/** * Pick the right DB class and return an instance * * @since 1.7 * @param string $extension Optional: user defined choice * @return class $ydb DB class instance */ function yourls_set_DB_driver() { // Auto-pick the driver. Priority: user defined, then PDO, then mysqli, then mysql if (defined('YOURLS_DB_DRIVER')) { $driver = strtolower(YOURLS_DB_DRIVER); // accept 'MySQL', 'mySQL', etc } elseif (extension_loaded('pdo_mysql')) { $driver = 'pdo'; } elseif (extension_loaded('mysqli')) { $driver = 'mysqli'; } elseif (extension_loaded('mysql')) { $driver = 'mysql'; } else { $driver = ''; } // Set the new driver if (in_array($driver, array('mysql', 'mysqli', 'pdo'))) { require_once YOURLS_INC . '/ezSQL/ez_sql_core.php'; require_once YOURLS_INC . '/ezSQL/ez_sql_core_yourls.php'; require_once YOURLS_INC . '/ezSQL/ez_sql_' . $driver . '.php'; require_once YOURLS_INC . '/ezSQL/ez_sql_' . $driver . '_yourls.php'; } $class = 'ezSQL_' . $driver . '_yourls'; global $ydb; if (!class_exists($class, false)) { $ydb = new stdClass(); yourls_die(yourls__('YOURLS requires the mysql, mysqli or pdo_mysql PHP extension. No extension found. Check your server config, or contact your host.'), yourls__('Fatal error'), 503); } yourls_do_action('set_DB_driver', $driver); $ydb = new $class(YOURLS_DB_USER, YOURLS_DB_PASS, YOURLS_DB_NAME, YOURLS_DB_HOST); yourls_debug_log("DB driver: {$driver}"); }
/** * Check if server has MySQL 5.0+ * */ function yourls_check_database_version() { global $ydb; // Attempt to get MySQL server version, check result and if error count increased $num_errors1 = count($ydb->captured_errors); $version = yourls_get_database_version(); $num_errors2 = count($ydb->captured_errors); if ($version == NULL || $num_errors2 > $num_errors1) { yourls_die(yourls__('Incorrect DB config, or could not connect to DB'), yourls__('Fatal error'), 503); } return version_compare('5.0', $version) <= 0; }
function ozh_yourls_antispam_check_redirect($url, $keyword = false) { if (is_array($url) && $keyword == false) { $keyword = $url[1]; $url = $url[0]; } // Check when the link was added // If shorturl is fresh (ie probably clicked more often?) check once every 15 times, otherwise once every 5 times // Define fresh = 3 days = 259200 secondes // TODO: when there's a shorturl_meta table, store last check date to allow checking every 2 or 3 days $now = date('U'); $then = date('U', strtotime(yourls_get_keyword_timestamp($keyword))); $chances = $now - $then > 259200 ? 15 : 5; if ($chances == mt_rand(1, $chances)) { if (ozh_yourls_antispam_is_blacklisted($url) != false) { // Delete link & die yourls_delete_link_by_keyword($keyword); yourls_die('This domain has been blacklisted. This short URL has been deleted from our record.', 'Domain blacklisted', '403'); } } // Nothing, move along }
// This file initialize everything needed for YOURLS // Include settings if (file_exists(dirname(__FILE__) . '/config.php')) { // config.php in /includes/ require_once dirname(__FILE__) . '/config.php'; } elseif (file_exists(dirname(dirname(__FILE__)) . '/user/config.php')) { // config.php in /user/ require_once dirname(dirname(__FILE__)) . '/user/config.php'; } else { // config.php not found :( die('<p class="error">Cannot find <tt>config.php</tt>.</p><p>Please read the <tt>readme.html</tt> to learn how to install YOURLS</p>'); } // Check if config.php was properly updated for 1.4 if (!defined('YOURLS_DB_PREFIX')) { yourls_die('<p class="error">Your <tt>config.php</tt> does not contain all the required constant definitions.</p><p>Please check <tt>config-sample.php</tt> and update your config accordingly, there are new stuffs!</p>'); } // Define core constants that have not been user defined in config.php // physical path of YOURLS root if (!defined('YOURLS_ABSPATH')) { define('YOURLS_ABSPATH', str_replace('\\', '/', dirname(dirname(__FILE__)))); } // physical path of includes directory if (!defined('YOURLS_INC')) { define('YOURLS_INC', YOURLS_ABSPATH . '/includes'); } // physical path of user directory if (!defined('YOURLS_USERDIR')) { define('YOURLS_USERDIR', YOURLS_ABSPATH . '/user'); } // URL of user directory
/** * Handle plugin administration page * */ function yourls_plugin_admin_page($plugin_page) { global $ydb; // Check the plugin page is actually registered if (!isset($ydb->plugin_pages[$plugin_page])) { yourls_die('This page does not exist. Maybe a plugin you thought was activated is inactive?', 'Invalid link'); } // Draw the page itself yourls_do_action('load-' . $plugin_page); yourls_html_head('plugin_page_' . $plugin_page, $ydb->plugin_pages[$plugin_page]['title']); yourls_html_logo(); yourls_html_menu(); call_user_func($ydb->plugin_pages[$plugin_page]['function']); yourls_html_footer(); die; }
/** * Display a page * */ function yourls_page($page) { $include = YOURLS_ABSPATH . "/pages/{$page}.php"; if (!file_exists($include)) { yourls_die("Page '{$page}' not found", 'Not found', 404); } yourls_do_action('pre_page', $page); include_once $include; yourls_do_action('post_page', $page); die; }
/** * Check for maintenance mode. If yes, die. See yourls_maintenance_mode(). Stolen from WP. * */ function yourls_check_maintenance_mode() { $file = YOURLS_ABSPATH . '/.maintenance'; if (!file_exists($file) || yourls_is_upgrading() || yourls_is_installing()) { return; } global $maintenance_start; include_once $file; // If the $maintenance_start timestamp is older than 10 minutes, don't die. if (time() - $maintenance_start >= 600) { return; } // Use any /user/maintenance.php file if (file_exists(YOURLS_USERDIR . '/maintenance.php')) { include_once YOURLS_USERDIR . '/maintenance.php'; die; } // https://www.youtube.com/watch?v=Xw-m4jEY-Ns $title = yourls__('Service temporarily unavailable'); $message = yourls__('Our service is currently undergoing scheduled maintenance.') . "</p>\n<p>" . yourls__('Things should not last very long, thank you for your patience and please excuse the inconvenience'); yourls_die($message, $title, 503); }
/** * Die with a DB error message * * @TODO in version 1.8 : use a new localized string, specific to the problem (ie: "DB is dead") * * @since 1.7.1 */ function yourls_db_dead() { // Use any /user/db_error.php file if (file_exists(YOURLS_USERDIR . '/db_error.php')) { include_once YOURLS_USERDIR . '/db_error.php'; die; } yourls_die(yourls__('Incorrect DB config, or could not connect to DB'), yourls__('Fatal error'), 503); }
function yourls_check_IP_flood($ip = '') { if (defined('YOURLS_FLOOD_DELAY_SECONDS') && YOURLS_FLOOD_DELAY_SECONDS === 0 || !defined('YOURLS_FLOOD_DELAY_SECONDS')) { return true; } $ip = $ip ? yourls_sanitize_ip($ip) : yourls_get_IP(); // Don't throttle whitelist IPs if (defined('YOURLS_FLOOD_IP_WHITELIST' && YOURLS_FLOOD_IP_WHITELIST)) { $whitelist_ips = explode(',', YOURLS_FLOOD_IP_WHITELIST); foreach ($whitelist_ips as $whitelist_ip) { $whitelist_ip = trim($whitelist_ip); if ($whitelist_ip == $ip) { return true; } } } // Don't throttle logged in users if (yourls_is_private()) { if (yourls_is_valid_user() === true) { return true; } } global $ydb; $table = YOURLS_DB_TABLE_URL; $lasttime = $ydb->get_var("SELECT `timestamp` FROM {$table} WHERE `ip` = '{$ip}' ORDER BY `timestamp` DESC LIMIT 1"); if ($lasttime) { $now = date('U'); $then = date('U', strtotime($lasttime)); if ($now - $then <= YOURLS_FLOOD_DELAY_SECONDS) { // Flood! yourls_die('Too many URLs added too fast. Slow down please.', 'Forbidden', 403); } } return true; }
function yourls_check_maintenance_mode() { // TODO: all cases that always display the sites (is_admin but not is_ajax?) if (1) { return; } // first case: /user/maintenance.php file if (file_exists(YOURLS_USERDIR . '/maintenance.php')) { include YOURLS_USERDIR . '/maintenance.php'; die; } // second case: option in DB if (yourls_get_option('maintenance_mode') !== false) { require_once YOURLS_INC . '/functions-html.php'; $title = 'Service temporarily unavailable'; $message = 'Our service is currently undergoing scheduled maintenance.</p> <p>Things should not last very long, thank you for your patience and please excuse the inconvenience'; yourls_die($message, $title, 503); } }