function temp_instead_admin_page_do()
{
if (isset($_POST['temp_instead_mode'])) {
yourls_verify_nonce('temp_instead');
temp_instead_admin_page_update();
}
$mode = intval(yourls_get_option('temp_instead_mode', 1));
$nonce = yourls_create_nonce('temp_instead');
// If the option hasn't been added previously, we add the default value of everything using
// 302 redirects.
echo '<h2>302-Redirect Redirection Rules</h2>';
echo '<p>This plugin allows you to configure how the 302-redirect plugin operates.</p>';
echo '<form method="post">';
echo '<input type="hidden" name="nonce" value="' . $nonce . '" />';
echo '<label for="temp_instead_mode">Select Redirect Mode:</label>';
echo '<select id="temp_instead_mode" name="temp_instead_mode">';
$opt1 = $mode == 1 ? ' selected' : '';
$opt2 = $mode == 2 ? ' selected' : '';
$opt3 = $mode == 3 ? ' selected' : '';
echo '<option value=1' . $opt1 . '>Redirect all using 302 temporary redirect</option>';
echo '<option value=2' . $opt2 . '>Redirect all using 301 permanent redirect</option>';
echo '<option value=3' . $opt3 . '>Redirect full URLs using 302 and short URLs using 301</option>';
echo '<p><input type="submit" value="Update Redirect Mode" /></p>';
echo '</select>';
echo '</form>';
}
function gmo_domain_swap_do_page()
{
// Check if a form was submitted
if (isset($_POST['domain_swap_values'])) {
// Check nonce
yourls_verify_nonce('domain_swap');
// Process form
gmo_domain_swap_update_option();
}
// Get value from database
$domain_swap_values = yourls_get_option('domain_swap_values');
$domain_swap_values_json = json_decode($domain_swap_values);
$domain_swap_values_list = '';
$count_domains = count($domain_swap_values_json->domains) + 1;
foreach ($domain_swap_values_json->domains as $domain) {
$domain_swap_values_list .= $domain . PHP_EOL;
}
$domain_swap_values_list = trim($domain_swap_values_list);
// Create nonce
$nonce = yourls_create_nonce('domain_swap');
echo <<<HTML
<h2>Domain Swap Configuration Page</h2>
<p>Enter here a list with domain names you want to swap from.</p>
<form method="post">
<input type="hidden" name="nonce" value="{$nonce}" />
<p><label for="domain_swap_values">Domains: </label></p>
<P><textarea rows="{$count_domains}" cols="50" name="domain_swap_values">{$domain_swap_values_list}</textarea></p>
<p>Notes:</p>
<ul>
<li>One entry per line</li>
<li>No trailing slash</li>
<li>No protocol</li>
<li>e.g.
<ul>
<li>[ok] example.com</li>
<li>[ok] sub.example.com</li>
<li>[bad] http://example.com</li>
<li>[bad] example.com/</li>
</ul>
</li>
</ul>
<p><input type="submit" value="Update value" /></p>
</form>
HTML;
}
function adminreCaptcha_config_page()
{
if (isset($_POST['abdulrauf_adminreCaptcha_public_key'])) {
yourls_verify_nonce('abdulrauf_adminreCaptcha_nonce');
abdulrauf_adminreCaptcha_save_admin();
}
$nonce = yourls_create_nonce('abdulrauf_adminreCaptcha_nonce');
$pubkey = yourls_get_option('abdulrauf_adminreCaptcha_pub_key', "");
$privkey = yourls_get_option('abdulrauf_adminreCaptcha_priv_key', "");
echo '<h2>Admin reCaptcha plugin settings</h2>';
echo '<form method="post">';
echo '<input type="hidden" name="nonce" value="' . $nonce . '" />';
echo '<p><label for="abdulrauf_adminreCaptcha_public_key">reCaptcha site key: </label>';
echo '<input type="text" id="abdulrauf_adminreCaptcha_public_key" name="abdulrauf_adminreCaptcha_public_key" value="' . $pubkey . '"></p>';
echo '<p><label for="abdulrauf_adminreCaptcha_private_key">reCaptcha secret key: </label>';
echo '<input type="text" id="abdulrauf_adminreCaptcha_private_key" name="abdulrauf_adminreCaptcha_private_key" value="' . $privkey . '"></p>';
echo '<input type="submit" value="Save"/>';
echo '</form>';
}
function popularclicks_do_page()
{
$nonce = yourls_create_nonce('popular_clickks');
echo '<h2>Popular Clicks</h2>';
function show_top($numdays, $numrows)
{
global $ydb;
$base = YOURLS_SITE;
$table_url = YOURLS_DB_TABLE_URL;
$table_log = YOURLS_DB_TABLE_LOG;
$outdata = '';
/**
SELECT a.shorturl AS shorturl, count(*) AS clicks, b.url AS longurl
FROM yourls_log a, yourls_url b WHERE a.shorturl=b.keyword AND DATE_SUB(NOW(),
INTERVAL 30 DAY)<a.click_time GROUP BY a.shorturl ORDER BY count(*) DESC LIMIT 20;
*/
$query = $ydb->get_results("SELECT a.shorturl AS shorturl, count(*) AS clicks, b.url AS longurl FROM `{$table_log}` a, `{$table_url}` b WHERE a.shorturl=b.keyword AND DATE_SUB(NOW(), INTERVAL {$numdays} DAY)<a.click_time GROUP BY a.shorturl ORDER BY count(*) DESC LIMIT {$numrows}");
if ($query) {
foreach ($query as $query_result) {
$outdata .= '<tr><td>' . $query_result->clicks . '</td><td><a href="' . $base . '/' . $query_result->shorturl . '+" target="blank">' . $query_result->shorturl . '</a>' . '</td><td><a href="' . $query_result->longurl . '" target="blank">' . $query_result->longurl . '</td></tr>';
}
}
echo '<h3><b>Popular Clicks in the Last ' . $numdays . ' Days:</b></h3><br/>' . '<table><tr><th>Clicks</th><th>Short URL</th><th>Long URL</th></tr>' . $outdata . "</table><br>\n\r";
}
// update next lines for addjustments on number of days and number of top links
// example: show_top(1,5) => print the 5 most popular links clicked in the last 1 day
show_top(1, 15);
// last day
show_top(7, 15);
// last week
show_top(30, 15);
// last ~month
show_top(365, 15);
// last ~year
show_top(1000, 15);
// ~alltime
}
function ozh_yourls_samplepage_do_page()
{
// Check if a form was submitted
if (isset($_POST['test_option'])) {
// Check nonce
yourls_verify_nonce('sample_page');
// Process form
ozh_yourls_samplepage_update_option();
}
// Get value from database
$test_option = yourls_get_option('test_option');
// Create nonce
$nonce = yourls_create_nonce('sample_page');
echo <<<HTML
\t\t<h2>Sample Plugin Administration Page</h2>
\t\t<p>This plugin stores an integer in the option database</p>
\t\t<form method="post">
\t\t<input type="hidden" name="nonce" value="{$nonce}" />
\t\t<p><label for="test_option">Enter an integer</label> <input type="text" id="test_option" name="test_option" value="{$test_option}" /></p>
\t\t<p><input type="submit" value="Update value" /></p>
\t\t</form>
HTML;
}
/**
* Action: admin_page_before_form
*/
public function action_admin_page_before_form()
{
$panels = [];
$panels[] = 'form_new_url-panel-shorturl.twig';
if ($this->_hasPermission(self::PERMISSION_ACTION_ADD_GROUP)) {
$panels[] = 'form_new_url-panel-ldapgroup.twig';
}
if ($this->_hasPermission(self::PERMISSION_ACTION_EDIT_COMMENT)) {
$panels[] = 'form_new_url-panel-comment.twig';
}
if ($this->_hasPermission(self::PERMISSION_ACTION_EDIT_LABEL)) {
$panels[] = 'form_new_url-panel-label.twig';
}
echo '</div>';
echo $this->getTemplate()->render('form_new_url', ['nonce_add' => yourls_create_nonce('add_url'), 'panels' => $panels, 'ldapgrouplist' => $this->_options['ldapgrouplist'], 'ldapgrouplist_value' => array_keys($this->_getOwnGroups())]);
ob_start();
}
/**
* Return an "Edit" row for the main table
*
* @param string $keyword Keyword to edit
* @return string HTML of the edit row
*/
function yourls_table_edit_row($keyword)
{
$keyword = yourls_sanitize_string($keyword);
$id = yourls_string2htmlid($keyword);
// used as HTML #id
$url = yourls_get_keyword_longurl($keyword);
$title = htmlspecialchars(yourls_get_keyword_title($keyword));
$safe_url = yourls_esc_attr(rawurldecode($url));
$safe_title = yourls_esc_attr($title);
// Make strings sprintf() safe: '%' -> '%%'
$safe_url = str_replace('%', '%%', $safe_url);
$safe_title = str_replace('%', '%%', $safe_title);
$www = yourls_link();
$nonce = yourls_create_nonce('edit-save_' . $id);
if ($url) {
$return = <<<RETURN
<tr id="edit-{$id}" class="edit-row"><td colspan="5" class="edit-row"><strong>%s</strong>:<input type="text" id="edit-url-{$id}" name="edit-url-{$id}" value="{$safe_url}" class="text" size="70" /><br/><strong>%s</strong>: {$www}<input type="text" id="edit-keyword-{$id}" name="edit-keyword-{$id}" value="{$keyword}" class="text" size="10" /><br/><strong>%s</strong>: <input type="text" id="edit-title-{$id}" name="edit-title-{$id}" value="{$safe_title}" class="text" size="60" /></td><td colspan="1"><input type="button" id="edit-submit-{$id}" name="edit-submit-{$id}" value="%s" title="%s" class="button" onclick="edit_link_save('{$id}');" /> <input type="button" id="edit-close-{$id}" name="edit-close-{$id}" value="%s" title="%s" class="button" onclick="edit_link_hide('{$id}');" /><input type="hidden" id="old_keyword_{$id}" value="{$keyword}"/><input type="hidden" id="nonce_{$id}" value="{$nonce}"/></td></tr>
RETURN;
$return = sprintf($return, yourls__('Long URL'), yourls__('Short URL'), yourls__('Title'), yourls__('Save'), yourls__('Save new values'), yourls__('Cancel'), yourls__('Cancel editing'));
} else {
$return = '<tr class="edit-row notfound"><td colspan="6" class="edit-row notfound">' . yourls__('Error, URL not found') . '</td></tr>';
}
$return = yourls_apply_filter('table_edit_row', $return, $keyword, $url, $title);
return $return;
}
/**
* Check validity of a nonce (ie time span, user and action match).
*
* Returns true if valid, dies otherwise (yourls_die() or die($return) if defined)
* if $nonce is false or unspecified, it will use $_REQUEST['nonce']
*
*/
function yourls_verify_nonce($action, $nonce = false, $user = false, $return = '')
{
// get user
if (false == $user) {
$user = defined('YOURLS_USER') ? YOURLS_USER : '******';
}
// get current nonce value
if (false == $nonce && isset($_REQUEST['nonce'])) {
$nonce = $_REQUEST['nonce'];
}
// what nonce should be
$valid = yourls_create_nonce($action, $user);
if ($nonce == $valid) {
return true;
} else {
if ($return) {
die($return);
}
yourls_die(yourls__('Unauthorized action or expired link'), yourls__('Error'), 403);
}
}
?>
</strong> activated</p>
<table id="main_table" class="tblSorter" cellpadding="0" cellspacing="1">
<thead>
<tr>
<th>Plugin Name</th>
<th>Version</th>
<th>Description</th>
<th>Author</th>
<th>Action</th>
</tr>
</thead>
<tbody>
<?php
$nonce = yourls_create_nonce('manage_plugins');
foreach ($plugins as $file => $plugin) {
// default fields to read from the plugin header
$fields = array('name' => 'Plugin Name', 'uri' => 'Plugin URI', 'desc' => 'Description', 'version' => 'Version', 'author' => 'Author', 'author_uri' => 'Author URI');
// Loop through all default fields, get value if any and reset it
foreach ($fields as $field => $value) {
if ($plugin[$value]) {
$data[$field] = $plugin[$value];
} else {
$data[$field] = '(no info)';
}
unset($plugin[$value]);
}
$plugindir = trim(dirname($file), '/');
if (yourls_is_active_plugin($file)) {
$class = 'active';
function yourls_verify_nonce($nonce, $action = -1, $user = false)
{
if (false == $user) {
$user = defined('YOURLS_USER') ? YOURLS_USER : '******';
}
$valid = yourls_create_nonce($action, $user);
return $nonce == $valid;
}
function spb_recaptcha_configpage_display()
{
if (isset($_POST['spb_recaptcha_public_key'])) {
yourls_verify_nonce('spb_recaptcha_nonce');
spb_recaptcha_save_admin();
}
$nonce = yourls_create_nonce('spb_recaptcha_nonce');
$pubkey = yourls_get_option('spb_recaptcha_pub_key', "");
$privkey = yourls_get_option('spb_recaptcha_priv_key', "");
$solvemediaCKey = yourls_get_option('spb_recaptcha_solvemediaCKey', "");
$solvemediaVKey = yourls_get_option('spb_recaptcha_solvemediaVKey', "");
$solvemediaHKey = yourls_get_option('spb_recaptcha_solvemediaHKey', "");
echo '<h2>reCaptcha plugin settings</h2>';
echo '<form method="post">';
echo '<input type="hidden" name="nonce" value="' . $nonce . '" />';
echo '<p><label for="spb_recaptcha_public_key">reCaptcha site key: </label>';
echo '<input type="text" id="spb_recaptcha_public_key" name="spb_recaptcha_public_key" value="' . $pubkey . '"></p>';
echo '<p><label for="spb_recaptcha_private_key">reCaptcha secret key: </label>';
echo '<input type="text" id="spb_recaptcha_private_key" name="spb_recaptcha_private_key" value="' . $privkey . '"></p>';
echo '<hr/>';
echo '<p><label for="spb_recaptcha_solvemediaCKey">Solve Media Challenge Key (C-key): </label>';
echo '<input type="text" id="spb_recaptcha_solvemediaCKey" name="spb_recaptcha_solvemediaCKey" value="' . $solvemediaCKey . '"></p>';
echo '<p><label for="spb_recaptcha_solvemediaVKey">Solve Media Verification Key (V-key): </label>';
echo '<input type="text" id="spb_recaptcha_solvemediaVKey" name="spb_recaptcha_solvemediaVKey" value="' . $solvemediaVKey . '"></p>';
echo '<p><label for="spb_recaptcha_solvemediaHKey">Solve Media Authentication Hash Key (H-key): </label>';
echo '<input type="text" id="spb_recaptcha_solvemediaHKey" name="spb_recaptcha_solvemediaHKey" value="' . $solvemediaHKey . '"></p>';
echo '<input type="submit"/>';
echo '</form>';
}
function yourls_verify_nonce($action, $nonce, $user = false, $return = '')
{
// get user
if (false == $user) {
$user = defined('YOURLS_USER') ? YOURLS_USER : '******';
}
// what nonce should be
$valid = yourls_create_nonce($action, $user);
if ($nonce == $valid) {
return true;
} else {
if ($return) {
die($return);
}
yourls_die('Unauthorized action or expired link', 'Error', 403);
}
}
/**
* Return an "Edit" row for the main table
*
* @param string $keyword Keyword to edit
* @return string HTML of the edit row
*/
function yourls_table_edit_row($keyword)
{
global $ydb;
$table = YOURLS_DB_TABLE_URL;
$keyword = yourls_sanitize_string($keyword);
$id = yourls_string2htmlid($keyword);
// used as HTML #id
$url = yourls_get_keyword_longurl($keyword);
$title = htmlspecialchars(yourls_get_keyword_title($keyword));
$safe_url = yourls_esc_attr($url);
$safe_title = yourls_esc_attr($title);
$www = yourls_link();
$save_link = yourls_nonce_url('save-link_' . $id, yourls_add_query_arg(array('id' => $id, 'action' => 'edit_save', 'keyword' => $keyword), yourls_admin_url('admin-ajax.php')));
$nonce = yourls_create_nonce('edit-save_' . $id);
if ($url) {
$return = <<<RETURN
<tr id="edit-{$id}" class="edit-row"><td colspan="5" class="edit-row"><strong>%s</strong>:<input type="text" id="edit-url-{$id}" name="edit-url-{$id}" value="{$safe_url}" class="text" size="70" /><br/><strong>%s</strong>: {$www}<input type="text" id="edit-keyword-{$id}" name="edit-keyword-{$id}" value="{$keyword}" class="text" size="10" /><br/><strong>%s</strong>: <input type="text" id="edit-title-{$id}" name="edit-title-{$id}" value="{$safe_title}" class="text" size="60" /></td><td colspan="1"><input type="button" id="edit-submit-{$id}" name="edit-submit-{$id}" value="%s" title="%s" class="button" onclick="edit_link_save('{$id}');" /> <input type="button" id="edit-close-{$id}" name="edit-close-{$id}" value="%s" title="%s" class="button" onclick="edit_link_hide('{$id}');" /><input type="hidden" id="old_keyword_{$id}" value="{$keyword}"/><input type="hidden" id="nonce_{$id}" value="{$nonce}"/></td></tr>
RETURN;
$return = sprintf(urldecode($return), yourls__('Long URL'), yourls__('Short URL'), yourls__('Title'), yourls__('Save'), yourls__('Save new values'), yourls__('Cancel'), yourls__('Cancel editing'));
} else {
$return = '<tr class="edit-row notfound">><td colspan="6" class="edit-row notfound">' . yourls__('Error, URL not found') . '</td></tr>';
}
$return = yourls_apply_filter('table_edit_row', $return, $keyword, $url, $title);
return $return;
}
/**
* Action: yourls_ajax_laemmi_edit_ldapgroup
*/
public function action_yourls_ajax_laemmi_edit_ldapgroup()
{
$keyword = yourls_sanitize_string($this->getRequest('keyword'));
$nonce = $this->getRequest('nonce');
$id = yourls_string2htmlid($keyword);
yourls_verify_nonce('laemmi_edit_ldapgroup_' . $id, $nonce, false, 'omg error');
$nonce = yourls_create_nonce('laemmi_edit_ldapgroup_save_' . $id);
$infos = yourls_get_keyword_infos($keyword);
$projectlist_value = (array) @json_decode($infos[self::SETTING_URL_PROJECTS], true);
$projectlist = [];
foreach ($this->_options['projectlist'] as $key => $val) {
if ($this->_hasPermission(self::PERMISSION_ACTION_ADD_OTHER_PROJECT) || $this->_hasPermission('action-edit', [$key])) {
$projectlist[$key] = $key;
}
}
$html = $this->getTemplate()->render('edit_row_project', ['keyword' => $keyword, 'nonce' => $nonce, 'id' => $id, 'projectlist' => $projectlist, 'projectlist_value' => $projectlist_value]);
echo json_encode(['html' => $html]);
}
/**
* Action yourls_ajax_laemmi_edit_comment_label
*/
public function action_yourls_ajax_laemmi_edit_comment_label()
{
$keyword = yourls_sanitize_string($this->getRequest('keyword'));
$nonce = $this->getRequest('nonce');
$id = yourls_string2htmlid($keyword);
yourls_verify_nonce('laemmi_edit_comment_label_' . $id, $nonce, false, 'omg error');
$nonce = yourls_create_nonce('laemmi_edit_comment_label_save_' . $id);
$infos = yourls_get_keyword_infos($keyword);
$comment = $infos[self::SETTING_URL_COMMENT];
$label = json_decode($infos[self::SETTING_URL_LABEL], true);
$label = implode(',', $label);
$html = '
<tr id="edit-' . $id . '" class="edit-row laemmi_edit_comment_label_row" data-id="' . $id . '"><td colspan="5">
<form action="admin-ajax.php" method="post">
<input type="hidden" name="action" value="laemmi_edit_comment_label_save" />
<input type="hidden" name="keyword" value="' . $keyword . '" />
<input type="hidden" name="nonce" value="' . $nonce . '" />';
$html .= $this->getHtmlFields(['comment' => $comment, 'label' => $label]);
$html .= '</form>
</td><td colspan="1">
<input class="button" type="button" name="save" value="' . yourls__('Save') . '">
<input class="button" type="button" name="cancel" value="' . yourls__('Cancel') . '">
</td></tr>';
echo json_encode(['html' => $html]);
}
