This is a read-only snapshot of the ComputerCraft forums, taken in April 2020.
ComputerCraftPrograms
H4X0RZ's profile picture

Backspace | The Opensource Pastebin Alternative

Started by H4X0RZ, 09 October 2015 - 11:31 PM
H4X0RZ #1

H4X0RZ's profile picture

1583 posts

Location Germany

Posted 10 October 2015 - 01:31 AM
Backspace

What is Backspace?Backspace is, to make it short, a snippet store. It allows you to upload small snippets (actually the code can be any size, but it was intended for small stuff) and makes them "more accessible". It features a minimalistic (you'll know what I mean when you saw it) web front-end which allows you to upload the snippets.

Where can I get it?Please Refer to #8 for the CC API.

The web front-end is located here.

(As of #7 the code is now open-source.)

How do I use it?//EDIT: Backspace now became an API. Refer to #8 for the documentation.

How do I write a snippet?You can basically put anything into the code, but if you want it to be loadable with backspace.require(…) you have to follow a simple design change over the "normal" API.

local myAPI = {} --Create a table which will hold all the PUBLIC functions of your API (PRIVATE functions should be normal local functions which are NOT inside the table). If you want you could add a metatable and that stuff too. (read-only tables and that stuff)
function myAPI.doSomething()
  print("Hi there. This is myAPI.")
end

return myAPI -- Return the table you created earlier.
OR (if you want the API to be 1. global and 2. have a specific name which makes it like it was os.loadAPI'd)

local myAPI = {}
function myAPI()
  print("Hi there. THis is myAPI")
end

_G["myGlobalAPI"] = myAPI

Wait a minute... How secure is that site?To be honest, I'm not entirely sure how secure it actually is.
But it should be invulnerable to SQL-injection and your passwords are hashed using SHA256 (in your browser) and another time with SHA256 on the server, so I guess it is pretty secure.

The only downside is that I can only guarantee that the stuff in the original store is using these algorithms etc. In another store it doesn't have to hash your passwords, or don't even require a login at all. Also someone could easily impersonate you on an other store.

Changelog
  • 2015/10/9
    • Released to the public.
  • 2015/10/10
    • Fixed /post route. Now it informs you about the fields you have to fill. (basically every field. Now it just forces you to enter something into all of the fields)
  • 2016/02/01
    • Added much stuff. Too much to list here.

Hope someone likes it,

~H4X0RZ
Edited on 01 February 2016 - 09:18 PM
Lupus590 #2

Lupus590's profile picture

2427 posts

Location UK

Posted 10 October 2015 - 01:43 AM
so it's a repository for things like this? for pieces of code which do nothing on their own but are useful in many different programs?
Edited on 10 October 2015 - 12:56 PM
H4X0RZ #3

H4X0RZ's profile picture

1583 posts

Location Germany

Posted 10 October 2015 - 02:04 AM
Lupus590, on 10 October 2015 - 01:43 AM said:
so it's a repository for things like this? for pieces of code which do nothing on their own but are useful in many ddifferent programs?

Yep. Backspace is meant for anything ranging from a simple "centerPrint" function to a complex API and beyond.
Creator #4

Creator's profile picture

2679 posts

Location You will never find me, muhahahahahaha

Posted 10 October 2015 - 08:27 AM
This is extremely cool.
Exerro #5

Exerro's profile picture

797 posts

Posted 10 October 2015 - 08:54 AM
This is indeed extremely cool. I plan on using this a lot. Any chance I could make a front-end for it with Flare?
H4X0RZ #6

H4X0RZ's profile picture

1583 posts

Location Germany

Posted 10 October 2015 - 11:38 AM
awsumben13, on 10 October 2015 - 08:54 AM said:
This is indeed extremely cool. I plan on using this a lot. Any chance I could make a front-end for it with Flare?
Sure! :)/>/>
Edited on 10 October 2015 - 09:38 AM
H4X0RZ #7

H4X0RZ's profile picture

1583 posts

Location Germany

Posted 11 October 2015 - 03:23 AM
Update:

just wanted to inform everyone that I started to recode the web back- and front-end. Now it's open-source so if anyone want's to contribute, just send a pull request :)/>
It's written in PHP using F3 (or formerly known as "Fat-Free Framework").

right now I need help with the design the most. I would be really thankful if someone who knows something about webdesign would help a bit. The templates are found inside /app/ui/frontend.
The actual features that make it a Backspace store are still missing though. Maybe someone has ideas for a better API call format?

maybe adding an extra route (e.g. "/api") only for api calls, and routes like "/search" will be fancy output for browsers?

K. Almost done. Everything's working so far, but I still have to implement the settings page (maybe going to remove that entirely) and the "advanced search". Once I finished rewriting the CC client I'm going to push the changes to the server. It will stay a command-line program (mostly because I'm to lazy to make a GUI).

Features in the new version:
  • A bit better UI
  • Administrative features added. An admin is able to modify/delete every paste, but a user can only edit/delete their own pastes.
  • "Remodeled" API.
  • Password hashing now with a dynamic salt
  • Also, development-wise, I seperated the php code a bit more from the html code. Modifying the code doesn't affect the templates (unless you change/remove variables needed by the template) and vice versa.
Edited on 11 October 2015 - 03:29 PM
H4X0RZ #8

H4X0RZ's profile picture

1583 posts

Location Germany

Posted 13 October 2015 - 11:34 PM
(sorry for the tripple post. I just think/thought that if this won't get pushed by updates (eg. quietly updating the thread) it would result in less/no persons interested in viewing this which would lead to nobody using this ever.)

Okay, here is another update.

I made some changes to the website. (can't specifically list it because I forgot what I added :mellow:/> )
Also I moved away from the client idea (for now). Today I present you the cc API for Backspace. it's really easy to install. (The API isn't completely finished yet)

pastebin run A3VU7cr9 backspace-api << "backspace-api" is interchangeable with any name you want to give it

Using it is really easy too.

dofile("path-to-backspace-api")
if(backspace.exists("some-random-snippet")) then
  local randomSnippetApi = backspace.require("some-random-snippet") -- backspace.require only applies to code that will return something at the end of the file. There is not code yet which loads the snippet like os.loadAPI does yet.
  if(backspace.exists("some-other-snippet")) then
	randomSnippetApi.doSomething(backspace.download("some-other-snippet"))
  end
end

If you hate error messages which are not ´error-specfic´I you don't like it that the API spits out random error messages (*cough*gollark8*cough*) you have to call

backspace.beSerious(true)
before using it.
Edited on 13 October 2015 - 09:37 PM
FUNCTION MAN! #9

FUNCTION MAN!'s profile picture

429 posts

Posted 14 October 2015 - 01:04 AM
Impressive commit messages.
H4X0RZ #10

H4X0RZ's profile picture

1583 posts

Location Germany

Posted 14 October 2015 - 01:51 PM
DemHydraz, on 14 October 2015 - 01:04 AM said:
Impressive commit messages.
Thanks! Sometimes it takes me multiple hours to compose a commit message. I'm glad somebody likes them!
Creator #11

Creator's profile picture

2679 posts

Location You will never find me, muhahahahahaha

Posted 15 October 2015 - 07:31 AM
I posted the first program that is not by H4X0R on Backspace. YAY!
H4X0RZ #12

H4X0RZ's profile picture

1583 posts

Location Germany

Posted 15 October 2015 - 05:25 PM
Yay! \o/
LDDestroier #13

LDDestroier's profile picture

1715 posts

Location ACDC Town

Posted 15 October 2015 - 06:27 PM
I added a few of my pastebin programs to Backspace, as well as an improved version of OurChat.
Konlab #14

Konlab's profile picture

779 posts

Location Kerbin

Posted 18 October 2015 - 01:38 PM
Offtopic who's gollark8
Ontopic I like this, what is the license/terms of use?
Btw, Im curious if I register an illegal identifier, e.g. ♡"/^(#&amp;/$/:☆》%₩|《¿¡&amp;*:"' what happens but i dont want to try it.
H4X0RZ #15

H4X0RZ's profile picture

1583 posts

Location Germany

Posted 18 October 2015 - 06:10 PM
Konlab, on 18 October 2015 - 01:38 PM said:
Offtopic who's gollark8
Ontopic I like this, what is the license/terms of use?
Btw, Im curious if I register an illegal identifier, e.g. ♡"/^(#&amp;/$/:☆》%₩|《¿¡&amp;*:"' what happens but i dont want to try it.

//Offtopic
gollark8 once "raged" a lot because of one error message in an API (not mine). Other than that he is a normal user, I believe.

//Ontopic
license?Not sure what you mean with that :/ Do you want to use the code for a project you are working on? If so, just go ahead. If my work was of help for you, I'm happy.
Also, you may upload any kind of code. I don't support malicious code, but I don't stop you from uploading it. But 1. I will not "approve" it (because well… "approved" was intended to tell a user if the code is "secure"), and 2. don't post a link to it anywhere on the forums.

About the "illegal identifier":
Thanks for pointing that out. Because of this I found out that the "DEBUG" flag was still active which exposed my database password to everyone using an "illegal" identifier. Fixed the debug flag, changed the db password and secured the script against identifiers with characters which have to be encoded. (the url bar doesn't like these characters ._.)

Originally I intended it to allow every utf8 character (which includes your illegal identifier) but it the url would get screwed up by my browser (not sure if other browser would work) so I did what I wrote above.
Edited on 18 October 2015 - 04:12 PM
Creator #16

Creator's profile picture

2679 posts

Location You will never find me, muhahahahahaha

Posted 18 October 2015 - 06:28 PM
I think that API was AI, right?
H4X0RZ #17

H4X0RZ's profile picture

1583 posts

Location Germany

Posted 18 October 2015 - 06:33 PM
Creator, on 18 October 2015 - 06:28 PM said:
I think that API was AI, right?
Yep.
Creator #18

Creator's profile picture

2679 posts

Location You will never find me, muhahahahahaha

Posted 18 October 2015 - 06:40 PM
Is that why there is backspace.beSerious?
H4X0RZ #19

H4X0RZ's profile picture

1583 posts

Location Germany

Posted 18 October 2015 - 07:20 PM
Creator, on 18 October 2015 - 06:40 PM said:
Is that why there is backspace.beSerious?

Kinda. I added that function just if you really have to debug your code. But getting random messages isn't too bad, actually :P/> it still tells you which api call was wrong so you could find out what you did wrong without actual error messages.

BTW, look at the source. More specifically, where .beSerious is defined :P/>
Edited on 18 October 2015 - 05:23 PM
Creator #20

Creator's profile picture

2679 posts

Location You will never find me, muhahahahahaha

Posted 18 October 2015 - 07:45 PM
You actually modified the code in order to annoy gollark8? That is so twisted.
gollark8 #21

gollark8's profile picture

208 posts

Posted 18 October 2015 - 08:13 PM
You've gone to all that hassle to slightly irritate me? This system doesn't seem to like my directory structure anyway.
manu_03 #22

manu_03's profile picture

177 posts

Location Spain

Posted 18 October 2015 - 09:22 PM
Sorry, but I think that browser output is ugly. I could make a CSS sheet for the page.
H4X0RZ #23

H4X0RZ's profile picture

1583 posts

Location Germany

Posted 18 October 2015 - 10:35 PM
manu_03, on 18 October 2015 - 09:22 PM said:
Sorry, but I think that browser output is ugly. I could make a CSS sheet for the page.
I made the bare minimum CSS because I just suck at styling, so it just became this plain text with borders.

I would happily take your offer.
Edited on 19 October 2015 - 12:04 AM
Konlab #24

Konlab's profile picture

779 posts

Location Kerbin

Posted 19 October 2015 - 03:42 PM
H4X0RZ, on 18 October 2015 - 10:35 PM said:
manu_03, on 18 October 2015 - 09:22 PM said:
Sorry, but I think that browser output is ugly. I could make a CSS sheet for the page.
I made the bare minimum CSS because I just suck at styling, so it just became this plain text with borders.

I would happily take your offer.
I like that webpage, its mobile friendly
How can you put things in Backspace from CC?
H4X0RZ #25

H4X0RZ's profile picture

1583 posts

Location Germany

Posted 19 October 2015 - 03:47 PM
Konlab, on 19 October 2015 - 03:42 PM said:
H4X0RZ, on 18 October 2015 - 10:35 PM said:
manu_03, on 18 October 2015 - 09:22 PM said:
Sorry, but I think that browser output is ugly. I could make a CSS sheet for the page.
I made the bare minimum CSS because I just suck at styling, so it just became this plain text with borders.

I would happily take your offer.
I like that webpage, its mobile friendly
How can you put things in Backspace from CC?
right now that's impossible. I'm not sure if CC's http api likes linebreaks when doing post requests, does it?
Konlab #26

Konlab's profile picture

779 posts

Location Kerbin

Posted 19 October 2015 - 03:50 PM
H4X0RZ, on 19 October 2015 - 03:47 PM said:
Konlab, on 19 October 2015 - 03:42 PM said:
H4X0RZ, on 18 October 2015 - 10:35 PM said:
manu_03, on 18 October 2015 - 09:22 PM said:
Sorry, but I think that browser output is ugly. I could make a CSS sheet for the page.
I made the bare minimum CSS because I just suck at styling, so it just became this plain text with borders.

I would happily take your offer.
I like that webpage, its mobile friendly
How can you put things in Backspace from CC?
right now that's impossible. I'm not sure if CC's http api likes linebreaks when doing post requests, does it?
You can replace it with something other (e.g. $ or &amp; are not used in lua or a char combination like @~)
You can also post multiple requests ending with an end request
H4X0RZ #27

H4X0RZ's profile picture

1583 posts

Location Germany

Posted 19 October 2015 - 03:59 PM
K. Just have to modify the backend a bit (right now it doesn't check for input completeness. Really forgot that part.) once that is done I'll add the ability to post code from CC. Would it be better as commandline program or API?
Konlab #28

Konlab's profile picture

779 posts

Location Kerbin

Posted 19 October 2015 - 04:10 PM
H4X0RZ, on 19 October 2015 - 03:59 PM said:
K. Just have to modify the backend a bit (right now it doesn't check for input completeness. Really forgot that part.) once that is done I'll add the ability to post code from CC. Would it be better as commandline program or API?
Why not both of them?
When there's an API a commandline prog can be made very easily
H4X0RZ #29

H4X0RZ's profile picture

1583 posts

Location Germany

Posted 19 October 2015 - 05:23 PM
Konlab, on 19 October 2015 - 04:10 PM said:
H4X0RZ, on 19 October 2015 - 03:59 PM said:
K. Just have to modify the backend a bit (right now it doesn't check for input completeness. Really forgot that part.) once that is done I'll add the ability to post code from CC. Would it be better as commandline program or API?
Why not both of them?
When there's an API a commandline prog can be made very easily
Done.
pastebin run SGgt8fNe <filename> will download the uploader. It will ask you for anything it needs (that contains your username and password. If you aren't ok with that, just use the website. I won't allow anonymous uploads)
FUNCTION MAN! #30

FUNCTION MAN!'s profile picture

429 posts

Posted 20 October 2015 - 12:20 AM
What's your stance on uploading obfuscated/minified code?
H4X0RZ #31

H4X0RZ's profile picture

1583 posts

Location Germany

Posted 20 October 2015 - 01:16 PM
DemHydraz, on 20 October 2015 - 12:20 AM said:
What's your stance on uploading obfuscated/minified code?

You can upload almost everything you want, achtually.

Going to warn everyone using backspace: if you open an API call in your regular
Browser, be aware that the output can (and will) be handled like normal HTML.
FUNCTION MAN! #32

FUNCTION MAN!'s profile picture

429 posts

Posted 20 October 2015 - 11:30 PM
And the web frontend is down (D:)
H4X0RZ #33

H4X0RZ's profile picture

1583 posts

Location Germany

Posted 21 October 2015 - 06:19 AM
DemHydraz, on 20 October 2015 - 11:30 PM said:
And the web frontend is down (D:)

Well… I can still access it…
Konlab #34

Konlab's profile picture

779 posts

Location Kerbin

Posted 22 November 2015 - 11:21 AM
Your webpage is not working. Throws errors all the time.
Creator #35

Creator's profile picture

2679 posts

Location You will never find me, muhahahahahaha

Posted 22 November 2015 - 11:56 AM
The page looks much better, BUT logging in doesn't work.

And all the snippets have disappeared.
H4X0RZ #36

H4X0RZ's profile picture

1583 posts

Location Germany

Posted 22 November 2015 - 12:52 PM
Konlab, on 22 November 2015 - 11:21 AM said:
Your webpage is not working. Throws errors all the time.
Oh, yea. I'm working on a fix for that for some days now. The New frontend was actually finished and works on my Computer but on the Server every API call returns a 500 error for some unknown reason.

//Edit:
Wow. Seems like AngularJS really hates me. It can do GET requests without a problem, but POST requests don't work…

//Second Edit:
Sorry for causing trouble while updating. I found the cause and I'm trying to fix it today.
Edited on 22 November 2015 - 03:57 PM
H4X0RZ #37

H4X0RZ's profile picture

1583 posts

Location Germany

Posted 22 November 2015 - 08:08 PM
Creator, on 22 November 2015 - 11:56 AM said:
The page looks much better, BUT logging in doesn't work.

And all the snippets have disappeared.

I'm using a free hoster which was charging for mysql databases (with one free for one month). When I chose them I didn't knew about this restriction so we/I used the database for a month and then it got shut down.
Now I'm using an extra service just for the database, but it works.
Also, because I changed the database everything was lost, sorry for that.

BUT, I'm also happy to announce that Backspace evolved (another) time. Now I completely decoupled The frontend and backend. The Frontend now is an AngularJS app using Skeleton.css and the backend became a Flight app. Other than the new style not much changed for the frontend though. But the backend is completely redone!

Now it's completely based on JSON requests/responses and it uses JWT's for authentication -> you can authenticate using CC and use every protected API call (if SHA512 has been implemented in CC). You could even build a mobile app now. Also, passwords are hashed using SHA512, inside your client.

Unfortunately the frontend isn't feature-complete yet. You can't edit or delete snippets for now (going to add that ASAP) and the profile link is doing nothing right now.
Edited on 22 November 2015 - 07:12 PM
LDDestroier #38

LDDestroier's profile picture

1715 posts

Location ACDC Town

Posted 23 November 2015 - 02:48 AM
Fix it please, I want to add backspace to STD.
H4X0RZ #39

H4X0RZ's profile picture

1583 posts

Location Germany

Posted 23 November 2015 - 04:18 PM
LDDestroier, on 23 November 2015 - 02:48 AM said:
Fix it please, I want to add backspace to STD.
What exactly has to be fixed in your opinion?
Konlab #40

Konlab's profile picture

779 posts

Location Kerbin

Posted 23 November 2015 - 04:29 PM
http://imgur.com/ZFILijY
This
H4X0RZ #41

H4X0RZ's profile picture

1583 posts

Location Germany

Posted 23 November 2015 - 04:47 PM
Konlab, on 23 November 2015 - 04:29 PM said:
http://imgur.com/ZFILijY
This
That happened to me too. (I'm on Android 4.4 with Chrome Dev). Clearing the cache (and waiting a bit) fixed it for me.
H4X0RZ #42

H4X0RZ's profile picture

1583 posts

Location Germany

Posted 26 November 2015 - 08:04 PM
Update:
Here is a barebones API for CC that allows you to interact with the server: http://pastebin.com/NF5uxU2n (yes, it actually is over ~1k of lines.)
I had to include a JSON API because Lua can't handle that by itself (AFAIK).

Also, here is a list of all the calls you can use:

"snippets" - requires no aditional data - returns a list of every snippet. Some values are omitted because that saves traffic -> faster loading
"snippet" - requires a table like this {mode = "get",identifier = "some-identifier"}. valid modes are "get" and "exists". - when the mode is "get" it returns information about the specified snippet. when the mode is "exists" it either returns "" or it errors.
"user/register" - {username = "name",password="password"} - returns the JWT string used for authentication. The key is valid for 1 hour. BTW, you don't need to hash/encrypt the password but then they're saved in plaintext which 1) is not secure and 2) won't work when using the web app I made (which uses SHA512 for the password).
"user/login" - {username = "name",password="password"} - returns the JWT if the data is correct, otherwise errors.
"key/valid" - no data needed - Either returns a string ( "Yep.") or it errors

Using the API itself is (IMO) easy:

os.loadAPI("backspace")
backspace.send("snippet",{mode="get",identifier="Multitask"},function(r) print(r.code) end, function() print("oops.") end)
This will output the source of the "Multitask" snippet.

I'm going to add the edit and delete buttons the next days.
Edited on 26 November 2015 - 07:05 PM
クデル #43

クデル's profile picture

389 posts

Posted 27 November 2015 - 07:32 AM
Is there a policy regarding malicious code? like whether it's allowed or not?
H4X0RZ #44

H4X0RZ's profile picture

1583 posts

Location Germany

Posted 27 November 2015 - 12:35 PM
EsKreme, on 27 November 2015 - 07:32 AM said:
Is there a policy regarding malicious code? like whether it's allowed or not?
I don't care as long aa the malicious stuff isn't discussed on the forums :P/>
H4X0RZ #45

H4X0RZ's profile picture

1583 posts

Location Germany

Posted 02 February 2016 - 02:41 PM
I just want to inform everyone that Backspace isn't dead.

I fixed some small stuff, everything's on github now (and updated).

Also, I started working on a mobile app in my free time. I'm using Ionic and Cordova for the app. Because of that It's all written in HTML, CSS and JavaScript which means I can basically copy the stuff from the web app, and use a new interface which is actually mobile-optimized.
LDDestroier #46

LDDestroier's profile picture

1715 posts

Location ACDC Town

Posted 13 February 2017 - 01:46 PM
Hey, the website seems to be down. And so is the pastebin for the API. Will the API still work?
H4X0RZ #47

H4X0RZ's profile picture

1583 posts

Location Germany

Posted 13 February 2017 - 06:21 PM
Unfortunately Backspace is kinda dead now. I might "upgrade" it using some newer technologies to make it work better though. As long as it's needed.
Are you concerned about STD?

If it's about STD, you could also drop Backspace support and add Jouhou instead. Jouhou is a generic text-board (4chan-like) site I created not long ago. You could just fetch the content of a post on Jouhou. The API is freely available here. It supports also supports limiting the amount of posts you want to receive, and you can give it an offset so you can kinda build your own pagination with that. (You need JSON for that though)
Edited on 13 February 2017 - 05:27 PM