Sophia/better-yourls-blacklist-domains
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
better-yourls-blacklist-dom.../plugin.php

129 lines
4.5 KiB
PHP
Raw Permalink Blame History

<?php
/*
Plugin Name: Better Yourls BlackList Domains
Plugin URI: https://git.oldgate.org/Sophia/better-yourls-blacklist-domains
Description: Plugin which disallows blacklisted domains and bans the submitter's IP address. GPL v3
Version: 0.06
Author: Sophia Atkinson
Author URI: https://sophia.wtf
Original Author: apelly
Original Author URI: http://len.io
*/
// No direct access
if( !defined( 'YOURLS_ABSPATH' ) ) die();
// Hook the custom function into the 'shunt_add_new_link' event
yourls_add_filter( 'shunt_add_new_link', 'better_blacklist_domain_check' );
// Hook the admin page into the 'plugins_loaded' event
yourls_add_action( 'plugins_loaded', 'better_blacklist_add_admin_page' );
// Function to check if a domain is blacklisted
function better_blacklist_domain_check( $shunt, $url ) {
// Parse the URL and extract the host
$parsed_url = parse_url( $url );
// If parsing fails or host is empty, deny the URL
if (empty($parsed_url['host'])) {
return blacklist_fail_response();
}
$domain = $parsed_url['host'];
// Block if using blacklisted protocols
if ( isset($parsed_url['scheme']) && in_array( $parsed_url['scheme'], ['http', 'https'], true ) ) {
// Instead of blocking here, we return the original shunt
// to avoid blocking all URLs with blacklisted protocols
}
// Retrieve blacklisted domains from options
$blacklisted_domains = yourls_get_option( 'better_blacklist_domain_list' );
// If there's a blacklist, check the domain
if ( $blacklisted_domains ) {
$blacklisted_domains = unserialize( $blacklisted_domains );
foreach ( $blacklisted_domains as $blacklisted_domain ) {
// Use a regex to match the domain or subdomain
$pattern = '/(?:^|\.)' . preg_quote( $blacklisted_domain, '/' ) . '$/i';
if ( preg_match( $pattern, $domain ) ) {
return blacklist_fail_response();
}
}
}
// No match, allow the URL
return $shunt;
}
// Return failure response for blacklisted URLs
function blacklist_fail_response() {
return array(
'status' => 'fail',
'code' => 'error:url',
'message' => 'This domain is blacklisted',
'errorCode' => '403',
);
}
// Add admin page to handle blacklist management
function better_blacklist_add_admin_page() {
yourls_register_plugin_page( 'better_blacklist_domain', 'Blacklist Domains', 'better_blacklist_admin_page' );
}
// Display the blacklist admin page
function better_blacklist_admin_page() {
if ( $_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action']) && $_POST['action'] === 'blacklist_domain' ) {
better_blacklist_process_form();
} else {
better_blacklist_display_form();
}
}
// Display the form to update the blacklist
function better_blacklist_display_form() {
$nonce = yourls_create_nonce( 'blacklist_domain' );
$blacklist_domains = yourls_get_option( 'better_blacklist_domain_list', 'Enter domain addresses here, one per line' );
if ( $blacklist_domains !== 'Enter domain addresses here, one per line' ) {
$blacklist_domains = implode( "\r\n", unserialize( $blacklist_domains ) );
}
echo <<<HTML
<h2>Blacklist Domains</h2>
<form method="post">
<input type="hidden" name="action" value="blacklist_domain" />
<input type="hidden" name="nonce" value="$nonce" />
<p>Enter domains to blacklist (one per line):</p>
<textarea class="blacklist-domains" cols="60" rows="15" name="blacklist_form">$blacklist_domains</textarea>
<p><input type="submit" value="Save" /></p>
</form>
HTML;
}
// Process the blacklist form submission
function better_blacklist_process_form() {
// Verify nonce for security
yourls_verify_nonce( 'blacklist_domain' );
// Sanitize and process the form input
$blacklist_form = array_filter( array_map( 'trim', explode( "\r\n", $_POST['blacklist_form'] ) ) );
// Alphabetize the blacklist
sort($blacklist_form, SORT_STRING | SORT_FLAG_CASE);
// Update the option with serialized data
yourls_update_option( 'better_blacklist_domain_list', serialize( $blacklist_form ) );
echo "<p>Blacklist updated!</p>";
if ( empty( $blacklist_form ) ) {
echo "<p>The blacklist is currently empty.</p>";
} else {
echo "<p>Current blacklisted domains:</p><ul>";
foreach ( $blacklist_form as $domain ) {
echo "<li>" . htmlspecialchars($domain, ENT_QUOTES) . "</li>";
}
echo "</ul>";
}
}
Reference in New Issue View Git Blame Copy Permalink