admin/index.php

   1 <?php
   2 define( 'YOURLS_ADMIN', true );
   3 require_once( dirname( dirname( __FILE__ ) ).'/includes/load-yourls.php' );
   4 yourls_maybe_require_auth();
   5
   6 // Variables
   7 $table_url = YOURLS_DB_TABLE_URL;
   8 $where = $search_sentence = $search_text = $url = $keyword = '';
   9 $date_filter = $date_first  = $date_second = '';
  10 $base_page   = yourls_admin_url( 'index.php' );
  11
  12 // Default SQL behavior
  13 $search_in_text  = yourls__( 'URL' );
  14 $search_in       = 'url';
  15 $sort_by_text    = yourls__( 'Short URL' );
  16 $sort_by         = 'timestamp';
  17 $sort_order      = 'desc';
  18 $page            = ( isset( $_GET['page'] ) ? intval($_GET['page']) : 1 );
  19 $search          = ( isset( $_GET['search'] ) ? htmlspecialchars( trim($_GET['search']) ) : '' );
  20 $perpage         = ( isset( $_GET['perpage'] ) && intval( $_GET['perpage'] ) ? intval($_GET['perpage']) : 15 );
  21 $click_limit     = ( isset( $_GET['click_limit'] ) && $_GET['click_limit'] !== '' ) ? intval( $_GET['click_limit'] ) : '' ;
  22 if ( $click_limit !== '' ) {
  23         $click_filter   = ( isset( $_GET['click_filter'] ) && $_GET['click_filter'] == 'more' ? 'more' : 'less' ) ;
  24         $click_moreless = ( $click_filter == 'more' ? '>' : '<' );
  25         $where          = " AND clicks $click_moreless $click_limit";
  26 } else {
  27         $click_filter   = '';
  28 }
  29
  30 // Searching
  31 if( !empty( $search ) && !empty( $_GET['search_in'] ) ) {
  32         switch( $_GET['search_in'] ) {
  33                 case 'keyword':
  34                         $search_in_text = yourls__( 'Short URL' );
  35                         $search_in      = 'keyword';
  36                         break;
  37                 case 'url':
  38                         $search_in_text = yourls__( 'URL' );
  39                         $search_in      = 'url';
  40                         break;
  41                 case 'title':
  42                         $search_in_text = yourls__( 'Title' );
  43                         $search_in      = 'title';
  44                         break;
  45                 case 'ip':
  46                         $search_in_text = yourls__( 'IP Address' );
  47                         $search_in      = 'ip';
  48                         break;
  49         }
  50         $search_sentence = yourls_s( 'Searching for <strong>%1$s</strong> in <strong>%2$s</strong>.', yourls_esc_html( $search ), yourls_esc_html( $search_in_text ) );
  51         $search_url      = yourls_sanitize_url( "&amp;search=$search&amp;search_in=$search_in" );
  52         $search_text     = $search;
  53         $search          = str_replace( '*', '%', '*' . yourls_escape( $search ) . '*' );
  54         $where .= " AND `$search_in` LIKE ('$search')";
  55 }
  56
  57 // Time span
  58 if( !empty( $_GET['date_filter'] ) ) {
  59         switch( $_GET['date_filter'] ) {
  60                 case 'before':
  61                         $date_filter = 'before';
  62                         if( isset( $_GET['date_first'] ) && yourls_sanitize_date( $_GET['date_first'] ) ) {
  63                                 $date_first     = yourls_sanitize_date( $_GET['date_first'] );
  64                                 $date_first_sql = yourls_sanitize_date_for_sql( $_GET['date_first'] );
  65                                 $where .= " AND `timestamp` < '$date_first_sql'";
  66                         }
  67                         break;
  68                 case 'after':
  69                         $date_filter = 'after';
  70                         if( isset( $_GET['date_first'] ) && yourls_sanitize_date( $_GET['date_first'] ) ) {
  71                                 $date_first_sql = yourls_sanitize_date_for_sql( $_GET['date_first'] );
  72                                 $date_first     = yourls_sanitize_date( $_GET['date_first'] );
  73                                 $where .= " AND `timestamp` > '$date_first_sql'";
  74                         }
  75                         break;
  76                 case 'between':
  77                         $date_filter = 'between';
  78                         if( isset( $_GET['date_first'] ) && isset( $_GET['date_second'] ) && yourls_sanitize_date( $_GET['date_first'] ) && yourls_sanitize_date( $_GET['date_second'] ) ) {
  79                                 $date_first_sql  = yourls_sanitize_date_for_sql( $_GET['date_first'] );
  80                                 $date_second_sql = yourls_sanitize_date_for_sql( $_GET['date_second'] );
  81                                 $date_first      = yourls_sanitize_date( $_GET['date_first'] );
  82                                 $date_second     = yourls_sanitize_date( $_GET['date_second'] );
  83                                 $where .= " AND `timestamp` BETWEEN '$date_first_sql' AND '$date_second_sql'";
  84                         }
  85                         break;
  86         }
  87 }
  88
  89 // Sorting
  90 if( !empty( $_GET['sort_by'] ) || !empty( $_GET['sort_order'] ) ) {
  91         switch( $_GET['sort_by'] ) {
  92                 case 'keyword':
  93                         $sort_by_text = yourls__( 'Short URL' );
  94                         $sort_by      = 'keyword';
  95                         break;
  96                 case 'url':
  97                         $sort_by_text = yourls__( 'URL' );
  98                         $sort_by      = 'url';
  99                         break;
 100                 case 'timestamp':
 101                         $sort_by_text = yourls__( 'Date' );
 102                         $sort_by      = 'timestamp';
 103                         break;
 104                 case 'ip':
 105                         $sort_by_text = yourls__( 'IP Address' );
 106                         $sort_by      = 'ip';
 107                         break;
 108                 case 'clicks':
 109                         $sort_by_text = yourls__( 'Clicks' );
 110                         $sort_by      = 'clicks';
 111                         break;
 112         }
 113         switch( $_GET['sort_order'] ) {
 114                 case 'asc':
 115                         $sort_order      = 'asc';
 116                         break;
 117                 case 'desc':
 118                         $sort_order      = 'desc';
 119                         break;
 120         }
 121 }
 122
 123 // Get URLs Count for current filter, total links in DB & total clicks
 124 list( $total_urls, $total_clicks ) = array_values( yourls_get_db_stats() );
 125 if ( $where ) {
 126         list( $total_items, $total_items_clicks ) = array_values( yourls_get_db_stats( $where ) );
 127 } else {
 128         $total_items        = $total_urls;
 129         $total_items_clicks = false;
 130 }
 131
 132 // This is a bookmarklet
 133 if ( isset( $_GET['u'] ) ) {
 134         $is_bookmark = true;
 135         yourls_do_action( 'bookmarklet' );
 136
 137         // No sanitization needed here: everything happens in yourls_add_new_link()
 138         $url     = ( $_GET['u'] );
 139         $keyword = ( isset( $_GET['k'] ) ? ( $_GET['k'] ) : '' );
 140         $title   = ( isset( $_GET['t'] ) ? ( $_GET['t'] ) : '' );
 141         $return  = yourls_add_new_link( $url, $keyword, $title );
 142
 143         // If fails because keyword already exist, retry with no keyword
 144         if ( isset( $return['status'] ) && $return['status'] == 'fail' && isset( $return['code'] ) && $return['code'] == 'error:keyword' ) {
 145                 $msg = $return['message'];
 146                 $return = yourls_add_new_link( $url, '', $ydb );
 147                 $return['message'] .= ' ('.$msg.')';
 148         }
 149
 150         // Stop here if bookmarklet with a JSON callback function
 151         if( isset( $_GET['jsonp'] ) && $_GET['jsonp'] == 'yourls' ) {
 152                 $short   = $return['shorturl'] ? $return['shorturl'] : '';
 153                 $message = $return['message'];
 154                 header( 'Content-type: application/json' );
 155                 echo yourls_apply_filter( 'bookmarklet_jsonp', "yourls_callback({'short_url':'$short','message':'$message'});" );
 156
 157                 die();
 158         }
 159
 160         // Now use the URL that has been sanitized and returned by yourls_add_new_link()
 161         $url = $return['url']['url'];
 162         $where  = sprintf( " AND `url` LIKE '%s' ", yourls_escape( $url ) );
 163
 164         $page   = $total_pages = $perpage = 1;
 165         $offset = 0;
 166
 167         $text   = ( isset( $_GET['s'] ) ? stripslashes( $_GET['s'] ) : '' );
 168
 169
 170 // This is not a bookmarklet
 171 } else {
 172         $is_bookmark = false;
 173
 174         // Checking $page, $offset, $perpage
 175         if( empty($page) || $page == 0 ) {
 176                 $page = 1;
 177         }
 178         if( empty($offset) ) {
 179                 $offset = 0;
 180         }
 181         if( empty($perpage) || $perpage == 0) {
 182                 $perpage = 50;
 183         }
 184
 185         // Determine $offset
 186         $offset = ( $page-1 ) * $perpage;
 187
 188         // Determine Max Number Of Items To Display On Page
 189         if( ( $offset + $perpage ) > $total_items ) {
 190                 $max_on_page = $total_items;
 191         } else {
 192                 $max_on_page = ( $offset + $perpage );
 193         }
 194
 195         // Determine Number Of Items To Display On Page
 196         if ( ( $offset + 1 ) > $total_items ) {
 197                 $display_on_page = $total_items;
 198         } else {
 199                 $display_on_page = ( $offset + 1 );
 200         }
 201
 202         // Determing Total Amount Of Pages
 203         $total_pages = ceil( $total_items / $perpage );
 204 }
 205
 206
 207 // Begin output of the page
 208 $context = ( $is_bookmark ? 'bookmark' : 'index' );
 209 yourls_html_head( $context );
 210 yourls_html_logo();
 211 yourls_html_menu() ;
 212
 213 yourls_do_action( 'admin_page_before_content' );
 214
 215 if ( !$is_bookmark ) { ?>
 216         <p><?php echo $search_sentence; ?></p>
 217         <p><?php
 218                 printf( yourls__( 'Display <strong>%1$s</strong> to <strong class="increment">%2$s</strong> of <strong class="increment">%3$s</strong> URLs' ), $display_on_page, $max_on_page, $total_items );
 219                 if( $total_items_clicks !== false )
 220                         echo ", " . sprintf( yourls_n( 'counting <strong>1</strong> click', 'counting <strong>%s</strong> clicks', $total_items_clicks ), yourls_number_format_i18n( $total_items_clicks ) );
 221         ?>.</p>
 222 <?php } ?>
 223 <p><?php printf( yourls__( 'Overall, tracking <strong class="increment">%1$s</strong> links, <strong>%2$s</strong> clicks, and counting!' ), yourls_number_format_i18n( $total_urls ), yourls_number_format_i18n( $total_clicks ) ); ?></p>
 224 <?php yourls_do_action( 'admin_page_before_form' ); ?>
 225
 226 <?php yourls_html_addnew(); ?>
 227
 228 <?php
 229 // If bookmarklet, add message. Otherwise, hide hidden share box.
 230 if ( !$is_bookmark ) {
 231         yourls_share_box( '', '', '', '', '', '', true );
 232 } else {
 233         echo '<script type="text/javascript">$(document).ready(function(){
 234                 feedback( "' . $return['message'] . '", "'. $return['status'] .'");
 235                 init_clipboard();
 236         });</script>';
 237 }
 238
 239 yourls_do_action( 'admin_page_before_table' );
 240
 241 yourls_table_head();
 242
 243 if ( !$is_bookmark ) {
 244         $params = array(
 245                 'search'      => $search,
 246                 'search_text' => $search_text,
 247                 'search_in'   => $search_in,
 248                 'sort_by'     => $sort_by,
 249                 'sort_order'  => $sort_order,
 250                 'page'        => $page,
 251                 'perpage'     => $perpage,
 252                 'click_filter' => $click_filter,
 253                 'click_limit'  => $click_limit,
 254                 'total_pages' => $total_pages,
 255                 'date_filter' => $date_filter,
 256                 'date_first'  => $date_first,
 257                 'date_second' => $date_second,
 258         );
 259         yourls_html_tfooter( $params );
 260 }
 261
 262 yourls_table_tbody_start();
 263
 264 // Main Query
 265 $where = yourls_apply_filter( 'admin_list_where', $where );
 266 $url_results = $ydb->get_results( "SELECT * FROM `$table_url` WHERE 1=1 $where ORDER BY `$sort_by` $sort_order LIMIT $offset, $perpage;" );
 267 $found_rows = false;
 268 if( $url_results ) {
 269         $found_rows = true;
 270         foreach( $url_results as $url_result ) {
 271                 $keyword = yourls_sanitize_string( $url_result->keyword );
 272                 $timestamp = strtotime( $url_result->timestamp );
 273                 $url = stripslashes( $url_result->url );
 274                 $ip = $url_result->ip;
 275                 $title = $url_result->title ? $url_result->title : '';
 276                 $clicks = $url_result->clicks;
 277
 278                 echo yourls_table_add_row( $keyword, $url, $title, $ip, $clicks, $timestamp );
 279         }
 280 }
 281
 282 $display = $found_rows ? 'display:none' : '';
 283 echo '<tr id="nourl_found" style="'.$display.'"><td colspan="6">' . yourls__('No URL') . '</td></tr>';
 284
 285 yourls_table_tbody_end();
 286
 287 yourls_table_end();
 288
 289 yourls_do_action( 'admin_page_after_table' );
 290
 291 if ( $is_bookmark )
 292         yourls_share_box( $url, $return['shorturl'], $title, $text );
 293 ?>
 294
 295 <?php yourls_html_footer( ); ?>