Mirrors/PrivateBin
1
0
Fork 0
mirror of https://github.com/PrivateBin/PrivateBin.git synced 2026-01-23 02:35:23 +00:00
Code Issues Projects Releases Wiki Activity
4407 commits 9 branches 40 tags 33 MiB
Commit graph

694 commits

Author SHA1 Message Date
El RIDO
348d36d6ee
prefer DirectoryIterator for readability, also test jbo translation, log deletion errors 2025-11-20 09:13:15 +01:00
El RIDO
3146d41609
apply StyleCI recommendation 2025-11-20 08:28:50 +01:00
El RIDO
b4db5f8e57
apply null coalescing operator, strict equality, avoid aliases, prefer empty 2025-11-20 08:19:14 +01:00
El RIDO
fc4a92e6a4
apply Scrutinizer fix 2025-11-19 19:40:05 +01:00
El RIDO
9c5ba6ffc3
apply StyleCI recommendation 2025-11-19 19:26:00 +01:00
El RIDO
69e5fc1b05
apply null coalescing operator 2025-11-19 19:24:17 +01:00
El RIDO
c8643f187e
apply null coalescing operator 
Co-authored-by: Mikhail Romanov <42250412+Ribas160@users.noreply.github.com>
 2025-11-19 18:45:35 +01:00
El RIDO
0e2055d54a
remove unnecessary variable 2025-11-19 11:15:28 +01:00
El RIDO
3caf3214f1
apply StyleCI recommendation 2025-11-19 10:02:15 +01:00
El RIDO
528f2f7221
fix PHP 7.4 compatibility 2025-11-19 09:59:54 +01:00
El RIDO
baa79e12e8
apply StyleCI recommendation 2025-11-19 09:57:08 +01:00
El RIDO
3a23117ebf
Refactored translation of exception messages 2025-11-19 09:36:40 +01:00
El RIDO
3e6f1733f9
refactored exceptions in controller 
- added missing exception doc blocks
- introduced exception type that translates message during construction
- catch explicit exception types where possible
 2025-11-19 09:36:39 +01:00
El RIDO
e26bcfa733
apply StyleCI recommendation 2025-11-14 10:21:57 +01:00
El RIDO
d78c33438d
refactor JSON response processing 
- avoid translating JSON error messages twice
- separation of concerns, JSON response preparation should not mix handling errors and results, provide two functions instead of one
- callers of JSON error method are responsible for translation of errors
 2025-11-14 10:04:41 +01:00
El RIDO
19ca6d3dab
incrementing version 2025-11-12 08:00:50 +01:00
El RIDO
bddfb173da
Merge branch 'master' into advisory-fix-1 2025-11-12 07:47:43 +01:00
El RIDO
5b85d63942
Merge branch 'master' into advisory-fix-1 2025-11-12 07:18:43 +01:00
El RIDO
e427458cd0 Merge branch 'master' into advisory-fix-1 2025-11-11 22:00:09 +01:00
Ribas160
08b3244314
privatebin.js SRI and CHANGELOG.md updated 2025-11-11 20:13:10 +02:00
El RIDO
2e11b13464
remove dead code 2025-11-11 17:56:49 +01:00
El RIDO
c35fc4f790
use more straight forward in_array check 
kudos @Ribas160 for the suggestion
 2025-11-11 17:53:50 +01:00
El RIDO
f456fb576e
ensure template cookie cannot be a path 2025-11-11 17:52:48 +01:00
Ribas160
9c71fbcc70
Use pure JavaScript to create a div element 2025-11-11 17:45:27 +02:00
El RIDO
a371f5cab5
remove dead code 2025-11-11 12:49:37 +01:00
El RIDO
94a854faca
do add the configured template to the available ones, if missing 2025-11-11 10:59:55 +01:00
El RIDO
ea73300e15
don't always set the cookie, having to unset it later 
but still unset it, if it currently should not be in use (templateselection = false)
 2025-11-11 09:45:51 +01:00
El RIDO
be6a3702fc
simplify logic and improve readability 
function was only used in one place and only indirectly tested, so it could be inlined, which also makes the test for null and the extra variable allocation unnecessary
 2025-11-11 09:43:41 +01:00
El RIDO
f2164353c3
use realpath and validate tpl directory contents 
to ensure only php files inside the tpl dir can get used as templates
 2025-11-11 09:34:54 +01:00
El RIDO
dae5f7fd61
partially revert #1559 
Instead of automatically adding custom templates, we log an error if
that template is missing in the available templates. Still mitigates
arbitrary file inclusion, as the string is now checked against a fixed
allow list.
 2025-11-10 17:31:35 +01:00
Ribas160
14b68af528
Insert drag and drop file names as a text, not html 2025-11-10 17:59:18 +02:00
El RIDO
a479d75405
belt and braces: reset the template cookie, if function is not enabled 2025-11-10 12:25:19 +01:00
El RIDO
17ff44037a
prevent use of paths in template names, only file names inside tpl directory are allowed 2025-11-10 12:23:50 +01:00
El RIDO
13949349af
improve readability of logic 2025-11-10 12:22:29 +01:00
Ribas160
a7b253a43a
fix: error fetching attachments from blob 2025-11-05 17:33:08 +02:00
El RIDO
a91d0afebd
ensure there is still a space between commenter icon and name 2025-10-28 16:35:58 +01:00
El RIDO
2f70456e9a
incrementing version 2025-10-28 16:08:13 +01:00
El RIDO
43cf8b53ac
Merge branch 'master' into purify-3.3.0 2025-10-28 11:27:17 +01:00
El RIDO
c4f8482b30
Refactored jQuery DOM element creation 
using plain JavaScript, to ensure text nodes are sanitized
 2025-10-25 12:56:55 +02:00
El RIDO
fd2c2ae0c5
update DOMpurify library from 3.2.7 to 3.3.0 2025-10-25 10:52:40 +02:00
El RIDO
0bfa300c59
apply StyleCI recommendation 2025-10-12 18:40:48 +02:00
El RIDO
d76796adf3
deduplicate logic 2025-10-12 18:39:36 +02:00
El RIDO
60bab2badb
make OPcache optional, resolves #1678 2025-10-12 18:19:46 +02:00
El RIDO
6054e99849
ensure PHP opcache gets invalidated, when storing data in file parsed via PHP require 2025-10-12 11:39:58 +02:00
El RIDO
9b7daf5d0a
incrementing version 2025-10-12 08:50:13 +02:00
El RIDO
06496a1b0e
update bootstrap CSS library from 5.3.7 to 5.3.8 2025-10-09 09:24:08 +02:00
El RIDO
ed9bdc4272
update DOMpurify library from 3.2.6 to 3.2.7 2025-10-09 08:57:20 +02:00
El RIDO
e7c2aa4d60
address eslint errors 2025-10-07 00:11:49 +02:00
El RIDO
85962a537a
fix php unit tests & SRI hash 2025-10-06 23:53:13 +02:00
El RIDO
7f93242279
upgrade eslint config and remove workaround for implicit globals 
we seem to have used eslint through codeclimate in the past, but that service seems no longer integrated, possibly due to no longer being free
 2025-10-06 18:30:19 +02:00