* added html and js to the default allowed files
* added an example cronjob file which can be used
to clean old pastes. See clean-cronjob.txt for more
- detals
+ details
+* Multiple secrets are now supported
2020101 version 0.3-beta Lithium
* Update information now included
-* small footprint
-* multiple secrets
Apache >= 2.4
- mod_deflate
- mod_rewrite
-- htaccess support
+- htaccess support AllowOverride All
Bash, curl and jq for included bash client
\ No newline at end of file
If you update from a previous version make sure every update step is done
-since your current used version.
\ No newline at end of file
+since your current used version.
+
+## 0.4-beta Beryllium
+Update your config.php to reflect the following updates.
+selfpaste does now support the usage of multiple secrets.
+The usage is written into create.log
+define('SELFPASTE_UPLOAD_SECRET',
+ array(
+ 'PLEASE CHANGE YOUR SECRET' => 'Your description for this secret 1',
+ 'PLEASE_2' => 'Your description for this secret'
+ )
+);
+# creation of a paste and which secret was used into logs/create.log file
+define('LOG_CREATION',true);
\ No newline at end of file
# this is your installation secret. Could be anything.
# Think of it as a key. Change it often to avoid any abuse.
-define('SELFPASTE_UPLOAD_SECRET','PLEASE CHANGE YOUR SECRET');
+# The description will be used in the log files
+define('SELFPASTE_UPLOAD_SECRET',
+ array(
+ 'PLEASE CHANGE YOUR SECRET' => 'Your description for this secret 1',
+ 'PLEASE CHANGE YOUR SECRET' => 'Your description for this secret'
+ )
+);
+# creation of a paste and which secret was used into logs/create.log file
+define('LOG_CREATION',true);
# this is the default storage location. If you decide to move, then make sure
# to move the included .htaccess with it to protect the direct access
define('SELFPASTE_UPLOAD_DIR','pasties');
}
}
+define('ERROR_LOG_FILE','./logs/error.log');
+define('CREATE_LOG','./logs/create.log');
+
# error reporting
ini_set('log_errors',true);
-ini_set('error_log','./logs/error.log');
+ini_set('error_log',ERROR_LOG_FILE);
if(DEBUG === true) {
ini_set('display_errors',true);
}
$_create = false;
if(isset($_POST['dl']) && !empty($_POST['dl'])
&& isset($_FILES['pasty']) && !empty($_FILES['pasty'])
- && $_POST['dl'] === SELFPASTE_UPLOAD_SECRET) {
+ && isset(SELFPASTE_UPLOAD_SECRET[$_POST['dl']])) {
$_create = true;
}
$_message = $_do['message'];
if($_do['status'] === true) {
$httpResponseCode = 200;
+ if(defined('LOG_CREATION') && LOG_CREATION === true) {
+ error_log(date("c")." ".$_message." ".SELFPASTE_UPLOAD_SECRET[$_POST['dl']]."\n",3,CREATE_LOG);
+ }
}
}
require_once 'view/'.$contentView.'.inc.php';
}
else {
- error_log('Content body file missing. '.var_export($_SERVER,true),3,'./logs/error.log');
+ error_log('Content body file missing. '.var_export($_SERVER,true),3,ERROR_LOG_FILE);
http_response_code(400);
die('Well, something went wrong...');
}
\ No newline at end of file
projects / selfpaste.git / commitdiff