diff options
Diffstat (limited to 'paste')
-rw-r--r-- | paste/include/storage/MysqlStorage.php | 6 | ||||
-rw-r--r-- | paste/include/storage/StorageEngine.php | 10 |
2 files changed, 11 insertions, 5 deletions
diff --git a/paste/include/storage/MysqlStorage.php b/paste/include/storage/MysqlStorage.php index 8e16536..fe28007 100644 --- a/paste/include/storage/MysqlStorage.php +++ b/paste/include/storage/MysqlStorage.php @@ -114,7 +114,7 @@ INDEX (nick) global $config; if ($stmt = $this->mysql->prepare( - 'SELECT nick, language, content, description, time FROM ' . $this->table . ' + 'SELECT nick, language, content, description, time, remote FROM ' . $this->table . ' WHERE pid = ? LIMIT 1')) { $stmt->bind_param('s', $pid); @@ -126,7 +126,7 @@ INDEX (nick) $this->mysql->error); } - $stmt->bind_result($nick, $lang, $content, $description, $time); + $stmt->bind_result($nick, $lang, $content, $description, $time, $remote); if (!$stmt->fetch()) { header('HTTP/1.0 404 Not Found'); @@ -139,7 +139,7 @@ INDEX (nick) if (isset($config['short_results_path'])) $get_url = $config['short_results_path'] . $pid . '.html'; - $remove_url = $config['site_domain'] . $config['site_path'] . 'remove.php?p=' . $pid . '&t=' . $this->generateToken($pid); + $remove_url = $config['site_domain'] . $config['site_path'] . 'remove.php?p=' . $pid . '&t=' . $this->generateToken($pid, $remote); echo PastifyText($content, $lang, $description, $get_url, $remove_url); } } diff --git a/paste/include/storage/StorageEngine.php b/paste/include/storage/StorageEngine.php index db6e34b..09e1676 100644 --- a/paste/include/storage/StorageEngine.php +++ b/paste/include/storage/StorageEngine.php @@ -38,11 +38,17 @@ abstract class StorageEngine abstract public function getContent($pid); abstract public function delContent($pid); - public function generateToken($name) + public function generateToken($name, $remote = '') { global $config; - $ipAddr = $_SERVER["REMOTE_ADDR"]; + if (! empty($remote)) { + $ipAddr = $remote; + } + else { + $ipAddr = $_SERVER["REMOTE_ADDR"]; + } + return sha1($name . $ipAddr . $config['token_salt']); } } |