From c0ce389242dc33bda62f028c4f4bc32d6cb0d068 Mon Sep 17 00:00:00 2001 From: Ozh Date: Sun, 19 Apr 2020 12:00:01 +0200 Subject: [PATCH 1/2] Always return trimmed (and filtered) YOURLS_SITE --- includes/Config/Config.php | 4 +-- includes/functions-api.php | 6 ++--- includes/functions-auth.php | 4 +-- includes/functions-http.php | 7 ++--- includes/functions-install.php | 2 +- includes/functions.php | 39 ++++++++++++++++++--------- tests/tests/utilities/yourls_site.php | 15 +++++++++++ 7 files changed, 53 insertions(+), 24 deletions(-) create mode 100644 tests/tests/utilities/yourls_site.php diff --git a/includes/Config/Config.php b/includes/Config/Config.php index 4cf8382ff..5958d70fe 100644 --- a/includes/Config/Config.php +++ b/includes/Config/Config.php @@ -131,7 +131,7 @@ public function define_core_constants() { // URL of user directory if (!defined( 'YOURLS_USERURL' )) - define( 'YOURLS_USERURL', YOURLS_SITE.'/user' ); + define( 'YOURLS_USERURL', trim(YOURLS_SITE, '/').'/user' ); // physical path of asset directory if( !defined( 'YOURLS_ASSETDIR' ) ) @@ -139,7 +139,7 @@ public function define_core_constants() { // URL of asset directory if( !defined( 'YOURLS_ASSETURL' ) ) - define( 'YOURLS_ASSETURL', YOURLS_SITE.'/assets' ); + define( 'YOURLS_ASSETURL', trim(YOURLS_SITE, '/').'/assets' ); // physical path of translations directory if (!defined( 'YOURLS_LANG_DIR' )) diff --git a/includes/functions-api.php b/includes/functions-api.php index efb20de25..894959891 100644 --- a/includes/functions-api.php +++ b/includes/functions-api.php @@ -191,7 +191,7 @@ function yourls_api_db_stats() { * */ function yourls_api_url_stats( $shorturl ) { - $keyword = str_replace( YOURLS_SITE . '/' , '', $shorturl ); // accept either 'http://ozh.in/abc' or 'abc' + $keyword = str_replace( yourls_get_yourls_site() . '/' , '', $shorturl ); // accept either 'http://ozh.in/abc' or 'abc' $keyword = yourls_sanitize_string( $keyword ); $return = yourls_get_link_stats( $keyword ); @@ -204,7 +204,7 @@ function yourls_api_url_stats( $shorturl ) { * */ function yourls_api_expand( $shorturl ) { - $keyword = str_replace( YOURLS_SITE . '/' , '', $shorturl ); // accept either 'http://ozh.in/abc' or 'abc' + $keyword = str_replace( yourls_get_yourls_site() . '/' , '', $shorturl ); // accept either 'http://ozh.in/abc' or 'abc' $keyword = yourls_sanitize_string( $keyword ); $longurl = yourls_get_keyword_longurl( $keyword ); @@ -212,7 +212,7 @@ function yourls_api_expand( $shorturl ) { if( $longurl ) { $return = array( 'keyword' => $keyword, - 'shorturl' => YOURLS_SITE . "/$keyword", + 'shorturl' => yourls_get_yourls_site() . "/$keyword", 'longurl' => $longurl, 'title' => yourls_get_keyword_title( $keyword ), 'simple' => $longurl, diff --git a/includes/functions-auth.php b/includes/functions-auth.php index dd9019ed2..55c3ee18d 100644 --- a/includes/functions-auth.php +++ b/includes/functions-auth.php @@ -411,7 +411,7 @@ function yourls_store_cookie( $user = null ) { } $path = yourls_apply_filter( 'setcookie_path', '/' ); - $domain = yourls_apply_filter( 'setcookie_domain', parse_url( YOURLS_SITE, PHP_URL_HOST ) ); + $domain = yourls_apply_filter( 'setcookie_domain', parse_url( yourls_get_yourls_site(), PHP_URL_HOST ) ); $secure = yourls_apply_filter( 'setcookie_secure', yourls_is_ssl() ); $httponly = yourls_apply_filter( 'setcookie_httponly', true ); @@ -513,7 +513,7 @@ function yourls_get_nonce_life() { * @return string unique cookie name for a given YOURLS site */ function yourls_cookie_name() { - return yourls_apply_filter( 'cookie_name', 'yourls_' . yourls_salt( YOURLS_SITE ) ); + return yourls_apply_filter( 'cookie_name', 'yourls_' . yourls_salt( yourls_get_yourls_site() ) ); } /** diff --git a/includes/functions-http.php b/includes/functions-http.php index 727587919..29b3fe6fc 100644 --- a/includes/functions-http.php +++ b/includes/functions-http.php @@ -152,7 +152,7 @@ function yourls_send_through_proxy( $url ) { return true; // Self and loopback URLs are considered local (':' is parse_url() host on '::1') - $home = parse_url( YOURLS_SITE ); + $home = parse_url( yourls_get_yourls_site() ); $local = array( 'localhost', '127.0.0.1', '127.1', '[::1]', ':', $home['host'] ); if( in_array( $check['host'], $local ) ) @@ -242,7 +242,7 @@ function yourls_http_load_library() { * @return string UA string */ function yourls_http_user_agent() { - return yourls_apply_filter( 'http_user_agent', 'YOURLS v'.YOURLS_VERSION.' +http://yourls.org/ (running on '.YOURLS_SITE.')' ); + return yourls_apply_filter( 'http_user_agent', 'YOURLS v'.YOURLS_VERSION.' +http://yourls.org/ (running on '.yourls_get_yourls_site().')' ); } /** @@ -287,11 +287,12 @@ function yourls_check_core_version() { // The collection of stuff to report $stuff = array( // Globally uniquish site identifier + // This uses const YOURLS_SITE and not yourls_get_yourls_site() to prevent creating another id for an already known install 'md5' => md5( YOURLS_SITE . YOURLS_ABSPATH ), // Install information 'failed_attempts' => $checks->failed_attempts, - 'yourls_site' => defined( 'YOURLS_SITE' ) ? YOURLS_SITE : 'unknown', + 'yourls_site' => defined( 'YOURLS_SITE' ) ? yourls_get_yourls_site() : 'unknown', 'yourls_version' => defined( 'YOURLS_VERSION' ) ? YOURLS_VERSION : 'unknown', 'php_version' => PHP_VERSION, 'mysql_version' => $ydb->mysql_version(), diff --git a/includes/functions-install.php b/includes/functions-install.php index cb1de9789..a601c7351 100644 --- a/includes/functions-install.php +++ b/includes/functions-install.php @@ -70,7 +70,7 @@ function yourls_is_iis() { * */ function yourls_create_htaccess() { - $host = parse_url( YOURLS_SITE ); + $host = parse_url( yourls_get_yourls_site() ); $path = ( isset( $host['path'] ) ? $host['path'] : '' ); if ( yourls_is_iis() ) { diff --git a/includes/functions.php b/includes/functions.php index 748fd563a..4df11ae2d 100644 --- a/includes/functions.php +++ b/includes/functions.php @@ -271,7 +271,7 @@ function yourls_add_new_link( $url, $keyword = '', $title = '' ) { $return['message'] = /* //translators: eg "http://someurl/ added to DB" */ yourls_s( '%s added to database', yourls_trim_long_string( $strip_url ) ); $return['title'] = $title; $return['html'] = yourls_table_add_row( $keyword, $url, $title, $ip, 0, time() ); - $return['shorturl'] = YOURLS_SITE .'/'. $keyword; + $return['shorturl'] = yourls_get_yourls_site() .'/'. $keyword; } // Create random keyword @@ -293,7 +293,7 @@ function yourls_add_new_link( $url, $keyword = '', $title = '' ) { $return['message'] = /* //translators: eg "http://someurl/ added to DB" */ yourls_s( '%s added to database', yourls_trim_long_string( $strip_url ) ); $return['title'] = $title; $return['html'] = yourls_table_add_row( $keyword, $url, $title, $ip, 0, time() ); - $return['shorturl'] = YOURLS_SITE .'/'. $keyword; + $return['shorturl'] = yourls_get_yourls_site() .'/'. $keyword; } else { // database error, couldnt store result $return['status'] = 'fail'; @@ -317,7 +317,7 @@ function yourls_add_new_link( $url, $keyword = '', $title = '' ) { $return['url'] = array( 'keyword' => $url_exists->keyword, 'url' => $strip_url, 'title' => $url_exists->title, 'date' => $url_exists->timestamp, 'ip' => $url_exists->ip, 'clicks' => $url_exists->clicks ); $return['message'] = /* //translators: eg "http://someurl/ already exists" */ yourls_s( '%s already exists in database', yourls_trim_long_string( $strip_url ) ); $return['title'] = $url_exists->title; - $return['shorturl'] = YOURLS_SITE .'/'. $url_exists->keyword; + $return['shorturl'] = yourls_get_yourls_site() .'/'. $url_exists->keyword; } yourls_do_action( 'post_add_new_link', $url, $keyword, $title, $return ); @@ -377,7 +377,7 @@ function yourls_edit_link( $url, $keyword, $newkeyword='', $title='' ) { $binds = array('url' => $url, 'newkeyword' => $newkeyword, 'title' => $title, 'keyword' => $keyword); $update_url = $ydb->fetchAffected($sql, $binds); if( $update_url ) { - $return['url'] = array( 'keyword' => $newkeyword, 'shorturl' => YOURLS_SITE.'/'.$newkeyword, 'url' => $strip_url, 'display_url' => yourls_trim_long_string( $strip_url ), 'title' => $strip_title, 'display_title' => yourls_trim_long_string( $strip_title ) ); + $return['url'] = array( 'keyword' => $newkeyword, 'shorturl' => yourls_get_yourls_site().'/'.$newkeyword, 'url' => $strip_url, 'display_url' => yourls_trim_long_string( $strip_url ), 'title' => $strip_title, 'display_title' => yourls_trim_long_string( $strip_title ) ); $return['status'] = 'success'; $return['message'] = yourls__( 'Link updated in database' ); } else { @@ -620,7 +620,7 @@ function yourls_get_stats( $filter = 'top', $limit = 10, $start = 0 ) { foreach ( (array)$results as $res ) { $return['links']['link_'.$i++] = array( - 'shorturl' => YOURLS_SITE .'/'. $res->keyword, + 'shorturl' => yourls_get_yourls_site() .'/'. $res->keyword, 'url' => $res->url, 'title' => $res->title, 'timestamp'=> $res->timestamp, @@ -661,7 +661,7 @@ function yourls_get_link_stats( $shorturl ) { 'statusCode' => 200, 'message' => 'success', 'link' => array( - 'shorturl' => YOURLS_SITE .'/'. $res->keyword, + 'shorturl' => yourls_get_yourls_site() .'/'. $res->keyword, 'url' => $res->url, 'title' => $res->title, 'timestamp'=> $res->timestamp, @@ -1077,7 +1077,7 @@ function yourls_geo_countrycode_to_countryname( $code ) { */ function yourls_geo_get_flag( $code ) { if( file_exists( YOURLS_INC.'/geo/flags/flag_'.strtolower($code).'.gif' ) ) { - $img = yourls_match_current_protocol( YOURLS_SITE.'/includes/geo/flags/flag_'.( strtolower( $code ) ).'.gif' ); + $img = yourls_match_current_protocol( yourls_get_yourls_site().'/includes/geo/flags/flag_'.( strtolower( $code ) ).'.gif' ); } else { $img = false; } @@ -1672,7 +1672,7 @@ function yourls_remove_query_arg( $key, $query = false ) { * */ function yourls_link( $keyword = '' ) { - $link = YOURLS_SITE . '/' . yourls_sanitize_keyword( $keyword ); + $link = yourls_get_yourls_site() . '/' . yourls_sanitize_keyword( $keyword ); return yourls_apply_filter( 'yourls_link', $link, $keyword ); } @@ -1681,7 +1681,7 @@ function yourls_link( $keyword = '' ) { * */ function yourls_statlink( $keyword = '' ) { - $link = YOURLS_SITE . '/' . yourls_sanitize_keyword( $keyword ) . '+'; + $link = yourls_get_yourls_site() . '/' . yourls_sanitize_keyword( $keyword ) . '+'; if( yourls_is_ssl() ) $link = yourls_set_url_scheme( $link, 'https' ); return yourls_apply_filter( 'yourls_statlink', $link, $keyword ); @@ -1754,7 +1754,7 @@ function yourls_needs_ssl() { * */ function yourls_admin_url( $page = '' ) { - $admin = YOURLS_SITE . '/admin/' . $page; + $admin = yourls_get_yourls_site() . '/admin/' . $page; if( yourls_is_ssl() or yourls_needs_ssl() ) { $admin = yourls_set_url_scheme( $admin, 'https' ); } @@ -1767,7 +1767,7 @@ function yourls_admin_url( $page = '' ) { */ function yourls_site_url( $echo = true, $url = '' ) { $url = yourls_get_relative_url( $url ); - $url = trim( YOURLS_SITE . '/' . $url, '/' ); + $url = trim( yourls_get_yourls_site() . '/' . $url, '/' ); // Do not enforce (checking yourls_need_ssl() ) but check current usage so it won't force SSL on non-admin pages if( yourls_is_ssl() ) { @@ -1922,7 +1922,7 @@ function yourls_get_request($yourls_site = false, $uri = false) { // Default values if (false === $yourls_site) { - $yourls_site = YOURLS_SITE; + $yourls_site = yourls_get_yourls_site(); } if (false === $uri) { $uri = $_SERVER['REQUEST_URI']; @@ -2185,7 +2185,7 @@ function yourls_get_relative_url( $url, $strict = true ) { // Remove protocols to make it easier $noproto_url = str_replace( 'https:', 'http:', $url ); - $noproto_site = str_replace( 'https:', 'http:', YOURLS_SITE ); + $noproto_site = str_replace( 'https:', 'http:', yourls_get_yourls_site() ); // Trim URL from YOURLS root URL : if no modification made, URL wasn't relative $_url = str_replace( $noproto_site . '/', '', $noproto_url ); @@ -2443,3 +2443,16 @@ function yourls_tell_if_new_version() { yourls_debug_log( 'Check for new version: ' . ($check ? 'yes' : 'no') ); yourls_new_core_version_notice(); } + +/** + * Get YOURLS_SITE value, trimmed and filtered + * + * In addition of being filtered for plugins to hack this, this function is mostly here + * to help people entering "sho.rt/" instead of "sho.rt" in their config + * + * @since 1.7.7 + * @return string YOURLS_SITE, trimmed and filtered + */ +function yourls_get_yourls_site() { + return yourls_apply_filter('get_yourls_site', trim(YOURLS_SITE, '/')); +} \ No newline at end of file diff --git a/tests/tests/utilities/yourls_site.php b/tests/tests/utilities/yourls_site.php new file mode 100644 index 000000000..1e2aafa1c --- /dev/null +++ b/tests/tests/utilities/yourls_site.php @@ -0,0 +1,15 @@ +assertInternalType("string", yourls_get_yourls_site()); + } + +} From a5fadc20576ce4b3d6b39ae245b39ee69ebcfe1c Mon Sep 17 00:00:00 2001 From: Ozh Date: Sun, 19 Apr 2020 12:36:21 +0200 Subject: [PATCH 2/2] With new line at EOF [skip travis] [skip scrutinizer] --- includes/functions.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/includes/functions.php b/includes/functions.php index 4df11ae2d..4865ae6b3 100644 --- a/includes/functions.php +++ b/includes/functions.php @@ -2455,4 +2455,4 @@ function yourls_tell_if_new_version() { */ function yourls_get_yourls_site() { return yourls_apply_filter('get_yourls_site', trim(YOURLS_SITE, '/')); -} \ No newline at end of file +}