function clayton_api_action_delete() { // We don't want unauthenticated users deleting links // If YOURLS is in public mode, force authentication anyway if (!yourls_is_private()) { yourls_do_action('require_auth'); require_once YOURLS_INC . '/auth.php'; } // Need 'shorturl' parameter if (!isset($_REQUEST['shorturl'])) { return array('statusCode' => 400, 'simple' => "Need a 'shorturl' parameter", 'message' => 'error: missing param'); } $shorturl = $_REQUEST['shorturl']; // Check if valid shorturl if (!yourls_is_shorturl($shorturl)) { return array('statusCode' => 404, 'simple ' => 'Error: short URL not found', 'message' => 'error: not found'); } // Is $shorturl a URL (http://sho.rt/abc) or a keyword (abc) ? if (yourls_get_protocol($shorturl)) { $keyword = yourls_get_relative_url($shorturl); } else { $keyword = $shorturl; } // Delete shorturl if (yourls_delete_link_by_keyword($keyword)) { return array('statusCode' => 200, 'simple' => "Shorturl {$shorturl} deleted", 'message' => 'success: deleted'); } else { return array('statusCode' => 500, 'simple' => 'Error: could not delete shorturl, not sure why :-/', 'message' => 'error: unknown error'); } }
/** * Rewrite logout link * * @param string $link Default element * @param string $show Allow muting * @return string Logout element (HTML) */ function lc_full_bootstrap_logout_link($link, $show = false) { if ($show && yourls_is_private() && defined('YOURLS_USER')) { return '<div class="navbar-right"><p class="navbar-text">' . sprintf(yourls__('Hello <strong>%s</strong>'), YOURLS_USER) . '</p><a href="?action=logout" title="' . yourls_esc_attr__('Logout') . '" class="btn btn-default navbar-btn"><i class="icon-signout"></i> ' . yourls__('Logout') . '</a></div>'; } else { return ''; } }
error_reporting(E_ERROR | E_PARSE); } // Include all functions require_once YOURLS_INC . '/version.php'; require_once YOURLS_INC . '/functions.php'; require_once YOURLS_INC . '/functions-plugins.php'; require_once YOURLS_INC . '/functions-formatting.php'; require_once YOURLS_INC . '/functions-api.php'; require_once YOURLS_INC . '/functions-kses.php'; require_once YOURLS_INC . '/functions-l10n.php'; require_once YOURLS_INC . '/functions-compat.php'; require_once YOURLS_INC . '/functions-html.php'; require_once YOURLS_INC . '/functions-http.php'; require_once YOURLS_INC . '/functions-infos.php'; // Load auth functions if needed if (yourls_is_private()) { require_once YOURLS_INC . '/functions-auth.php'; } // Load locale yourls_load_default_textdomain(); // Check if we are in maintenance mode - if yes, it will die here. yourls_check_maintenance_mode(); // Fix REQUEST_URI for IIS yourls_fix_request_uri(); // If request for an admin page is http:// and SSL is required, redirect if (yourls_is_admin() && yourls_needs_ssl() && !yourls_is_ssl()) { if (0 === strpos($_SERVER['REQUEST_URI'], 'http')) { yourls_redirect(preg_replace('|^http://|', 'https://', $_SERVER['REQUEST_URI'])); exit; } else { yourls_redirect('https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
function yourls_html_menu() { ?> <ul id="admin_menu"> <?php if (yourls_is_private()) { ?> <li>Hello <strong><?php echo YOURLS_USER; ?> </strong> (<a href="?mode=logout" title="Logout">Logout</a>)</li> <?php } ?> <li>Go to the <a href="<?php echo yourls_admin_url('index.php'); ?> ">Admin Interface</a></li> <li>Check the <a href="<?php echo yourls_admin_url('tools.php'); ?> ">Tools</a></li> <li>Read the <a href="<?php echo YOURLS_SITE; ?> /readme.html">Help</a></li> </ul> <?php }
/** * Display the admin menu * */ function yourls_html_menu() { // Build menu links if (defined('YOURLS_USER')) { $logout_link = yourls_apply_filter('logout_link', sprintf(yourls__('Hello <strong>%s</strong>'), YOURLS_USER) . ' (<a href="?action=logout" title="' . yourls_esc_attr__('Logout') . '">' . yourls__('Logout') . '</a>)'); } else { $logout_link = yourls_apply_filter('logout_link', ''); } $help_link = yourls_apply_filter('help_link', '<a href="' . yourls_site_url(false) . '/readme.html">' . yourls__('Help') . '</a>'); $admin_links = array(); $admin_sublinks = array(); $admin_links['admin'] = array('url' => yourls_admin_url('index.php'), 'title' => yourls__('Go to the admin interface'), 'anchor' => yourls__('Admin interface')); if (yourls_is_admin()) { $admin_links['tools'] = array('url' => yourls_admin_url('tools.php'), 'anchor' => yourls__('Tools')); $admin_links['plugins'] = array('url' => yourls_admin_url('plugins.php'), 'anchor' => yourls__('Manage Plugins')); $admin_sublinks['plugins'] = yourls_list_plugin_admin_pages(); } $admin_links = yourls_apply_filter('admin_links', $admin_links); $admin_sublinks = yourls_apply_filter('admin_sublinks', $admin_sublinks); // Now output menu echo '<nav role="navigation"><ul id="admin_menu">' . "\n"; if (yourls_is_private() && !empty($logout_link)) { echo '<li id="admin_menu_logout_link">' . $logout_link . '</li>'; } foreach ((array) $admin_links as $link => $ar) { if (isset($ar['url'])) { $anchor = isset($ar['anchor']) ? $ar['anchor'] : $link; $title = isset($ar['title']) ? 'title="' . $ar['title'] . '"' : ''; printf('<li id="admin_menu_%s_link" class="admin_menu_toplevel"><a href="%s" %s>%s</a>', $link, $ar['url'], $title, $anchor); } // Output submenu if any. TODO: clean up, too many code duplicated here if (isset($admin_sublinks[$link])) { echo "<ul>\n"; foreach ($admin_sublinks[$link] as $link => $ar) { if (isset($ar['url'])) { $anchor = isset($ar['anchor']) ? $ar['anchor'] : $link; $title = isset($ar['title']) ? 'title="' . $ar['title'] . '"' : ''; printf('<li id="admin_menu_%s_link" class="admin_menu_sublevel admin_menu_sublevel_%s"><a href="%s" %s>%s</a>', $link, $link, $ar['url'], $title, $anchor); } } echo "</ul>\n"; } } if (isset($help_link)) { echo '<li id="admin_menu_help_link">' . $help_link . '</li>'; } yourls_do_action('admin_menu'); echo "</ul></nav>\n"; yourls_do_action('admin_notices'); yourls_do_action('admin_notice'); // because I never remember if it's 'notices' or 'notice' /* To display a notice: $message = "<div>OMG, dude, I mean!</div>" ); yourls_add_action( 'admin_notices', create_function( '', "echo '$message';" ) ); */ }
/** * Check if an IP shortens URL too fast to prevent DB flood. Return true, or die. * */ function yourls_check_IP_flood($ip = '') { // Allow plugins to short-circuit the whole function $pre = yourls_apply_filter('shunt_check_IP_flood', false, $ip); if (false !== $pre) { return $pre; } yourls_do_action('pre_check_ip_flood', $ip); // at this point $ip can be '', check it if your plugin hooks in here // Raise white flag if installing or if no flood delay defined if (defined('YOURLS_FLOOD_DELAY_SECONDS') && YOURLS_FLOOD_DELAY_SECONDS === 0 || !defined('YOURLS_FLOOD_DELAY_SECONDS') || yourls_is_installing()) { return true; } // Don't throttle logged in users if (yourls_is_private()) { if (yourls_is_valid_user() === true) { return true; } } // Don't throttle whitelist IPs if (defined('YOURLS_FLOOD_IP_WHITELIST') && YOURLS_FLOOD_IP_WHITELIST) { $whitelist_ips = explode(',', YOURLS_FLOOD_IP_WHITELIST); foreach ((array) $whitelist_ips as $whitelist_ip) { $whitelist_ip = trim($whitelist_ip); if ($whitelist_ip == $ip) { return true; } } } $ip = $ip ? yourls_sanitize_ip($ip) : yourls_get_IP(); $ip = yourls_escape($ip); yourls_do_action('check_ip_flood', $ip); global $ydb; $table = YOURLS_DB_TABLE_URL; $lasttime = $ydb->get_var("SELECT `timestamp` FROM {$table} WHERE `ip` = '{$ip}' ORDER BY `timestamp` DESC LIMIT 1"); if ($lasttime) { $now = date('U'); $then = date('U', strtotime($lasttime)); if ($now - $then <= YOURLS_FLOOD_DELAY_SECONDS) { // Flood! yourls_do_action('ip_flood', $ip, $now - $then); yourls_die(yourls__('Too many URLs added too fast. Slow down please.'), yourls__('Forbidden'), 403); } } return true; }
function yourls_html_menu() { ?> <ul id="admin_menu"> <?php if (yourls_is_private()) { ?> <li>Hello <strong><?php echo YOURLS_USER; ?> </strong> (<a href="?action=logout" title="Logout">Logout</a>)</li> <?php } ?> <li><a href="<?php echo yourls_admin_url('index.php'); ?> ">Admin Interface</a></li> <?php if (yourls_is_admin()) { ?> <li><a href="<?php echo yourls_admin_url('tools.php'); ?> ">Tools</a></li> <li><a href="<?php echo yourls_admin_url('plugins.php'); ?> ">Plugins</a></li> <?php yourls_list_plugin_admin_pages(); ?> <li><a href="<?php yourls_site_url(); ?> /readme.html">Help</a></li> <?php yourls_do_action('admin_menu'); ?> <?php } ?> </ul> <?php yourls_do_action('admin_notices'); yourls_do_action('admin_notice'); // because I never remember if it's 'notices' or 'notice' /* To display a notice: $message = "<div>OMG, dude, I mean!</div>" ); yourls_add_action('admin_notices', create_function( '', "echo '$message';" ) ); */ }
function yourls_check_IP_flood($ip = '') { if (defined('YOURLS_FLOOD_DELAY_SECONDS') && YOURLS_FLOOD_DELAY_SECONDS === 0 || !defined('YOURLS_FLOOD_DELAY_SECONDS')) { return true; } $ip = $ip ? yourls_sanitize_ip($ip) : yourls_get_IP(); // Don't throttle whitelist IPs if (defined('YOURLS_FLOOD_IP_WHITELIST' && YOURLS_FLOOD_IP_WHITELIST)) { $whitelist_ips = explode(',', YOURLS_FLOOD_IP_WHITELIST); foreach ($whitelist_ips as $whitelist_ip) { $whitelist_ip = trim($whitelist_ip); if ($whitelist_ip == $ip) { return true; } } } // Don't throttle logged in users if (yourls_is_private()) { if (yourls_is_valid_user() === true) { return true; } } global $ydb; $table = YOURLS_DB_TABLE_URL; $lasttime = $ydb->get_var("SELECT `timestamp` FROM {$table} WHERE `ip` = '{$ip}' ORDER BY `timestamp` DESC LIMIT 1"); if ($lasttime) { $now = date('U'); $then = date('U', strtotime($lasttime)); if ($now - $then <= YOURLS_FLOOD_DELAY_SECONDS) { // Flood! yourls_die('Too many URLs added too fast. Slow down please.', 'Forbidden', 403); } } return true; }