commie 2.0 is a pastebin script with line commenting support. This was originally forked from splitbrain/commie and further improved and expanded upon.
To view a demo of commie2, click here. Emailing has been disabled for potential abuse cases.
- Pastes are stored as files on the filesystem, encrypted at rest. (no need to configure a database, or plugins, etc.)
- Every line is commentable with the ability for multiple comments from multiple users.
- Comments support Github Markdown!
- Names and emails are cookied for better UX, but easily changable.
- When you make a comment, the user that made the paste can (optionally) receive an email, with syntax highlighted context of the comment and any other contextual comments. (see screenshots)
- If the paste is markdown, it will auto generate a preview in html (see screenshots)
- Way simple interface and codebase. When I forked it, it took maybe 5 minutes to figure out what was going on.
- Upgraded to modern archtecture to keep only public things in the public directory.
- Compatible with PHP >=7.4
- Built with:
- htmx for simple SPA functionality.
- hyperscript - adds simple javascript functionality that is very easy to read.
- latte - for templating engine that honestly is really nice. Better than Twig IMO.
- scrivo/highlight.php - port of highlight.js with support for many languages.
- flight framework - lightweight framework that is very easy to use and understand.
To install, simply clone this repo and configure your webserver to point to the public/ directory. If you use apache webserver, there is a .htaccess file that is already configured in the public/ dir. For more info on other sites such as nginx, go here. You will also need composer and to run composer install. Then move to the configuration section.
This is very easy to configure. There is a .config_sample.php file with instructions on how to enable emailing, encryption, and other settings. Copy or rename this file to .config.php and you're on your way!
The API is simple to use and make new pastes to. You authenticate by sending an Authorization: Bearer apikey header in the request. If you need another header, you can also use the X-Authorization: Bearer apikey header.
POST /api/paste/create
Request Parameters (all required)
---------
content=yourpaste
name=Your+name
email=your@email.com
language=php (optional, the autodetect is pretty good)
Response
-----------
{"uid":"youruid"}
POST /api/paste/@paste_uid/comment/@line_number/create
Parameters (all required)
---------
comment=yourcomment
user=Your+name
email=your@email.com
Response
-----------
{
"uid":"youruid",
"line":5,
"comment":"yourcomment",
"user_name":"Your name",
"user_email":"your@email.com",
"time":1661023034, // from php time() command
"color":"abc123" // color based on name of user
}
Throw in an issue and if necessary make a pull request. It's a pretty simple codebase!
Gasp! There's a security issue! If you find one, let me know. There probably are some improvements that can be made. Pull requests are cool too.
- If you are going to enable email, it would probably be best to put some controls in place to the paste board (such as only certain users can access the URL, HTTP Basic Auth, etc)
Got questions? Here's some common ones...
Make sure that your data/ directory is writable by the webserver user (www-user, apache, nobody, nginx, etc). Something like chmod g+w data/ should do the trick. If it you need to also change the owner, do so with chown apache:apache data/ or whatever user you need.
Do you have SELinux enabled? You can check with sestatus as root and see. If you do have it enabled, you need to make sure that the data/ dir has the correct context permissions which would likely be something like semanage fcontext -a -t httpd_sys_rw_content_t "/path/to/commit/data(/.*)?" and then run restorecon -Rv /path/to/commie/