/** * Pick the right DB class and return an instance * * @since 1.7 * @param string $extension Optional: user defined choice * @return class $ydb DB class instance */ function yourls_set_DB_driver() { // Auto-pick the driver. Priority: user defined, then PDO, then mysqli, then mysql if (defined('YOURLS_DB_DRIVER')) { $driver = strtolower(YOURLS_DB_DRIVER); // accept 'MySQL', 'mySQL', etc } elseif (extension_loaded('pdo_mysql')) { $driver = 'pdo'; } elseif (extension_loaded('mysqli')) { $driver = 'mysqli'; } elseif (extension_loaded('mysql')) { $driver = 'mysql'; } else { $driver = ''; } // Set the new driver if (in_array($driver, array('mysql', 'mysqli', 'pdo'))) { $class = yourls_require_db_files($driver); } global $ydb; if (!class_exists($class, false)) { $ydb = new stdClass(); yourls_die(yourls__('YOURLS requires the mysql, mysqli or pdo_mysql PHP extension. No extension found. Check your server config, or contact your host.'), yourls__('Fatal error'), 503); } yourls_do_action('set_DB_driver', $driver); $ydb = new $class(YOURLS_DB_USER, YOURLS_DB_PASS, YOURLS_DB_NAME, YOURLS_DB_HOST); $ydb->DB_driver = $driver; yourls_debug_log("DB driver: {$driver}"); }
define('YOURLS_ADMIN', true); define('YOURLS_INSTALLING', true); require_once dirname(dirname(__FILE__)) . '/includes/load-yourls.php'; require_once YOURLS_INC . '/functions-install.php'; $error = array(); $warning = array(); $success = array(); // Check pre-requisites if (!yourls_check_database_version()) { $error[] = yourls_s('%s version is too old. Ask your server admin for an upgrade.', 'MySQL'); yourls_debug_log('MySQL version: ' . yourls_get_database_version()); } if (!yourls_check_php_version()) { $error[] = yourls_s('%s version is too old. Ask your server admin for an upgrade.', 'PHP'); yourls_debug_log('PHP version: ' . phpversion()); } // Is YOURLS already installed ? if (yourls_is_installed()) { $error[] = yourls__('YOURLS already installed.'); // check if .htaccess exists, recreate otherwise. No error checking. if (!file_exists(YOURLS_ABSPATH . '/.htaccess')) { yourls_create_htaccess(); } } // Start install if possible and needed if (isset($_REQUEST['install']) && count($error) == 0) { // Create/update .htaccess file if (yourls_create_htaccess()) { $success[] = yourls__('File <tt>.htaccess</tt> successfully created/updated.'); } else {
/** * Display a notice if there is a newer version of YOURLS available * * @since 1.7 */ function yourls_new_core_version_notice() { yourls_debug_log('Check for new version: ' . (yourls_maybe_check_core_version() ? 'yes' : 'no')); $checks = yourls_get_option('core_version_checks'); if (isset($checks->last_result->latest) and version_compare($checks->last_result->latest, YOURLS_VERSION, '>')) { $msg = yourls_s('<a href="%s">YOURLS version %s</a> is available. Please update!', 'http://yourls.org/download', $checks->last_result->latest); yourls_add_notice($msg); } }
/** * Store new cookie. No $user will delete the cookie. * */ function yourls_store_cookie($user = null) { if (!$user) { $pass = null; $time = time() - 3600; } else { global $yourls_user_passwords; if (isset($yourls_user_passwords[$user])) { $pass = $yourls_user_passwords[$user]; } else { die('Stealing cookies?'); // This should never happen } $time = time() + YOURLS_COOKIE_LIFE; } $domain = yourls_apply_filter('setcookie_domain', parse_url(YOURLS_SITE, 1)); $secure = yourls_apply_filter('setcookie_secure', yourls_is_ssl()); $httponly = yourls_apply_filter('setcookie_httponly', true); // Some browsers refuse to store localhost cookie if ($domain == 'localhost') { $domain = ''; } if (!headers_sent($filename, $linenum)) { // Set httponly if the php version is >= 5.2.0 if (version_compare(phpversion(), '5.2.0', 'ge')) { setcookie(yourls_cookie_name(), yourls_salt($user), $time, '/', $domain, $secure, $httponly); } else { setcookie(yourls_cookie_name(), yourls_salt($user), $time, '/', $domain, $secure); } } else { // For some reason cookies were not stored: action to be able to debug that yourls_do_action('setcookie_failed', $user); yourls_debug_log("Could not store cookie: headers already sent in {$filename} on line {$linenum}"); } }
/** * Perform a HTTP request, return response object * * @since 1.7 * @param string $type HTTP request type (GET, POST) * @param string $url URL to request * @param array $headers Extra headers to send with the request * @param array $data Data to send either as a query string for GET requests, or in the body for POST requests * @param array $options Options for the request (see /includes/Requests/Requests.php:request()) * @return object Requests_Response object */ function yourls_http_request($type, $url, $headers, $data, $options) { yourls_http_load_library(); $options = array_merge(yourls_http_default_options(), $options); if (yourls_http_proxy_is_defined() && !yourls_send_through_proxy($url)) { unset($options['proxy']); } try { $result = Requests::request($url, $headers, $data, $type, $options); } catch (Requests_Exception $e) { $result = yourls_debug_log($e->getMessage() . ' (' . $type . ' on ' . $url . ')'); } return $result; }
/** * Perform a HTTP request, return response object * * @since 1.7 * @param string $type HTTP request type (GET, POST) * @param string $url URL to request * @param array $headers Extra headers to send with the request * @param array $data Data to send either as a query string for GET requests, or in the body for POST requests * @param array $options Options for the request (see /includes/Requests/Requests.php:request()) * @return object Requests_Response object */ function yourls_http_request($type, $url, $headers, $data, $options) { // Allow plugins to short-circuit the whole function $pre = yourls_apply_filter('shunt_yourls_http_request', null, $type, $url, $headers, $data, $options); if (null !== $pre) { return $pre; } yourls_http_load_library(); $options = array_merge(yourls_http_default_options(), $options); if (yourls_http_get_proxy() && !yourls_send_through_proxy($url)) { unset($options['proxy']); } try { $result = Requests::request($url, $headers, $data, $type, $options); } catch (Requests_Exception $e) { $result = yourls_debug_log($e->getMessage() . ' (' . $type . ' on ' . $url . ')'); } return $result; }
/** * Overwrite plaintext passwords in config file with phpassed versions. * * @since 1.7 * @param string $config_file Full path to file * @return true if overwrite was successful, an error message otherwise */ function yourls_hash_passwords_now($config_file) { if (!is_readable($config_file)) { return 'cannot read file'; } // not sure that can actually happen... if (!is_writable($config_file)) { return 'cannot write file'; } // Include file to read value of $yourls_user_passwords // Temporary suppress error reporting to avoid notices about redeclared constants $errlevel = error_reporting(); error_reporting(0); require $config_file; error_reporting($errlevel); $configdata = file_get_contents($config_file); if ($configdata == false) { return 'could not read file'; } $to_hash = 0; // keep track of number of passwords that need hashing foreach ($yourls_user_passwords as $user => $password) { if (!yourls_has_phpass_password($user) && !yourls_has_md5_password($user)) { $to_hash++; $hash = yourls_phpass_hash($password); // PHP would interpret $ as a variable, so replace it in storage. $hash = str_replace('$', '!', $hash); $quotes = "'" . '"'; $pattern = "/[{$quotes}]{$user}[{$quotes}]\\s*=>\\s*[{$quotes}]" . preg_quote($password, '-') . "[{$quotes}]/"; $replace = "'{$user}' => 'phpass:{$hash}' /* Password encrypted by YOURLS */ "; $count = 0; $configdata = preg_replace($pattern, $replace, $configdata, -1, $count); // There should be exactly one replacement. Otherwise, fast fail. if ($count != 1) { yourls_debug_log("Problem with preg_replace for password hash of user {$user}"); return 'preg_replace problem'; } } } if ($to_hash == 0) { return 0; } // There was no password to encrypt $success = file_put_contents($config_file, $configdata); if ($success === FALSE) { yourls_debug_log('Failed writing to ' . $config_file); return 'could not write file'; } return true; }