/** * Make sure a link keyword (ie "1fv" as in "site.com/1fv") is valid. * */ function yourls_sanitize_string($string) { // make a regexp pattern with the shorturl charset, and remove everything but this $pattern = yourls_make_regexp_pattern(yourls_get_shorturl_charset()); $valid = substr(preg_replace('![^' . $pattern . ']!', '', $string), 0, 199); return yourls_apply_filter('sanitize_string', $valid, $string); }
function ozh_preview_loader_failed($args) { $request = $args[0]; $pattern = yourls_make_regexp_pattern(yourls_get_shorturl_charset()); if (preg_match("@^([{$pattern}]+)" . OZH_PREVIEW_CHAR . "\$@", $request, $matches)) { $keyword = isset($matches[1]) ? $matches[1] : ''; $keyword = yourls_sanitize_keyword($keyword); ozh_preview_show($keyword); die; } }
echo base64_decode("R0lGODlhEAAQAJECAAAAzFZWzP///wAAACH5BAEAAAIALAAAAAAQABAAAAIplI+py+0PUQAgSGoNQFt0LWTVOE6GuX1H6onTVHaW2tEHnJ1YxPc+UwAAOw=="); exit; } // Handle inexistent root robots.txt requests and exit if ('/robots.txt' == $_SERVER['REQUEST_URI']) { header('Content-Type: text/plain; charset=utf-8'); echo "User-agent: *\n"; echo "Disallow:\n"; exit; } // Start YOURLS require_once dirname(__FILE__) . '/includes/load-yourls.php'; // Get request in YOURLS base (eg in 'http://site.com/yourls/abcd' get 'abdc') $request = yourls_get_request(); // Make valid regexp pattern from authorized charset in keywords $pattern = yourls_make_regexp_pattern(yourls_get_shorturl_charset()); // Now load required template and exit yourls_do_action('pre_load_template', $request); // At this point, $request is not sanitized. Sanitize in loaded template. // Redirection: if (preg_match("@^([{$pattern}]+)/?\$@", $request, $matches)) { $keyword = isset($matches[1]) ? $matches[1] : ''; $keyword = yourls_sanitize_keyword($keyword); yourls_do_action('load_template_go', $keyword); require_once YOURLS_ABSPATH . '/yourls-go.php'; exit; } // Stats: if (preg_match("@^([{$pattern}]+)\\+(all)?/?\$@", $request, $matches)) { $keyword = isset($matches[1]) ? $matches[1] : ''; $keyword = yourls_sanitize_keyword($keyword);