Fixed Broken Shit
This commit is contained in:
60
user/plugins/google-safe-browsing/includes/admin-page.php
Normal file
60
user/plugins/google-safe-browsing/includes/admin-page.php
Normal file
@ -0,0 +1,60 @@
|
||||
<?php
|
||||
/**
|
||||
* Google Safe Browsing Lookup admin page
|
||||
*
|
||||
*/
|
||||
|
||||
// Display admin page
|
||||
function ozh_yourls_gsb_display_page() {
|
||||
|
||||
// Check if a form was submitted
|
||||
if( isset( $_POST['ozh_yourls_gsb'] ) ) {
|
||||
// Check nonce
|
||||
yourls_verify_nonce( 'gsb_page' );
|
||||
|
||||
// Process form
|
||||
ozh_yourls_gsb_update_option();
|
||||
}
|
||||
|
||||
// Get value from database
|
||||
$ozh_yourls_gsb = yourls_get_option( 'ozh_yourls_gsb' );
|
||||
|
||||
// Create nonce
|
||||
$nonce = yourls_create_nonce( 'gsb_page' );
|
||||
|
||||
echo <<<HTML
|
||||
<h2>Google Safe Browsing API Key</h2>
|
||||
|
||||
<p>Google requires you to have a <strong>Google account</strong> and a Safe Browsing <strong>API key</strong>
|
||||
to use their <a href="https://developers.google.com/safe-browsing/lookup_guide">Safe Browsing Lookup Service</a>.</p>
|
||||
<p>Get your API key here: <a href="https://developers.google.com/safe-browsing/key_signup">https://developers.google.com/safe-browsing/key_signup</a></p>
|
||||
|
||||
<h3>Disclaimer from Google</h3>
|
||||
<p>Google works to provide the most accurate and up-to-date phishing and malware information. However, it cannot
|
||||
guarantee that its information is comprehensive and error-free: some risky sites may not be identified, and some safe
|
||||
sites may be identified in error.</p>
|
||||
|
||||
<h3>Configure the plugin</h3>
|
||||
<form method="post">
|
||||
<input type="hidden" name="nonce" value="$nonce" />
|
||||
<p><label for="ozh_yourls_gsb">API Key</label> <input type="text" id="ozh_yourls_gsb" name="ozh_yourls_gsb" value="$ozh_yourls_gsb" size="70" /></p>
|
||||
<p><input type="submit" value="Update value" /></p>
|
||||
</form>
|
||||
HTML;
|
||||
}
|
||||
|
||||
// Update option in database
|
||||
function ozh_yourls_gsb_update_option() {
|
||||
$in = $_POST['ozh_yourls_gsb'];
|
||||
|
||||
if( $in ) {
|
||||
// Validate ozh_yourls_gsb: alpha & digits
|
||||
$in = preg_replace( '/[^a-zA-Z0-9-_]/', '', $in );
|
||||
|
||||
// Update value in database
|
||||
yourls_update_option( 'ozh_yourls_gsb', $in );
|
||||
|
||||
yourls_redirect( yourls_admin_url( 'plugins.php?page=ozh_yourls_gsb' ) );
|
||||
}
|
||||
}
|
||||
|
||||
106
user/plugins/google-safe-browsing/includes/class-gsb.php
Normal file
106
user/plugins/google-safe-browsing/includes/class-gsb.php
Normal file
@ -0,0 +1,106 @@
|
||||
<?php
|
||||
/**
|
||||
* Google Safe Browsing Lookup client for YOURLS
|
||||
*
|
||||
*/
|
||||
|
||||
class ozh_yourls_GSB {
|
||||
|
||||
const PROTOCOL_VER = '4.0';
|
||||
const CLIENT = 'yourls-plugin-gsb';
|
||||
const APP_VER = '1.0';
|
||||
|
||||
private $url = '';
|
||||
private $api_key = false;
|
||||
|
||||
/**
|
||||
* Constructor : checks that plugin is properly configured
|
||||
*
|
||||
*/
|
||||
public function __construct( $api_key ) {
|
||||
$this->api_key = $api_key;
|
||||
}
|
||||
|
||||
/**
|
||||
* Check if a URL is blacklisted against GSB Lookup API
|
||||
*
|
||||
* The function returns an array of a boolean and a string.
|
||||
* The boolean indicates whether $this->url is blacklisted (true) or not blacklisted (false)
|
||||
* The string gives diagnosis details: reason of blacklisting, null if clear, or an error message if applicable
|
||||
*
|
||||
* @return array array of boolean ( is blacklisted, description )
|
||||
*/
|
||||
public function is_blacklisted( $url ) {
|
||||
if( !$this->api_key ) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$this->url = urlencode( yourls_sanitize_url( $url ) );
|
||||
if( !$this->url ) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$request = $this->request();
|
||||
|
||||
switch( $request->status_code ) {
|
||||
case 200:
|
||||
$response = json_decode($request->body);
|
||||
$blacklisted = true;
|
||||
if (!isset($response->matches))
|
||||
$blacklisted = false;
|
||||
return array($blacklisted, ($blacklisted ? $response->matches[0]->threatType : null));
|
||||
|
||||
case 400:
|
||||
return array( false, 'Could not check Google Safe Browsing: Bad Request' );
|
||||
|
||||
case 403:
|
||||
return array( false, 'Could not check Google Safe Browsing: API key not authorized' );
|
||||
|
||||
case 503:
|
||||
return array( false, 'Could not check Google Safe Browsing: service unavailable' );
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* HTTP request wrapper
|
||||
*
|
||||
* @return Request request object
|
||||
*/
|
||||
private function request() {
|
||||
$api_url = sprintf( 'https://safebrowsing.googleapis.com/v4/threatMatches:find?key=%s',
|
||||
$this->api_key
|
||||
);
|
||||
|
||||
// Request headers
|
||||
$headers = array(
|
||||
'Content-Type' => 'application/json'
|
||||
);
|
||||
|
||||
// Request data
|
||||
$data = array(
|
||||
'client' => array(
|
||||
'clientId' => self::CLIENT,
|
||||
'clientVersion' => self::APP_VER
|
||||
),
|
||||
'threatInfo' => array(
|
||||
'threatTypes' => array('MALWARE', 'SOCIAL_ENGINEERING', 'POTENTIALLY_HARMFUL_APPLICATION', 'UNWANTED_SOFTWARE'),
|
||||
'platformTypes' => array('ANY_PLATFORM'),
|
||||
'threatEntryTypes' => array('URL'),
|
||||
'threatEntries' => array(
|
||||
array(
|
||||
'url' => $this->url
|
||||
)
|
||||
)
|
||||
)
|
||||
);
|
||||
|
||||
// Request options ?
|
||||
$options = array(
|
||||
);
|
||||
|
||||
return yourls_http_post( $api_url, $headers, json_encode($data), $options );
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
Reference in New Issue
Block a user