function clayton_api_action_delete()
{
// We don't want unauthenticated users deleting links
// If YOURLS is in public mode, force authentication anyway
if (!yourls_is_private()) {
yourls_do_action('require_auth');
require_once YOURLS_INC . '/auth.php';
}
// Need 'shorturl' parameter
if (!isset($_REQUEST['shorturl'])) {
return array('statusCode' => 400, 'simple' => "Need a 'shorturl' parameter", 'message' => 'error: missing param');
}
$shorturl = $_REQUEST['shorturl'];
// Check if valid shorturl
if (!yourls_is_shorturl($shorturl)) {
return array('statusCode' => 404, 'simple ' => 'Error: short URL not found', 'message' => 'error: not found');
}
// Is $shorturl a URL (http://sho.rt/abc) or a keyword (abc) ?
if (yourls_get_protocol($shorturl)) {
$keyword = yourls_get_relative_url($shorturl);
} else {
$keyword = $shorturl;
}
// Delete shorturl
if (yourls_delete_link_by_keyword($keyword)) {
return array('statusCode' => 200, 'simple' => "Shorturl {$shorturl} deleted", 'message' => 'success: deleted');
} else {
return array('statusCode' => 500, 'simple' => 'Error: could not delete shorturl, not sure why :-/', 'message' => 'error: unknown error');
}
}
function ozh_yourls_antispam_check_redirect($url, $keyword = false)
{
if (is_array($url) && $keyword == false) {
$keyword = $url[1];
$url = $url[0];
}
// Check when the link was added
// If shorturl is fresh (ie probably clicked more often?) check once every 15 times, otherwise once every 5 times
// Define fresh = 3 days = 259200 secondes
// TODO: when there's a shorturl_meta table, store last check date to allow checking every 2 or 3 days
$now = date('U');
$then = date('U', strtotime(yourls_get_keyword_timestamp($keyword)));
$chances = $now - $then > 259200 ? 15 : 5;
if ($chances == mt_rand(1, $chances)) {
if (ozh_yourls_antispam_is_blacklisted($url) != false) {
// Delete link & die
yourls_delete_link_by_keyword($keyword);
yourls_die('This domain has been blacklisted. This short URL has been deleted from our record.', 'Domain blacklisted', '403');
}
}
// Nothing, move along
}
// Pick action
$action = $_REQUEST['action'];
switch ($action) {
case 'add':
yourls_verify_nonce('add_url', $_REQUEST['nonce'], false, 'omg error');
$return = yourls_add_new_link($_REQUEST['url'], $_REQUEST['keyword']);
echo json_encode($return);
break;
case 'edit_display':
yourls_verify_nonce('edit-link_' . $_REQUEST['id'], $_REQUEST['nonce'], false, 'omg error');
$row = yourls_table_edit_row($_REQUEST['keyword']);
echo json_encode(array('html' => $row));
break;
case 'edit_save':
yourls_verify_nonce('edit-save_' . $_REQUEST['id'], $_REQUEST['nonce'], false, 'omg error');
$return = yourls_edit_link($_REQUEST['url'], $_REQUEST['keyword'], $_REQUEST['newkeyword'], $_REQUEST['title']);
echo json_encode($return);
break;
case 'delete':
yourls_verify_nonce('delete-link_' . $_REQUEST['id'], $_REQUEST['nonce'], false, 'omg error');
$query = yourls_delete_link_by_keyword($_REQUEST['keyword']);
echo json_encode(array('success' => $query));
break;
case 'logout':
// unused for the moment
yourls_logout();
break;
default:
yourls_do_action('yourls_ajax_' . $action);
}
die;
function yourls_add_new_link($url, $keyword = '')
{
global $ydb;
if (!$url || $url == 'http://' || $url == 'https://') {
$return['status'] = 'fail';
$return['code'] = 'error:nourl';
$return['message'] = 'Missing URL input';
$return['errorCode'] = '400';
return $return;
}
// Prevent DB flood
$ip = yourls_get_IP();
yourls_check_IP_flood($ip);
// Prevent internal redirection loops: cannot shorten a shortened URL
$url = yourls_escape(yourls_sanitize_url($url));
if (preg_match('!^' . YOURLS_SITE . '/!', $url)) {
if (yourls_is_shorturl($url)) {
$return['status'] = 'fail';
$return['code'] = 'error:noloop';
$return['message'] = 'URL is a short URL';
$return['errorCode'] = '400';
return $return;
}
}
$table = YOURLS_DB_TABLE_URL;
$strip_url = stripslashes($url);
$url_exists = $ydb->get_row("SELECT keyword,url FROM `{$table}` WHERE `url` = '" . $strip_url . "';");
$return = array();
// New URL : store it -- or: URL exists, but duplicates allowed
if (!$url_exists || yourls_allow_duplicate_longurls()) {
// Custom keyword provided
if ($keyword) {
$keyword = yourls_escape(yourls_sanitize_string($keyword));
if (!yourls_keyword_is_free($keyword)) {
// This shorturl either reserved or taken already
$return['status'] = 'fail';
$return['code'] = 'error:keyword';
$return['message'] = 'Short URL ' . $keyword . ' already exists in database or is reserved';
} else {
// all clear, store !
yourls_insert_link_in_db($url, $keyword);
$return['url'] = array('keyword' => $keyword, 'url' => $strip_url, 'date' => date('Y-m-d H:i:s'), 'ip' => $ip);
$return['status'] = 'success';
$return['message'] = $strip_url . ' added to database';
$return['html'] = yourls_table_add_row($keyword, $url, $ip, 0, time());
$return['shorturl'] = YOURLS_SITE . '/' . $keyword;
}
// Create random keyword
} else {
$timestamp = date('Y-m-d H:i:s');
$id = yourls_get_next_decimal();
$ok = false;
do {
$keyword = yourls_int2string($id);
$free = yourls_keyword_is_free($keyword);
$add_url = @yourls_insert_link_in_db($url, $keyword);
$ok = $free && $add_url;
if ($ok === false && $add_url === 1) {
// we stored something, but shouldn't have (ie reserved id)
$delete = yourls_delete_link_by_keyword($keyword);
$return['extra_info'] .= '(deleted ' . $keyword . ')';
} else {
// everything ok, populate needed vars
$return['url'] = array('keyword' => $keyword, 'url' => $strip_url, 'date' => $timestamp, 'ip' => $ip);
$return['status'] = 'success';
$return['message'] = $strip_url . ' added to database';
$return['html'] = yourls_table_add_row($keyword, $url, $ip, 0, time());
$return['shorturl'] = YOURLS_SITE . '/' . $keyword;
}
$id++;
} while (!$ok);
@yourls_update_next_decimal($id);
}
} else {
// URL was already stored
$return['status'] = 'fail';
$return['code'] = 'error:url';
$return['message'] = $strip_url . ' already exists in database';
$return['shorturl'] = YOURLS_SITE . '/' . $url_exists->keyword;
}
$return['statusCode'] = 200;
// regardless of result, this is still a valid request
return $return;
}
/**
* Add a new link in the DB, either with custom keyword, or find one
*
*/
function yourls_add_new_link($url, $keyword = '', $title = '')
{
global $ydb;
// Allow plugins to short-circuit the whole function
$pre = yourls_apply_filter('shunt_add_new_link', false, $url, $keyword, $title);
if (false !== $pre) {
return $pre;
}
$url = yourls_encodeURI($url);
$url = yourls_escape(yourls_sanitize_url($url));
if (!$url || $url == 'http://' || $url == 'https://') {
$return['status'] = 'fail';
$return['code'] = 'error:nourl';
$return['message'] = yourls__('Missing or malformed URL');
$return['errorCode'] = '400';
return yourls_apply_filter('add_new_link_fail_nourl', $return, $url, $keyword, $title);
}
// Prevent DB flood
$ip = yourls_get_IP();
yourls_check_IP_flood($ip);
// Prevent internal redirection loops: cannot shorten a shortened URL
if (yourls_get_relative_url($url)) {
if (yourls_is_shorturl($url)) {
$return['status'] = 'fail';
$return['code'] = 'error:noloop';
$return['message'] = yourls__('URL is a short URL');
$return['errorCode'] = '400';
return yourls_apply_filter('add_new_link_fail_noloop', $return, $url, $keyword, $title);
}
}
yourls_do_action('pre_add_new_link', $url, $keyword, $title);
$strip_url = stripslashes($url);
$return = array();
// duplicates allowed or new URL => store it
if (yourls_allow_duplicate_longurls() || !($url_exists = yourls_url_exists($url))) {
if (isset($title) && !empty($title)) {
$title = yourls_sanitize_title($title);
} else {
$title = yourls_get_remote_title($url);
}
$title = yourls_apply_filter('add_new_title', $title, $url, $keyword);
// Custom keyword provided
if ($keyword) {
yourls_do_action('add_new_link_custom_keyword', $url, $keyword, $title);
$keyword = yourls_escape(yourls_sanitize_string($keyword));
$keyword = yourls_apply_filter('custom_keyword', $keyword, $url, $title);
if (!yourls_keyword_is_free($keyword)) {
// This shorturl either reserved or taken already
$return['status'] = 'fail';
$return['code'] = 'error:keyword';
$return['message'] = yourls_s('Short URL %s already exists in database or is reserved', $keyword);
} else {
// all clear, store !
yourls_insert_link_in_db($url, $keyword, $title);
$return['url'] = array('keyword' => $keyword, 'url' => $strip_url, 'title' => $title, 'date' => date('Y-m-d H:i:s'), 'ip' => $ip);
$return['status'] = 'success';
$return['message'] = yourls_s('%s added to database', yourls_trim_long_string($strip_url));
$return['title'] = $title;
$return['html'] = yourls_table_add_row($keyword, $url, $title, $ip, 0, time());
$return['shorturl'] = YOURLS_SITE . '/' . $keyword;
}
// Create random keyword
} else {
yourls_do_action('add_new_link_create_keyword', $url, $keyword, $title);
$timestamp = date('Y-m-d H:i:s');
$id = yourls_get_next_decimal();
$ok = false;
do {
$keyword = yourls_int2string($id);
$keyword = yourls_apply_filter('random_keyword', $keyword, $url, $title);
$free = yourls_keyword_is_free($keyword);
$add_url = @yourls_insert_link_in_db($url, $keyword, $title);
$ok = $free && $add_url;
if ($ok === false && $add_url === 1) {
// we stored something, but shouldn't have (ie reserved id)
$delete = yourls_delete_link_by_keyword($keyword);
$return['extra_info'] .= '(deleted ' . $keyword . ')';
} else {
// everything ok, populate needed vars
$return['url'] = array('keyword' => $keyword, 'url' => $strip_url, 'title' => $title, 'date' => $timestamp, 'ip' => $ip);
$return['status'] = 'success';
$return['message'] = yourls_s('%s added to database', yourls_trim_long_string($strip_url));
$return['title'] = $title;
$return['html'] = yourls_table_add_row($keyword, $url, $title, $ip, 0, time());
$return['shorturl'] = YOURLS_SITE . '/' . $keyword;
}
$id++;
} while (!$ok);
@yourls_update_next_decimal($id);
}
// URL was already stored
} else {
yourls_do_action('add_new_link_already_stored', $url, $keyword, $title);
$return['status'] = 'fail';
$return['code'] = 'error:url';
$return['url'] = array('keyword' => $url_exists->keyword, 'url' => $strip_url, 'title' => $url_exists->title, 'date' => $url_exists->timestamp, 'ip' => $url_exists->ip, 'clicks' => $url_exists->clicks);
$return['message'] = yourls_s('%s already exists in database', yourls_trim_long_string($strip_url));
$return['title'] = $url_exists->title;
$return['shorturl'] = YOURLS_SITE . '/' . $url_exists->keyword;
}
yourls_do_action('post_add_new_link', $url, $keyword, $title);
$return['statusCode'] = 200;
// regardless of result, this is still a valid request
return yourls_apply_filter('add_new_link', $return, $url, $keyword, $title);
}
