push v0.04!
This commit is contained in:
199
plugin.php
199
plugin.php
@ -1,134 +1,119 @@
|
||||
<?php
|
||||
/*
|
||||
Plugin Name: YourlsBlackListDomains
|
||||
Plugin URI: https://github.com/apelly/YourlsBlacklistDomains
|
||||
Description: Plugin which disallows blacklisted domains and bans the submitters IP address. GPL v3
|
||||
Version: 0.03
|
||||
Author: apelly
|
||||
Author URI: http://len.io
|
||||
*/
|
||||
/*
|
||||
Copyright(c) (2012) Aaron Pelly
|
||||
|
||||
License:
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
Plugin Name: Better Yourls BlackList Domains
|
||||
Plugin URI: https://git.oldgate.org/Sophia/better-yourls-blacklist-domains
|
||||
Description: Plugin which disallows blacklisted domains and bans the submitter's IP address. GPL v3
|
||||
Version: 0.04
|
||||
Author: Sophia Atkinson
|
||||
Author URI: https://sophia.wtf
|
||||
Original Author: apelly
|
||||
Original Author URI: http://len.io
|
||||
*/
|
||||
|
||||
// No direct call
|
||||
// No direct access
|
||||
if( !defined( 'YOURLS_ABSPATH' ) ) die();
|
||||
|
||||
// Hook the custom function into the 'shunt_add_new_link' event
|
||||
yourls_add_filter( 'shunt_add_new_link', 'apelly_blacklist_domain_root' );
|
||||
yourls_add_filter( 'shunt_add_new_link', 'better_blacklist_domain_check' );
|
||||
|
||||
// Hook the admin page into the 'plugins_loaded' event
|
||||
yourls_add_action( 'plugins_loaded', 'apelly_blacklist_domain_add_page' );
|
||||
yourls_add_action( 'plugins_loaded', 'better_blacklist_add_admin_page' );
|
||||
|
||||
// Get blacklisted domains from YOURLS options feature and compare with current domain address
|
||||
function apelly_blacklist_domain_root ( $bol, $url ) {
|
||||
$return = false;
|
||||
$domain_list = yourls_get_option ('apelly_blacklist_domain_list');
|
||||
if ( $domain_list ) {
|
||||
$domain_list = unserialize ( $domain_list );
|
||||
foreach($domain_list as $blacklisted_domain) {
|
||||
if (strpos($url,$blacklisted_domain)) {
|
||||
// Check if a YourlsBlacklistIPs is installed and active
|
||||
if (yourls_is_active_plugin( YOURLS_PLUGINDIR .'/BlackListIP/plugin.php' )) {
|
||||
$IP = yourls_get_IP();
|
||||
// Function to check if a domain is blacklisted
|
||||
function better_blacklist_domain_check( $shunt, $url ) {
|
||||
// Parse the URL and extract the host
|
||||
$parsed_url = parse_url( $url );
|
||||
$domain = $parsed_url['host'] ?? '';
|
||||
|
||||
// IP blacklisted already?
|
||||
ludo_blacklist_ip_root( array( $IP ) ); // <---- dies if ip is blacklisted
|
||||
// Block if using blacklisted protocols
|
||||
if ( isset($parsed_url['scheme']) && in_array( $parsed_url['scheme'], ['http', 'https'], true ) ) {
|
||||
return blacklist_fail_response();
|
||||
}
|
||||
|
||||
// fetch the blacklisted IP addresses
|
||||
$IP_List = yourls_get_option ('ludo_blacklist_ip_liste');
|
||||
$IP_List = ( $IP_List ) ? ( unserialize ( $IP_List ) ):((array)NULL);
|
||||
// Retrieve blacklisted domains from options
|
||||
$blacklisted_domains = yourls_get_option( 'better_blacklist_domain_list' );
|
||||
|
||||
// If there's a blacklist, check the domain
|
||||
if ( $blacklisted_domains ) {
|
||||
$blacklisted_domains = unserialize( $blacklisted_domains );
|
||||
|
||||
// add this IP
|
||||
$Parsed_IP = ludo_blacklist_ip_Analyze_IP ( $IP ) ;
|
||||
if ( $Parsed_IP != "NULL" ) {
|
||||
$IP_List[] = $Parsed_IP ;
|
||||
}
|
||||
foreach ( $blacklisted_domains as $blacklisted_domain ) {
|
||||
// Use a regex to match the domain or subdomain
|
||||
$pattern = '/(?:^|\.)' . preg_quote( $blacklisted_domain, '/' ) . '$/i';
|
||||
if ( preg_match( $pattern, $domain ) ) {
|
||||
return blacklist_fail_response();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Update the blacklist
|
||||
yourls_update_option ( 'ludo_blacklist_ip_liste', serialize ( $IP_List ) );
|
||||
}
|
||||
|
||||
// stop
|
||||
//yourls_die( 'Blacklisted domain', 'Forbidden', 403 );
|
||||
return array(
|
||||
'status' => 'fail',
|
||||
'code' => 'error:url',
|
||||
'message' => 'Blacklisted domain',
|
||||
'errorCode' => '403',
|
||||
);
|
||||
}
|
||||
}
|
||||
}
|
||||
return $return;
|
||||
// No match, allow the URL
|
||||
return $shunt;
|
||||
}
|
||||
|
||||
// Add admin page
|
||||
function apelly_blacklist_domain_add_page () {
|
||||
yourls_register_plugin_page( 'apelly_blacklist_domain', 'Blacklist domains', 'apelly_blacklist_domain_do_page' );
|
||||
// Return failure response for blacklisted URLs
|
||||
function blacklist_fail_response() {
|
||||
return array(
|
||||
'status' => 'fail',
|
||||
'code' => 'error:url',
|
||||
'message' => 'This domain is blacklisted',
|
||||
'errorCode' => '403',
|
||||
);
|
||||
}
|
||||
|
||||
// Display admin page
|
||||
function apelly_blacklist_domain_do_page () {
|
||||
if( isset( $_POST['action'] ) && $_POST['action'] == 'blacklist_domain' ) {
|
||||
apelly_blacklist_domain_process ();
|
||||
} else {
|
||||
apelly_blacklist_domain_form ();
|
||||
}
|
||||
// Add admin page to handle blacklist management
|
||||
function better_blacklist_add_admin_page() {
|
||||
yourls_register_plugin_page( 'better_blacklist_domain', 'Blacklist Domains', 'better_blacklist_admin_page' );
|
||||
}
|
||||
|
||||
// Display form to administrate blacklisted domains list
|
||||
function apelly_blacklist_domain_form () {
|
||||
$nonce = yourls_create_nonce( 'blacklist_domain' ) ;
|
||||
$domain_list = yourls_get_option ('apelly_blacklist_domain_list','Enter domain addresses here, one per line');
|
||||
if ($domain_list != 'Enter domain addresses here, one per line' ){
|
||||
$domain_list_display = implode ( "\r\n" , unserialize ( $domain_list ) );
|
||||
}else{
|
||||
$domain_list_display = $domain_list;
|
||||
}
|
||||
echo <<<HTML
|
||||
<h2>BlackList domains</h2>
|
||||
<form method="post">
|
||||
// Display the blacklist admin page
|
||||
function better_blacklist_admin_page() {
|
||||
if ( $_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action']) && $_POST['action'] === 'blacklist_domain' ) {
|
||||
better_blacklist_process_form();
|
||||
} else {
|
||||
better_blacklist_display_form();
|
||||
}
|
||||
}
|
||||
|
||||
<input type="hidden" name="action" value="blacklist_domain" />
|
||||
<input type="hidden" name="nonce" value="$nonce" />
|
||||
// Display the form to update the blacklist
|
||||
function better_blacklist_display_form() {
|
||||
$nonce = yourls_create_nonce( 'blacklist_domain' );
|
||||
$blacklist_domains = yourls_get_option( 'better_blacklist_domain_list', 'Enter domain addresses here, one per line' );
|
||||
|
||||
<p>Blacklist following domains</p>
|
||||
<p><textarea cols="60" rows="15" name="blacklist_form">$domain_list_display</textarea></p>
|
||||
if ( $blacklist_domains !== 'Enter domain addresses here, one per line' ) {
|
||||
$blacklist_domains = implode( "\r\n", unserialize( $blacklist_domains ) );
|
||||
}
|
||||
|
||||
<p><input type="submit" value="Save" /></p>
|
||||
</form>
|
||||
echo <<<HTML
|
||||
<h2>Blacklist Domains</h2>
|
||||
<form method="post">
|
||||
<input type="hidden" name="action" value="blacklist_domain" />
|
||||
<input type="hidden" name="nonce" value="$nonce" />
|
||||
<p>Enter domains to blacklist (one per line):</p>
|
||||
<textarea class="blacklist-domains" cols="60" rows="15" name="blacklist_form">$blacklist_domains</textarea>
|
||||
<p><input type="submit" value="Save" /></p>
|
||||
</form>
|
||||
HTML;
|
||||
}
|
||||
|
||||
// Update blacklisted domains list
|
||||
function apelly_blacklist_domain_process () {
|
||||
// Check nonce
|
||||
yourls_verify_nonce( 'blacklist_domain' ) ;
|
||||
// Process the blacklist form submission
|
||||
function better_blacklist_process_form() {
|
||||
// Verify nonce for security
|
||||
yourls_verify_nonce( 'blacklist_domain' );
|
||||
|
||||
// Update list
|
||||
$blacklist_form = explode ( "\r\n" , $_POST['blacklist_form'] ) ;
|
||||
yourls_update_option ( 'apelly_blacklist_domain_list', serialize($blacklist_form) );
|
||||
echo "Black list updated. New blacklist is " ;
|
||||
if ( count ( $blacklist_form ) == 0 )
|
||||
echo "empty.";
|
||||
else {
|
||||
echo ":<BR />";
|
||||
foreach ($blacklist_form as $value) echo $value."<BR />";
|
||||
}
|
||||
}
|
||||
?>
|
||||
// Sanitize and process the form input
|
||||
$blacklist_form = array_filter( array_map( 'trim', explode( "\r\n", $_POST['blacklist_form'] ) ) );
|
||||
|
||||
// Update the option with serialized data
|
||||
yourls_update_option( 'better_blacklist_domain_list', serialize( $blacklist_form ) );
|
||||
|
||||
echo "<p>Blacklist updated!</p>";
|
||||
if ( empty( $blacklist_form ) ) {
|
||||
echo "<p>The blacklist is currently empty.</p>";
|
||||
} else {
|
||||
echo "<p>Current blacklisted domains:</p><ul>";
|
||||
foreach ( $blacklist_form as $domain ) {
|
||||
echo "<li>" . htmlspecialchars($domain, ENT_QUOTES) . "</li>";
|
||||
}
|
||||
echo "</ul>";
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user