function insensitive_get_keyword_infos($keyword, $use_cache = true)
{
global $ydb;
$keyword = yourls_sanitize_string($keyword);
yourls_do_action('pre_get_keyword', $keyword, $use_cache);
if (isset($ydb->infos[$keyword]) && $use_cache == true) {
return yourls_apply_filter('get_keyword_infos', $ydb->infos[$keyword], $keyword);
}
yourls_do_action('get_keyword_not_cached', $keyword);
$table = YOURLS_DB_TABLE_URL;
$infos = $ydb->get_row("SELECT * FROM `{$table}` WHERE LOWER(`keyword`) = LOWER('{$keyword}')");
if ($infos) {
$infos = (array) $infos;
$ydb->infos[$keyword] = $infos;
} else {
$ydb->infos[$keyword] = false;
}
return yourls_apply_filter('get_keyword_infos', $ydb->infos[$keyword], $keyword);
}
function mu_table_add_row($keyword, $url, $title = '', $ip, $clicks, $timestamp)
{
$keyword = yourls_sanitize_string($keyword);
$display_keyword = htmlentities($keyword);
$url = yourls_sanitize_url($url);
$display_url = htmlentities(yourls_trim_long_string($url));
$title_url = htmlspecialchars($url);
$title = yourls_sanitize_title($title);
$display_title = yourls_trim_long_string($title);
$title = htmlspecialchars($title);
$id = yourls_string2htmlid($keyword);
// used as HTML #id
$date = date('M d, Y H:i', $timestamp + YOURLS_HOURS_OFFSET * 3600);
$clicks = number_format($clicks, 0, '', '');
$shorturl = YOURLS_SITE . '/' . $keyword;
$statlink = $shorturl . '+';
if (yourls_is_ssl()) {
$statlink = str_replace('http://', 'https://', $statlink);
}
if ($title) {
$display_link = "<a href=\"{$url}\" title=\"{$title}\">{$display_title}</a><br/><small><a href=\"{$url}\" title=\"{$title_url}\">{$display_url}</a></small>";
} else {
$display_link = "<a href=\"{$url}\" title=\"{$title_url}\">{$display_url}</a>";
}
$delete_link = yourls_nonce_url('delete-link_' . $id, yourls_add_query_arg(array('id' => $id, 'action' => 'delete', 'keyword' => $keyword), muAdminUrl('admin-ajax.php')));
$edit_link = yourls_nonce_url('edit-link_' . $id, yourls_add_query_arg(array('id' => $id, 'action' => 'edit', 'keyword' => $keyword), muAdminUrl('admin-ajax.php')));
$actions = <<<ACTION
<a href="{$statlink}" id="statlink-{$id}" title="Stats" class="button button_stats">Stats</a><a href="" id="share-button-{$id}" name="share-button" title="Share" class="button button_share" onclick="toggle_share('{$id}');return false;">Share</a><a href="{$edit_link}" id="edit-button-{$id}" name="edit-button" title="Edit" class="button button_edit" onclick="edit('{$id}');return false;">Edit</a><a href="{$delete_link}" id="delete-button-{$id}" name="delete-button" title="Delete" class="button button_delete" onclick="remove('{$id}');return false;">Delete</a>
ACTION;
$actions = yourls_apply_filter('action_links', $actions, $keyword, $url, $ip, $clicks, $timestamp);
$row = <<<ROW
<tr id="id-{$id}"><td id="keyword-{$id}" class="keyword"><a href="{$shorturl}">{$display_keyword}</a></td><td id="url-{$id}" class="url">{$display_link}</td><td id="timestamp-{$id}" class="timestamp">{$date}</td><td id="ip-{$id}" class="ip">{$ip}</td><td id="clicks-{$id}" class="clicks">{$clicks}</td><td class="actions" id="actions-{$id}">{$actions}<input type="hidden" id="keyword_{$id}" value="{$keyword}"/></td></tr>
ROW;
$row = yourls_apply_filter('table_add_row', $row, $keyword, $url, $title, $ip, $clicks, $timestamp);
return $row;
}
require_once dirname(__FILE__) . '/includes/load-yourls.php';
require_once YOURLS_INC . '/functions-infos.php';
yourls_maybe_require_auth();
// Variables should be defined in yourls-loader.php, if not try GET request (old behavior of yourls-infos.php)
if (!isset($keyword) && isset($_GET['id'])) {
$keyword = $_GET['id'];
}
if (!isset($aggregate) && isset($_GET['all']) && $_GET['all'] == 1 && yourls_allow_duplicate_longurls()) {
$aggregate = true;
}
if (!isset($keyword)) {
yourls_do_action('infos_no_keyword');
yourls_redirect(YOURLS_SITE, 302);
}
// Get basic infos for this shortened URL
$keyword = yourls_sanitize_string($keyword);
$longurl = yourls_get_keyword_longurl($keyword);
$clicks = yourls_get_keyword_clicks($keyword);
$timestamp = yourls_get_keyword_timestamp($keyword);
$title = yourls_get_keyword_title($keyword);
// Update title if it hasn't been stored yet
if ($title == '') {
$title = yourls_get_remote_title($longurl);
yourls_edit_link_title($keyword, $title);
}
if ($longurl === false) {
yourls_do_action('infos_keyword_not_found');
yourls_redirect(YOURLS_SITE, 302);
}
yourls_do_action('pre_yourls_infos', $keyword);
if (yourls_do_log_redirect()) {
}
yourls_do_action('admin_page_before_table');
yourls_table_head();
if (!$is_bookmark) {
$params = array('search' => $search, 'search_text' => $search_text, 'search_in' => $search_in, 'sort_by' => $sort_by, 'sort_order' => $sort_order, 'page' => $page, 'perpage' => $perpage, 'click_filter' => $click_filter, 'click_limit' => $click_limit, 'total_pages' => $total_pages, 'date_filter' => $date_filter, 'date_first' => $date_first, 'date_second' => $date_second);
yourls_html_tfooter($params);
}
yourls_table_tbody_start();
// Main Query
$where = yourls_apply_filter('admin_list_where', $where);
$url_results = $ydb->get_results("SELECT * FROM `{$table_url}` WHERE 1=1 {$where} ORDER BY `{$sort_by}` {$sort_order} LIMIT {$offset}, {$perpage};");
$found_rows = false;
if ($url_results) {
$found_rows = true;
foreach ($url_results as $url_result) {
$keyword = yourls_sanitize_string($url_result->keyword);
$timestamp = strtotime($url_result->timestamp);
$url = stripslashes($url_result->url);
$ip = $url_result->ip;
$title = $url_result->title ? $url_result->title : '';
$clicks = $url_result->clicks;
echo yourls_table_add_row($keyword, $url, $title, $ip, $clicks, $timestamp);
}
}
$display = $found_rows ? 'display:none' : '';
echo '<tr id="nourl_found" style="' . $display . '"><td colspan="6">' . yourls__('No URL') . '</td></tr>';
yourls_table_tbody_end();
yourls_table_end();
yourls_do_action('admin_page_after_table');
if ($is_bookmark) {
yourls_share_box($url, $return['shorturl'], $title, $text);
/**
* Alias function. I was always getting it wrong.
*
*/
function yourls_sanitize_keyword($keyword)
{
return yourls_sanitize_string($keyword);
}
/**
* Return an "Add" row for the main table
*
* @return string HTML of the edit row
*/
function yourls_table_add_row($keyword, $url, $title = '', $ip, $clicks, $timestamp)
{
$keyword = yourls_sanitize_string($keyword);
$id = yourls_string2htmlid($keyword);
// used as HTML #id
$shorturl = yourls_link($keyword);
$statlink = yourls_statlink($keyword);
$delete_link = yourls_nonce_url('delete-link_' . $id, yourls_add_query_arg(array('id' => $id, 'action' => 'delete', 'keyword' => $keyword), yourls_admin_url('admin-ajax.php')));
$edit_link = yourls_nonce_url('edit-link_' . $id, yourls_add_query_arg(array('id' => $id, 'action' => 'edit', 'keyword' => $keyword), yourls_admin_url('admin-ajax.php')));
// Action link buttons: the array
$actions = array('stats' => array('href' => $statlink, 'id' => "statlink-{$id}", 'title' => yourls_esc_attr__('Stats'), 'anchor' => yourls__('Stats')), 'share' => array('href' => '', 'id' => "share-button-{$id}", 'title' => yourls_esc_attr__('Share'), 'anchor' => yourls__('Share'), 'onclick' => "toggle_share('{$id}');return false;"), 'edit' => array('href' => $edit_link, 'id' => "edit-button-{$id}", 'title' => yourls_esc_attr__('Edit'), 'anchor' => yourls__('Edit'), 'onclick' => "edit_link_display('{$id}');return false;"), 'delete' => array('href' => $delete_link, 'id' => "delete-button-{$id}", 'title' => yourls_esc_attr__('Delete'), 'anchor' => yourls__('Delete'), 'onclick' => "remove_link('{$id}');return false;"));
$actions = yourls_apply_filter('table_add_row_action_array', $actions);
// Action link buttons: the HTML
$action_links = '';
foreach ($actions as $key => $action) {
$onclick = isset($action['onclick']) ? 'onclick="' . $action['onclick'] . '"' : '';
$action_links .= sprintf('<a href="%s" id="%s" title="%s" class="%s" %s>%s</a>', $action['href'], $action['id'], $action['title'], 'button button_' . $key, $onclick, $action['anchor']);
}
$action_links = yourls_apply_filter('action_links', $action_links, $keyword, $url, $ip, $clicks, $timestamp);
if (!$title) {
$title = $url;
}
$protocol_warning = '';
if (!in_array(yourls_get_protocol($url), array('http://', 'https://'))) {
$protocol_warning = yourls_apply_filter('add_row_protocol_warning', '<span class="warning" title="' . yourls__('Not a common link') . '">★</span>');
}
// Row cells: the array
$cells = array('keyword' => array('template' => '<a href="%shorturl%">%keyword_html%</a>', 'shorturl' => yourls_esc_url($shorturl), 'keyword_html' => yourls_esc_html($keyword)), 'url' => array('template' => '<a href="%long_url%" title="%title_attr%">%title_html%</a><br/><small>%warning%<a href="%long_url%">%long_url_html%</a></small>', 'long_url' => yourls_esc_url($url), 'title_attr' => yourls_esc_attr($title), 'title_html' => yourls_esc_html(yourls_trim_long_string($title)), 'long_url_html' => yourls_esc_html(yourls_trim_long_string($url)), 'warning' => $protocol_warning), 'timestamp' => array('template' => '%date%', 'date' => date('M d, Y H:i', $timestamp + YOURLS_HOURS_OFFSET * 3600)), 'ip' => array('template' => '%ip%', 'ip' => $ip), 'clicks' => array('template' => '%clicks%', 'clicks' => yourls_number_format_i18n($clicks, 0, '', '')), 'actions' => array('template' => '%actions% <input type="hidden" id="keyword_%id%" value="%keyword%"/>', 'actions' => $action_links, 'id' => $id, 'keyword' => $keyword));
$cells = yourls_apply_filter('table_add_row_cell_array', $cells, $keyword, $url, $title, $ip, $clicks, $timestamp);
// Row cells: the HTML. Replace every %stuff% in 'template' with 'stuff' value.
$row = "<tr id=\"id-{$id}\">";
foreach ($cells as $cell_id => $elements) {
$callback = new yourls_table_add_row_callback($elements);
$row .= sprintf('<td class="%s" id="%s">', $cell_id, $cell_id . '-' . $id);
$row .= preg_replace_callback('/%([^%]+)?%/', array($callback, 'callback'), $elements['template']);
// For the record, in PHP 5.3+ we don't need to introduce a class in order to pass additional parameters
// to the callback function. Instead, we would have used the 'use' keyword :
// $row .= preg_replace_callback( '/%([^%]+)?%/', function( $match ) use ( $elements ) { return $elements[ $match[1] ]; }, $elements['template'] );
$row .= '</td>';
}
$row .= "</tr>";
$row = yourls_apply_filter('table_add_row', $row, $keyword, $url, $title, $ip, $clicks, $timestamp);
return $row;
}
/**
* Expand short url to long url
*
*/
function yourls_api_expand($shorturl)
{
$keyword = str_replace(YOURLS_SITE . '/', '', $shorturl);
// accept either 'http://ozh.in/abc' or 'abc'
$keyword = yourls_sanitize_string($keyword);
$longurl = yourls_get_keyword_longurl($keyword);
if ($longurl) {
$return = array('keyword' => $keyword, 'shorturl' => YOURLS_SITE . "/{$keyword}", 'longurl' => $longurl, 'simple' => $longurl, 'message' => 'success', 'statusCode' => 200);
} else {
$return = array('keyword' => $keyword, 'simple' => 'not found', 'message' => 'Error: short URL not found', 'errorCode' => 404);
}
return yourls_apply_filter('api_expand', $return, $shorturl);
}
/**
* Log a redirect (for stats)
*
* This function does not check for the existence of a valid keyword, in order to save a query. Make sure the keyword
* exists before calling it.
*
* @since 1.4
* @param string $keyword short URL keyword
* @return mixed Result of the INSERT query (1 on success)
*/
function yourls_log_redirect($keyword)
{
// Allow plugins to short-circuit the whole function
$pre = yourls_apply_filter('shunt_log_redirect', false, $keyword);
if (false !== $pre) {
return $pre;
}
if (!yourls_do_log_redirect()) {
return true;
}
global $ydb;
$table = YOURLS_DB_TABLE_LOG;
$keyword = yourls_escape(yourls_sanitize_string($keyword));
$referrer = isset($_SERVER['HTTP_REFERER']) ? yourls_escape(yourls_sanitize_url($_SERVER['HTTP_REFERER'])) : 'direct';
$ua = yourls_escape(yourls_get_user_agent());
$ip = yourls_escape(yourls_get_IP());
$location = yourls_escape(yourls_geo_ip_to_countrycode($ip));
return $ydb->query("INSERT INTO `{$table}` (click_time, shorturl, referrer, user_agent, ip_address, country_code) VALUES (NOW(), '{$keyword}', '{$referrer}', '{$ua}', '{$ip}', '{$location}')");
}
function trapApi($args)
{
$action = $args[0];
$admin = yourls_is_valid_user();
// Uses this name but REFERS to ADMIN!
if ($admin === true || $action == "expand") {
return;
}
if (YOURLS_MULTUSER_PROTECTED === false && ($action == "stats" || $action == "db-stats" || $action == 'url-stats')) {
return;
}
switch ($action) {
case "shorturl":
if (YOURLS_MULTIUSER_ANONYMOUS === true) {
return;
} else {
$token = isset($_REQUEST['token']) ? yourls_sanitize_string($_REQUEST['token']) : '';
$user = getUserIdByToken($token);
if ($user == false) {
$u = $_SESSION["user"];
$user = getUserIdByToken($u["token"]);
}
if ($user == false) {
$return = array('simple' => 'You can\'t be anonymous', 'message' => 'You can\'t be anonymous', 'errorCode' => 403);
} else {
return;
}
}
break;
// Stats for a shorturl
// Stats for a shorturl
case 'url-stats':
$token = isset($_REQUEST['token']) ? yourls_sanitize_string($_REQUEST['token']) : '';
$user = getUserIdByToken($token);
if ($user == false) {
$u = $_SESSION["user"];
$user = getUserIdByToken($u["token"]);
}
if ($user == false) {
$return = array('simple' => 'Invalid username or password', 'message' => 'Invalid username or password', 'errorCode' => 403);
} else {
if (verifyUrlOwner($keyword, $user)) {
$shorturl = isset($_REQUEST['shorturl']) ? $_REQUEST['shorturl'] : '';
$return = yourls_api_url_stats($shorturl);
} else {
$return = array('simple' => 'Invalid username or password', 'message' => 'Invalid username or password', 'errorCode' => 403);
}
}
break;
default:
$return = array('errorCode' => 400, 'message' => 'Unknown or missing or forbidden "action" parameter', 'simple' => 'Unknown or missing or forbidden "action" parameter');
}
$format = isset($_REQUEST['format']) ? $_REQUEST['format'] : 'xml';
yourls_api_output($format, $return);
die;
}
function yourls_log_redirect($keyword)
{
if (!yourls_do_log_redirect()) {
return true;
}
global $ydb;
$table = YOURLS_DB_TABLE_LOG;
$keyword = yourls_sanitize_string($keyword);
$referrer = isset($_SERVER['HTTP_REFERER']) ? yourls_sanitize_url($_SERVER['HTTP_REFERER']) : 'direct';
$ua = yourls_get_user_agent();
$ip = yourls_get_IP();
$location = yourls_geo_ip_to_countrycode($ip);
return $ydb->query("INSERT INTO `{$table}` VALUES ('', NOW(), '{$keyword}', '{$referrer}', '{$ua}', '{$ip}', '{$location}')");
}
<?php
// TODO: make things cleaner. This file is an awful HTML/PHP soup.
// Require Files
require_once dirname(__FILE__) . '/includes/load-yourls.php';
require_once dirname(__FILE__) . '/includes/functions-infos.php';
yourls_maybe_require_auth();
if (!isset($_GET['id'])) {
yourls_redirect(YOURLS_SITE, 307);
}
$aggregate = false;
if (isset($_GET['all']) && $_GET['all'] == 1 && yourls_allow_duplicate_longurls()) {
$aggregate = true;
}
// Get basic infos for this shortened URL
$keyword = yourls_sanitize_string($_GET['id']);
$longurl = yourls_get_keyword_longurl($keyword);
$clicks = yourls_get_keyword_clicks($keyword);
$timestamp = yourls_get_keyword_timestamp($keyword);
if ($longurl === false) {
yourls_redirect(YOURLS_SITE, 307);
}
if (yourls_do_log_redirect()) {
// Duplicate keywords, if applicable
$keyword_list = yourls_get_duplicate_keywords($longurl);
// Fetch all information from the table log
$table = YOURLS_DB_TABLE_LOG;
if ($aggregate) {
$keywords = join("', '", $keyword_list);
// Fetch information for all keywords pointing to $longurl
$hits = $ydb->get_results("SELECT `shorturl`, `click_time`, `referrer`, `user_agent`, `country_code` FROM `{$table}` WHERE `shorturl` IN ( '{$keywords}' );");
/**
* Action: yourls_ajax_laemmi_edit_ldapgroup_save
*/
public function action_yourls_ajax_laemmi_edit_ldapgroup_save()
{
$keyword = yourls_sanitize_string($this->getRequest('keyword'));
$nonce = $this->getRequest('nonce');
$id = yourls_string2htmlid($keyword);
yourls_verify_nonce('laemmi_edit_ldapgroup_save_' . $id, $nonce, false, 'omg error');
$this->action_insert_link(['', '', $keyword, '', '', '']);
$return = [];
$return['status'] = 'success';
$return['message'] = yourls__('Link updated in database', self::APP_NAMESPACE);
echo json_encode($return);
}
