function temp_instead_admin_page_do() { if (isset($_POST['temp_instead_mode'])) { yourls_verify_nonce('temp_instead'); temp_instead_admin_page_update(); } $mode = intval(yourls_get_option('temp_instead_mode', 1)); $nonce = yourls_create_nonce('temp_instead'); // If the option hasn't been added previously, we add the default value of everything using // 302 redirects. echo '<h2>302-Redirect Redirection Rules</h2>'; echo '<p>This plugin allows you to configure how the 302-redirect plugin operates.</p>'; echo '<form method="post">'; echo '<input type="hidden" name="nonce" value="' . $nonce . '" />'; echo '<label for="temp_instead_mode">Select Redirect Mode:</label>'; echo '<select id="temp_instead_mode" name="temp_instead_mode">'; $opt1 = $mode == 1 ? ' selected' : ''; $opt2 = $mode == 2 ? ' selected' : ''; $opt3 = $mode == 3 ? ' selected' : ''; echo '<option value=1' . $opt1 . '>Redirect all using 302 temporary redirect</option>'; echo '<option value=2' . $opt2 . '>Redirect all using 301 permanent redirect</option>'; echo '<option value=3' . $opt3 . '>Redirect full URLs using 302 and short URLs using 301</option>'; echo '<p><input type="submit" value="Update Redirect Mode" /></p>'; echo '</select>'; echo '</form>'; }
function gmo_domain_swap_do_page() { // Check if a form was submitted if (isset($_POST['domain_swap_values'])) { // Check nonce yourls_verify_nonce('domain_swap'); // Process form gmo_domain_swap_update_option(); } // Get value from database $domain_swap_values = yourls_get_option('domain_swap_values'); $domain_swap_values_json = json_decode($domain_swap_values); $domain_swap_values_list = ''; $count_domains = count($domain_swap_values_json->domains) + 1; foreach ($domain_swap_values_json->domains as $domain) { $domain_swap_values_list .= $domain . PHP_EOL; } $domain_swap_values_list = trim($domain_swap_values_list); // Create nonce $nonce = yourls_create_nonce('domain_swap'); echo <<<HTML <h2>Domain Swap Configuration Page</h2> <p>Enter here a list with domain names you want to swap from.</p> <form method="post"> <input type="hidden" name="nonce" value="{$nonce}" /> <p><label for="domain_swap_values">Domains: </label></p> <P><textarea rows="{$count_domains}" cols="50" name="domain_swap_values">{$domain_swap_values_list}</textarea></p> <p>Notes:</p> <ul> <li>One entry per line</li> <li>No trailing slash</li> <li>No protocol</li> <li>e.g. <ul> <li>[ok] example.com</li> <li>[ok] sub.example.com</li> <li>[bad] http://example.com</li> <li>[bad] example.com/</li> </ul> </li> </ul> <p><input type="submit" value="Update value" /></p> </form> HTML; }
function adminreCaptcha_config_page() { if (isset($_POST['abdulrauf_adminreCaptcha_public_key'])) { yourls_verify_nonce('abdulrauf_adminreCaptcha_nonce'); abdulrauf_adminreCaptcha_save_admin(); } $nonce = yourls_create_nonce('abdulrauf_adminreCaptcha_nonce'); $pubkey = yourls_get_option('abdulrauf_adminreCaptcha_pub_key', ""); $privkey = yourls_get_option('abdulrauf_adminreCaptcha_priv_key', ""); echo '<h2>Admin reCaptcha plugin settings</h2>'; echo '<form method="post">'; echo '<input type="hidden" name="nonce" value="' . $nonce . '" />'; echo '<p><label for="abdulrauf_adminreCaptcha_public_key">reCaptcha site key: </label>'; echo '<input type="text" id="abdulrauf_adminreCaptcha_public_key" name="abdulrauf_adminreCaptcha_public_key" value="' . $pubkey . '"></p>'; echo '<p><label for="abdulrauf_adminreCaptcha_private_key">reCaptcha secret key: </label>'; echo '<input type="text" id="abdulrauf_adminreCaptcha_private_key" name="abdulrauf_adminreCaptcha_private_key" value="' . $privkey . '"></p>'; echo '<input type="submit" value="Save"/>'; echo '</form>'; }
function ozh_yourls_samplepage_do_page() { // Check if a form was submitted if (isset($_POST['test_option'])) { // Check nonce yourls_verify_nonce('sample_page'); // Process form ozh_yourls_samplepage_update_option(); } // Get value from database $test_option = yourls_get_option('test_option'); // Create nonce $nonce = yourls_create_nonce('sample_page'); echo <<<HTML \t\t<h2>Sample Plugin Administration Page</h2> \t\t<p>This plugin stores an integer in the option database</p> \t\t<form method="post"> \t\t<input type="hidden" name="nonce" value="{$nonce}" /> \t\t<p><label for="test_option">Enter an integer</label> <input type="text" id="test_option" name="test_option" value="{$test_option}" /></p> \t\t<p><input type="submit" value="Update value" /></p> \t\t</form> HTML; }
// Pick action $action = $_REQUEST['action']; switch ($action) { case 'add': yourls_verify_nonce('add_url', $_REQUEST['nonce'], false, 'omg error'); $return = yourls_add_new_link($_REQUEST['url'], $_REQUEST['keyword']); echo json_encode($return); break; case 'edit_display': yourls_verify_nonce('edit-link_' . $_REQUEST['id'], $_REQUEST['nonce'], false, 'omg error'); $row = yourls_table_edit_row($_REQUEST['keyword']); echo json_encode(array('html' => $row)); break; case 'edit_save': yourls_verify_nonce('edit-save_' . $_REQUEST['id'], $_REQUEST['nonce'], false, 'omg error'); $return = yourls_edit_link($_REQUEST['url'], $_REQUEST['keyword'], $_REQUEST['newkeyword'], $_REQUEST['title']); echo json_encode($return); break; case 'delete': yourls_verify_nonce('delete-link_' . $_REQUEST['id'], $_REQUEST['nonce'], false, 'omg error'); $query = yourls_delete_link_by_keyword($_REQUEST['keyword']); echo json_encode(array('success' => $query)); break; case 'logout': // unused for the moment yourls_logout(); break; default: yourls_do_action('yourls_ajax_' . $action); } die;
<?php define('YOURLS_ADMIN', true); require_once dirname(dirname(__FILE__)) . '/includes/load-yourls.php'; yourls_maybe_require_auth(); // Handle plugin administration pages if (isset($_GET['page']) && !empty($_GET['page'])) { yourls_plugin_admin_page($_GET['page']); } // Handle activation/deactivation of plugins if (isset($_GET['action'])) { // Check nonce yourls_verify_nonce('manage_plugins', $_REQUEST['nonce']); // Check plugin file is valid if (isset($_GET['plugin']) && yourls_validate_plugin_file(YOURLS_PLUGINDIR . '/' . $_GET['plugin'] . '/plugin.php')) { global $ydb; // Activate / Deactive switch ($_GET['action']) { case 'activate': $result = yourls_activate_plugin($_GET['plugin'] . '/plugin.php'); if ($result === true) { yourls_redirect(yourls_admin_url('plugins.php?success=activated'), 302); } break; case 'deactivate': $result = yourls_deactivate_plugin($_GET['plugin'] . '/plugin.php'); if ($result === true) { yourls_redirect(yourls_admin_url('plugins.php?success=deactivated'), 302); } break; default:
function spb_recaptcha_configpage_display() { if (isset($_POST['spb_recaptcha_public_key'])) { yourls_verify_nonce('spb_recaptcha_nonce'); spb_recaptcha_save_admin(); } $nonce = yourls_create_nonce('spb_recaptcha_nonce'); $pubkey = yourls_get_option('spb_recaptcha_pub_key', ""); $privkey = yourls_get_option('spb_recaptcha_priv_key', ""); $solvemediaCKey = yourls_get_option('spb_recaptcha_solvemediaCKey', ""); $solvemediaVKey = yourls_get_option('spb_recaptcha_solvemediaVKey', ""); $solvemediaHKey = yourls_get_option('spb_recaptcha_solvemediaHKey', ""); echo '<h2>reCaptcha plugin settings</h2>'; echo '<form method="post">'; echo '<input type="hidden" name="nonce" value="' . $nonce . '" />'; echo '<p><label for="spb_recaptcha_public_key">reCaptcha site key: </label>'; echo '<input type="text" id="spb_recaptcha_public_key" name="spb_recaptcha_public_key" value="' . $pubkey . '"></p>'; echo '<p><label for="spb_recaptcha_private_key">reCaptcha secret key: </label>'; echo '<input type="text" id="spb_recaptcha_private_key" name="spb_recaptcha_private_key" value="' . $privkey . '"></p>'; echo '<hr/>'; echo '<p><label for="spb_recaptcha_solvemediaCKey">Solve Media Challenge Key (C-key): </label>'; echo '<input type="text" id="spb_recaptcha_solvemediaCKey" name="spb_recaptcha_solvemediaCKey" value="' . $solvemediaCKey . '"></p>'; echo '<p><label for="spb_recaptcha_solvemediaVKey">Solve Media Verification Key (V-key): </label>'; echo '<input type="text" id="spb_recaptcha_solvemediaVKey" name="spb_recaptcha_solvemediaVKey" value="' . $solvemediaVKey . '"></p>'; echo '<p><label for="spb_recaptcha_solvemediaHKey">Solve Media Authentication Hash Key (H-key): </label>'; echo '<input type="text" id="spb_recaptcha_solvemediaHKey" name="spb_recaptcha_solvemediaHKey" value="' . $solvemediaHKey . '"></p>'; echo '<input type="submit"/>'; echo '</form>'; }
/** * Action: yourls_ajax_laemmi_edit_ldapgroup_save */ public function action_yourls_ajax_laemmi_edit_ldapgroup_save() { $keyword = yourls_sanitize_string($this->getRequest('keyword')); $nonce = $this->getRequest('nonce'); $id = yourls_string2htmlid($keyword); yourls_verify_nonce('laemmi_edit_ldapgroup_save_' . $id, $nonce, false, 'omg error'); $this->action_insert_link(['', '', $keyword, '', '', '']); $return = []; $return['status'] = 'success'; $return['message'] = yourls__('Link updated in database', self::APP_NAMESPACE); echo json_encode($return); }