
+    }
+
+    /**
+     * removes empty directories, if current storage model uses Filesystem
+     *
+     * @access private
+     */
+    private function _empty_dirs()
+    {
+        if ($this->_conf->getKey('class', 'model') !== 'Filesystem') {
+            self::_error('instance not using Filesystem storage, no directories to empty', 4);
+        }
+        $dir = $this->_conf->getKey('dir', 'model_options');
+        passthru("find $dir -type d -empty -delete", $code);
+        exit($code);
+    }
+
+    /**
+     * display a message on STDERR and exits
+     *
+     * @access private
+     * @static
+     * @param  string $message
+     * @param  int    $code optional, defaults to 1
+     */
+    private static function _error($message, $code = 1)
+    {
+        self::_error_echo($message);
+        exit($code);
+    }
+
+    /**
+     * display a message on STDERR
+     *
+     * @access private
+     * @static
+     * @param  string $message
+     */
+    private static function _error_echo($message)
+    {
+        fwrite(STDERR, 'Error: ' . $message . PHP_EOL);
+    }
+
+    /**
+     * display usage help on STDOUT and exits
+     *
+     * @access private
+     * @static
+     * @param  int    $code optional, defaults to 0
+     */
+    private static function _help($code = 0)
+    {
+        echo <<<'EOT'
+Usage:
+  administration [--delete <paste id> | --empty-dirs | --help | --purge | --statistics]
+
+Options:
+  -d, --delete      deletes the requested paste ID
+  -e, --empty-dirs  removes empty directories (only if Filesystem storage is
+                    configured)
+  -h, --help        displays this help message
+  -p, --purge       purge all expired pastes
+  -s, --statistics  reads all stored pastes and comments and reports statistics
+EOT, PHP_EOL;
+        exit($code);
+    }
+
+    /**
+     * return option for given short or long keyname, if it got set
+     *
+     * @access private
+     * @static
+     * @param  string $short
+     * @param  string $long
+     * @return string|null
+     */
+    private function _option($short, $long)
+    {
+        foreach (array($short, $long) as $key) {
+            if (array_key_exists($key, $this->_opts)) {
+                return $this->_opts[$key];
+            }
+        }
+        return null;
+    }
+
+    /**
+     * initialize options from given argument array
+     *
+     * @access private
+     * @static
+     * @param  array $arguments
+     */
+    private function _options_initialize($arguments)
+    {
+        if ($arguments > 3) {
+            self::_error_echo('too many arguments given');
+            echo PHP_EOL;
+            self::_help(1);
+        }
+
+        if ($arguments < 2) {
+            self::_error_echo('missing arguments');
+            echo PHP_EOL;
+            self::_help(2);
+        }
+
+        $this->_opts = getopt('hd:eps', array('help', 'delete:', 'empty-dirs', 'purge', 'statistics'));
+        if (!$this->_opts) {
+            self::_error_echo('unsupported arguments given');
+            echo PHP_EOL;
+            self::_help(3);
+        }
+    }
+
+    /**
+     * reads all stored pastes and comments and reports statistics
+     *
+     * @access public
+     */
+    private function _statistics()
+    {
+        $counters = array(
+            'burn'          => 0,
+            'discussion'    => 0,
+            'expired'       => 0,
+            'md'            => 0,
+            'percent'       => 1,
+            'plain'         => 0,
+            'progress'      => 0,
+            'syntax'        => 0,
+            'total'         => 0,
+            'unknown'       => 0,
+        );
+        $time = time();
+        $ids = $this->_store->getAllPastes();
+        $counters['total'] = count($ids);
+        $dots = $counters['total'] < 100 ? 10 : (
+            $counters['total'] < 1000 ? 50 : 100
+        );
+        $percentages = $counters['total'] < 100 ? 0 : (
+            $counters['total'] < 1000 ? 4 : 10
+        );
+
+        echo "Total:\t\t\t${counters['total']}", PHP_EOL;
+        foreach ($ids as $pasteid) {
+            $paste = $this->_store->read($pasteid);
+            ++$counters['progress'];
+
+            if (
+                array_key_exists('expire_date', $paste['meta']) &&
+                $paste['meta']['expire_date'] < $time
+            ) {
+                ++$counters['expired'];
+            }
+
+            if (array_key_exists('adata', $paste)) {
+                $format = $paste['adata'][1];
+                $discussion = $paste['adata'][2];
+                $burn = $paste['adata'][3];
+            } else {
+                $format = array_key_exists('formatter', $paste['meta']) ? $paste['meta']['formatter'] : 'plaintext';
+                $discussion = array_key_exists('opendiscussion', $paste['meta']) ? $paste['meta']['opendiscussion'] : false;
+                $burn = array_key_exists('burnafterreading', $paste['meta']) ? $paste['meta']['burnafterreading'] : false;
+            }
+
+            if ($format === 'plaintext') {
+                ++$counters['plain'];
+            } elseif ($format === 'syntaxhighlighting') {
+                ++$counters['syntax'];
+            } elseif ($format === 'markdown') {
+                ++$counters['md'];
+            } else {
+                ++$counters['unknown'];
+            }
+
+            $counters['discussion'] += (int) $discussion;
+            $counters['burn'] += (int) $burn;
+
+            // display progress
+            if ($counters['progress'] % $dots === 0) {
+                echo '.';
+                if ($percentages) {
+                    $progress = $percentages / $counters['total'] * $counters['progress'];
+                    if ($progress >= $counters['percent']) {
+                        printf(' %d%% ', 100 / $percentages * $progress);
+                        ++$counters['percent'];
+                    }
+                }
+            }
+        }
+
+        echo PHP_EOL, <<<EOT
+Expired:\t\t${counters['expired']}
+Burn after reading:\t${counters['burn']}
+Discussions:\t\t${counters['discussion']}
+Plain Text:\t\t${counters['plain']}
+Source Code:\t\t${counters['syntax']}
+Markdown:\t\t${counters['md']}
+EOT, PHP_EOL;
+        if ($counters['unknown'] > 0) {
+            echo "Unknown format:\t\t${counters['unknown']}", PHP_EOL;
+        }
+    }
+
+    /**
+     * constructor
+     *
+     * initializes and runs administrative tasks
+     *
+     * @access public
+     */
+    public function __construct()
+    {
+        $this->_options_initialize($_SERVER['argc']);
+
+        if ($this->_option('h', 'help') !== null) {
+            self::_help();
+        }
+
+        $this->_conf = new Configuration;
+
+        if ($this->_option('e', 'empty-dirs') !== null) {
+            $this->_empty_dirs();
+        }
+
+        $class = 'PrivateBin\\Data\\' . $this->_conf->getKey('class', 'model');
+        $this->_store = new $class($this->_conf->getSection('model_options'));
+
+        if (($pasteId = $this->_option('d', 'delete')) !== null) {
+            $this->_delete($pasteId);
+        }
+
+        if ($this->_option('p', 'purge') !== null) {
+            $this->_store->purge(PHP_INT_MAX);
+            exit('purging of expired pastes concluded' . PHP_EOL);
+        }
+
+        if ($this->_option('s', 'statistics') !== null) {
+            $this->_statistics();
+        }
+    }
+}
+
+new Administration();

bin/configuration-test-generator

@@ -9,7 +9,9 @@
  * DANGER: Too many options/settings and too high max iteration setting may trigger
  *         a fork bomb. Please save your work before executing this script.
  */
-include 'Bootstrap.php';
+
+define('PATH', dirname(__FILE__) . DIRECTORY_SEPARATOR . '..' . DIRECTORY_SEPARATOR);
+include PATH . 'tst' . DIRECTORY_SEPARATOR . 'Bootstrap.php';
 
 $vd  = array('view', 'delete');
 $vcd = array('view', 'create', 'delete');
@@ -392,7 +394,7 @@ class ConfigurationTestGenerator
             }
         }
         $code .= '}' . PHP_EOL;
-        file_put_contents('ConfigurationCombinationsTest.php', $code);
+        file_put_contents(dirname(__FILE__) . DIRECTORY_SEPARATOR . '..' . DIRECTORY_SEPARATOR . 'tst' . DIRECTORY_SEPARATOR . 'ConfigurationCombinationsTest.php', $code);
     }
 
     /**
@@ -427,7 +429,9 @@ class ConfigurationCombinationsTest extends PHPUnit_Framework_TestCase
         /* Setup Routine */
         Helper::confBackup();
         $this->_path  = sys_get_temp_dir() . DIRECTORY_SEPARATOR . 'privatebin_data';
-        $this->_model = Filesystem::getInstance(array('dir' => $this->_path));
+        $this->_model = new Filesystem(array('dir' => $this->_path));
+        ServerSalt::setStore($this->_model);
+        TrafficLimiter::setStore($this->_model);
         $this->reset();
     }
 

bin/icon-test

@@ -9,6 +9,7 @@ use Identicon\Generator\GdGenerator;
 use Identicon\Generator\ImageMagickGenerator;
 use Identicon\Generator\SvgGenerator;
 use Identicon\Identicon;
+use Jdenticon\Identicon as Jdenticon;
 use PrivateBin\Vizhash16x16;
 
 
@@ -17,7 +18,19 @@ $vizhash = new Vizhash16x16();
 $identiconGenerators = array(
     'identicon GD' => new Identicon(new GdGenerator()),
     'identicon ImageMagick' => new Identicon(new ImageMagickGenerator()),
-    'identicon SVG' => new Identicon(new SvgGenerator())
+    'identicon SVG' => new Identicon(new SvgGenerator()),
+);
+$jdenticon = new Jdenticon(array(
+    'size'  => 16,
+    'style' => array(
+        'backgroundColor'   => '#fff0', // fully transparent, for dark mode
+        'padding'           => 0,
+    ),
+));
+$jdenticonGenerators = array(
+    'jdenticon' => 'png',
+    'jdenticon ImageMagick' => 'png',
+    'jdenticon SVG' => 'svg',
 );
 $results = array(
     'vizhash' => array(
@@ -35,21 +48,30 @@ $results = array(
     'identicon SVG' => array(
         'lengths' => array(),
         'time' => 0
-    )
+    ),
+    'jdenticon' => array(
+        'lengths' => array(),
+        'time' => 0
+    ),
+    'jdenticon ImageMagick' => array(
+        'lengths' => array(),
+        'time' => 0
+    ),
+    'jdenticon SVG' => array(
+        'lengths' => array(),
+        'time' => 0
+    ),
 );
 $hmacs = array();
 
 echo 'generate ', ITERATIONS, ' hmacs and pre-populate the result array, so tests wont be slowed down', PHP_EOL;
 for ($i = 0; $i < ITERATIONS; ++$i) {
     $hmacs[$i] = hash_hmac('sha512', '127.0.0.1', bin2hex(random_bytes(256)));
-    $results['vizhash']['lengths'][$i] = 0;
-    $results['identicon GD']['lengths'][$i] = 0;
-    $results['identicon ImageMagick']['lengths'][$i] = 0;
-    $results['identicon SVG']['lengths'][$i] = 0;
+    foreach (array_keys($results) as $test) {
+        $results[$test]['lengths'][$i] = 0;
+    }
 }
 
-
-
 echo 'run vizhash tests', PHP_EOL;
 $start = microtime(true);
 foreach ($hmacs as $i => $hmac) {
@@ -60,7 +82,6 @@ foreach ($hmacs as $i => $hmac) {
 }
 $results['vizhash']['time'] = microtime(true) - $start;
 
-
 foreach ($identiconGenerators as $key => $identicon) {
     echo 'run ', $key,' tests', PHP_EOL;
     $start = microtime(true);
@@ -71,9 +92,35 @@ foreach ($identiconGenerators as $key => $identicon) {
     $results[$key]['time'] = microtime(true) - $start;
 }
 
+foreach ($jdenticonGenerators as $key => $format) {
+    echo 'run ', $key,' tests', PHP_EOL;
+    if ($key === 'jdenticon ImageMagick') {
+        $jdenticon->enableImageMagick = true;
+    } else {
+        $jdenticon->enableImageMagick = false;
+    }
+    $start = microtime(true);
+    foreach ($hmacs as $i => $hmac) {
+        $jdenticon->setHash($hmac);
+        $data = $jdenticon->getImageDataUri($format);
+        $results[$key]['lengths'][$i] = strlen($data);
+    }
+    $results[$key]['time'] = microtime(true) - $start;
+}
 
 
-define('PADDING_LENGTH', max(array_map(function ($key) { return strlen($key); }, array_keys($results))) + 1);
+define(
+    'PADDING_LENGTH',
+    max(
+        array_map(
+            function ($key) {
+                return strlen($key);
+            },
+            array_keys($results)
+        )
+    ) + 1
+);
+
 function format_result_line($generator, $min, $max, $avg, $sec) {
     echo str_pad($generator, PADDING_LENGTH, ' '), "\t",
         str_pad($min, 4, ' ', STR_PAD_LEFT), "\t",
@@ -84,7 +131,10 @@ function format_result_line($generator, $min, $max, $avg, $sec) {
 
 echo PHP_EOL;
 format_result_line('Generator:', 'min', 'max', 'avg', 'seconds');
-format_result_line(str_repeat('─', PADDING_LENGTH), str_repeat('─', 4), str_repeat('─', 4), str_repeat('─', 4), str_repeat('─', 7));
+format_result_line(
+    str_repeat('─', PADDING_LENGTH), str_repeat('─', 4), str_repeat('─', 4),
+    str_repeat('─', 4), str_repeat('─', 7)
+);
 foreach ($results as $generator => $result) {
     sort($result['lengths']);
     format_result_line(

bin/migrate

@@ -0,0 +1,201 @@
+#!/usr/bin/env php
+<?php
+
+// change this, if your php files and data is outside of your webservers document root
+define('PATH', dirname(__FILE__) . DIRECTORY_SEPARATOR . '..' . DIRECTORY_SEPARATOR);
+
+define('PUBLIC_PATH', __DIR__ . DIRECTORY_SEPARATOR);
+require PATH . 'vendor' . DIRECTORY_SEPARATOR . 'autoload.php';
+
+use PrivateBin\Configuration;
+use PrivateBin\Model;
+
+// third argument in getopt requires PHP >= 7.1
+if (version_compare(PHP_VERSION, '7.1.0') < 0) {
+    dieerr('migrate requires php 7.1 or above to work. Sorry.');
+}
+
+$longopts = array(
+    "delete-after",
+    "delete-during",
+    "help"
+);
+$opts_arr = getopt("fhnv", $longopts, $rest);
+if ($opts_arr === false) {
+    dieerr("Erroneous command line options. Please use --help");
+}
+if (array_key_exists("h", $opts_arr) || array_key_exists("help", $opts_arr)) {
+    helpexit();
+}
+
+$delete_after    = array_key_exists("delete-after",  $opts_arr);
+$delete_during   = array_key_exists("delete-during", $opts_arr);
+$force_overwrite = array_key_exists("f", $opts_arr);
+$dryrun          = array_key_exists("n", $opts_arr);
+$verbose         = array_key_exists("v", $opts_arr);
+
+if ($rest >= $argc) {
+    dieerr("Missing source configuration directory");
+}
+if ($delete_after && $delete_during) {
+    dieerr("--delete-after and --delete-during are mutually exclusive");
+}
+
+$srcconf = getConfig("source", $argv[$rest]);
+$rest++;
+$dstconf = getConfig("destination", ($rest < $argc ? $argv[$rest] : ""));
+
+if (($srcconf->getSection("model")         == $dstconf->getSection("model")) &&
+    ($srcconf->getSection("model_options") == $dstconf->getSection("model_options"))) {
+    dieerr("Source and destination storage configurations are identical");
+}
+
+$srcmodel = new Model($srcconf);
+$srcstore = $srcmodel->getStore();
+$dstmodel = new Model($dstconf);
+$dststore = $dstmodel->getStore();
+$ids      = $srcstore->getAllPastes();
+
+foreach ($ids as $id) {
+    debug("Reading paste id " . $id);
+    $paste    = $srcstore->read($id);
+    $comments = $srcstore->readComments($id);
+
+    savePaste($force_overwrite, $dryrun, $id, $paste, $dststore);
+    foreach ($comments as $comment) {
+        saveComment($force_overwrite, $dryrun, $id, $comment, $dststore);
+    }
+    if ($delete_during) {
+        deletePaste($dryrun, $id, $srcstore);
+    }
+}
+
+if ($delete_after) {
+    foreach ($ids as $id) {
+        deletePaste($dryrun, $id, $srcstore);
+    }
+}
+
+debug("Done.");
+
+
+function deletePaste($dryrun, $pasteid, $srcstore)
+{
+    if (!$dryrun) {
+        debug("Deleting paste id " . $pasteid);
+        $srcstore->delete($pasteid);
+    } else {
+        debug("Would delete paste id " . $pasteid);
+    }
+}
+
+function saveComment ($force_overwrite, $dryrun, $pasteid, $comment, $dststore)
+{
+    $parentid  = $comment["parentid"];
+    $commentid = $comment["id"];
+
+    if (!$dststore->existsComment($pasteid, $parentid, $commentid)) {
+        if (!$dryrun) {
+            debug("Saving paste id " . $pasteid . ", parent id " .
+                  $parentid . ", comment id " . $commentid);
+            $dststore->createComment($pasteid, $parentid, $commentid, $comment);
+        } else {
+            debug("Would save paste id " . $pasteid . ", parent id " .
+                  $parentid . ", comment id " . $commentid);
+        }
+    } else if ($force_overwrite) {
+        if (!$dryrun) {
+            debug("Overwriting paste id " . $pasteid . ", parent id " .
+                  $parentid . ", comment id " . $commentid);
+            $dststore->createComment($pasteid, $parentid, $commentid, $comment);
+        } else {
+            debug("Would overwrite paste id " . $pasteid . ", parent id " .
+                  $parentid . ", comment id " . $commentid);
+        }
+    } else {
+        if (!$dryrun) {
+            dieerr("Not overwriting paste id " . $pasteid . ", parent id " .
+                   $parentid . ", comment id " . $commentid);
+        } else {
+            dieerr("Would not overwrite paste id " . $pasteid . ", parent id " .
+                   $parentid . ", comment id " . $commentid);
+        }
+    }
+}
+
+function savePaste ($force_overwrite, $dryrun, $pasteid, $paste, $dststore)
+{
+    if (!$dststore->exists($pasteid)) {
+        if (!$dryrun) {
+            debug("Saving paste id " . $pasteid);
+            $dststore->create($pasteid, $paste);
+        } else {
+            debug("Would save paste id " . $pasteid);
+        }
+    } else if ($force_overwrite) {
+        if (!$dryrun) {
+            debug("Overwriting paste id " . $pasteid);
+            $dststore->create($pasteid, $paste);
+        } else {
+            debug("Would overwrite paste id " . $pasteid);
+        }
+    } else {
+        if (!$dryrun) {
+            dieerr("Not overwriting paste id " . $pasteid);
+        } else {
+            dieerr("Would not overwrite paste id " . $pasteid);
+        }
+    }
+}
+
+function getConfig ($target, $confdir)
+{
+    debug("Trying to load " . $target . " conf.php" .
+          ($confdir === "" ? "" : " from " . $confdir));
+
+    putenv("CONFIG_PATH=" . $confdir);
+    $conf = new Configuration;
+    putenv("CONFIG_PATH=");
+
+    return $conf;
+}
+
+function dieerr ($text)
+{
+    fprintf(STDERR, "ERROR: %s" . PHP_EOL, $text);
+    die(1);
+}
+
+function debug ($text) {
+    if ($GLOBALS["verbose"]) {
+        printf("DEBUG: %s" . PHP_EOL, $text);
+    }
+}
+
+function helpexit ()
+{
+    print("migrate - Copy data between PrivateBin backends
+
+Usage:
+  migrate [--delete-after] [--delete-during] [-f] [-n] [-v] srcconfdir
+          [<dstconfdir>]
+  migrate [-h|--help]
+
+Options:
+  --delete-after   delete data from source after all pastes and comments have
+                   successfully been copied to the destination
+  --delete-during  delete data from source after the current paste and its
+                   comments have successfully been copied to the destination
+  -f               forcefully overwrite data which already exists at the
+                   destination
+  -h, --help       displays this help message
+  -n               dry run, do not copy data
+  -v               be verbose
+  <srcconfdir>     use storage backend configration from conf.php found in
+                   this directory as source
+  <dstconfdir>     optionally, use storage backend configration from conf.php
+                   found in this directory as destination; defaults to:
+                   " . PATH . "cfg" . DIRECTORY_SEPARATOR . "conf.php
+");
+    exit();
+}

cfg/conf.sample.php

@@ -7,9 +7,10 @@
 ; (optional) set a project name to be displayed on the website
 ; name = "PrivateBin"
 
-; The full URL, with the domain name and directories that point to the PrivateBin files
-; This URL is essential to allow Opengraph images to be displayed on social networks
-; basepath = ""
+; The full URL, with the domain name and directories that point to the
+; PrivateBin files, including an ending slash (/). This URL is essential to
+; allow Opengraph images to be displayed on social networks.
+; basepath = "https://privatebin.example.com/"
 
 ; enable or disable the discussion feature, defaults to true
 discussion = true
@@ -55,9 +56,9 @@ languageselection = false
 ; if this is set and language selection is disabled, this will be the only language
 ; languagedefault = "en"
 
-; (optional) URL shortener address to offer after a new paste is created
-; it is suggested to only use this with self-hosted shorteners as this will leak
-; the pastes encryption key
+; (optional) URL shortener address to offer after a new paste is created.
+; It is suggested to only use this with self-hosted shorteners as this will leak
+; the pastes encryption key.
 ; urlshortener = "https://shortener.example.com/api?link="
 
 ; (optional) Let users create a QR code for sharing the paste URL with one click.
@@ -65,10 +66,11 @@ languageselection = false
 ; qrcode = true
 
 ; (optional) IP based icons are a weak mechanism to detect if a comment was from
-; a different user when the same username was used in a comment. It might be
-; used to get the IP of a non anonymous comment poster if the server salt is
-; leaked and a SHA256 HMAC rainbow table is generated for all (relevant) IPs.
-; Can be set to one these values: "none" / "vizhash" / "identicon" (default).
+; a different user when the same username was used in a comment. It might get
+; used to get the IP of a comment poster if the server salt is leaked and a
+; SHA512 HMAC rainbow table is generated for all (relevant) IPs.
+; Can be set to one these values:
+; "none" / "identicon" (default) / "jdenticon" / "vizhash".
 ; icon = "none"
 
 ; Content Security Policy headers allow a website to restrict what sources are
@@ -87,7 +89,7 @@ languageselection = false
 ;   async functions and display an error if not and for Chrome to enable
 ;   webassembly support (used for zlib compression). You can remove it if Chrome
 ;   doesn't need to be supported and old browsers don't need to be warned.
-; cspheader = "default-src 'none'; base-uri 'self'; form-action 'none'; manifest-src 'self'; connect-src * blob:; script-src 'self' 'unsafe-eval' resource:; style-src 'self'; font-src 'self'; frame-ancestors 'none'; img-src 'self' data: blob:; media-src blob:; object-src blob:; sandbox allow-same-origin allow-scripts allow-forms allow-popups allow-modals allow-downloads"
+; cspheader = "default-src 'none'; base-uri 'self'; form-action 'none'; manifest-src 'self'; connect-src * blob:; script-src 'self' 'unsafe-eval'; style-src 'self'; font-src 'self'; frame-ancestors 'none'; img-src 'self' data: blob:; media-src blob:; object-src blob:; sandbox allow-same-origin allow-scripts allow-forms allow-popups allow-modals allow-downloads"
 
 ; stay compatible with PrivateBin Alpha 0.19, less secure
 ; if enabled will use base64.js version 1.7 instead of 2.1.9 and sha1 instead of
@@ -135,9 +137,17 @@ markdown = "Markdown"
 ; Set this to 0 to disable rate limiting.
 limit = 10
 
-; Set ips (v4|v6) which should be exempted for the rate-limit. CIDR also supported. Needed to be comma separated.
-; Unset for enabling and invalid values will be ignored
-; eg: exemptedIp = '1.2.3.4,10.10.10/24'
+; (optional) Set IPs addresses (v4 or v6) or subnets (CIDR) which are exempted
+; from the rate-limit. Invalid IPs will be ignored. If multiple values are to
+; be exempted, the list needs to be comma separated. Leave unset to disable
+; exemptions.
+; exempted = "1.2.3.4,10.10.10/24"
+
+; (optional) If you want only some source IP addresses (v4 or v6) or subnets
+; (CIDR) to be allowed to create pastes, set these here. Invalid IPs will be
+; ignored. If multiple values are to be exempted, the list needs to be comma
+; separated. Leave unset to allow anyone to create pastes.
+; creators = "1.2.3.4,10.10.10/24"
 
 ; (optional) if your website runs behind a reverse proxy or load balancer,
 ; set the HTTP header containing the visitors IP address, i.e. X_FORWARDED_FOR
@@ -167,6 +177,7 @@ dir = PATH "data"
 ;[model_options]
 ;bucket = "my-private-bin"
 ;prefix = "pastes"
+;uniformacl = false
 
 ;[model]
 ; example of DB configuration for MySQL
@@ -186,3 +197,52 @@ dir = PATH "data"
 ;usr = null
 ;pwd = null
 ;opt[12] = true	; PDO::ATTR_PERSISTENT
+
+;[model]
+; example of DB configuration for PostgreSQL
+;class = Database
+;[model_options]
+;dsn = "pgsql:host=localhost;dbname=privatebin"
+;tbl = "privatebin_"     ; table prefix
+;usr = "privatebin"
+;pwd = "Z3r0P4ss"
+;opt[12] = true    ; PDO::ATTR_PERSISTENT
+
+;[model]
+; example of S3 configuration for Rados gateway / CEPH
+;class = S3Storage
+;[model_options]
+;region = ""
+;version = "2006-03-01"
+;endpoint = "https://s3.my-ceph.invalid"
+;use_path_style_endpoint = true
+;bucket = "my-bucket"
+;accesskey = "my-rados-user"
+;secretkey = "my-rados-pass"
+
+;[model]
+; example of S3 configuration for AWS
+;class = S3Storage
+;[model_options]
+;region = "eu-central-1"
+;version = "latest"
+;bucket = "my-bucket"
+;accesskey = "access key id"
+;secretkey = "secret access key"
+
+[yourls]
+; When using YOURLS as a "urlshortener" config item:
+; - By default, "urlshortener" will point to the YOURLS API URL, with or without
+;   credentials, and will be visible in public on the PrivateBin web page.
+;   Only use this if you allow short URL creation without credentials.
+; - Alternatively, using the parameters in this section ("signature" and
+;   "apiurl"), "urlshortener" needs to point to the base URL of your PrivateBin
+;   instance with "shortenviayourls?link=" appended. For example:
+;   urlshortener = "${basepath}shortenviayourls?link="
+;   This URL will in turn call YOURLS on the server side, using the URL from
+;   "apiurl" and the "access signature" from the "signature" parameters below.
+
+; (optional) the "signature" (access key) issued by YOURLS for the using account
+; signature = ""
+; (optional) the URL of the YOURLS API, called to shorten a PrivateBin URL
+; apiurl = "https://yourls.example.com/yourls-api.php"

composer.json

@@ -27,10 +27,12 @@
 		"php" : "^5.6.0 || ^7.0 || ^8.0",
 		"paragonie/random_compat" : "2.0.21",
 		"yzalis/identicon" : "2.0.0",
-		"mlocati/ip-lib" : "1.18.0"
+		"mlocati/ip-lib" : "1.18.0",
+		"jdenticon/jdenticon": "^1.0"
 	},
 	"suggest" : {
-		"google/cloud-storage" : "1.26.1"
+		"google/cloud-storage" : "1.30.1",
+		"aws/aws-sdk-php" : "3.254.0"
 	},
 	"require-dev" : {
 		"phpunit/phpunit" : "^4.6 || ^5.0"

composer.lock

@@ -4,8 +4,52 @@
         "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
         "This file is @generated automatically"
     ],
-    "content-hash": "fa52d4988bfe17d4b27e3a4789a1ec49",
+    "content-hash": "17bceced29627163f7aa330a0697f68b",
     "packages": [
+        {
+            "name": "jdenticon/jdenticon",
+            "version": "1.0.2",
+            "source": {
+                "type": "git",
+                "url": "https://github.com/dmester/jdenticon-php.git",
+                "reference": "cabb7a44c413c318392a341c5d3ca30fcdd57a6f"
+            },
+            "dist": {
+                "type": "zip",
+                "url": "https://api.github.com/repos/dmester/jdenticon-php/zipball/cabb7a44c413c318392a341c5d3ca30fcdd57a6f",
+                "reference": "cabb7a44c413c318392a341c5d3ca30fcdd57a6f",
+                "shasum": ""
+            },
+            "require": {
+                "php": ">=5.3.0"
+            },
+            "require-dev": {
+                "phpunit/phpunit": "^5.7"
+            },
+            "type": "library",
+            "autoload": {
+                "psr-4": {
+                    "Jdenticon\\": "src/"
+                }
+            },
+            "notification-url": "https://packagist.org/downloads/",
+            "license": [
+                "MIT"
+            ],
+            "authors": [
+                {
+                    "name": "Daniel Mester Pirttijärvi"
+                }
+            ],
+            "description": "Render PNG and SVG identicons.",
+            "homepage": "https://jdenticon.com/",
+            "keywords": [
+                "avatar",
+                "identicon",
+                "jdenticon"
+            ],
+            "time": "2022-10-30T17:15:02+00:00"
+        },
         {
             "name": "mlocati/ip-lib",
             "version": "1.18.0",
@@ -61,16 +105,6 @@
                 "range",
                 "subnet"
             ],
-            "funding": [
-                {
-                    "url": "https://github.com/sponsors/mlocati",
-                    "type": "github"
-                },
-                {
-                    "url": "https://paypal.me/mlocati",
-                    "type": "other"
-                }
-            ],
             "time": "2022-01-13T18:05:33+00:00"
         },
         {
@@ -179,29 +213,30 @@
     "packages-dev": [
         {
             "name": "doctrine/instantiator",
-            "version": "1.4.0",
+            "version": "1.4.1",
             "source": {
                 "type": "git",
                 "url": "https://github.com/doctrine/instantiator.git",
-                "reference": "d56bf6102915de5702778fe20f2de3b2fe570b5b"
+                "reference": "10dcfce151b967d20fde1b34ae6640712c3891bc"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/doctrine/instantiator/zipball/d56bf6102915de5702778fe20f2de3b2fe570b5b",
-                "reference": "d56bf6102915de5702778fe20f2de3b2fe570b5b",
+                "url": "https://api.github.com/repos/doctrine/instantiator/zipball/10dcfce151b967d20fde1b34ae6640712c3891bc",
+                "reference": "10dcfce151b967d20fde1b34ae6640712c3891bc",
                 "shasum": ""
             },
             "require": {
                 "php": "^7.1 || ^8.0"
             },
             "require-dev": {
-                "doctrine/coding-standard": "^8.0",
+                "doctrine/coding-standard": "^9",
                 "ext-pdo": "*",
                 "ext-phar": "*",
-                "phpbench/phpbench": "^0.13 || 1.0.0-alpha2",
-                "phpstan/phpstan": "^0.12",
-                "phpstan/phpstan-phpunit": "^0.12",
-                "phpunit/phpunit": "^7.0 || ^8.0 || ^9.0"
+                "phpbench/phpbench": "^0.16 || ^1",
+                "phpstan/phpstan": "^1.4",
+                "phpstan/phpstan-phpunit": "^1",
+                "phpunit/phpunit": "^7.5 || ^8.5 || ^9.5",
+                "vimeo/psalm": "^4.22"
             },
             "type": "library",
             "autoload": {
@@ -226,46 +261,33 @@
                 "constructor",
                 "instantiate"
             ],
-            "funding": [
-                {
-                    "url": "https://www.doctrine-project.org/sponsorship.html",
-                    "type": "custom"
-                },
-                {
-                    "url": "https://www.patreon.com/phpdoctrine",
-                    "type": "patreon"
-                },
-                {
-                    "url": "https://tidelift.com/funding/github/packagist/doctrine%2Finstantiator",
-                    "type": "tidelift"
-                }
-            ],
-            "time": "2020-11-10T18:47:58+00:00"
+            "time": "2022-03-03T08:28:38+00:00"
         },
         {
             "name": "myclabs/deep-copy",
-            "version": "1.10.2",
+            "version": "1.11.0",
             "source": {
                 "type": "git",
                 "url": "https://github.com/myclabs/DeepCopy.git",
-                "reference": "776f831124e9c62e1a2c601ecc52e776d8bb7220"
+                "reference": "14daed4296fae74d9e3201d2c4925d1acb7aa614"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/myclabs/DeepCopy/zipball/776f831124e9c62e1a2c601ecc52e776d8bb7220",
-                "reference": "776f831124e9c62e1a2c601ecc52e776d8bb7220",
+                "url": "https://api.github.com/repos/myclabs/DeepCopy/zipball/14daed4296fae74d9e3201d2c4925d1acb7aa614",
+                "reference": "14daed4296fae74d9e3201d2c4925d1acb7aa614",
                 "shasum": ""
             },
             "require": {
                 "php": "^7.1 || ^8.0"
             },
-            "replace": {
-                "myclabs/deep-copy": "self.version"
+            "conflict": {
+                "doctrine/collections": "<1.6.8",
+                "doctrine/common": "<2.13.3 || >=3,<3.2.2"
             },
             "require-dev": {
-                "doctrine/collections": "^1.0",
-                "doctrine/common": "^2.6",
-                "phpunit/phpunit": "^7.1"
+                "doctrine/collections": "^1.6.8",
+                "doctrine/common": "^2.13.3 || ^3.2.2",
+                "phpunit/phpunit": "^7.5.20 || ^8.5.23 || ^9.5.13"
             },
             "type": "library",
             "autoload": {
@@ -288,13 +310,7 @@
                 "object",
                 "object graph"
             ],
-            "funding": [
-                {
-                    "url": "https://tidelift.com/funding/github/packagist/myclabs/deep-copy",
-                    "type": "tidelift"
-                }
-            ],
-            "time": "2020-11-13T09:40:50+00:00"
+            "time": "2022-03-03T13:19:32+00:00"
         },
         {
             "name": "phpdocumentor/reflection-common",
@@ -400,16 +416,16 @@
         },
         {
             "name": "phpdocumentor/type-resolver",
-            "version": "1.6.0",
+            "version": "1.6.1",
             "source": {
                 "type": "git",
                 "url": "https://github.com/phpDocumentor/TypeResolver.git",
-                "reference": "93ebd0014cab80c4ea9f5e297ea48672f1b87706"
+                "reference": "77a32518733312af16a44300404e945338981de3"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/phpDocumentor/TypeResolver/zipball/93ebd0014cab80c4ea9f5e297ea48672f1b87706",
-                "reference": "93ebd0014cab80c4ea9f5e297ea48672f1b87706",
+                "url": "https://api.github.com/repos/phpDocumentor/TypeResolver/zipball/77a32518733312af16a44300404e945338981de3",
+                "reference": "77a32518733312af16a44300404e945338981de3",
                 "shasum": ""
             },
             "require": {
@@ -442,7 +458,7 @@
                 }
             ],
             "description": "A PSR-5 based resolver of Class names, Types and Structural Element Names",
-            "time": "2022-01-04T19:58:01+00:00"
+            "time": "2022-03-15T21:29:03+00:00"
         },
         {
             "name": "phpspec/prophecy",
@@ -509,35 +525,35 @@
         },
         {
             "name": "phpunit/php-code-coverage",
-            "version": "4.0.8",
+            "version": "4.0.6",
             "source": {
                 "type": "git",
                 "url": "https://github.com/sebastianbergmann/php-code-coverage.git",
-                "reference": "ef7b2f56815df854e66ceaee8ebe9393ae36a40d"
+                "reference": "ca060f645beeddebedb1885c97bf163e93264c35"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/sebastianbergmann/php-code-coverage/zipball/ef7b2f56815df854e66ceaee8ebe9393ae36a40d",
-                "reference": "ef7b2f56815df854e66ceaee8ebe9393ae36a40d",
+                "url": "https://api.github.com/repos/sebastianbergmann/php-code-coverage/zipball/ca060f645beeddebedb1885c97bf163e93264c35",
+                "reference": "ca060f645beeddebedb1885c97bf163e93264c35",
                 "shasum": ""
             },
             "require": {
-                "ext-dom": "*",
-                "ext-xmlwriter": "*",
                 "php": "^5.6 || ^7.0",
-                "phpunit/php-file-iterator": "^1.3",
-                "phpunit/php-text-template": "^1.2",
+                "phpunit/php-file-iterator": "~1.3",
+                "phpunit/php-text-template": "~1.2",
                 "phpunit/php-token-stream": "^1.4.2 || ^2.0",
-                "sebastian/code-unit-reverse-lookup": "^1.0",
+                "sebastian/code-unit-reverse-lookup": "~1.0",
                 "sebastian/environment": "^1.3.2 || ^2.0",
-                "sebastian/version": "^1.0 || ^2.0"
+                "sebastian/version": "~1.0|~2.0"
             },
             "require-dev": {
-                "ext-xdebug": "^2.1.4",
-                "phpunit/phpunit": "^5.7"
+                "ext-xdebug": ">=2.1.4",
+                "phpunit/phpunit": "^5.4"
             },
             "suggest": {
-                "ext-xdebug": "^2.5.1"
+                "ext-dom": "*",
+                "ext-xdebug": ">=2.4.0",
+                "ext-xmlwriter": "*"
             },
             "type": "library",
             "extra": {
@@ -568,7 +584,7 @@
                 "testing",
                 "xunit"
             ],
-            "time": "2017-04-02T07:44:40+00:00"
+            "time": "2017-02-23T07:38:02+00:00"
         },
         {
             "name": "phpunit/php-file-iterator",
@@ -942,12 +958,6 @@
             ],
             "description": "Looks up which function or method a line of code belongs to",
             "homepage": "https://github.com/sebastianbergmann/code-unit-reverse-lookup/",
-            "funding": [
-                {
-                    "url": "https://github.com/sebastianbergmann",
-                    "type": "github"
-                }
-            ],
             "time": "2020-11-30T08:15:22+00:00"
         },
         {
@@ -1420,16 +1430,16 @@
         },
         {
             "name": "symfony/polyfill-ctype",
-            "version": "v1.24.0",
+            "version": "v1.26.0",
             "source": {
                 "type": "git",
                 "url": "https://github.com/symfony/polyfill-ctype.git",
-                "reference": "30885182c981ab175d4d034db0f6f469898070ab"
+                "reference": "6fd1b9a79f6e3cf65f9e679b23af304cd9e010d4"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/symfony/polyfill-ctype/zipball/30885182c981ab175d4d034db0f6f469898070ab",
-                "reference": "30885182c981ab175d4d034db0f6f469898070ab",
+                "url": "https://api.github.com/repos/symfony/polyfill-ctype/zipball/6fd1b9a79f6e3cf65f9e679b23af304cd9e010d4",
+                "reference": "6fd1b9a79f6e3cf65f9e679b23af304cd9e010d4",
                 "shasum": ""
             },
             "require": {
@@ -1444,7 +1454,7 @@
             "type": "library",
             "extra": {
                 "branch-alias": {
-                    "dev-main": "1.23-dev"
+                    "dev-main": "1.26-dev"
                 },
                 "thanks": {
                     "name": "symfony/polyfill",
@@ -1452,12 +1462,12 @@
                 }
             },
             "autoload": {
-                "psr-4": {
-                    "Symfony\\Polyfill\\Ctype\\": ""
-                },
                 "files": [
                     "bootstrap.php"
-                ]
+                ],
+                "psr-4": {
+                    "Symfony\\Polyfill\\Ctype\\": ""
+                }
             },
             "notification-url": "https://packagist.org/downloads/",
             "license": [
@@ -1481,34 +1491,20 @@
                 "polyfill",
                 "portable"
             ],
-            "funding": [
-                {
-                    "url": "https://symfony.com/sponsor",
-                    "type": "custom"
-                },
-                {
-                    "url": "https://github.com/fabpot",
-                    "type": "github"
-                },
-                {
-                    "url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
-                    "type": "tidelift"
-                }
-            ],
-            "time": "2021-10-20T20:35:02+00:00"
+            "time": "2022-05-24T11:49:31+00:00"
         },
         {
             "name": "symfony/yaml",
-            "version": "v4.4.37",
+            "version": "v4.4.45",
             "source": {
                 "type": "git",
                 "url": "https://github.com/symfony/yaml.git",
-                "reference": "d7f637cc0f0cc14beb0984f2bb50da560b271311"
+                "reference": "aeccc4dc52a9e634f1d1eebeb21eacfdcff1053d"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/symfony/yaml/zipball/d7f637cc0f0cc14beb0984f2bb50da560b271311",
-                "reference": "d7f637cc0f0cc14beb0984f2bb50da560b271311",
+                "url": "https://api.github.com/repos/symfony/yaml/zipball/aeccc4dc52a9e634f1d1eebeb21eacfdcff1053d",
+                "reference": "aeccc4dc52a9e634f1d1eebeb21eacfdcff1053d",
                 "shasum": ""
             },
             "require": {
@@ -1549,21 +1545,7 @@
             ],
             "description": "Loads and dumps YAML files",
             "homepage": "https://symfony.com",
-            "funding": [
-                {
-                    "url": "https://symfony.com/sponsor",
-                    "type": "custom"
-                },
-                {
-                    "url": "https://github.com/fabpot",
-                    "type": "github"
-                },
-                {
-                    "url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
-                    "type": "tidelift"
-                }
-            ],
-            "time": "2022-01-24T20:11:01+00:00"
+            "time": "2022-08-02T15:47:23+00:00"
         },
         {
             "name": "webmozart/assert",
@@ -1628,6 +1610,5 @@
     "platform": {
         "php": "^5.6.0 || ^7.0 || ^8.0"
     },
-    "platform-dev": [],
-    "plugin-api-version": "1.1.0"
+    "platform-dev": []
 }

css/bootstrap/privatebin.css

@@ -6,7 +6,7 @@
  * @link      https://github.com/PrivateBin/PrivateBin
  * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
  * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   1.3.5
+ * @version   1.5.1
  */
 
 body {

css/noscript.css

@@ -6,7 +6,7 @@
  * @link      https://github.com/PrivateBin/PrivateBin
  * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
  * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   1.3.5
+ * @version   1.5.1
  */
 
 /* When there is no script at all other */

css/privatebin.css

@@ -6,7 +6,7 @@
  * @link      https://github.com/PrivateBin/PrivateBin
  * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
  * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   1.3.5
+ * @version   1.5.1
  */
 
 /*  CSS Reset from YUI 3.4.1 (build 4118) - Copyright 2011 Yahoo! Inc. All rights reserved.

i18n/ar.json

@@ -182,8 +182,12 @@
     "Use Current Timezone": "Use Current Timezone",
     "Convert To UTC": "Convert To UTC",
     "Close": "Close",
-    "Encrypted note on PrivateBin": "Encrypted note on PrivateBin",
+    "Encrypted note on %s": "Encrypted note on %s",
     "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.": "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.",
     "URL shortener may expose your decrypt key in URL.": "URL shortener may expose your decrypt key in URL.",
-    "Save paste": "Save paste"
+    "Save paste": "Save paste",
+    "Your IP is not authorized to create pastes.": "Your IP is not authorized to create pastes.",
+    "Trying to shorten a URL that isn't pointing at our instance.": "Trying to shorten a URL that isn't pointing at our instance.",
+    "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".": "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".",
+    "Error parsing YOURLS response.": "Error parsing YOURLS response."
 }

i18n/bg.json

@@ -182,8 +182,12 @@
     "Use Current Timezone": "Use Current Timezone",
     "Convert To UTC": "Convert To UTC",
     "Close": "Close",
-    "Encrypted note on PrivateBin": "Encrypted note on PrivateBin",
+    "Encrypted note on %s": "Encrypted note on %s",
     "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.": "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.",
     "URL shortener may expose your decrypt key in URL.": "URL shortener may expose your decrypt key in URL.",
-    "Save paste": "Save paste"
+    "Save paste": "Save paste",
+    "Your IP is not authorized to create pastes.": "Your IP is not authorized to create pastes.",
+    "Trying to shorten a URL that isn't pointing at our instance.": "Trying to shorten a URL that isn't pointing at our instance.",
+    "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".": "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".",
+    "Error parsing YOURLS response.": "Error parsing YOURLS response."
 }

i18n/ca.json

@@ -79,34 +79,34 @@
     "Never": "Mai",
     "Note: This is a test service: Data may be deleted anytime. Kittens will die if you abuse this service.": "Note: This is a test service: Data may be deleted anytime. Kittens will die if you abuse this service.",
     "This document will expire in %d seconds.": [
-        "This document will expire in %d second. (singular)",
-        "This document will expire in %d seconds. (1st plural)",
-        "This document will expire in %d seconds. (2nd plural)",
-        "This document will expire in %d seconds. (3rd plural)"
+        "Aquest document caducarà d'aquí %d segon.",
+        "Aquest document caducarà d'aquí %d segons.",
+        "Aquest document caducarà d'aquí %d segons.",
+        "Aquest document caducarà d'aquí %d segons."
     ],
     "This document will expire in %d minutes.": [
-        "This document will expire in %d minute. (singular)",
-        "This document will expire in %d minutes. (1st plural)",
-        "This document will expire in %d minutes. (2nd plural)",
-        "This document will expire in %d minutes. (3rd plural)"
+        "Aquest document caducarà d'aquí %d minut.",
+        "Aquest document caducarà d'aquí %d minuts.",
+        "Aquest document caducarà d'aquí %d minuts.",
+        "Aquest document caducarà d'aquí %d minuts."
     ],
     "This document will expire in %d hours.": [
-        "This document will expire in %d hour. (singular)",
-        "This document will expire in %d hours. (1st plural)",
-        "This document will expire in %d hours. (2nd plural)",
-        "This document will expire in %d hours. (3rd plural)"
+        "Aquest document caducarà d'aquí %d hora.",
+        "Aquest document caducarà d'aquí %d hores.",
+        "Aquest document caducarà d'aquí %d hores.",
+        "Aquest document caducarà d'aquí %d hores."
     ],
     "This document will expire in %d days.": [
-        "This document will expire in %d day. (singular)",
-        "This document will expire in %d days. (1st plural)",
-        "This document will expire in %d days. (2nd plural)",
-        "This document will expire in %d days. (3rd plural)"
+        "Aquest document caducarà d'aquí %d dia.",
+        "Aquest document caducarà d'aquí %d dies.",
+        "Aquest document caducarà d'aquí %d dies.",
+        "Aquest document caducarà d'aquí %d dies."
     ],
     "This document will expire in %d months.": [
-        "This document will expire in %d month. (singular)",
-        "This document will expire in %d months. (1st plural)",
-        "This document will expire in %d months. (2nd plural)",
-        "This document will expire in %d months. (3rd plural)"
+        "Aquest document caducarà d'aquí %d mes.",
+        "Aquest document caducarà d'aquí %d mesos.",
+        "Aquest document caducarà d'aquí %d mesos.",
+        "Aquest document caducarà d'aquí %d mesos."
     ],
     "Please enter the password for this paste:": "Si us plau, introdueix la contrasenya per aquest paste:",
     "Could not decrypt data (Wrong key?)": "No s'han pogut desxifrar les dades (Clau incorrecte?)",
@@ -124,7 +124,7 @@
     "Could not refresh display: %s": "Could not refresh display: %s",
     "unknown status": "estat desconegut",
     "server error or not responding": "server error or not responding",
-    "Could not post comment: %s": "Could not post comment: %s",
+    "Could not post comment: %s": "No s'ha pogut publicar el comentari: %s",
     "Sending paste…": "Enviant paste…",
     "Your paste is <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Hit [Ctrl]+[c] to copy)</span>": "Your paste is <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Hit [Ctrl]+[c] to copy)</span>",
     "Delete data": "Esborrar les dades",
@@ -146,7 +146,7 @@
     "Download attachment": "Baixar els adjunts",
     "Cloned: '%s'": "Cloned: '%s'",
     "The cloned file '%s' was attached to this paste.": "The cloned file '%s' was attached to this paste.",
-    "Attach a file": "Attach a file",
+    "Attach a file": "Adjuntar un fitxer",
     "alternatively drag & drop a file or paste an image from the clipboard": "alternatively drag & drop a file or paste an image from the clipboard",
     "File too large, to display a preview. Please download the attachment.": "File too large, to display a preview. Please download the attachment.",
     "Remove attachment": "Remove attachment",
@@ -182,8 +182,12 @@
     "Use Current Timezone": "Use Current Timezone",
     "Convert To UTC": "Convert To UTC",
     "Close": "Close",
-    "Encrypted note on PrivateBin": "Encrypted note on PrivateBin",
+    "Encrypted note on %s": "Encrypted note on %s",
     "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.": "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.",
     "URL shortener may expose your decrypt key in URL.": "URL shortener may expose your decrypt key in URL.",
-    "Save paste": "Save paste"
+    "Save paste": "Save paste",
+    "Your IP is not authorized to create pastes.": "Your IP is not authorized to create pastes.",
+    "Trying to shorten a URL that isn't pointing at our instance.": "Trying to shorten a URL that isn't pointing at our instance.",
+    "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".": "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".",
+    "Error parsing YOURLS response.": "Error parsing YOURLS response."
 }

i18n/co.json

@@ -0,0 +1,193 @@
+{
+    "PrivateBin": "PrivateBin",
+    "%s is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted %sin the browser%s using 256 bits AES.": "%s hè un serviziu in linea di tipu « pastebin » (ghjestiunariu d’appiccicu di pezzi di testu è di codice di fonte) minimalistu è à fonte aperta induve u servitore ùn hà micca cunnuscenza di i dati mandati. I dati sò cifrati è dicifrati %sin u navigatore%s cù una cifratura AES di 256 bit.",
+    "More information on the <a href=\"https://privatebin.info/\">project page</a>.": "Più d’infurmazione annant’à a <a href=\"https://privatebin.info/\">pagina di u prughjettu</a>.",
+    "Because ignorance is bliss": "Perchè l’ignurenza hè una campa",
+    "en": "co",
+    "Paste does not exist, has expired or has been deleted.": "L’appiccicu ùn esiste micca, hè scadutu o hè statu squassatu.",
+    "%s requires php %s or above to work. Sorry.": "Per disgrazzia, %s richiede php %s o più recente per funziunà.",
+    "%s requires configuration section [%s] to be present in configuration file.": "%s richiede a presenza di a sezzione di cunfigurazione [%s] in a schedariu di cunfigurazione.",
+    "Please wait %d seconds between each post.": [
+        "Aspettate %d seconda trà dui publicazioni.",
+        "Aspettate %d seconde trà dui publicazioni.",
+        "Aspettate %d seconde trà dui publicazioni.",
+        "Aspettate %d seconde trà dui publicazioni."
+    ],
+    "Paste is limited to %s of encrypted data.": "L’appiccicu hè limitatu à %s di dati cifrati.",
+    "Invalid data.": "Dati inaccetevule.",
+    "You are unlucky. Try again.": "Pruvate torna, Serete più furtunati.",
+    "Error saving comment. Sorry.": "Per disgrazzia, ci hè un sbagliu à l’arregistramentu di u cummentu.",
+    "Error saving paste. Sorry.": "Per disgrazzia, ci hè un sbagliu à l’arregistramentu di l’appiccicu.",
+    "Invalid paste ID.": "N° di l’appiccicu inaccettevule.",
+    "Paste is not of burn-after-reading type.": "L’appiccicu ùn hè micca di tipu « Squassà dopu a lettura ».",
+    "Wrong deletion token. Paste was not deleted.": "Gettone di squassatura incurrettu. L’appiccicu ùn hè micca statu squassatu.",
+    "Paste was properly deleted.": "L’appiccicu hè statu squassatu currettamente.",
+    "JavaScript is required for %s to work. Sorry for the inconvenience.": "JavaScript hè richiestu per fà funziunà %s. Scusate per stu penseru.",
+    "%s requires a modern browser to work.": "%s richiede un navigatore mudernu per funziunà.",
+    "New": "Novu",
+    "Send": "Mandà",
+    "Clone": "Duppione",
+    "Raw text": "Testu grossu",
+    "Expires": "Scadenza",
+    "Burn after reading": "Squassà dopu a lettura",
+    "Open discussion": "Apre una chjachjarata",
+    "Password (recommended)": "Parolla d’intesa (ricumandata)",
+    "Discussion": "Chjachjarata",
+    "Toggle navigation": "Invertisce a navigazione",
+    "%d seconds": [
+        "%d seconda",
+        "%d seconde",
+        "%d seconde",
+        "%d seconde"
+    ],
+    "%d minutes": [
+        "%d minutu",
+        "%d minuti",
+        "%d minuti",
+        "%d minuti"
+    ],
+    "%d hours": [
+        "%d ora",
+        "%d ore",
+        "%d ore",
+        "%d ore"
+    ],
+    "%d days": [
+        "%d ghjornu",
+        "%d ghjorni",
+        "%d ghjorni",
+        "%d ghjorni"
+    ],
+    "%d weeks": [
+        "%d settimana",
+        "%d settimane",
+        "%d settimane",
+        "%d settimane"
+    ],
+    "%d months": [
+        "%d mese",
+        "%d mesi",
+        "%d mesi",
+        "%d mesi"
+    ],
+    "%d years": [
+        "%d annu",
+        "%d anni",
+        "%d anni",
+        "%d anni"
+    ],
+    "Never": "Mai",
+    "Note: This is a test service: Data may be deleted anytime. Kittens will die if you abuse this service.": "Nota : Què hè un serviziu di prova ; i dati ponu esse squassati à ogni mumentu. Parechji catorni anu da esse tombi s’è vò impiegate troppu stu serviziu.",
+    "This document will expire in %d seconds.": [
+        "Stu ducumentu serà scadutu in %d seconda.",
+        "Stu ducumentu serà scadutu in %d seconde.",
+        "Stu ducumentu serà scadutu in %d seconde.",
+        "Stu ducumentu serà scadutu in %d seconde."
+    ],
+    "This document will expire in %d minutes.": [
+        "Stu ducumentu serà scadutu in %d minutu.",
+        "Stu ducumentu serà scadutu in %d minuti.",
+        "Stu ducumentu serà scadutu in %d minuti.",
+        "Stu ducumentu serà scadutu in %d minuti."
+    ],
+    "This document will expire in %d hours.": [
+        "Stu ducumentu serà scadutu in %d ora.",
+        "Stu ducumentu serà scadutu in %d ore.",
+        "Stu ducumentu serà scadutu in %d ore.",
+        "Stu ducumentu serà scadutu in %d ore."
+    ],
+    "This document will expire in %d days.": [
+        "Stu ducumentu serà scadutu in %d ghjornu.",
+        "Stu ducumentu serà scadutu in %d ghjorni.",
+        "Stu ducumentu serà scadutu in %d ghjorni.",
+        "Stu ducumentu serà scadutu in %d ghjorni."
+    ],
+    "This document will expire in %d months.": [
+        "Stu ducumentu serà scadutu in %d mese.",
+        "Stu ducumentu serà scadutu in %d mesi.",
+        "Stu ducumentu serà scadutu in %d mesi.",
+        "Stu ducumentu serà scadutu in %d mesi."
+    ],
+    "Please enter the password for this paste:": "Stampittate a parolla d’intesa per st’appiccicu :",
+    "Could not decrypt data (Wrong key?)": "Ùn si pò micca dicifrà i dati ; seria incurretta a chjave ?",
+    "Could not delete the paste, it was not stored in burn after reading mode.": "Ùn si pò micca squassà l’appiccicu, ùn hè micca statu in u modu « Squassà dopu a lettura ».",
+    "FOR YOUR EYES ONLY. Don't close this window, this message can't be displayed again.": "SOLU CÙ L’OCHJI. Ùn chjudite micca sta finestra, stu messaghju un puderà più esse affissatu torna.",
+    "Could not decrypt comment; Wrong key?": "Ùn si pò micca dicifrà u cummentu. Seria incurretta a chjave ?",
+    "Reply": "Risponde",
+    "Anonymous": "Anonimu",
+    "Avatar generated from IP address": "Avatar ingeneratu da l’indirizzu IP",
+    "Add comment": "Aghjunghje un cummentu",
+    "Optional nickname…": "Cugnome ozzionale…",
+    "Post comment": "Impustà u cummentu",
+    "Sending comment…": "Inviu di u cummentu…",
+    "Comment posted.": "Cummentu inviatu.",
+    "Could not refresh display: %s": "Ùn si pò micca attualizà l’affissera : %s",
+    "unknown status": "statu scunnisciutu",
+    "server error or not responding": "sbagliu di u servitore o u servitore ùn risponde micca",
+    "Could not post comment: %s": "Ùn si pò micca impustà u cummentu : %s",
+    "Sending paste…": "Inviu di l’appiccicu…",
+    "Your paste is <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Hit [Ctrl]+[c] to copy)</span>": "U vostru appiccicu si trova à l’indirizzu<a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Appughjate [Ctrl]+[c] per cupià u liame)</span>",
+    "Delete data": "Squassà i dati",
+    "Could not create paste: %s": "Ùn si pò micca creà l’appiccicu : %s",
+    "Cannot decrypt paste: Decryption key missing in URL (Did you use a redirector or an URL shortener which strips part of the URL?)": "Ùn si pò micca dicifrà l’appiccicu : A chjave di dicifratura hè assente in l’indirizzu. Averiate impiegatu un orientadore d’indirizzu o un riduttore chì ammuzzeghja una parte di l’indirizzu ?",
+    "B": "o",
+    "KiB": "Ko",
+    "MiB": "Mo",
+    "GiB": "Go",
+    "TiB": "To",
+    "PiB": "Po",
+    "EiB": "Eo",
+    "ZiB": "Zo",
+    "YiB": "Yo",
+    "Format": "Furmatu",
+    "Plain Text": "Testu in chjaru",
+    "Source Code": "Codice di fonte",
+    "Markdown": "Markdown",
+    "Download attachment": "Scaricà a pezza aghjunta",
+    "Cloned: '%s'": "Duppiatu : « %s »",
+    "The cloned file '%s' was attached to this paste.": "U schedariu duppiatu  « %s » hè statu aghjuntu à st’appiccicu.",
+    "Attach a file": "Aghjunghje un schedariu",
+    "alternatively drag & drop a file or paste an image from the clipboard": "in alternanza, sguillà è depone un schedariu o incullà una fiura da u preme’papei",
+    "File too large, to display a preview. Please download the attachment.": "Schedariu troppu maiò per affissà una fighjulata. Scaricate a pezza aghjunta.",
+    "Remove attachment": "Caccià a pezza aghjunta",
+    "Your browser does not support uploading encrypted files. Please use a newer browser.": "U vostru navigatore ùn accetta micca l’inviu di i schedarii cifrati. Impiegate un navigatore più recente.",
+    "Invalid attachment.": "A pezza aghjunta hè inaccettevule.",
+    "Options": "Ozzioni",
+    "Shorten URL": "Ammuzzà l’indirizzu",
+    "Editor": "Editore",
+    "Preview": "Fighjulata",
+    "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.": "%s richiede chì a variabile PATH si compii cù « %s ». Mudificate a variabile PATH in u vostru index.php.",
+    "Decrypt": "Dicifrà",
+    "Enter password": "Stampittate a parolla d’intesa",
+    "Loading…": "Caricamentu…",
+    "Decrypting paste…": "Dicifratura di l’appiccicu…",
+    "Preparing new paste…": "Approntu di u novu appiccicu…",
+    "In case this message never disappears please have a look at <a href=\"%s\">this FAQ for information to troubleshoot</a>.": "S’è stu messaghju ùn smarisce micca, lighjite <a href=\"%s\">sta FAQ per ottene infurmazioni annant’à a risuluzione di i prublemi</a>.",
+    "+++ no paste text +++": "+++ nisunu testu incullatu +++",
+    "Could not get paste data: %s": "Ùn si pò micca ottene i dati di l’appiccicu : %s",
+    "QR code": "Codice QR",
+    "This website is using an insecure HTTP connection! Please use it only for testing.": "Stu situ web impiegheghja una cunnessione HTTP non sicura ! impiegatelu solu per una prova.",
+    "For more information <a href=\"%s\">see this FAQ entry</a>.": "Per sapene di più, <a href=\"%s\">lighjite sta rubrica di a FAQ</a>.",
+    "Your browser may require an HTTPS connection to support the WebCrypto API. Try <a href=\"%s\">switching to HTTPS</a>.": "U vostru navigatore pò richiede una cunnessione HTTPS per permette l’usu di l’API WebCrypto. Pruvate di <a href=\"%s\">passà à HTTPS</a>.",
+    "Your browser doesn't support WebAssembly, used for zlib compression. You can create uncompressed documents, but can't read compressed ones.": "U vostru navigatore ùn accetta micca WebAssembly, impiegatu per a cumpressione zlib. Pudete creà ducumenti micca cumpressi, ma ùn pudete micca leghje quelli chì sò cumpressi.",
+    "waiting on user to provide a password": "in attesa di l’utilizatore per furnisce una parolla d’intesa",
+    "Could not decrypt data. Did you enter a wrong password? Retry with the button at the top.": "Ùn si pò micca dicifrà i dati. Avete stampittatu una parolla d’intesa incurretta ? Pruvate torna cù u buttone insù.",
+    "Retry": "Pruvà torna",
+    "Showing raw text…": "Affissera di u testu grossu…",
+    "Notice:": "Avertimentu :",
+    "This link will expire after %s.": "Stu liame hà da scade dopu à %s.",
+    "This link can only be accessed once, do not use back or refresh button in your browser.": "Stu liame pò esse accessu solu una volta, ùn impiegate micca i buttoni Precedente o Attualizà di u vostru navigatore.",
+    "Link:": "Liame :",
+    "Recipient may become aware of your timezone, convert time to UTC?": "U destinatariu pò cunnnosce u vostru fusu orariu. Vulete cunvertisce l’ora in u furmatu UTC ?",
+    "Use Current Timezone": "Impiegà u fusu orariu attuale",
+    "Convert To UTC": "Cunvertisce in UTC",
+    "Close": "Chjode",
+    "Encrypted note on %s": "Nota cifrata nant’à %s",
+    "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.": "Visitate stu liame per vede a nota. Date l’indirizzu à qualunque li permette d’accede à a nota dinù.",
+    "URL shortener may expose your decrypt key in URL.": "Un ammuzzatore d’indirizzu pò palisà a vostra chjave di dicifratura in l’indirizzu.",
+    "Save paste": "Arregistrà l’appiccicu",
+    "Your IP is not authorized to create pastes.": "U vostru indirizzu IP ùn hè micca auturizatu à creà l’appiccichi.",
+    "Trying to shorten a URL that isn't pointing at our instance.": "Pruvate d’ammuzzà un indirizzu web chì ùn punta micca versu a vostra instanza.",
+    "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".": "Sbagliu à a chjama di YOURLS. Seria forse una cunfigurazione gattiva, tale una \"apiurl\" o \"signature\" falsa o assente.",
+    "Error parsing YOURLS response.": "Sbagliu durante l’analisa di a risposta di YOURLS."
+}

i18n/cs.json

@@ -47,7 +47,7 @@
         "%d minutes (3rd plural)"
     ],
     "%d hours": [
-        "%d hodin",
+        "%d hodina",
         "%d hodiny",
         "%d hodin",
         "%d hours (3rd plural)"
@@ -182,8 +182,12 @@
     "Use Current Timezone": "Použít aktuální časové pásmo",
     "Convert To UTC": "Převést na UTC",
     "Close": "Zavřít",
-    "Encrypted note on PrivateBin": "Šifrovaná poznámka ve službě PrivateBin",
+    "Encrypted note on %s": "Šifrovaná poznámka ve službě %s",
     "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.": "Navštivte tento odkaz pro zobrazení poznámky. Přeposláním URL umožníte také jiným lidem přístup.",
     "URL shortener may expose your decrypt key in URL.": "Zkracovač URL může odhalit váš dešifrovací klíč v URL.",
-    "Save paste": "Uložit příspěvek"
+    "Save paste": "Uložit příspěvek",
+    "Your IP is not authorized to create pastes.": "Vaše IP adresa nemá oprávnění k vytvoření vložení.",
+    "Trying to shorten a URL that isn't pointing at our instance.": "Trying to shorten a URL that isn't pointing at our instance.",
+    "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".": "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".",
+    "Error parsing YOURLS response.": "Error parsing YOURLS response."
 }

i18n/de.json

@@ -182,8 +182,12 @@
     "Use Current Timezone": "Aktuelle Zeitzone verwenden",
     "Convert To UTC": "In UTC umwandeln",
     "Close": "Schliessen",
-    "Encrypted note on PrivateBin": "Verschlüsselte Notiz auf PrivateBin",
+    "Encrypted note on %s": "Verschlüsselte Notiz auf %s",
     "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.": "Besuche diesen Link um das Dokument zu sehen. Wird die URL an eine andere Person gegeben, so kann diese Person ebenfalls auf dieses Dokument zugreifen.",
     "URL shortener may expose your decrypt key in URL.": "Der URL-Verkürzer kann den Schlüssel in der URL enthüllen.",
-    "Save paste": "Text speichern"
+    "Save paste": "Text speichern",
+    "Your IP is not authorized to create pastes.": "Deine IP ist nicht berechtigt, Texte zu erstellen.",
+    "Trying to shorten a URL that isn't pointing at our instance.": "Versuch eine URL zu verkürzen, die nicht auf unsere Instanz zeigt.",
+    "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".": "Fehler beim Aufruf von YOURLS. Wahrscheinlich ein Konfigurationsproblem, wie eine falsche oder fehlende \"apiurl\" oder \"signature\".",
+    "Error parsing YOURLS response.": "Fehler beim Verarbeiten der YOURLS-Antwort."
 }

i18n/el.json

@@ -1,135 +1,135 @@
 {
     "PrivateBin": "PrivateBin",
-    "%s is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted %sin the browser%s using 256 bits AES.": "%s is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted %sin the browser%s using 256 bits AES.",
-    "More information on the <a href=\"https://privatebin.info/\">project page</a>.": "More information on the <a href=\"https://privatebin.info/\">project page</a>.",
-    "Because ignorance is bliss": "Because ignorance is bliss",
+    "%s is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted %sin the browser%s using 256 bits AES.": "%s είναι ένα λιτό, ανοικτού λογισμικού διαδικτυακής υπηρεσίας επικόλλησης όπου ο διακομιστής έχει πλήρη άγνια του περιεχομένου που επικολλήθηκαν. Τα Δεδομένα κρυπτογραφούνται και αποκρυπτογραφούνται %sστον φιλομετρητή (browser)%s χρησιμοποιόντας 256 bits AES.",
+    "More information on the <a href=\"https://privatebin.info/\">project page</a>.": "Περισσότερες πληροφορίες στον <a href=\"https://privatebin.info/\">ιστότοπο του εργαλείου</a>.",
+    "Because ignorance is bliss": "Επειδή η άγνοια είναι ευτυχία",
     "en": "el",
-    "Paste does not exist, has expired or has been deleted.": "Paste does not exist, has expired or has been deleted.",
-    "%s requires php %s or above to work. Sorry.": "%s requires php %s or above to work. Sorry.",
-    "%s requires configuration section [%s] to be present in configuration file.": "%s requires configuration section [%s] to be present in configuration file.",
+    "Paste does not exist, has expired or has been deleted.": "Η επικόλληση δεν υπάρχει, έληξε ή διαγράφηκε",
+    "%s requires php %s or above to work. Sorry.": "%s απαιτεί php %s ή νεότερη για να λειτουργήσει. Συγγνώμη.",
+    "%s requires configuration section [%s] to be present in configuration file.": "%s απαιτεί οι ρυθμίσεις [%s] να υπάρχουν στο αρχείο ρυθμίσεων.",
     "Please wait %d seconds between each post.": [
-        "Please wait %d second between each post. (singular)",
-        "Please wait %d seconds between each post. (1st plural)",
-        "Please wait %d seconds between each post. (2nd plural)",
-        "Please wait %d seconds between each post. (3rd plural)"
+        "Παρακαλώ περιμένετε %d δευτερόλεπτο μεταξύ κάθε επικόλλησης.",
+        "Παρακαλώ περιμένετε %d δευτερόλεπτα μεταξύ κάθε επικόλλησης.",
+        "Παρακαλώ περιμένετε %d δευτερόλεπτα μεταξύ κάθε επικόλλησης.",
+        "Παρακαλώ περιμένετε %d δευτερόλεπτα μεταξύ κάθε επικόλλησης."
     ],
-    "Paste is limited to %s of encrypted data.": "Paste is limited to %s of encrypted data.",
-    "Invalid data.": "Invalid data.",
-    "You are unlucky. Try again.": "You are unlucky. Try again.",
-    "Error saving comment. Sorry.": "Error saving comment. Sorry.",
-    "Error saving paste. Sorry.": "Error saving paste. Sorry.",
-    "Invalid paste ID.": "Invalid paste ID.",
-    "Paste is not of burn-after-reading type.": "Paste is not of burn-after-reading type.",
-    "Wrong deletion token. Paste was not deleted.": "Wrong deletion token. Paste was not deleted.",
-    "Paste was properly deleted.": "Paste was properly deleted.",
-    "JavaScript is required for %s to work. Sorry for the inconvenience.": "JavaScript is required for %s to work. Sorry for the inconvenience.",
-    "%s requires a modern browser to work.": "%s requires a modern browser to work.",
-    "New": "New",
-    "Send": "Send",
-    "Clone": "Clone",
-    "Raw text": "Raw text",
-    "Expires": "Expires",
-    "Burn after reading": "Burn after reading",
-    "Open discussion": "Open discussion",
-    "Password (recommended)": "Password (recommended)",
-    "Discussion": "Discussion",
-    "Toggle navigation": "Toggle navigation",
+    "Paste is limited to %s of encrypted data.": "Η επικόλληση είναι περιορισμένη σε %s κρυπτογραφημένων δεδομένων.",
+    "Invalid data.": "Λάθος δεδομένα.",
+    "You are unlucky. Try again.": "Ατυχήσατε. Προσπαθήστε πάλι.",
+    "Error saving comment. Sorry.": "Λάθος στην αποθήκευση του σχόλιου. Συγγνώμη.",
+    "Error saving paste. Sorry.": "Λάθος στην αποθήκευση της επικόλλησης. Συγγνώμη.",
+    "Invalid paste ID.": "Λάθος αναγνωριστικό επικόλλησης.",
+    "Paste is not of burn-after-reading type.": "Η επικόληση δεν είναι τύπου καταστροφή-μετά-το-διάβασμα.",
+    "Wrong deletion token. Paste was not deleted.": "Λάθος αναγνωριστικό διαγραφής. Η επικόλληση δεν διαγράφηκε.",
+    "Paste was properly deleted.": "Η επικόλληση διαγράφηκε επιτυχώς.",
+    "JavaScript is required for %s to work. Sorry for the inconvenience.": "Η JavaScript είναι απαραίτητη για να λειτουργήσει το %s. Συγγνώμη για την ταλαιπωρία.",
+    "%s requires a modern browser to work.": "%s απαιτεί σύγχρονο φυλλομετρητή (browser) για να λειτουργήσει.",
+    "New": "Νέο",
+    "Send": "Αποστολή",
+    "Clone": "Κλωνοποίηση",
+    "Raw text": "Κείμενο",
+    "Expires": "Λήγει",
+    "Burn after reading": "Διαγραφή μετά την ανάγνωση",
+    "Open discussion": "Ανοικτή συζήτηση",
+    "Password (recommended)": "Κωδικός (προτείνεται)",
+    "Discussion": "Συζήτηση",
+    "Toggle navigation": "Εναλλαγή πλοήγησης",
     "%d seconds": [
-        "%d second (singular)",
-        "%d seconds (1st plural)",
-        "%d seconds (2nd plural)",
-        "%d seconds (3rd plural)"
+        "%d δευτερόλεπτο",
+        "%d δευτερόλεπτα",
+        "%d δευτερόλεπτα",
+        "%d δευτερόλεπτα"
     ],
     "%d minutes": [
-        "%d minute (singular)",
-        "%d minutes (1st plural)",
-        "%d minutes (2nd plural)",
-        "%d minutes (3rd plural)"
+        "%d λεπτό",
+        "%d λεπτά",
+        "%d λεπτά",
+        "%d λεπτά"
     ],
     "%d hours": [
-        "%d hour (singular)",
-        "%d hours (1st plural)",
-        "%d hours (2nd plural)",
-        "%d hours (3rd plural)"
+        "%d ώρα",
+        "%d ώρες",
+        "%d ώρες",
+        "%d ώρες"
     ],
     "%d days": [
-        "%d day (singular)",
-        "%d days (1st plural)",
-        "%d days (2nd plural)",
-        "%d days (3rd plural)"
+        "%d ημέρα",
+        "%d ημέρες",
+        "%d ημέρες",
+        "%d ημέρες"
     ],
     "%d weeks": [
-        "%d week (singular)",
-        "%d weeks (1st plural)",
-        "%d weeks (2nd plural)",
-        "%d weeks (3rd plural)"
+        "%d εβδομάδα",
+        "%d εβδομάδες",
+        "%d εβδομάδες",
+        "%d εβδομάδες"
     ],
     "%d months": [
-        "%d month (singular)",
-        "%d months (1st plural)",
-        "%d months (2nd plural)",
-        "%d months (3rd plural)"
+        "%d μήνας",
+        "%d μήνες",
+        "%d μήνες",
+        "%d μήνες"
     ],
     "%d years": [
-        "%d year (singular)",
-        "%d years (1st plural)",
-        "%d years (2nd plural)",
-        "%d years (3rd plural)"
+        "%d χρόνο",
+        "%d χρόνια",
+        "%d χρόνια",
+        "%d χρόνια"
     ],
-    "Never": "Never",
-    "Note: This is a test service: Data may be deleted anytime. Kittens will die if you abuse this service.": "Note: This is a test service: Data may be deleted anytime. Kittens will die if you abuse this service.",
+    "Never": "Ποτέ",
+    "Note: This is a test service: Data may be deleted anytime. Kittens will die if you abuse this service.": "Σημείωση: αυτή είναι μία δοκιμαστική υπηρεσία. Τα δεδομένα μπορεί να σβηστούν ανά πάσα στιγμή.",
     "This document will expire in %d seconds.": [
-        "This document will expire in %d second. (singular)",
-        "This document will expire in %d seconds. (1st plural)",
-        "This document will expire in %d seconds. (2nd plural)",
-        "This document will expire in %d seconds. (3rd plural)"
+        "Αυτό το έγγραφο θα λήξει σε %d δευτερόλεπτο.",
+        "Αυτό το έγγραφο θα λήξει σε %d δευτερόλεπτα.",
+        "Αυτό το έγγραφο θα λήξει σε %d δευτερόλεπτα.",
+        "Αυτό το έγγραφο θα λήξει σε %d δευτερόλεπτα."
     ],
     "This document will expire in %d minutes.": [
-        "This document will expire in %d minute. (singular)",
-        "This document will expire in %d minutes. (1st plural)",
-        "This document will expire in %d minutes. (2nd plural)",
-        "This document will expire in %d minutes. (3rd plural)"
+        "Αυτό το έγγραφο θα λήξει σε %d λεπτό.",
+        "Αυτό το έγγραφο θα λήξει σε %d λεπτά.",
+        "Αυτό το έγγραφο θα λήξει σε %d λεπτά.",
+        "Αυτό το έγγραφο θα λήξει σε %d λεπτά."
     ],
     "This document will expire in %d hours.": [
-        "This document will expire in %d hour. (singular)",
-        "This document will expire in %d hours. (1st plural)",
-        "This document will expire in %d hours. (2nd plural)",
-        "This document will expire in %d hours. (3rd plural)"
+        "Αυτό το έγγραφο θα λήξει σε %d ώρα.",
+        "Αυτό το έγγραφο θα λήξει σε %d ώρες.",
+        "Αυτό το έγγραφο θα λήξει σε %d ώρες.",
+        "Αυτό το έγγραφο θα λήξει σε %d ώρες."
     ],
     "This document will expire in %d days.": [
-        "This document will expire in %d day. (singular)",
-        "This document will expire in %d days. (1st plural)",
-        "This document will expire in %d days. (2nd plural)",
-        "This document will expire in %d days. (3rd plural)"
+        "Αυτό το έγγραφο θα λήξει σε %d ημέρα.",
+        "Αυτό το έγγραφο θα λήξει σε %d ημέρες.",
+        "Αυτό το έγγραφο θα λήξει σε %d ημέρες.",
+        "Αυτό το έγγραφο θα λήξει σε %d ημέρες."
     ],
     "This document will expire in %d months.": [
-        "This document will expire in %d month. (singular)",
-        "This document will expire in %d months. (1st plural)",
-        "This document will expire in %d months. (2nd plural)",
-        "This document will expire in %d months. (3rd plural)"
+        "Αυτό το έγγραφο θα λήξει σε %d μήνα.",
+        "Αυτό το έγγραφο θα λήξει σε %d μήνες.",
+        "Αυτό το έγγραφο θα λήξει σε %d μήνες.",
+        "Αυτό το έγγραφο θα λήξει σε %d μήνες."
     ],
-    "Please enter the password for this paste:": "Please enter the password for this paste:",
-    "Could not decrypt data (Wrong key?)": "Could not decrypt data (Wrong key?)",
-    "Could not delete the paste, it was not stored in burn after reading mode.": "Could not delete the paste, it was not stored in burn after reading mode.",
-    "FOR YOUR EYES ONLY. Don't close this window, this message can't be displayed again.": "FOR YOUR EYES ONLY. Don't close this window, this message can't be displayed again.",
-    "Could not decrypt comment; Wrong key?": "Could not decrypt comment; Wrong key?",
-    "Reply": "Reply",
-    "Anonymous": "Anonymous",
-    "Avatar generated from IP address": "Avatar generated from IP address",
-    "Add comment": "Add comment",
-    "Optional nickname…": "Optional nickname…",
-    "Post comment": "Post comment",
-    "Sending comment…": "Sending comment…",
-    "Comment posted.": "Comment posted.",
-    "Could not refresh display: %s": "Could not refresh display: %s",
-    "unknown status": "unknown status",
-    "server error or not responding": "server error or not responding",
-    "Could not post comment: %s": "Could not post comment: %s",
-    "Sending paste…": "Sending paste…",
-    "Your paste is <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Hit [Ctrl]+[c] to copy)</span>": "Your paste is <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Hit [Ctrl]+[c] to copy)</span>",
-    "Delete data": "Delete data",
-    "Could not create paste: %s": "Could not create paste: %s",
-    "Cannot decrypt paste: Decryption key missing in URL (Did you use a redirector or an URL shortener which strips part of the URL?)": "Cannot decrypt paste: Decryption key missing in URL (Did you use a redirector or an URL shortener which strips part of the URL?)",
+    "Please enter the password for this paste:": "Παρακαλώ εισάγετε τον κωδικό για αυτή την επικόληση:",
+    "Could not decrypt data (Wrong key?)": "Δεν ήταν δυνατή η αποκρυπτογράφηση των δεδομένων (πιθανώς λανθασμένο κλειδί;)",
+    "Could not delete the paste, it was not stored in burn after reading mode.": "Δεν ήταν δυνατή η διαγραφή της επικόλλησης, δεν ήταν αποθηκευμένη σε μορφή διαγραφής μετά την ανάγνωση.",
+    "FOR YOUR EYES ONLY. Don't close this window, this message can't be displayed again.": "ΜΟΝΟ ΓΙΑ ΕΣΑΣ. Μην κλείσετε το αυτό το παράθυρο, αυτό το μήνυμα δεν μπορεί να εμφανιστεί ξανά.",
+    "Could not decrypt comment; Wrong key?": "Δεν ήταν δυνατή η αποκρυπτογράφηση του σχολίου. Λάθος κλειδί;",
+    "Reply": "Απάντηση",
+    "Anonymous": "Ανώνυμος",
+    "Avatar generated from IP address": "το avatar δημιουργήθηκε από τη διεύθυνση IP",
+    "Add comment": "Σχολιάστε",
+    "Optional nickname…": "Προαιρετικό ψευδώνυμο…",
+    "Post comment": "Αποστολή σχολίου",
+    "Sending comment…": "Το σχόλιο αποστέλλεται…",
+    "Comment posted.": "Το σχόλιο δημοσιεύτηκε.",
+    "Could not refresh display: %s": "Δεν ήταν δυνατή η ανανέωση της σελίδας: %s",
+    "unknown status": "άγνωστη κατάσταση",
+    "server error or not responding": "Πρόβλημα του διακομιστή ή δεν υπάρχει απάντηση",
+    "Could not post comment: %s": "Δεν ήταν δυνατή η δημοσίευση του σχολίου: %s",
+    "Sending paste…": "Η επικόλληση αποστέλλεται…",
+    "Your paste is <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Hit [Ctrl]+[c] to copy)</span>": "Η επικόλλησή σας είναι <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Πληκτρολογήστε [Ctrl]+[c] για αντιγραφή)</span>",
+    "Delete data": "Διαγραφή δεδομένων",
+    "Could not create paste: %s": "Δεν ήταν δυνατή η δημιουργία επικόλλησης: %s",
+    "Cannot decrypt paste: Decryption key missing in URL (Did you use a redirector or an URL shortener which strips part of the URL?)": "Δεν ήταν δυνατή η αποκρυπτογράφηση της επικόλλησης: Το κλειδί αποκρυπτογράφησης λείπει από τον σύνδεσμο (Μήπως χρησιμοποιήσατε ανακατεύθυνση συνδέσμου ή υπηρεσία συντόμευσης συνδέσμου;)",
     "B": "B",
     "KiB": "KiB",
     "MiB": "MiB",
@@ -139,51 +139,55 @@
     "EiB": "EiB",
     "ZiB": "ZiB",
     "YiB": "YiB",
-    "Format": "Format",
-    "Plain Text": "Plain Text",
-    "Source Code": "Source Code",
+    "Format": "Μορφοποίηση",
+    "Plain Text": "Απλό κείμενο",
+    "Source Code": "Πηγαίος Κώδικας",
     "Markdown": "Markdown",
-    "Download attachment": "Download attachment",
-    "Cloned: '%s'": "Cloned: '%s'",
-    "The cloned file '%s' was attached to this paste.": "The cloned file '%s' was attached to this paste.",
-    "Attach a file": "Attach a file",
-    "alternatively drag & drop a file or paste an image from the clipboard": "alternatively drag & drop a file or paste an image from the clipboard",
-    "File too large, to display a preview. Please download the attachment.": "File too large, to display a preview. Please download the attachment.",
-    "Remove attachment": "Remove attachment",
-    "Your browser does not support uploading encrypted files. Please use a newer browser.": "Your browser does not support uploading encrypted files. Please use a newer browser.",
-    "Invalid attachment.": "Invalid attachment.",
-    "Options": "Options",
-    "Shorten URL": "Shorten URL",
-    "Editor": "Editor",
-    "Preview": "Preview",
-    "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.": "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.",
-    "Decrypt": "Decrypt",
-    "Enter password": "Enter password",
-    "Loading…": "Loading…",
-    "Decrypting paste…": "Decrypting paste…",
-    "Preparing new paste…": "Preparing new paste…",
-    "In case this message never disappears please have a look at <a href=\"%s\">this FAQ for information to troubleshoot</a>.": "In case this message never disappears please have a look at <a href=\"%s\">this FAQ for information to troubleshoot</a>.",
-    "+++ no paste text +++": "+++ no paste text +++",
-    "Could not get paste data: %s": "Could not get paste data: %s",
-    "QR code": "QR code",
-    "This website is using an insecure HTTP connection! Please use it only for testing.": "This website is using an insecure HTTP connection! Please use it only for testing.",
-    "For more information <a href=\"%s\">see this FAQ entry</a>.": "For more information <a href=\"%s\">see this FAQ entry</a>.",
-    "Your browser may require an HTTPS connection to support the WebCrypto API. Try <a href=\"%s\">switching to HTTPS</a>.": "Your browser may require an HTTPS connection to support the WebCrypto API. Try <a href=\"%s\">switching to HTTPS</a>.",
-    "Your browser doesn't support WebAssembly, used for zlib compression. You can create uncompressed documents, but can't read compressed ones.": "Your browser doesn't support WebAssembly, used for zlib compression. You can create uncompressed documents, but can't read compressed ones.",
-    "waiting on user to provide a password": "waiting on user to provide a password",
-    "Could not decrypt data. Did you enter a wrong password? Retry with the button at the top.": "Could not decrypt data. Did you enter a wrong password? Retry with the button at the top.",
-    "Retry": "Retry",
-    "Showing raw text…": "Showing raw text…",
-    "Notice:": "Notice:",
-    "This link will expire after %s.": "This link will expire after %s.",
-    "This link can only be accessed once, do not use back or refresh button in your browser.": "This link can only be accessed once, do not use back or refresh button in your browser.",
-    "Link:": "Link:",
-    "Recipient may become aware of your timezone, convert time to UTC?": "Recipient may become aware of your timezone, convert time to UTC?",
-    "Use Current Timezone": "Use Current Timezone",
-    "Convert To UTC": "Convert To UTC",
-    "Close": "Close",
-    "Encrypted note on PrivateBin": "Encrypted note on PrivateBin",
-    "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.": "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.",
-    "URL shortener may expose your decrypt key in URL.": "URL shortener may expose your decrypt key in URL.",
-    "Save paste": "Save paste"
+    "Download attachment": "Λήψη επισυναπτόμενου",
+    "Cloned: '%s'": "Κλώνος: '%s'",
+    "The cloned file '%s' was attached to this paste.": "Το κλωνοποιημένο αρχείο '%s' επισυνάφθηκε στ αυτή την επικόλληση.",
+    "Attach a file": "Επισύναψη αρχείου",
+    "alternatively drag & drop a file or paste an image from the clipboard": "εναλλακτικά σύρετε το αρχείο ή επικολλήστε μία εικόνα από το clipboard",
+    "File too large, to display a preview. Please download the attachment.": "Πολύ μεγάλο αρχείο για προεπισκόπηση. Παρακαλώ κατεβάστε το επισυναπτόμενο.",
+    "Remove attachment": "Αφαίρεση επισυναπτόμενου",
+    "Your browser does not support uploading encrypted files. Please use a newer browser.": "Ο φυλλομετρητής (browser) σας δεν υποστηρίζει κρυπτογραφημένα αρχεία. Παρακαλώ χρησιμοποιήστε νεότερο φιλομετρητή.",
+    "Invalid attachment.": "Λάθος επισυναπτόμενο.",
+    "Options": "Επιλογές",
+    "Shorten URL": "Συντόμευση σύνδεσμου",
+    "Editor": "Διορθωτής",
+    "Preview": "Προεπισκόπηση",
+    "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.": "%s απαιτεί το PATH να τελειώνει σε \"%s\". Παρακαλώ ενημερώστε το PATH στο index.php σας.",
+    "Decrypt": "Αποκρυπτογράφηση",
+    "Enter password": "Εισαγωγή κωδικού",
+    "Loading…": "Φόρτωση…",
+    "Decrypting paste…": "Η επικόλληση αποκρυπτογραφείται…",
+    "Preparing new paste…": "Προετοιμασία νέας επικόλλησης…",
+    "In case this message never disappears please have a look at <a href=\"%s\">this FAQ for information to troubleshoot</a>.": "Σε περίπτωση που αυτό το μήνυμα δεν εξαφανίζεται παρακαλώ κοιτάξτε στις <a href=\"%s\">Ερωταποκρίσεις για πληροφορίες στην αντιμετώπιση προβλημάτων</a>.",
+    "+++ no paste text +++": "+++ Δεν υπάρχει επικόλληση +++",
+    "Could not get paste data: %s": "Δεν ήταν δυνατή η λήψη της επικόλλησης: %s",
+    "QR code": "QR εικονοστοιχειοσειρά",
+    "This website is using an insecure HTTP connection! Please use it only for testing.": "Αυτός ο ιστότοπος χρησιμοποιεί μη ασφαλή HTTP σύνδεση! Παρακαλώ χρησιμοποιήστε το μόνο δοκιμαστικά.",
+    "For more information <a href=\"%s\">see this FAQ entry</a>.": "Για περισσότερες πληροφορίες <a href=\"%s\">δείτε τις ερωταπαντήσεις</a>.",
+    "Your browser may require an HTTPS connection to support the WebCrypto API. Try <a href=\"%s\">switching to HTTPS</a>.": "Ο φυλλομετρητής σας μπορεί να απαιτεί HTTPS σύνδεση για να υποστηρίξει το WebCrypto API. Δοκιμάστε <a href=\"%s\">το HTTPS</a>.",
+    "Your browser doesn't support WebAssembly, used for zlib compression. You can create uncompressed documents, but can't read compressed ones.": "Ο φυλλομετρητής σας δεν υποστηρίζει WebAssembly, που χρησιμοποιήθηκε για zlib συμπίεση. Μπορείτε να δημιουργήσετε ασυμπίεστα αρχεία αλλά δεν μπορείτε να διαβάσετε συμπιεσμένα.",
+    "waiting on user to provide a password": "Αναμονή ο χρήστης να δώσει τον κωδικό",
+    "Could not decrypt data. Did you enter a wrong password? Retry with the button at the top.": "Δεν ήταν δυνατή η αποκρυπτογράφηση των δεδομένων. Μήπως εισάγατε λάθος κωδικό; Προσπαθήστε με το κουμπί στο επάνω μέρος.",
+    "Retry": "Επαναπροσπάθεια",
+    "Showing raw text…": "Προβολή κειμένου…",
+    "Notice:": "Επισήμανση:",
+    "This link will expire after %s.": "Ο σύνδεσμος θα λήξει σε %s.",
+    "This link can only be accessed once, do not use back or refresh button in your browser.": "Αυτός ο σύνδεσμος μπορεί να προσπελαστεί μόνο μία φορά, μην χρησιμοποιήσετε το κουμπί επιστροφή ή ανανέωση στον φυλλομετρητή σας.",
+    "Link:": "Σύνδεσμος:",
+    "Recipient may become aware of your timezone, convert time to UTC?": "Ο παραλήπτης μπορεί να αναγνωρίσει τη ζώνη ώρας σας, θέλετε μετατροπή της ώρας σε UTC;",
+    "Use Current Timezone": "Χρήση τρέχουσας ζώνης ώρας",
+    "Convert To UTC": "Μετατροπή σε UTC",
+    "Close": "Κλείσιμο",
+    "Encrypted note on %s": "Κρυπτογραφημένο μήνυμα από το %s",
+    "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.": "Επισκεφτείτε αυτόν τον σύνδεσμο για να δείτε το μήνυμα. Δίνοντας τον σύνδεσμο σε οποιονδήποτε, του επιτρέπετε να επισκεφτεί το μήνυμα επίσης.",
+    "URL shortener may expose your decrypt key in URL.": "Συντομευτές συνδέσμων πιθανώς να δημοσιοποιήσουν το κλειδί αποκρυπτογράφισης στον σύνδεσμο.",
+    "Save paste": "Αποθήκευση επικόλλησης",
+    "Your IP is not authorized to create pastes.": "Η IP σας δεν επιτρέπεται να δημιουργεί επικολλήσεις.",
+    "Trying to shorten a URL that isn't pointing at our instance.": "Trying to shorten a URL that isn't pointing at our instance.",
+    "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".": "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".",
+    "Error parsing YOURLS response.": "Error parsing YOURLS response."
 }

i18n/en.json

@@ -182,8 +182,12 @@
     "Use Current Timezone": "Use Current Timezone",
     "Convert To UTC": "Convert To UTC",
     "Close": "Close",
-    "Encrypted note on PrivateBin": "Encrypted note on PrivateBin",
+    "Encrypted note on %s": "Encrypted note on %s",
     "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.": "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.",
     "URL shortener may expose your decrypt key in URL.": "URL shortener may expose your decrypt key in URL.",
-    "Save paste": "Save paste"
+    "Save paste": "Save paste",
+    "Your IP is not authorized to create pastes.": "Your IP is not authorized to create pastes.",
+    "Trying to shorten a URL that isn't pointing at our instance.": "Trying to shorten a URL that isn't pointing at our instance.",
+    "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".": "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".",
+    "Error parsing YOURLS response.": "Error parsing YOURLS response."
 }

i18n/es.json

@@ -2,7 +2,7 @@
     "PrivateBin": "PrivateBin",
     "%s is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted %sin the browser%s using 256 bits AES.": "%s es un \"pastebin\" en línea minimalista de código abierto, donde el servidor no tiene ningún conocimiento de los datos guardados. Los datos son cifrados/descifrados %sen el navegador%s usando 256 bits AES.",
     "More information on the <a href=\"https://privatebin.info/\">project page</a>.": "Más información en la <a href=\"https://privatebin.info/\">página del proyecto</a>.",
-    "Because ignorance is bliss": "Porque la ignorancia es dicha",
+    "Because ignorance is bliss": "Porque la ignorancia es felicidad",
     "en": "es",
     "Paste does not exist, has expired or has been deleted.": "El \"paste\" no existe, ha caducado o ha sido eliminado.",
     "%s requires php %s or above to work. Sorry.": "%s requiere php %s o superior para funcionar. Lo siento.",
@@ -182,8 +182,12 @@
     "Use Current Timezone": "Usar Zona Horaria Actual",
     "Convert To UTC": "Convertir A UTC",
     "Close": "Cerrar",
-    "Encrypted note on PrivateBin": "Nota cifrada en PrivateBin",
+    "Encrypted note on %s": "Nota cifrada en %s",
     "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.": "Visite este enlace para ver la nota. Dar la URL a cualquier persona también les permite acceder a la nota.",
     "URL shortener may expose your decrypt key in URL.": "El acortador de URL puede exponer su clave de descifrado en el URL.",
-    "Save paste": "Guardar \"paste\""
+    "Save paste": "Guardar \"paste\"",
+    "Your IP is not authorized to create pastes.": "Tu IP no está autorizada para crear contenido.",
+    "Trying to shorten a URL that isn't pointing at our instance.": "Trying to shorten a URL that isn't pointing at our instance.",
+    "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".": "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".",
+    "Error parsing YOURLS response.": "Error parsing YOURLS response."
 }

i18n/et.json

@@ -182,8 +182,12 @@
     "Use Current Timezone": "Kasuta praegust ajavööndit",
     "Convert To UTC": "Teisenda UTC-ks",
     "Close": "Sulge",
-    "Encrypted note on PrivateBin": "Krüpteeritud kiri PrivateBin-is",
+    "Encrypted note on %s": "Krüpteeritud kiri %s-is",
     "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.": "Kirja nägemiseks külasta seda linki. Teistele URL-i andmine lubab ka neil ligi pääseda kirjale.",
     "URL shortener may expose your decrypt key in URL.": "URL-i lühendaja võib paljastada sinu dekrüpteerimisvõtme URL-is.",
-    "Save paste": "Salvesta kleebe"
+    "Save paste": "Salvesta kleebe",
+    "Your IP is not authorized to create pastes.": "Your IP is not authorized to create pastes.",
+    "Trying to shorten a URL that isn't pointing at our instance.": "Trying to shorten a URL that isn't pointing at our instance.",
+    "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".": "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".",
+    "Error parsing YOURLS response.": "Error parsing YOURLS response."
 }

i18n/fi.json

@@ -15,11 +15,11 @@
     ],
     "Paste is limited to %s of encrypted data.": "Paste on rajoitettu kokoon %s salattua dataa.",
     "Invalid data.": "Virheellinen data.",
-    "You are unlucky. Try again.": "Olet epäonnekas. Yritä uudelleen",
+    "You are unlucky. Try again.": "Olet epäonnekas. Yritä uudelleen.",
     "Error saving comment. Sorry.": "Virhe kommenttia tallentaessa. Anteeksi.",
     "Error saving paste. Sorry.": "Virhe pastea tallentaessa. Anteeksi.",
     "Invalid paste ID.": "Virheellinen paste ID.",
-    "Paste is not of burn-after-reading type.": "Paste ei ole polta-lukemisen-jälkeen-tyyppiä",
+    "Paste is not of burn-after-reading type.": "Paste ei ole polta-lukemisen-jälkeen-tyyppiä.",
     "Wrong deletion token. Paste was not deleted.": "Virheellinen poistotunniste. Pastea ei poistettu.",
     "Paste was properly deleted.": "Paste poistettiin kunnolla.",
     "JavaScript is required for %s to work. Sorry for the inconvenience.": "JavaScriptiä tarvitaan jotta %s toimisi. Anteeksi haitasta.",
@@ -182,8 +182,12 @@
     "Use Current Timezone": "Käytä nykyistä aikavyöhykettä",
     "Convert To UTC": "Muuta UTC:ksi",
     "Close": "Sulje",
-    "Encrypted note on PrivateBin": "Salattu viesti PrivateBinissä",
+    "Encrypted note on %s": "Salattu viesti %sissä",
     "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.": "Käy tässä linkissä nähdäksesi viestin. URL:n antaminen kenellekään antaa heidänkin päästä katsomeen viestiä. ",
     "URL shortener may expose your decrypt key in URL.": "URL-lyhentäjä voi paljastaa purkuavaimesi URL:ssä.",
-    "Save paste": "Tallenna paste"
+    "Save paste": "Tallenna paste",
+    "Your IP is not authorized to create pastes.": "IP:llesi ei ole annettu oikeutta luoda pasteja.",
+    "Trying to shorten a URL that isn't pointing at our instance.": "Trying to shorten a URL that isn't pointing at our instance.",
+    "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".": "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".",
+    "Error parsing YOURLS response.": "Error parsing YOURLS response."
 }

i18n/fr.json

@@ -2,7 +2,7 @@
     "PrivateBin": "PrivateBin",
     "%s is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted %sin the browser%s using 256 bits AES.": "%s est un 'pastebin' (ou gestionnaire d'extraits de texte et de code source) minimaliste et open source, dans lequel le serveur n'a aucune connaissance des données envoyées. Les données sont chiffrées/déchiffrées %sdans le navigateur%s par un chiffrement AES 256 bits.",
     "More information on the <a href=\"https://privatebin.info/\">project page</a>.": "Plus d'informations sur <a href=\"https://privatebin.info/\">la page du projet</a>.",
-    "Because ignorance is bliss": "Parce que l'ignorance c'est le bonheur",
+    "Because ignorance is bliss": "Vivons heureux, vivons cachés",
     "en": "fr",
     "Paste does not exist, has expired or has been deleted.": "Le paste n'existe pas, a expiré, ou a été supprimé.",
     "%s requires php %s or above to work. Sorry.": "Désolé, %s nécessite php %s ou supérieur pour fonctionner.",
@@ -182,8 +182,12 @@
     "Use Current Timezone": "Conserver l'actuel",
     "Convert To UTC": "Convertir en UTC",
     "Close": "Fermer",
-    "Encrypted note on PrivateBin": "Message chiffré sur PrivateBin",
+    "Encrypted note on %s": "Message chiffré sur %s",
     "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.": "Visiter ce lien pour voir la note. Donner l'URL à une autre personne lui permet également d'accéder à la note.",
     "URL shortener may expose your decrypt key in URL.": "Raccourcir l'URL peut exposer votre clé de déchiffrement dans l'URL.",
-    "Save paste": "Sauver le paste"
+    "Save paste": "Sauver le paste",
+    "Your IP is not authorized to create pastes.": "Votre adresse IP n'est pas autorisée à créer des pastes.",
+    "Trying to shorten a URL that isn't pointing at our instance.": "Trying to shorten a URL that isn't pointing at our instance.",
+    "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".": "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".",
+    "Error parsing YOURLS response.": "Error parsing YOURLS response."
 }

i18n/he.json

@@ -182,8 +182,12 @@
     "Use Current Timezone": "להשתמש באזור הזמן הנוכחי",
     "Convert To UTC": "המרה ל־UTC",
     "Close": "סגירה",
-    "Encrypted note on PrivateBin": "הערה מוצפנת ב־PrivateBin",
+    "Encrypted note on %s": "%sהערה מוצפנת ב־",
     "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.": "נא לבקר בקישור כדי לצפות בהערה. מסירת הקישור לאנשים כלשהם תאפשר גם להם לגשת להערה.",
     "URL shortener may expose your decrypt key in URL.": "URL shortener may expose your decrypt key in URL.",
-    "Save paste": "Save paste"
+    "Save paste": "Save paste",
+    "Your IP is not authorized to create pastes.": "Your IP is not authorized to create pastes.",
+    "Trying to shorten a URL that isn't pointing at our instance.": "Trying to shorten a URL that isn't pointing at our instance.",
+    "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".": "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".",
+    "Error parsing YOURLS response.": "Error parsing YOURLS response."
 }

i18n/hi.json

@@ -182,8 +182,12 @@
     "Use Current Timezone": "Use Current Timezone",
     "Convert To UTC": "Convert To UTC",
     "Close": "Close",
-    "Encrypted note on PrivateBin": "Encrypted note on PrivateBin",
+    "Encrypted note on %s": "Encrypted note on %s",
     "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.": "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.",
     "URL shortener may expose your decrypt key in URL.": "URL shortener may expose your decrypt key in URL.",
-    "Save paste": "Save paste"
+    "Save paste": "Save paste",
+    "Your IP is not authorized to create pastes.": "Your IP is not authorized to create pastes.",
+    "Trying to shorten a URL that isn't pointing at our instance.": "Trying to shorten a URL that isn't pointing at our instance.",
+    "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".": "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".",
+    "Error parsing YOURLS response.": "Error parsing YOURLS response."
 }

i18n/hu.json

@@ -182,8 +182,12 @@
     "Use Current Timezone": "Az aktuális időzóna használata",
     "Convert To UTC": "Átalakítás UTC időzónára",
     "Close": "Bezárás",
-    "Encrypted note on PrivateBin": "Titkosított jegyzet a PrivateBinen",
+    "Encrypted note on %s": "Titkosított jegyzet a %s",
     "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.": "Látogasd meg ezt a hivatkozást a bejegyzés megtekintéséhez. Ha mások számára is megadod ezt a linket, azzal hozzáférnek ők is.",
     "URL shortener may expose your decrypt key in URL.": "URL shortener may expose your decrypt key in URL.",
-    "Save paste": "Save paste"
+    "Save paste": "Save paste",
+    "Your IP is not authorized to create pastes.": "Your IP is not authorized to create pastes.",
+    "Trying to shorten a URL that isn't pointing at our instance.": "Trying to shorten a URL that isn't pointing at our instance.",
+    "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".": "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".",
+    "Error parsing YOURLS response.": "Error parsing YOURLS response."
 }

i18n/id.json

@@ -182,8 +182,12 @@
     "Use Current Timezone": "Gunakan Zonawaktu Saat Ini",
     "Convert To UTC": "Konversi Ke UTC",
     "Close": "Tutup",
-    "Encrypted note on PrivateBin": "Catatan ter-ekrip di PrivateBin",
+    "Encrypted note on %s": "Catatan ter-ekrip di %s",
     "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.": "Kunjungi tautan ini untuk melihat catatan. Memberikan alamat URL pada siapapun juga, akan mengizinkan mereka untuk mengakses catatan, so pasti gitu loh Kaka.",
     "URL shortener may expose your decrypt key in URL.": "Pemendek URL mungkin akan menampakkan kunci dekrip Anda dalam URL.",
-    "Save paste": "Simpan paste"
+    "Save paste": "Simpan paste",
+    "Your IP is not authorized to create pastes.": "Your IP is not authorized to create pastes.",
+    "Trying to shorten a URL that isn't pointing at our instance.": "Trying to shorten a URL that isn't pointing at our instance.",
+    "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".": "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".",
+    "Error parsing YOURLS response.": "Error parsing YOURLS response."
 }

i18n/it.json

@@ -182,8 +182,12 @@
     "Use Current Timezone": "Usa Fuso Orario Corrente",
     "Convert To UTC": "Converti a UTC",
     "Close": "Chiudi",
-    "Encrypted note on PrivateBin": "Nota crittografata su PrivateBin",
+    "Encrypted note on %s": "Nota crittografata su %s",
     "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.": "Visita questo collegamento per vedere la nota. Dare l'URL a chiunque consente anche a loro di accedere alla nota.",
     "URL shortener may expose your decrypt key in URL.": "URL shortener può esporre la tua chiave decrittografata nell'URL.",
-    "Save paste": "Salva il messagio"
+    "Save paste": "Salva il messagio",
+    "Your IP is not authorized to create pastes.": "Il tuo IP non è autorizzato a creare dei messaggi.",
+    "Trying to shorten a URL that isn't pointing at our instance.": "Trying to shorten a URL that isn't pointing at our instance.",
+    "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".": "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".",
+    "Error parsing YOURLS response.": "Error parsing YOURLS response."
 }

i18n/ja.json

@@ -182,8 +182,12 @@
     "Use Current Timezone": "Use Current Timezone",
     "Convert To UTC": "Convert To UTC",
     "Close": "Close",
-    "Encrypted note on PrivateBin": "Encrypted note on PrivateBin",
+    "Encrypted note on %s": "Encrypted note on %s",
     "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.": "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.",
     "URL shortener may expose your decrypt key in URL.": "URL shortener may expose your decrypt key in URL.",
-    "Save paste": "Save paste"
+    "Save paste": "Save paste",
+    "Your IP is not authorized to create pastes.": "Your IP is not authorized to create pastes.",
+    "Trying to shorten a URL that isn't pointing at our instance.": "Trying to shorten a URL that isn't pointing at our instance.",
+    "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".": "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".",
+    "Error parsing YOURLS response.": "Error parsing YOURLS response."
 }

i18n/jbo.json

@@ -182,8 +182,12 @@
     "Use Current Timezone": "Use Current Timezone",
     "Convert To UTC": "galfi lo cabni la utc",
     "Close": "ganlo",
-    "Encrypted note on PrivateBin": ".i lo lo notci ku mifra cu zvati sivlolnitvanku'a",
+    "Encrypted note on %s": ".i lo lo notci ku mifra cu zvati %s",
     "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.": "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.",
     "URL shortener may expose your decrypt key in URL.": "URL shortener may expose your decrypt key in URL.",
-    "Save paste": "rejgau fukpi"
+    "Save paste": "rejgau fukpi",
+    "Your IP is not authorized to create pastes.": "Your IP is not authorized to create pastes.",
+    "Trying to shorten a URL that isn't pointing at our instance.": "Trying to shorten a URL that isn't pointing at our instance.",
+    "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".": "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".",
+    "Error parsing YOURLS response.": "Error parsing YOURLS response."
 }

i18n/ku.json

@@ -182,8 +182,12 @@
     "Use Current Timezone": "Use Current Timezone",
     "Convert To UTC": "Convert To UTC",
     "Close": "Close",
-    "Encrypted note on PrivateBin": "Encrypted note on PrivateBin",
+    "Encrypted note on %s": "Encrypted note on %s",
     "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.": "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.",
     "URL shortener may expose your decrypt key in URL.": "URL shortener may expose your decrypt key in URL.",
-    "Save paste": "Save paste"
+    "Save paste": "Save paste",
+    "Your IP is not authorized to create pastes.": "Your IP is not authorized to create pastes.",
+    "Trying to shorten a URL that isn't pointing at our instance.": "Trying to shorten a URL that isn't pointing at our instance.",
+    "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".": "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".",
+    "Error parsing YOURLS response.": "Error parsing YOURLS response."
 }

i18n/la.json

@@ -182,8 +182,12 @@
     "Use Current Timezone": "Use Current Timezone",
     "Convert To UTC": "Convert To UTC",
     "Close": "Close",
-    "Encrypted note on PrivateBin": "Encrypted note on PrivateBin",
+    "Encrypted note on %s": "Encrypted note on %s",
     "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.": "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.",
     "URL shortener may expose your decrypt key in URL.": "URL shortener may expose your decrypt key in URL.",
-    "Save paste": "Save paste"
+    "Save paste": "Save paste",
+    "Your IP is not authorized to create pastes.": "Your IP is not authorized to create pastes.",
+    "Trying to shorten a URL that isn't pointing at our instance.": "Trying to shorten a URL that isn't pointing at our instance.",
+    "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".": "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".",
+    "Error parsing YOURLS response.": "Error parsing YOURLS response."
 }

i18n/lt.json

@@ -182,8 +182,12 @@
     "Use Current Timezone": "Naudoti esamą laiko juostą",
     "Convert To UTC": "Konvertuoti į UTC",
     "Close": "Užverti",
-    "Encrypted note on PrivateBin": "Šifruoti užrašai ties PrivateBin",
+    "Encrypted note on %s": "Šifruoti užrašai ties %s",
     "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.": "Norėdami matyti užrašus, aplankykite šį tinklalapį. Pasidalinus šiuo URL adresu su kitais žmonėmis, jiems taip pat bus leidžiama prieiga prie šių užrašų.",
     "URL shortener may expose your decrypt key in URL.": "URL trumpinimo įrankis gali atskleisti URL adrese jūsų iššifravimo raktą.",
-    "Save paste": "Įrašyti įdėjimą"
+    "Save paste": "Įrašyti įdėjimą",
+    "Your IP is not authorized to create pastes.": "Jūsų IP adresas neturi įgaliojimų kurti įdėjimų.",
+    "Trying to shorten a URL that isn't pointing at our instance.": "Bandoma sutrumpinti URL adresą, kuris nenurodo į mūsų egzempliorių.",
+    "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".": "Klaida iškviečiant YOURLS. Tikriausiai, konfigūracijos klaida, pavyzdžiui, neteisingi „apiurl“ ar „signature“, arba jų nėra.",
+    "Error parsing YOURLS response.": "Klaida nagrinėjant YOURLS atsaką."
 }

i18n/nl.json

@@ -1,10 +1,10 @@
 {
     "PrivateBin": "PrivateBin",
-    "%s is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted %sin the browser%s using 256 bits AES.": "%s is een minimalistische, open source online pastebin waarbij de server geen kennis heeft van de geplakte gegevens. Gegevens worden gecodeerd/gedecodeerd %s in de browser %s met behulp van 256 bits AES.",
+    "%s is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted %sin the browser%s using 256 bits AES.": "%s is een minimalistische, open source online pastebin waarbij de server geen kennis heeft van de paste data zelf. Gegevens worden gecodeerd/gedecodeerd %s in de browser %s met behulp van 256-bits AES.",
     "More information on the <a href=\"https://privatebin.info/\">project page</a>.": "Meer informatie is te vinden op de <a href=\"https://privatebin.info/\">projectpagina</a>.",
     "Because ignorance is bliss": "Onwetendheid is een zegen",
     "en": "nl",
-    "Paste does not exist, has expired or has been deleted.": "Geplakte tekst bestaat niet, is verlopen of verwijderd.",
+    "Paste does not exist, has expired or has been deleted.": "Paste bestaat niet, is verlopen of verwijderd.",
     "%s requires php %s or above to work. Sorry.": "%s vereist PHP %s of hoger om te kunnen werken. Sorry",
     "%s requires configuration section [%s] to be present in configuration file.": "%s vereist dat de configuratiesectie [%s] aanwezig is in het configuratiebestand",
     "Please wait %d seconds between each post.": [
@@ -13,20 +13,20 @@
         "Alstublieft %d seconden wachten tussen elk bericht.",
         "Alstublieft %d seconden wachten tussen elk bericht."
     ],
-    "Paste is limited to %s of encrypted data.": "Geplakte tekst is beperkt tot %s aan versleutelde gegevens",
-    "Invalid data.": "Ongeldige gegevens",
-    "You are unlucky. Try again.": "Helaas. Probeer het nog eens",
+    "Paste is limited to %s of encrypted data.": "Paste is beperkt tot %s aan versleutelde gegevens.",
+    "Invalid data.": "Ongeldige gegevens.",
+    "You are unlucky. Try again.": "Helaas. Probeer het nog eens.",
     "Error saving comment. Sorry.": "Fout bij het opslaan van het commentaar. Sorry",
-    "Error saving paste. Sorry.": "Fout bij het opslaan van de geplakte tekst. Sorry.",
+    "Error saving paste. Sorry.": "Fout bij het opslaan van de paste. Sorry.",
     "Invalid paste ID.": "Ongeldige ID.",
-    "Paste is not of burn-after-reading type.": "Geplakte tekst is geen 'vernietig na lezen' type",
-    "Wrong deletion token. Paste was not deleted.": "Foutieve verwijdercode. Geplakte tekst is niet verwijderd.",
-    "Paste was properly deleted.": "Geplakte tekst is correct verwijderd.",
+    "Paste is not of burn-after-reading type.": "Paste is geen 'vernietig na lezen' type.",
+    "Wrong deletion token. Paste was not deleted.": "Foutieve verwijdercode. Paste is niet verwijderd.",
+    "Paste was properly deleted.": "Paste is correct verwijderd.",
     "JavaScript is required for %s to work. Sorry for the inconvenience.": "JavaScript vereist om %s te laten werken. Sorry voor het ongemak.",
-    "%s requires a modern browser to work.": "%s vereist een moderne browser om te kunnen werken ",
+    "%s requires a modern browser to work.": "%s vereist een moderne browser om te kunnen werken.",
     "New": "Nieuw",
     "Send": "Verzenden",
-    "Clone": "Clonen",
+    "Clone": "Klonen",
     "Raw text": "Onbewerkte tekst",
     "Expires": "Verloopt",
     "Burn after reading": "Vernietig na lezen",
@@ -35,7 +35,7 @@
     "Discussion": "Discussie",
     "Toggle navigation": "Navigatie openen/sluiten",
     "%d seconds": [
-        "%d second",
+        "%d seconde",
         "%d seconden",
         "%d seconds (2nd plural)",
         "%d seconds (3rd plural)"
@@ -72,14 +72,14 @@
     ],
     "%d years": [
         "%d jaar",
-        "%d jaaren",
+        "%d jaren",
         "%d years (2nd plural)",
         "%d years (3rd plural)"
     ],
     "Never": "Nooit",
-    "Note: This is a test service: Data may be deleted anytime. Kittens will die if you abuse this service.": "Opmerking: Dit is een testservice: Gegevens kunnen op elk gegeven moment verwijderd worden.",
+    "Note: This is a test service: Data may be deleted anytime. Kittens will die if you abuse this service.": "Opmerking: Dit is een testservice: Gegevens kunnen op elk gegeven moment verwijderd worden. Katten zullen doodgaan als je misbruikt maakt van deze service.",
     "This document will expire in %d seconds.": [
-        "Dit document verloopt over %d second.",
+        "Dit document verloopt over %d seconde.",
         "Dit document verloopt over %d seconden.",
         "Dit document verloopt over %d seconden.",
         "Dit document verloopt over %d seconden."
@@ -108,14 +108,14 @@
         "Dit document verloopt over %d maanden.",
         "Dit document verloopt over %d maanden."
     ],
-    "Please enter the password for this paste:": "Voer het wachtwoord in voor deze  geplakte tekst:",
+    "Please enter the password for this paste:": "Voer het wachtwoord in voor deze paste:",
     "Could not decrypt data (Wrong key?)": "Kon de gegevens niet decoderen (verkeerde sleutel?)",
-    "Could not delete the paste, it was not stored in burn after reading mode.": "Verwijderen van de geplakte tekst niet mogelijk, deze werd niet opgeslagen in 'vernietig na lezen' modus.",
-    "FOR YOUR EYES ONLY. Don't close this window, this message can't be displayed again.": "FOR YOUR EYES ONLY. Sluit dit venster niet, dit bericht kan niet opnieuw worden weergegeven.",
+    "Could not delete the paste, it was not stored in burn after reading mode.": "Verwijderen van de paste niet mogelijk, deze werd niet opgeslagen in 'vernietig na lezen' modus.",
+    "FOR YOUR EYES ONLY. Don't close this window, this message can't be displayed again.": "ALLEEN VOOR JOUW OGEN BESTEMD. Sluit dit venster niet, dit bericht kan niet opnieuw worden weergegeven.",
     "Could not decrypt comment; Wrong key?": "Kon het commentaar niet decoderen; Verkeerde sleutel?",
     "Reply": "Beantwoorden",
     "Anonymous": "Anoniem",
-    "Avatar generated from IP address": "Anonieme avatar (van het IP adres)",
+    "Avatar generated from IP address": "Anonieme avatar (van het IP-adres)",
     "Add comment": "Commentaar toevoegen",
     "Optional nickname…": "Optionele bijnaam…",
     "Post comment": "Plaats een commentaar",
@@ -125,11 +125,11 @@
     "unknown status": "Onbekende status",
     "server error or not responding": "Serverfout of server reageert niet",
     "Could not post comment: %s": "Kon het commentaar niet plaatsen: %s",
-    "Sending paste…": "Geplakte tekst verzenden…",
-    "Your paste is <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Hit [Ctrl]+[c] to copy)</span>": "Uw geplakte tekst is <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Druk [Ctrl]+[c] om te kopiëren)</span>",
+    "Sending paste…": "Paste verzenden…",
+    "Your paste is <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Hit [Ctrl]+[c] to copy)</span>": "Je paste is <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Druk [Ctrl]+[c] om te kopiëren)</span>",
     "Delete data": "Gegevens wissen",
-    "Could not create paste: %s": "Kon de geplakte tekst niet aanmaken: %s",
-    "Cannot decrypt paste: Decryption key missing in URL (Did you use a redirector or an URL shortener which strips part of the URL?)": "Kon de  geplakte tekst niet decoderen: Decoderingssleutel ontbreekt in URL (Hebt u een redirector of een URL-verkorter gebruikt die een deel van de URL verwijdert?)",
+    "Could not create paste: %s": "Kon de paste niet aanmaken: %s",
+    "Cannot decrypt paste: Decryption key missing in URL (Did you use a redirector or an URL shortener which strips part of the URL?)": "Kon de paste niet decoderen: Decoderingssleutel ontbreekt in URL (Heb je een redirector of een URL-verkorter gebruikt die een deel van de URL verwijdert?)",
     "B": "B",
     "KiB": "KiB",
     "MiB": "MiB",
@@ -145,45 +145,49 @@
     "Markdown": "Markdown",
     "Download attachment": "Bijlage downloaden",
     "Cloned: '%s'": "Gekloond: '%s'",
-    "The cloned file '%s' was attached to this paste.": "Het gekloonde bestand '%s' is bijgevoegd aan de geplakte tekst.",
+    "The cloned file '%s' was attached to this paste.": "Het gekloonde bestand '%s' is bijgevoegd aan de paste.",
     "Attach a file": "Een bestand toevoegen",
-    "alternatively drag & drop a file or paste an image from the clipboard": "U kunt ook een bestand slepen en neerzetten of een afbeelding plakken van het klembord",
-    "File too large, to display a preview. Please download the attachment.": "Het bestand is te groot om voorbeeld weer te geven. Aub de bijlage downloaden",
+    "alternatively drag & drop a file or paste an image from the clipboard": "Je kunt ook een bestand slepen en neerzetten of een afbeelding plakken van het klembord",
+    "File too large, to display a preview. Please download the attachment.": "Het bestand is te groot om voorbeeld weer te geven. Aub de bijlage downloaden.",
     "Remove attachment": "Bijlage verwijderen",
-    "Your browser does not support uploading encrypted files. Please use a newer browser.": "Uw browser biedt geen ondersteuning voor het uploaden van gecodeerde bestanden. Gebruik alstublieft een nieuwere browser",
-    "Invalid attachment.": "Ongeldige bijlage",
+    "Your browser does not support uploading encrypted files. Please use a newer browser.": "Je browser biedt geen ondersteuning voor het uploaden van gecodeerde bestanden. Gebruik alstublieft een nieuwere browser.",
+    "Invalid attachment.": "Ongeldige bijlage.",
     "Options": "Opties",
     "Shorten URL": "URL verkorten",
     "Editor": "Editor",
     "Preview": "Preview",
-    "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.": "%s vereist dat het PATH eindigt in een '%s'. Aub het PATH updaten in uw index.php.",
+    "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.": "%s vereist dat PATH eindigt in een '%s'. a.u.b. PATH updaten in je index.php.",
     "Decrypt": "Decoderen",
     "Enter password": "Voer het wachtwoord in",
     "Loading…": "Laden…",
-    "Decrypting paste…": "Geplakte tekst decoderen…",
-    "Preparing new paste…": "Nieuwe geplakte tekst voorbereiden…",
-    "In case this message never disappears please have a look at <a href=\"%s\">this FAQ for information to troubleshoot</a>.": "In het geval dat dit bericht nooit verdwijnt, kijkt u dan eens naar <a href=\"%s\"> veelgestelde vragen voor informatie over het oplossen van problemen </a>.",
-    "+++ no paste text +++": "+++ geen geplakte tekst +++",
-    "Could not get paste data: %s": "Could not get paste data: %s",
-    "QR code": "QR code",
-    "This website is using an insecure HTTP connection! Please use it only for testing.": "This website is using an insecure HTTP connection! Please use it only for testing.",
-    "For more information <a href=\"%s\">see this FAQ entry</a>.": "For more information <a href=\"%s\">see this FAQ entry</a>.",
-    "Your browser may require an HTTPS connection to support the WebCrypto API. Try <a href=\"%s\">switching to HTTPS</a>.": "Your browser may require an HTTPS connection to support the WebCrypto API. Try <a href=\"%s\">switching to HTTPS</a>.",
-    "Your browser doesn't support WebAssembly, used for zlib compression. You can create uncompressed documents, but can't read compressed ones.": "Your browser doesn't support WebAssembly, used for zlib compression. You can create uncompressed documents, but can't read compressed ones.",
-    "waiting on user to provide a password": "waiting on user to provide a password",
-    "Could not decrypt data. Did you enter a wrong password? Retry with the button at the top.": "Could not decrypt data. Did you enter a wrong password? Retry with the button at the top.",
-    "Retry": "Retry",
-    "Showing raw text…": "Showing raw text…",
-    "Notice:": "Notice:",
-    "This link will expire after %s.": "This link will expire after %s.",
-    "This link can only be accessed once, do not use back or refresh button in your browser.": "This link can only be accessed once, do not use back or refresh button in your browser.",
+    "Decrypting paste…": "Paste decoderen…",
+    "Preparing new paste…": "Nieuwe paste voorbereiden…",
+    "In case this message never disappears please have a look at <a href=\"%s\">this FAQ for information to troubleshoot</a>.": "In het geval dat dit bericht nooit verdwijnt, kijkt dan eens naar <a href=\"%s\"> veelgestelde vragen voor informatie over het oplossen van problemen </a>.",
+    "+++ no paste text +++": "+++ geen paste tekst +++",
+    "Could not get paste data: %s": "Kon geen paste data verkrijgen: %s",
+    "QR code": "QR-code",
+    "This website is using an insecure HTTP connection! Please use it only for testing.": "Deze website gebruikt een onveilige HTTP-verbinding! Gelieve deze enkel te gebruiken om te testen.",
+    "For more information <a href=\"%s\">see this FAQ entry</a>.": "Voor meer informatie <a href=\"%s\">zie dit FAQ-artikel</a>.",
+    "Your browser may require an HTTPS connection to support the WebCrypto API. Try <a href=\"%s\">switching to HTTPS</a>.": "Je browser kan een HTTPS-verbinding nodig hebben om de WebCrypto API te ondersteunen. Probeer <a href=\"%s\">het met HTTPS</a>.",
+    "Your browser doesn't support WebAssembly, used for zlib compression. You can create uncompressed documents, but can't read compressed ones.": "Je browser ondersteunt WebAssembly niet, wat wordt gebruikt voor zlib compressie. Je kunt niet-gecomprimeerde documenten maken, maar geen gecomprimeerde documenten lezen.",
+    "waiting on user to provide a password": "wachtend op gebruiker om een wachtwoord te geven",
+    "Could not decrypt data. Did you enter a wrong password? Retry with the button at the top.": "Kon de gegevens niet decoderen. Heb je een verkeerd wachtwoord ingevoerd? Probeer het opnieuw met de knop bovenaan.",
+    "Retry": "Opnieuw proberen",
+    "Showing raw text…": "Platte tekst tonen…",
+    "Notice:": "Let op:",
+    "This link will expire after %s.": "Deze link vervalt na %s.",
+    "This link can only be accessed once, do not use back or refresh button in your browser.": "Deze link kan slechts eenmaal worden geopend, gebruik niet de terug- of verversknop in je browser.",
     "Link:": "Link:",
-    "Recipient may become aware of your timezone, convert time to UTC?": "Recipient may become aware of your timezone, convert time to UTC?",
-    "Use Current Timezone": "Use Current Timezone",
-    "Convert To UTC": "Convert To UTC",
-    "Close": "Close",
-    "Encrypted note on PrivateBin": "Encrypted note on PrivateBin",
-    "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.": "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.",
-    "URL shortener may expose your decrypt key in URL.": "URL shortener may expose your decrypt key in URL.",
-    "Save paste": "Save paste"
+    "Recipient may become aware of your timezone, convert time to UTC?": "Ontvanger kan zich bewust worden van je tijdzone, tijd omzetten naar UTC?",
+    "Use Current Timezone": "Gebruik huidige tijdzone",
+    "Convert To UTC": "Omzetten naar UTC",
+    "Close": "Sluiten",
+    "Encrypted note on %s": "Versleutelde notitie op %s",
+    "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.": "Bezoek deze link om de notitie te bekijken. Als je de URL aan iemand geeft, kan die de notitie ook bekijken.",
+    "URL shortener may expose your decrypt key in URL.": "URL-verkorter kan je ontcijferingssleutel in URL blootleggen.",
+    "Save paste": "Notitie opslaan",
+    "Your IP is not authorized to create pastes.": "Je IP-adres is niet gemachtigd om pastes te maken.",
+    "Trying to shorten a URL that isn't pointing at our instance.": "Proberen om een URL te verkorten dat niet naar ons systeem wijst.",
+    "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".": "Foutmelding ophalen YOURLS. Waarschijnlijk een configuratiefout, zoals een verkeerde of missende \"apiurl\" of \"signature\".",
+    "Error parsing YOURLS response.": "Foutmelding bij parsen van YOURLS respons."
 }

i18n/no.json

@@ -182,8 +182,12 @@
     "Use Current Timezone": "Bruk gjeldende tidssone",
     "Convert To UTC": "Konverter til UTC",
     "Close": "Steng",
-    "Encrypted note on PrivateBin": "Kryptert notat på PrivateBin",
+    "Encrypted note on %s": "Kryptert notat på %s",
     "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.": "Besøk denne lenken for å se notatet. Hvis lenken deles med andre, vil de også kunne se notatet.",
     "URL shortener may expose your decrypt key in URL.": "URL forkorter kan avsløre dekrypteringsnøkkelen.",
-    "Save paste": "Lagre utklipp"
+    "Save paste": "Lagre utklipp",
+    "Your IP is not authorized to create pastes.": "Your IP is not authorized to create pastes.",
+    "Trying to shorten a URL that isn't pointing at our instance.": "Trying to shorten a URL that isn't pointing at our instance.",
+    "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".": "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".",
+    "Error parsing YOURLS response.": "Error parsing YOURLS response."
 }

i18n/oc.json

@@ -37,76 +37,76 @@
     "%d seconds": [
         "%d segonda",
         "%d segondas",
-        "%d seconds (2nd plural)",
-        "%d seconds (3rd plural)"
+        "%d segondas",
+        "%d segondas"
     ],
     "%d minutes": [
         "%d minuta",
         "%d minutas",
-        "%d minutes (2nd plural)",
-        "%d minutes (3rd plural)"
+        "%d minutas",
+        "%d minutas"
     ],
     "%d hours": [
         "%d ora",
         "%d oras",
-        "%d hours (2nd plural)",
-        "%d hours (3rd plural)"
+        "%d oras",
+        "%d oras"
     ],
     "%d days": [
         "%d jorn",
         "%d jorns",
-        "%d days (2nd plural)",
-        "%d days (3rd plural)"
+        "%d jorns",
+        "%d jorns"
     ],
     "%d weeks": [
         "%d setmana",
         "%d setmanas",
-        "%d weeks (2nd plural)",
-        "%d weeks (3rd plural)"
+        "%d setmanas",
+        "%d setmanas"
     ],
     "%d months": [
         "%d mes",
         "%d meses",
-        "%d months (2nd plural)",
-        "%d months (3rd plural)"
+        "%d meses",
+        "%d meses"
     ],
     "%d years": [
         "%d an",
         "%d ans",
-        "%d years (2nd plural)",
-        "%d years (3rd plural)"
+        "%d ans",
+        "%d ans"
     ],
     "Never": "Jamai",
     "Note: This is a test service: Data may be deleted anytime. Kittens will die if you abuse this service.": "Nota : Aquò es un servici d’espròva : las donadas pòdon èsser suprimidas a cada moment. De catons moriràn s’abusatz d’aqueste servici.",
     "This document will expire in %d seconds.": [
-        "Ce document expirera dans %d seconde.",
-        "Aqueste document expirarà dins %d segondas.",
-        "Aqueste document expirarà dins %d segondas.",
-        "Aqueste document expirarà dins %d segondas."
+        "Aqueste document expirarà d’aquí %d segonda.",
+        "Aqueste document expirarà d’aquí %d segondas.",
+        "Aqueste document expirarà d’aquí %d segondas.",
+        "Aqueste document expirarà d’aquí %d segondas."
     ],
     "This document will expire in %d minutes.": [
-        "Ce document expirera dans %d minute.",
-        "Aqueste document expirarà dins %d minutas.",
-        "Aqueste document expirarà dins %d minutas.",
-        "Aqueste document expirarà dins %d minutas."
+        "Aqueste document expirarà d’aquí %d minuta.",
+        "Aqueste document expirarà d’aquí %d minutas.",
+        "Aqueste document expirarà d’aquí %d minutas.",
+        "Aqueste document expirarà d’aquí %d minutas."
     ],
     "This document will expire in %d hours.": [
-        "Ce document expirera dans %d heure.",
-        "Aqueste document expirarà dins %d oras.",
-        "Aqueste document expirarà dins %d oras.",
-        "Aqueste document expirarà dins %d oras."
+        "Aqueste document expirarà d’aquí %d ora.",
+        "Aqueste document expirarà d’aquí %d oras.",
+        "Aqueste document expirarà d’aquí %d oras.",
+        "Aqueste document expirarà d’aquí %d oras."
     ],
     "This document will expire in %d days.": [
-        "Ce document expirera dans %d jour.",
-        "Aqueste document expirarà dins %d jorns.",
-        "Aqueste document expirarà dins %d jorns.",
-        "Aqueste document expirarà dins %d jorns."
+        "Aqueste document expirarà d’aquí %d jorn.",
+        "Aqueste document expirarà d’aquí %d jorns.",
+        "Aqueste document expirarà d’aquí %d jorns.",
+        "Aqueste document expirarà d’aquí %d jorns."
     ],
     "This document will expire in %d months.": [
-        "Ce document expirera dans %d mois.",
-        "Aqueste document expirarà dins %d meses.",
-        "Aqueste document expirarà dins %d meses.",
-        "Aqueste document expirarà dins %d meses."
+        "Aqueste document expirarà d’aquí %d mes.",
+        "Aqueste document expirarà d’aquí %d meses.",
+        "Aqueste document expirarà d’aquí %d meses.",
+        "Aqueste document expirarà d’aquí %d meses."
     ],
     "Please enter the password for this paste:": "Picatz lo senhal per aqueste tèxte :",
     "Could not decrypt data (Wrong key?)": "Impossible de deschifrar las donadas (marrida clau ?)",
@@ -156,7 +156,7 @@
     "Shorten URL": "Acorchir l’URL",
     "Editor": "Editar",
     "Preview": "Previsualizar",
-    "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.": "%s demanda que lo PATH termine en \"%s\". Mercés de metre a jorn lo PATH dins vòstre index.php.",
+    "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.": "%s demanda que lo PATH termine en « %s ». Mercés de metre a jorn lo PATH dins vòstre index.php.",
     "Decrypt": "Deschifrar",
     "Enter password": "Picatz lo senhal",
     "Loading…": "Cargament…",
@@ -182,8 +182,12 @@
     "Use Current Timezone": "Utilizar l’actual",
     "Convert To UTC": "Convertir en UTC",
     "Close": "Tampar",
-    "Encrypted note on PrivateBin": "Nòtas chifradas sus PrivateBin",
+    "Encrypted note on %s": "Nòtas chifradas sus %s",
     "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.": "Visitatz aqueste ligam per veire la nòta. Fornir lo ligam a qualqu’un mai li permet tanben d’accedir a la nòta.",
     "URL shortener may expose your decrypt key in URL.": "Los espleches d’acorchiment d’URL pòdon expausar la clau de deschiframent dins l’URL.",
-    "Save paste": "Enregistrar lo tèxt"
+    "Save paste": "Enregistrar lo tèxt",
+    "Your IP is not authorized to create pastes.": "Vòstra adreça IP a pas l’autorizacion de crear de tèxtes.",
+    "Trying to shorten a URL that isn't pointing at our instance.": "Trying to shorten a URL that isn't pointing at our instance.",
+    "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".": "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".",
+    "Error parsing YOURLS response.": "Error parsing YOURLS response."
 }

i18n/pl.json

@@ -182,8 +182,12 @@
     "Use Current Timezone": "Use Current Timezone",
     "Convert To UTC": "Convert To UTC",
     "Close": "Close",
-    "Encrypted note on PrivateBin": "Encrypted note on PrivateBin",
+    "Encrypted note on %s": "Encrypted note on %s",
     "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.": "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.",
     "URL shortener may expose your decrypt key in URL.": "URL shortener may expose your decrypt key in URL.",
-    "Save paste": "Save paste"
+    "Save paste": "Save paste",
+    "Your IP is not authorized to create pastes.": "Your IP is not authorized to create pastes.",
+    "Trying to shorten a URL that isn't pointing at our instance.": "Trying to shorten a URL that isn't pointing at our instance.",
+    "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".": "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".",
+    "Error parsing YOURLS response.": "Error parsing YOURLS response."
 }

i18n/pt.json

@@ -182,8 +182,12 @@
     "Use Current Timezone": "Usar Fuso Horário Atual",
     "Convert To UTC": "Converter para UTC",
     "Close": "Fechar",
-    "Encrypted note on PrivateBin": "Nota criptografada no PrivateBin",
+    "Encrypted note on %s": "Nota criptografada no %s",
     "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.": "Visite esse link para ver a nota. Dar a URL para qualquer um permite que eles também acessem a nota.",
     "URL shortener may expose your decrypt key in URL.": "URL shortener may expose your decrypt key in URL.",
-    "Save paste": "Save paste"
+    "Save paste": "Save paste",
+    "Your IP is not authorized to create pastes.": "Your IP is not authorized to create pastes.",
+    "Trying to shorten a URL that isn't pointing at our instance.": "Trying to shorten a URL that isn't pointing at our instance.",
+    "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".": "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".",
+    "Error parsing YOURLS response.": "Error parsing YOURLS response."
 }

i18n/ru.json

@@ -182,8 +182,12 @@
     "Use Current Timezone": "Использовать текущий часовой пояс",
     "Convert To UTC": "Конвертировать в UTC",
     "Close": "Закрыть",
-    "Encrypted note on PrivateBin": "Зашифрованная запись на PrivateBin",
+    "Encrypted note on %s": "Зашифрованная запись на %s",
     "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.": "Посетите эту ссылку чтобы просмотреть запись. Передача ссылки кому либо позволит им получить доступ к записи тоже.",
     "URL shortener may expose your decrypt key in URL.": "Сервис сокращения ссылок может получить ваш ключ расшифровки из ссылки.",
-    "Save paste": "Сохранить запись"
+    "Save paste": "Сохранить запись",
+    "Your IP is not authorized to create pastes.": "Вашему IP адресу не разрешено создавать записи.",
+    "Trying to shorten a URL that isn't pointing at our instance.": "Trying to shorten a URL that isn't pointing at our instance.",
+    "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".": "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".",
+    "Error parsing YOURLS response.": "Error parsing YOURLS response."
 }

i18n/sk.json

@@ -0,0 +1,193 @@
+{
+    "PrivateBin": "PrivateBin",
+    "%s is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted %sin the browser%s using 256 bits AES.": "%s je minimalistický, open source online pastebin, kde server nemá žiadne znalosti o vložených údajoch. Údaje sú šifrované/dešifrované %sv prehliadači%s pomocou 256-bitového AES.",
+    "More information on the <a href=\"https://privatebin.info/\">project page</a>.": "Viac informácií na <a href=\"https://privatebin.info/\">stránke projektu</a>.",
+    "Because ignorance is bliss": "Pretože nevedomosť je sladká",
+    "en": "sk",
+    "Paste does not exist, has expired or has been deleted.": "Vložený text neexistuje, jeho platnosť vypršala alebo bol vymazaný.",
+    "%s requires php %s or above to work. Sorry.": "%s vyžaduje php %s alebo vyššie. Prepáčte.",
+    "%s requires configuration section [%s] to be present in configuration file.": "%s vyžaduje, aby bola v konfiguračnom súbore prítomná sekcia [%s].",
+    "Please wait %d seconds between each post.": [
+        "Počet sekúnd do ďalšieho príspevku: %d",
+        "Počet sekúnd do ďalšieho príspevku: %d",
+        "Počet sekúnd do ďalšieho príspevku: %d",
+        "Počet sekúnd do ďalšieho príspevku: %d"
+    ],
+    "Paste is limited to %s of encrypted data.": "Príspevok je obmedzený na %s zašifrovaných údajov.",
+    "Invalid data.": "Neplatné údaje.",
+    "You are unlucky. Try again.": "Ľutujem. Skúste to znova.",
+    "Error saving comment. Sorry.": "Pri ukladaní komentára sa vyskytla chyba.",
+    "Error saving paste. Sorry.": "Pri ukladaní príspevku sa vyskytla chyba.",
+    "Invalid paste ID.": "Chybne vložené ID.",
+    "Paste is not of burn-after-reading type.": "Príspevok nieje nastavený na zmazanie po prečítaní.",
+    "Wrong deletion token. Paste was not deleted.": "Nesprávny token odstránenia. Príspevok nebol odstránený.",
+    "Paste was properly deleted.": "Príspevok bol správne vymazaný.",
+    "JavaScript is required for %s to work. Sorry for the inconvenience.": "Na fungovanie %s je potrebný JavaScript. Ospravedlňujeme sa za nepríjemnosti.",
+    "%s requires a modern browser to work.": "%s vyžaduje na fungovanie moderný prehliadač.",
+    "New": "Nový",
+    "Send": "Odoslať",
+    "Clone": "Klonovať",
+    "Raw text": "Surový text",
+    "Expires": "Expirácia",
+    "Burn after reading": "Po prečítaní zmazať",
+    "Open discussion": "Povoliť komentáre",
+    "Password (recommended)": "Heslo (doporučené)",
+    "Discussion": "Komentáre",
+    "Toggle navigation": "Prepnúť navigáciu",
+    "%d seconds": [
+        "%d sekunda",
+        "%d sekundy",
+        "%d sekúnd",
+        "%d sekúnd"
+    ],
+    "%d minutes": [
+        "%d minúta",
+        "%d minúty",
+        "%d minút",
+        "%d minút"
+    ],
+    "%d hours": [
+        "%d hodina",
+        "%d hodiny",
+        "%d hodín",
+        "%d hodín"
+    ],
+    "%d days": [
+        "%d deň",
+        "%d dni",
+        "%d dní",
+        "%d dní"
+    ],
+    "%d weeks": [
+        "%d týždeň",
+        "%d týždne",
+        "%d týždňov",
+        "%d týždňov"
+    ],
+    "%d months": [
+        "%d mesiac",
+        "%d mesiace",
+        "%d mesiacov",
+        "%d mesiacov"
+    ],
+    "%d years": [
+        "%d rok",
+        "%d roky",
+        "%d rokov",
+        "%d rokov"
+    ],
+    "Never": "Nikdy",
+    "Note: This is a test service: Data may be deleted anytime. Kittens will die if you abuse this service.": "Poznámka: Toto je testovacia služba: Údaje môžu byť kedykoľvek vymazané. Pri zneužití tejto služby zomrú mačiatka.",
+    "This document will expire in %d seconds.": [
+        "Platnosť tohto dokumentu vyprší o %d sekundu.",
+        "Platnosť tohto dokumentu vyprší o %d sekundy.",
+        "Platnosť tohto dokumentu vyprší o %d sekúnd.",
+        "Platnosť tohto dokumentu vyprší o %d sekúnd."
+    ],
+    "This document will expire in %d minutes.": [
+        "Platnosť tohto dokumentu vyprší o %d minútu.",
+        "Platnosť tohto dokumentu vyprší o %d minúty.",
+        "Platnosť tohto dokumentu vyprší o %d minút.",
+        "Platnosť tohto dokumentu vyprší o %d minút."
+    ],
+    "This document will expire in %d hours.": [
+        "Platnosť tohto dokumentu vyprší o %d hodinu.",
+        "Platnosť tohto dokumentu vyprší o %d hodiny.",
+        "Platnosť tohto dokumentu vyprší o %d hodín.",
+        "Platnosť tohto dokumentu vyprší o %d hodín."
+    ],
+    "This document will expire in %d days.": [
+        "Platnosť tohto dokumentu vyprší o %d deň.",
+        "Platnosť tohto dokumentu vyprší o %d dni.",
+        "Platnosť tohto dokumentu vyprší o %d dní.",
+        "Platnosť tohto dokumentu vyprší o %d dní."
+    ],
+    "This document will expire in %d months.": [
+        "Platnosť tohto dokumentu vyprší o %d mesiac.",
+        "Platnosť tohto dokumentu vyprší o %d mesiace.",
+        "Platnosť tohto dokumentu vyprší o %d mesiacov.",
+        "Platnosť tohto dokumentu vyprší o %d mesiacov."
+    ],
+    "Please enter the password for this paste:": "Zadajte prosím heslo:",
+    "Could not decrypt data (Wrong key?)": "Nepodarilo sa dešifrovať údaje (nesprávny kľúč?)",
+    "Could not delete the paste, it was not stored in burn after reading mode.": "Nepodarilo sa odstrániť príspevok, nebol uložený v režime zmazania po prečítaní.",
+    "FOR YOUR EYES ONLY. Don't close this window, this message can't be displayed again.": "IBA PRE VAŠE OČI. Toto okno nezatvárajte, táto správa sa nedá znova zobraziť.",
+    "Could not decrypt comment; Wrong key?": "Nepodarilo sa dešifrovať komentár. Nesprávny kľúč?",
+    "Reply": "Odpovedať",
+    "Anonymous": "Anonymný",
+    "Avatar generated from IP address": "Avatar vygenerovaný z IP adresy",
+    "Add comment": "Pridať komentár",
+    "Optional nickname…": "Voliteľná prezývka…",
+    "Post comment": "Odoslať komentár",
+    "Sending comment…": "Odosielanie komentára…",
+    "Comment posted.": "Komentár odoslaný.",
+    "Could not refresh display: %s": "Nepodarilo sa obnoviť zobrazenie: %s",
+    "unknown status": "neznámy stav",
+    "server error or not responding": "chyba servera alebo server neodpovedá",
+    "Could not post comment: %s": "Nepodarilo sa pridať komentár: %s",
+    "Sending paste…": "Odosiela sa príspevok…",
+    "Your paste is <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Hit [Ctrl]+[c] to copy)</span>": "Váš príspevok je <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(skopírujte stlačením [Ctrl]+[c])</span>",
+    "Delete data": "Odstrániť dáta",
+    "Could not create paste: %s": "Nepodarilo sa vytvoriť príspevok: %s",
+    "Cannot decrypt paste: Decryption key missing in URL (Did you use a redirector or an URL shortener which strips part of the URL?)": "Nie je možné dešifrovať príspevok: V URL adrese chýba dešifrovací kľúč (Použili ste presmerovač alebo skracovač adresy, ktorý odstráni časť adresy URL?)",
+    "B": "B",
+    "KiB": "KiB",
+    "MiB": "MiB",
+    "GiB": "GiB",
+    "TiB": "TiB",
+    "PiB": "PiB",
+    "EiB": "EiB",
+    "ZiB": "ZiB",
+    "YiB": "YiB",
+    "Format": "Formát",
+    "Plain Text": "Čistý text",
+    "Source Code": "Zdrojový kód",
+    "Markdown": "Markdown",
+    "Download attachment": "Stiahnuť prílohu",
+    "Cloned: '%s'": "Naklonované: '%s'",
+    "The cloned file '%s' was attached to this paste.": "K tomuto príspevku bol pripojený klonovaný súbor '%s'.",
+    "Attach a file": "Priložiť súbor",
+    "alternatively drag & drop a file or paste an image from the clipboard": "prípadne presuňte súbor myšou alebo vložte obrázok zo schránky",
+    "File too large, to display a preview. Please download the attachment.": "Súbor je príliš veľký na zobrazenie ukážky. Stiahnite si prosím prílohu.",
+    "Remove attachment": "Odstrániť prílohu",
+    "Your browser does not support uploading encrypted files. Please use a newer browser.": "Váš prehliadač nepodporuje nahrávanie šifrovaných súborov. Použite prosím novší prehliadač.",
+    "Invalid attachment.": "Neplatná príloha.",
+    "Options": "Možnosti",
+    "Shorten URL": "Skrátiť URL",
+    "Editor": "Editor",
+    "Preview": "Náhľad",
+    "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.": "%s vyžaduje, aby PATH končila na \"%s\". Aktualizujte prosím PATH vo svojom index.php.",
+    "Decrypt": "Dešifrovať",
+    "Enter password": "Zadajte heslo",
+    "Loading…": "Načítava sa…",
+    "Decrypting paste…": "Dešifrovanie príspevku…",
+    "Preparing new paste…": "Príprava nového príspevku…",
+    "In case this message never disappears please have a look at <a href=\"%s\">this FAQ for information to troubleshoot</a>.": "V prípade, že táto správa nezmizne, pozrite si <a href=\"%s\">tieto často kladené otázky, kde nájdete informácie na riešenie problémov</a>.",
+    "+++ no paste text +++": "+++ žiadny vložený text +++",
+    "Could not get paste data: %s": "Nepodarilo sa načítať údaje príspevku: %s",
+    "QR code": "QR kód",
+    "This website is using an insecure HTTP connection! Please use it only for testing.": "Táto webová stránka používa nezabezpečené pripojenie HTTP! Používajte ju len na testovanie.",
+    "For more information <a href=\"%s\">see this FAQ entry</a>.": "Pre viac informácií si pozrite <a href=\"%s\">tento záznam FAQ</a>.",
+    "Your browser may require an HTTPS connection to support the WebCrypto API. Try <a href=\"%s\">switching to HTTPS</a>.": "Váš prehliadač môže na podporu rozhrania WebCrypto API vyžadovať pripojenie HTTPS. Skúste <a href=\"%s\">prepnúť na HTTPS</a>.",
+    "Your browser doesn't support WebAssembly, used for zlib compression. You can create uncompressed documents, but can't read compressed ones.": "Váš prehliadač nepodporuje WebAssembly, ktorý sa používa na kompresiu zlib. Môžete vytvárať nekomprimované dokumenty, ale nemôžete čítať komprimované.",
+    "waiting on user to provide a password": "čakám na zadanie hesla",
+    "Could not decrypt data. Did you enter a wrong password? Retry with the button at the top.": "Údaje sa nepodarilo dešifrovať. Zadali ste nesprávne heslo? Skúste to znova pomocou tlačidla v hornej časti.",
+    "Retry": "Opakovať",
+    "Showing raw text…": "Zobrazuje sa surový text…",
+    "Notice:": "Upozornenie:",
+    "This link will expire after %s.": "Platnosť odkazu vyprší za %s.",
+    "This link can only be accessed once, do not use back or refresh button in your browser.": "Tento odkaz je prístupný iba raz, nepoužívajte v prehliadači tlačidlo Späť ani Obnoviť.",
+    "Link:": "Odkaz:",
+    "Recipient may become aware of your timezone, convert time to UTC?": "Príjemca sa môže dozvedieť o vašom časovom pásme, previesť čas na UTC?",
+    "Use Current Timezone": "Použiť aktuálne časové pásmo",
+    "Convert To UTC": "Previesť na UTC",
+    "Close": "Zavrieť",
+    "Encrypted note on %s": "Zašifrovaná poznámka na %s",
+    "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.": "Ak chcete zobraziť poznámku, navštívte tento odkaz. Poskytnutie adresy URL komukoľvek im umožní prístup aj k poznámke.",
+    "URL shortener may expose your decrypt key in URL.": "Skracovač adries URL môže odhaliť váš dešifrovací kľúč v adrese URL.",
+    "Save paste": "Uložiť príspevok",
+    "Your IP is not authorized to create pastes.": "Vaša IP adresa nie je oprávnená vytvárať príspevky.",
+    "Trying to shorten a URL that isn't pointing at our instance.": "Pokúšate sa skrátiť adresu URL, ktorá neukazuje na túto inštanciu.",
+    "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".": "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".",
+    "Error parsing YOURLS response.": "Error parsing YOURLS response."
+}

i18n/sl.json

@@ -182,8 +182,12 @@
     "Use Current Timezone": "Use Current Timezone",
     "Convert To UTC": "Convert To UTC",
     "Close": "Close",
-    "Encrypted note on PrivateBin": "Encrypted note on PrivateBin",
+    "Encrypted note on %s": "Encrypted note on %s",
     "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.": "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.",
     "URL shortener may expose your decrypt key in URL.": "URL shortener may expose your decrypt key in URL.",
-    "Save paste": "Save paste"
+    "Save paste": "Save paste",
+    "Your IP is not authorized to create pastes.": "Your IP is not authorized to create pastes.",
+    "Trying to shorten a URL that isn't pointing at our instance.": "Trying to shorten a URL that isn't pointing at our instance.",
+    "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".": "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".",
+    "Error parsing YOURLS response.": "Error parsing YOURLS response."
 }

i18n/sv.json

@@ -182,8 +182,12 @@
     "Use Current Timezone": "Use Current Timezone",
     "Convert To UTC": "Convert To UTC",
     "Close": "Close",
-    "Encrypted note on PrivateBin": "Encrypted note on PrivateBin",
+    "Encrypted note on %s": "Encrypted note on %s",
     "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.": "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.",
     "URL shortener may expose your decrypt key in URL.": "URL shortener may expose your decrypt key in URL.",
-    "Save paste": "Save paste"
+    "Save paste": "Save paste",
+    "Your IP is not authorized to create pastes.": "Your IP is not authorized to create pastes.",
+    "Trying to shorten a URL that isn't pointing at our instance.": "Trying to shorten a URL that isn't pointing at our instance.",
+    "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".": "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".",
+    "Error parsing YOURLS response.": "Error parsing YOURLS response."
 }

i18n/th.json

@@ -0,0 +1,193 @@
+{
+    "PrivateBin": "PrivateBin",
+    "%s is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted %sin the browser%s using 256 bits AES.": "%s เป็น pastebin ออนไลน์แบบโอเพ่นซอร์สที่มีสไตล์แบบมินิมัลลิสท์ เซิร์ฟเวอร์ไม่สามารถรู้ได้ว่าข้อมูลโค้ดที่มาฝากนั้นเป็นข้อมูลอะไร โดยจะถูก %sเข้ารหัส/ถอดรหัส%s ด้วยกระบวนการ AES จำนวน 256 บิตผ่านเบราว์เซอร์",
+    "More information on the <a href=\"https://privatebin.info/\">project page</a>.": "ข้อมูลเพิ่มเติม ดูได้ที่<a href=\"https://privatebin.info/\">หน้าโครงการ</a>",
+    "Because ignorance is bliss": "ไม่รู้ไม่ชี้ดีที่สุด",
+    "en": "th",
+    "Paste does not exist, has expired or has been deleted.": "การฝากโค้ดไม่มีอยู่ อาจจะหมดอายุหรือถูกลบไปแล้ว",
+    "%s requires php %s or above to work. Sorry.": "ขออภัย %s ต้องใช้ PHP %s ขึ้นไปจึงจะใช้งานได้",
+    "%s requires configuration section [%s] to be present in configuration file.": "%s จำเป็นต้องตั้งค่าตัวแปร [%s] ในไฟล์กำหนดค่า",
+    "Please wait %d seconds between each post.": [
+        "กรุณาเว้นระยะเวลาการส่งข้อมูลอย่างน้อย %d วินาที",
+        "กรุณาเว้นระยะเวลาการส่งข้อมูลอย่างน้อย %d วินาที",
+        "กรุณาเว้นระยะเวลาการส่งข้อมูลอย่างน้อย %d วินาที",
+        "กรุณาเว้นระยะเวลาการส่งข้อมูลอย่างน้อย %d วินาที"
+    ],
+    "Paste is limited to %s of encrypted data.": "การฝากโค้ดแบบเข้ารหัส ขีดจำกัดสูงสุดคือ %s",
+    "Invalid data.": "ข้อมูลไม่ถูกต้อง",
+    "You are unlucky. Try again.": "วันนี้คุณดวงไม่เฮงเลย ลองใหม่อีกครั้งนะ",
+    "Error saving comment. Sorry.": "ขออภัย เกิดข้อผิดพลาดในระหว่างบันทึกความคิดเห็น",
+    "Error saving paste. Sorry.": "ขออภัย เกิดข้อผิดพลาดในระหว่างบันทึกการฝากโค้ด",
+    "Invalid paste ID.": "ID การฝากโค้ดไม่ถูกต้อง",
+    "Paste is not of burn-after-reading type.": "ข้อมูลการฝากโค้ดนี้ไม่ได้เป็นรูปแบบลบทันทีเมื่อเปิดอ่าน",
+    "Wrong deletion token. Paste was not deleted.": "โทเค็นการลบไม่ถูกต้อง ข้อมูลการฝากโค้ดไม่ถูกลบ",
+    "Paste was properly deleted.": "ข้อมูลการฝากโค้ดถูกลบออกเรียบร้อยแล้ว",
+    "JavaScript is required for %s to work. Sorry for the inconvenience.": "จำเป็นต้องใช้ JavaScript เพื่อให้ %s สามารถทำงานได้ ขออภัยในความไม่สะดวก",
+    "%s requires a modern browser to work.": "%s ต้องใช้เบราว์เซอร์สมัยใหม่ถึงจะสามารถใช้งานได้",
+    "New": "ใหม่",
+    "Send": "ส่ง",
+    "Clone": "โคลน",
+    "Raw text": "ข้อความล้วน",
+    "Expires": "หมดอายุ",
+    "Burn after reading": "ลบทันทีเมื่อเปิดอ่าน",
+    "Open discussion": "แสดงความคิดเห็นได้",
+    "Password (recommended)": "รหัสผ่าน (แนะนำให้ใส่)",
+    "Discussion": "ความคิดเห็น",
+    "Toggle navigation": "สลับเปิดปิดการนำทาง",
+    "%d seconds": [
+        "%d วินาที",
+        "%d วินาที",
+        "%d วินาที",
+        "%d วินาที"
+    ],
+    "%d minutes": [
+        "%d นาที",
+        "%d นาที",
+        "%d นาที",
+        "%d นาที"
+    ],
+    "%d hours": [
+        "%d ชั่วโมง",
+        "%d ชั่วโมง",
+        "%d ชั่วโมง",
+        "%d ชั่วโมง"
+    ],
+    "%d days": [
+        "%d วัน",
+        "%d วัน",
+        "%d วัน",
+        "%d วัน"
+    ],
+    "%d weeks": [
+        "%d สัปดาห์",
+        "%d สัปดาห์",
+        "%d สัปดาห์",
+        "%d สัปดาห์"
+    ],
+    "%d months": [
+        "%d เดือน",
+        "%d เดือน",
+        "%d เดือน",
+        "%d เดือน"
+    ],
+    "%d years": [
+        "%d ปี",
+        "%d ปี",
+        "%d ปี",
+        "%d ปี"
+    ],
+    "Never": "ไม่หมดอายุ",
+    "Note: This is a test service: Data may be deleted anytime. Kittens will die if you abuse this service.": "โปรดทราบ: เว็บไซต์นี้เป็นการให้บริการแบบเบต้า ข้อมูลอาจถูกลบได้ตลอดเวลา หากคุณใช้บริการนี้ในทางที่ผิดอาจจะทำให้ข้อมูลของคุณสูญหายอย่างถาวรได้",
+    "This document will expire in %d seconds.": [
+        "เอกสารนี้จะหมดอายุใน %d วินาที",
+        "เอกสารนี้จะหมดอายุใน %d วินาที",
+        "เอกสารนี้จะหมดอายุใน %d วินาที",
+        "เอกสารนี้จะหมดอายุใน %d วินาที"
+    ],
+    "This document will expire in %d minutes.": [
+        "เอกสารนี้จะหมดอายุใน %d นาที",
+        "เอกสารนี้จะหมดอายุใน %d นาที",
+        "เอกสารนี้จะหมดอายุใน %d นาที",
+        "เอกสารนี้จะหมดอายุใน %d นาที"
+    ],
+    "This document will expire in %d hours.": [
+        "เอกสารนี้จะหมดอายุใน %d ชั่วโมง",
+        "เอกสารนี้จะหมดอายุใน %d ชั่วโมง",
+        "เอกสารนี้จะหมดอายุใน %d ชั่วโมง",
+        "เอกสารนี้จะหมดอายุใน %d ชั่วโมง"
+    ],
+    "This document will expire in %d days.": [
+        "เอกสารนี้จะหมดอายุใน %d วัน",
+        "เอกสารนี้จะหมดอายุใน %d วัน",
+        "เอกสารนี้จะหมดอายุใน %d วัน",
+        "เอกสารนี้จะหมดอายุใน %d วัน"
+    ],
+    "This document will expire in %d months.": [
+        "เอกสารนี้จะหมดอายุใน %d เดือน",
+        "เอกสารนี้จะหมดอายุใน %d เดือน",
+        "เอกสารนี้จะหมดอายุใน %d เดือน",
+        "เอกสารนี้จะหมดอายุใน %d เดือน"
+    ],
+    "Please enter the password for this paste:": "กรุณากรอกรหัสผ่านเพื่อเปิดข้อมูลการฝากโค้ดนี้:",
+    "Could not decrypt data (Wrong key?)": "ไม่สามารถถอดรหัสข้อมูลได้ (คีย์ไม่ถูกต้องหรือไม่)",
+    "Could not delete the paste, it was not stored in burn after reading mode.": "ไม่สามารถลบการฝากโค้ดนี้ได้ เนื่องจากว่าไม่ได้ถูกเก็บไว้ในโหมดลบทันทีเมื่อเปิดอ่าน",
+    "FOR YOUR EYES ONLY. Don't close this window, this message can't be displayed again.": "เก็บไว้ดูคนเดียวนะ อย่าปิดหน้าต่างนี้ ข้อความนี้จะไม่สามารถแสดงได้อีก",
+    "Could not decrypt comment; Wrong key?": "ไม่สามารถถอดรหัสความคิดเห็นได้ คีย์ไม่ถูกต้องหรือไม่",
+    "Reply": "ตอบกลับ",
+    "Anonymous": "ไม่ระบุชื่อ",
+    "Avatar generated from IP address": "อวาตารสร้างมาจากไอพี",
+    "Add comment": "เพิ่มความคิดเห็น",
+    "Optional nickname…": "ใส่ชื่อคนให้ความคิดเห็น…",
+    "Post comment": "ส่งความคิดเห็น",
+    "Sending comment…": "กำลังส่งความคิดเห็น…",
+    "Comment posted.": "ส่งความคิดเห็นแล้ว",
+    "Could not refresh display: %s": "ไม่สามารถรีเฟรชการแสดงผลได้: %s",
+    "unknown status": "ไม่ทราบสถานะ",
+    "server error or not responding": "เซิร์ฟเวอร์มีข้อผิดพลาดหรือไม่ตอบสนอง",
+    "Could not post comment: %s": "ไม่สามารถส่งความคิดเห็นได้: %s",
+    "Sending paste…": "กำลังส่งข้อมูล…",
+    "Your paste is <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Hit [Ctrl]+[c] to copy)</span>": "การฝากโค้ดของคุณอยู่ที่ <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(กดปุ่ม [Ctrl]+[c] เพื่อคัดลอก)</span>",
+    "Delete data": "ลบข้อมูล",
+    "Could not create paste: %s": "ไม่สามารถสร้างข้อมูลการฝากโค้ดได้: %s",
+    "Cannot decrypt paste: Decryption key missing in URL (Did you use a redirector or an URL shortener which strips part of the URL?)": "ไม่สามารถถอดรหัสข้อมูลการฝากโค้ดได้: คีย์ถอดรหัสที่อยู่ใน URL หายไป (คุณได้ใช้ตัวเปลี่ยนเส้นทางหรือตัวย่อ URL ที่มีการตัดส่วนของ URL ออกหรือไม่)",
+    "B": "B",
+    "KiB": "KiB",
+    "MiB": "MiB",
+    "GiB": "GiB",
+    "TiB": "TiB",
+    "PiB": "PiB",
+    "EiB": "EiB",
+    "ZiB": "ZiB",
+    "YiB": "YiB",
+    "Format": "รูปแบบ",
+    "Plain Text": "ข้อความล้วน",
+    "Source Code": "ซอร์สโค้ด",
+    "Markdown": "Markdown",
+    "Download attachment": "ดาวน์โหลดไฟล์แนบ",
+    "Cloned: '%s'": "โคลนแล้ว: '%s'",
+    "The cloned file '%s' was attached to this paste.": "การโคลนข้อมูลการฝากโค้ด มีไฟล์ '%s' แนบมาด้วย",
+    "Attach a file": "แนบไฟล์",
+    "alternatively drag & drop a file or paste an image from the clipboard": "หรือสามารถลากและวางไฟล์หรือวางรูปภาพจากคลิปบอร์ดได้",
+    "File too large, to display a preview. Please download the attachment.": "ไฟล์มีขนาดใหญ่เกินไปที่จะแสดงตัวอย่าง กรุณาดาวน์โหลดเป็นไฟล์แนบแทน",
+    "Remove attachment": "ลบไฟล์แนบ",
+    "Your browser does not support uploading encrypted files. Please use a newer browser.": "เบราว์เซอร์ของคุณไม่สนับสนุนการอัปโหลดไฟล์แบบเข้ารหัสได้ กรุณาใช้เบราว์เซอร์ที่ใหม่กว่า",
+    "Invalid attachment.": "ไฟล์แนบไม่ถูกต้อง",
+    "Options": "ตัวเลือก",
+    "Shorten URL": "สร้างลิงก์ย่อ",
+    "Editor": "ตัวแก้ไข",
+    "Preview": "ดูตัวอย่าง",
+    "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.": "%s กำหนดให้ PATH ลงท้ายด้วย \"%s\" กรุณาอัปเดต PATH ในไฟล์ index.php ของคุณ",
+    "Decrypt": "ถอดรหัส",
+    "Enter password": "กรอกรหัสผ่าน",
+    "Loading…": "กำลังโหลด…",
+    "Decrypting paste…": "กำลังถอดรหัสข้อมูลการฝากโค้ด…",
+    "Preparing new paste…": "กำลังเตรียมข้อมูลการฝากโค้ดใหม่…",
+    "In case this message never disappears please have a look at <a href=\"%s\">this FAQ for information to troubleshoot</a>.": "ในกรณีที่ข้อความนี้ยังปรากฎให้เห็นอยู่ กรุณาดู<a href=\"%s\">คำถามที่พบบ่อยนี้เพื่อใช้แก้ไขปัญหา</a>",
+    "+++ no paste text +++": "+++ ไม่มีข้อความการฝากโค้ด +++",
+    "Could not get paste data: %s": "ไม่สามารถดึงข้อมูลการฝากโค้ดได้: %s",
+    "QR code": "คิวอาร์โค้ด",
+    "This website is using an insecure HTTP connection! Please use it only for testing.": "เว็บไซต์นี้ใช้การเชื่อมต่อแบบ HTTP ที่ไม่ปลอดภัย! กรุณาใช้เพื่อการทดสอบเท่านั้น",
+    "For more information <a href=\"%s\">see this FAQ entry</a>.": "สำหรับข้อมูลเพิ่มเติม <a href=\"%s\">กรุณาดูรายการคำถามที่พบบ่อยนี้</a>",
+    "Your browser may require an HTTPS connection to support the WebCrypto API. Try <a href=\"%s\">switching to HTTPS</a>.": "เบราว์เซอร์ของคุณอาจต้องใช้การเชื่อมต่อ HTTPS เพื่อสนับสนุน API แบบ WebCrypto ลอง<a href=\"%s\">เปลี่ยนเป็น HTTPS</a>",
+    "Your browser doesn't support WebAssembly, used for zlib compression. You can create uncompressed documents, but can't read compressed ones.": "เบราว์เซอร์ของคุณไม่สนับสนุน WebAssembly ที่ทำหน้าที่ในการบีบอัดข้อมูลในรูปแบบ zlib คุณยังสามารถสร้างเอกสารที่ไม่บีบอัด แต่จะไม่สามารถอ่านเอกสารที่บีบอัดได้",
+    "waiting on user to provide a password": "กำลังรอผู้ใช้กรอกรหัสผ่าน",
+    "Could not decrypt data. Did you enter a wrong password? Retry with the button at the top.": "ไม่สามารถถอดรหัสข้อมูลได้ คุณกรอกรหัสผ่านผิดหรือเปล่า กดปุ่มลองอีกครั้งด้านบน",
+    "Retry": "ลองอีกครั้ง",
+    "Showing raw text…": "กำลังแสดงข้อความล้วน…",
+    "Notice:": "โปรดทราบ:",
+    "This link will expire after %s.": "ลิงก์นี้จะหมดอายุหลังจาก %s",
+    "This link can only be accessed once, do not use back or refresh button in your browser.": "ลิงก์นี้สามารถเข้าถึงได้เพียงครั้งเดียวเท่านั้น ไม่ควรใช้ปุ่มย้อนกลับหรือรีเฟรชหน้าเว็บบนเบราว์เซอร์ของคุณ",
+    "Link:": "ลิงก์:",
+    "Recipient may become aware of your timezone, convert time to UTC?": "ผู้รับอีเมลอาจทราบโซนเวลาของคุณได้ คุณต้องการแปลงโซนเวลาเป็น UTC หรือไม่",
+    "Use Current Timezone": "ใช้โซนเวลาปัจจุบัน",
+    "Convert To UTC": "แปลงเป็น UTC",
+    "Close": "ปิด",
+    "Encrypted note on %s": "เขารหัสบันทึกย่อบน %s",
+    "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.": "ไปที่ลิงก์นี้เพื่อดูบันทึกย่อทั้งหมด ส่ง URL นี้ให้ใครก็ได้เพื่อให้สามารถเข้าถึงบันทึกย่อได้",
+    "URL shortener may expose your decrypt key in URL.": "เครื่องมือสร้างลิงก์ย่ออาจเปิดเผยคีย์ถอดรหัสของคุณใน URL ได้",
+    "Save paste": "ดาวน์โหลดข้อมูลการฝากโค้ด",
+    "Your IP is not authorized to create pastes.": "IP ของคุณไม่ได้รับอนุญาตให้สร้างการฝากโค้ด",
+    "Trying to shorten a URL that isn't pointing at our instance.": "กำลังพยายามใช้เครื่องมือสร้างลิงก์ย่อ ที่ไม่ได้ชี้ไปที่อินสแตนซ์ของเรา",
+    "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".": "เกิดข้อผิดพลาดในการเรียก YOURLS อาจเป็นปัญหามาจากการกำหนดค่า เช่น \"apiurl\" หรือ \"signature\" ไม่ถูกต้องหรือขาดหายไป",
+    "Error parsing YOURLS response.": "เกิดข้อผิดพลาดในการแยกวิเคราะห์การตอบสนองของ YOURLS"
+}

i18n/tr.json

@@ -1,135 +1,135 @@
 {
     "PrivateBin": "PrivateBin",
-    "%s is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted %sin the browser%s using 256 bits AES.": "%s is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted %sin the browser%s using 256 bits AES.",
+    "%s is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted %sin the browser%s using 256 bits AES.": "%s sunucunun burada paylaştığınız veriyi görmediği, minimal, açık kaynak bir pastebindir. Veriler tarayıcıda 256 bit AES kullanılarak şifrelenir/çözülür.",
     "More information on the <a href=\"https://privatebin.info/\">project page</a>.": "Daha fazla bilgi için <a href=\"https://privatebin.info/\">proje sayfası</a>'na göz atabilirsiniz.",
     "Because ignorance is bliss": "Çünkü, cehalet mutluluktur",
     "en": "tr",
     "Paste does not exist, has expired or has been deleted.": "Paste does not exist, has expired or has been deleted.",
-    "%s requires php %s or above to work. Sorry.": "%s requires php %s or above to work. Sorry.",
-    "%s requires configuration section [%s] to be present in configuration file.": "%s requires configuration section [%s] to be present in configuration file.",
+    "%s requires php %s or above to work. Sorry.": "%s PHP %s veya daha üstünü gerektirir.",
+    "%s requires configuration section [%s] to be present in configuration file.": "%s konfigürasyon bölümünün [%s] bulunmasını gerektir.",
     "Please wait %d seconds between each post.": [
-        "Please wait %d second between each post. (singular)",
-        "Please wait %d seconds between each post. (1st plural)",
-        "Please wait %d seconds between each post. (2nd plural)",
-        "Please wait %d seconds between each post. (3rd plural)"
+        "Lütfen paylaşımlar arasında %d saniye bekleyiniz.",
+        "Lütfen paylaşımlar arasında %d saniye bekleyiniz.",
+        "Lütfen paylaşımlar arasında %d saniye bekleyiniz.",
+        "Lütfen paylaşımlar arasında %d saniye bekleyiniz."
     ],
-    "Paste is limited to %s of encrypted data.": "Paste is limited to %s of encrypted data.",
+    "Paste is limited to %s of encrypted data.": "Yazılar %s şifreli veriyle sınırlıdır.",
     "Invalid data.": "Geçersiz veri.",
     "You are unlucky. Try again.": "Lütfen tekrar deneyiniz.",
-    "Error saving comment. Sorry.": "Error saving comment. Sorry.",
-    "Error saving paste. Sorry.": "Error saving paste. Sorry.",
-    "Invalid paste ID.": "Invalid paste ID.",
-    "Paste is not of burn-after-reading type.": "Paste is not of burn-after-reading type.",
-    "Wrong deletion token. Paste was not deleted.": "Wrong deletion token. Paste was not deleted.",
-    "Paste was properly deleted.": "Paste was properly deleted.",
-    "JavaScript is required for %s to work. Sorry for the inconvenience.": "JavaScript is required for %s to work. Sorry for the inconvenience.",
-    "%s requires a modern browser to work.": "%s requires a modern browser to work.",
+    "Error saving comment. Sorry.": "Yorum kaydedilemedi.",
+    "Error saving paste. Sorry.": "Yazı kaydedilemedi. Üzgünüz.",
+    "Invalid paste ID.": "Geçersiz yazı ID'si.",
+    "Paste is not of burn-after-reading type.": "Yazı okunduğunda silinmeyecek şekilde ayarlanmış.",
+    "Wrong deletion token. Paste was not deleted.": "Yanlış silme anahtarı. Yazı silinemedi.",
+    "Paste was properly deleted.": "Yazı başarıyla silindi.",
+    "JavaScript is required for %s to work. Sorry for the inconvenience.": "JavaScript %s 'in çalışması için gereklidir. Rahatsızlıktan dolayı özür dileriz.",
+    "%s requires a modern browser to work.": "%s çalışmak için çağdaş bir tarayıcı gerektirir.",
     "New": "Yeni",
     "Send": "Gönder",
     "Clone": "Kopyala",
-    "Raw text": "Raw text",
+    "Raw text": "Açık yazı",
     "Expires": "Süre Sonu",
-    "Burn after reading": "Burn after reading",
+    "Burn after reading": "Okuduktan sonra sil",
     "Open discussion": "Açık Tartışmalar",
-    "Password (recommended)": "Password (recommended)",
+    "Password (recommended)": "Şifre (önerilir)",
     "Discussion": "Tartışma",
     "Toggle navigation": "Gezinmeyi değiştir",
     "%d seconds": [
-        "%d second (singular)",
-        "%d seconds (1st plural)",
-        "%d seconds (2nd plural)",
-        "%d seconds (3rd plural)"
+        "%d saniye",
+        "%d saniye",
+        "%d saniye",
+        "%d saniye"
     ],
     "%d minutes": [
-        "%d minute (singular)",
-        "%d minutes (1st plural)",
-        "%d minutes (2nd plural)",
-        "%d minutes (3rd plural)"
+        "%d dakika",
+        "%d dakika",
+        "%d dakika",
+        "%d dakika"
     ],
     "%d hours": [
-        "%d hour (singular)",
-        "%d hours (1st plural)",
-        "%d hours (2nd plural)",
-        "%d hours (3rd plural)"
+        "%d saat",
+        "%d saat",
+        "%d saat",
+        "%d saat"
     ],
     "%d days": [
-        "%d day (singular)",
-        "%d days (1st plural)",
-        "%d days (2nd plural)",
-        "%d days (3rd plural)"
+        "%d gün",
+        "%d gün",
+        "%d gün",
+        "%d gün"
     ],
     "%d weeks": [
-        "%d hafta (tekil)",
-        "%d haftalar (çoğul)",
-        "%d weeks (2nd plural)",
-        "%d weeks (3rd plural)"
+        "%d hafta",
+        "%d haftalar",
+        "%d hafta",
+        "%d hafta"
     ],
     "%d months": [
-        "%d month (singular)",
-        "%d months (1st plural)",
-        "%d months (2nd plural)",
-        "%d months (3rd plural)"
+        "%d ay",
+        "%d ay",
+        "%d ay",
+        "%d ay"
     ],
     "%d years": [
-        "%d year (singular)",
-        "%d years (1st plural)",
-        "%d years (2nd plural)",
-        "%d years (3rd plural)"
+        "%d yıl",
+        "%d yıl",
+        "%d yıl",
+        "%d yıl"
     ],
-    "Never": "Never",
+    "Never": "Asla",
     "Note: This is a test service: Data may be deleted anytime. Kittens will die if you abuse this service.": "Note: This is a test service: Data may be deleted anytime. Kittens will die if you abuse this service.",
     "This document will expire in %d seconds.": [
-        "This document will expire in %d second. (singular)",
-        "This document will expire in %d seconds. (1st plural)",
-        "This document will expire in %d seconds. (2nd plural)",
-        "This document will expire in %d seconds. (3rd plural)"
+        "Bu belge %d saniyede silinecektir.",
+        "Bu belge %d saniyede silinecektir.",
+        "Bu belge %d saniyede silinecektir.",
+        "Bu belge %d saniyede silinecektir."
     ],
     "This document will expire in %d minutes.": [
-        "This document will expire in %d minute. (singular)",
-        "This document will expire in %d minutes. (1st plural)",
-        "This document will expire in %d minutes. (2nd plural)",
-        "This document will expire in %d minutes. (3rd plural)"
+        "Bu belge %d dakikada silinecektir.",
+        "Bu belge %d dakikada silinecektir.",
+        "Bu belge %d dakikada silinecektir.",
+        "Bu belge %d dakikada silinecektir."
     ],
     "This document will expire in %d hours.": [
-        "This document will expire in %d hour. (singular)",
-        "This document will expire in %d hours. (1st plural)",
-        "This document will expire in %d hours. (2nd plural)",
-        "This document will expire in %d hours. (3rd plural)"
+        "Bu belge %d saatte silinecektir.",
+        "Bu belge %d saatte silinecektir.",
+        "Bu belge %d saatte silinecektir.",
+        "Bu belge %d saatte silinecektir."
     ],
     "This document will expire in %d days.": [
-        "This document will expire in %d day. (singular)",
-        "This document will expire in %d days. (1st plural)",
-        "This document will expire in %d days. (2nd plural)",
-        "This document will expire in %d days. (3rd plural)"
+        "Bu belge %d günde silinecektir.",
+        "Bu belge %d günde silinecektir.",
+        "Bu belge %d günde silinecektir.",
+        "Bu belge %d günde silinecektir."
     ],
     "This document will expire in %d months.": [
-        "This document will expire in %d month. (singular)",
-        "This document will expire in %d months. (1st plural)",
-        "This document will expire in %d months. (2nd plural)",
-        "This document will expire in %d months. (3rd plural)"
+        "Bu belge %d ayda silinecektir.",
+        "Bu belge %d ayda silinecektir.",
+        "Bu belge %d ayda silinecektir.",
+        "Bu belge %d ayda silinecektir."
     ],
-    "Please enter the password for this paste:": "Please enter the password for this paste:",
-    "Could not decrypt data (Wrong key?)": "Could not decrypt data (Wrong key?)",
-    "Could not delete the paste, it was not stored in burn after reading mode.": "Could not delete the paste, it was not stored in burn after reading mode.",
-    "FOR YOUR EYES ONLY. Don't close this window, this message can't be displayed again.": "FOR YOUR EYES ONLY. Don't close this window, this message can't be displayed again.",
-    "Could not decrypt comment; Wrong key?": "Could not decrypt comment; Wrong key?",
+    "Please enter the password for this paste:": "Lütfen bu yazı için şifrenizi girin:",
+    "Could not decrypt data (Wrong key?)": "Şifre çözülemedi (Yanlış anahtar mı kullandınız?)",
+    "Could not delete the paste, it was not stored in burn after reading mode.": "Yazı silinemedi, okunduktan sonra silinmek için ayarlanmadı.",
+    "FOR YOUR EYES ONLY. Don't close this window, this message can't be displayed again.": "BU DOSYAYI SADECE SİZ GÖRÜNTÜLEYEBİLİRSİNİZ. Bu pencereyi kapatmayın, yazıyı tekrar görüntüleyemeyeceksiniz.",
+    "Could not decrypt comment; Wrong key?": "Dosya şifresi çözülemedi, doğru anahtarı girdiğinizden emin misiniz?",
     "Reply": "Cevapla",
     "Anonymous": "Anonim",
-    "Avatar generated from IP address": "Avatar generated from IP address",
+    "Avatar generated from IP address": "IP adresinden oluşturulmuş avatar",
     "Add comment": "Yorum ekle",
-    "Optional nickname…": "Optional nickname…",
+    "Optional nickname…": "İsteğe bağlı takma isim…",
     "Post comment": "Yorumu gönder",
-    "Sending comment…": "Sending comment…",
+    "Sending comment…": "Yorum gönderiliyor…",
     "Comment posted.": "Yorum gönderildi.",
-    "Could not refresh display: %s": "Could not refresh display: %s",
-    "unknown status": "unknown status",
-    "server error or not responding": "server error or not responding",
-    "Could not post comment: %s": "Could not post comment: %s",
-    "Sending paste…": "Sending paste…",
-    "Your paste is <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Hit [Ctrl]+[c] to copy)</span>": "Your paste is <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Hit [Ctrl]+[c] to copy)</span>",
+    "Could not refresh display: %s": "Görüntü yenilenemedi: %s",
+    "unknown status": "bilinmeyen durum",
+    "server error or not responding": "sunucu hatası veya yanıt vermiyor",
+    "Could not post comment: %s": "Yorum paylaşılamadı: %s",
+    "Sending paste…": "Yazı gönderiliyor…",
+    "Your paste is <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">(Hit [Ctrl]+[c] to copy)</span>": "Yazınız: <a id=\"pasteurl\" href=\"%s\">%s</a> <span id=\"copyhint\">([Ctrl]+[c] tuşlarına basarak kopyalayın.)</span>",
     "Delete data": "Veriyi sil",
-    "Could not create paste: %s": "Could not create paste: %s",
-    "Cannot decrypt paste: Decryption key missing in URL (Did you use a redirector or an URL shortener which strips part of the URL?)": "Cannot decrypt paste: Decryption key missing in URL (Did you use a redirector or an URL shortener which strips part of the URL?)",
+    "Could not create paste: %s": "Yazı oluşturulamadı: %s",
+    "Cannot decrypt paste: Decryption key missing in URL (Did you use a redirector or an URL shortener which strips part of the URL?)": "Yazı şifresi çözülemedi, çözme anahtarı URL'de bulunamadı. (Buraya bir yönlendirici veya URL kısaltıcı kullanarak gelmiş olabilirsiniz.)",
     "B": "B",
     "KiB": "KiB",
     "MiB": "MiB",
@@ -140,50 +140,54 @@
     "ZiB": "ZiB",
     "YiB": "YiB",
     "Format": "Format",
-    "Plain Text": "Plain Text",
-    "Source Code": "Source Code",
+    "Plain Text": "Düz Yazı",
+    "Source Code": "Kaynak Kodu",
     "Markdown": "Markdown",
-    "Download attachment": "Download attachment",
-    "Cloned: '%s'": "Cloned: '%s'",
-    "The cloned file '%s' was attached to this paste.": "The cloned file '%s' was attached to this paste.",
-    "Attach a file": "Attach a file",
-    "alternatively drag & drop a file or paste an image from the clipboard": "alternatively drag & drop a file or paste an image from the clipboard",
-    "File too large, to display a preview. Please download the attachment.": "File too large, to display a preview. Please download the attachment.",
-    "Remove attachment": "Remove attachment",
-    "Your browser does not support uploading encrypted files. Please use a newer browser.": "Your browser does not support uploading encrypted files. Please use a newer browser.",
-    "Invalid attachment.": "Invalid attachment.",
-    "Options": "Options",
-    "Shorten URL": "Shorten URL",
-    "Editor": "Editor",
+    "Download attachment": "Eki indir",
+    "Cloned: '%s'": "Klonlandı: '%s'",
+    "The cloned file '%s' was attached to this paste.": "Klonlanmış dosya '%s' bu yazıya eklendi.",
+    "Attach a file": "Dosya ekle",
+    "alternatively drag & drop a file or paste an image from the clipboard": "alternatif olarak dosyasyı yapıştırabilir veya sürükleyip bırakabilirsin",
+    "File too large, to display a preview. Please download the attachment.": "Dosya önizleme için çok büyük. Lütfen eki indirin.",
+    "Remove attachment": "Eki sil",
+    "Your browser does not support uploading encrypted files. Please use a newer browser.": "Tarayıcınız şifreli dosyaları desteklemiyor.",
+    "Invalid attachment.": "Geçersiz ek.",
+    "Options": "Seçenekler",
+    "Shorten URL": "URL kısaltma",
+    "Editor": "Düzenleyici",
     "Preview": "Ön izleme",
     "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.": "%s requires the PATH to end in a \"%s\". Please update the PATH in your index.php.",
-    "Decrypt": "Decrypt",
+    "Decrypt": "Şifreyi çöz",
     "Enter password": "Şifreyi girin",
     "Loading…": "Yükleniyor…",
-    "Decrypting paste…": "Decrypting paste…",
-    "Preparing new paste…": "Preparing new paste…",
+    "Decrypting paste…": "Yazı şifresi çözülüyor…",
+    "Preparing new paste…": "Yeni yazı hazırlanıyor…",
     "In case this message never disappears please have a look at <a href=\"%s\">this FAQ for information to troubleshoot</a>.": "In case this message never disappears please have a look at <a href=\"%s\">this FAQ for information to troubleshoot</a>.",
     "+++ no paste text +++": "+++ no paste text +++",
-    "Could not get paste data: %s": "Could not get paste data: %s",
+    "Could not get paste data: %s": "Yazı verisi alınamıyor: %s",
     "QR code": "QR kodu",
     "This website is using an insecure HTTP connection! Please use it only for testing.": "This website is using an insecure HTTP connection! Please use it only for testing.",
     "For more information <a href=\"%s\">see this FAQ entry</a>.": "For more information <a href=\"%s\">see this FAQ entry</a>.",
     "Your browser may require an HTTPS connection to support the WebCrypto API. Try <a href=\"%s\">switching to HTTPS</a>.": "Your browser may require an HTTPS connection to support the WebCrypto API. Try <a href=\"%s\">switching to HTTPS</a>.",
     "Your browser doesn't support WebAssembly, used for zlib compression. You can create uncompressed documents, but can't read compressed ones.": "Your browser doesn't support WebAssembly, used for zlib compression. You can create uncompressed documents, but can't read compressed ones.",
     "waiting on user to provide a password": "waiting on user to provide a password",
-    "Could not decrypt data. Did you enter a wrong password? Retry with the button at the top.": "Could not decrypt data. Did you enter a wrong password? Retry with the button at the top.",
+    "Could not decrypt data. Did you enter a wrong password? Retry with the button at the top.": "Dosya şifresi çözülemedi, doğru şifreyi kullandığınıza emin misiniz? Üstteki buton ile tekrar deneyin.",
     "Retry": "Yeniden Dene",
-    "Showing raw text…": "Showing raw text…",
+    "Showing raw text…": "Açık yazı gösteriliyor…",
     "Notice:": "Bildirim:",
-    "This link will expire after %s.": "This link will expire after %s.",
-    "This link can only be accessed once, do not use back or refresh button in your browser.": "This link can only be accessed once, do not use back or refresh button in your browser.",
+    "This link will expire after %s.": "Bu bağlantı şu kadar zaman sonra etkisiz kalacaktır: %s.",
+    "This link can only be accessed once, do not use back or refresh button in your browser.": "Bu bağlantı sadece bir kere erişilebilir, lütfen sayfayı yenilemeyiniz.",
     "Link:": "Bağlantı:",
-    "Recipient may become aware of your timezone, convert time to UTC?": "Recipient may become aware of your timezone, convert time to UTC?",
-    "Use Current Timezone": "Use Current Timezone",
-    "Convert To UTC": "Convert To UTC",
+    "Recipient may become aware of your timezone, convert time to UTC?": "Alıcı zaman dilmini öğrenebilir, zaman dilimini UTC'ye çevirmek ister misin?",
+    "Use Current Timezone": "Şuanki zaman dilimini kullan",
+    "Convert To UTC": "UTC zaman dilimine çevir",
     "Close": "Kapat",
-    "Encrypted note on PrivateBin": "Encrypted note on PrivateBin",
-    "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.": "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.",
-    "URL shortener may expose your decrypt key in URL.": "URL shortener may expose your decrypt key in URL.",
-    "Save paste": "Save paste"
+    "Encrypted note on %s": "%s üzerinde şifrelenmiş not",
+    "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.": "Notu görmek için bu bağlantıyı ziyaret et. Bağlantıya sahip olan birisi notu görebilir.",
+    "URL shortener may expose your decrypt key in URL.": "URL kısaltıcı şifreleme anahtarınızı URL içerisinde gösterebilir.",
+    "Save paste": "Yazıyı kaydet",
+    "Your IP is not authorized to create pastes.": "IP adresinizin yazı oluşturmaya yetkisi yoktur.",
+    "Trying to shorten a URL that isn't pointing at our instance.": "Trying to shorten a URL that isn't pointing at our instance.",
+    "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".": "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".",
+    "Error parsing YOURLS response.": "Error parsing YOURLS response."
 }

i18n/uk.json

@@ -8,10 +8,10 @@
     "%s requires php %s or above to work. Sorry.": "Для роботи %s потрібен php %s и вище. Вибачте.",
     "%s requires configuration section [%s] to be present in configuration file.": "%s потрібна секція [%s] в конфігураційному файлі.",
     "Please wait %d seconds between each post.": [
-        "Please wait %d second between each post. (singular)",
-        "Please wait %d seconds between each post. (1st plural)",
-        "Please wait %d seconds between each post. (2nd plural)",
-        "Please wait %d seconds between each post. (3rd plural)"
+        "Будь ласка, зачекайте %d секунду між створеннями.",
+        "Будь ласка, зачекайте %d секунди між створеннями.",
+        "Будь ласка, зачекайте %d секунд між створеннями.",
+        "Будь ласка, зачекайте %d секунд між створеннями."
     ],
     "Paste is limited to %s of encrypted data.": "Розмір допису обмежений %s зашифрованих даних.",
     "Invalid data.": "Неправильні дані.",
@@ -170,20 +170,24 @@
     "For more information <a href=\"%s\">see this FAQ entry</a>.": "Для подробиць <a href=\"%s\">дивіться інформацію в FAQ</a>.",
     "Your browser may require an HTTPS connection to support the WebCrypto API. Try <a href=\"%s\">switching to HTTPS</a>.": "Ваш переглядач вимагає підключення HTTPS для підтримки  WebCrypto API. Спробуйте <a href=\"%s\">перемкнутися на HTTPS</a>.",
     "Your browser doesn't support WebAssembly, used for zlib compression. You can create uncompressed documents, but can't read compressed ones.": "Ваш переглядач не підтримує WebAssembly, що використовується для стиснення zlib. Ви можете створювати нестиснені документи, але не зможете читати стиснені.",
-    "waiting on user to provide a password": "waiting on user to provide a password",
-    "Could not decrypt data. Did you enter a wrong password? Retry with the button at the top.": "Could not decrypt data. Did you enter a wrong password? Retry with the button at the top.",
-    "Retry": "Retry",
-    "Showing raw text…": "Showing raw text…",
-    "Notice:": "Notice:",
-    "This link will expire after %s.": "This link will expire after %s.",
-    "This link can only be accessed once, do not use back or refresh button in your browser.": "This link can only be accessed once, do not use back or refresh button in your browser.",
-    "Link:": "Link:",
-    "Recipient may become aware of your timezone, convert time to UTC?": "Recipient may become aware of your timezone, convert time to UTC?",
-    "Use Current Timezone": "Use Current Timezone",
-    "Convert To UTC": "Convert To UTC",
-    "Close": "Close",
-    "Encrypted note on PrivateBin": "Encrypted note on PrivateBin",
-    "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.": "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.",
-    "URL shortener may expose your decrypt key in URL.": "URL shortener may expose your decrypt key in URL.",
-    "Save paste": "Save paste"
+    "waiting on user to provide a password": "очікування користувача для вводу паролю",
+    "Could not decrypt data. Did you enter a wrong password? Retry with the button at the top.": "Не вдалося розшифрувати дані. Може, ви ввели неправильний пароль? Спробуйте знову за допомогою верхньої кнопки.",
+    "Retry": "Спробуйте ще раз",
+    "Showing raw text…": "Відображається неформатований текст…",
+    "Notice:": "Зверніть увагу:",
+    "This link will expire after %s.": "Термін дії цього посилання сплине через %s.",
+    "This link can only be accessed once, do not use back or refresh button in your browser.": "Дане посилання доступна тільки один раз, не натискайте кнопку назад та не обновляйте сторінку браузера.",
+    "Link:": "Посилання:",
+    "Recipient may become aware of your timezone, convert time to UTC?": "Отримувач дізнається ваш часовий пояс, перетворити час в UTC?",
+    "Use Current Timezone": "Використовувати поточний часовий пояс",
+    "Convert To UTC": "Конвертувати в UTC",
+    "Close": "Закрити",
+    "Encrypted note on %s": "Зашифрована нотатка на %s",
+    "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.": "Відвідайте посилання, щоб переглянути нотатку. Передача посилання будь-кому дозволить їм переглянути нотатку.",
+    "URL shortener may expose your decrypt key in URL.": "Сервіс скорочення посилань може викрити ваш ключ дешифрування з URL.",
+    "Save paste": "Зберегти вставку",
+    "Your IP is not authorized to create pastes.": "Вашому IP не дозволено створювати вставки.",
+    "Trying to shorten a URL that isn't pointing at our instance.": "Trying to shorten a URL that isn't pointing at our instance.",
+    "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".": "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".",
+    "Error parsing YOURLS response.": "Error parsing YOURLS response."
 }

i18n/zh.json

@@ -182,8 +182,12 @@
     "Use Current Timezone": "使用当前时区",
     "Convert To UTC": "转换为 UTC",
     "Close": "关闭",
-    "Encrypted note on PrivateBin": "PrivateBin 上的加密笔记",
+    "Encrypted note on %s": "%s 上的加密笔记",
     "Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.": "访问此链接来查看该笔记。将此 URL 发送给任何人即可允许其访问该笔记。",
     "URL shortener may expose your decrypt key in URL.": "短链接服务可能会暴露您在 URL 中的解密密钥。",
-    "Save paste": "保存内容"
+    "Save paste": "保存内容",
+    "Your IP is not authorized to create pastes.": "您的 IP 无权创建粘贴。",
+    "Trying to shorten a URL that isn't pointing at our instance.": "Trying to shorten a URL that isn't pointing at our instance.",
+    "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".": "Error calling YOURLS. Probably a configuration issue, like wrong or missing \"apiurl\" or \"signature\".",
+    "Error parsing YOURLS response.": "Error parsing YOURLS response."
 }

index.php

@@ -7,7 +7,7 @@
  * @link      https://github.com/PrivateBin/PrivateBin
  * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
  * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   1.3.5
+ * @version   1.5.1
  */
 
 // change this, if your php files and data is outside of your webservers document root

js/common.js

@@ -10,17 +10,17 @@ global.fs = require('fs');
 global.WebCrypto = require('@peculiar/webcrypto').Crypto;
 
 // application libraries to test
-global.$ = global.jQuery = require('./jquery-3.6.0');
+global.$ = global.jQuery = require('./jquery-3.6.1');
 global.RawDeflate = require('./rawinflate-0.3').RawDeflate;
-global.zlib = require('./zlib-1.2.11').zlib;
+global.zlib = require('./zlib-1.2.13').zlib;
 require('./prettify');
 global.prettyPrint = window.PR.prettyPrint;
 global.prettyPrintOne = window.PR.prettyPrintOne;
-global.showdown = require('./showdown-2.0.0');
-global.DOMPurify = require('./purify-2.3.6');
+global.showdown = require('./showdown-2.1.0');
+global.DOMPurify = require('./purify-2.4.6');
 global.baseX = require('./base-x-4.0.0').baseX;
 global.Legacy = require('./legacy').Legacy;
-require('./bootstrap-3.3.7');
+require('./bootstrap-3.4.1');
 require('./privatebin');
 
 // internal variables
@@ -131,4 +131,3 @@ exports.jscMimeTypes = function() {
 exports.jscFormats = function() {
     return jsc.elements(formats);
 };
-

js/package.json

@@ -1,6 +1,6 @@
 {
   "name": "privatebin",
-  "version": "1.3.5",
+  "version": "1.5.1",
   "description": "PrivateBin is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted/decrypted in the browser using 256 bit AES in Galois Counter mode (GCM).",
   "main": "privatebin.js",
   "directories": {

js/privatebin.js

@@ -6,7 +6,7 @@
  * @see       {@link https://github.com/PrivateBin/PrivateBin}
  * @copyright 2012 Sébastien SAUVAGE ({@link http://sebsauvage.net})
  * @license   {@link https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License}
- * @version   1.3.5
+ * @version   1.5.1
  * @name      PrivateBin
  * @namespace
  */
@@ -52,6 +52,31 @@ jQuery.PrivateBin = (function($, RawDeflate) {
      */
     let z;
 
+    /**
+     * DOMpurify settings for HTML content
+     *
+     * @private
+     */
+     const purifyHtmlConfig = {
+        ALLOWED_URI_REGEXP: /^(?:(?:(?:f|ht)tps?|mailto|magnet):)/i,
+        SAFE_FOR_JQUERY: true,
+        USE_PROFILES: {
+            html: true
+        }
+    };
+
+    /**
+     * DOMpurify settings for SVG content
+     *
+     * @private
+     */
+     const purifySvgConfig = {
+        USE_PROFILES: {
+            svg: true,
+            svgFilters: true
+        }
+    };
+
     /**
      * CryptoData class
      *
@@ -409,7 +434,8 @@ jQuery.PrivateBin = (function($, RawDeflate) {
                     element.html().replace(
                         /(((https?|ftp):\/\/[\w?!=&.\/-;#@~%+*-]+(?![\w\s?!&.\/;#~%"=-]>))|((magnet):[\w?=&.\/-;#@~%+*-]+))/ig,
                         '<a href="$1" rel="nofollow noopener noreferrer">$1</a>'
-                    )
+                    ),
+                    purifyHtmlConfig
                 )
             );
         };
@@ -601,7 +627,7 @@ jQuery.PrivateBin = (function($, RawDeflate) {
          * @prop   {string[]}
          * @readonly
          */
-        const supportedLanguages = ['bg', 'ca', 'cs', 'de', 'es', 'et', 'fr', 'he', 'hu', 'id', 'it', 'jbo', 'lt', 'no', 'nl', 'pl', 'pt', 'oc', 'ru', 'sl', 'uk', 'zh'];
+        const supportedLanguages = ['bg', 'ca', 'co', 'cs', 'de', 'el', 'es', 'et', 'fi', 'fr', 'he', 'hu', 'id', 'it', 'jbo', 'lt', 'no', 'nl', 'pl', 'pt', 'oc', 'ru', 'sk', 'sl', 'th', 'tr', 'uk', 'zh'];
 
         /**
          * built in language
@@ -767,7 +793,7 @@ jQuery.PrivateBin = (function($, RawDeflate) {
         /**
          * per language functions to use to determine the plural form
          *
-         * @see    {@link https://localization-guide.readthedocs.org/en/latest/l10n/pluralforms.html}
+         * @see    {@link https://docs.translatehouse.org/projects/localization-guide/en/latest/l10n/pluralforms.html}
          * @name   I18n.getPluralForm
          * @function
          * @param  {int} n
@@ -777,26 +803,30 @@ jQuery.PrivateBin = (function($, RawDeflate) {
             switch (language)
             {
                 case 'cs':
-                    return n === 1 ? 0 : (n >= 2 && n <=4 ? 1 : 2);
+                case 'sk':
+                    return n === 1 ? 0 : (n >= 2 && n <= 4 ? 1 : 2);
+                case 'co':
                 case 'fr':
                 case 'oc':
+                case 'tr':
                 case 'zh':
                     return n > 1 ? 1 : 0;
                 case 'he':
                     return n === 1 ? 0 : (n === 2 ? 1 : ((n < 0 || n > 10) && (n % 10 === 0) ? 2 : 3));
                 case 'id':
                 case 'jbo':
+                case 'th':
                     return 0;
                 case 'lt':
                     return n % 10 === 1 && n % 100 !== 11 ? 0 : ((n % 10 >= 2 && n % 100 < 10 || n % 100 >= 20) ? 1 : 2);
                 case 'pl':
-                    return n === 1 ? 0 : (n % 10 >= 2 && n %10 <=4 && (n % 100 < 10 || n % 100 >= 20) ? 1 : 2);
+                    return n === 1 ? 0 : (n % 10 >= 2 && n %10 <= 4 && (n % 100 < 10 || n % 100 >= 20) ? 1 : 2);
                 case 'ru':
                 case 'uk':
                     return n % 10 === 1 && n % 100 !== 11 ? 0 : (n % 10 >= 2 && n % 10 <= 4 && (n % 100 < 10 || n % 100 >= 20) ? 1 : 2);
                 case 'sl':
                     return n % 100 === 1 ? 1 : (n % 100 === 2 ? 2 : (n % 100 === 3 || n % 100 === 4 ? 3 : 0));
-                // bg, ca, de, en, es, et, hu, it, nl, no, pt
+                // bg, ca, de, el, en, es, et, fi, hu, it, nl, no, pt
                 default:
                     return n !== 1 ? 1 : 0;
             }
@@ -2535,7 +2565,8 @@ jQuery.PrivateBin = (function($, RawDeflate) {
                 // let showdown convert the HTML and sanitize HTML *afterwards*!
                 $plainText.html(
                     DOMPurify.sanitize(
-                        converter.makeHtml(text)
+                        converter.makeHtml(text),
+                        purifyHtmlConfig
                     )
                 );
                 // add table classes from bootstrap css
@@ -2751,6 +2782,34 @@ jQuery.PrivateBin = (function($, RawDeflate) {
             $dropzone;
 
         /**
+         * get blob URL from string data and mime type
+         *
+         * @name   AttachmentViewer.getBlobUrl
+         * @private
+         * @function
+         * @param {string} data - raw data of attachment
+         * @param {string} data - mime type of attachment
+         * @return {string} objectURL
+         */
+         function getBlobUrl(data, mimeType)
+         {
+            // Transform into a Blob
+            const buf = new Uint8Array(data.length);
+            for (let i = 0; i < data.length; ++i) {
+                buf[i] = data.charCodeAt(i);
+            }
+            const blob = new window.Blob(
+                [buf],
+                {
+                    type: mimeType
+                }
+            );
+
+            // Get blob URL
+            return window.URL.createObjectURL(blob);
+         }
+
+         /**
          * sets the attachment but does not yet show it
          *
          * @name   AttachmentViewer.setAttachment
@@ -2760,44 +2819,42 @@ jQuery.PrivateBin = (function($, RawDeflate) {
          */
         me.setAttachment = function(attachmentData, fileName)
         {
-            // data URI format: data:[<mediaType>][;base64],<data>
+            // skip, if attachments got disabled
+            if (!$attachmentLink || !$attachmentPreview) return;
+
+            // data URI format: data:[<mimeType>][;base64],<data>
 
             // position in data URI string of where data begins
             const base64Start = attachmentData.indexOf(',') + 1;
-            // position in data URI string of where mediaType ends
-            const mediaTypeEnd = attachmentData.indexOf(';');
+            // position in data URI string of where mimeType ends
+            const mimeTypeEnd = attachmentData.indexOf(';');
 
-            // extract mediaType
-            const mediaType = attachmentData.substring(5, mediaTypeEnd);
+            // extract mimeType
+            const mimeType = attachmentData.substring(5, mimeTypeEnd);
             // extract data and convert to binary
             const rawData = attachmentData.substring(base64Start);
             const decodedData = rawData.length > 0 ? atob(rawData) : '';
 
-            // Transform into a Blob
-            const buf = new Uint8Array(decodedData.length);
-            for (let i = 0; i < decodedData.length; ++i) {
-                buf[i] = decodedData.charCodeAt(i);
-            }
-            const blob = new window.Blob([ buf ], { type: mediaType });
-
-            // Get Blob URL
-            const blobUrl = window.URL.createObjectURL(blob);
-
-            // IE does not support setting a data URI on an a element
-            // Using msSaveBlob to download
-            if (window.Blob && navigator.msSaveBlob) {
-                $attachmentLink.off('click').on('click', function () {
-                    navigator.msSaveBlob(blob, fileName);
-                });
-            } else {
-                $attachmentLink.attr('href', blobUrl);
-            }
+            let blobUrl = getBlobUrl(decodedData, mimeType);
+            $attachmentLink.attr('href', blobUrl);
 
             if (typeof fileName !== 'undefined') {
                 $attachmentLink.attr('download', fileName);
             }
 
-            me.handleBlobAttachmentPreview($attachmentPreview, blobUrl, mediaType);
+            // sanitize SVG preview
+            // prevents executing embedded scripts when CSP is not set and user
+            // right-clicks/long-taps and opens the SVG in a new tab - prevented
+            // in the preview by use of an img tag, which disables scripts, too
+            if (mimeType.match(/^image\/.*svg/i)) {
+                const sanitizedData = DOMPurify.sanitize(
+                    decodedData,
+                    purifySvgConfig
+                );
+                blobUrl = getBlobUrl(sanitizedData, mimeType);
+            }
+
+            me.handleBlobAttachmentPreview($attachmentPreview, blobUrl, mimeType);
         };
 
         /**
@@ -2808,6 +2865,9 @@ jQuery.PrivateBin = (function($, RawDeflate) {
          */
         me.showAttachment = function()
         {
+            // skip, if attachments got disabled
+            if (!$attachment || !$attachmentPreview) return;
+
             $attachment.removeClass('hidden');
 
             if (attachmentHasPreview) {
@@ -3015,13 +3075,13 @@ jQuery.PrivateBin = (function($, RawDeflate) {
         me.handleBlobAttachmentPreview = function ($targetElement, blobUrl, mimeType) {
             if (blobUrl) {
                 attachmentHasPreview = true;
-                if (mimeType.match(/image\//i)) {
+                if (mimeType.match(/^image\//i)) {
                     $targetElement.html(
                         $(document.createElement('img'))
                             .attr('src', blobUrl)
                             .attr('class', 'img-thumbnail')
                     );
-                } else if (mimeType.match(/video\//i)) {
+                } else if (mimeType.match(/^video\//i)) {
                     $targetElement.html(
                         $(document.createElement('video'))
                             .attr('controls', 'true')
@@ -3032,7 +3092,7 @@ jQuery.PrivateBin = (function($, RawDeflate) {
                             .attr('type', mimeType)
                             .attr('src', blobUrl))
                     );
-                } else if (mimeType.match(/audio\//i)) {
+                } else if (mimeType.match(/^audio\//i)) {
                     $targetElement.html(
                         $(document.createElement('audio'))
                             .attr('controls', 'true')
@@ -3664,7 +3724,14 @@ jQuery.PrivateBin = (function($, RawDeflate) {
             for (let i = 0; i < $head.length; ++i) {
                 newDoc.write($head[i].outerHTML);
             }
-            newDoc.write('</head><body><pre>' + DOMPurify.sanitize(Helper.htmlEntities(paste)) + '</pre></body></html>');
+            newDoc.write(
+                '</head><body><pre>' +
+                DOMPurify.sanitize(
+                    Helper.htmlEntities(paste),
+                    purifyHtmlConfig
+                ) +
+                '</pre></body></html>'
+            );
             newDoc.close();
         }
 
@@ -5393,11 +5460,6 @@ jQuery.PrivateBin = (function($, RawDeflate) {
             // first load translations
             I18n.loadTranslations();
 
-            DOMPurify.setConfig({
-                ALLOWED_URI_REGEXP: /^(?:(?:(?:f|ht)tps?|mailto|magnet):)/i,
-                SAFE_FOR_JQUERY: true
-            });
-
             // Add a hook to make all links open a new window
             DOMPurify.addHook('afterSanitizeAttributes', function(node) {
                 // set all elements owning target to target=_blank

js/test/DiscussionViewer.js

@@ -110,4 +110,3 @@ describe('DiscussionViewer', function () {
         );
     });
 });
-

js/test/Editor.js

@@ -52,12 +52,12 @@ describe('Editor', function () {
                     !$.PrivateBin.Editor.isPreview() &&
                     !$('#message').hasClass('hidden')
                 );
-                $('#messagepreview').click();
+                $('#messagepreview').trigger('click');
                 results.push(
                     $.PrivateBin.Editor.isPreview() &&
                     $('#message').hasClass('hidden')
                 );
-                $('#messageedit').click();
+                $('#messageedit').trigger('click');
                 results.push(
                     !$.PrivateBin.Editor.isPreview() &&
                     !$('#message').hasClass('hidden')
@@ -68,4 +68,3 @@ describe('Editor', function () {
         );
     });
 });
-

js/test/TopNav.js

@@ -280,7 +280,8 @@ describe('TopNav', function () {
         it(
             'collapses the navigation when displayed on a small screen',
             function () {
-                var results = [];
+                var clean = jsdom(),
+                    results = [];
                 $('body').html(
                     '<nav><div class="navbar-header"><button type="button" ' +
                     'class="navbar-toggle collapsed" data-toggle="collapse" ' +
@@ -301,7 +302,11 @@ describe('TopNav', function () {
                     $('.navbar-toggle').hasClass('collapsed') &&
                     $('#navbar').attr('aria-expanded') != 'true'
                 );
-                $('.navbar-toggle').click();
+                /*
+                with the upgrade for bootstrap-3.3.7.js to bootstrap-3.4.1.js
+                the mobile interface detection changed to check if the
+                ontouchstart event exists, which broke this section of the test
+                $('.navbar-toggle').trigger('click');
                 results.push(
                     !$('.navbar-toggle').hasClass('collapsed') &&
                     $('#navbar').attr('aria-expanded') == 'true'
@@ -311,7 +316,8 @@ describe('TopNav', function () {
                     $('.navbar-toggle').hasClass('collapsed') &&
                     $('#navbar').attr('aria-expanded') == 'false'
                 );
-                cleanup();
+                */
+                clean();
                 assert.ok(results.every(element => element));
             }
         );
@@ -670,4 +676,3 @@ describe('TopNav', function () {
         );
     });
 });
-

js/zlib-1.2.13.js

@@ -26,9 +26,9 @@
 
         let buff;
         if (typeof fetch === 'undefined') {
-            buff = fs.readFileSync('zlib-1.2.11.wasm');
+            buff = fs.readFileSync('zlib-1.2.13.wasm');
         } else {
-            const resp = await fetch('js/zlib-1.2.11.wasm');
+            const resp = await fetch('js/zlib-1.2.13.wasm');
             buff = await resp.arrayBuffer();
         }
         const module = await WebAssembly.compile(buff);

lib/Configuration.php

@@ -7,7 +7,7 @@
  * @link      https://github.com/PrivateBin/PrivateBin
  * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
  * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   1.3.5
+ * @version   1.5.1
  */
 
 namespace PrivateBin;
@@ -54,7 +54,7 @@ class Configuration
             'urlshortener'             => '',
             'qrcode'                   => true,
             'icon'                     => 'identicon',
-            'cspheader'                => 'default-src \'none\'; base-uri \'self\'; form-action \'none\'; manifest-src \'self\'; connect-src * blob:; script-src \'self\' \'unsafe-eval\' resource:; style-src \'self\'; font-src \'self\'; frame-ancestors \'none\'; img-src \'self\' data: blob:; media-src blob:; object-src blob:; sandbox allow-same-origin allow-scripts allow-forms allow-popups allow-modals allow-downloads',
+            'cspheader'                => 'default-src \'none\'; base-uri \'self\'; form-action \'none\'; manifest-src \'self\'; connect-src * blob:; script-src \'self\' \'unsafe-eval\'; style-src \'self\'; font-src \'self\'; frame-ancestors \'none\'; img-src \'self\' data: blob:; media-src blob:; object-src blob:; sandbox allow-same-origin allow-scripts allow-forms allow-popups allow-modals allow-downloads',
             'zerobincompatibility'     => false,
             'httpwarning'              => true,
             'compression'              => 'zlib',
@@ -78,9 +78,10 @@ class Configuration
             'markdown'           => 'Markdown',
         ),
         'traffic' => array(
-            'limit'      => 10,
-            'header'     => null,
-            'exemptedIp' => null,
+            'limit'     => 10,
+            'header'    => '',
+            'exempted'  => '',
+            'creators'  => '',
         ),
         'purge' => array(
             'limit'     => 300,
@@ -92,6 +93,10 @@ class Configuration
         'model_options' => array(
             'dir' => 'data',
         ),
+        'yourls' => array(
+            'signature' => '',
+            'apiurl'    => '',
+        ),
     );
 
     /**
@@ -152,8 +157,25 @@ class Configuration
                 )
             ) {
                 $values = array(
-                    'bucket' => getenv('PRIVATEBIN_GCS_BUCKET') ? getenv('PRIVATEBIN_GCS_BUCKET') : null,
-                    'prefix' => 'pastes',
+                    'bucket'     => getenv('PRIVATEBIN_GCS_BUCKET') ? getenv('PRIVATEBIN_GCS_BUCKET') : null,
+                    'prefix'     => 'pastes',
+                    'uniformacl' => false,
+                );
+            } elseif (
+                $section == 'model_options' && in_array(
+                    $this->_configuration['model']['class'],
+                    array('S3Storage')
+                )
+            ) {
+                $values = array(
+                    'region'                  => null,
+                    'version'                 => null,
+                    'endpoint'                => null,
+                    'accesskey'               => null,
+                    'secretkey'               => null,
+                    'use_path_style_endpoint' => null,
+                    'bucket'                  => null,
+                    'prefix'                  => '',
                 );
             }
 
@@ -214,6 +236,14 @@ class Configuration
         if (!array_key_exists($this->_configuration['expire']['default'], $this->_configuration['expire_options'])) {
             $this->_configuration['expire']['default'] = key($this->_configuration['expire_options']);
         }
+
+        // ensure the basepath ends in a slash, if one is set
+        if (
+            strlen($this->_configuration['main']['basepath']) &&
+            substr_compare($this->_configuration['main']['basepath'], '/', -1) !== 0
+        ) {
+            $this->_configuration['main']['basepath'] .= '/';
+        }
     }
 
     /**

lib/Controller.php

@@ -7,7 +7,7 @@
  * @link      https://github.com/PrivateBin/PrivateBin
  * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
  * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   1.3.5
+ * @version   1.5.1
  */
 
 namespace PrivateBin;
@@ -28,7 +28,7 @@ class Controller
      *
      * @const string
      */
-    const VERSION = '1.3.5';
+    const VERSION = '1.5.1';
 
     /**
      * minimal required PHP version
@@ -136,6 +136,9 @@ class Controller
             case 'jsonld':
                 $this->_jsonld($this->_request->getParam('jsonld'));
                 return;
+            case 'yourlsproxy':
+                $this->_yourlsproxy($this->_request->getParam('link'));
+                break;
         }
 
         // output JSON or HTML
@@ -199,13 +202,10 @@ class Controller
         ServerSalt::setStore($this->_model->getStore());
         TrafficLimiter::setConfiguration($this->_conf);
         TrafficLimiter::setStore($this->_model->getStore());
-        if (!TrafficLimiter::canPass()) {
-            $this->_return_message(
-                1, I18n::_(
-                    'Please wait %d seconds between each post.',
-                    $this->_conf->getKey('limit', 'traffic')
-                )
-            );
+        try {
+            TrafficLimiter::canPass();
+        } catch (Exception $e) {
+            $this->_return_message(1, $e->getMessage());
             return;
         }
 
@@ -344,8 +344,11 @@ class Controller
         header('Content-Security-Policy: ' . $this->_conf->getKey('cspheader'));
         header('Cross-Origin-Resource-Policy: same-origin');
         header('Cross-Origin-Embedder-Policy: require-corp');
-        header('Cross-Origin-Opener-Policy: same-origin');
-        header('Permissions-Policy: interest-cohort=()');
+        // disabled, because it prevents links from a paste to the same site to
+        // be opened. Didn't work with `same-origin-allow-popups` either.
+        // See issue https://github.com/PrivateBin/PrivateBin/issues/970 for details.
+        // header('Cross-Origin-Opener-Policy: same-origin');
+        header('Permissions-Policy: browsing-topics=()');
         header('Referrer-Policy: no-referrer');
         header('X-Content-Type-Options: nosniff');
         header('X-Frame-Options: deny');
@@ -367,10 +370,26 @@ class Controller
             setcookie('lang', $languageselection, 0, '', '', true);
         }
 
+        // strip policies that are unsupported in meta tag
+        $metacspheader = str_replace(
+            array(
+                'frame-ancestors \'none\'; ',
+                '; sandbox allow-same-origin allow-scripts allow-forms allow-popups allow-modals allow-downloads',
+            ),
+            '',
+            $this->_conf->getKey('cspheader')
+        );
+
         $page = new View;
-        $page->assign('NAME', $this->_conf->getKey('name'));
-        $page->assign('BASEPATH', I18n::_($this->_conf->getKey('basepath')));
+        $page->assign('CSPHEADER', $metacspheader);
         $page->assign('ERROR', I18n::_($this->_error));
+        $page->assign('NAME', $this->_conf->getKey('name'));
+        if ($this->_request->getOperation() === 'yourlsproxy') {
+            $page->assign('SHORTURL', $this->_status);
+            $page->draw('yourlsproxy');
+            return;
+        }
+        $page->assign('BASEPATH', I18n::_($this->_conf->getKey('basepath')));
         $page->assign('STATUS', I18n::_($this->_status));
         $page->assign('VERSION', self::VERSION);
         $page->assign('DISCUSSION', $this->_conf->getKey('discussion'));
@@ -428,6 +447,22 @@ class Controller
         echo $content;
     }
 
+    /**
+     * proxies link to YOURLS, updates status or error with response
+     *
+     * @access private
+     * @param string $link
+     */
+    private function _yourlsproxy($link)
+    {
+        $yourls = new YourlsProxy($this->_conf, $link);
+        if ($yourls->isError()) {
+            $this->_error = $yourls->getError();
+        } else {
+            $this->_status = $yourls->getUrl();
+        }
+    }
+
     /**
      * prepares JSON encoded status message
      *

lib/Data/AbstractData.php

@@ -7,7 +7,7 @@
  * @link      https://github.com/PrivateBin/PrivateBin
  * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
  * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   1.3.5
+ * @version   1.5.1
  */
 
 namespace PrivateBin\Data;
@@ -15,61 +15,17 @@ namespace PrivateBin\Data;
 /**
  * AbstractData
  *
- * Abstract model for data access, implemented as a singleton.
+ * Abstract model for data access
  */
 abstract class AbstractData
 {
-    /**
-     * Singleton instance
-     *
-     * @access protected
-     * @static
-     * @var AbstractData
-     */
-    protected static $_instance = null;
-
     /**
      * cache for the traffic limiter
      *
-     * @access private
-     * @static
+     * @access protected
      * @var    array
      */
-    protected static $_last_cache = array();
-
-    /**
-     * Enforce singleton, disable constructor
-     *
-     * Instantiate using {@link getInstance()}, this object implements the singleton pattern.
-     *
-     * @access protected
-     */
-    protected function __construct()
-    {
-    }
-
-    /**
-     * Enforce singleton, disable cloning
-     *
-     * Instantiate using {@link getInstance()}, this object implements the singleton pattern.
-     *
-     * @access private
-     */
-    private function __clone()
-    {
-    }
-
-    /**
-     * Get instance of singleton
-     *
-     * @access public
-     * @static
-     * @param  array $options
-     * @return AbstractData
-     */
-    public static function getInstance(array $options)
-    {
-    }
+    protected $_last_cache = array();
 
     /**
      * Create a paste.
@@ -150,9 +106,9 @@ abstract class AbstractData
     public function purgeValues($namespace, $time)
     {
         if ($namespace === 'traffic_limiter') {
-            foreach (self::$_last_cache as $key => $last_submission) {
+            foreach ($this->_last_cache as $key => $last_submission) {
                 if ($last_submission <= $time) {
-                    unset(self::$_last_cache[$key]);
+                    unset($this->_last_cache[$key]);
                 }
             }
         }
@@ -207,6 +163,14 @@ abstract class AbstractData
         }
     }
 
+    /**
+     * Returns all paste ids
+     *
+     * @access public
+     * @return array
+     */
+    abstract public function getAllPastes();
+
     /**
      * Get next free slot for comment from postdate.
      *

lib/Data/Database.php

@@ -7,7 +7,7 @@
  * @link      https://github.com/PrivateBin/PrivateBin
  * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
  * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   1.3.5
+ * @version   1.5.1
  */
 
 namespace PrivateBin\Data;
@@ -25,59 +25,43 @@ use PrivateBin\Json;
  */
 class Database extends AbstractData
 {
-    /**
-     * cache for select queries
-     *
-     * @var array
-     */
-    private static $_cache = array();
-
     /**
      * instance of database connection
      *
      * @access private
-     * @static
      * @var PDO
      */
-    private static $_db;
+    private $_db;
 
     /**
      * table prefix
      *
      * @access private
-     * @static
      * @var string
      */
-    private static $_prefix = '';
+    private $_prefix = '';
 
     /**
      * database type
      *
      * @access private
-     * @static
      * @var string
      */
-    private static $_type = '';
+    private $_type = '';
 
     /**
-     * get instance of singleton
+     * instantiates a new Database data backend
      *
      * @access public
-     * @static
      * @param  array $options
      * @throws Exception
-     * @return Database
+     * @return
      */
-    public static function getInstance(array $options)
+    public function __construct(array $options)
     {
-        // if needed initialize the singleton
-        if (!(self::$_instance instanceof self)) {
-            self::$_instance = new self;
-        }
-
         // set table prefix if given
         if (array_key_exists('tbl', $options)) {
-            self::$_prefix = $options['tbl'];
+            $this->_prefix = $options['tbl'];
         }
 
         // initialize the db connection with new options
@@ -94,16 +78,16 @@ class Database extends AbstractData
             $db_tables_exist                            = true;
 
             // setup type and dabase connection
-            self::$_type = strtolower(
+            $this->_type = strtolower(
                 substr($options['dsn'], 0, strpos($options['dsn'], ':'))
             );
             // MySQL uses backticks to quote identifiers by default,
             // tell it to expect ANSI SQL double quotes
-            if (self::$_type === 'mysql' && defined('PDO::MYSQL_ATTR_INIT_COMMAND')) {
-                $options['opt'][PDO::MYSQL_ATTR_INIT_COMMAND] = "SET sql_mode='ANSI_QUOTES'";
+            if ($this->_type === 'mysql' && defined('PDO::MYSQL_ATTR_INIT_COMMAND')) {
+                $options['opt'][PDO::MYSQL_ATTR_INIT_COMMAND] = "SET SESSION sql_mode='ANSI_QUOTES'";
             }
-            $tableQuery = self::_getTableQuery(self::$_type);
-            self::$_db  = new PDO(
+            $tableQuery = $this->_getTableQuery($this->_type);
+            $this->_db  = new PDO(
                 $options['dsn'],
                 $options['usr'],
                 $options['pwd'],
@@ -111,43 +95,41 @@ class Database extends AbstractData
             );
 
             // check if the database contains the required tables
-            $tables = self::$_db->query($tableQuery)->fetchAll(PDO::FETCH_COLUMN, 0);
+            $tables = $this->_db->query($tableQuery)->fetchAll(PDO::FETCH_COLUMN, 0);
 
             // create paste table if necessary
-            if (!in_array(self::_sanitizeIdentifier('paste'), $tables)) {
-                self::_createPasteTable();
+            if (!in_array($this->_sanitizeIdentifier('paste'), $tables)) {
+                $this->_createPasteTable();
                 $db_tables_exist = false;
             }
 
             // create comment table if necessary
-            if (!in_array(self::_sanitizeIdentifier('comment'), $tables)) {
-                self::_createCommentTable();
+            if (!in_array($this->_sanitizeIdentifier('comment'), $tables)) {
+                $this->_createCommentTable();
                 $db_tables_exist = false;
             }
 
             // create config table if necessary
             $db_version = Controller::VERSION;
-            if (!in_array(self::_sanitizeIdentifier('config'), $tables)) {
-                self::_createConfigTable();
+            if (!in_array($this->_sanitizeIdentifier('config'), $tables)) {
+                $this->_createConfigTable();
                 // if we only needed to create the config table, the DB is older then 0.22
                 if ($db_tables_exist) {
                     $db_version = '0.21';
                 }
             } else {
-                $db_version = self::_getConfig('VERSION');
+                $db_version = $this->_getConfig('VERSION');
             }
 
             // update database structure if necessary
             if (version_compare($db_version, Controller::VERSION, '<')) {
-                self::_upgradeDatabase($db_version);
+                $this->_upgradeDatabase($db_version);
             }
         } else {
             throw new Exception(
                 'Missing configuration for key dsn, usr, pwd or opt in the section model_options, please check your configuration file', 6
             );
         }
-
-        return self::$_instance;
     }
 
     /**
@@ -160,22 +142,12 @@ class Database extends AbstractData
      */
     public function create($pasteid, array $paste)
     {
-        if (
-            array_key_exists($pasteid, self::$_cache)
-        ) {
-            if (false !== self::$_cache[$pasteid]) {
-                return false;
-            } else {
-                unset(self::$_cache[$pasteid]);
-            }
-        }
-
         $expire_date      = 0;
         $opendiscussion   = $burnafterreading = false;
         $attachment       = $attachmentname   = null;
         $meta             = $paste['meta'];
         $isVersion1       = array_key_exists('data', $paste);
-        list($createdKey) = self::_getVersionedKeys($isVersion1 ? 1 : 2);
+        list($createdKey) = $this->_getVersionedKeys($isVersion1 ? 1 : 2);
         $created          = (int) $meta[$createdKey];
         unset($meta[$createdKey], $paste['meta']);
         if (array_key_exists('expire_date', $meta)) {
@@ -204,8 +176,8 @@ class Database extends AbstractData
             $burnafterreading = $paste['adata'][3];
         }
         try {
-            return self::_exec(
-                'INSERT INTO "' . self::_sanitizeIdentifier('paste') .
+            return $this->_exec(
+                'INSERT INTO "' . $this->_sanitizeIdentifier('paste') .
                 '" VALUES(?,?,?,?,?,?,?,?,?)',
                 array(
                     $pasteid,
@@ -233,64 +205,59 @@ class Database extends AbstractData
      */
     public function read($pasteid)
     {
-        if (array_key_exists($pasteid, self::$_cache)) {
-            return self::$_cache[$pasteid];
-        }
-
-        self::$_cache[$pasteid] = false;
         try {
-            $paste = self::_select(
-                'SELECT * FROM "' . self::_sanitizeIdentifier('paste') .
+            $row = $this->_select(
+                'SELECT * FROM "' . $this->_sanitizeIdentifier('paste') .
                 '" WHERE "dataid" = ?', array($pasteid), true
             );
         } catch (Exception $e) {
-            $paste = false;
+            $row = false;
         }
-        if ($paste === false) {
+        if ($row === false) {
             return false;
         }
         // create array
-        $data       = Json::decode($paste['data']);
+        $data       = Json::decode($row['data']);
         $isVersion2 = array_key_exists('v', $data) && $data['v'] >= 2;
         if ($isVersion2) {
-            self::$_cache[$pasteid] = $data;
-            list($createdKey)       = self::_getVersionedKeys(2);
+            $paste            = $data;
+            list($createdKey) = $this->_getVersionedKeys(2);
         } else {
-            self::$_cache[$pasteid] = array('data' => $paste['data']);
-            list($createdKey)       = self::_getVersionedKeys(1);
+            $paste            = array('data' => $row['data']);
+            list($createdKey) = $this->_getVersionedKeys(1);
         }
 
         try {
-            $paste['meta'] = Json::decode($paste['meta']);
+            $row['meta'] = Json::decode($row['meta']);
         } catch (Exception $e) {
-            $paste['meta'] = array();
+            $row['meta'] = array();
         }
-        $paste                                       = self::upgradePreV1Format($paste);
-        self::$_cache[$pasteid]['meta']              = $paste['meta'];
-        self::$_cache[$pasteid]['meta'][$createdKey] = (int) $paste['postdate'];
-        $expire_date                                 = (int) $paste['expiredate'];
+        $row                        = self::upgradePreV1Format($row);
+        $paste['meta']              = $row['meta'];
+        $paste['meta'][$createdKey] = (int) $row['postdate'];
+        $expire_date                = (int) $row['expiredate'];
         if ($expire_date > 0) {
-            self::$_cache[$pasteid]['meta']['expire_date'] = $expire_date;
+            $paste['meta']['expire_date'] = $expire_date;
         }
         if ($isVersion2) {
-            return self::$_cache[$pasteid];
+            return $paste;
         }
 
         // support v1 attachments
-        if (array_key_exists('attachment', $paste) && strlen($paste['attachment'])) {
-            self::$_cache[$pasteid]['attachment'] = $paste['attachment'];
-            if (array_key_exists('attachmentname', $paste) && strlen($paste['attachmentname'])) {
-                self::$_cache[$pasteid]['attachmentname'] = $paste['attachmentname'];
+        if (array_key_exists('attachment', $row) && !empty($row['attachment'])) {
+            $paste['attachment'] = $row['attachment'];
+            if (array_key_exists('attachmentname', $row) && !empty($row['attachmentname'])) {
+                $paste['attachmentname'] = $row['attachmentname'];
             }
         }
-        if ($paste['opendiscussion']) {
-            self::$_cache[$pasteid]['meta']['opendiscussion'] = true;
+        if ($row['opendiscussion']) {
+            $paste['meta']['opendiscussion'] = true;
         }
-        if ($paste['burnafterreading']) {
-            self::$_cache[$pasteid]['meta']['burnafterreading'] = true;
+        if ($row['burnafterreading']) {
+            $paste['meta']['burnafterreading'] = true;
         }
 
-        return self::$_cache[$pasteid];
+        return $paste;
     }
 
     /**
@@ -301,19 +268,14 @@ class Database extends AbstractData
      */
     public function delete($pasteid)
     {
-        self::_exec(
-            'DELETE FROM "' . self::_sanitizeIdentifier('paste') .
+        $this->_exec(
+            'DELETE FROM "' . $this->_sanitizeIdentifier('paste') .
             '" WHERE "dataid" = ?', array($pasteid)
         );
-        self::_exec(
-            'DELETE FROM "' . self::_sanitizeIdentifier('comment') .
+        $this->_exec(
+            'DELETE FROM "' . $this->_sanitizeIdentifier('comment') .
             '" WHERE "pasteid" = ?', array($pasteid)
         );
-        if (
-            array_key_exists($pasteid, self::$_cache)
-        ) {
-            unset(self::$_cache[$pasteid]);
-        }
     }
 
     /**
@@ -325,12 +287,15 @@ class Database extends AbstractData
      */
     public function exists($pasteid)
     {
-        if (
-            !array_key_exists($pasteid, self::$_cache)
-        ) {
-            self::$_cache[$pasteid] = $this->read($pasteid);
+        try {
+            $row = $this->_select(
+                'SELECT "dataid" FROM "' . $this->_sanitizeIdentifier('paste') .
+                '" WHERE "dataid" = ?', array($pasteid), true
+            );
+        } catch (Exception $e) {
+            return false;
         }
-        return (bool) self::$_cache[$pasteid];
+        return (bool) $row;
     }
 
     /**
@@ -352,7 +317,7 @@ class Database extends AbstractData
             $version = 2;
             $data    = Json::encode($comment);
         }
-        list($createdKey, $iconKey) = self::_getVersionedKeys($version);
+        list($createdKey, $iconKey) = $this->_getVersionedKeys($version);
         $meta                       = $comment['meta'];
         unset($comment['meta']);
         foreach (array('nickname', $iconKey) as $key) {
@@ -361,8 +326,8 @@ class Database extends AbstractData
             }
         }
         try {
-            return self::_exec(
-                'INSERT INTO "' . self::_sanitizeIdentifier('comment') .
+            return $this->_exec(
+                'INSERT INTO "' . $this->_sanitizeIdentifier('comment') .
                 '" VALUES(?,?,?,?,?,?,?)',
                 array(
                     $commentid,
@@ -388,8 +353,8 @@ class Database extends AbstractData
      */
     public function readComments($pasteid)
     {
-        $rows = self::_select(
-            'SELECT * FROM "' . self::_sanitizeIdentifier('comment') .
+        $rows = $this->_select(
+            'SELECT * FROM "' . $this->_sanitizeIdentifier('comment') .
             '" WHERE "pasteid" = ?', array($pasteid)
         );
 
@@ -406,7 +371,7 @@ class Database extends AbstractData
                     $version      = 1;
                     $comments[$i] = array('data' => $row['data']);
                 }
-                list($createdKey, $iconKey) = self::_getVersionedKeys($version);
+                list($createdKey, $iconKey) = $this->_getVersionedKeys($version);
                 $comments[$i]['id']         = $row['dataid'];
                 $comments[$i]['parentid']   = $row['parentid'];
                 $comments[$i]['meta']       = array($createdKey => (int) $row['postdate']);
@@ -433,8 +398,8 @@ class Database extends AbstractData
     public function existsComment($pasteid, $parentid, $commentid)
     {
         try {
-            return (bool) self::_select(
-                'SELECT "dataid" FROM "' . self::_sanitizeIdentifier('comment') .
+            return (bool) $this->_select(
+                'SELECT "dataid" FROM "' . $this->_sanitizeIdentifier('comment') .
                 '" WHERE "pasteid" = ? AND "parentid" = ? AND "dataid" = ?',
                 array($pasteid, $parentid, $commentid), true
             );
@@ -455,15 +420,15 @@ class Database extends AbstractData
     public function setValue($value, $namespace, $key = '')
     {
         if ($namespace === 'traffic_limiter') {
-            self::$_last_cache[$key] = $value;
+            $this->_last_cache[$key] = $value;
             try {
-                $value = Json::encode(self::$_last_cache);
+                $value = Json::encode($this->_last_cache);
             } catch (Exception $e) {
                 return false;
             }
         }
-        return self::_exec(
-            'UPDATE "' . self::_sanitizeIdentifier('config') .
+        return $this->_exec(
+            'UPDATE "' . $this->_sanitizeIdentifier('config') .
             '" SET "value" = ? WHERE "id" = ?',
             array($value, strtoupper($namespace))
         );
@@ -483,8 +448,8 @@ class Database extends AbstractData
         $value     = $this->_getConfig($configKey);
         if ($value === '') {
             // initialize the row, so that setValue can rely on UPDATE queries
-            self::_exec(
-                'INSERT INTO "' . self::_sanitizeIdentifier('config') .
+            $this->_exec(
+                'INSERT INTO "' . $this->_sanitizeIdentifier('config') .
                 '" VALUES(?,?)',
                 array($configKey, '')
             );
@@ -492,7 +457,8 @@ class Database extends AbstractData
             // migrate filesystem based salt into database
             $file = 'data' . DIRECTORY_SEPARATOR . 'salt.php';
             if ($namespace === 'salt' && is_readable($file)) {
-                $value = Filesystem::getInstance(array('dir' => 'data'))->getValue('salt');
+                $fs    = new Filesystem(array('dir' => 'data'));
+                $value = $fs->getValue('salt');
                 $this->setValue($value, 'salt');
                 @unlink($file);
                 return $value;
@@ -500,12 +466,12 @@ class Database extends AbstractData
         }
         if ($value && $namespace === 'traffic_limiter') {
             try {
-                self::$_last_cache = Json::decode($value);
+                $this->_last_cache = Json::decode($value);
             } catch (Exception $e) {
-                self::$_last_cache = array();
+                $this->_last_cache = array();
             }
-            if (array_key_exists($key, self::$_last_cache)) {
-                return self::$_last_cache[$key];
+            if (array_key_exists($key, $this->_last_cache)) {
+                return $this->_last_cache[$key];
             }
         }
         return (string) $value;
@@ -520,39 +486,42 @@ class Database extends AbstractData
      */
     protected function _getExpiredPastes($batchsize)
     {
-        $pastes = array();
-        $rows   = self::_select(
-            'SELECT "dataid" FROM "' . self::_sanitizeIdentifier('paste') .
+        $statement = $this->_db->prepare(
+            'SELECT "dataid" FROM "' . $this->_sanitizeIdentifier('paste') .
             '" WHERE "expiredate" < ? AND "expiredate" != ? ' .
-            (self::$_type === 'oci' ? 'FETCH NEXT ? ROWS ONLY' : 'LIMIT ?'),
-            array(time(), 0, $batchsize)
+            ($this->_type === 'oci' ? 'FETCH NEXT ? ROWS ONLY' : 'LIMIT ?')
         );
-        if (is_array($rows) && count($rows)) {
-            foreach ($rows as $row) {
-                $pastes[] = $row['dataid'];
-            }
-        }
-        return $pastes;
+        $statement->execute(array(time(), 0, $batchsize));
+        return $statement->fetchAll(PDO::FETCH_COLUMN, 0);
+    }
+
+    /**
+     * @inheritDoc
+     */
+    public function getAllPastes()
+    {
+        return $this->_db->query(
+            'SELECT "dataid" FROM "' . $this->_sanitizeIdentifier('paste') . '"'
+        )->fetchAll(PDO::FETCH_COLUMN, 0);
     }
 
     /**
      * execute a statement
      *
      * @access private
-     * @static
      * @param  string $sql
      * @param  array $params
      * @throws PDOException
      * @return bool
      */
-    private static function _exec($sql, array $params)
+    private function _exec($sql, array $params)
     {
-        $statement = self::$_db->prepare($sql);
+        $statement = $this->_db->prepare($sql);
         foreach ($params as $key => &$parameter) {
             $position = $key + 1;
             if (is_int($parameter)) {
                 $statement->bindParam($position, $parameter, PDO::PARAM_INT);
-            } elseif (strlen($parameter) >= 4000) {
+            } elseif (is_string($parameter) && strlen($parameter) >= 4000) {
                 $statement->bindParam($position, $parameter, PDO::PARAM_STR, strlen($parameter));
             } else {
                 $statement->bindParam($position, $parameter);
@@ -567,33 +536,32 @@ class Database extends AbstractData
      * run a select statement
      *
      * @access private
-     * @static
      * @param  string $sql
      * @param  array $params
      * @param  bool $firstOnly if only the first row should be returned
      * @throws PDOException
      * @return array|false
      */
-    private static function _select($sql, array $params, $firstOnly = false)
+    private function _select($sql, array $params, $firstOnly = false)
     {
-        $statement = self::$_db->prepare($sql);
+        $statement = $this->_db->prepare($sql);
         $statement->execute($params);
         if ($firstOnly) {
             $result = $statement->fetch(PDO::FETCH_ASSOC);
-        } elseif (self::$_type === 'oci') {
+        } elseif ($this->_type === 'oci') {
             // workaround for https://bugs.php.net/bug.php?id=46728
             $result = array();
             while ($row = $statement->fetch(PDO::FETCH_ASSOC)) {
-                $result[] = array_map('self::_sanitizeClob', $row);
+                $result[] = array_map('PrivateBin\Data\Database::_sanitizeClob', $row);
             }
         } else {
             $result = $statement->fetchAll(PDO::FETCH_ASSOC);
         }
         $statement->closeCursor();
-        if (self::$_type === 'oci' && is_array($result)) {
+        if ($this->_type === 'oci' && is_array($result)) {
             // returned CLOB values are streams, convert these into strings
             $result = $firstOnly ?
-                array_map('self::_sanitizeClob', $result) :
+                array_map('PrivateBin\Data\Database::_sanitizeClob', $result) :
                 $result;
         }
         return $result;
@@ -603,11 +571,10 @@ class Database extends AbstractData
      * get version dependent key names
      *
      * @access private
-     * @static
      * @param  int $version
      * @return array
      */
-    private static function _getVersionedKeys($version)
+    private function _getVersionedKeys($version)
     {
         if ($version === 1) {
             return array('postdate', 'vizhash');
@@ -619,12 +586,11 @@ class Database extends AbstractData
      * get table list query, depending on the database type
      *
      * @access private
-     * @static
      * @param  string $type
      * @throws Exception
      * @return string
      */
-    private static function _getTableQuery($type)
+    private function _getTableQuery($type)
     {
         switch ($type) {
             case 'ibm':
@@ -675,15 +641,14 @@ class Database extends AbstractData
      * get a value by key from the config table
      *
      * @access private
-     * @static
      * @param  string $key
      * @return string
      */
-    private static function _getConfig($key)
+    private function _getConfig($key)
     {
         try {
-            $row = self::_select(
-                'SELECT "value" FROM "' . self::_sanitizeIdentifier('config') .
+            $row = $this->_select(
+                'SELECT "value" FROM "' . $this->_sanitizeIdentifier('config') .
                 '" WHERE "id" = ?', array($key), true
             );
         } catch (PDOException $e) {
@@ -696,14 +661,13 @@ class Database extends AbstractData
      * get the primary key clauses, depending on the database driver
      *
      * @access private
-     * @static
      * @param  string $key
      * @return array
      */
-    private static function _getPrimaryKeyClauses($key = 'dataid')
+    private function _getPrimaryKeyClauses($key = 'dataid')
     {
         $main_key = $after_key = '';
-        switch (self::$_type) {
+        switch ($this->_type) {
             case 'mysql':
             case 'oci':
                 $after_key = ", PRIMARY KEY (\"$key\")";
@@ -721,12 +685,11 @@ class Database extends AbstractData
      * PostgreSQL and OCI uses a different API for BLOBs then SQL, hence we use TEXT and CLOB
      *
      * @access private
-     * @static
      * @return string
      */
-    private static function _getDataType()
+    private function _getDataType()
     {
-        switch (self::$_type) {
+        switch ($this->_type) {
             case 'oci':
                 return 'CLOB';
             case 'pgsql':
@@ -742,12 +705,11 @@ class Database extends AbstractData
      * PostgreSQL and OCI use different APIs for BLOBs then SQL, hence we use TEXT and CLOB
      *
      * @access private
-     * @static
      * @return string
      */
-    private static function _getAttachmentType()
+    private function _getAttachmentType()
     {
-        switch (self::$_type) {
+        switch ($this->_type) {
             case 'oci':
                 return 'CLOB';
             case 'pgsql':
@@ -763,12 +725,11 @@ class Database extends AbstractData
      * OCI doesn't accept TEXT so it has to be VARCHAR2(4000)
      *
      * @access private
-     * @static
      * @return string
      */
-    private static function _getMetaType()
+    private function _getMetaType()
     {
-        switch (self::$_type) {
+        switch ($this->_type) {
             case 'oci':
                 return 'VARCHAR2(4000)';
             default:
@@ -780,16 +741,15 @@ class Database extends AbstractData
      * create the paste table
      *
      * @access private
-     * @static
      */
-    private static function _createPasteTable()
+    private function _createPasteTable()
     {
-        list($main_key, $after_key) = self::_getPrimaryKeyClauses();
-        $dataType                   = self::_getDataType();
-        $attachmentType             = self::_getAttachmentType();
-        $metaType                   = self::_getMetaType();
-        self::$_db->exec(
-            'CREATE TABLE "' . self::_sanitizeIdentifier('paste') . '" ( ' .
+        list($main_key, $after_key) = $this->_getPrimaryKeyClauses();
+        $dataType                   = $this->_getDataType();
+        $attachmentType             = $this->_getAttachmentType();
+        $metaType                   = $this->_getMetaType();
+        $this->_db->exec(
+            'CREATE TABLE "' . $this->_sanitizeIdentifier('paste') . '" ( ' .
             "\"dataid\" CHAR(16) NOT NULL$main_key, " .
             "\"data\" $attachmentType, " .
             '"postdate" INT, ' .
@@ -806,14 +766,13 @@ class Database extends AbstractData
      * create the paste table
      *
      * @access private
-     * @static
      */
-    private static function _createCommentTable()
+    private function _createCommentTable()
     {
-        list($main_key, $after_key) = self::_getPrimaryKeyClauses();
-        $dataType                   = self::_getDataType();
-        self::$_db->exec(
-            'CREATE TABLE "' . self::_sanitizeIdentifier('comment') . '" ( ' .
+        list($main_key, $after_key) = $this->_getPrimaryKeyClauses();
+        $dataType                   = $this->_getDataType();
+        $this->_db->exec(
+            'CREATE TABLE "' . $this->_sanitizeIdentifier('comment') . '" ( ' .
             "\"dataid\" CHAR(16) NOT NULL$main_key, " .
             '"pasteid" CHAR(16), ' .
             '"parentid" CHAR(16), ' .
@@ -822,24 +781,26 @@ class Database extends AbstractData
             "\"vizhash\" $dataType, " .
             "\"postdate\" INT$after_key )"
         );
-        if (self::$_type === 'oci') {
-            self::$_db->exec(
+        if ($this->_type === 'oci') {
+            $this->_db->exec(
                 'declare
                     already_exists  exception;
                     columns_indexed exception;
                     pragma exception_init( already_exists, -955 );
                     pragma exception_init(columns_indexed, -1408);
                 begin
-                    execute immediate \'create index "comment_parent" on "' . self::_sanitizeIdentifier('comment') . '" ("pasteid")\';
+                    execute immediate \'create index "comment_parent" on "' . $this->_sanitizeIdentifier('comment') . '" ("pasteid")\';
                 exception
                     when already_exists or columns_indexed then
                     NULL;
                 end;'
             );
         } else {
-            self::$_db->exec(
-                'CREATE INDEX IF NOT EXISTS "comment_parent" ON "' .
-                self::_sanitizeIdentifier('comment') . '" ("pasteid")'
+            // CREATE INDEX IF NOT EXISTS not supported as of Oracle MySQL <= 8.0
+            $this->_db->exec(
+                'CREATE INDEX "' .
+                $this->_sanitizeIdentifier('comment_parent') . '" ON "' .
+                $this->_sanitizeIdentifier('comment') . '" ("pasteid")'
             );
         }
     }
@@ -848,19 +809,18 @@ class Database extends AbstractData
      * create the paste table
      *
      * @access private
-     * @static
      */
-    private static function _createConfigTable()
+    private function _createConfigTable()
     {
-        list($main_key, $after_key) = self::_getPrimaryKeyClauses('id');
-        $charType                   = self::$_type === 'oci' ? 'VARCHAR2(16)' : 'CHAR(16)';
-        $textType                   = self::_getMetaType();
-        self::$_db->exec(
-            'CREATE TABLE "' . self::_sanitizeIdentifier('config') .
+        list($main_key, $after_key) = $this->_getPrimaryKeyClauses('id');
+        $charType                   = $this->_type === 'oci' ? 'VARCHAR2(16)' : 'CHAR(16)';
+        $textType                   = $this->_getMetaType();
+        $this->_db->exec(
+            'CREATE TABLE "' . $this->_sanitizeIdentifier('config') .
             "\" ( \"id\" $charType NOT NULL$main_key, \"value\" $textType$after_key )"
         );
-        self::_exec(
-            'INSERT INTO "' . self::_sanitizeIdentifier('config') .
+        $this->_exec(
+            'INSERT INTO "' . $this->_sanitizeIdentifier('config') .
             '" VALUES(?,?)',
             array('VERSION', Controller::VERSION)
         );
@@ -888,86 +848,88 @@ class Database extends AbstractData
      * sanitizes identifiers
      *
      * @access private
-     * @static
      * @param  string $identifier
      * @return string
      */
-    private static function _sanitizeIdentifier($identifier)
+    private function _sanitizeIdentifier($identifier)
     {
-        return preg_replace('/[^A-Za-z0-9_]+/', '', self::$_prefix . $identifier);
+        return preg_replace('/[^A-Za-z0-9_]+/', '', $this->_prefix . $identifier);
     }
 
     /**
      * upgrade the database schema from an old version
      *
      * @access private
-     * @static
      * @param  string $oldversion
      */
-    private static function _upgradeDatabase($oldversion)
+    private function _upgradeDatabase($oldversion)
     {
-        $dataType       = self::_getDataType();
-        $attachmentType = self::_getAttachmentType();
+        $dataType       = $this->_getDataType();
+        $attachmentType = $this->_getAttachmentType();
         switch ($oldversion) {
             case '0.21':
                 // create the meta column if necessary (pre 0.21 change)
                 try {
-                    self::$_db->exec(
-                        'SELECT "meta" FROM "' . self::_sanitizeIdentifier('paste') . '" ' .
-                        (self::$_type === 'oci' ? 'FETCH NEXT 1 ROWS ONLY' : 'LIMIT 1')
+                    $this->_db->exec(
+                        'SELECT "meta" FROM "' . $this->_sanitizeIdentifier('paste') . '" ' .
+                        ($this->_type === 'oci' ? 'FETCH NEXT 1 ROWS ONLY' : 'LIMIT 1')
                     );
                 } catch (PDOException $e) {
-                    self::$_db->exec('ALTER TABLE "' . self::_sanitizeIdentifier('paste') . '" ADD COLUMN "meta" TEXT');
+                    $this->_db->exec('ALTER TABLE "' . $this->_sanitizeIdentifier('paste') . '" ADD COLUMN "meta" TEXT');
                 }
                 // SQLite only allows one ALTER statement at a time...
-                self::$_db->exec(
-                    'ALTER TABLE "' . self::_sanitizeIdentifier('paste') .
+                $this->_db->exec(
+                    'ALTER TABLE "' . $this->_sanitizeIdentifier('paste') .
                     "\" ADD COLUMN \"attachment\" $attachmentType"
                 );
-                self::$_db->exec(
-                    'ALTER TABLE "' . self::_sanitizeIdentifier('paste') . "\" ADD COLUMN \"attachmentname\" $dataType"
+                $this->_db->exec(
+                    'ALTER TABLE "' . $this->_sanitizeIdentifier('paste') . "\" ADD COLUMN \"attachmentname\" $dataType"
                 );
                 // SQLite doesn't support MODIFY, but it allows TEXT of similar
                 // size as BLOB, so there is no need to change it there
-                if (self::$_type !== 'sqlite') {
-                    self::$_db->exec(
-                        'ALTER TABLE "' . self::_sanitizeIdentifier('paste') .
+                if ($this->_type !== 'sqlite') {
+                    $this->_db->exec(
+                        'ALTER TABLE "' . $this->_sanitizeIdentifier('paste') .
                         "\" ADD PRIMARY KEY (\"dataid\"), MODIFY COLUMN \"data\" $dataType"
                     );
-                    self::$_db->exec(
-                        'ALTER TABLE "' . self::_sanitizeIdentifier('comment') .
+                    $this->_db->exec(
+                        'ALTER TABLE "' . $this->_sanitizeIdentifier('comment') .
                         "\" ADD PRIMARY KEY (\"dataid\"), MODIFY COLUMN \"data\" $dataType, " .
                         "MODIFY COLUMN \"nickname\" $dataType, MODIFY COLUMN \"vizhash\" $dataType"
                     );
                 } else {
-                    self::$_db->exec(
-                        'CREATE UNIQUE INDEX IF NOT EXISTS "paste_dataid" ON "' .
-                        self::_sanitizeIdentifier('paste') . '" ("dataid")'
+                    $this->_db->exec(
+                        'CREATE UNIQUE INDEX IF NOT EXISTS "' .
+                        $this->_sanitizeIdentifier('paste_dataid') . '" ON "' .
+                        $this->_sanitizeIdentifier('paste') . '" ("dataid")'
                     );
-                    self::$_db->exec(
-                        'CREATE UNIQUE INDEX IF NOT EXISTS "comment_dataid" ON "' .
-                        self::_sanitizeIdentifier('comment') . '" ("dataid")'
+                    $this->_db->exec(
+                        'CREATE UNIQUE INDEX IF NOT EXISTS "' .
+                        $this->_sanitizeIdentifier('comment_dataid') . '" ON "' .
+                        $this->_sanitizeIdentifier('comment') . '" ("dataid")'
                     );
                 }
-                self::$_db->exec(
-                    'CREATE INDEX IF NOT EXISTS "comment_parent" ON "' .
-                    self::_sanitizeIdentifier('comment') . '" ("pasteid")'
+                // CREATE INDEX IF NOT EXISTS not supported as of Oracle MySQL <= 8.0
+                $this->_db->exec(
+                    'CREATE INDEX "' .
+                    $this->_sanitizeIdentifier('comment_parent') . '" ON "' .
+                    $this->_sanitizeIdentifier('comment') . '" ("pasteid")'
                 );
                 // no break, continue with updates for 0.22 and later
             case '1.3':
                 // SQLite doesn't support MODIFY, but it allows TEXT of similar
                 // size as BLOB and PostgreSQL uses TEXT, so there is no need
                 // to change it there
-                if (self::$_type !== 'sqlite' && self::$_type !== 'pgsql') {
-                    self::$_db->exec(
-                        'ALTER TABLE "' . self::_sanitizeIdentifier('paste') .
+                if ($this->_type !== 'sqlite' && $this->_type !== 'pgsql') {
+                    $this->_db->exec(
+                        'ALTER TABLE "' . $this->_sanitizeIdentifier('paste') .
                         "\" MODIFY COLUMN \"data\" $attachmentType"
                     );
                 }
                 // no break, continue with updates for all newer versions
             default:
-                self::_exec(
-                    'UPDATE "' . self::_sanitizeIdentifier('config') .
+                $this->_exec(
+                    'UPDATE "' . $this->_sanitizeIdentifier('config') .
                     '" SET "value" = ? WHERE "id" = ?',
                     array(Controller::VERSION, 'VERSION')
                 );

lib/Data/Filesystem.php

@@ -7,7 +7,7 @@
  * @link      https://github.com/PrivateBin/PrivateBin
  * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
  * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   1.3.5
+ * @version   1.5.1
  */
 
 namespace PrivateBin\Data;
@@ -22,6 +22,22 @@ use PrivateBin\Json;
  */
 class Filesystem extends AbstractData
 {
+    /**
+     * glob() pattern of the two folder levels and the paste files under the
+     * configured path. Needs to return both files with and without .php suffix,
+     * so they can be hardened by _prependRename(), which is hooked into exists().
+     *
+     * > Note that wildcard patterns are not regular expressions, although they
+     * > are a bit similar.
+     *
+     * @link  https://man7.org/linux/man-pages/man7/glob.7.html
+     * @const string
+     */
+    const PASTE_FILE_PATTERN = DIRECTORY_SEPARATOR . '[a-f0-9][a-f0-9]' .
+        DIRECTORY_SEPARATOR . '[a-f0-9][a-f0-9]' . DIRECTORY_SEPARATOR .
+        '[a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9]' .
+        '[a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9]*';
+
     /**
      * first line in paste or comment files, to protect their contents from browsing exposed data directories
      *
@@ -40,33 +56,26 @@ class Filesystem extends AbstractData
      * path in which to persist something
      *
      * @access private
-     * @static
      * @var    string
      */
-    private static $_path = 'data';
+    private $_path = 'data';
 
     /**
-     * get instance of singleton
+     * instantiates a new Filesystem data backend
      *
      * @access public
-     * @static
      * @param  array $options
-     * @return Filesystem
+     * @return
      */
-    public static function getInstance(array $options)
+    public function __construct(array $options)
     {
-        // if needed initialize the singleton
-        if (!(self::$_instance instanceof self)) {
-            self::$_instance = new self;
-        }
         // if given update the data directory
         if (
             is_array($options) &&
             array_key_exists('dir', $options)
         ) {
-            self::$_path = $options['dir'];
+            $this->_path = $options['dir'];
         }
-        return self::$_instance;
     }
 
     /**
@@ -79,7 +88,7 @@ class Filesystem extends AbstractData
      */
     public function create($pasteid, array $paste)
     {
-        $storagedir = self::_dataid2path($pasteid);
+        $storagedir = $this->_dataid2path($pasteid);
         $file       = $storagedir . $pasteid . '.php';
         if (is_file($file)) {
             return false;
@@ -87,7 +96,7 @@ class Filesystem extends AbstractData
         if (!is_dir($storagedir)) {
             mkdir($storagedir, 0700, true);
         }
-        return self::_store($file, $paste);
+        return $this->_store($file, $paste);
     }
 
     /**
@@ -101,7 +110,7 @@ class Filesystem extends AbstractData
     {
         if (
             !$this->exists($pasteid) ||
-            !$paste = self::_get(self::_dataid2path($pasteid) . $pasteid . '.php')
+            !$paste = $this->_get($this->_dataid2path($pasteid) . $pasteid . '.php')
         ) {
             return false;
         }
@@ -116,7 +125,7 @@ class Filesystem extends AbstractData
      */
     public function delete($pasteid)
     {
-        $pastedir = self::_dataid2path($pasteid);
+        $pastedir = $this->_dataid2path($pasteid);
         if (is_dir($pastedir)) {
             // Delete the paste itself.
             if (is_file($pastedir . $pasteid . '.php')) {
@@ -124,7 +133,7 @@ class Filesystem extends AbstractData
             }
 
             // Delete discussion if it exists.
-            $discdir = self::_dataid2discussionpath($pasteid);
+            $discdir = $this->_dataid2discussionpath($pasteid);
             if (is_dir($discdir)) {
                 // Delete all files in discussion directory
                 $dir = dir($discdir);
@@ -148,20 +157,20 @@ class Filesystem extends AbstractData
      */
     public function exists($pasteid)
     {
-        $basePath  = self::_dataid2path($pasteid) . $pasteid;
+        $basePath  = $this->_dataid2path($pasteid) . $pasteid;
         $pastePath = $basePath . '.php';
         // convert to PHP protected files if needed
         if (is_readable($basePath)) {
-            self::_prependRename($basePath, $pastePath);
+            $this->_prependRename($basePath, $pastePath);
 
             // convert comments, too
-            $discdir = self::_dataid2discussionpath($pasteid);
+            $discdir = $this->_dataid2discussionpath($pasteid);
             if (is_dir($discdir)) {
                 $dir = dir($discdir);
                 while (false !== ($filename = $dir->read())) {
                     if (substr($filename, -4) !== '.php' && strlen($filename) >= 16) {
                         $commentFilename = $discdir . $filename . '.php';
-                        self::_prependRename($discdir . $filename, $commentFilename);
+                        $this->_prependRename($discdir . $filename, $commentFilename);
                     }
                 }
                 $dir->close();
@@ -182,7 +191,7 @@ class Filesystem extends AbstractData
      */
     public function createComment($pasteid, $parentid, $commentid, array $comment)
     {
-        $storagedir = self::_dataid2discussionpath($pasteid);
+        $storagedir = $this->_dataid2discussionpath($pasteid);
         $file       = $storagedir . $pasteid . '.' . $commentid . '.' . $parentid . '.php';
         if (is_file($file)) {
             return false;
@@ -190,7 +199,7 @@ class Filesystem extends AbstractData
         if (!is_dir($storagedir)) {
             mkdir($storagedir, 0700, true);
         }
-        return self::_store($file, $comment);
+        return $this->_store($file, $comment);
     }
 
     /**
@@ -203,7 +212,7 @@ class Filesystem extends AbstractData
     public function readComments($pasteid)
     {
         $comments = array();
-        $discdir  = self::_dataid2discussionpath($pasteid);
+        $discdir  = $this->_dataid2discussionpath($pasteid);
         if (is_dir($discdir)) {
             $dir = dir($discdir);
             while (false !== ($filename = $dir->read())) {
@@ -212,14 +221,20 @@ class Filesystem extends AbstractData
                 // - commentid is the comment identifier itself.
                 // - parentid is the comment this comment replies to (It can be pasteid)
                 if (is_file($discdir . $filename)) {
-                    $comment = self::_get($discdir . $filename);
+                    $comment = $this->_get($discdir . $filename);
                     $items   = explode('.', $filename);
                     // Add some meta information not contained in file.
                     $comment['id']       = $items[1];
                     $comment['parentid'] = $items[2];
 
                     // Store in array
-                    $key            = $this->getOpenSlot($comments, (int) $comment['meta']['created']);
+                    $key            = $this->getOpenSlot(
+                        $comments, (
+                            (int) array_key_exists('created', $comment['meta']) ?
+                            $comment['meta']['created'] : // v2 comments
+                            $comment['meta']['postdate'] // v1 comments
+                        )
+                    );
                     $comments[$key] = $comment;
                 }
             }
@@ -243,7 +258,7 @@ class Filesystem extends AbstractData
     public function existsComment($pasteid, $parentid, $commentid)
     {
         return is_file(
-            self::_dataid2discussionpath($pasteid) .
+            $this->_dataid2discussionpath($pasteid) .
             $pasteid . '.' . $commentid . '.' . $parentid . '.php'
         );
     }
@@ -261,20 +276,20 @@ class Filesystem extends AbstractData
     {
         switch ($namespace) {
             case 'purge_limiter':
-                return self::_storeString(
-                    self::$_path . DIRECTORY_SEPARATOR . 'purge_limiter.php',
+                return $this->_storeString(
+                    $this->_path . DIRECTORY_SEPARATOR . 'purge_limiter.php',
                     '<?php' . PHP_EOL . '$GLOBALS[\'purge_limiter\'] = ' . $value . ';'
                 );
             case 'salt':
-                return self::_storeString(
-                    self::$_path . DIRECTORY_SEPARATOR . 'salt.php',
+                return $this->_storeString(
+                    $this->_path . DIRECTORY_SEPARATOR . 'salt.php',
                     '<?php # |' . $value . '|'
                 );
             case 'traffic_limiter':
-                self::$_last_cache[$key] = $value;
-                return self::_storeString(
-                    self::$_path . DIRECTORY_SEPARATOR . 'traffic_limiter.php',
-                    '<?php' . PHP_EOL . '$GLOBALS[\'traffic_limiter\'] = ' . var_export(self::$_last_cache, true) . ';'
+                $this->_last_cache[$key] = $value;
+                return $this->_storeString(
+                    $this->_path . DIRECTORY_SEPARATOR . 'traffic_limiter.php',
+                    '<?php' . PHP_EOL . '$GLOBALS[\'traffic_limiter\'] = ' . var_export($this->_last_cache, true) . ';'
                 );
         }
         return false;
@@ -292,14 +307,14 @@ class Filesystem extends AbstractData
     {
         switch ($namespace) {
             case 'purge_limiter':
-                $file = self::$_path . DIRECTORY_SEPARATOR . 'purge_limiter.php';
+                $file = $this->_path . DIRECTORY_SEPARATOR . 'purge_limiter.php';
                 if (is_readable($file)) {
                     require $file;
                     return $GLOBALS['purge_limiter'];
                 }
                 break;
             case 'salt':
-                $file = self::$_path . DIRECTORY_SEPARATOR . 'salt.php';
+                $file = $this->_path . DIRECTORY_SEPARATOR . 'salt.php';
                 if (is_readable($file)) {
                     $items = explode('|', file_get_contents($file));
                     if (is_array($items) && count($items) == 3) {
@@ -308,12 +323,12 @@ class Filesystem extends AbstractData
                 }
                 break;
             case 'traffic_limiter':
-                $file = self::$_path . DIRECTORY_SEPARATOR . 'traffic_limiter.php';
+                $file = $this->_path . DIRECTORY_SEPARATOR . 'traffic_limiter.php';
                 if (is_readable($file)) {
                     require $file;
-                    self::$_last_cache = $GLOBALS['traffic_limiter'];
-                    if (array_key_exists($key, self::$_last_cache)) {
-                        return self::$_last_cache[$key];
+                    $this->_last_cache = $GLOBALS['traffic_limiter'];
+                    if (array_key_exists($key, $this->_last_cache)) {
+                        return $this->_last_cache[$key];
                     }
                 }
                 break;
@@ -325,11 +340,10 @@ class Filesystem extends AbstractData
      * get the data
      *
      * @access public
-     * @static
      * @param  string $filename
      * @return array|false $data
      */
-    private static function _get($filename)
+    private function _get($filename)
     {
         return Json::decode(
             substr(
@@ -348,65 +362,42 @@ class Filesystem extends AbstractData
      */
     protected function _getExpiredPastes($batchsize)
     {
-        $pastes     = array();
-        $firstLevel = array_filter(
-            scandir(self::$_path),
-            'self::_isFirstLevelDir'
-        );
-        if (count($firstLevel) > 0) {
-            // try at most 10 times the $batchsize pastes before giving up
-            for ($i = 0, $max = $batchsize * 10; $i < $max; ++$i) {
-                $firstKey    = array_rand($firstLevel);
-                $secondLevel = array_filter(
-                    scandir(self::$_path . DIRECTORY_SEPARATOR . $firstLevel[$firstKey]),
-                    'self::_isSecondLevelDir'
-                );
-
-                // skip this folder in the next checks if it is empty
-                if (count($secondLevel) == 0) {
-                    unset($firstLevel[$firstKey]);
-                    continue;
-                }
-
-                $secondKey = array_rand($secondLevel);
-                $path      = self::$_path . DIRECTORY_SEPARATOR .
-                    $firstLevel[$firstKey] . DIRECTORY_SEPARATOR .
-                    $secondLevel[$secondKey];
-                if (!is_dir($path)) {
-                    continue;
-                }
-                $thirdLevel = array_filter(
-                    array_map(
-                        function ($filename) {
-                            return strlen($filename) >= 20 ?
-                                substr($filename, 0, -4) :
-                                $filename;
-                        },
-                        scandir($path)
-                    ),
-                    'PrivateBin\\Model\\Paste::isValidId'
-                );
-                if (count($thirdLevel) == 0) {
-                    continue;
-                }
-                $thirdKey = array_rand($thirdLevel);
-                $pasteid  = $thirdLevel[$thirdKey];
-                if (in_array($pasteid, $pastes)) {
-                    continue;
-                }
-
-                if ($this->exists($pasteid)) {
-                    $data = $this->read($pasteid);
-                    if (
-                        array_key_exists('expire_date', $data['meta']) &&
-                        $data['meta']['expire_date'] < time()
-                    ) {
-                        $pastes[] = $pasteid;
-                        if (count($pastes) >= $batchsize) {
-                            break;
-                        }
+        $pastes = array();
+        $count  = 0;
+        $opened = 0;
+        $limit  = $batchsize * 10; // try at most 10 times $batchsize pastes before giving up
+        $time   = time();
+        $files  = $this->getAllPastes();
+        shuffle($files);
+        foreach ($files as $pasteid) {
+            if ($this->exists($pasteid)) {
+                $data = $this->read($pasteid);
+                if (
+                    array_key_exists('expire_date', $data['meta']) &&
+                    $data['meta']['expire_date'] < $time
+                ) {
+                    $pastes[] = $pasteid;
+                    if (++$count >= $batchsize) {
+                        break;
                     }
                 }
+                if (++$opened >= $limit) {
+                    break;
+                }
+            }
+        }
+        return $pastes;
+    }
+
+    /**
+     * @inheritDoc
+     */
+    public function getAllPastes()
+    {
+        $pastes = array();
+        foreach (new \GlobIterator($this->_path . self::PASTE_FILE_PATTERN) as $file) {
+            if ($file->isFile()) {
+                $pastes[] = $file->getBasename('.php');
             }
         }
         return $pastes;
@@ -423,13 +414,12 @@ class Filesystem extends AbstractData
      * eg. input 'e3570978f9e4aa90' --> output 'data/e3/57/'
      *
      * @access private
-     * @static
      * @param  string $dataid
      * @return string
      */
-    private static function _dataid2path($dataid)
+    private function _dataid2path($dataid)
     {
-        return self::$_path . DIRECTORY_SEPARATOR .
+        return $this->_path . DIRECTORY_SEPARATOR .
             substr($dataid, 0, 2) . DIRECTORY_SEPARATOR .
             substr($dataid, 2, 2) . DIRECTORY_SEPARATOR;
     }
@@ -440,56 +430,27 @@ class Filesystem extends AbstractData
      * eg. input 'e3570978f9e4aa90' --> output 'data/e3/57/e3570978f9e4aa90.discussion/'
      *
      * @access private
-     * @static
      * @param  string $dataid
      * @return string
      */
-    private static function _dataid2discussionpath($dataid)
+    private function _dataid2discussionpath($dataid)
     {
-        return self::_dataid2path($dataid) . $dataid .
+        return $this->_dataid2path($dataid) . $dataid .
             '.discussion' . DIRECTORY_SEPARATOR;
     }
 
-    /**
-     * Check that the given element is a valid first level directory.
-     *
-     * @access private
-     * @static
-     * @param  string $element
-     * @return bool
-     */
-    private static function _isFirstLevelDir($element)
-    {
-        return self::_isSecondLevelDir($element) &&
-            is_dir(self::$_path . DIRECTORY_SEPARATOR . $element);
-    }
-
-    /**
-     * Check that the given element is a valid second level directory.
-     *
-     * @access private
-     * @static
-     * @param  string $element
-     * @return bool
-     */
-    private static function _isSecondLevelDir($element)
-    {
-        return (bool) preg_match('/^[a-f0-9]{2}$/', $element);
-    }
-
     /**
      * store the data
      *
      * @access public
-     * @static
      * @param  string $filename
      * @param  array  $data
      * @return bool
      */
-    private static function _store($filename, array $data)
+    private function _store($filename, array $data)
     {
         try {
-            return self::_storeString(
+            return $this->_storeString(
                 $filename,
                 self::PROTECTION_LINE . PHP_EOL . Json::encode($data)
             );
@@ -502,20 +463,19 @@ class Filesystem extends AbstractData
      * store a string
      *
      * @access public
-     * @static
      * @param  string $filename
      * @param  string $data
      * @return bool
      */
-    private static function _storeString($filename, $data)
+    private function _storeString($filename, $data)
     {
         // Create storage directory if it does not exist.
-        if (!is_dir(self::$_path)) {
-            if (!@mkdir(self::$_path, 0700)) {
+        if (!is_dir($this->_path)) {
+            if (!@mkdir($this->_path, 0700)) {
                 return false;
             }
         }
-        $file = self::$_path . DIRECTORY_SEPARATOR . '.htaccess';
+        $file = $this->_path . DIRECTORY_SEPARATOR . '.htaccess';
         if (!is_file($file)) {
             $writtenBytes = 0;
             if ($fileCreated = @touch($file)) {
@@ -553,12 +513,11 @@ class Filesystem extends AbstractData
      * rename a file, prepending the protection line at the beginning
      *
      * @access public
-     * @static
      * @param  string $srcFile
      * @param  string $destFile
      * @return void
      */
-    private static function _prependRename($srcFile, $destFile)
+    private function _prependRename($srcFile, $destFile)
     {
         // don't overwrite already converted file
         if (!is_readable($destFile)) {

lib/Data/GoogleCloudStorage.php

@@ -14,45 +14,43 @@ class GoogleCloudStorage extends AbstractData
      * GCS client
      *
      * @access private
-     * @static
      * @var    StorageClient
      */
-    private static $_client = null;
+    private $_client = null;
 
     /**
      * GCS bucket
      *
      * @access private
-     * @static
      * @var    Bucket
      */
-    private static $_bucket = null;
+    private $_bucket = null;
 
     /**
      * object prefix
      *
      * @access private
-     * @static
      * @var    string
      */
-    private static $_prefix = 'pastes';
+    private $_prefix = 'pastes';
 
     /**
-     * returns a Google Cloud Storage data backend.
+     * bucket acl type
+     *
+     * @access private
+     * @var    bool
+     */
+    private $_uniformacl = false;
+
+    /**
+     * instantiantes a new Google Cloud Storage data backend.
      *
      * @access public
-     * @static
      * @param array $options
-     * @return GoogleCloudStorage
+     * @return
      */
-    public static function getInstance(array $options)
+    public function __construct(array $options)
     {
-        // if needed initialize the singleton
-        if (!(self::$_instance instanceof self)) {
-            self::$_instance = new self;
-        }
-
-        $bucket = null;
         if (getenv('PRIVATEBIN_GCS_BUCKET')) {
             $bucket = getenv('PRIVATEBIN_GCS_BUCKET');
         }
@@ -60,21 +58,22 @@ class GoogleCloudStorage extends AbstractData
             $bucket = $options['bucket'];
         }
         if (is_array($options) && array_key_exists('prefix', $options)) {
-            self::$_prefix = $options['prefix'];
+            $this->_prefix = $options['prefix'];
+        }
+        if (is_array($options) && array_key_exists('uniformacl', $options)) {
+            $this->_uniformacl = $options['uniformacl'];
         }
 
-        if (empty(self::$_client)) {
-            self::$_client = class_exists('StorageClientStub', false) ?
-                new \StorageClientStub(array()) :
-                new StorageClient(array('suppressKeyFileNotice' => true));
+        $this->_client = class_exists('StorageClientStub', false) ?
+            new \StorageClientStub(array()) :
+            new StorageClient(array('suppressKeyFileNotice' => true));
+        if (isset($bucket)) {
+            $this->_bucket = $this->_client->bucket($bucket);
         }
-        self::$_bucket = self::$_client->bucket($bucket);
-
-        return self::$_instance;
     }
 
     /**
-     * returns the google storage object key for $pasteid in self::$_bucket.
+     * returns the google storage object key for $pasteid in $this->_bucket.
      *
      * @access private
      * @param $pasteid string to get the key for
@@ -82,14 +81,14 @@ class GoogleCloudStorage extends AbstractData
      */
     private function _getKey($pasteid)
     {
-        if (self::$_prefix != '') {
-            return self::$_prefix . '/' . $pasteid;
+        if ($this->_prefix != '') {
+            return $this->_prefix . '/' . $pasteid;
         }
         return $pasteid;
     }
 
     /**
-     * Uploads the payload in the self::$_bucket under the specified key.
+     * Uploads the payload in the $this->_bucket under the specified key.
      * The entire payload is stored as a JSON document. The metadata is replicated
      * as the GCS object's metadata except for the fields attachment, attachmentname
      * and salt.
@@ -106,17 +105,20 @@ class GoogleCloudStorage extends AbstractData
             $metadata[$k] = strval($v);
         }
         try {
-            self::$_bucket->upload(Json::encode($payload), array(
+            $data = array(
                 'name'          => $key,
                 'chunkSize'     => 262144,
-                'predefinedAcl' => 'private',
                 'metadata'      => array(
                     'content-type' => 'application/json',
                     'metadata'     => $metadata,
                 ),
-            ));
+            );
+            if (!$this->_uniformacl) {
+                $data['predefinedAcl'] = 'private';
+            }
+            $this->_bucket->upload(Json::encode($payload), $data);
         } catch (Exception $e) {
-            error_log('failed to upload ' . $key . ' to ' . self::$_bucket->name() . ', ' .
+            error_log('failed to upload ' . $key . ' to ' . $this->_bucket->name() . ', ' .
                 trim(preg_replace('/\s\s+/', ' ', $e->getMessage())));
             return false;
         }
@@ -141,13 +143,13 @@ class GoogleCloudStorage extends AbstractData
     public function read($pasteid)
     {
         try {
-            $o    = self::$_bucket->object($this->_getKey($pasteid));
+            $o    = $this->_bucket->object($this->_getKey($pasteid));
             $data = $o->downloadAsString();
             return Json::decode($data);
         } catch (NotFoundException $e) {
             return false;
         } catch (Exception $e) {
-            error_log('failed to read ' . $pasteid . ' from ' . self::$_bucket->name() . ', ' .
+            error_log('failed to read ' . $pasteid . ' from ' . $this->_bucket->name() . ', ' .
                 trim(preg_replace('/\s\s+/', ' ', $e->getMessage())));
             return false;
         }
@@ -161,9 +163,9 @@ class GoogleCloudStorage extends AbstractData
         $name = $this->_getKey($pasteid);
 
         try {
-            foreach (self::$_bucket->objects(array('prefix' => $name . '/discussion/')) as $comment) {
+            foreach ($this->_bucket->objects(array('prefix' => $name . '/discussion/')) as $comment) {
                 try {
-                    self::$_bucket->object($comment->name())->delete();
+                    $this->_bucket->object($comment->name())->delete();
                 } catch (NotFoundException $e) {
                     // ignore if already deleted.
                 }
@@ -173,7 +175,7 @@ class GoogleCloudStorage extends AbstractData
         }
 
         try {
-            self::$_bucket->object($name)->delete();
+            $this->_bucket->object($name)->delete();
         } catch (NotFoundException $e) {
             // ignore if already deleted
         }
@@ -184,7 +186,7 @@ class GoogleCloudStorage extends AbstractData
      */
     public function exists($pasteid)
     {
-        $o = self::$_bucket->object($this->_getKey($pasteid));
+        $o = $this->_bucket->object($this->_getKey($pasteid));
         return $o->exists();
     }
 
@@ -208,8 +210,8 @@ class GoogleCloudStorage extends AbstractData
         $comments = array();
         $prefix   = $this->_getKey($pasteid) . '/discussion/';
         try {
-            foreach (self::$_bucket->objects(array('prefix' => $prefix)) as $key) {
-                $comment         = JSON::decode(self::$_bucket->object($key->name())->downloadAsString());
+            foreach ($this->_bucket->objects(array('prefix' => $prefix)) as $key) {
+                $comment         = JSON::decode($this->_bucket->object($key->name())->downloadAsString());
                 $comment['id']   = basename($key->name());
                 $slot            = $this->getOpenSlot($comments, (int) $comment['meta']['created']);
                 $comments[$slot] = $comment;
@@ -226,7 +228,7 @@ class GoogleCloudStorage extends AbstractData
     public function existsComment($pasteid, $parentid, $commentid)
     {
         $name = $this->_getKey($pasteid) . '/discussion/' . $parentid . '/' . $commentid;
-        $o    = self::$_bucket->object($name);
+        $o    = $this->_bucket->object($name);
         return $o->exists();
     }
 
@@ -237,7 +239,7 @@ class GoogleCloudStorage extends AbstractData
     {
         $path = 'config/' . $namespace;
         try {
-            foreach (self::$_bucket->objects(array('prefix' => $path)) as $object) {
+            foreach ($this->_bucket->objects(array('prefix' => $path)) as $object) {
                 $name = $object->name();
                 if (strlen($name) > strlen($path) && substr($name, strlen($path), 1) !== '/') {
                     continue;
@@ -277,17 +279,20 @@ class GoogleCloudStorage extends AbstractData
             $metadata['value'] = strval($value);
         }
         try {
-            self::$_bucket->upload($value, array(
+            $data = array(
                 'name'          => $key,
                 'chunkSize'     => 262144,
-                'predefinedAcl' => 'private',
                 'metadata'      => array(
                     'content-type' => 'application/json',
                     'metadata'     => $metadata,
                 ),
-            ));
+            );
+            if (!$this->_uniformacl) {
+                $data['predefinedAcl'] = 'private';
+            }
+            $this->_bucket->upload($value, $data);
         } catch (Exception $e) {
-            error_log('failed to set key ' . $key . ' to ' . self::$_bucket->name() . ', ' .
+            error_log('failed to set key ' . $key . ' to ' . $this->_bucket->name() . ', ' .
                 trim(preg_replace('/\s\s+/', ' ', $e->getMessage())));
             return false;
         }
@@ -305,7 +310,7 @@ class GoogleCloudStorage extends AbstractData
             $key = 'config/' . $namespace . '/' . $key;
         }
         try {
-            $o = self::$_bucket->object($key);
+            $o = $this->_bucket->object($key);
             return $o->downloadAsString();
         } catch (NotFoundException $e) {
             return '';
@@ -320,12 +325,12 @@ class GoogleCloudStorage extends AbstractData
         $expired = array();
 
         $now    = time();
-        $prefix = self::$_prefix;
+        $prefix = $this->_prefix;
         if ($prefix != '') {
             $prefix .= '/';
         }
         try {
-            foreach (self::$_bucket->objects(array('prefix' => $prefix)) as $object) {
+            foreach ($this->_bucket->objects(array('prefix' => $prefix)) as $object) {
                 $metadata = $object->info()['metadata'];
                 if ($metadata != null && array_key_exists('expire_date', $metadata)) {
                     $expire_at = intval($metadata['expire_date']);
@@ -343,4 +348,28 @@ class GoogleCloudStorage extends AbstractData
         }
         return $expired;
     }
+
+    /**
+     * @inheritDoc
+     */
+    public function getAllPastes()
+    {
+        $pastes = array();
+        $prefix = $this->_prefix;
+        if ($prefix != '') {
+            $prefix .= '/';
+        }
+
+        try {
+            foreach ($this->_bucket->objects(array('prefix' => $prefix)) as $object) {
+                $candidate = substr($object->name(), strlen($prefix));
+                if (strpos($candidate, '/') === false) {
+                    $pastes[] = $candidate;
+                }
+            }
+        } catch (NotFoundException $e) {
+            // no objects in the bucket yet
+        }
+        return $pastes;
+    }
 }

lib/Data/S3Storage.php

@@ -0,0 +1,473 @@
+<?php
+/**
+ * S3.php
+ *
+ * an S3 compatible data backend for PrivateBin with CEPH/RadosGW in mind
+ * see https://docs.ceph.com/en/latest/radosgw/s3/php/
+ * based on lib/Data/GoogleCloudStorage.php from PrivateBin version 1.5.1
+ *
+ * @link      https://github.com/PrivateBin/PrivateBin
+ * @copyright 2022 Felix J. Ogris (https://ogris.de/)
+ * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
+ * @version   1.4.1
+ *
+ * Installation:
+ *   1. Make sure you have composer.lock and composer.json in the document root of your PasteBin
+ *   2. If not, grab a copy from https://github.com/PrivateBin/PrivateBin
+ *   3. As non-root user, install the AWS SDK for PHP:
+ *      composer require aws/aws-sdk-php
+ *      (On FreeBSD, install devel/php-composer2 prior, e.g.: make -C /usr/ports/devel/php-composer2 install clean)
+ *   4. In cfg/conf.php, comment out all [model] and [model_options] settings
+ *   5. Still in cfg/conf.php, add a new [model] section:
+ *      [model]
+ *      class = S3Storage
+ *   6. Add a new [model_options] as well, e.g. for a Rados gateway as part of your CEPH cluster:
+ *      [model_options]
+ *      region = ""
+ *      version = "2006-03-01"
+ *      endpoint = "https://s3.my-ceph.invalid"
+ *      use_path_style_endpoint = true
+ *      bucket = "my-bucket"
+ *      prefix = "privatebin"  (place all PrivateBin data beneath this prefix)
+ *      accesskey = "my-rados-user"
+ *      secretkey = "my-rados-pass"
+ */
+
+namespace PrivateBin\Data;
+
+use Aws\S3\Exception\S3Exception;
+use Aws\S3\S3Client;
+use PrivateBin\Json;
+
+class S3Storage extends AbstractData
+{
+    /**
+     * S3 client
+     *
+     * @access private
+     * @var    S3Client
+     */
+    private $_client = null;
+
+    /**
+     * S3 client options
+     *
+     * @access private
+     * @var    array
+     */
+    private $_options = array();
+
+    /**
+     * S3 bucket
+     *
+     * @access private
+     * @var    string
+     */
+    private $_bucket = null;
+
+    /**
+     * S3 prefix for all PrivateBin data in this bucket
+     *
+     * @access private
+     * @var    string
+     */
+    private $_prefix = '';
+
+    /**
+     * instantiates a new S3 data backend.
+     *
+     * @access public
+     * @param array $options
+     * @return
+     */
+    public function __construct(array $options)
+    {
+        $this->_options['credentials'] = array();
+
+        if (is_array($options) && array_key_exists('region', $options)) {
+            $this->_options['region'] = $options['region'];
+        }
+        if (is_array($options) && array_key_exists('version', $options)) {
+            $this->_options['version'] = $options['version'];
+        }
+        if (is_array($options) && array_key_exists('endpoint', $options)) {
+            $this->_options['endpoint'] = $options['endpoint'];
+        }
+        if (is_array($options) && array_key_exists('accesskey', $options)) {
+            $this->_options['credentials']['key'] = $options['accesskey'];
+        }
+        if (is_array($options) && array_key_exists('secretkey', $options)) {
+            $this->_options['credentials']['secret'] = $options['secretkey'];
+        }
+        if (is_array($options) && array_key_exists('use_path_style_endpoint', $options)) {
+            $this->_options['use_path_style_endpoint'] = filter_var($options['use_path_style_endpoint'], FILTER_VALIDATE_BOOLEAN);
+        }
+        if (is_array($options) && array_key_exists('bucket', $options)) {
+            $this->_bucket = $options['bucket'];
+        }
+        if (is_array($options) && array_key_exists('prefix', $options)) {
+            $this->_prefix = $options['prefix'];
+        }
+
+        $this->_client = new S3Client($this->_options);
+    }
+
+    /**
+     * returns all objects in the given prefix.
+     *
+     * @access private
+     * @param $prefix string with prefix
+     * @return array all objects in the given prefix
+     */
+    private function _listAllObjects($prefix)
+    {
+        $allObjects = array();
+        $options    = array(
+            'Bucket' => $this->_bucket,
+            'Prefix' => $prefix,
+        );
+
+        do {
+            $objectsListResponse = $this->_client->listObjects($options);
+            $objects             = $objectsListResponse['Contents'] ?? array();
+            foreach ($objects as $object) {
+                $allObjects[]      = $object;
+                $options['Marker'] = $object['Key'];
+            }
+        } while ($objectsListResponse['IsTruncated']);
+
+        return $allObjects;
+    }
+
+    /**
+     * returns the S3 storage object key for $pasteid in $this->_bucket.
+     *
+     * @access private
+     * @param $pasteid string to get the key for
+     * @return string
+     */
+    private function _getKey($pasteid)
+    {
+        if ($this->_prefix != '') {
+            return $this->_prefix . '/' . $pasteid;
+        }
+        return $pasteid;
+    }
+
+    /**
+     * Uploads the payload in the $this->_bucket under the specified key.
+     * The entire payload is stored as a JSON document. The metadata is replicated
+     * as the S3 object's metadata except for the fields attachment, attachmentname
+     * and salt.
+     *
+     * @param $key string to store the payload under
+     * @param $payload array to store
+     * @return bool true if successful, otherwise false.
+     */
+    private function _upload($key, $payload)
+    {
+        $metadata = array_key_exists('meta', $payload) ? $payload['meta'] : array();
+        unset($metadata['attachment'], $metadata['attachmentname'], $metadata['salt']);
+        foreach ($metadata as $k => $v) {
+            $metadata[$k] = strval($v);
+        }
+        try {
+            $this->_client->putObject(array(
+                'Bucket'      => $this->_bucket,
+                'Key'         => $key,
+                'Body'        => Json::encode($payload),
+                'ContentType' => 'application/json',
+                'Metadata'    => $metadata,
+            ));
+        } catch (S3Exception $e) {
+            error_log('failed to upload ' . $key . ' to ' . $this->_bucket . ', ' .
+                trim(preg_replace('/\s\s+/', ' ', $e->getMessage())));
+            return false;
+        }
+        return true;
+    }
+
+    /**
+     * @inheritDoc
+     */
+    public function create($pasteid, array $paste)
+    {
+        if ($this->exists($pasteid)) {
+            return false;
+        }
+
+        return $this->_upload($this->_getKey($pasteid), $paste);
+    }
+
+    /**
+     * @inheritDoc
+     */
+    public function read($pasteid)
+    {
+        try {
+            $object = $this->_client->getObject(array(
+                'Bucket' => $this->_bucket,
+                'Key'    => $this->_getKey($pasteid),
+            ));
+            $data = $object['Body']->getContents();
+            return Json::decode($data);
+        } catch (S3Exception $e) {
+            error_log('failed to read ' . $pasteid . ' from ' . $this->_bucket . ', ' .
+                trim(preg_replace('/\s\s+/', ' ', $e->getMessage())));
+            return false;
+        }
+    }
+
+    /**
+     * @inheritDoc
+     */
+    public function delete($pasteid)
+    {
+        $name = $this->_getKey($pasteid);
+
+        try {
+            $comments = $this->_listAllObjects($name . '/discussion/');
+            foreach ($comments as $comment) {
+                try {
+                    $this->_client->deleteObject(array(
+                        'Bucket' => $this->_bucket,
+                        'Key'    => $comment['Key'],
+                    ));
+                } catch (S3Exception $e) {
+                    // ignore if already deleted.
+                }
+            }
+        } catch (S3Exception $e) {
+            // there are no discussions associated with the paste
+        }
+
+        try {
+            $this->_client->deleteObject(array(
+                'Bucket' => $this->_bucket,
+                'Key'    => $name,
+            ));
+        } catch (S3Exception $e) {
+            // ignore if already deleted
+        }
+    }
+
+    /**
+     * @inheritDoc
+     */
+    public function exists($pasteid)
+    {
+        return $this->_client->doesObjectExistV2($this->_bucket, $this->_getKey($pasteid));
+    }
+
+    /**
+     * @inheritDoc
+     */
+    public function createComment($pasteid, $parentid, $commentid, array $comment)
+    {
+        if ($this->existsComment($pasteid, $parentid, $commentid)) {
+            return false;
+        }
+        $key = $this->_getKey($pasteid) . '/discussion/' . $parentid . '/' . $commentid;
+        return $this->_upload($key, $comment);
+    }
+
+    /**
+     * @inheritDoc
+     */
+    public function readComments($pasteid)
+    {
+        $comments = array();
+        $prefix   = $this->_getKey($pasteid) . '/discussion/';
+        try {
+            $entries = $this->_listAllObjects($prefix);
+            foreach ($entries as $entry) {
+                $object = $this->_client->getObject(array(
+                    'Bucket' => $this->_bucket,
+                    'Key'    => $entry['Key'],
+                ));
+                $body             = JSON::decode($object['Body']->getContents());
+                $items            = explode('/', $entry['Key']);
+                $body['id']       = $items[3];
+                $body['parentid'] = $items[2];
+                $slot             = $this->getOpenSlot($comments, (int) $object['Metadata']['created']);
+                $comments[$slot]  = $body;
+            }
+        } catch (S3Exception $e) {
+            // no comments found
+        }
+        return $comments;
+    }
+
+    /**
+     * @inheritDoc
+     */
+    public function existsComment($pasteid, $parentid, $commentid)
+    {
+        $name = $this->_getKey($pasteid) . '/discussion/' . $parentid . '/' . $commentid;
+        return $this->_client->doesObjectExistV2($this->_bucket, $name);
+    }
+
+    /**
+     * @inheritDoc
+     */
+    public function purgeValues($namespace, $time)
+    {
+        $path = $this->_prefix;
+        if ($path != '') {
+            $path .= '/';
+        }
+        $path .= 'config/' . $namespace;
+
+        try {
+            foreach ($this->_listAllObjects($path) as $object) {
+                $name = $object['Key'];
+                if (strlen($name) > strlen($path) && substr($name, strlen($path), 1) !== '/') {
+                    continue;
+                }
+                $head = $this->_client->headObject(array(
+                    'Bucket' => $this->_bucket,
+                    'Key'    => $name,
+                ));
+                if ($head->get('Metadata') != null && array_key_exists('value', $head->get('Metadata'))) {
+                    $value = $head->get('Metadata')['value'];
+                    if (is_numeric($value) && intval($value) < $time) {
+                        try {
+                            $this->_client->deleteObject(array(
+                                'Bucket' => $this->_bucket,
+                                'Key'    => $name,
+                            ));
+                        } catch (S3Exception $e) {
+                            // deleted by another instance.
+                        }
+                    }
+                }
+            }
+        } catch (S3Exception $e) {
+            // no objects in the bucket yet
+        }
+    }
+
+    /**
+     * For S3, the value will also be stored in the metadata for the
+     * namespaces traffic_limiter and purge_limiter.
+     * @inheritDoc
+     */
+    public function setValue($value, $namespace, $key = '')
+    {
+        $prefix = $this->_prefix;
+        if ($prefix != '') {
+            $prefix .= '/';
+        }
+
+        if ($key === '') {
+            $key = $prefix . 'config/' . $namespace;
+        } else {
+            $key = $prefix . 'config/' . $namespace . '/' . $key;
+        }
+
+        $metadata = array('namespace' => $namespace);
+        if ($namespace != 'salt') {
+            $metadata['value'] = strval($value);
+        }
+        try {
+            $this->_client->putObject(array(
+                'Bucket'      => $this->_bucket,
+                'Key'         => $key,
+                'Body'        => $value,
+                'ContentType' => 'application/json',
+                'Metadata'    => $metadata,
+            ));
+        } catch (S3Exception $e) {
+            error_log('failed to set key ' . $key . ' to ' . $this->_bucket . ', ' .
+                trim(preg_replace('/\s\s+/', ' ', $e->getMessage())));
+            return false;
+        }
+        return true;
+    }
+
+    /**
+     * @inheritDoc
+     */
+    public function getValue($namespace, $key = '')
+    {
+        $prefix = $this->_prefix;
+        if ($prefix != '') {
+            $prefix .= '/';
+        }
+
+        if ($key === '') {
+            $key = $prefix . 'config/' . $namespace;
+        } else {
+            $key = $prefix . 'config/' . $namespace . '/' . $key;
+        }
+
+        try {
+            $object = $this->_client->getObject(array(
+                'Bucket' => $this->_bucket,
+                'Key'    => $key,
+            ));
+            return $object['Body']->getContents();
+        } catch (S3Exception $e) {
+            return '';
+        }
+    }
+
+    /**
+     * @inheritDoc
+     */
+    protected function _getExpiredPastes($batchsize)
+    {
+        $expired = array();
+        $now     = time();
+        $prefix  = $this->_prefix;
+        if ($prefix != '') {
+            $prefix .= '/';
+        }
+
+        try {
+            foreach ($this->_listAllObjects($prefix) as $object) {
+                $head = $this->_client->headObject(array(
+                    'Bucket' => $this->_bucket,
+                    'Key'    => $object['Key'],
+                ));
+                if ($head->get('Metadata') != null && array_key_exists('expire_date', $head->get('Metadata'))) {
+                    $expire_at = intval($head->get('Metadata')['expire_date']);
+                    if ($expire_at != 0 && $expire_at < $now) {
+                        array_push($expired, $object['Key']);
+                    }
+                }
+
+                if (count($expired) > $batchsize) {
+                    break;
+                }
+            }
+        } catch (S3Exception $e) {
+            // no objects in the bucket yet
+        }
+        return $expired;
+    }
+
+    /**
+     * @inheritDoc
+     */
+    public function getAllPastes()
+    {
+        $pastes = array();
+        $prefix = $this->_prefix;
+        if ($prefix != '') {
+            $prefix .= '/';
+        }
+
+        try {
+            foreach ($this->_listAllObjects($prefix) as $object) {
+                $candidate = substr($object['Key'], strlen($prefix));
+                if (strpos($candidate, '/') === false) {
+                    $pastes[] = $candidate;
+                }
+            }
+        } catch (S3Exception $e) {
+            // no objects in the bucket yet
+        }
+        return $pastes;
+    }
+}

lib/Filter.php

@@ -7,7 +7,7 @@
  * @link      https://github.com/PrivateBin/PrivateBin
  * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
  * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   1.3.5
+ * @version   1.5.1
  */
 
 namespace PrivateBin;

lib/FormatV2.php

@@ -7,7 +7,7 @@
  * @link      https://github.com/PrivateBin/PrivateBin
  * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
  * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   1.3.5
+ * @version   1.5.1
  */
 
 namespace PrivateBin;

lib/I18n.php

@@ -7,7 +7,7 @@
  * @link      https://github.com/PrivateBin/PrivateBin
  * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
  * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   1.3.5
+ * @version   1.5.1
  */
 
 namespace PrivateBin;
@@ -84,7 +84,7 @@ class I18n
      */
     public static function _($messageId)
     {
-        return forward_static_call_array('self::translate', func_get_args());
+        return forward_static_call_array('PrivateBin\I18n::translate', func_get_args());
     }
 
     /**
@@ -305,7 +305,7 @@ class I18n
     /**
      * determines the plural form to use based on current language and given number
      *
-     * From: https://localization-guide.readthedocs.org/en/latest/l10n/pluralforms.html
+     * From: https://docs.translatehouse.org/projects/localization-guide/en/latest/l10n/pluralforms.html
      *
      * @access protected
      * @static
@@ -316,28 +316,32 @@ class I18n
     {
         switch (self::$_language) {
             case 'cs':
-                return $n == 1 ? 0 : ($n >= 2 && $n <= 4 ? 1 : 2);
+            case 'sk':
+                return $n === 1 ? 0 : ($n >= 2 && $n <= 4 ? 1 : 2);
+            case 'co':
             case 'fr':
             case 'oc':
+            case 'tr':
             case 'zh':
                 return $n > 1 ? 1 : 0;
             case 'he':
                 return $n === 1 ? 0 : ($n === 2 ? 1 : (($n < 0 || $n > 10) && ($n % 10 === 0) ? 2 : 3));
             case 'id':
             case 'jbo':
+            case 'th':
                 return 0;
             case 'lt':
                 return $n % 10 === 1 && $n % 100 !== 11 ? 0 : (($n % 10 >= 2 && $n % 100 < 10 || $n % 100 >= 20) ? 1 : 2);
             case 'pl':
-                return $n == 1 ? 0 : ($n % 10 >= 2 && $n % 10 <= 4 && ($n % 100 < 10 || $n % 100 >= 20) ? 1 : 2);
+                return $n === 1 ? 0 : ($n % 10 >= 2 && $n % 10 <= 4 && ($n % 100 < 10 || $n % 100 >= 20) ? 1 : 2);
             case 'ru':
             case 'uk':
-                return $n % 10 == 1 && $n % 100 != 11 ? 0 : ($n % 10 >= 2 && $n % 10 <= 4 && ($n % 100 < 10 || $n % 100 >= 20) ? 1 : 2);
+                return $n % 10 === 1 && $n % 100 != 11 ? 0 : ($n % 10 >= 2 && $n % 10 <= 4 && ($n % 100 < 10 || $n % 100 >= 20) ? 1 : 2);
             case 'sl':
-                return $n % 100 == 1 ? 1 : ($n % 100 == 2 ? 2 : ($n % 100 == 3 || $n % 100 == 4 ? 3 : 0));
-            // bg, ca, de, en, es, et, hu, it, nl, no, pt
+                return $n % 100 === 1 ? 1 : ($n % 100 === 2 ? 2 : ($n % 100 === 3 || $n % 100 === 4 ? 3 : 0));
+            // bg, ca, de, el, en, es, et, fi, hu, it, nl, no, pt
             default:
-                return $n != 1 ? 1 : 0;
+                return $n !== 1 ? 1 : 0;
         }
     }
 

lib/Json.php

@@ -7,7 +7,7 @@
  * @link      https://github.com/PrivateBin/PrivateBin
  * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
  * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   1.3.5
+ * @version   1.5.1
  */
 
 namespace PrivateBin;

lib/Model.php

@@ -7,7 +7,7 @@
  * @link      https://github.com/PrivateBin/PrivateBin
  * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
  * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   1.3.5
+ * @version   1.5.1
  */
 
 namespace PrivateBin;
@@ -81,10 +81,8 @@ class Model
     public function getStore()
     {
         if ($this->_store === null) {
-            $this->_store = forward_static_call(
-                'PrivateBin\\Data\\' . $this->_conf->getKey('class', 'model') . '::getInstance',
-                $this->_conf->getSection('model_options')
-            );
+            $class        = 'PrivateBin\\Data\\' . $this->_conf->getKey('class', 'model');
+            $this->_store = new $class($this->_conf->getSection('model_options'));
         }
         return $this->_store;
     }

lib/Model/AbstractModel.php

@@ -7,7 +7,7 @@
  * @link      https://github.com/PrivateBin/PrivateBin
  * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
  * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   1.3.5
+ * @version   1.5.1
  */
 
 namespace PrivateBin\Model;

lib/Model/Comment.php

@@ -7,13 +7,14 @@
  * @link      https://github.com/PrivateBin/PrivateBin
  * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
  * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   1.3.5
+ * @version   1.5.1
  */
 
 namespace PrivateBin\Model;
 
 use Exception;
 use Identicon\Identicon;
+use Jdenticon\Identicon as Jdenticon;
 use PrivateBin\Persistence\TrafficLimiter;
 use PrivateBin\Vizhash16x16;
 
@@ -167,6 +168,16 @@ class Comment extends AbstractModel
             if ($icon == 'identicon') {
                 $identicon = new Identicon();
                 $pngdata   = $identicon->getImageDataUri($hmac, 16);
+            } elseif ($icon == 'jdenticon') {
+                $jdenticon = new Jdenticon(array(
+                    'hash'  => $hmac,
+                    'size'  => 16,
+                    'style' => array(
+                        'backgroundColor'   => '#fff0', // fully transparent, for dark mode
+                        'padding'           => 0,
+                    ),
+                ));
+                $pngdata   = $jdenticon->getImageDataUri('png');
             } elseif ($icon == 'vizhash') {
                 $vh      = new Vizhash16x16();
                 $pngdata = 'data:image/png;base64,' . base64_encode(

lib/Model/Paste.php

@@ -7,7 +7,7 @@
  * @link      https://github.com/PrivateBin/PrivateBin
  * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
  * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   1.3.5
+ * @version   1.5.1
  */
 
 namespace PrivateBin\Model;

lib/Persistence/AbstractPersistence.php

@@ -7,7 +7,7 @@
  * @link      https://github.com/PrivateBin/PrivateBin
  * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
  * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   1.3.5
+ * @version   1.5.1
  */
 
 namespace PrivateBin\Persistence;

lib/Persistence/PurgeLimiter.php

@@ -7,7 +7,7 @@
  * @link      https://github.com/PrivateBin/PrivateBin
  * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
  * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   1.3.5
+ * @version   1.5.1
  */
 
 namespace PrivateBin\Persistence;

lib/Persistence/ServerSalt.php

@@ -7,7 +7,7 @@
  * @link      https://github.com/PrivateBin/PrivateBin
  * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
  * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   1.3.5
+ * @version   1.5.1
  */
 
 namespace PrivateBin\Persistence;

lib/Persistence/TrafficLimiter.php

@@ -8,13 +8,16 @@
  * @link      https://github.com/PrivateBin/PrivateBin
  * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
  * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   1.3.5
+ * @version   1.5.1
  */
 
 namespace PrivateBin\Persistence;
 
+use Exception;
 use IPLib\Factory;
+use IPLib\ParseStringFlag;
 use PrivateBin\Configuration;
+use PrivateBin\I18n;
 
 /**
  * TrafficLimiter
@@ -24,22 +27,22 @@ use PrivateBin\Configuration;
 class TrafficLimiter extends AbstractPersistence
 {
     /**
-     * time limit in seconds, defaults to 10s
-     *
-     * @access private
-     * @static
-     * @var    int
-     */
-    private static $_limit = 10;
-
-    /**
-     * listed ips are exempted from limits, defaults to null
+     * listed IPs are the only ones allowed to create, defaults to null
      *
      * @access private
      * @static
      * @var    string|null
      */
-    private static $_exemptedIp = null;
+    private static $_creators = null;
+
+    /**
+     * listed IPs are exempted from limits, defaults to null
+     *
+     * @access private
+     * @static
+     * @var    string|null
+     */
+    private static $_exempted = null;
 
     /**
      * key to fetch IP address
@@ -51,28 +54,13 @@ class TrafficLimiter extends AbstractPersistence
     private static $_ipKey = 'REMOTE_ADDR';
 
     /**
-     * set the time limit in seconds
+     * time limit in seconds, defaults to 10s
      *
-     * @access public
+     * @access private
      * @static
-     * @param  int $limit
+     * @var    int
      */
-    public static function setLimit($limit)
-    {
-        self::$_limit = $limit;
-    }
-
-    /**
-     * set a list of ip(ranges) as string
-     *
-     * @access public
-     * @static
-     * @param string $exemptedIps
-     */
-    public static function setExemptedIp($exemptedIp)
-    {
-        self::$_exemptedIp = $exemptedIp;
-    }
+    private static $_limit = 10;
 
     /**
      * set configuration options of the traffic limiter
@@ -83,10 +71,11 @@ class TrafficLimiter extends AbstractPersistence
      */
     public static function setConfiguration(Configuration $conf)
     {
+        self::setCreators($conf->getKey('creators', 'traffic'));
+        self::setExempted($conf->getKey('exempted', 'traffic'));
         self::setLimit($conf->getKey('limit', 'traffic'));
-        self::setExemptedIp($conf->getKey('exemptedIp', 'traffic'));
 
-        if (($option = $conf->getKey('header', 'traffic')) !== null) {
+        if (($option = $conf->getKey('header', 'traffic')) !== '') {
             $httpHeader = 'HTTP_' . $option;
             if (array_key_exists($httpHeader, $_SERVER) && !empty($_SERVER[$httpHeader])) {
                 self::$_ipKey = $httpHeader;
@@ -94,6 +83,42 @@ class TrafficLimiter extends AbstractPersistence
         }
     }
 
+    /**
+     * set a list of creator IP(-ranges) as string
+     *
+     * @access public
+     * @static
+     * @param string $creators
+     */
+    public static function setCreators($creators)
+    {
+        self::$_creators = $creators;
+    }
+
+    /**
+     * set a list of exempted IP(-ranges) as string
+     *
+     * @access public
+     * @static
+     * @param string $exempted
+     */
+    public static function setExempted($exempted)
+    {
+        self::$_exempted = $exempted;
+    }
+
+    /**
+     * set the time limit in seconds
+     *
+     * @access public
+     * @static
+     * @param  int $limit
+     */
+    public static function setLimit($limit)
+    {
+        self::$_limit = $limit;
+    }
+
     /**
      * get a HMAC of the current visitors IP address
      *
@@ -108,7 +133,7 @@ class TrafficLimiter extends AbstractPersistence
     }
 
     /**
-     * Validate $_ipKey against configured ipranges. If matched we will ignore the ip
+     * validate $_ipKey against configured ipranges. If matched we will ignore the ip
      *
      * @access private
      * @static
@@ -120,8 +145,11 @@ class TrafficLimiter extends AbstractPersistence
         if (is_string($ipRange)) {
             $ipRange = trim($ipRange);
         }
-        $address = Factory::addressFromString($_SERVER[self::$_ipKey]);
-        $range   = Factory::rangeFromString($ipRange);
+        $address = Factory::parseAddressString($_SERVER[self::$_ipKey]);
+        $range   = Factory::parseRangeString(
+            $ipRange,
+            ParseStringFlag::IPV4_MAYBE_NON_DECIMAL | ParseStringFlag::IPV4SUBNET_MAYBE_COMPACT | ParseStringFlag::IPV4ADDRESS_MAYBE_NON_QUAD_DOTTED
+        );
 
         // address could not be parsed, we might not be in IP space and try a string comparison instead
         if (is_null($address)) {
@@ -136,24 +164,35 @@ class TrafficLimiter extends AbstractPersistence
     }
 
     /**
-     * traffic limiter
-     *
-     * Make sure the IP address makes at most 1 request every 10 seconds.
+     * make sure the IP address is allowed to perfom a request
      *
      * @access public
      * @static
-     * @return bool
+     * @throws Exception
+     * @return true
      */
     public static function canPass()
     {
+        // if creators are defined, the traffic limiter will only allow creation
+        // for these, with no limits, and skip any other rules
+        if (!empty(self::$_creators)) {
+            $creatorIps = explode(',', self::$_creators);
+            foreach ($creatorIps as $ipRange) {
+                if (self::matchIp($ipRange) === true) {
+                    return true;
+                }
+            }
+            throw new Exception(I18n::_('Your IP is not authorized to create pastes.'));
+        }
+
         // disable limits if set to less then 1
         if (self::$_limit < 1) {
             return true;
         }
 
-        // Check if $_ipKey is exempted from ratelimiting
-        if (!is_null(self::$_exemptedIp)) {
-            $exIp_array = explode(',', self::$_exemptedIp);
+        // check if $_ipKey is exempted from ratelimiting
+        if (!empty(self::$_exempted)) {
+            $exIp_array = explode(',', self::$_exempted);
             foreach ($exIp_array as $ipRange) {
                 if (self::matchIp($ipRange) === true) {
                     return true;
@@ -161,7 +200,7 @@ class TrafficLimiter extends AbstractPersistence
             }
         }
 
-        // this hash is used as an array key, hence a shorter algo is used
+        // used as array key, which are limited in length, hence using algo with shorter range
         $hash = self::getHash('sha256');
         $now  = time();
         $tl   = (int) self::$_store->getValue('traffic_limiter', $hash);
@@ -175,6 +214,12 @@ class TrafficLimiter extends AbstractPersistence
         if (!self::$_store->setValue((string) $tl, 'traffic_limiter', $hash)) {
             error_log('failed to store the traffic limiter, it probably contains outdated information');
         }
-        return $result;
+        if ($result) {
+            return true;
+        }
+        throw new Exception(I18n::_(
+            'Please wait %d seconds between each post.',
+            self::$_limit
+        ));
     }
 }

lib/Request.php

@@ -7,11 +7,13 @@
  * @link      https://github.com/PrivateBin/PrivateBin
  * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
  * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   1.3.5
+ * @version   1.5.1
  */
 
 namespace PrivateBin;
 
+use Exception;
+
 /**
  * Request
  *
@@ -110,9 +112,13 @@ class Request
             case 'POST':
                 // it might be a creation or a deletion, the latter is detected below
                 $this->_operation = 'create';
-                $this->_params    = Json::decode(
-                    file_get_contents(self::$_inputStream)
-                );
+                try {
+                    $this->_params = Json::decode(
+                        file_get_contents(self::$_inputStream)
+                    );
+                } catch (Exception $e) {
+                    // ignore error, $this->_params will remain empty
+                }
                 break;
             default:
                 $this->_params = $_GET;
@@ -120,6 +126,7 @@ class Request
         if (
             !array_key_exists('pasteid', $this->_params) &&
             !array_key_exists('jsonld', $this->_params) &&
+            !array_key_exists('link', $this->_params) &&
             array_key_exists('QUERY_STRING', $_SERVER) &&
             !empty($_SERVER['QUERY_STRING'])
         ) {
@@ -135,6 +142,10 @@ class Request
             }
         } elseif (array_key_exists('jsonld', $this->_params) && !empty($this->_params['jsonld'])) {
             $this->_operation = 'jsonld';
+        } elseif (array_key_exists('link', $this->_params) && !empty($this->_params['link'])) {
+            if (strpos($this->getRequestUri(), '/shortenviayourls') !== false) {
+                $this->_operation = 'yourlsproxy';
+            }
         }
     }
 

lib/View.php

@@ -6,8 +6,8 @@
  *
  * @link      https://github.com/PrivateBin/PrivateBin
  * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
- * @license   http://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   1.3.5
+ * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
+ * @version   1.5.1
  */
 
 namespace PrivateBin;

lib/Vizhash16x16.php

@@ -5,10 +5,10 @@
  * Visual Hash implementation in php4+GD,
  * stripped down and modified version for PrivateBin
  *
- * @link      http://sebsauvage.net/wiki/doku.php?id=php:vizhash_gd
+ * @link      https://sebsauvage.net/wiki/doku.php?id=php:vizhash_gd
  * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
  * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
- * @version   0.0.5 beta PrivateBin 1.3.5
+ * @version   0.0.5 beta PrivateBin 1.5.1
  */
 
 namespace PrivateBin;
@@ -166,7 +166,7 @@ class Vizhash16x16
      * Gradient function
      *
      * taken from:
-     * http://www.supportduweb.com/scripts_tutoriaux-code-source-41-gd-faire-un-degrade-en-php-gd-fonction-degrade-imagerie.html
+     * @link   https://www.supportduweb.com/scripts_tutoriaux-code-source-41-gd-faire-un-degrade-en-php-gd-fonction-degrade-imagerie.html
      *
      * @access private
      * @param  resource $img

lib/YourlsProxy.php

@@ -0,0 +1,132 @@
+<?php
+/**
+ * PrivateBin
+ *
+ * a zero-knowledge paste bin
+ *
+ * @link      https://github.com/PrivateBin/PrivateBin
+ * @copyright 2012 Sébastien SAUVAGE (sebsauvage.net)
+ * @license   https://www.opensource.org/licenses/zlib-license.php The zlib/libpng License
+ * @version   1.5.1
+ */
+
+namespace PrivateBin;
+
+use Exception;
+
+/**
+ * YourlsProxy
+ *
+ * Forwards a URL for shortening to YOURLS (your own URL shortener) and stores
+ * the result.
+ */
+class YourlsProxy
+{
+    /**
+     * error message
+     *
+     * @access private
+     * @var    string
+     */
+    private $_error = '';
+
+    /**
+     * shortened URL
+     *
+     * @access private
+     * @var    string
+     */
+    private $_url = '';
+
+    /**
+     * constructor
+     *
+     * initializes and runs PrivateBin
+     *
+     * @access public
+     * @param string $link
+     */
+    public function __construct(Configuration $conf, $link)
+    {
+        if (strpos($link, $conf->getKey('basepath') . '?') === false) {
+            $this->_error = 'Trying to shorten a URL that isn\'t pointing at our instance.';
+            return;
+        }
+
+        $yourls_api_url = $conf->getKey('apiurl', 'yourls');
+        if (empty($yourls_api_url)) {
+            $this->_error = 'Error calling YOURLS. Probably a configuration issue, like wrong or missing "apiurl" or "signature".';
+            return;
+        }
+
+        $data = file_get_contents(
+            $yourls_api_url, false, stream_context_create(
+                array(
+                    'http' => array(
+                        'method'  => 'POST',
+                        'header'  => "Content-Type: application/x-www-form-urlencoded\r\n",
+                        'content' => http_build_query(
+                            array(
+                                'signature' => $conf->getKey('signature', 'yourls'),
+                                'format'    => 'json',
+                                'action'    => 'shorturl',
+                                'url'       => $link,
+                            )
+                        ),
+                    ),
+                )
+            )
+        );
+        try {
+            $data = Json::decode($data);
+        } catch (Exception $e) {
+            $this->_error = 'Error calling YOURLS. Probably a configuration issue, like wrong or missing "apiurl" or "signature".';
+            error_log('Error calling YOURLS: ' . $e->getMessage());
+            return;
+        }
+
+        if (
+            !is_null($data) &&
+            array_key_exists('statusCode', $data) &&
+            $data['statusCode'] == 200 &&
+            array_key_exists('shorturl', $data)
+        ) {
+            $this->_url = $data['shorturl'];
+        } else {
+            $this->_error = 'Error parsing YOURLS response.';
+        }
+    }
+
+    /**
+     * Returns the (untranslated) error message
+     *
+     * @access public
+     * @return string
+     */
+    public function getError()
+    {
+        return $this->_error;
+    }
+
+    /**
+     * Returns the shortened URL
+     *
+     * @access public
+     * @return string
+     */
+    public function getUrl()
+    {
+        return $this->_url;
+    }
+
+    /**
+     * Returns true if any error has occurred
+     *
+     * @access public
+     * @return bool
+     */
+    public function isError()
+    {
+        return !empty($this->_error);
+    }
+}

tpl/bootstrap.php

@@ -7,6 +7,7 @@ $isPage = substr($template, -5) === '-page';
 <html lang="<?php echo I18n::_('en'); ?>">
 	<head>
 		<meta charset="utf-8" />
+		<meta http-equiv="Content-Security-Policy" content="<?php echo I18n::encode($CSPHEADER); ?>">
 		<meta http-equiv="X-UA-Compatible" content="IE=edge">
 		<meta name="viewport" content="width=device-width, initial-scale=1">
 		<meta name="robots" content="noindex" />
@@ -41,7 +42,7 @@ if ($SYNTAXHIGHLIGHTING) :
 endif;
 ?>
 		<noscript><link type="text/css" rel="stylesheet" href="css/noscript.css" /></noscript>
-		<script type="text/javascript" data-cfasync="false" src="js/jquery-3.6.0.js" integrity="sha512-894YE6QWD5I59HgZOGReFYm4dnWc1Qt5NtvYSaNcOP+u1T9qYdvdihz0PPSiiqn/+/3e7Jo4EaG7TubfWGUrMQ==" crossorigin="anonymous"></script>
+		<script type="text/javascript" data-cfasync="false" src="js/jquery-3.6.1.js" integrity="sha512-aVKKRRi/Q/YV+4mjoKBsE4x3H+BkegoM/em46NNlCqNTmUYADjBbeNefNxYV7giUp0VxICtqdrbqU7iVaeZNXA==" crossorigin="anonymous"></script>
 <?php
 if ($QRCODE) :
 ?>
@@ -54,10 +55,10 @@ if ($ZEROBINCOMPATIBILITY) :
 <?php
 endif;
 ?>
-		<script type="text/javascript" data-cfasync="false" src="js/zlib-1.2.11.js" integrity="sha512-Yey/0yoaVmSbqMEyyff3DIu8kCPwpHvHf7tY1AuZ1lrX9NPCMg87PwzngMi+VNbe4ilCApmePeuKT869RTcyCQ==" crossorigin="anonymous"></script>
+		<script type="text/javascript" data-cfasync="false" src="js/zlib-1.2.13.js" integrity="sha512-Lv4PCbSge8B4odE2blatgggJ/mkX1Ak21e7jL8mY3vzrVHS8FGsrEoqCrizxIJB4sW3T2w5Q+RG7hhUvp7+9tw==" crossorigin="anonymous"></script>
 		<script type="text/javascript" data-cfasync="false" src="js/base-x-4.0.0.js" integrity="sha512-nNPg5IGCwwrveZ8cA/yMGr5HiRS5Ps2H+s0J/mKTPjCPWUgFGGw7M5nqdnPD3VsRwCVysUh3Y8OWjeSKGkEQJQ==" crossorigin="anonymous"></script>
 		<script type="text/javascript" data-cfasync="false" src="js/rawinflate-0.3.js" integrity="sha512-g8uelGgJW9A/Z1tB6Izxab++oj5kdD7B4qC7DHwZkB6DGMXKyzx7v5mvap2HXueI2IIn08YlRYM56jwWdm2ucQ==" crossorigin="anonymous"></script>
-		<script type="text/javascript" data-cfasync="false" src="js/bootstrap-3.3.7.js" integrity="sha512-iztkobsvnjKfAtTNdHkGVjAYTrrtlC7mGp/54c40wowO7LhURYl3gVzzcEqGl/qKXQltJ2HwMrdLcNUdo+N/RQ==" crossorigin="anonymous"></script>
+		<script type="text/javascript" data-cfasync="false" src="js/bootstrap-3.4.1.js" integrity="sha512-oBTprMeNEKCnqfuqKd6sbvFzmFQtlXS3e0C/RGFV0hD6QzhHV+ODfaQbAlmY6/q0ubbwlAM/nCJjkrgA3waLzg==" crossorigin="anonymous"></script>
 <?php
 if ($SYNTAXHIGHLIGHTING) :
 ?>
@@ -66,13 +67,13 @@ if ($SYNTAXHIGHLIGHTING) :
 endif;
 if ($MARKDOWN) :
 ?>
-		<script type="text/javascript" data-cfasync="false" src="js/showdown-2.0.0.js" integrity="sha512-UB9jpMTOJLSnVzePuqlSGT34G70wEGqtIWabMeAh+Drnj4/uQ8rFkFn1zkN9vkWp/7nA51U2LmP23H5MJvBXsw==" crossorigin="anonymous"></script>
+		<script type="text/javascript" data-cfasync="false" src="js/showdown-2.1.0.js" integrity="sha512-WYXZgkTR0u/Y9SVIA4nTTOih0kXMEd8RRV6MLFdL6YU8ymhR528NLlYQt1nlJQbYz4EW+ZsS0fx1awhiQJme1Q==" crossorigin="anonymous"></script>
 <?php
 endif;
 ?>
-		<script type="text/javascript" data-cfasync="false" src="js/purify-2.3.6.js" integrity="sha512-N1GGPjbqLbwK821ZN7C925WuTwU4aDxz2CEEOXQ6/s6m6MBwVj8fh5fugiE2hzsm0xud3q7jpjZQ4ILnpMREYQ==" crossorigin="anonymous"></script>
+		<script type="text/javascript" data-cfasync="false" src="js/purify-2.4.6.js" integrity="sha512-+jcx+EqNbaFT4OHS86zGwU1SNAAZ7hG2pJlwMpXoe9AvTp37BrXMQ29g2GhdyQHTvYWaNlTQIkWXYM0Lvt8GiQ==" crossorigin="anonymous"></script>
 		<script type="text/javascript" data-cfasync="false" src="js/legacy.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-LYos+qXHIRqFf5ZPNphvtTB0cgzHUizu2wwcOwcwz/VIpRv9lpcBgPYz4uq6jx0INwCAj6Fbnl5HoKiLufS2jg==" crossorigin="anonymous"></script>
-		<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-PTOcxIWIPWCnb5vC4fmQDMqYGerwsu3AndVyPxn9NlQffIWYMPf/p28Z9SIygXsmcYjmTRmUiW5y7df63mNTfg==" crossorigin="anonymous"></script>
+		<script type="text/javascript" data-cfasync="false" src="js/privatebin.js?<?php echo rawurlencode($VERSION); ?>" integrity="sha512-ST1B/QBH9m/TImh2pzKU88qbgwqto4N34X8bnn9+Iuye3x2pTb3aMiX5gU4gh15T7HCTw2jehB9+BtC6a/M81A==" crossorigin="anonymous"></script>
 		<!-- icon -->
 		<link rel="apple-touch-icon" href="<?php echo I18n::encode($BASEPATH); ?>img/apple-touch-icon.png" sizes="180x180" />
 		<link rel="icon" type="image/png" href="img/favicon-32x32.png" sizes="32x32" />
@@ -84,7 +85,7 @@ endif;
 		<meta name="theme-color" content="#ffe57e" />
 		<!-- Twitter/social media cards -->
 		<meta name="twitter:card" content="summary" />
-		<meta name="twitter:title" content="<?php echo I18n::_('Encrypted note on PrivateBin') ?>" />
+		<meta name="twitter:title" content="<?php echo I18n::_('Encrypted note on %s', I18n::_($NAME)) ?>" />
 		<meta name="twitter:description" content="<?php echo I18n::_('Visit this link to see the note. Giving the URL to anyone allows them to access the note, too.') ?>" />
 		<meta name="twitter:image" content="<?php echo I18n::encode($BASEPATH); ?>img/apple-touch-icon.png" />
 		<meta property="og:title" content="<?php echo I18n::_($NAME); ?>" />