diff options
| author | s1n <[email protected]> | 2020-03-28 10:36:41 -0700 |
|---|---|---|
| committer | s1n <[email protected]> | 2020-03-28 10:36:41 -0700 |
| commit | 25b7d2aab61ae6421398d3abae5da6ffe590333d (patch) | |
| tree | 611985ec78bb2d94099c9fd5dd687f5c9cee6f3e /admin | |
| parent | Initial commit (diff) | |
| download | crack.cf-backup-master.tar.xz crack.cf-backup-master.zip | |
Diffstat (limited to 'admin')
| -rw-r--r-- | admin/admin-ajax.php | 51 | ||||
| -rw-r--r-- | admin/index.php | 378 | ||||
| -rw-r--r-- | admin/install.php | 84 | ||||
| -rw-r--r-- | admin/plugins.php | 166 | ||||
| -rw-r--r-- | admin/tools.php | 337 | ||||
| -rw-r--r-- | admin/upgrade.php | 86 |
6 files changed, 1102 insertions, 0 deletions
diff --git a/admin/admin-ajax.php b/admin/admin-ajax.php new file mode 100644 index 0000000..a89912e --- /dev/null +++ b/admin/admin-ajax.php @@ -0,0 +1,51 @@ +<?php +define( 'YOURLS_ADMIN', true ); +define( 'YOURLS_AJAX', true ); +require_once( dirname( __DIR__ ) .'/includes/load-yourls.php' ); +yourls_maybe_require_auth(); + +// This file will output a JSON string +yourls_content_type_header( 'application/json' ); + +if( !isset( $_REQUEST['action'] ) ) + die(); + +// Pick action +$action = $_REQUEST['action']; +switch( $action ) { + + case 'add': + yourls_verify_nonce( 'add_url', $_REQUEST['nonce'], false, 'omg error' ); + $return = yourls_add_new_link( $_REQUEST['url'], $_REQUEST['keyword'] ); + echo json_encode($return); + break; + + case 'edit_display': + yourls_verify_nonce( 'edit-link_'.$_REQUEST['id'], $_REQUEST['nonce'], false, 'omg error' ); + $row = yourls_table_edit_row ( $_REQUEST['keyword'] ); + echo json_encode( array('html' => $row) ); + break; + + case 'edit_save': + yourls_verify_nonce( 'edit-save_'.$_REQUEST['id'], $_REQUEST['nonce'], false, 'omg error' ); + $return = yourls_edit_link( $_REQUEST['url'], $_REQUEST['keyword'], $_REQUEST['newkeyword'], $_REQUEST['title'] ); + echo json_encode($return); + break; + + case 'delete': + yourls_verify_nonce( 'delete-link_'.$_REQUEST['id'], $_REQUEST['nonce'], false, 'omg error' ); + $query = yourls_delete_link_by_keyword( $_REQUEST['keyword'] ); + echo json_encode(array('success'=>$query)); + break; + + case 'logout': + // unused for the moment + yourls_logout(); + break; + + default: + yourls_do_action( 'yourls_ajax_'.$action ); + +} + +die(); diff --git a/admin/index.php b/admin/index.php new file mode 100644 index 0000000..c00ee9a --- /dev/null +++ b/admin/index.php @@ -0,0 +1,378 @@ +<?php +define( 'YOURLS_ADMIN', true ); +require_once( dirname( __DIR__ ).'/includes/load-yourls.php' ); +yourls_maybe_require_auth(); + +// Variables +$table_url = YOURLS_DB_TABLE_URL; +$search_sentence = $search_text = $url = $keyword = ''; +/* $where will collect additional SQL arguments: + * $where['sql'] will concatenate SQL clauses: $where['sql'] .= ' AND something = :value '; + * $where['binds'] will hold the (name => value) placeholder pairs: $where['binds']['value'] = $value; + */ +$where = array('sql' => '', 'binds' => array()); +$date_filter = $date_first = $date_second = ''; +$base_page = yourls_admin_url( 'index.php' ); + +// Default SQL behavior +$search_in_text = yourls__( 'URL' ); +$search_in = 'all'; +$sort_by_text = yourls__( 'Short URL' ); +$sort_by = 'timestamp'; +$sort_order = 'desc'; +$page = ( isset( $_GET['page'] ) ? intval($_GET['page']) : 1 ); +$search = yourls_get_search_text(); +$perpage = ( isset( $_GET['perpage'] ) && intval( $_GET['perpage'] ) ? intval($_GET['perpage']) : yourls_apply_filter( 'admin_view_per_page', 15 ) ); +$click_limit = ( isset( $_GET['click_limit'] ) && $_GET['click_limit'] !== '' ) ? intval( $_GET['click_limit'] ) : '' ; +if ( $click_limit !== '' ) { + $click_filter = ( isset( $_GET['click_filter'] ) && $_GET['click_filter'] == 'more' ? 'more' : 'less' ) ; + $click_moreless = ( $click_filter == 'more' ? '>' : '<' ); + $where['sql'] = " AND clicks $click_moreless :click_limit"; + $where['binds']['click_limit'] = $click_limit; +} else { + $click_filter = ''; +} + +// Searching +if( !empty( $search ) && !empty( $_GET['search_in'] ) ) { + switch( $_GET['search_in'] ) { + case 'all': + $search_in_text = yourls__( 'All fields' ); + $search_in = 'all'; + break; + case 'keyword': + $search_in_text = yourls__( 'Short URL' ); + $search_in = 'keyword'; + break; + case 'url': + $search_in_text = yourls__( 'URL' ); + $search_in = 'url'; + break; + case 'title': + $search_in_text = yourls__( 'Title' ); + $search_in = 'title'; + break; + case 'ip': + $search_in_text = yourls__( 'IP Address' ); + $search_in = 'ip'; + break; + } + $search_sentence = yourls_s( 'Searching for <strong>%1$s</strong> in <strong>%2$s</strong>.', yourls_esc_html( $search ), yourls_esc_html( $search_in_text ) ); + $search_text = $search; + $search = str_replace( '*', '%', '*' . $search . '*' ); + if( $search_in == 'all' ) { + $where['sql'] .= ' AND CONCAT_WS("",`keyword`,`url`,`title`,`ip`) LIKE (:search)'; + $where['binds']['search'] = $search; + // Search across all fields. The resulting SQL will be something like: + // SELECT * FROM `yourls_url` WHERE CONCAT_WS('',`keyword`,`url`,`title`,`ip`) LIKE ("%ozh%") + // CONCAT_WS because CONCAT('foo', 'bar', NULL) = NULL. NULL wins. Not sure if values can be NULL now or in the future, so better safe. + // TODO: pay attention to this bit when the DB schema changes + } else { + $where['sql'] .= " AND `$search_in` LIKE (:search)"; + $where['binds']['search'] = $search; + } +} + +// Time span +if( !empty( $_GET['date_filter'] ) ) { + switch( $_GET['date_filter'] ) { + case 'before': + $date_filter = 'before'; + if( isset( $_GET['date_first'] ) && yourls_sanitize_date( $_GET['date_first'] ) ) { + $date_first = yourls_sanitize_date( $_GET['date_first'] ); + $date_first_sql = yourls_sanitize_date_for_sql( $_GET['date_first'] ); + $where['sql'] .= ' AND `timestamp` < :date_first_sql'; + $where['binds']['date_first_sql'] = $date_first_sql; + } + break; + case 'after': + $date_filter = 'after'; + if( isset( $_GET['date_first'] ) && yourls_sanitize_date( $_GET['date_first'] ) ) { + $date_first_sql = yourls_sanitize_date_for_sql( $_GET['date_first'] ); + $date_first = yourls_sanitize_date( $_GET['date_first'] ); + $where['sql'] .= ' AND `timestamp` > :date_first_sql'; + $where['binds']['date_first_sql'] = $date_first_sql; + } + break; + case 'between': + $date_filter = 'between'; + if( isset( $_GET['date_first'] ) && isset( $_GET['date_second'] ) && yourls_sanitize_date( $_GET['date_first'] ) && yourls_sanitize_date( $_GET['date_second'] ) ) { + $date_first_sql = yourls_sanitize_date_for_sql( $_GET['date_first'] ); + $date_second_sql = yourls_sanitize_date_for_sql( $_GET['date_second'] ); + $date_first = yourls_sanitize_date( $_GET['date_first'] ); + $date_second = yourls_sanitize_date( $_GET['date_second'] ); + $where['sql'] .= ' AND `timestamp` BETWEEN :date_first_sql AND :date_second_sql'; + $where['binds']['date_first_sql'] = $date_first_sql; + $where['binds']['date_second_sql'] = $date_second_sql; + } + break; + } +} + +// Sorting +if( !empty( $_GET['sort_by'] ) || !empty( $_GET['sort_order'] ) ) { + switch( $_GET['sort_by'] ) { + case 'keyword': + $sort_by_text = yourls__( 'Short URL' ); + $sort_by = 'keyword'; + break; + case 'url': + $sort_by_text = yourls__( 'URL' ); + $sort_by = 'url'; + break; + case 'title': + $sort_by_text = yourls__( 'Title' ); + $sort_by = 'title'; + break; + case 'timestamp': + $sort_by_text = yourls__( 'Date' ); + $sort_by = 'timestamp'; + break; + case 'ip': + $sort_by_text = yourls__( 'IP Address' ); + $sort_by = 'ip'; + break; + case 'clicks': + $sort_by_text = yourls__( 'Clicks' ); + $sort_by = 'clicks'; + break; + } + switch( $_GET['sort_order'] ) { + case 'asc': + $sort_order = 'asc'; + break; + case 'desc': + $sort_order = 'desc'; + break; + } +} + +// Get URLs Count for current filter, total links in DB & total clicks +list( $total_urls, $total_clicks ) = array_values( yourls_get_db_stats() ); +if ( !empty($where['sql']) ) { + list( $total_items, $total_items_clicks ) = array_values( yourls_get_db_stats( $where ) ); +} else { + $total_items = $total_urls; + $total_items_clicks = false; +} + +// This is a bookmarklet +if ( isset( $_GET['u'] ) or isset( $_GET['up'] ) ) { + $is_bookmark = true; + yourls_do_action( 'bookmarklet' ); + + // No sanitization needed here: everything happens in yourls_add_new_link() + if( isset( $_GET['u'] ) ) { + // Old school bookmarklet: ?u=<url> + $url = rawurldecode( $_GET['u'] ); + } else { + // New style bookmarklet: ?up=<url protocol>&us=<url slashes>&ur=<url rest> + $url = rawurldecode( $_GET['up'] . $_GET['us'] . $_GET['ur'] ); + } + $keyword = ( isset( $_GET['k'] ) ? ( $_GET['k'] ) : '' ); + $title = ( isset( $_GET['t'] ) ? ( $_GET['t'] ) : '' ); + $return = yourls_add_new_link( $url, $keyword, $title ); + + // If fails because keyword already exist, retry with no keyword + if ( isset( $return['status'] ) && $return['status'] == 'fail' && isset( $return['code'] ) && $return['code'] == 'error:keyword' ) { + $msg = $return['message']; + $return = yourls_add_new_link( $url, '', $ydb ); + $return['message'] .= ' ('.$msg.')'; + } + + // Stop here if bookmarklet with a JSON callback function + if( isset( $_GET['jsonp'] ) && $_GET['jsonp'] == 'yourls' ) { + $short = $return['shorturl'] ? $return['shorturl'] : ''; + $message = $return['message']; + yourls_content_type_header( 'application/javascript' ); + echo yourls_apply_filter( 'bookmarklet_jsonp', "yourls_callback({'short_url':'$short','message':'$message'});" ); + + die(); + } + + // Now use the URL that has been sanitized and returned by yourls_add_new_link() + $url = $return['url']['url']; + $where['sql'] .= ' AND `url` LIKE :url '; + $where['binds']['url'] = $url; + + $page = $total_pages = $perpage = 1; + $offset = 0; + + $text = ( isset( $_GET['s'] ) ? stripslashes( $_GET['s'] ) : '' ); + + // Sharing with social bookmarklets + if( !empty($_GET['share']) ) { + yourls_do_action( 'pre_share_redirect' ); + switch ( $_GET['share'] ) { + case 'twitter': + // share with Twitter + $destination = sprintf( "https://twitter.com/intent/tweet?url=%s&text=%s", urlencode( $return['shorturl'] ), urlencode( $title ) ); + yourls_redirect( $destination, 303 ); + + // Deal with the case when redirection failed: + $return['status'] = 'error'; + $return['errorCode'] = 400; + $return['message'] = yourls_s( 'Short URL created, but could not redirect to %s !', 'Twitter' ); + break; + + case 'facebook': + // share with Facebook + $destination = sprintf( "https://www.facebook.com/sharer/sharer.php?u=%s&t=%s", urlencode( $return['shorturl'] ), urlencode( $title ) ); + yourls_redirect( $destination, 303 ); + + // Deal with the case when redirection failed: + $return['status'] = 'error'; + $return['errorCode'] = 400; + $return['message'] = yourls_s( 'Short URL created, but could not redirect to %s !', 'Facebook' ); + break; + + case 'tumblr': + // share with Tumblr + $destination = sprintf( "https://www.tumblr.com/share?v=3&u=%s&t=%s&s=%s", urlencode( $return['shorturl'] ), urlencode( $title ), urlencode( $text ) ); + yourls_redirect( $destination, 303 ); + + // Deal with the case when redirection failed: + $return['status'] = 'error'; + $return['errorCode'] = 400; + $return['message'] = yourls_s( 'Short URL created, but could not redirect to %s !', 'Tumblr' ); + break; + + default: + // Is there a custom registered social bookmark? + yourls_do_action( 'share_redirect_' . $_GET['share'], $return ); + + // Still here? That was an unknown 'share' method, then. + $return['status'] = 'error'; + $return['errorCode'] = 400; + $return['message'] = yourls__( 'Unknown "Share" bookmarklet' ); + break; + } + } + +// This is not a bookmarklet +} else { + $is_bookmark = false; + + // Checking $page, $offset, $perpage + if( empty($page) || $page == 0 ) { + $page = 1; + } + if( empty($offset) ) { + $offset = 0; + } + if( empty($perpage) || $perpage == 0) { + $perpage = 50; + } + + // Determine $offset + $offset = ( $page-1 ) * $perpage; + + // Determine Max Number Of Items To Display On Page + if( ( $offset + $perpage ) > $total_items ) { + $max_on_page = $total_items; + } else { + $max_on_page = ( $offset + $perpage ); + } + + // Determine Number Of Items To Display On Page + if ( ( $offset + 1 ) > $total_items ) { + $display_on_page = $total_items; + } else { + $display_on_page = ( $offset + 1 ); + } + + // Determing Total Amount Of Pages + $total_pages = ceil( $total_items / $perpage ); +} + + +// Begin output of the page +$context = ( $is_bookmark ? 'bookmark' : 'index' ); +yourls_html_head( $context ); +yourls_html_logo(); +yourls_html_menu() ; + +yourls_do_action( 'admin_page_before_content' ); + +if ( !$is_bookmark ) { ?> + <p><?php echo $search_sentence; ?></p> + <p><?php + printf( yourls__( 'Display <strong>%1$s</strong> to <strong class="increment">%2$s</strong> of <strong class="increment">%3$s</strong> URLs' ), $display_on_page, $max_on_page, $total_items ); + if( $total_items_clicks !== false ) + echo ", " . sprintf( yourls_n( 'counting <strong>1</strong> click', 'counting <strong>%s</strong> clicks', $total_items_clicks ), yourls_number_format_i18n( $total_items_clicks ) ); + ?>.</p> +<?php } ?> +<p id="overall_tracking"><?php printf( yourls__( 'Overall, tracking <strong class="increment">%1$s</strong> links, <strong>%2$s</strong> clicks, and counting!' ), yourls_number_format_i18n( $total_urls ), yourls_number_format_i18n( $total_clicks ) ); ?></p> +<?php + +yourls_do_action( 'admin_page_before_form' ); + +yourls_html_addnew(); + +// If bookmarklet, add message. Otherwise, hide hidden share box. +if ( !$is_bookmark ) { + yourls_share_box( '', '', '', '', '', '', true ); +} else { + echo '<script type="text/javascript">$(document).ready(function(){ + feedback( "' . $return['message'] . '", "'. $return['status'] .'"); + init_clipboard(); + });</script>'; +} + +yourls_do_action( 'admin_page_before_table' ); + +yourls_table_head(); + +if ( !$is_bookmark ) { + $params = array( + 'search' => $search, + 'search_text' => $search_text, + 'search_in' => $search_in, + 'sort_by' => $sort_by, + 'sort_order' => $sort_order, + 'page' => $page, + 'perpage' => $perpage, + 'click_filter' => $click_filter, + 'click_limit' => $click_limit, + 'total_pages' => $total_pages, + 'date_filter' => $date_filter, + 'date_first' => $date_first, + 'date_second' => $date_second, + ); + yourls_html_tfooter( $params ); +} + +yourls_table_tbody_start(); + +// Main Query +$where = yourls_apply_filter( 'admin_list_where', $where ); +$url_results = $ydb->fetchObjects( "SELECT * FROM `$table_url` WHERE 1=1 ${where['sql']} ORDER BY `$sort_by` $sort_order LIMIT $offset, $perpage;", $where['binds'] ); +$found_rows = false; +if( $url_results ) { + $found_rows = true; + foreach( $url_results as $url_result ) { + $keyword = yourls_sanitize_string( $url_result->keyword ); + $timestamp = strtotime( $url_result->timestamp ); + $url = stripslashes( $url_result->url ); + $ip = $url_result->ip; + $title = $url_result->title ? $url_result->title : ''; + $clicks = $url_result->clicks; + + echo yourls_table_add_row( $keyword, $url, $title, $ip, $clicks, $timestamp ); + } +} + +$display = $found_rows ? 'display:none' : ''; +echo '<tr id="nourl_found" style="'.$display.'"><td colspan="6">' . yourls__('No URL') . '</td></tr>'; + +yourls_table_tbody_end(); + +yourls_table_end(); + +yourls_do_action( 'admin_page_after_table' ); + +if ( $is_bookmark ) + yourls_share_box( $url, $return['shorturl'], $title, $text ); +?> + +<?php yourls_html_footer( ); ?> diff --git a/admin/install.php b/admin/install.php new file mode 100644 index 0000000..02a1485 --- /dev/null +++ b/admin/install.php @@ -0,0 +1,84 @@ +<?php +define( 'YOURLS_ADMIN', true ); +define( 'YOURLS_INSTALLING', true ); +require_once( dirname( __DIR__ ).'/includes/load-yourls.php' ); +require_once( YOURLS_INC.'/functions-install.php' ); + +$error = array(); +$warning = array(); +$success = array(); + +// Check pre-requisites +if ( !yourls_check_PDO() ) { + $error[] = yourls__( 'PHP extension for PDO not found' ); + yourls_debug_log( 'PHP PDO extension not found' ); +} + +if ( !yourls_check_database_version() ) { + $error[] = yourls_s( '%s version is too old. Ask your server admin for an upgrade.', 'MySQL' ); + yourls_debug_log( 'MySQL version: ' . yourls_get_database_version() ); +} + +if ( !yourls_check_php_version() ) { + $error[] = yourls_s( '%s version is too old. Ask your server admin for an upgrade.', 'PHP' ); + yourls_debug_log( 'PHP version: ' . PHP_VERSION ); +} + +// Is YOURLS already installed ? +if ( yourls_is_installed() ) { + $error[] = yourls__( 'YOURLS already installed.' ); + // check if .htaccess exists, recreate otherwise. No error checking. + if( !file_exists( YOURLS_ABSPATH.'/.htaccess' ) ) { + yourls_create_htaccess(); + } +} + +// Start install if possible and needed +if ( isset($_REQUEST['install']) && count( $error ) == 0 ) { + // Create/update .htaccess file + if ( yourls_create_htaccess() ) { + $success[] = yourls__( 'File <tt>.htaccess</tt> successfully created/updated.' ); + } else { + $warning[] = yourls__( 'Could not write file <tt>.htaccess</tt> in YOURLS root directory. You will have to do it manually. See <a href="http://yourls.org/htaccess">how</a>.' ); + } + + // Create SQL tables + $install = yourls_create_sql_tables(); + if ( isset( $install['error'] ) ) + $error = array_merge( $error, $install['error'] ); + if ( isset( $install['success'] ) ) + $success = array_merge( $success, $install['success'] ); +} + + +// Start output +yourls_html_head( 'install', yourls__( 'Install YOURLS' ) ); +?> +<div id="login"> + <form method="post" action="?"><?php // reset any QUERY parameters ?> + <p> + <img src="<?php yourls_site_url(); ?>/images/yourls-logo.png" alt="YOURLS" title="YOURLS" /> + </p> + <?php + // Print errors, warnings and success messages + foreach ( array ('error', 'warning', 'success') as $info ) { + if ( count( $$info ) > 0 ) { + echo "<ul class='$info'>"; + foreach( $$info as $msg ) { + echo '<li>'.$msg."</li>\n"; + } + echo '</ul>'; + } + } + + // Display install button or link to admin area if applicable + if( !yourls_is_installed() && !isset($_REQUEST['install']) ) { + echo '<p style="text-align: center;"><input type="submit" name="install" value="' . yourls__( 'Install YOURLS') .'" class="button" /></p>'; + } else { + if( count($error) == 0 ) + echo '<p style="text-align: center;">» <a href="'.yourls_admin_url().'" title="' . yourls__( 'YOURLS Administration Page') . '">' . yourls__( 'YOURLS Administration Page') . '</a></p>'; + } + ?> + </form> +</div> +<?php yourls_html_footer(); ?> diff --git a/admin/plugins.php b/admin/plugins.php new file mode 100644 index 0000000..57b6616 --- /dev/null +++ b/admin/plugins.php @@ -0,0 +1,166 @@ +<?php +define( 'YOURLS_ADMIN', true ); +require_once( dirname( __DIR__ ).'/includes/load-yourls.php' ); +yourls_maybe_require_auth(); + +// Handle plugin administration pages +if( isset( $_GET['page'] ) && !empty( $_GET['page'] ) ) { + yourls_plugin_admin_page( $_GET['page'] ); + die(); +} + +// Handle activation/deactivation of plugins +if( isset( $_GET['action'] ) ) { + + // Check nonce + yourls_verify_nonce( 'manage_plugins', $_REQUEST['nonce'] ); + + // Check plugin file is valid + if( isset( $_GET['plugin'] ) && yourls_validate_plugin_file( YOURLS_PLUGINDIR.'/'.$_GET['plugin'].'/plugin.php') ) { + + global $ydb; + // Activate / Deactive + switch( $_GET['action'] ) { + case 'activate': + $result = yourls_activate_plugin( $_GET['plugin'].'/plugin.php' ); + if( $result === true ) + yourls_redirect( yourls_admin_url( 'plugins.php?success=activated' ), 302 ); + + break; + + case 'deactivate': + $result = yourls_deactivate_plugin( $_GET['plugin'].'/plugin.php' ); + if( $result === true ) + yourls_redirect( yourls_admin_url( 'plugins.php?success=deactivated' ), 302 ); + + break; + + default: + $result = yourls__( 'Unsupported action' ); + break; + } + } else { + $result = yourls__( 'No plugin specified, or not a valid plugin' ); + } + + yourls_add_notice( $result ); +} + +// Handle message upon succesfull (de)activation +if( isset( $_GET['success'] ) && ( ( $_GET['success'] == 'activated' ) OR ( $_GET['success'] == 'deactivated' ) ) ) { + if( $_GET['success'] == 'activated' ) { + $message = yourls__( 'Plugin has been activated' ); + } elseif ( $_GET['success'] == 'deactivated' ) { + $message = yourls__( 'Plugin has been deactivated' ); + } + yourls_add_notice( $message ); +} + +yourls_html_head( 'plugins', yourls__( 'Manage Plugins' ) ); +yourls_html_logo(); +yourls_html_menu(); +?> + + <main role="main"> + <h2><?php yourls_e( 'Plugins' ); ?></h2> + + <?php + $plugins = (array)yourls_get_plugins(); + uasort( $plugins, 'yourls_plugins_sort_callback' ); + + $count = count( $plugins ); + $plugins_count = sprintf( yourls_n( '%s plugin', '%s plugins', $count ), $count ); + $count_active = yourls_has_active_plugins(); + ?> + + <p id="plugin_summary"><?php /* //translators: "you have '3 plugins' installed and '1' activated" */ yourls_se( 'You currently have <strong>%1$s</strong> installed, and <strong>%2$s</strong> activated', $plugins_count, $count_active ); ?></p> + + <table id="main_table" class="tblSorter" cellpadding="0" cellspacing="1"> + <thead> + <tr> + <th><?php yourls_e( 'Plugin Name' ); ?></th> + <th><?php yourls_e( 'Version' ); ?></th> + <th><?php yourls_e( 'Description' ); ?></th> + <th><?php yourls_e( 'Author' ); ?></th> + <th><?php yourls_e( 'Action' ); ?></th> + </tr> + </thead> + <tbody> + <?php + + $nonce = yourls_create_nonce( 'manage_plugins' ); + + foreach( $plugins as $file=>$plugin ) { + + // default fields to read from the plugin header + $fields = array( + 'name' => 'Plugin Name', + 'uri' => 'Plugin URI', + 'desc' => 'Description', + 'version' => 'Version', + 'author' => 'Author', + 'author_uri' => 'Author URI' + ); + + // Loop through all default fields, get value if any and reset it + foreach( $fields as $field=>$value ) { + if( isset( $plugin[ $value ] ) ) { + $data[ $field ] = $plugin[ $value ]; + } else { + $data[ $field ] = '(no info)'; + } + unset( $plugin[$value] ); + } + + $plugindir = trim( dirname( $file ), '/' ); + + if( yourls_is_active_plugin( $file ) ) { + $class = 'active'; + $action_url = yourls_nonce_url( 'manage_plugins', yourls_add_query_arg( array('action' => 'deactivate', 'plugin' => $plugindir ) ) ); + $action_anchor = yourls__( 'Deactivate' ); + } else { + $class = 'inactive'; + $action_url = yourls_nonce_url( 'manage_plugins', yourls_add_query_arg( array('action' => 'activate', 'plugin' => $plugindir ) ) ); + $action_anchor = yourls__( 'Activate' ); + } + + // Other "Fields: Value" in the header? Get them too + if( $plugin ) { + foreach( $plugin as $extra_field=>$extra_value ) { + $data['desc'] .= "<br/>\n<em>$extra_field</em>: $extra_value"; + unset( $plugin[$extra_value] ); + } + } + + $data['desc'] .= '<br/><small>' . yourls_s( 'plugin file location: %s', $file) . '</small>'; + + printf( "<tr class='plugin %s'><td class='plugin_name'><a href='%s'>%s</a></td><td class='plugin_version'>%s</td><td class='plugin_desc'>%s</td><td class='plugin_author'><a href='%s'>%s</a></td><td class='plugin_actions actions'><a href='%s'>%s</a></td></tr>", + $class, $data['uri'], $data['name'], $data['version'], $data['desc'], $data['author_uri'], $data['author'], $action_url, $action_anchor + ); + + } + ?> + </tbody> + </table> + + <script type="text/javascript"> + yourls_defaultsort = 0; + yourls_defaultorder = 0; + <?php if ($count_active) { ?> + $('#plugin_summary').append('<span id="toggle_plugins">filter</span>'); + $('#toggle_plugins').css({'background':'transparent url("../images/filter.gif") top left no-repeat','display':'inline-block','text-indent':'-9999px','width':'16px','height':'16px','margin-left':'3px','cursor':'pointer'}) + .attr('title', '<?php echo yourls_esc_attr__( 'Toggle active/inactive plugins' ); ?>') + .click(function(){ + $('#main_table tr.inactive').toggle(); + }); + <?php } ?> + </script> + + <p><?php yourls_e( 'If something goes wrong after you activate a plugin and you cannot use YOURLS or access this page, simply rename or delete its directory, or rename the plugin file to something different than <code>plugin.php</code>.' ); ?></p> + + <h3><?php yourls_e( 'More plugins' ); ?></h3> + + <p><?php yourls_e( 'For more plugins, head to the official <a href="http://yourls.org/pluginlist">Plugin list</a>.' ); ?></p> + </main> + +<?php yourls_html_footer(); ?> diff --git a/admin/tools.php b/admin/tools.php new file mode 100644 index 0000000..f5f5043 --- /dev/null +++ b/admin/tools.php @@ -0,0 +1,337 @@ +<?php +define( 'YOURLS_ADMIN', true ); +require_once( dirname( __DIR__ ).'/includes/load-yourls.php' ); +yourls_maybe_require_auth(); + +yourls_html_head( 'tools', yourls__( 'Cool YOURLS Tools' ) ); +yourls_html_logo(); +yourls_html_menu(); +?> + + <main role="main" class="sub_wrap"> + + <h2><?php yourls_e( 'Bookmarklets' ); ?></h2> + + <p><?php yourls_e( 'YOURLS comes with handy <span>bookmarklets</span> for easier link shortening and sharing.' ); ?></p> + + <h3><?php yourls_e( 'Standard or Instant, Simple or Custom' ); ?></h3> + + <ul> + <li><?php yourls_e( 'The <span>Standard Bookmarklets</span> will take you to a page where you can easily edit or delete your brand new short URL.' ); ?></li> + + <li><?php yourls_e( 'The <span>Instant Bookmarklets</span> will pop the short URL without leaving the page you are viewing.' ); ?></li> + + <li><?php yourls_e( 'The <span>Simple Bookmarklets</span> will generate a short URL with a random or sequential keyword.' ); ?></li> + + <li><?php yourls_e( 'The <span>Custom Keyword Bookmarklets</span> will prompt you for a custom keyword first.' ); ?></li> + </ul> + + <p><?php + yourls_e( "If you want to share a description along with the link you're shortening, simply <span>select text</span> on the page you're viewing before clicking on your bookmarklet link" ); + ?></p> + + <h3><?php yourls_e( 'The Bookmarklets' ); ?></h3> + + <?php $base_bookmarklet = yourls_admin_url( 'index.php' ); ?> + + <p><?php yourls_e( 'Click and drag links to your toolbar (or right-click and bookmark it)' ); ?></p> + + <table class="tblSorter" cellpadding="0" cellspacing="1"> + <thead> + <tr> + <td> </td> + <th><?php yourls_e( 'Standard (new page)' ); ?></th> + <th><?php yourls_e( 'Instant (popup)' ); ?></th> + </tr> + </thead> + <tbody> + <tr> + <th class="header"><?php yourls_e( 'Simple' ); ?></th> + + <td> + <?php $js_code = <<<STANDARD_SIMPLE + // Simple Standard Bookmarklet (new page, no keyword asked) + var d = document, + w = window, + enc = encodeURIComponent, + e = w.getSelection, + k = d.getSelection, + x = d.selection, + s = (e ? e() : (k) ? k() : (x ? x.createRange().text : 0)), + s2 = ((s.toString() == '') ? s : enc(s)), + f = '$base_bookmarklet', + l = d.location.href, + ups = l.match( /^[a-zA-Z0-9\+\.-]+:(\/\/)?/ )[0], + ur = l.split(new RegExp(ups))[1], + ups = ups.split(/\:/), + p = '?up='+enc(ups[0]+':')+'&us='+enc(ups[1])+'&ur='+enc(ur)+'&t='+enc(d.title)+'&s='+s2, + u = f + p; + try { + throw ('ozhismygod'); + } catch (z) { + a = function () { + if (!w.open(u)) l.href = u; + }; + if (/Firefox/.test(navigator.userAgent)) setTimeout(a, 0); + else a(); + } + void(0); +STANDARD_SIMPLE; + yourls_bookmarklet_link( yourls_make_bookmarklet( $js_code ), yourls__( 'Shorten' ) ); + ?> + </td> + + <td> + <?php $js_code = <<<POPUP_SIMPLE + // Simple Popup (in-page popup dialog, no keyword asked) + var d = document, + sc = d.createElement('script'), + l = d.location.href, + enc = encodeURIComponent, + ups = l.match( /^[a-zA-Z0-9\+\.-]+:(\/\/)?/ )[0], + ur = l.split(new RegExp(ups))[1], + ups = ups.split(/\:/), + p = '?up='+enc(ups[0]+':')+'&us='+enc(ups[1])+'&ur='+enc(ur)+'&t='+enc(d.title); + window.yourls_callback = function (r) { + if (r.short_url) { + prompt(r.message, r.short_url); + } else { + alert('An error occured: ' + r.message); + } + }; + sc.src = '$base_bookmarklet' + p + '&jsonp=yourls'; + void(d.body.appendChild(sc)); +POPUP_SIMPLE; + yourls_bookmarklet_link( yourls_make_bookmarklet( $js_code ), yourls__( 'Instant Shorten' ) ); + ?> + </td> + + </tr> + <tr> + <th class="header"><?php yourls_e( 'Custom Keyword' ); ?></th> + + <td> + <?php $js_code = <<<CUSTOM_STANDARD + // Custom Standard (new page, prompt for a keyword) + var d = document, + enc = encodeURIComponent, + w = window, + e = w.getSelection, + k = d.getSelection, + x = d.selection, + s = (e ? e() : (k) ? k() : (x ? x.createRange().text : 0)), + s2 = ((s.toString() == '') ? s : enc(s)), + f = '$base_bookmarklet', + l = d.location.href, + ups = l.match( /^[a-zA-Z0-9\+\.-]+:(\/\/)?/ )[0], + ur = l.split(new RegExp(ups))[1], + ups = ups.split(/\:/), + k = prompt("Custom URL"), + k2 = (k ? '&k=' + k : ""), + p = '?up='+enc(ups[0]+':')+'&us='+enc(ups[1])+'&ur='+enc(ur)+'&t='+enc(d.title)+'&s='+s2 + k2, + u = f + p; + if (k != null) { + try { + throw ('ozhismygod'); + } catch (z) { + a = function () { + if (!w.open(u)) l = u; + }; + if (/Firefox/.test(navigator.userAgent)) setTimeout(a, 0); + else a(); + } + void(0) + } +CUSTOM_STANDARD; + yourls_bookmarklet_link( yourls_make_bookmarklet( $js_code ), yourls__( 'Custom shorten' ) ); + ?> + </td> + + <td> + <?php $js_code = <<<CUSTOM_POPUP + // Custom Popup (prompt for a keyword + on-page popup) + var d = document, + l = d.location.href, + k = prompt('Custom URL'), + enc = encodeURIComponent, + ups = l.match( /^[a-zA-Z0-9\+\.-]+:(\/\/)?/ )[0], + ur = l.split(new RegExp(ups))[1], + ups = ups.split(/\:/), + p = '?up='+enc(ups[0]+':')+'&us='+enc(ups[1])+'&ur='+enc(ur)+'&t='+enc(d.title); + sc = d.createElement('script'); + if (k != null) { + window.yourls_callback = function (r) { + if (r.short_url) { + prompt(r.message, r.short_url); + } else { + alert('An error occured: ' + r.message); + } + }; + sc.src = '$base_bookmarklet' + p + '&k=' + k + '&jsonp=yourls'; + void(d.body.appendChild(sc)); + } +CUSTOM_POPUP; + yourls_bookmarklet_link( yourls_make_bookmarklet( $js_code ), yourls__( 'Instant Custom Shorten' ) ); + ?> + </td> + + </tr> + </tbody> + </table> + + + <h3><?php yourls_e( 'Social Bookmarklets' ); ?></h3> + + <p><?php yourls_e( 'Create a short URL and share it on social networks, all in one click!' ); ?> + <?php yourls_e( 'Click and drag links to your toolbar (or right-click and bookmark it)' ); ?></p> + + <p><?php yourls_e( 'Shorten and share:' ); ?></p> + + <p> + <?php $js_code = <<<FACEBOOK + // Share on Facebook + var d = document, + enc = encodeURIComponent, + f = '$base_bookmarklet', + l = d.location.href, + ups = l.match( /^[a-zA-Z0-9\+\.-]+:(\/\/)?/ )[0], + ur = l.split(new RegExp(ups))[1], + ups = ups.split(/\:/), + p = '?up=' + enc(ups[0]+':') + '&us=' + enc(ups[1]) + '&ur=' + enc(ur) + '&t=' + enc(d.title) + '&share=facebook', + u = f + p; + try { + throw ('ozhismygod'); + } catch (z) { + a = function () { + if (!window.open(u,'Share','width=500,height=340,left=100','_blank')) l.href = u; + }; + if (/Firefox/.test(navigator.userAgent)) setTimeout(a, 0); + else a(); + } + void(0); +FACEBOOK; + yourls_bookmarklet_link( yourls_make_bookmarklet( $js_code ), yourls__( 'YOURLS & Facebook' ) ); + ?> + + <?php $js_code = <<<TWITTER + // Share on Twitter + var d = document, + w = window, + enc = encodeURIComponent, + e = w.getSelection, + k = d.getSelection, + x = d.selection, + s = (e ? e() : (k) ? k() : (x ? x.createRange().text : 0)), + s2 = ((s.toString() == '') ? s : '%20%22' + enc(s) + '%22'), + f = '$base_bookmarklet', + l = d.location.href, + ups = l.match( /^[a-zA-Z0-9\+\.-]+:(\/\/)?/ )[0], + ur = l.split(new RegExp(ups))[1], + ups = ups.split(/\:/), + p = '?up=' + enc(ups[0]+':') + '&us=' + enc(ups[1]) + '&ur='+enc(ur) + '&t=' + enc(d.title) + s2 + '&share=twitter', + u = f + p; + try { + throw ('ozhismygod'); + } catch (z) { + a = function () { + if (!w.open(u,'Share','width=780,height=265,left=100','_blank')) l = u; + }; + if (/Firefox/.test(navigator.userAgent)) setTimeout(a, 0); + else a(); + } + void(0); +TWITTER; + yourls_bookmarklet_link( yourls_make_bookmarklet( $js_code ), yourls__( 'YOURLS & Twitter' ) ); + ?> + + <?php $js_code = <<<TUMBLR + // Share on Tumlr + var d = document, + w = window, + enc = encodeURIComponent, + share = 'tumblr', + e = w.getSelection, + k = d.getSelection, + x = d.selection, + s = (e ? e() : (k) ? k() : (x ? x.createRange().text : 0)), + s2 = ((s.toString() == '') ? s : '%20%22' + enc(s) + '%22'), + f = '$base_bookmarklet', + l = d.location.href, + ups = l.match( /^[a-zA-Z0-9\+\.-]+:(\/\/)?/ )[0], + ur = l.split(new RegExp(ups))[1], + ups = ups.split(/\:/), + p = '?up=' + enc(ups[0]+':') + '&us=' + enc(ups[1]) + '&ur='+enc(ur) + '&t=' + enc(d.title) + '&s=' + s2 + '&share=tumblr', + u = f + p; + try { + throw ('ozhismygod'); + } catch (z) { + a = function () { + if (!w.open(u,'Share','width=450,height=450,left=430','_blank')) l = u; + }; + if (/Firefox/.test(navigator.userAgent)) setTimeout(a, 0); + else a(); + } + void(0); +TUMBLR; + yourls_bookmarklet_link( yourls_make_bookmarklet( $js_code ), yourls__( 'YOURLS & Tumblr' ) ); + ?> + + <?php yourls_do_action( 'social_bookmarklet_buttons_after' ); ?> + + </p> + + <h2><?php yourls_e( 'Prefix-n-Shorten' ); ?></h2> + + <p><?php yourls_se( "When viewing a page, you can also prefix its full URL: just head to your browser's address bar, add \"<span>%s</span>\" to the beginning of the current URL (right before its 'http://' part) and hit enter.", preg_replace('@https?://@', '', YOURLS_SITE) . '/' ); ?></p> + + <p><?php + yourls_e( 'Note: this will probably not work if your web server is running on Windows' ); + if( yourls_is_windows() ) + yourls_e( ' (which seems to be the case here)' ); + ?>.</p> + + + <?php if( yourls_is_private() ) { ?> + + <h2><?php yourls_e( 'Secure passwordless API call' ); ?></h2> + + <p><?php + yourls_e( 'YOURLS allows API calls the old fashioned way, using <tt>username</tt> and <tt>password</tt> parameters.' ); + echo "\n"; + yourls_e( "If you're worried about sending your credentials into the wild, you can also make API calls without using your login or your password, using a secret signature token." ); + ?></p> + + <p><?php yourls_se( 'Your secret signature token: <strong><code>%s</code></strong>', yourls_auth_signature() ); ?> + <?php yourls_e( "(It's a secret. Keep it secret) "); ?></p> + + <p><?php yourls_e( 'This signature token can only be used with the API, not with the admin interface.' ); ?></p> + + <ul> + <li><h3><?php yourls_e( 'Usage of the signature token' ); ?></h3> + <p><?php yourls_e( 'Simply use parameter <tt>signature</tt> in your API requests. Example:' ); ?></p> + <p><code><?php echo YOURLS_SITE; ?>/yourls-api.php?signature=<?php echo yourls_auth_signature(); ?>&action=...</code></p> + </li> + + <li><h3><?php yourls_e( 'Usage of a time limited signature token' ); ?></h3> +<pre><code><?php +$timestamp = time(); +<tt>// <?php yourls_e( 'actual value:' ); ?> $time = <?php $time = time(); echo $time; ?></tt> +$signature = md5( $timestamp . '<?php echo yourls_auth_signature(); ?>' ); +<tt>// <?php yourls_e( 'actual value:' ); ?> $signature = "<?php $sign = md5( $time. yourls_auth_signature() ); echo $sign; ?>"</tt> +?> +</code></pre> + <p><?php yourls_e( 'Now use parameters <tt>signature</tt> and <tt>timestamp</tt> in your API requests. Example:' ); ?></p> + <p><code><?php echo YOURLS_SITE; ?>/yourls-api.php?timestamp=<strong>$timestamp</strong>&signature=<strong>$signature</strong>&action=...</code></p> + <p><?php yourls_e( 'Actual values:' ); ?><br/> + <tt><?php echo YOURLS_SITE; ?>/yourls-api.php?timestamp=<?php echo $time; ?>&signature=<?php echo $sign; ?>&action=...</tt></p> + <p><?php yourls_se( 'This URL would be valid for only %s seconds', YOURLS_NONCE_LIFE ); ?></p> + </li> + </ul> + + <p><?php yourls_se( 'See the <a href="%s">API documentation</a> for more', YOURLS_SITE . '/readme.html#API' ); ?></p> + + </main> + + <?php } // end is private ?> + +<?php yourls_html_footer(); ?> diff --git a/admin/upgrade.php b/admin/upgrade.php new file mode 100644 index 0000000..de46369 --- /dev/null +++ b/admin/upgrade.php @@ -0,0 +1,86 @@ +<?php +define( 'YOURLS_ADMIN', true ); +define( 'YOURLS_UPGRADING', true ); +require_once( dirname( __DIR__ ).'/includes/load-yourls.php' ); +require_once( YOURLS_INC.'/functions-upgrade.php' ); +require_once( YOURLS_INC.'/functions-install.php' ); +yourls_maybe_require_auth(); + +yourls_html_head( 'upgrade', yourls__( 'Upgrade YOURLS' ) ); +yourls_html_logo(); +yourls_html_menu(); +?> + <h2><?php yourls_e( 'Upgrade YOURLS' ); ?></h2> +<?php + +// Check if upgrade is needed +if ( !yourls_upgrade_is_needed() ) { + echo '<p>' . yourls_s( 'Upgrade not required. Go <a href="%s">back to play</a>!', yourls_admin_url('index.php') ) . '</p>'; + + +} else { + /* + step 1: create new tables and populate them, update old tables structure, + step 2: convert each row of outdated tables if needed + step 3: - if applicable finish updating outdated tables (indexes etc) + - update version & db_version in options, this is all done! + */ + + // From what are we upgrading? + if ( isset( $_GET['oldver'] ) && isset( $_GET['oldsql'] ) ) { + $oldver = yourls_sanitize_version( $_GET['oldver'] ); + $oldsql = yourls_sanitize_version( $_GET['oldsql'] ); + } else { + list( $oldver, $oldsql ) = yourls_get_current_version_from_sql(); + } + + // To what are we upgrading ? + $newver = YOURLS_VERSION; + $newsql = YOURLS_DB_VERSION; + + // Verbose & ugly details + yourls_debug_mode(true); + + // Let's go + $step = ( isset( $_GET['step'] ) ? intval( $_GET['step'] ) : 0 ); + switch( $step ) { + + default: + case 0: + ?> + <p><?php yourls_e( 'Your current installation needs to be upgraded.' ); ?></p> + <p><?php yourls_e( 'Please, pretty please, it is recommended that you <strong>backup</strong> your database<br/>(you should do this regularly anyway)' ); ?></p> + <p><?php yourls_e( "Nothing awful <em>should</em> happen, but this doesn't mean it <em>won't</em> happen, right? ;)" ); ?></p> + <p><?php yourls_e( "On every step, if <span class='error'>something goes wrong</span>, you'll see a message and hopefully a way to fix." ); ?></p> + <p><?php yourls_e( 'If everything goes too fast and you cannot read, <span class="success">good for you</span>, let it go :)' ); ?></p> + <p><?php yourls_e( 'Once you are ready, press "Upgrade" !' ); ?></p> + <?php + echo " + <form action='upgrade.php?' method='get'> + <input type='hidden' name='step' value='1' /> + <input type='hidden' name='oldver' value='$oldver' /> + <input type='hidden' name='newver' value='$newver' /> + <input type='hidden' name='oldsql' value='$oldsql' /> + <input type='hidden' name='newsql' value='$newsql' /> + <input type='submit' class='primary' value='" . yourls_esc_attr__( 'Upgrade' ) . "' /> + </form>"; + + break; + + case 1: + case 2: + $upgrade = yourls_upgrade( $step, $oldver, $newver, $oldsql, $newsql ); + break; + + case 3: + $upgrade = yourls_upgrade( 3, $oldver, $newver, $oldsql, $newsql ); + echo '<p>' . yourls__( 'Your installation is now up to date ! ' ) . '</p>'; + echo '<p>' . yourls_s( 'Go back to <a href="%s">the admin interface</a>', yourls_admin_url('index.php') ) . '</p>'; + } + +} + + +?> + +<?php yourls_html_footer(); ?> |