function customproto_allowed_protocols($protocols) { if (yourls_is_valid_user() && yourls_is_admin()) { // if user is logged in, or valid cookie exists on the computer, and we're in admin area: // add custom protocol 'blah://' to authorized protocols $protocols[] = 'blah://'; } else { // if no known user: remove all protocols except http & https $protocols = array('http://', 'https://'); } return $protocols; }
yourls_db_connect(); } // Allow early inclusion of a cache layer if (file_exists(YOURLS_USERDIR . '/cache.php')) { require_once YOURLS_USERDIR . '/cache.php'; } // Read options right from start yourls_get_all_options(); // Register shutdown function register_shutdown_function('yourls_shutdown'); // Core now loaded yourls_do_action('init'); // plugins can't see this, not loaded yet // Check if need to redirect to install procedure if (!yourls_is_installed() && !yourls_is_installing()) { yourls_redirect(yourls_admin_url('install.php'), 302); } // Check if upgrade is needed (bypassed if upgrading or installing) if (!yourls_is_upgrading() && !yourls_is_installing()) { if (yourls_upgrade_is_needed()) { yourls_redirect(YOURLS_SITE . '/admin/upgrade.php', 302); } } // Init all plugins yourls_load_plugins(); yourls_do_action('plugins_loaded'); // Is there a new version of YOURLS ? yourls_new_core_version_notice(); if (yourls_is_admin()) { yourls_do_action('admin_init'); }
function yourls_html_head($context = 'index') { // All components to false, except when specified true $share = $insert = $tablesorter = $tabs = $cal = false; // Load components as needed switch ($context) { case 'infos': $share = $tabs = true; break; case 'bookmark': $share = $insert = $tablesorter = true; break; case 'index': $insert = $tablesorter = $cal = true; break; case 'install': case 'login': case 'new': case 'tools': case 'upgrade': break; } // Force no cache for all admin pages if (yourls_is_admin() && !headers_sent()) { header('Expires: Thu, 23 Mar 1972 07:00:00 GMT'); header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT'); header('Cache-Control: no-cache, must-revalidate, max-age=0'); header('Pragma: no-cache'); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>YOURLS » Your Own URL Shortener | <?php echo YOURLS_SITE; ?> </title> <link rel="icon" type="image/gif" href="<?php echo YOURLS_SITE; ?> /images/favicon.gif" /> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta http-equiv="X-UA-Compatible" content="chrome=1" /> <meta name="author" content="Ozh RICHARD & Lester CHAN for http://yourls.org/" /> <meta name="description" content="Insert URL « YOURLS » Your Own URL Shortener' | <?php echo YOURLS_SITE; ?> " /> <script src="<?php echo YOURLS_SITE; ?> /js/jquery-1.3.2.min.js?v=<?php echo YOURLS_VERSION; ?> " type="text/javascript"></script> <link rel="stylesheet" href="<?php echo YOURLS_SITE; ?> /css/style.css?v=<?php echo YOURLS_VERSION; ?> " type="text/css" media="screen" /> <?php if ($tabs) { ?> <link rel="stylesheet" href="<?php echo YOURLS_SITE; ?> /css/infos.css?v=<?php echo YOURLS_VERSION; ?> " type="text/css" media="screen" /> <script src="<?php echo YOURLS_SITE; ?> /js/infos.js?v=<?php echo YOURLS_VERSION; ?> " type="text/javascript"></script> <?php } ?> <?php if ($tablesorter) { ?> <link rel="stylesheet" href="<?php echo YOURLS_SITE; ?> /css/tablesorter.css?v=<?php echo YOURLS_VERSION; ?> " type="text/css" media="screen" /> <script src="<?php echo YOURLS_SITE; ?> /js/jquery.tablesorter.min.js?v=<?php echo YOURLS_VERSION; ?> " type="text/javascript"></script> <?php } ?> <?php if ($insert) { ?> <script src="<?php echo YOURLS_SITE; ?> /js/insert.js?v=<?php echo YOURLS_VERSION; ?> " type="text/javascript"></script> <?php } ?> <?php if ($share) { ?> <link rel="stylesheet" href="<?php echo YOURLS_SITE; ?> /css/share.css?v=<?php echo YOURLS_VERSION; ?> " type="text/css" media="screen" /> <script src="<?php echo YOURLS_SITE; ?> /js/share.js?v=<?php echo YOURLS_VERSION; ?> " type="text/javascript"></script> <?php } ?> <?php if ($cal) { ?> <link rel="stylesheet" href="<?php echo YOURLS_SITE; ?> /css/cal.css?v=<?php echo YOURLS_VERSION; ?> " type="text/css" media="screen" /> <script src="<?php echo YOURLS_SITE; ?> /js/jquery.cal.js?v=<?php echo YOURLS_VERSION; ?> " type="text/javascript"></script> <?php } ?> </head> <body class="<?php echo $context; ?> "> <div id="wrap"> <?php }
/** * Display the admin menu * */ function yourls_html_menu() { // Build menu links if (defined('YOURLS_USER')) { $logout_link = yourls_apply_filter('logout_link', sprintf(yourls__('Hello <strong>%s</strong>'), YOURLS_USER) . ' (<a href="?action=logout" title="' . yourls_esc_attr__('Logout') . '">' . yourls__('Logout') . '</a>)'); } else { $logout_link = yourls_apply_filter('logout_link', ''); } $help_link = yourls_apply_filter('help_link', '<a href="' . yourls_site_url(false) . '/readme.html">' . yourls__('Help') . '</a>'); $admin_links = array(); $admin_sublinks = array(); $admin_links['admin'] = array('url' => yourls_admin_url('index.php'), 'title' => yourls__('Go to the admin interface'), 'anchor' => yourls__('Admin interface')); if (yourls_is_admin()) { $admin_links['tools'] = array('url' => yourls_admin_url('tools.php'), 'anchor' => yourls__('Tools')); $admin_links['plugins'] = array('url' => yourls_admin_url('plugins.php'), 'anchor' => yourls__('Manage Plugins')); $admin_sublinks['plugins'] = yourls_list_plugin_admin_pages(); } $admin_links = yourls_apply_filter('admin_links', $admin_links); $admin_sublinks = yourls_apply_filter('admin_sublinks', $admin_sublinks); // Now output menu echo '<nav role="navigation"><ul id="admin_menu">' . "\n"; if (yourls_is_private() && !empty($logout_link)) { echo '<li id="admin_menu_logout_link">' . $logout_link . '</li>'; } foreach ((array) $admin_links as $link => $ar) { if (isset($ar['url'])) { $anchor = isset($ar['anchor']) ? $ar['anchor'] : $link; $title = isset($ar['title']) ? 'title="' . $ar['title'] . '"' : ''; printf('<li id="admin_menu_%s_link" class="admin_menu_toplevel"><a href="%s" %s>%s</a>', $link, $ar['url'], $title, $anchor); } // Output submenu if any. TODO: clean up, too many code duplicated here if (isset($admin_sublinks[$link])) { echo "<ul>\n"; foreach ($admin_sublinks[$link] as $link => $ar) { if (isset($ar['url'])) { $anchor = isset($ar['anchor']) ? $ar['anchor'] : $link; $title = isset($ar['title']) ? 'title="' . $ar['title'] . '"' : ''; printf('<li id="admin_menu_%s_link" class="admin_menu_sublevel admin_menu_sublevel_%s"><a href="%s" %s>%s</a>', $link, $link, $ar['url'], $title, $anchor); } } echo "</ul>\n"; } } if (isset($help_link)) { echo '<li id="admin_menu_help_link">' . $help_link . '</li>'; } yourls_do_action('admin_menu'); echo "</ul></nav>\n"; yourls_do_action('admin_notices'); yourls_do_action('admin_notice'); // because I never remember if it's 'notices' or 'notice' /* To display a notice: $message = "<div>OMG, dude, I mean!</div>" ); yourls_add_action( 'admin_notices', create_function( '', "echo '$message';" ) ); */ }
/** * Return current admin page, or null if not an admin page * * @return mixed string if admin page, null if not an admin page * @since 1.6 */ function yourls_current_admin_page() { if (yourls_is_admin()) { $current = substr(yourls_get_request(), 6); if ($current === false) { $current = 'index.php'; } // if current page is http://sho.rt/admin/ instead of http://sho.rt/admin/index.php return $current; } return null; }
function yourls_html_menu() { ?> <ul id="admin_menu"> <?php if (yourls_is_private()) { ?> <li>Hello <strong><?php echo YOURLS_USER; ?> </strong> (<a href="?action=logout" title="Logout">Logout</a>)</li> <?php } ?> <li><a href="<?php echo yourls_admin_url('index.php'); ?> ">Admin Interface</a></li> <?php if (yourls_is_admin()) { ?> <li><a href="<?php echo yourls_admin_url('tools.php'); ?> ">Tools</a></li> <li><a href="<?php echo yourls_admin_url('plugins.php'); ?> ">Plugins</a></li> <?php yourls_list_plugin_admin_pages(); ?> <li><a href="<?php yourls_site_url(); ?> /readme.html">Help</a></li> <?php yourls_do_action('admin_menu'); ?> <?php } ?> </ul> <?php yourls_do_action('admin_notices'); yourls_do_action('admin_notice'); // because I never remember if it's 'notices' or 'notice' /* To display a notice: $message = "<div>OMG, dude, I mean!</div>" ); yourls_add_action('admin_notices', create_function( '', "echo '$message';" ) ); */ }
/** * Yourls action auth_successful * * @return bool */ public function action_auth_successful() { if (!yourls_is_admin()) { return true; } /** * Check page permissions */ if (preg_match('#\\/admin\\/(.*?)\\.php#', $_SERVER['SCRIPT_FILENAME'], $matches)) { if (!in_array($matches[1], $this->helperGetAllowedPermissions())) { yourls_add_notice(yourls__('Denied access to this page', self::APP_NAMESPACE)); yourls_html_head('accessdenied', yourls__('Denied access to this page', self::APP_NAMESPACE)); yourls_html_logo(); yourls_html_menu(); yourls_html_footer(); die; } } /** * Check action permissions */ if (yourls_is_Ajax()) { $action = $this->getRequest('action'); $permissions = $this->helperGetAllowedPermissions(); $bol = false; switch ($action) { case 'edit_display': case 'edit_save': if (!in_array('edit', $permissions['action'])) { $bol = true; } break; case 'add': case 'delete': if (!in_array($action, $permissions['action'])) { $bol = true; } break; } if ($bol) { $this->setRequest('action_old', $action); $this->setRequest('action', 'accessdenied'); } } }
/** * Determine if we want to check for a newer YOURLS version (and check if applicable) * * Currently checks are performed every 24h and only when someone is visiting an admin page. * In the future (1.8?) maybe check with cronjob emulation instead. * * @since 1.7 * @return bool true if a check was needed and successfully performed, false otherwise */ function yourls_maybe_check_core_version() { // Allow plugins to short-circuit the whole function $pre = yourls_apply_filter('shunt_maybe_check_core_version', null); if (null !== $pre) { return $pre; } if (defined('YOURLS_NO_VERSION_CHECK') && YOURLS_NO_VERSION_CHECK) { return false; } if (!yourls_is_admin()) { return false; } $checks = yourls_get_option('core_version_checks'); /* We don't want to check if : - last_result is set (a previous check was performed) - and it was less than 24h ago (or less than 2h ago if it wasn't successful) - and version checked matched version running Otherwise, we want to check. */ if (!empty($checks->last_result) and ($checks->failed_attempts == 0 && time() - $checks->last_attempt < 24 * 3600 or $checks->failed_attempts > 0 && time() - $checks->last_attempt < 2 * 3600) and $checks->version_checked == YOURLS_VERSION) { return false; } // We want to check if there's a new version $new_check = yourls_check_core_version(); // Could not check for a new version, and we don't have ancient data if (false == $new_check && !isset($checks->last_result->latest)) { return false; } return true; }
/** * Display HTML head and <body> tag * * @param string $context Context of the page (stats, index, infos, ...) * @param string $title HTML title of the page */ function yourls_html_head($context = 'index', $title = '') { yourls_do_action('pre_html_head', $context, $title); // All components to false, except when specified true $share = $insert = $tablesorter = $tabs = $cal = $charts = false; // Load components as needed switch ($context) { case 'infos': $share = $tabs = $charts = true; break; case 'bookmark': $share = $insert = $tablesorter = true; break; case 'index': $insert = $tablesorter = $cal = $share = true; break; case 'plugins': case 'tools': $tablesorter = true; break; case 'install': case 'login': case 'new': case 'upgrade': break; } // Force no cache for all admin pages if (yourls_is_admin() && !headers_sent()) { header('Expires: Thu, 23 Mar 1972 07:00:00 GMT'); header('Last-Modified: ' . gmdate('D, d M Y H:i:s') . ' GMT'); header('Cache-Control: no-cache, must-revalidate, max-age=0'); header('Pragma: no-cache'); yourls_content_type_header(yourls_apply_filter('html_head_content-type', 'text/html')); yourls_do_action('admin_headers', $context, $title); } // Store page context in global object global $ydb; $ydb->context = $context; // Body class $bodyclass = yourls_apply_filter('bodyclass', ''); $bodyclass .= yourls_is_mobile_device() ? 'mobile' : 'desktop'; // Page title $_title = 'FTPLN URL Shortener | ' . yourls_link(); $title = $title ? $title . " « " . $_title : $_title; $title = yourls_apply_filter('html_title', $title, $context); ?> <!DOCTYPE html> <html <?php yourls_html_language_attributes(); ?> > <head> <title><?php echo $title; ?> </title> <link rel="shortcut icon" href="<?php yourls_favicon(); ?> " /> <meta http-equiv="Content-Type" content="<?php echo yourls_apply_filter('html_head_meta_content-type', 'text/html; charset=utf-8'); ?> " /> <meta name="generator" content="YOURLS <?php echo YOURLS_VERSION; ?> " /> <meta name="description" content="YOURLS » Your Own URL Shortener' | <?php yourls_site_url(); ?> " /> <meta name="referrer" content="always" /> <script src="<?php yourls_site_url(); ?> /js/jquery-1.9.1.min.js?v=<?php echo YOURLS_VERSION; ?> " type="text/javascript"></script> <script src="<?php yourls_site_url(); ?> /js/common.js?v=<?php echo YOURLS_VERSION; ?> " type="text/javascript"></script> <script src="<?php yourls_site_url(); ?> /js/jquery.notifybar.js?v=<?php echo YOURLS_VERSION; ?> " type="text/javascript"></script> <link rel="stylesheet" href="<?php yourls_site_url(); ?> /css/style.css?v=<?php echo YOURLS_VERSION; ?> " type="text/css" media="screen" /> <?php if ($tabs) { ?> <link rel="stylesheet" href="<?php yourls_site_url(); ?> /css/infos.css?v=<?php echo YOURLS_VERSION; ?> " type="text/css" media="screen" /> <script src="<?php yourls_site_url(); ?> /js/infos.js?v=<?php echo YOURLS_VERSION; ?> " type="text/javascript"></script> <?php } ?> <?php if ($tablesorter) { ?> <link rel="stylesheet" href="<?php yourls_site_url(); ?> /css/tablesorter.css?v=<?php echo YOURLS_VERSION; ?> " type="text/css" media="screen" /> <script src="<?php yourls_site_url(); ?> /js/jquery.tablesorter.min.js?v=<?php echo YOURLS_VERSION; ?> " type="text/javascript"></script> <?php } ?> <?php if ($insert) { ?> <script src="<?php yourls_site_url(); ?> /js/insert.js?v=<?php echo YOURLS_VERSION; ?> " type="text/javascript"></script> <?php } ?> <?php if ($share) { ?> <link rel="stylesheet" href="<?php yourls_site_url(); ?> /css/share.css?v=<?php echo YOURLS_VERSION; ?> " type="text/css" media="screen" /> <script src="<?php yourls_site_url(); ?> /js/share.js?v=<?php echo YOURLS_VERSION; ?> " type="text/javascript"></script> <script src="<?php yourls_site_url(); ?> /js/jquery.zclip.min.js?v=<?php echo YOURLS_VERSION; ?> " type="text/javascript"></script> <?php } ?> <?php if ($cal) { ?> <link rel="stylesheet" href="<?php yourls_site_url(); ?> /css/cal.css?v=<?php echo YOURLS_VERSION; ?> " type="text/css" media="screen" /> <?php yourls_l10n_calendar_strings(); ?> <script src="<?php yourls_site_url(); ?> /js/jquery.cal.js?v=<?php echo YOURLS_VERSION; ?> " type="text/javascript"></script> <?php } ?> <?php if ($charts) { ?> <script type="text/javascript" src="https://www.google.com/jsapi"></script> <script type="text/javascript"> google.load('visualization', '1.0', {'packages':['corechart', 'geochart']}); </script> <?php } ?> <script type="text/javascript"> //<![CDATA[ var ajaxurl = '<?php echo yourls_admin_url('admin-ajax.php'); ?> '; var zclipurl = '<?php yourls_site_url(); ?> /js/ZeroClipboard.swf'; //]]> </script> <?php yourls_do_action('html_head', $context); ?> </head> <body class="<?php echo $context; ?> <?php echo $bodyclass; ?> "> <div id="wrap"> <?php }
if (!defined('YOURLS_ADMIN_SSL')) { define('YOURLS_ADMIN_SSL', false); } // if set to true, force https:// in the admin area if (!defined('YOURLS_DEBUG')) { define('YOURLS_DEBUG', false); } // if set to true, verbose debug infos. Will break things. Don't enable. // Error reporting if (defined('YOURLS_DEBUG') && YOURLS_DEBUG == true) { error_reporting(E_ALL); } else { error_reporting(E_ERROR | E_PARSE); } // If request for an admin page is http:// and SSL is required, redirect if (yourls_is_admin() && yourls_needs_ssl() && !yourls_is_ssl()) { if (0 === strpos($_SERVER['REQUEST_URI'], 'http')) { yourls_redirect(preg_replace('|^http://|', 'https://', $_SERVER['REQUEST_URI'])); exit; } else { yourls_redirect('https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']); exit; } } // Create the YOURLS object $ydb that will contain everything we globally need if (function_exists('yourls_db_connect')) { global $ydb; yourls_db_connect(); } // Read options right from start yourls_get_all_options();