Sophia/better-yourls-blacklist-domains
1
1
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases 2 Wiki Activity

Compare commits

base: Sophia:0.06
Branches Tags
Sophia:master Maingron:master
Sophia:0.07 Sophia:0.06 Maingron:0.06
...
compare: Maingron:7235f4d8bce9095623ef6cfa7d844e87fdd8e2a9
Branches Tags
Maingron:master Sophia:master
Maingron:0.06 Sophia:0.07 Sophia:0.06

6 Commits
0.06 ... 7235f4d8bc

Author SHA1 Message Date
Maingron
7235f4d8bc Fix typo in Readme 2025-09-13 02:32:14 +02:00
Maingron
b4c196292c Fix missing line breaks in Readme 2025-09-13 02:29:43 +02:00
Maingron
7ea141cc23 Update Readme 2025-09-13 02:24:06 +02:00
Maingron
fa220e0470 Add regex docs to plugin.php page 2025-09-13 02:22:31 +02:00
Maingron
bd050d27c4 Add possible regex handling 2025-09-13 02:11:39 +02:00
Sophia Atkinson
5247655a50 fix tested version 2024-10-11 21:43:06 -07:00
2 changed files with 146 additions and 116 deletions
Expand all files Collapse all files

7
README.md
View File

@@ -6,9 +6,9 @@ Plugin for Yourls that disallows blacklisted domains. Further, if YourlsBlacklis
This plugin is intended to be used with YOURLS (cf. <https://yourls.org>)
It has been tested on YOURLS v1.5.1 and YourlsBlacklistIPs v1.3
It has been tested on YOURLS v1.9.2 and YourlsBlacklistIPs v1.3
Current version is 0.04
Current version is 0.07
**INSTALL :**
@@ -35,12 +35,13 @@ Thanks to [Panthro](https://github.com/Panthro) for [YourlsWhiteListDomains](htt
> You are free to fork whatever you want, that's what code is for!
Also thanks to [LudoBoggio](https://github.com/LudoBoggio) for the [YourlsBlacklistIPs](https://github.com/LudoBoggio/YourlsBlacklistIPs) plugin which was the base for YourlsWhiteListDomains.
>I've written this plugin for the community, to help Yourls users, to help Yourls author, to help to spread this software, to pay my free use of it, and to learn a bit more of programming. I didn't provide any license informations because I never tried to understand them. Therefore, I leave you all rights to use my plugin in any way you want, the fact that it help to bring more Yourls user is just enough from my point of view.
> I've written this plugin for the community, to help Yourls users, to help Yourls author, to help to spread this software, to pay my free use of it, and to learn a bit more of programming. I didn't provide any license information because I never tried to understand them. Therefore, I leave you all rights to use my plugin in any way you want, the fact that it help to bring more Yourls user is just enough from my point of view.
## Changelog
---------
v0.07 Maingron added regex support
v0.06 Alphabetize the blacklist
v0.05 Fix all links being blocked
v0.04 Fix https and not both https and http blocking

249
plugin.php
View File

@@ -1,129 +1,158 @@
<?php
/*
Plugin Name: Better Yourls BlackList Domains
Plugin URI: https://git.oldgate.org/Sophia/better-yourls-blacklist-domains
Description: Plugin which disallows blacklisted domains and bans the submitter's IP address. GPL v3
Version: 0.06
Author: Sophia Atkinson
Author URI: https://sophia.wtf
Original Author: apelly
Original Author URI: http://len.io
*/
<?php
/*
Plugin Name: Better Yourls BlackList Domains
Plugin URI: https://git.oldgate.org/Sophia/better-yourls-blacklist-domains
Description: Plugin which disallows blacklisted domains and bans the submitter's IP address. GPL v3
Version: 0.06
Author: Sophia Atkinson
Author URI: https://sophia.wtf
Original Author: apelly
Original Author URI: http://len.io
*/
// No direct access
if( !defined( 'YOURLS_ABSPATH' ) ) die();
// No direct access
if( !defined( 'YOURLS_ABSPATH' ) ) die();
// Hook the custom function into the 'shunt_add_new_link' event
yourls_add_filter( 'shunt_add_new_link', 'better_blacklist_domain_check' );
// Hook the custom function into the 'shunt_add_new_link' event
yourls_add_filter( 'shunt_add_new_link', 'better_blacklist_domain_check' );
// Hook the admin page into the 'plugins_loaded' event
yourls_add_action( 'plugins_loaded', 'better_blacklist_add_admin_page' );
// Hook the admin page into the 'plugins_loaded' event
yourls_add_action( 'plugins_loaded', 'better_blacklist_add_admin_page' );
// Function to check if a domain is blacklisted
function better_blacklist_domain_check( $shunt, $url ) {
// Parse the URL and extract the host
$parsed_url = parse_url( $url );
// Function to check if a domain is blacklisted
function better_blacklist_domain_check( $shunt, $url ) {
// Parse the URL and extract the host
$parsed_url = parse_url( $url );
// If parsing fails or host is empty, deny the URL
if (empty($parsed_url['host'])) {
return blacklist_fail_response();
}
// If parsing fails or host is empty, deny the URL
if (empty($parsed_url['host'])) {
return blacklist_fail_response();
}
$domain = $parsed_url['host'];
$domain = $parsed_url['host'];
// Block if using blacklisted protocols
if ( isset($parsed_url['scheme']) && in_array( $parsed_url['scheme'], ['http', 'https'], true ) ) {
// Instead of blocking here, we return the original shunt
// to avoid blocking all URLs with blacklisted protocols
}
// Block if using blacklisted protocols
if ( isset($parsed_url['scheme']) && in_array( $parsed_url['scheme'], ['http', 'https'], true ) ) {
// Instead of blocking here, we return the original shunt
// to avoid blocking all URLs with blacklisted protocols
}
// Retrieve blacklisted domains from options
$blacklisted_domains = yourls_get_option( 'better_blacklist_domain_list' );
// Retrieve blacklisted domains from options
$blacklisted_domains = yourls_get_option( 'better_blacklist_domain_list' );
// If there's a blacklist, check the domain
if ( $blacklisted_domains ) {
$blacklisted_domains = unserialize( $blacklisted_domains );
// If there's a blacklist, check the domain
if ( $blacklisted_domains ) {
$blacklisted_domains = unserialize( $blacklisted_domains );
foreach ( $blacklisted_domains as $blacklisted_domain ) {
// Use a regex to match the domain or subdomain
$pattern = '/(?:^|\.)' . preg_quote( $blacklisted_domain, '/' ) . '$/i';
if ( preg_match( $pattern, $domain ) ) {
return blacklist_fail_response();
foreach ( $blacklisted_domains as $blacklisted_domain ) {
// Check if the entry starts with '/', then consider regex handling
if (strpos($blacklisted_domain, '/') === 0) {
if (@preg_match($blacklisted_domain, $domain)) {
return blacklist_fail_response();
}
} else {
// Otherwise treat as plain domain (old behavior)
$pattern = '/(?:^|\.)' . preg_quote( $blacklisted_domain, '/' ) . '$/i';
if ( preg_match( $pattern, $domain ) ) {
return blacklist_fail_response();
}
}
}
}
// No match, allow the URL
return $shunt;
}
// No match, allow the URL
return $shunt;
}
// Return failure response for blacklisted URLs
function blacklist_fail_response() {
return array(
'status' => 'fail',
'code' => 'error:url',
'message' => 'This domain is blacklisted',
'errorCode' => '403',
);
}
// Add admin page to handle blacklist management
function better_blacklist_add_admin_page() {
yourls_register_plugin_page( 'better_blacklist_domain', 'Blacklist Domains', 'better_blacklist_admin_page' );
}
// Display the blacklist admin page
function better_blacklist_admin_page() {
if ( $_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action']) && $_POST['action'] === 'blacklist_domain' ) {
better_blacklist_process_form();
} else {
better_blacklist_display_form();
}
}
// Display the form to update the blacklist
function better_blacklist_display_form() {
$nonce = yourls_create_nonce( 'blacklist_domain' );
$blacklist_domains = yourls_get_option( 'better_blacklist_domain_list', 'Enter domain addresses here, one per line' );
if ( $blacklist_domains !== 'Enter domain addresses here, one per line' ) {
$blacklist_domains = implode( "\r\n", unserialize( $blacklist_domains ) );
// Return failure response for blacklisted URLs
function blacklist_fail_response() {
return array(
'status' => 'fail',
'code' => 'error:url',
'message' => 'This domain is blacklisted',
'errorCode' => '403',
);
}
echo <<<HTML
<h2>Blacklist Domains</h2>
<form method="post">
<input type="hidden" name="action" value="blacklist_domain" />
<input type="hidden" name="nonce" value="$nonce" />
<p>Enter domains to blacklist (one per line):</p>
<textarea class="blacklist-domains" cols="60" rows="15" name="blacklist_form">$blacklist_domains</textarea>
<p><input type="submit" value="Save" /></p>
</form>
HTML;
}
// Add admin page to handle blacklist management
function better_blacklist_add_admin_page() {
yourls_register_plugin_page( 'better_blacklist_domain', 'Blacklist Domains', 'better_blacklist_admin_page' );
}
// Process the blacklist form submission
function better_blacklist_process_form() {
// Verify nonce for security
yourls_verify_nonce( 'blacklist_domain' );
// Sanitize and process the form input
$blacklist_form = array_filter( array_map( 'trim', explode( "\r\n", $_POST['blacklist_form'] ) ) );
// Alphabetize the blacklist
sort($blacklist_form, SORT_STRING | SORT_FLAG_CASE);
// Update the option with serialized data
yourls_update_option( 'better_blacklist_domain_list', serialize( $blacklist_form ) );
echo "<p>Blacklist updated!</p>";
if ( empty( $blacklist_form ) ) {
echo "<p>The blacklist is currently empty.</p>";
} else {
echo "<p>Current blacklisted domains:</p><ul>";
foreach ( $blacklist_form as $domain ) {
echo "<li>" . htmlspecialchars($domain, ENT_QUOTES) . "</li>";
// Display the blacklist admin page
function better_blacklist_admin_page() {
if ( $_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action']) && $_POST['action'] === 'blacklist_domain' ) {
better_blacklist_process_form();
} else {
better_blacklist_display_form();
}
}
// Display the form to update the blacklist
function better_blacklist_display_form() {
$nonce = yourls_create_nonce( 'blacklist_domain' );
$blacklist_domains = yourls_get_option( 'better_blacklist_domain_list', 'Enter domain addresses here, one per line' );
if ( $blacklist_domains !== 'Enter domain addresses here, one per line' ) {
$blacklist_domains = implode( "\r\n", unserialize( $blacklist_domains ) );
}
echo <<<HTML
<h2>Blacklist Domains</h2>
<form method="post">
<input type="hidden" name="action" value="blacklist_domain" />
<input type="hidden" name="nonce" value="$nonce" />
<p>Enter domains to blacklist (one per line):</p>
<details>
<summary>Advanced Usage (Regex)</summary>
<div>
<p>
You can use regular expressions (Regex) to define more complex patterns for blacklisting domains.<br>
To use Regex, enter your pattern between slashes (/).<br>
For example, to block all subdomains of example.com, you could enter <code>/\.example\.com$/i</code>.<br>
The <kbd>i</kbd> flag at the end makes the match case-insensitive. Usually you want to use this flag.
</p>
<p>
<b>Further examples:</b><br>
<code>/.*\.xxx$/i</code> - Blocks all domains ending with .xxx<br>
<br>
Be cautious when using Regex, as incorrect patterns can lead to unintended blocking of domains.<br>
Always test your Regex patterns to ensure they work as expected.
</p>
</div>
</details><br>
<textarea class="blacklist-domains" cols="60" rows="15" name="blacklist_form" placeholder="Example: block.example.com">$blacklist_domains</textarea>
<p><input type="submit" value="Save" /></p>
</form>
HTML;
}
// Process the blacklist form submission
function better_blacklist_process_form() {
// Verify nonce for security
yourls_verify_nonce( 'blacklist_domain' );
// Sanitize and process the form input
$blacklist_form = array_filter( array_map( 'trim', explode( "\r\n", $_POST['blacklist_form'] ) ) );
// Alphabetize the blacklist
sort($blacklist_form, SORT_STRING | SORT_FLAG_CASE);
// Update the option with serialized data
yourls_update_option( 'better_blacklist_domain_list', serialize( $blacklist_form ) );
echo "<p>Blacklist updated!</p>";
if ( empty( $blacklist_form ) ) {
echo "<p>The blacklist is currently empty.</p>";
} else {
echo "<p>Current blacklisted domains:</p><ul>";
foreach ( $blacklist_form as $domain ) {
echo "<li>" . htmlspecialchars($domain, ENT_QUOTES) . "</li>";
}
echo "</ul>";
}
echo "</ul>";
}
}