[PHP] Pastebin

Talk about any languages right here. Share and discuss source, but don't expect your homework to be done for you.
Post Reply
User avatar
Aiden
Administrator
Posts: 1080
Joined: Tue Oct 31, 2006 11:11 pm
Location: /usr/bin/perl

[PHP] Pastebin

Post by Aiden » Fri Aug 14, 2009 1:20 am

Aside from the (GeSHI) syntax highlighting, I coded this pastebin software from scratch for GeekNook. The entire site is open source, and this is the first of the projects to be released to the public. The pastebin is one .php file.

Code: Select all

<?php

	/*
	 *  The GeekNook Pastebin
	 *  By Andrew Brown
	 *  Current version as of Friday, August 14, 2009.
	 *  This source code is released as open source by the GeekNook community.
	 *  
	 *  In order to use this script, you will need a mySQL database already 
	 *  configured.  The database should have the following columns:
	 *  ID,  Timestamp,  Author,  Language,  Code,  Title,  Description
	 *     
	 *  Before the following code, you must connect to the mySQL database
	 *  with PHP's mysql_connect() function.  
	 *
	 *  You must also download the GeSHI syntax highlighter.  You can find it
	 *  at http://sourceforge.net/projects/geshi/files/.
	 *
	 *  TODO:
	 *    - Implement a system that keeps track of changes when someone 
	 *      edits another paste.
	 *    - When copying and pasting code from the pastebin, it includes the
	 *      line numbers.  Remove this.  
	 *
	 */
	 
?>

<h1>The GeekNook Pastebin</h1>
<?php

	/* 
		The GeekNook infrastructure uses an .htaccess redirect to
		keep supporting files organized.  The GeekNook pastebin is
		located at http://www.geeknook.org/p/pastebin/, which 
		redirects to http://www.geeknook.org/index.php?page=pastebin.
		Pastes are located in a URL like 
		http://www.geeknook.org/p/pastebin/47/, which redirects to
		http://www.geeknook.org/index.php?page=pastebin&query=47/.
		
		The following if statement extracts information out of the 
		query string, in order to determine whether a paste is trying
		to be viewed, and if so, what paste.  
		
	*/
	if (strlen($_GET['query']) > 0) {
		$id = $_GET['query'];

		# Strip a preceding forward slash if at the beginning of the 
		# query string
		if (strpos($id, '/') == 0) {
			$id = substr($id, 1);
			$id = substr($id, 0, strpos($id, '/'));
		}
		
		# If another forward slash exists in the query string, return
		# everything from the beginning up until that first forward 
		# slash.  This is our unique paste ID.
		if (strpos($id, '/') > 0) {
			$id = substr($id, 0, strpos($id, '/'));
		}

		# This checks to make sure the ID is numeric, to prevent any 
		# XSS or SQLI attacks.  If the ID is anything but numeric, an
		# error flag is thrown and the default pastebin homepage is 
		# shown later.
		if (!is_numeric($id)) {
			$error = 1;
			$id = 0;           # Remove any traces of what *could* be
			                   # malicious.
			$viewPaste = -1;
		} else {
			$viewPaste = $id;
		}
		
		# After everything is done, our sanitized ID of the paste (if
		# it exists) will be held in $viewPaste.
		
	}
	
	/*
	
		The pastebin code is split into three main sections.
			1. The front page, where users can paste new pastes
			2. A processing section, where new pastes that where submitted
			   from section 1 are entered into the database.
			3. A viewing section, which displays a paste.
	
	*/

	# Section 1: Front Page
	if (!isset($_POST['code']) && !$viewPaste) {
		# If (not submitting new code) and (not viewing a paste) {
?>
		<form method="POST">
		
			<textarea name="code" id="code" style="height:452px; width:478px;"></textarea>
					
			<h2>Paste Information</h2>
			<div>
				
				<div>
					<label for="language">Language:</label>
					<select id="language" name="language">
						<option value="None">None</option>
						<option value="C++">C++</option>
						<option value="C">C</option>
						<option value="HTML">HTML</option>
						<option value="Javascript">Javascript</option>
						<option value="CSS">CSS</option>
						<option value="Perl">Perl</option>
						<option value="PHP">PHP</option>
						<option value="Python">Python</option>
						<option value="Ruby">Ruby</option>
						<option value="Bash">Bash</option>
						<option value="Java">Java</option>
					</select>
				</div>
		
				<p>
					<label for="author">Author:</label>
					<input type="text" name="author" id="author"<?php if (strlen($_SESSION['fullname']) > 0) { echo ' value="' . $_SESSION['fullname'] . '"'; } ?> />
				</p>
				
				<p>
					<label for="paste_title">Title:</label>
					<input type="text" name="title" id="paste_title" />
				</p>
						
				<p>
					<label for="description">Short Description:</label>
					<input type="text" name="description" id="description" />
				</p>
						
			</div>
					
			<div>
				<input type="submit" value="Paste in this Bin" />
			</div>
				
		</form>
<?php
		# Give viewPaste a value so we can test for it later.  A negative value
		# is the same as no paste.
		$viewPaste = -1;
	}

	# Section 2: Post Processing
	if (isset($_POST['code'])) {
		# Insert a paste into the database
		
		/*
		
			This section of the code uses the GeSHI framework.  It is available at 
			http://sourceforge.net/projects/geshi/files/.
			
			The framework must be included sometime previous to this section, with
			the following code:
				require_once("geshi/geshi.php");
			Assuming the downloaded geshi.php is located at geshi/geshi.php.
		
		*/
					
		$language = $_POST['language'];
		$code = $_POST['code'];
		$author = $_POST['author'];
		if (strlen($author) == 0) { 
			$author = "Anonymous"; 
		}
		$timestamp = time();
		$title = $_POST['title'];
		$description = $_POST['description'];
						
		$query = "SELECT * FROM `pastes`";
		$result = mysql_query($query);
		$id = mysql_num_rows($result) + 1;
					
		$query = sprintf("INSERT INTO `pastes` (`ID`, `Timestamp`, `Author`, `Language`, `Code`, `Title`, `Description`)
			VALUES ('$id', '$timestamp', '%s', '%s', '%s', '%s', '%s');",
				mysql_real_escape_string(htmlentities($author)),
				mysql_real_escape_string(htmlentities($language)),
				mysql_real_escape_string(htmlentities($code)),
				mysql_real_escape_string(htmlentities($title)),
				mysql_real_escape_string(htmlentities($description))
								
			);
							
		$result = mysql_query($query);
		
		$justPosted = True;
		
		# Give $viewPaste a value here.  We give it the ID of the paste we just
		# inserted.  That means it immediately displays, due to Section 3.
		$viewPaste = $id;
				
	}
	
	# Section 3: View Paste
	if ($viewPaste > -1) {
						
		$id = $viewPaste;
					
		$query = "SELECT * FROM `pastes` WHERE `ID` = '$id' LIMIT 1";
		$result = mysql_query($query) or die("Mysql error: " . mysql_error());
		
		# Paste a few messages if we're viewing a paste we just submitted
		if ($justPosted) {
			echo '<blockquote>Paste pasted!</blockquote>';
			echo '<div>Normal URL: <em>http://www.geeknook.org/p/pastebin/' . $id . '/</em> (<a href="/p/pastebin/' . $id . '/">Go</a>)';
			echo '<br />Bare-bones URL: <em>http://www.geeknook.org/p/paste/' . $id . '/</em> (<a href="/p/paste/' . $id . '/">Go</a>)</div>';
		}
		
		# Paste messages whether or not we're viewing a paste we just submitted
		echo '<blockquote>To paste a new paste, <a href="/p/pastebin/">click here</a>.</blockquote>';
						
		if (mysql_num_rows($result) == 0) {
			echo '<h1>Invalid Paste ID</h1>';
			$failed = True;
		} else {
			$result = mysql_fetch_object($result);
			echo '<h1>Viewing paste: ' . stripslashes($result->Title) . ' (<a href="/p/paste/' . $id . '/">View barebones</a>)</h1>';
		}
						
		if (!$failed) {
		
			$language = $result->Language;
							
			$code = stripslashes($result->Code);
			$code = html_entity_decode($code);
		
			$geshi = new GeSHi($code, $language);
			$geshi->enable_line_numbers(GESHI_NORMAL_LINE_NUMBERS);
			$geshi->set_header_type(GESHI_HEADER_NONE);
			$geshi->set_overall_style('font-size:12px;', true);
		
			echo ( $geshi->parse_code() );

		} else {
			echo "An unexpected error occured.  Please try again later.<br />";
		}
	}
?>
"When it takes forever to learn all the rules, no time is left for breaking them."

User avatar
infinite_
Bat Country
Posts: 1353
Joined: Fri Jun 04, 2004 7:19 pm
Location: Australia

Re: [PHP] Pastebin

Post by infinite_ » Fri Aug 14, 2009 7:01 am

That's good work, man. It works nicely on GeekNook.

How long have you been working with PHP?
How long did it take you to get to this point with it?
My effort to help you will never exceed your effort to explain the problem.

User avatar
Aiden
Administrator
Posts: 1080
Joined: Tue Oct 31, 2006 11:11 pm
Location: /usr/bin/perl

Re: [PHP] Pastebin

Post by Aiden » Fri Aug 14, 2009 11:17 am

v0idE wrote:That's good work, man. It works nicely on GeekNook.
Thank's dude! :D
v0idE wrote:How long have you been working with PHP?
I'm not sure exactly - not longer than I year, I'd say.
v0idE wrote:How long did it take you to get to this point with it?
Haha, GeekNook has been under development on and off since the beginning of the year. I finally got serious about developing it around July, and started on the pastebin seriously around the start of June. So... two months? Lol, I'm sure I could have gotten it done much faster if I actually worked on it much more often!
"When it takes forever to learn all the rules, no time is left for breaking them."

User avatar
Kheldar
Apprentice
Posts: 48
Joined: Sat May 30, 2009 12:23 pm

Re: [PHP] Pastebin

Post by Kheldar » Thu Aug 27, 2009 9:33 pm

Wow, nice job.

recently I started looking into php as I got more interested in web development and stuff, and this script has helped stimulate my interest and further my understanding, thanks.

I was taking a look at GeekNook a while ago, but I had no idea that somebody from this site was actually behind it!

Are you GeekNook's sole developer? If so, that's amazing, congrats man.

User avatar
Aiden
Administrator
Posts: 1080
Joined: Tue Oct 31, 2006 11:11 pm
Location: /usr/bin/perl

Re: [PHP] Pastebin

Post by Aiden » Thu Aug 27, 2009 10:18 pm

timidwhitekid wrote:Wow, nice job.

recently I started looking into php as I got more interested in web development and stuff, and this script has helped stimulate my interest and further my understanding, thanks.

I was taking a look at GeekNook a while ago, but I had no idea that somebody from this site was actually behind it!

Are you GeekNook's sole developer? If so, that's amazing, congrats man.
:D :D

I'm glad I can help stir interest in PHP and help! :)

And yeah, I'm behind GeekNook. Although I develop it, the dudes from #hackerthreads IRC channel are the major sources of ideas and beta testing. May I ask how you heard of it / found it?

It's definitely nowhere near complete, but it's definitely making progress.
"When it takes forever to learn all the rules, no time is left for breaking them."

User avatar
Kheldar
Apprentice
Posts: 48
Joined: Sat May 30, 2009 12:23 pm

Re: [PHP] Pastebin

Post by Kheldar » Thu Aug 27, 2009 10:54 pm

drusepth wrote: May I ask how you heard of it / found it?
heh, you posted some code on the geeknook pastebin in a different thread, and from there I saw the rest of the site.

I'm usually idling in the IRC under the nick TwhK, so from now on I'm gonna keep a sharp eye out for geeknook conversation ;).

As for the making progress, as I get more proficient in php, I'd love to contribute to the site, hopefully one day I'll be that good :D.

9c5
n00b
Posts: 12
Joined: Thu Aug 20, 2009 11:40 pm

Re: [PHP] Pastebin

Post by 9c5 » Sun Aug 30, 2009 10:26 am

Great job on that pastebin, I'm familiar with most of what you used however I've never worked with the GeSHi highlighting system but it seems pretty straight forward.

Did you put alot of planning into this? I have a hard time working on any code this size without planning out every single step. In any case it shows dedication and you did a great job documenting your code and keeping it clean.

User avatar
Aiden
Administrator
Posts: 1080
Joined: Tue Oct 31, 2006 11:11 pm
Location: /usr/bin/perl

Re: [PHP] Pastebin

Post by Aiden » Sun Aug 30, 2009 12:28 pm

9c5 wrote:Great job on that pastebin, I'm familiar with most of what you used however I've never worked with the GeSHi highlighting system but it seems pretty straight forward.

Did you put alot of planning into this? I have a hard time working on any code this size without planning out every single step. In any case it shows dedication and you did a great job documenting your code and keeping it clean.
Yeah, there's lots of great documentation for using GeSHI - it's not hard to figure out how to use it. :)

As for planning, I did some flow charts to plan it out. I love flow charts :) The comments were shite until right before I released it, I went back through and cleaned up a lot of the code and added meaningful comments. As of right now, I think the pastebin (pastebin.php) is the second largest page in terms of lines of code, so it took a lot of time to develop and debug and get everything the way it is now. Luckily I have the bastards at #hackerthreads that yell at me and tease me when something doesn't work, so I can quickly get in and fix things ;)
"When it takes forever to learn all the rules, no time is left for breaking them."

ToPoEdiTs
n00b
Posts: 1
Joined: Sun Dec 07, 2014 3:23 pm

Re: [PHP] Pastebin

Post by ToPoEdiTs » Sun Dec 07, 2014 3:27 pm

Hello e installed that on my website and I of .php is nothing nothing only I'm a java developer and when I create a pastebin I get this error
Image
What do you have to do in phpmyadmin? I leave here my website I hope your help thanks.
http://topoedits.com/Others/Paste.php

User avatar
Cool_Fire
Not a sandwich
Posts: 1912
Joined: Fri May 09, 2003 1:20 pm
Location: 41 6d 73 74 65 72 64 61 6d
Contact:

Re: [PHP] Pastebin

Post by Cool_Fire » Tue Dec 09, 2014 3:08 pm

You don't need to do anything in phpmyadmin, you need to fix the config of your php pastebin script. It's set to not use a password (or it's not properly configured) so it's unable to connect to your database.

But, why isn't this something you asked your webhoster about? I don't mind answering the question but this isn't exactly a webhosting support forum.

Either that or you need to configure a database with the username you see in the error and no password, but I wouldn't recommend that.
If we're breaking the rules, then how come you can't catch us? You can't find us? I know why. Cause, it's ... MAGIC!
Hackerthreads chat, where the party is going 24/7.

Post Reply