Maingron/better-yourls-blacklist-domains
1
1
Fork 0
forked from Sophia/better-yourls-blacklist-domains
Code Pull Requests Activity

Compare commits

base: Maingron:7ea141cc239420ec5832319faaf80b80f5ce501f
Branches Tags
Maingron:master Sophia:master
Maingron:0.06 Sophia:0.07 Sophia:0.06
...
compare: Maingron:master
Branches Tags
Maingron:master Sophia:master
Maingron:0.06 Sophia:0.07 Sophia:0.06

4 Commits
7ea141cc23 ... master

Author SHA1 Message Date
Sophia Atkinson
66c68b3586 Merge pull request 'Regex support' (#1) from Maingron/better-yourls-blacklist-domains:master into master 
Reviewed-on: Sophia/better-yourls-blacklist-domains#1
 2025-09-12 22:36:09 -07:00
Maingron
764b858de6 Bump version in plugin.php and remove tabs that someone put there by sleeping on the keyboard, I guess. whoops 2025-09-13 02:35:18 +02:00
Maingron
7235f4d8bc Fix typo in Readme 2025-09-13 02:32:14 +02:00
Maingron
b4c196292c Fix missing line breaks in Readme 2025-09-13 02:29:43 +02:00
2 changed files with 143 additions and 143 deletions
Expand all files Collapse all files

8
README.md
View File

@@ -35,15 +35,15 @@ Thanks to [Panthro](https://github.com/Panthro) for [YourlsWhiteListDomains](htt
> You are free to fork whatever you want, that's what code is for! > You are free to fork whatever you want, that's what code is for!
Also thanks to [LudoBoggio](https://github.com/LudoBoggio) for the [YourlsBlacklistIPs](https://github.com/LudoBoggio/YourlsBlacklistIPs) plugin which was the base for YourlsWhiteListDomains. Also thanks to [LudoBoggio](https://github.com/LudoBoggio) for the [YourlsBlacklistIPs](https://github.com/LudoBoggio/YourlsBlacklistIPs) plugin which was the base for YourlsWhiteListDomains.
>I've written this plugin for the community, to help Yourls users, to help Yourls author, to help to spread this software, to pay my free use of it, and to learn a bit more of programming. I didn't provide any license informations because I never tried to understand them. Therefore, I leave you all rights to use my plugin in any way you want, the fact that it help to bring more Yourls user is just enough from my point of view. > I've written this plugin for the community, to help Yourls users, to help Yourls author, to help to spread this software, to pay my free use of it, and to learn a bit more of programming. I didn't provide any license information because I never tried to understand them. Therefore, I leave you all rights to use my plugin in any way you want, the fact that it help to bring more Yourls user is just enough from my point of view.
## Changelog ## Changelog
--------- ---------
v0.07 Maingron added regex support v0.07 Maingron added regex support
v0.06 Alphabetize the blacklist v0.06 Alphabetize the blacklist
v0.05 Fix all links being blocked v0.05 Fix all links being blocked
v0.04 Fix https and not both https and http blocking v0.04 Fix https and not both https and http blocking
v0.03 Fix some crap code (of mine) v0.03 Fix some crap code (of mine)
v0.02 Cosmetic changes v0.02 Cosmetic changes

278
plugin.php
View File

@@ -1,158 +1,158 @@
<?php <?php
/* /*
Plugin Name: Better Yourls BlackList Domains Plugin Name: Better Yourls BlackList Domains
Plugin URI: https://git.oldgate.org/Sophia/better-yourls-blacklist-domains Plugin URI: https://git.oldgate.org/Sophia/better-yourls-blacklist-domains
Description: Plugin which disallows blacklisted domains and bans the submitter's IP address. GPL v3 Description: Plugin which disallows blacklisted domains and bans the submitter's IP address. GPL v3
Version: 0.06 Version: 0.07
Author: Sophia Atkinson Author: Sophia Atkinson
Author URI: https://sophia.wtf Author URI: https://sophia.wtf
Original Author: apelly Original Author: apelly
Original Author URI: http://len.io Original Author URI: http://len.io
*/ */
// No direct access // No direct access
if( !defined( 'YOURLS_ABSPATH' ) ) die(); if( !defined( 'YOURLS_ABSPATH' ) ) die();
// Hook the custom function into the 'shunt_add_new_link' event // Hook the custom function into the 'shunt_add_new_link' event
yourls_add_filter( 'shunt_add_new_link', 'better_blacklist_domain_check' ); yourls_add_filter( 'shunt_add_new_link', 'better_blacklist_domain_check' );
// Hook the admin page into the 'plugins_loaded' event // Hook the admin page into the 'plugins_loaded' event
yourls_add_action( 'plugins_loaded', 'better_blacklist_add_admin_page' ); yourls_add_action( 'plugins_loaded', 'better_blacklist_add_admin_page' );
// Function to check if a domain is blacklisted // Function to check if a domain is blacklisted
function better_blacklist_domain_check( $shunt, $url ) { function better_blacklist_domain_check( $shunt, $url ) {
// Parse the URL and extract the host // Parse the URL and extract the host
$parsed_url = parse_url( $url ); $parsed_url = parse_url( $url );
// If parsing fails or host is empty, deny the URL // If parsing fails or host is empty, deny the URL
if (empty($parsed_url['host'])) { if (empty($parsed_url['host'])) {
return blacklist_fail_response(); return blacklist_fail_response();
} }
$domain = $parsed_url['host']; $domain = $parsed_url['host'];
// Block if using blacklisted protocols // Block if using blacklisted protocols
if ( isset($parsed_url['scheme']) && in_array( $parsed_url['scheme'], ['http', 'https'], true ) ) { if ( isset($parsed_url['scheme']) && in_array( $parsed_url['scheme'], ['http', 'https'], true ) ) {
// Instead of blocking here, we return the original shunt // Instead of blocking here, we return the original shunt
// to avoid blocking all URLs with blacklisted protocols // to avoid blocking all URLs with blacklisted protocols
} }
// Retrieve blacklisted domains from options // Retrieve blacklisted domains from options
$blacklisted_domains = yourls_get_option( 'better_blacklist_domain_list' ); $blacklisted_domains = yourls_get_option( 'better_blacklist_domain_list' );
// If there's a blacklist, check the domain // If there's a blacklist, check the domain
if ( $blacklisted_domains ) { if ( $blacklisted_domains ) {
$blacklisted_domains = unserialize( $blacklisted_domains ); $blacklisted_domains = unserialize( $blacklisted_domains );
foreach ( $blacklisted_domains as $blacklisted_domain ) { foreach ( $blacklisted_domains as $blacklisted_domain ) {
// Check if the entry starts with '/', then consider regex handling // Check if the entry starts with '/', then consider regex handling
if (strpos($blacklisted_domain, '/') === 0) { if (strpos($blacklisted_domain, '/') === 0) {
if (@preg_match($blacklisted_domain, $domain)) { if (@preg_match($blacklisted_domain, $domain)) {
return blacklist_fail_response(); return blacklist_fail_response();
} }
} else { } else {
// Otherwise treat as plain domain (old behavior) // Otherwise treat as plain domain (old behavior)
$pattern = '/(?:^|\.)' . preg_quote( $blacklisted_domain, '/' ) . '$/i'; $pattern = '/(?:^|\.)' . preg_quote( $blacklisted_domain, '/' ) . '$/i';
if ( preg_match( $pattern, $domain ) ) { if ( preg_match( $pattern, $domain ) ) {
return blacklist_fail_response(); return blacklist_fail_response();
}
} }
} }
} }
// No match, allow the URL
return $shunt;
} }
// Return failure response for blacklisted URLs // No match, allow the URL
function blacklist_fail_response() { return $shunt;
return array( }
'status' => 'fail',
'code' => 'error:url', // Return failure response for blacklisted URLs
'message' => 'This domain is blacklisted', function blacklist_fail_response() {
'errorCode' => '403', return array(
); 'status' => 'fail',
'code' => 'error:url',
'message' => 'This domain is blacklisted',
'errorCode' => '403',
);
}
// Add admin page to handle blacklist management
function better_blacklist_add_admin_page() {
yourls_register_plugin_page( 'better_blacklist_domain', 'Blacklist Domains', 'better_blacklist_admin_page' );
}
// Display the blacklist admin page
function better_blacklist_admin_page() {
if ( $_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action']) && $_POST['action'] === 'blacklist_domain' ) {
better_blacklist_process_form();
} else {
better_blacklist_display_form();
}
}
// Display the form to update the blacklist
function better_blacklist_display_form() {
$nonce = yourls_create_nonce( 'blacklist_domain' );
$blacklist_domains = yourls_get_option( 'better_blacklist_domain_list', 'Enter domain addresses here, one per line' );
if ( $blacklist_domains !== 'Enter domain addresses here, one per line' ) {
$blacklist_domains = implode( "\r\n", unserialize( $blacklist_domains ) );
} }
// Add admin page to handle blacklist management echo <<<HTML
function better_blacklist_add_admin_page() { <h2>Blacklist Domains</h2>
yourls_register_plugin_page( 'better_blacklist_domain', 'Blacklist Domains', 'better_blacklist_admin_page' ); <form method="post">
} <input type="hidden" name="action" value="blacklist_domain" />
<input type="hidden" name="nonce" value="$nonce" />
<p>Enter domains to blacklist (one per line):</p>
// Display the blacklist admin page <details>
function better_blacklist_admin_page() { <summary>Advanced Usage (Regex)</summary>
if ( $_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action']) && $_POST['action'] === 'blacklist_domain' ) { <div>
better_blacklist_process_form(); <p>
} else { You can use regular expressions (Regex) to define more complex patterns for blacklisting domains.<br>
better_blacklist_display_form(); To use Regex, enter your pattern between slashes (/).<br>
}
} For example, to block all subdomains of example.com, you could enter <code>/\.example\.com$/i</code>.<br>
The <kbd>i</kbd> flag at the end makes the match case-insensitive. Usually you want to use this flag.
// Display the form to update the blacklist </p>
function better_blacklist_display_form() {
$nonce = yourls_create_nonce( 'blacklist_domain' ); <p>
$blacklist_domains = yourls_get_option( 'better_blacklist_domain_list', 'Enter domain addresses here, one per line' ); <b>Further examples:</b><br>
<code>/.*\.xxx$/i</code> - Blocks all domains ending with .xxx<br>
if ( $blacklist_domains !== 'Enter domain addresses here, one per line' ) { <br>
$blacklist_domains = implode( "\r\n", unserialize( $blacklist_domains ) );
} Be cautious when using Regex, as incorrect patterns can lead to unintended blocking of domains.<br>
Always test your Regex patterns to ensure they work as expected.
echo <<<HTML </p>
<h2>Blacklist Domains</h2> </div>
<form method="post"> </details><br>
<input type="hidden" name="action" value="blacklist_domain" /> <textarea class="blacklist-domains" cols="60" rows="15" name="blacklist_form" placeholder="Example: block.example.com">$blacklist_domains</textarea>
<input type="hidden" name="nonce" value="$nonce" /> <p><input type="submit" value="Save" /></p>
<p>Enter domains to blacklist (one per line):</p> </form>
HTML;
<details> }
<summary>Advanced Usage (Regex)</summary>
<div> // Process the blacklist form submission
<p> function better_blacklist_process_form() {
You can use regular expressions (Regex) to define more complex patterns for blacklisting domains.<br> // Verify nonce for security
To use Regex, enter your pattern between slashes (/).<br> yourls_verify_nonce( 'blacklist_domain' );
For example, to block all subdomains of example.com, you could enter <code>/\.example\.com$/i</code>.<br> // Sanitize and process the form input
The <kbd>i</kbd> flag at the end makes the match case-insensitive. Usually you want to use this flag. $blacklist_form = array_filter( array_map( 'trim', explode( "\r\n", $_POST['blacklist_form'] ) ) );
</p>
// Alphabetize the blacklist
<p> sort($blacklist_form, SORT_STRING | SORT_FLAG_CASE);
<b>Further examples:</b><br>
<code>/.*\.xxx$/i</code> - Blocks all domains ending with .xxx<br> // Update the option with serialized data
<br> yourls_update_option( 'better_blacklist_domain_list', serialize( $blacklist_form ) );
Be cautious when using Regex, as incorrect patterns can lead to unintended blocking of domains.<br> echo "<p>Blacklist updated!</p>";
Always test your Regex patterns to ensure they work as expected. if ( empty( $blacklist_form ) ) {
</p> echo "<p>The blacklist is currently empty.</p>";
</div> } else {
</details><br> echo "<p>Current blacklisted domains:</p><ul>";
<textarea class="blacklist-domains" cols="60" rows="15" name="blacklist_form" placeholder="Example: block.example.com">$blacklist_domains</textarea> foreach ( $blacklist_form as $domain ) {
<p><input type="submit" value="Save" /></p> echo "<li>" . htmlspecialchars($domain, ENT_QUOTES) . "</li>";
</form>
HTML;
}
// Process the blacklist form submission
function better_blacklist_process_form() {
// Verify nonce for security
yourls_verify_nonce( 'blacklist_domain' );
// Sanitize and process the form input
$blacklist_form = array_filter( array_map( 'trim', explode( "\r\n", $_POST['blacklist_form'] ) ) );
// Alphabetize the blacklist
sort($blacklist_form, SORT_STRING | SORT_FLAG_CASE);
// Update the option with serialized data
yourls_update_option( 'better_blacklist_domain_list', serialize( $blacklist_form ) );
echo "<p>Blacklist updated!</p>";
if ( empty( $blacklist_form ) ) {
echo "<p>The blacklist is currently empty.</p>";
} else {
echo "<p>Current blacklisted domains:</p><ul>";
foreach ( $blacklist_form as $domain ) {
echo "<li>" . htmlspecialchars($domain, ENT_QUOTES) . "</li>";
}
echo "</ul>";
} }
echo "</ul>";
} }
}