diff options
author | ྅༻ Ǭɀħ ༄༆ཉ <ozh@ozh.org> | 2020-10-10 17:09:36 +0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-10-10 17:09:36 +0300 |
commit | b347c36b33cca67c867d00622e02e2a98dd16999 (patch) | |
tree | 0eb407faa9c51ffd599429a6949ecd6ad32ea421 /admin | |
parent | 64c2b937007b61e80a213cdda9aa49779e3e1908 (diff) |
Fix that fucking encoding problem (#2690)
This commit's changelog
- less encode/decode
- update jQuery & remove old ones
- No encoding in JS
- Also, 4 spaces in JS too, duh
- IDN domain functions
- Use mb_ functions to preverse IDN domains
- Support for UTF8MB4
- update install procedure
- update upgrade procedure. Note: The log table will be left untouched by the upgrade, it's impossible to make a convenient upgrade script for thousands of rows. The only problem will be if someone uses UTF8 short URLs (eg `http://sho.rt/éé💩`)
- Handle normalization of IDN domains & tests
- Fix warning on 7.2 and 7.3
- Deal with encoding in bookmarklets
- Enclose upgrade queries in a transaction
- Force no caching upon install or upgrade. Note: Strange behavior: if YOURLS hosted on an IDN domain, browser (FF at least) caches the redirection from admin/index.php to admin/install.php
- Support for IDN YOURLS hosting
- Tests for IDN YOURLS hosting
- Fix code (that will never get run again)
- Don't cache ajax requests
- Remove unnecessary function call
- Add comment doc block
- More IDN sanitizing tests
- IDN : Screw the "open dots". Who's going to type domain。com instead of domain.com anyway? Seriously. (although these do pass on my dev box)
- Deprecate yourls_lowercase_scheme_domain()
- Update doc to reflect DB change
Diffstat (limited to 'admin')
-rw-r--r-- | admin/admin-ajax.php | 9 | ||||
-rw-r--r-- | admin/index.php | 6 | ||||
-rw-r--r-- | admin/tools.php | 6 | ||||
-rw-r--r-- | admin/upgrade.php | 5 |
4 files changed, 13 insertions, 13 deletions
diff --git a/admin/admin-ajax.php b/admin/admin-ajax.php index a89912ed..8dbc0b27 100644 --- a/admin/admin-ajax.php +++ b/admin/admin-ajax.php @@ -6,6 +6,7 @@ yourls_maybe_require_auth(); // This file will output a JSON string yourls_content_type_header( 'application/json' ); +yourls_no_cache_headers(); if( !isset( $_REQUEST['action'] ) ) die(); @@ -19,7 +20,7 @@ switch( $action ) { $return = yourls_add_new_link( $_REQUEST['url'], $_REQUEST['keyword'] ); echo json_encode($return); break; - + case 'edit_display': yourls_verify_nonce( 'edit-link_'.$_REQUEST['id'], $_REQUEST['nonce'], false, 'omg error' ); $row = yourls_table_edit_row ( $_REQUEST['keyword'] ); @@ -31,18 +32,18 @@ switch( $action ) { $return = yourls_edit_link( $_REQUEST['url'], $_REQUEST['keyword'], $_REQUEST['newkeyword'], $_REQUEST['title'] ); echo json_encode($return); break; - + case 'delete': yourls_verify_nonce( 'delete-link_'.$_REQUEST['id'], $_REQUEST['nonce'], false, 'omg error' ); $query = yourls_delete_link_by_keyword( $_REQUEST['keyword'] ); echo json_encode(array('success'=>$query)); break; - + case 'logout': // unused for the moment yourls_logout(); break; - + default: yourls_do_action( 'yourls_ajax_'.$action ); diff --git a/admin/index.php b/admin/index.php index baa0bfe2..4e21d05b 100644 --- a/admin/index.php +++ b/admin/index.php @@ -164,10 +164,10 @@ if ( isset( $_GET['u'] ) or isset( $_GET['up'] ) ) { // No sanitization needed here: everything happens in yourls_add_new_link() if( isset( $_GET['u'] ) ) { // Old school bookmarklet: ?u=<url> - $url = rawurldecode( $_GET['u'] ); + $url = urldecode( $_GET['u'] ); } else { // New style bookmarklet: ?up=<url protocol>&us=<url slashes>&ur=<url rest> - $url = rawurldecode( $_GET['up'] . $_GET['us'] . $_GET['ur'] ); + $url = urldecode( $_GET['up'] . $_GET['us'] . $_GET['ur'] ); } $keyword = ( isset( $_GET['k'] ) ? ( $_GET['k'] ) : '' ); $title = ( isset( $_GET['t'] ) ? ( $_GET['t'] ) : '' ); @@ -176,7 +176,7 @@ if ( isset( $_GET['u'] ) or isset( $_GET['up'] ) ) { // If fails because keyword already exist, retry with no keyword if ( isset( $return['status'] ) && $return['status'] == 'fail' && isset( $return['code'] ) && $return['code'] == 'error:keyword' ) { $msg = $return['message']; - $return = yourls_add_new_link( $url, '', $ydb ); + $return = yourls_add_new_link( $url, '' ); $return['message'] .= ' ('.$msg.')'; } diff --git a/admin/tools.php b/admin/tools.php index 0e64c57d..accb8c19 100644 --- a/admin/tools.php +++ b/admin/tools.php @@ -19,7 +19,7 @@ yourls_html_menu(); <ul> <li><?php yourls_e( 'The <span>Standard Bookmarklets</span> will take you to a page where you can easily edit or delete your brand new short URL.' ); ?></li> - <li><?php yourls_e( 'The <span>Instant Bookmarklets</span> will pop the short URL without leaving the page you are viewing.' ); ?></li> + <li><?php yourls_e( 'The <span>Instant Bookmarklets</span> will pop the short URL without leaving the page you are viewing (depending on the page and server configuration, they may silently fail)' ); ?></li> <li><?php yourls_e( 'The <span>Simple Bookmarklets</span> will generate a short URL with a random or sequential keyword.' ); ?></li> @@ -30,6 +30,8 @@ yourls_html_menu(); yourls_e( "If you want to share a description along with the link you're shortening, simply <span>select text</span> on the page you're viewing before clicking on your bookmarklet link" ); ?></p> + <p><?php yourls_e( '<strong>Important Note:</strong> bookmarklets <span>may fail</span> on websites with <em>https</em>, especially the "Instant" bookrmarklets. There is nothing you can do about this.'); ?></p> + <h3><?php yourls_e( 'The Bookmarklets' ); ?></h3> <?php $base_bookmarklet = yourls_admin_url( 'index.php' ); ?> @@ -278,8 +280,6 @@ TUMBLR; <?php yourls_do_action( 'social_bookmarklet_buttons_after' ); ?> - <p><?php yourls_e( '<strong>Note:</strong> depending on server settings, bookmarklets might fail on websites with <em>https</em>.'); ?></p> - </p> <h2><?php yourls_e( 'Prefix-n-Shorten' ); ?></h2> diff --git a/admin/upgrade.php b/admin/upgrade.php index de463693..cf011b9b 100644 --- a/admin/upgrade.php +++ b/admin/upgrade.php @@ -28,8 +28,8 @@ if ( !yourls_upgrade_is_needed() ) { // From what are we upgrading? if ( isset( $_GET['oldver'] ) && isset( $_GET['oldsql'] ) ) { - $oldver = yourls_sanitize_version( $_GET['oldver'] ); - $oldsql = yourls_sanitize_version( $_GET['oldsql'] ); + $oldver = (string)( $_GET['oldver'] ); + $oldsql = (string)( $_GET['oldsql'] ); } else { list( $oldver, $oldsql ) = yourls_get_current_version_from_sql(); } @@ -80,7 +80,6 @@ if ( !yourls_upgrade_is_needed() ) { } - ?> <?php yourls_html_footer(); ?> |