Fix that fucking encoding problem (#2690)

This commit's changelog

- less encode/decode
- update jQuery & remove old ones
- No encoding in JS
- Also, 4 spaces in JS too, duh
- IDN domain functions
- Use mb_ functions to preverse IDN domains
- Support for UTF8MB4
- update install procedure
- update upgrade procedure. Note: The log table will be left untouched by the upgrade, it's impossible to make a convenient upgrade script for thousands of rows. The only problem will be if someone uses UTF8 short URLs (eg `http://sho.rt/éé💩`)
- Handle normalization of IDN domains & tests
- Fix warning on 7.2 and 7.3
- Deal with encoding in bookmarklets
- Enclose upgrade queries in a transaction
- Force no caching upon install or upgrade. Note: Strange behavior: if YOURLS hosted on an IDN domain, browser (FF at least) caches the redirection from admin/index.php to admin/install.php
- Support for IDN YOURLS hosting
- Tests for IDN YOURLS hosting
- Fix code (that will never get run again)
- Don't cache ajax requests
- Remove unnecessary function call
- Add comment doc block
- More IDN sanitizing tests
- IDN : Screw the "open dots". Who's going to type domain。com instead of domain.com anyway? Seriously. (although these do pass on my dev box)
- Deprecate yourls_lowercase_scheme_domain()
- Update doc to reflect DB change

4 files changed, 13 insertions, 13 deletions

diff --git a/admin/admin-ajax.php b/admin/admin-ajax.php
index a89912ed..8dbc0b27 100644
--- a/admin/admin-ajax.php
+++ b/admin/admin-ajax.php
@@ -6,6 +6,7 @@ yourls_maybe_require_auth();
 
 // This file will output a JSON string
 yourls_content_type_header( 'application/json' );
+yourls_no_cache_headers();
 
 if( !isset( $_REQUEST['action'] ) )
 	die();
@@ -19,7 +20,7 @@ switch( $action ) {
 		$return = yourls_add_new_link( $_REQUEST['url'], $_REQUEST['keyword'] );
 		echo json_encode($return);
 		break;
-		
+
 	case 'edit_display':
 		yourls_verify_nonce( 'edit-link_'.$_REQUEST['id'], $_REQUEST['nonce'], false, 'omg error' );
 		$row = yourls_table_edit_row ( $_REQUEST['keyword'] );
@@ -31,18 +32,18 @@ switch( $action ) {
 		$return = yourls_edit_link( $_REQUEST['url'], $_REQUEST['keyword'], $_REQUEST['newkeyword'], $_REQUEST['title'] );
 		echo json_encode($return);
 		break;
-		
+
 	case 'delete':
 		yourls_verify_nonce( 'delete-link_'.$_REQUEST['id'], $_REQUEST['nonce'], false, 'omg error' );
 		$query = yourls_delete_link_by_keyword( $_REQUEST['keyword'] );
 		echo json_encode(array('success'=>$query));
 		break;
-		
+
 	case 'logout':
 		// unused for the moment
 		yourls_logout();
 		break;
-		
+
 	default:
 		yourls_do_action( 'yourls_ajax_'.$action );
 
diff --git a/admin/index.php b/admin/index.php
index baa0bfe2..4e21d05b 100644
--- a/admin/index.php
+++ b/admin/index.php
@@ -164,10 +164,10 @@ if ( isset( $_GET['u'] ) or isset( $_GET['up'] ) ) {
 	// No sanitization needed here: everything happens in yourls_add_new_link()
 	if( isset( $_GET['u'] ) ) {
 		// Old school bookmarklet: ?u=<url>
-		$url = rawurldecode( $_GET['u'] );
+		$url = urldecode( $_GET['u'] );
 	} else {
 		// New style bookmarklet: ?up=<url protocol>&us=<url slashes>&ur=<url rest>
-		$url = rawurldecode( $_GET['up'] . $_GET['us'] . $_GET['ur'] );
+		$url = urldecode( $_GET['up'] . $_GET['us'] . $_GET['ur'] );
 	}
 	$keyword = ( isset( $_GET['k'] ) ? ( $_GET['k'] ) : '' );
 	$title   = ( isset( $_GET['t'] ) ? ( $_GET['t'] ) : '' );
@@ -176,7 +176,7 @@ if ( isset( $_GET['u'] ) or isset( $_GET['up'] ) ) {
 	// If fails because keyword already exist, retry with no keyword
 	if ( isset( $return['status'] ) && $return['status'] == 'fail' && isset( $return['code'] ) && $return['code'] == 'error:keyword' ) {
 		$msg = $return['message'];
-		$return = yourls_add_new_link( $url, '', $ydb );
+		$return = yourls_add_new_link( $url, '' );
 		$return['message'] .= ' ('.$msg.')';
 	}
 
diff --git a/admin/tools.php b/admin/tools.php
index 0e64c57d..accb8c19 100644
--- a/admin/tools.php
+++ b/admin/tools.php
@@ -19,7 +19,7 @@ yourls_html_menu();
 		<ul>
 			<li><?php yourls_e( 'The <span>Standard Bookmarklets</span> will take you to a page where you can easily edit or delete your brand new short URL.' ); ?></li>
 
-			<li><?php yourls_e( 'The <span>Instant Bookmarklets</span> will pop the short URL without leaving the page you are viewing.' ); ?></li>
+			<li><?php yourls_e( 'The <span>Instant Bookmarklets</span> will pop the short URL without leaving the page you are viewing (depending on the page and server configuration, they may silently fail)' ); ?></li>
 
 			<li><?php yourls_e( 'The <span>Simple Bookmarklets</span> will generate a short URL with a random or sequential keyword.' ); ?></li>
 
@@ -30,6 +30,8 @@ yourls_html_menu();
 		yourls_e( "If you want to share a description along with the link you're shortening, simply <span>select text</span> on the page you're viewing before clicking on your bookmarklet link" );
 		?></p>
 
+        <p><?php yourls_e( '<strong>Important Note:</strong> bookmarklets <span>may fail</span> on websites with <em>https</em>, especially the "Instant" bookrmarklets. There is nothing you can do about this.'); ?></p>
+
 		<h3><?php yourls_e( 'The Bookmarklets' ); ?></h3>
 
         <?php $base_bookmarklet = yourls_admin_url( 'index.php' ); ?>
@@ -278,8 +280,6 @@ TUMBLR;
 
 		<?php yourls_do_action( 'social_bookmarklet_buttons_after' ); ?>
 
-        <p><?php yourls_e( '<strong>Note:</strong> depending on server settings, bookmarklets might fail on websites with <em>https</em>.'); ?></p>
-
 		</p>
 
 	<h2><?php yourls_e( 'Prefix-n-Shorten' ); ?></h2>
diff --git a/admin/upgrade.php b/admin/upgrade.php
index de463693..cf011b9b 100644
--- a/admin/upgrade.php
+++ b/admin/upgrade.php
@@ -28,8 +28,8 @@ if ( !yourls_upgrade_is_needed() ) {
 
 	// From what are we upgrading?
 	if ( isset( $_GET['oldver'] ) && isset( $_GET['oldsql'] ) ) {
-		$oldver = yourls_sanitize_version( $_GET['oldver'] );
-		$oldsql = yourls_sanitize_version( $_GET['oldsql'] );
+		$oldver = (string)( $_GET['oldver'] );
+		$oldsql = (string)( $_GET['oldsql'] );
 	} else {
 		list( $oldver, $oldsql ) = yourls_get_current_version_from_sql();
 	}
@@ -80,7 +80,6 @@ if ( !yourls_upgrade_is_needed() ) {
 
 }
 
-
 ?>
 
 <?php yourls_html_footer(); ?>