From 3ba5537c1e3eb9257545641cbf75777a89837b0b Mon Sep 17 00:00:00 2001
From: Zack Scholl <zack.scholl@gmail.com>
Date: Wed, 22 Mar 2017 08:09:09 -0600
Subject: [PATCH] Make sure is not encrypted before performing self destruct

Former-commit-id: e0e540845dd56b55a7f88cddab6f75293318784c [formerly 6304d826ec6c5d7ce7f5c1dc6e821f0ba3488c30] [formerly 50ff4ab9306b5a0f2371699ece8b0baa6e49672f [formerly ff49e21ecc13dead120b64e97887239b92d4f312]]
Former-commit-id: 7212147366f26318f0ce4363edbc977fd688da8e [formerly c8604e60d2eae61659622a1b0424cbe6e74bb927]
Former-commit-id: 3fb6fd7b4e514fcd5e9a9867efd3dcd6819cb893
---
 handlers.go          | 36 ++++++++++++++++++++++++------------
 page.go              | 27 ---------------------------
 templates/index.html | 36 ++++++++++++++++++++++++++----------
 utils.go             | 34 ++++++++++++++++++++++++++++++++--
 4 files changed, 82 insertions(+), 51 deletions(-)

diff --git a/handlers.go b/handlers.go
index 75b1e6e..3fc7b3e 100755
--- a/handlers.go
+++ b/handlers.go
@@ -35,7 +35,7 @@ func handlePageRequest(c *gin.Context) {
 	command := c.Param("command")
 	version := c.DefaultQuery("version", "ajksldfjl")
 	p := Open(page)
-	if p.IsPrimedForSelfDestruct && !p.IsLocked {
+	if p.IsPrimedForSelfDestruct && !p.IsLocked && !p.IsEncrypted {
 		p.Update("*This page has now self-destructed.*\n\n" + p.Text.GetCurrent())
 		p.Erase()
 	}
@@ -52,7 +52,7 @@ func handlePageRequest(c *gin.Context) {
 		versionText, err := p.Text.GetPreviousByTimestamp(int64(versionInt))
 		if err == nil {
 			rawText = versionText
-			rawHTML = MarkdownToHtml(rawText)
+			rawHTML = GithubMarkdownToHTML(rawText)
 		}
 	}
 	c.HTML(http.StatusOK, "index.html", gin.H{
@@ -105,9 +105,16 @@ func handlePrime(c *gin.Context) {
 	}
 	log.Trace("Update: %v", json)
 	p := Open(json.Page)
+	if p.IsLocked {
+		c.JSON(http.StatusOK, gin.H{"success": false, "message": "Locked"})
+		return
+	} else if p.IsEncrypted {
+		c.JSON(http.StatusOK, gin.H{"success": false, "message": "Encrypted"})
+		return
+	}
 	p.IsPrimedForSelfDestruct = true
 	p.Save()
-	c.JSON(http.StatusOK, gin.H{"success": true})
+	c.JSON(http.StatusOK, gin.H{"success": true, "message": "Primed"})
 }
 
 func handleLock(c *gin.Context) {
@@ -152,6 +159,7 @@ func handleEncrypt(c *gin.Context) {
 		return
 	}
 	p := Open(json.Page)
+	q := Open(json.Page)
 	var message string
 	if p.IsEncrypted {
 		decrypted, err2 := DecryptString(p.Text.GetCurrent(), json.Passphrase)
@@ -159,20 +167,24 @@ func handleEncrypt(c *gin.Context) {
 			c.JSON(http.StatusOK, gin.H{"success": false, "message": "Wrong password"})
 			return
 		}
-		p.Erase()
-		p = Open(json.Page)
-		p.Update(decrypted)
-		p.IsEncrypted = false
+		q.Erase()
+		q = Open(json.Page)
+		q.Update(decrypted)
+		q.IsEncrypted = false
+		q.IsLocked = p.IsLocked
+		q.IsPrimedForSelfDestruct = p.IsPrimedForSelfDestruct
 		message = "Decrypted"
 	} else {
 		currentText := p.Text.GetCurrent()
-		p.Erase()
-		p = Open(json.Page)
-		p.IsEncrypted = true
 		encrypted, _ := EncryptString(currentText, json.Passphrase)
-		p.Update(encrypted)
+		q.Erase()
+		q = Open(json.Page)
+		q.Update(encrypted)
+		q.IsEncrypted = true
+		q.IsLocked = p.IsLocked
+		q.IsPrimedForSelfDestruct = p.IsPrimedForSelfDestruct
 		message = "Encrypted"
 	}
-	p.Save()
+	q.Save()
 	c.JSON(http.StatusOK, gin.H{"success": true, "message": message})
 }
diff --git a/page.go b/page.go
index 5b03655..37f16ce 100755
--- a/page.go
+++ b/page.go
@@ -1,14 +1,11 @@
 package main
 
 import (
-	"encoding/base32"
 	"encoding/json"
 	"io/ioutil"
 	"os"
 	"path"
 
-	"github.com/microcosm-cc/bluemonday"
-	"github.com/russross/blackfriday"
 	"github.com/schollz/versionedtext"
 )
 
@@ -52,20 +49,6 @@ func (p *Page) Render() {
 	p.RenderedPage = MarkdownToHtml(p.Text.GetCurrent())
 }
 
-func MarkdownToHtml(s string) string {
-	unsafe := blackfriday.MarkdownCommon([]byte(s))
-	pClean := bluemonday.UGCPolicy()
-	pClean.AllowElements("img")
-	pClean.AllowAttrs("alt").OnElements("img")
-	pClean.AllowAttrs("src").OnElements("img")
-	pClean.AllowAttrs("class").OnElements("a")
-	pClean.AllowAttrs("href").OnElements("a")
-	pClean.AllowAttrs("id").OnElements("a")
-	pClean.AllowDataURIImages()
-	html := pClean.SanitizeBytes(unsafe)
-	return string(html)
-}
-
 func (p *Page) Save() error {
 	bJSON, err := json.MarshalIndent(p, "", " ")
 	if err != nil {
@@ -77,13 +60,3 @@ func (p *Page) Save() error {
 func (p *Page) Erase() error {
 	return os.Remove(path.Join(pathToData, encodeToBase32(p.Name)+".json"))
 }
-
-func encodeToBase32(s string) string {
-	return base32.StdEncoding.EncodeToString([]byte(s))
-}
-
-func decodeFromBase32(s string) (s2 string, err error) {
-	bString, err := base32.StdEncoding.DecodeString(s)
-	s2 = string(bString)
-	return
-}
diff --git a/templates/index.html b/templates/index.html
index 2ea44a3..fa41112 100755
--- a/templates/index.html
+++ b/templates/index.html
@@ -9,6 +9,9 @@
         <link rel="stylesheet" type="text/css" href="/static/css/github-markdown.css">
         <link rel="stylesheet" type="text/css" href="/static/css/menus-min.css">
         <link rel="stylesheet" type="text/css" href="/static/css/base-min.css">
+        <link rel="stylesheet" href="//cdnjs.cloudflare.com/ajax/libs/highlight.js/9.10.0/styles/default.min.css">
+        <script src="//cdnjs.cloudflare.com/ajax/libs/highlight.js/9.10.0/highlight.min.js"></script>
+        <script type="text/javascript" src="/static/js/highlight.pack.js"></script>
 
         <style type="text/css">
             body {
@@ -216,10 +219,32 @@
                     }
                 });
 
+                $("textarea").keydown(function(e) {
+                    if(e.keyCode === 9) { // tab was pressed
+                        // get caret position/selection
+                        var start = this.selectionStart;
+                        var end = this.selectionEnd;
+
+                        var $this = $(this);
+                        var value = $this.val();
+
+                        // set textarea value to: text before caret + tab + text after caret
+                        $this.val(value.substring(0, start)
+                                    + "\t"
+                                    + value.substring(end));
+
+                        // put caret at right position again (add one for the tab)
+                        this.selectionStart = this.selectionEnd = start + 1;
+
+                        // prevent the focus lose
+                        e.preventDefault();
+                    }
+                });
+
             }); //]]>
 
         </script>
-
+        <script>hljs.initHighlightingOnLoad();</script>
 
     </head>
 
@@ -263,16 +288,7 @@
 
 
 
-        <script>
-            // tell the embed parent frame the height of the content
-            if (window.parent && window.parent.parent) {
-                window.parent.parent.postMessage(["resultsFrame", {
-                    height: document.body.getBoundingClientRect().height,
-                    slug: "s805xL01"
-                }], "*")
-            }
 
-        </script>
 
     </body>
 
diff --git a/utils.go b/utils.go
index 913791f..086cacd 100644
--- a/utils.go
+++ b/utils.go
@@ -2,6 +2,7 @@ package main
 
 import (
 	"crypto/sha256"
+	"encoding/base32"
 	"encoding/binary"
 	"encoding/hex"
 	"io/ioutil"
@@ -11,11 +12,13 @@ import (
 	"strings"
 	"time"
 
-	"golang.org/x/crypto/bcrypt"
-
 	"github.com/jcelliott/lumber"
+	"github.com/microcosm-cc/bluemonday"
+	"github.com/russross/blackfriday"
 	"github.com/schollz/cryptopasta"
 	"github.com/sergi/go-diff/diffmatchpatch"
+	"github.com/shurcooL/github_flavored_markdown"
+	"golang.org/x/crypto/bcrypt"
 )
 
 var animals []string
@@ -214,3 +217,30 @@ func exists(path string) bool {
 	}
 	return true
 }
+
+func MarkdownToHtml(s string) string {
+	unsafe := blackfriday.MarkdownCommon([]byte(s))
+	pClean := bluemonday.UGCPolicy()
+	pClean.AllowElements("img")
+	pClean.AllowAttrs("alt").OnElements("img")
+	pClean.AllowAttrs("src").OnElements("img")
+	pClean.AllowAttrs("class").OnElements("a")
+	pClean.AllowAttrs("href").OnElements("a")
+	pClean.AllowAttrs("id").OnElements("a")
+	pClean.AllowDataURIImages()
+	html := pClean.SanitizeBytes(unsafe)
+	return string(html)
+}
+
+func GithubMarkdownToHTML(s string) string {
+	return string(github_flavored_markdown.Markdown([]byte(s)))
+}
+func encodeToBase32(s string) string {
+	return base32.StdEncoding.EncodeToString([]byte(s))
+}
+
+func decodeFromBase32(s string) (s2 string, err error) {
+	bString, err := base32.StdEncoding.DecodeString(s)
+	s2 = string(bString)
+	return
+}