Viewing file:  index.php (12.4 KB) -rw-rw-r--
Select action/file-type:
 (+) |  (+) |  (+) | Code (+) | Session (+) |  (+) | SDB (+) |  (+) |  (+) |  (+) |  (+) |  (+) |
<head>
<meta name="google-site-verification" content="MHQxidRZm6gEBP3fM4MvJWmNP-YzI_PdDaogupQ-R-M" />
</head>
<body>
<?php
define('PHURL', true);
ini_set('display_errors', 0);
$prefix[0] = '';
$filename = 'install';
if (is_dir($filename)) {
die ("To get Phurl up and running, you first need to go through the <a href=\"install\">installation wizard</a> which will help you set up your new URL shortener in a matter of moments.<br/><br/>If you've already installed Phurl, then you MUST delete the install directory before it will function.");
}
?>
<?php
require_once("config.php");
require_once("functions.php");
require_once('recaptchalib.php');
$publickey = "6Lc7YwsTAAAAAIfDdIXnuqUWoN9TnojDojmOGoMr";
$privatekey = "6Lc7YwsTAAAAAOMqS3heS3gkkyOzcAqs9aAJcceP";
$resp = null;
if ($lenguaje=get_languages("header")=="es"){
$Atrad=array(
"Please enter a URL to shorten."=>"Introduce la URL a acortar",
"Please enter a valid URL to shorten."=>"Introduzca una URL v�lida (http://...)",
"The URL you have entered is not allowed"=>"La url no es correcta",
"Custom aliases may only contain letters, numbers, underscores and dashes."=>"Los Alias solo puede tener numeros, letras y los simbolos '-' y '_'",
"The custom alias you entered already exists."=>"El alias ya existe",
"This url shortener is private"=>"Aviso:Este acortador de URL es privado");
}else{
$Atrad=array(
"Please enter a URL to shorten."=>"Please enter a URL to shorten.",
"Please enter a valid URL to shorten."=>"Please enter a valid URL to shorten.",
"The URL you have entered is not allowed"=>"The URL you have entered is not allowed",
"Custom aliases may only contain letters, numbers, underscores and dashes."=>"Custom aliases may only contain letters, numbers, underscores and dashes.",
"The custom alias you entered already exists."=>"The custom alias you entered already exists.",
"This url shortener is private"=>"Notice:This url shortener is private.");
}
db_connect();
/*
if (!$_GET['usuario']){
require_once("html/header.php");
echo "<h3>".$Atrad["This url shortener is private"]."</h3>";
require_once("html/footer.php");
die();
}
*/
$dnsbl = new DNSBL();
if($dnsbl->CheckSpamIP($dnsbl->ip,$dnsbl->GetDefaultChecker() )){ // check IP in all available checkers,
// method returns true when IP exists in one checker at least
require_once("html/header.php");
echo "<h3>".$Atrad["This url shortener is private"]."</h3>";
require_once("html/footer.php");
die();
}
if ($_POST) {
$resp = recaptcha_check_answer ($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]);
if ($resp->is_valid) {
} else {
require_once("html/header.php");
echo "NOT ALLOWED!";
require_once("html/footer.php");
DIE();
}
}
if (count($_POST) > 0) {
$url=$_POST['url'];
if (trim($_POST['usuario'])=='minichat'){
$url=urldecode($url);
}
if (trim($_POST['usuario'])!='fargsa'){
die("not allowed");
}
$url = mysql_real_escape_string(trim($url));
$alias = mysql_real_escape_string(trim($_POST['alias']));
$format= mysql_real_escape_string(trim($_POST['format']));
if (!preg_match("/^(".URL_PROTOCOLS.")\:\/\//i", $url)) {
$prefix = explode(":", $url);
if ($prefix[0] == 'mailto') {
$url = $url;
} else {
$url = "http://".$url;
}
}
$last = $url[strlen($url) - 1];
if ($last == "/") {
$url = substr($url, 0, -1);
}
$data = @parse_url($url);
if ($prefix[0] == 'mailto') {
$data['scheme'] = 'mailto';
$data['host'] = 'none';
}
if (strlen($url) == 0) {
$_ERROR[] = $Atrad["Please enter a URL to shorten."];
}
else if (empty($data['scheme']) || empty($data['host'])) {
$_ERROR[] = $Atrad["Please enter a valid URL to shorten."];
}
else {
$hostname = get_hostname();
$domain = get_domain();
if (preg_match("/($hostname)/i", $data['host'])) {
$_ERROR[] = $Atrad["The URL you have entered is not allowed."];
}
}
if (strlen($alias) > 0) {
if (!preg_match("/^[a-zA-Z0-9_-]+$/", $alias)) {
$_ERROR[] = $Atrad["Custom aliases may only contain letters, numbers, underscores and dashes."];
}
else if (code_exists($alias) || alias_exists($alias)) {
$_ERROR[] = $Atrad["The custom alias you entered already exists."];
}
}
if (count($_ERROR) == 0) {
$create = true;
if (($url_data = url_exists($url))) {
$create = false;
$id = $url_data[0];
$code = $url_data[1];
$old_alias = $url_data[2];
if (strlen($alias) > 0) {
if ($old_alias != $alias) {
$create = true;
}
}
}
if ($create) {
do {
$code = generate_code(get_last_number());
if (!increase_last_number()) {
die("System error!");
}
if (code_exists($code) || alias_exists($code)) {
continue;
}
break;
} while (1);
$id = insert_url($url, $code, $alias);
}
if (strlen($alias) > 0) {
$code = $alias;
}
$short_url = SITE_URL."/".$code;
$_POST['url'] = "";
$_POST['alias'] = "";
switch($format){
case 'xml':
echo xml_cabecera();
api('xml',$url,$short_url);
echo xml_pie();
exit();
break;
case 'txt':
api('txt',$url,$short_url);
exit();
break;
default:
require_once("html/header.php");
require_once("html/index_done.php");
require_once("html/index_form.php");
require_once("html/footer.php");
exit();
}
}else{
// hay error
switch($format){
case 'xml':
echo xml_cabecera();
print_errors('xml');
echo xml_pie();
die();
break;
case 'txt':
print_errors('txt');
die();
break;
}
}
}
require_once("html/header.php");
require_once("html/index_form.php");
require_once("html/footer.php");
// a�adimos la clase para eliminar spammers
///////////////////////////////////////////////////////////////////////////
//
// DNSBL - Spam IP address checker.
// Copyright (C) 2011 Alexey A.Znayev
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
// Alexey A.Znayev, [email protected], http://xbsoft.org, http://xbsoft.ru
//
///////////////////////////////////////////////////////////////////////////
// This file contains public class DNSBL
// This class performs IP address check in spam blocking lists as described
// on http://ru.wikipedia.org/wiki/RBL
class DNSBL {
public $ip='';
private $_aCheckers = array(
'spamhaus' => '.zen.spamhaus.org',
'spamcop' => '.bl.spamcop.net',
'dsbl' => '.list.dsbl.org',
'ordb' => '.relays.ordb.org',
'sorbs' => '.dnsbl.sorbs.net',
'njabl' => '.dnsbl.njabl.org'
); // AZ - key 'all' is illegal
private $_sDefaultChecker = 'spamhaus';
///////////////////////////////////////////////////////////////////////////
// CheckSpamIP - check IP for spam in checkers : given, default or all available (may be slow)
// parameters:
// string $ip - ip address
// string $checker - checker name or 'all' or nothing
// returns:
// true when IP exitsts in spam-lists of $checker or at least one of all checkers
// false when not or when ip address is local or not correct
// NOTE: method uses checkdnsrr(), this function is not available on Windows platforms in PHP < 5.3.0
public function CheckSpamIP($ip, $checker = ''){
if(empty($ip)) return false;
if(preg_match('/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/', $ip) != 1) return false;
$octets = explode('.', $ip);
if($octets[0] == '127') return false;
if($octets[0] == '10') return false;
if($octets[0] == '192' && $octets[0] == '168') return false;
if($octets[0] == '169' && $octets[0] == '254') return false; // ms windows
if((int)$octets[0] > 255 || (int)$octets[1] > 255 || (int)$octets[2] > 255 || (int)$octets[3] > 255 ) return false;
$ret_val = false;
$res_dns = array();
$PTR = implode(array_reverse($octets), '.');
//$type = 'A';
if($checker === 'all'){
foreach(array_values($this->_aCheckers) as $c){
//$ret_val = $ret_val || checkdnsrr($PTR . $c, $type);
$ret_val = $ret_val || $this->_CheckDNSAnswer(dns_get_record($PTR . $c, DNS_A));
if($ret_val) break;
}
}else if(array_key_exists($checker, $this->_aCheckers)){
//$ret_val = checkdnsrr($PTR . $this->_aCheckers[$checker], $type);
$ret_val = $this->_CheckDNSAnswer(dns_get_record($PTR . $this->_aCheckers[$checker], DNS_A));
}else{
//$ret_val = checkdnsrr($PTR . $this->_aCheckers[$this->_sDefaultChecker], $type);
$ret_val = $this->_CheckDNSAnswer(dns_get_record($PTR . $this->_aCheckers[$this->_sDefaultChecker], DNS_A));
}
return $ret_val;
}
///////////////////////////////////////////////////////////////////////////
// GetCheckers - gets list of available checker names
// returns:
// array of strings
public function GetCheckers(){
return array_keys($this->_aCheckers);
}
///////////////////////////////////////////////////////////////////////////
// GetDefaultChecker - gets default checker name
// returns:
// string
public function GetDefaultChecker(){
return $this->_sDefaultChecker;
}
///////////////////////////////////////////////////////////////////////////
// SetDefaultChecker - sets default checker name
// parameters:
// string $new_checker - new default checker name
// returns:
// true when success
// false when failed ($new_checker is not in the list of available checker names)
public function SetDefaultChecker($new_checker){
if(array_key_exists($new_checker, $this->_aCheckers)){
$this->_sDefaultChecker = $new_checker;
return true;
}else{
return false;
}
}
// private methods
///////////////////////////////////////////////////////////////////////////
// _CheckDNSAnswer - checks DNS-server answer for 127.0.0.* values
// returns:
// true when success
// false when failed
private function _CheckDNSAnswer($dns_answer){
if(!is_array($dns_answer)) return false;
$len = count($dns_answer);
if($len <= 0) return false;
for($i=0; $i<$len; $i++){
$obj = $dns_answer[$i];
if(!(is_object($obj) || is_array($obj))) return false;
$ip_str = $obj['ip'];
if(!is_string($ip_str)) return false;
$pos = strpos($ip_str, '127.0.0.');
if($pos !== false) return true;
}
return false;
}
function ip()
{
if (!empty($_SERVER['HTTP_CF_CONNECTING_IP'])){
$this->ip=$_SERVER["HTTP_CF_CONNECTING_IP"];
}else{
if ($_SERVER) {
if ($_SERVER["HTTP_X_FORWARDED_FOR"]>''){
$this->ip = $_SERVER["HTTP_X_FORWARDED_FOR"]."-".$_SERVER["REMOTE_ADDR"];
}else{
$this->ip =$_SERVER["REMOTE_ADDR"];
}
} else {
$this->ip = getenv( 'REMOTE_ADDR' );
}
}
}
} // end of class DNSBL
?>
|