function aa_shunt_geo_ip_to_countrycode($location = '', $ip = '', $default = '') { if ($ip == '') { $ip = yourls_get_IP(); } $c = curl_init(); curl_setopt($c, CURLOPT_RETURNTRANSFER, 1); curl_setopt($c, CURLOPT_URL, "http://geoiplookup.net/geoapi.php?output=json&ipaddress=" . $ip); curl_setopt($c, CURLOPT_TIMEOUT, 2); $contents = curl_exec($c); curl_close($c); if ($contents && $contents != "") { $location = JSON_DECODE($contents); } if (is_object($location) && isset($location->countryCode)) { return $location->countryCode; } return false; }
/** * Check if an IP shortens URL too fast to prevent DB flood. Return true, or die. * */ function yourls_check_IP_flood($ip = '') { // Allow plugins to short-circuit the whole function $pre = yourls_apply_filter('shunt_check_IP_flood', false, $ip); if (false !== $pre) { return $pre; } yourls_do_action('pre_check_ip_flood', $ip); // at this point $ip can be '', check it if your plugin hooks in here // Raise white flag if installing or if no flood delay defined if (defined('YOURLS_FLOOD_DELAY_SECONDS') && YOURLS_FLOOD_DELAY_SECONDS === 0 || !defined('YOURLS_FLOOD_DELAY_SECONDS') || yourls_is_installing()) { return true; } // Don't throttle logged in users if (yourls_is_private()) { if (yourls_is_valid_user() === true) { return true; } } // Don't throttle whitelist IPs if (defined('YOURLS_FLOOD_IP_WHITELIST') && YOURLS_FLOOD_IP_WHITELIST) { $whitelist_ips = explode(',', YOURLS_FLOOD_IP_WHITELIST); foreach ((array) $whitelist_ips as $whitelist_ip) { $whitelist_ip = trim($whitelist_ip); if ($whitelist_ip == $ip) { return true; } } } $ip = $ip ? yourls_sanitize_ip($ip) : yourls_get_IP(); $ip = yourls_escape($ip); yourls_do_action('check_ip_flood', $ip); global $ydb; $table = YOURLS_DB_TABLE_URL; $lasttime = $ydb->get_var("SELECT `timestamp` FROM {$table} WHERE `ip` = '{$ip}' ORDER BY `timestamp` DESC LIMIT 1"); if ($lasttime) { $now = date('U'); $then = date('U', strtotime($lasttime)); if ($now - $then <= YOURLS_FLOOD_DELAY_SECONDS) { // Flood! yourls_do_action('ip_flood', $ip, $now - $then); yourls_die(yourls__('Too many URLs added too fast. Slow down please.'), yourls__('Forbidden'), 403); } } return true; }
function yourls_check_IP_flood($ip = '') { if (defined('YOURLS_FLOOD_DELAY_SECONDS') && YOURLS_FLOOD_DELAY_SECONDS === 0 || !defined('YOURLS_FLOOD_DELAY_SECONDS')) { return true; } $ip = $ip ? yourls_sanitize_ip($ip) : yourls_get_IP(); // Don't throttle whitelist IPs if (defined('YOURLS_FLOOD_IP_WHITELIST' && YOURLS_FLOOD_IP_WHITELIST)) { $whitelist_ips = explode(',', YOURLS_FLOOD_IP_WHITELIST); foreach ($whitelist_ips as $whitelist_ip) { $whitelist_ip = trim($whitelist_ip); if ($whitelist_ip == $ip) { return true; } } } // Don't throttle logged in users if (yourls_is_private()) { if (yourls_is_valid_user() === true) { return true; } } global $ydb; $table = YOURLS_DB_TABLE_URL; $lasttime = $ydb->get_var("SELECT `timestamp` FROM {$table} WHERE `ip` = '{$ip}' ORDER BY `timestamp` DESC LIMIT 1"); if ($lasttime) { $now = date('U'); $then = date('U', strtotime($lasttime)); if ($now - $then <= YOURLS_FLOOD_DELAY_SECONDS) { // Flood! yourls_die('Too many URLs added too fast. Slow down please.', 'Forbidden', 403); } } return true; }