Maingron/better-yourls-blacklist-domains
1
1
Fork 0
forked from Sophia/better-yourls-blacklist-domains
Code Pull Requests Activity

Bump version in plugin.php and remove tabs that someone put there by sleeping on the keyboard, I guess. whoops

Browse Source
This commit is contained in:
Maingron
2025-09-13 02:35:18 +02:00
parent 7235f4d8bc
commit 764b858de6
1 changed files with 139 additions and 139 deletions
Download Patch File Download Diff File Expand all files Collapse all files

276
plugin.php
View File

@@ -1,158 +1,158 @@
<?php
/*
Plugin Name: Better Yourls BlackList Domains
Plugin URI: https://git.oldgate.org/Sophia/better-yourls-blacklist-domains
Description: Plugin which disallows blacklisted domains and bans the submitter's IP address. GPL v3
Version: 0.06
Author: Sophia Atkinson
Author URI: https://sophia.wtf
Original Author: apelly
Original Author URI: http://len.io
*/
<?php
/*
Plugin Name: Better Yourls BlackList Domains
Plugin URI: https://git.oldgate.org/Sophia/better-yourls-blacklist-domains
Description: Plugin which disallows blacklisted domains and bans the submitter's IP address. GPL v3
Version: 0.07
Author: Sophia Atkinson
Author URI: https://sophia.wtf
Original Author: apelly
Original Author URI: http://len.io
*/
// No direct access
if( !defined( 'YOURLS_ABSPATH' ) ) die();
// No direct access
if( !defined( 'YOURLS_ABSPATH' ) ) die();
// Hook the custom function into the 'shunt_add_new_link' event
yourls_add_filter( 'shunt_add_new_link', 'better_blacklist_domain_check' );
// Hook the custom function into the 'shunt_add_new_link' event
yourls_add_filter( 'shunt_add_new_link', 'better_blacklist_domain_check' );
// Hook the admin page into the 'plugins_loaded' event
yourls_add_action( 'plugins_loaded', 'better_blacklist_add_admin_page' );
// Hook the admin page into the 'plugins_loaded' event
yourls_add_action( 'plugins_loaded', 'better_blacklist_add_admin_page' );
// Function to check if a domain is blacklisted
function better_blacklist_domain_check( $shunt, $url ) {
// Parse the URL and extract the host
$parsed_url = parse_url( $url );
// Function to check if a domain is blacklisted
function better_blacklist_domain_check( $shunt, $url ) {
// Parse the URL and extract the host
$parsed_url = parse_url( $url );
// If parsing fails or host is empty, deny the URL
if (empty($parsed_url['host'])) {
return blacklist_fail_response();
}
// If parsing fails or host is empty, deny the URL
if (empty($parsed_url['host'])) {
return blacklist_fail_response();
}
$domain = $parsed_url['host'];
$domain = $parsed_url['host'];
// Block if using blacklisted protocols
if ( isset($parsed_url['scheme']) && in_array( $parsed_url['scheme'], ['http', 'https'], true ) ) {
// Instead of blocking here, we return the original shunt
// to avoid blocking all URLs with blacklisted protocols
}
// Block if using blacklisted protocols
if ( isset($parsed_url['scheme']) && in_array( $parsed_url['scheme'], ['http', 'https'], true ) ) {
// Instead of blocking here, we return the original shunt
// to avoid blocking all URLs with blacklisted protocols
}
// Retrieve blacklisted domains from options
$blacklisted_domains = yourls_get_option( 'better_blacklist_domain_list' );
// Retrieve blacklisted domains from options
$blacklisted_domains = yourls_get_option( 'better_blacklist_domain_list' );
// If there's a blacklist, check the domain
if ( $blacklisted_domains ) {
$blacklisted_domains = unserialize( $blacklisted_domains );
// If there's a blacklist, check the domain
if ( $blacklisted_domains ) {
$blacklisted_domains = unserialize( $blacklisted_domains );
foreach ( $blacklisted_domains as $blacklisted_domain ) {
// Check if the entry starts with '/', then consider regex handling
if (strpos($blacklisted_domain, '/') === 0) {
if (@preg_match($blacklisted_domain, $domain)) {
return blacklist_fail_response();
}
} else {
// Otherwise treat as plain domain (old behavior)
$pattern = '/(?:^|\.)' . preg_quote( $blacklisted_domain, '/' ) . '$/i';
if ( preg_match( $pattern, $domain ) ) {
return blacklist_fail_response();
}
foreach ( $blacklisted_domains as $blacklisted_domain ) {
// Check if the entry starts with '/', then consider regex handling
if (strpos($blacklisted_domain, '/') === 0) {
if (@preg_match($blacklisted_domain, $domain)) {
return blacklist_fail_response();
}
} else {
// Otherwise treat as plain domain (old behavior)
$pattern = '/(?:^|\.)' . preg_quote( $blacklisted_domain, '/' ) . '$/i';
if ( preg_match( $pattern, $domain ) ) {
return blacklist_fail_response();
}
}
}
// No match, allow the URL
return $shunt;
}
// Return failure response for blacklisted URLs
function blacklist_fail_response() {
return array(
'status' => 'fail',
'code' => 'error:url',
'message' => 'This domain is blacklisted',
'errorCode' => '403',
);
// No match, allow the URL
return $shunt;
}
// Return failure response for blacklisted URLs
function blacklist_fail_response() {
return array(
'status' => 'fail',
'code' => 'error:url',
'message' => 'This domain is blacklisted',
'errorCode' => '403',
);
}
// Add admin page to handle blacklist management
function better_blacklist_add_admin_page() {
yourls_register_plugin_page( 'better_blacklist_domain', 'Blacklist Domains', 'better_blacklist_admin_page' );
}
// Display the blacklist admin page
function better_blacklist_admin_page() {
if ( $_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action']) && $_POST['action'] === 'blacklist_domain' ) {
better_blacklist_process_form();
} else {
better_blacklist_display_form();
}
}
// Display the form to update the blacklist
function better_blacklist_display_form() {
$nonce = yourls_create_nonce( 'blacklist_domain' );
$blacklist_domains = yourls_get_option( 'better_blacklist_domain_list', 'Enter domain addresses here, one per line' );
if ( $blacklist_domains !== 'Enter domain addresses here, one per line' ) {
$blacklist_domains = implode( "\r\n", unserialize( $blacklist_domains ) );
}
// Add admin page to handle blacklist management
function better_blacklist_add_admin_page() {
yourls_register_plugin_page( 'better_blacklist_domain', 'Blacklist Domains', 'better_blacklist_admin_page' );
}
echo <<<HTML
<h2>Blacklist Domains</h2>
<form method="post">
<input type="hidden" name="action" value="blacklist_domain" />
<input type="hidden" name="nonce" value="$nonce" />
<p>Enter domains to blacklist (one per line):</p>
// Display the blacklist admin page
function better_blacklist_admin_page() {
if ( $_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action']) && $_POST['action'] === 'blacklist_domain' ) {
better_blacklist_process_form();
} else {
better_blacklist_display_form();
}
}
// Display the form to update the blacklist
function better_blacklist_display_form() {
$nonce = yourls_create_nonce( 'blacklist_domain' );
$blacklist_domains = yourls_get_option( 'better_blacklist_domain_list', 'Enter domain addresses here, one per line' );
if ( $blacklist_domains !== 'Enter domain addresses here, one per line' ) {
$blacklist_domains = implode( "\r\n", unserialize( $blacklist_domains ) );
}
echo <<<HTML
<h2>Blacklist Domains</h2>
<form method="post">
<input type="hidden" name="action" value="blacklist_domain" />
<input type="hidden" name="nonce" value="$nonce" />
<p>Enter domains to blacklist (one per line):</p>
<details>
<summary>Advanced Usage (Regex)</summary>
<div>
<p>
You can use regular expressions (Regex) to define more complex patterns for blacklisting domains.<br>
To use Regex, enter your pattern between slashes (/).<br>
For example, to block all subdomains of example.com, you could enter <code>/\.example\.com$/i</code>.<br>
The <kbd>i</kbd> flag at the end makes the match case-insensitive. Usually you want to use this flag.
</p>
<p>
<b>Further examples:</b><br>
<code>/.*\.xxx$/i</code> - Blocks all domains ending with .xxx<br>
<br>
Be cautious when using Regex, as incorrect patterns can lead to unintended blocking of domains.<br>
Always test your Regex patterns to ensure they work as expected.
</p>
</div>
</details><br>
<textarea class="blacklist-domains" cols="60" rows="15" name="blacklist_form" placeholder="Example: block.example.com">$blacklist_domains</textarea>
<p><input type="submit" value="Save" /></p>
</form>
HTML;
}
// Process the blacklist form submission
function better_blacklist_process_form() {
// Verify nonce for security
yourls_verify_nonce( 'blacklist_domain' );
// Sanitize and process the form input
$blacklist_form = array_filter( array_map( 'trim', explode( "\r\n", $_POST['blacklist_form'] ) ) );
// Alphabetize the blacklist
sort($blacklist_form, SORT_STRING | SORT_FLAG_CASE);
// Update the option with serialized data
yourls_update_option( 'better_blacklist_domain_list', serialize( $blacklist_form ) );
echo "<p>Blacklist updated!</p>";
if ( empty( $blacklist_form ) ) {
echo "<p>The blacklist is currently empty.</p>";
} else {
echo "<p>Current blacklisted domains:</p><ul>";
foreach ( $blacklist_form as $domain ) {
echo "<li>" . htmlspecialchars($domain, ENT_QUOTES) . "</li>";
}
echo "</ul>";
<details>
<summary>Advanced Usage (Regex)</summary>
<div>
<p>
You can use regular expressions (Regex) to define more complex patterns for blacklisting domains.<br>
To use Regex, enter your pattern between slashes (/).<br>
For example, to block all subdomains of example.com, you could enter <code>/\.example\.com$/i</code>.<br>
The <kbd>i</kbd> flag at the end makes the match case-insensitive. Usually you want to use this flag.
</p>
<p>
<b>Further examples:</b><br>
<code>/.*\.xxx$/i</code> - Blocks all domains ending with .xxx<br>
<br>
Be cautious when using Regex, as incorrect patterns can lead to unintended blocking of domains.<br>
Always test your Regex patterns to ensure they work as expected.
</p>
</div>
</details><br>
<textarea class="blacklist-domains" cols="60" rows="15" name="blacklist_form" placeholder="Example: block.example.com">$blacklist_domains</textarea>
<p><input type="submit" value="Save" /></p>
</form>
HTML;
}
// Process the blacklist form submission
function better_blacklist_process_form() {
// Verify nonce for security
yourls_verify_nonce( 'blacklist_domain' );
// Sanitize and process the form input
$blacklist_form = array_filter( array_map( 'trim', explode( "\r\n", $_POST['blacklist_form'] ) ) );
// Alphabetize the blacklist
sort($blacklist_form, SORT_STRING | SORT_FLAG_CASE);
// Update the option with serialized data
yourls_update_option( 'better_blacklist_domain_list', serialize( $blacklist_form ) );
echo "<p>Blacklist updated!</p>";
if ( empty( $blacklist_form ) ) {
echo "<p>The blacklist is currently empty.</p>";
} else {
echo "<p>Current blacklisted domains:</p><ul>";
foreach ( $blacklist_form as $domain ) {
echo "<li>" . htmlspecialchars($domain, ENT_QUOTES) . "</li>";
}
echo "</ul>";
}
}