projects
/
platal.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Use mysqli for LOAD DATA LOCAL INFILE.
[platal.git]
/
modules
/
urlshortener.php
diff --git
a/modules/urlshortener.php
b/modules/urlshortener.php
index
0e7f3a1
..
c6cf94f
100644
(file)
--- a/
modules/urlshortener.php
+++ b/
modules/urlshortener.php
@@
-1,6
+1,6
@@
<?php
/***************************************************************************
<?php
/***************************************************************************
- * Copyright (C) 2003-201
1
Polytechnique.org *
+ * Copyright (C) 2003-201
4
Polytechnique.org *
* http://opensource.polytechnique.org/ *
* *
* This program is free software; you can redistribute it and/or modify *
* http://opensource.polytechnique.org/ *
* *
* This program is free software; you can redistribute it and/or modify *
@@
-24,22
+24,14
@@
class UrlShortenerModule extends PLModule
function handlers()
{
return array(
function handlers()
{
return array(
- 'url' => $this->make_hook('url', AUTH_
COOKIE
),
- 'admin/url' => $this->make_hook('admin_url', AUTH_
MDP
, 'admin')
+ 'url' => $this->make_hook('url', AUTH_
PUBLIC
),
+ 'admin/url' => $this->make_hook('admin_url', AUTH_
PASSWD
, 'admin')
);
}
function handler_url($page, $alias)
{
);
}
function handler_url($page, $alias)
{
- $url = XDB::fetchOneCell('SELECT url
- FROM url_shortener
- WHERE alias = {?}',
- $alias);
-
- if (is_null($url)) {
- return PL_NOT_FOUND;
- }
- http_redirect($url);
+ http_redirect(Platal::globals()->core->base_url_shortener . $alias);
}
function handler_admin_url($page)
}
function handler_admin_url($page)
@@
-54,17
+46,21
@@
class UrlShortenerModule extends PLModule
$alias = Post::t('alias');
$url_regex = '{^(https?|ftp)://[a-zA-Z0-9._%#+/?=&~-]+$}i';
$alias = Post::t('alias');
$url_regex = '{^(https?|ftp)://[a-zA-Z0-9._%#+/?=&~-]+$}i';
- if (!preg_match($url_regex, $url)) {
+ if (
strlen($url) > 255 ||
!preg_match($url_regex, $url)) {
$page->trigError("L'url donnée n'est pas valide.");
return;
}
$page->assign('url', $url);
if ($alias != '') {
$page->trigError("L'url donnée n'est pas valide.");
return;
}
$page->assign('url', $url);
if ($alias != '') {
- if (!preg_match('/^[a-zA-Z0-9\-
]{6}
$/i', $alias)) {
+ if (!preg_match('/^[a-zA-Z0-9\-
\/]+
$/i', $alias)) {
$page->trigError("L'alias proposé n'est pas valide.");
return;
}
$page->trigError("L'alias proposé n'est pas valide.");
return;
}
+ if (preg_match('/^a\//i', $alias)) {
+ $page->trigError("L'alias commence par le préfixe 'a/' qui est réservé et donc non autorisé.");
+ return;
+ }
$page->assign('alias', $alias);
$used = XDB::fetchOneCell('SELECT COUNT(*)
$page->assign('alias', $alias);
$used = XDB::fetchOneCell('SELECT COUNT(*)
@@
-77,7
+73,7
@@
class UrlShortenerModule extends PLModule
}
} else {
do {
}
} else {
do {
- $alias = rand_token(6);
+ $alias =
'a/' .
rand_token(6);
$used = XDB::fetchOneCell('SELECT COUNT(*)
FROM url_shortener
WHERE alias = {?}',
$used = XDB::fetchOneCell('SELECT COUNT(*)
FROM url_shortener
WHERE alias = {?}',
@@
-89,9
+85,9
@@
class UrlShortenerModule extends PLModule
XDB::execute('INSERT INTO url_shortener (url, alias)
VALUES ({?}, {?})',
$url, $alias);
XDB::execute('INSERT INTO url_shortener (url, alias)
VALUES ({?}, {?})',
$url, $alias);
- $page->trigSuccess("L'url « " . $url . ' » est maintenant accessible depuis «
' . Platal::globals()->baseurl . '/url
/' . $alias . ' ».');
+ $page->trigSuccess("L'url « " . $url . ' » est maintenant accessible depuis «
http://u.w4x.org
/' . $alias . ' ».');
}
}
}
}
-// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
+// vim:set et sw=4 sts=4 sws=4 foldmethod=marker
f
enc=utf-8:
?>
?>