Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Concurency issues with yourls-api.php #765

Closed
ozh opened this issue Apr 6, 2013 · 4 comments
Closed

Concurency issues with yourls-api.php #765

ozh opened this issue Apr 6, 2013 · 4 comments

Comments

@ozh
Copy link
Member

ozh commented Apr 6, 2013

This is a COPY of Issue 765: Concurency issues with yourls-api.php, filed on Google Code before the project was moved on Github.

  • Submitted on 2011-04-17T02:08:21.000Z by raccettu
  • Status: Fixed

Please review the original issue and especially its comments. Comments here on closed issues will be ignored. Thanks.

Original description

So I've got a script that hits yourls API to get a short url.  The script has basic caching to help prevent multiple API hits, however until the first one resolves, it will keep firing off API requests since it has nothing to serve until the cache is primed.

The result here is that if the yourls API is hit quickly with the same URL, you can have duplicate entries.  In my case a dozen for the same exact URL.  The correct behavior is 1 short url per URL.  The rest should return the original URL.  This works correctly when it doesn't happen so quickly.

The reason is that the write operation isn't instant, so if multiple requests are fired before it's written, the duplicate 'exists' check is still false.

I think a temporary table, lock file or some other faster mechanism is needed to help prevent this concurrency issue.  Otherwise anyone with API access can make a real mess out of the database.  I accidentally ran across this and ended up making about 1k bogus short url's.  Thankfully I could figure out what they were and delete them pretty easily and restore my next_id.
@ozh ozh closed this as completed Apr 6, 2013
@fantapop
Copy link

fantapop commented Oct 4, 2018

@ozh I ran across this issue because I noticed this in the plugin list:

https://bitbucket.org/laceous/yourls-concurrency-fix

Do we still need to install the plugin to get the fix? Or is it handled in the core nowadays?

@dgw
Copy link
Member

dgw commented Oct 4, 2018

This issue was marked "Fixed" a long time ago…

@fantapop
Copy link

fantapop commented Oct 4, 2018 via email

@ozh
Copy link
Member Author

ozh commented Oct 4, 2018

Think of it the other way round : do you notice anything with your setup that makes you think you need something special regarding concurrency? Anyway this issue has been open in 2011, chances are the codebase is now very different from back then.

ozh added a commit that referenced this issue Mar 12, 2022
* Try and catch concurrency errors when creating new short urls, updating click count and logging redirects
* Code refactoring
* Couple more tests while at it

Fixes #2538
Fixes #765
Fixes #1974
Fixes #2829
iWantToKeepAnon added a commit to iWantToKeepAnon/YOURLS that referenced this issue Mar 7, 2023
* deprecate Twitter :-(

See YOURLS#2639 and https://git.io/Jvhw6 for more info

* Remove obsolete setting and link to wiki

[skip ci] [skip travis] [skip scrutinizer]

* Accept timestamped signature with arbitrary hash (YOURLS#2644)

* Allow arbitrary hashed signatures
* Force timestamps to int
* Improve comment
* Test new feature and add more tests

* Truncate display of long IP

Ozh doing CSS. Yeah right. Fixes YOURLS#2266

[skip travis] [skip ci] [skip scrutinizer]

* deprecate twitter (continued)

[skip travis] [skip scrutinizer] [skip ci]

* Update CHANGELOG.md

* Use SVG logo in lieu of the old PNG one (YOURLS#2649)

Ahah. I love this expression, "in lieu of" :)
Also, remove those social buttons. I think they're useless and ugly.

* Update share links.

Closes YOURLS#2554. [skip travis] [skip scrutinizer]

* Move /pages into /user (YOURLS#2648)

Closes YOURLS#1582

* Move `pages/` into `user/`
* Update functions to display pages
* Add tests for pages
* Update .gitignore and robots sample file

Co-authored-by:  Léo Colombaro <git@colombaro.fr>

* Update contributors

I sometimes close pull requests yet use parts of the suggested code. In the
end it's a shame that original submitters are not given credit, so this
commit is just a sincere "thank you" to:
- @dagee3 for YOURLS#2362
- @MarcProe for YOURLS#2445
- @hangxingliu for YOURLS#2545
- @Art4 for YOURLS#2581
- @pcolmer / @philip-linaro for YOURLS#2608
- @muellerlukas for YOURLS#2554

Co-authored-by: Darrell Agee <dagee3@users.noreply.github.com>
Co-authored-by: Marcus <MarcProe@users.noreply.github.com>
Co-authored-by: Liu Yue <hangxingliu@gmail.com>
Co-authored-by: Artur Weigandt <Art4@users.noreply.github.com>
Co-authored-by: Philip Colmer <pcolmer@users.noreply.github.com>
Co-authored-by: Lukas Müller <info@muellerlukas.de>

(hoping they'll show in the contributors list)

* Update contributors

I sometimes close pull requests yet use parts of the suggested code. In the
end it's a shame that original submitters are not given credit, so this
commit is just a sincere "thank you" to:
- @dagee3 for YOURLS#2362
- @MarcProe for YOURLS#2445
- @hangxingliu for YOURLS#2545
- @Art4 for YOURLS#2581
- @pcolmer / @philip-linaro for YOURLS#2608
- @muellerlukas for YOURLS#2554

(hoping they'll show in the contributors list)
[skip scrutinizer] [skip travis]

Co-authored-by: Darrell Agee <dagee3@users.noreply.github.com>
Co-authored-by: Marcus <MarcProe@users.noreply.github.com>
Co-authored-by: Liu Yue <hangxingliu@gmail.com>
Co-authored-by: Artur Weigandt <Art4@users.noreply.github.com>
Co-authored-by: Philip Colmer <pcolmer@users.noreply.github.com>
Co-authored-by: Lukas Müller <info@muellerlukas.de>

* Add labels to every input on index page (YOURLS#2650)

Props @audreymaniez 
Closes YOURLS#2300 

Co-authored-by: Audrey Maniez <amaniez@access42.net>

* Always return trimmed (and filtered) YOURLS_SITE (YOURLS#2653)

Closes YOURLS#2651

* Reorganize .gitignore for readability

It was either too forgiving or too ignoring
[skip scrutinizer] [skip travis]

* Add missing translations (YOURLS#2655)

Fixes YOURLS#1666
Fixes YOURLS#1598 
Closes YOURLS#1655

* Validate api.yourls.org result when checking for new version (YOURLS#2657)

* Bump to 1.7.9

* Bump 1.7.10

* Forbid tests/

Fixes YOURLS#2664

* Split functions.php in smaller files

New function files for:
* debug
* options
* links
* geo
* shorturls
Fixes YOURLS#2654

* Regroup and always load auth functions
Fixes YOURLS#2662
Fixes YOURLS#2661 

Co-authored-by: paulgoodchild <paulgoodchild@users.noreply.github.com>

* Readme tweak (YOURLS#2671)

* Stop hotlinking images from yourls.org
* Linkable h2 & h3

* Gandi link

[skip travis] [skip scrutinizer]

* Allow 255 chars for the user agent (YOURLS#2672)

* New/better hooks for referrer and user agent

* Update deps (YOURLS#2676)

* Begin functions cleaning, starting with GEO. (YOURLS#2670)

* cleanup geo functions
* add support for CloudFlare's Country GEO header without the need for IP resolution and database
* ensure flag URL always returns a string, instead of false on failure as the result is always used as a string (without validation)
* add helper yours_get_db() so we don't need to use "global $ydb" throughout and it ensures that ydb is always initialised correctly and hasn't ever been changed to something incompatible.
* simplify debug get log
* tidy up code and phpdocs for functions-plugins
* cleanup & phpdocs for parts of functions.php
Co-authored-by: ྅༻ Ǭɀħ ༄༆ཉ <ozh@ozh.org>

* Smarter keyword sanitization (YOURLS#2682)

* Smarter keyword sanitizing, based on context
* Deprecate yourls_sanitize_string()

Fixes YOURLS#2646.
Fixes YOURLS#2128.

* Update README.md

* Timezones (YOURLS#2684)

* Implemented support for timezones
* Removed OFFSET const from config
* Localized yet sortable date in admin shorturl list
* Unit tests
* Code cleanup

Co-authored-by: Jérémy K <JeremyKeusters@users.noreply.github.com>

* More flexible plugin headers, and tests

* Correcting minor typo

* Revise yourls_date_i18n() (YOURLS#2701)

* Revise yourls_date_i18n()
* Remove useless function
* Save one query on each call 🙄 

Fixes YOURLS#2694

* Reverse build script logic (YOURLS#2705)

By default simply list what would go, but don't delete anything

* PHPUnit tweaks (YOURLS#2706)

* Overwrite tests/composer.json with specific phpunit version depending on PHP version
* Send code coverage to scrutinize

* Update README

Actual links to contributing.md

* Readme tweaks

* Moar badges. I love badges.

* Clarify allowed chars in table names & prefixes (YOURLS#2721)

Fixes YOURLS#2720

* Fix typos

* Update sample plugin (YOURLS#2737)

Remove all third party, deprecated or not. Fixes YOURLS#2736.

* Extend filter-hook "table_add_row_action_array"

Closes YOURLS#2743

* The mac client is deprecated (YOURLS#2754)

The mac client is deprecated and the link is redirecting to other website (http://timi.im/app/) which looks malicious.

* Update readme.html (YOURLS#2758)

Add YOURLS installation link for Ubuntu 20.04 version.

Co-authored-by: dgw <dgw@technobabbl.es>

* Fix that effing encoding problem (YOURLS#2690)

This commit's changelog

- less encode/decode
- update jQuery & remove old ones
- No encoding in JS
- Also, 4 spaces in JS too, duh
- IDN domain functions
- Use mb_ functions to preverse IDN domains
- Support for UTF8MB4
- update install procedure
- update upgrade procedure. Note: The log table will be left untouched by the upgrade, it's impossible to make a convenient upgrade script for thousands of rows. The only problem will be if someone uses UTF8 short URLs (eg `http://sho.rt/éé💩`)
- Handle normalization of IDN domains & tests
- Fix warning on 7.2 and 7.3
- Deal with encoding in bookmarklets
- Enclose upgrade queries in a transaction
- Force no caching upon install or upgrade. Note: Strange behavior: if YOURLS hosted on an IDN domain, browser (FF at least) caches the redirection from admin/index.php to admin/install.php
- Support for IDN YOURLS hosting
- Tests for IDN YOURLS hosting
- Fix code (that will never get run again)
- Don't cache ajax requests
- Remove unnecessary function call
- Add comment doc block
- More IDN sanitizing tests
- IDN : Screw the "open dots". Who's going to type domain。com instead of domain.com anyway? Seriously. (although these do pass on my dev box)
- Deprecate yourls_lowercase_scheme_domain()
- Update doc to reflect DB change

* On logout, explicitely send to index.php

Fix logout link in admin panel.

Co-authored-by: ྅༻ Ǭɀħ ༄༆ཉ <ozh@ozh.org>

* Sanitize plugin file header before display (YOURLS#2761)

Avoid improbable case such as:

/**
 * Plugin Name: anything"><img src=x onerror=prompt("name")>
 * Plugin URI: anything"><img src=x onerror=prompt("")>
 * Description: anything"><img src=x onerror=prompt("desc")>
 * Version: anything"><img src=x onerror=prompt('version')>
 * Author: anything"><img src=x onerror=prompt('author')>
 * Author URI: anything"><img src=x onerror=prompt("desc")>
 */

* Remove `global $ydb` calls and prefer helper function (YOURLS#2762)

Fixes YOURLS#2698

Changes : 
- Replace all global $ydb; and $ydb->... with yourls_get_db()-> in code and tests
- Add tests
- Introduce yourls_set_db()

* Replace `call_user_func()` with variable functions (YOURLS#2763)

Fixes YOURLS#2714

* Display default shorturls_length in the database if not already set (YOURLS#2767)


Co-authored-by: ྅༻ Ǭɀħ ༄༆ཉ <ozh@ozh.org>

* Update XML lib for API output (YOURLS#2770)

Will close YOURLS#2668

* Add verifications for exception messages in tests (YOURLS#2780)

* Add WhatsApp and Telegram Protocols (YOURLS#2781)

* Fix typo broken in YOURLS#2781 (YOURLS#2786)

* Update clipboard.js to 2.0.6 (YOURLS#2788)

Internal breaking change : js constructor from `new Clipboard()` to `new ClipboardJS()`

Signed-off-by: Aaron <admin@datahoarder.dev>

* optional `$title` param in `yourls_table_add_row()` can't be optional (YOURLS#2808)

PHP 8.0 deprecated optional parameters before required ones:
https://php.watch/versions/8.0/deprecate-required-param-after-optional

All call sites in YOURLS already pass `$title` (because they have to),
so there's no reason it needs to be an optional argument. This change
resolves part of YOURLS#2807.

Additionally, the first line of `yourls_table_add_row()` was indented
with spaces instead of using s tab character like the rest of the file.
This has been corrected as a bonus.

* Update tests matrix and setup

* Update travis for composer 2
* Update xdebug.mode in php.ini
* Bump PHPUnit versions for PHP 8 and nightly
* Remove 5.6

* Replace double quotes with single quotes, preventing fatal exception when running on MySQL 8 (YOURLS#2800)

Fixes YOURLS#2799

Co-authored-by: ྅༻ Ǭɀħ ༄༆ཉ <ozh@ozh.org>

* Update Travis badge

[skip ci] [skip travis]

* Update libs and fix PHP 8 (YOURLS#2824)

Fixes YOURLS#2807 

* Update libs
* Refactor the logging system to match Aura SQL 3
* Bump PHPUnit version
* Downgrade spatie/array-to-xml to 2.15
* Upgrade expectations to PHPUnit 8+
* Drop PHPUnit 6 support

Co-authored-by: Léo Colombaro <git@colombaro.fr>

* Move to GitHub Actions (YOURLS#2828)

* Move to GitHub Actions
* Switch badges to GitHub Actions
* Add dependabot for github-actions actions

* SVG icons (YOURLS#2822)


Co-authored-by: Ozh <ozh@ozh.org>

* Update readme.html (YOURLS#2823)

Added a new detailed tutorial for LEMP+Let's Encrypt

* SVG logo and icon as designed by @JayHoltslander (YOURLS#2837)


Co-authored-by: Jay Holtslander <j.holtslander@gmail.com>

* Disable 8.1  (YOURLS#2838)

Disable 8.1 run as allow run failure not available

* Use short array syntax (YOURLS#2839)

* Revert enclosing in transaction

Fixes YOURLS#2827

* Fix collation in the update to current master (YOURLS#2840)

* Fix collation in the update. Bump DB to 506.
* Fixes YOURLS#2766

* Bump min PHP requirement (YOURLS#2841)

* Readme cleanup (YOURLS#2842)

Remove all unofficial links, now to be found on https://github.com/YOURLS/awesome-yourls

* 1.8, baby

* Update CHANGELOG.md

Adding 1.8 and 1.7.9 that was forgotten

* Add missing escapes characters to MySQL query in functions-upgrade.php (YOURLS#2844)

* Bump shivammathur/setup-php from 2.9.0 to 2.10.0 (YOURLS#2847)

Bumps [shivammathur/setup-php](https://github.com/shivammathur/setup-php) from 2.9.0 to 2.10.0.
- [Release notes](https://github.com/shivammathur/setup-php/releases)
- [Commits](shivammathur/setup-php@2.9.0...fa18c2b)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Create labeler.yml

* Create label-commenter-config.yml

* Fix branch name in actions

* Update collation on install (YOURLS#2846)

* Fix is_private overruling (YOURLS#2859)

* Fix is_private overruling
* Simplify function yourls_is_private

* Support for 'all' hook (YOURLS#2860)

* Improve inline doc & comments
* Introduce support for the 'all' hook
* Unit test nitpicking

* 1.8.1 changelog

[skip ci]

* Bump for 1.8.1

[skip ci]

* Fix SVG for IE 11 (YOURLS#2864)

* Add viewBox attribute to favicon
* Logo missing viewBox as well

* Add a release workflow to dispatch to Docker repo

* Promote GitHub Discussions for community support

* Promote awesome-yourls

* Bump shivammathur/setup-php from 2.10.0 to 2.11.0

Bumps [shivammathur/setup-php](https://github.com/shivammathur/setup-php) from 2.10.0 to 2.11.0.
- [Release notes](https://github.com/shivammathur/setup-php/releases)
- [Commits](shivammathur/setup-php@2.10.0...b0559f7)

Signed-off-by: dependabot[bot] <support@github.com>

* Bump rmccue/requests from 1.7.0 to 1.8.0 (YOURLS#2916)

Bumps [rmccue/requests](https://github.com/rmccue/Requests) from 1.7.0 to 1.8.0.
- [Release notes](https://github.com/rmccue/Requests/releases)
- [Changelog](https://github.com/WordPress/Requests/blob/master/CHANGELOG.md)
- [Commits](WordPress/Requests@v1.7.0...v1.8.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Refactor admin/index.php & more filters (YOURLS#2912)

* Move some logic from admin/index.php to own class
* Comments & documentation

* Clarify what setting is for

Wiki page added: https://yourls.org/urlconvert
For the lolz, here are the values for this setting encountered in the wild: https://gist.github.com/ozh/46056801ee25b9f328334b3ce0e32f1b

[skip ci]

* Bump peter-evans/create-pull-request from 3 to 3.9.1

Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 3 to 3.9.1.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](peter-evans/create-pull-request@v3...v3.9.1)

Signed-off-by: dependabot[bot] <support@github.com>

* Bump actions/checkout from 2 to 2.3.4

Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 2.3.4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v2...v2.3.4)

Signed-off-by: dependabot[bot] <support@github.com>

* Bump peaceiris/actions-label-commenter from 1 to 1.9.1

Bumps [peaceiris/actions-label-commenter](https://github.com/peaceiris/actions-label-commenter) from 1 to 1.9.1.
- [Release notes](https://github.com/peaceiris/actions-label-commenter/releases)
- [Changelog](https://github.com/peaceiris/actions-label-commenter/blob/main/CHANGELOG.md)
- [Commits](peaceiris/actions-label-commenter@v1...v1.9.1)

Signed-off-by: dependabot[bot] <support@github.com>

* bugfix/db upgrade 506 (YOURLS#2933)

* fix duplicate array key
* convert url table *after* changing field length to avoid "key was too long; max key length is 767 bytes" error on some DB setups

* Bump peter-evans/create-pull-request from 3.9.1 to 3.9.2 (YOURLS#2942)

Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 3.9.1 to 3.9.2.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](peter-evans/create-pull-request@v3.9.1...v3.9.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump peter-evans/create-pull-request from 3.9.2 to 3.10.0

Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 3.9.2 to 3.10.0.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](peter-evans/create-pull-request@v3.9.2...v3.10.0)

Signed-off-by: dependabot[bot] <support@github.com>

* Filter all HTTP request params (YOURLS#2951)

* Add `version` to API usage

Closes YOURLS#2957 

[skip ci]

* Bump peaceiris/actions-label-commenter from 1.9.1 to 1.9.2 (YOURLS#2980)

Bumps [peaceiris/actions-label-commenter](https://github.com/peaceiris/actions-label-commenter) from 1.9.1 to 1.9.2.
- [Release notes](https://github.com/peaceiris/actions-label-commenter/releases)
- [Changelog](https://github.com/peaceiris/actions-label-commenter/blob/main/CHANGELOG.md)
- [Commits](peaceiris/actions-label-commenter@v1.9.1...v1.9.2)

---
updated-dependencies:
- dependency-name: peaceiris/actions-label-commenter
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump peaceiris/actions-label-commenter from 1.9.2 to 1.10.0

Bumps [peaceiris/actions-label-commenter](https://github.com/peaceiris/actions-label-commenter) from 1.9.2 to 1.10.0.
- [Release notes](https://github.com/peaceiris/actions-label-commenter/releases)
- [Changelog](https://github.com/peaceiris/actions-label-commenter/blob/main/CHANGELOG.md)
- [Commits](peaceiris/actions-label-commenter@v1.9.2...v1.10.0)

---
updated-dependencies:
- dependency-name: peaceiris/actions-label-commenter
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump shivammathur/setup-php from 2.11.0 to 2.12.0 (YOURLS#2996)

Bumps [shivammathur/setup-php](https://github.com/shivammathur/setup-php) from 2.11.0 to 2.12.0.
- [Release notes](https://github.com/shivammathur/setup-php/releases)
- [Commits](shivammathur/setup-php@2.11.0...2.12.0)

---
updated-dependencies:
- dependency-name: shivammathur/setup-php
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump shivammathur/setup-php from 2.12.0 to 2.13.0 (YOURLS#3032)

Bumps [shivammathur/setup-php](https://github.com/shivammathur/setup-php) from 2.12.0 to 2.13.0.
- [Release notes](https://github.com/shivammathur/setup-php/releases)
- [Commits](shivammathur/setup-php@2.12.0...2.13.0)

---
updated-dependencies:
- dependency-name: shivammathur/setup-php
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump peter-evans/create-pull-request from 3.10.0 to 3.10.1 (YOURLS#3029)

Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 3.10.0 to 3.10.1.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](peter-evans/create-pull-request@v3.10.0...v3.10.1)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Minor security improvements (YOURLS#3034)

* Prevent iframe jacking
* Enforce nonce on admin login screen

* Bump version and update changelog

[skip ci]

* Update auth tests to match YOURLS#3034 (YOURLS#3035)

* Minor security improvements #2 (YOURLS#3041)

* Escape HTML and attributes before returning
* Remove deprecated vars

* Prevent encryption warning when password provided via env (YOURLS#3040)

Fixes YOURLS#3038 

* added check for user provided from environment variables
* Add unit tests

Co-authored-by: ྅༻ Ǭɀħ ༄༆ཉ <ozh@ozh.org>

* Support HTTPS termination on a reverse proxy (YOURLS#3044)

When HTTPS termination happens on a reverse proxy, $_SERVER['HTTPS'] is not set and $_SERVER['SERVER_PORT'] is 80.
The current implementation tries to redirect infinitely in this situation because the function yourls_is_ssl() is false, although the actual URL begins with https://.

* Filterable user defined constants, and more tests (YOURLS#3048)

* Test referrer parsing

* Update CHANGELOG.md

* Post release bump. Onto the next version!

[skip ci]

* Use PAT in workflow to allow chaining

* Sanitize user input in upgrade (YOURLS#3055)

* Bump shivammathur/setup-php from 2.13.0 to 2.14.0

Bumps [shivammathur/setup-php](https://github.com/shivammathur/setup-php) from 2.13.0 to 2.14.0.
- [Release notes](https://github.com/shivammathur/setup-php/releases)
- [Commits](shivammathur/setup-php@2.13.0...2.14.0)

---
updated-dependencies:
- dependency-name: shivammathur/setup-php
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Remove labeler as per template enforcement

* Enable auto-merge for dependabot

* Enable auto-merge for dependabot

* Bump shivammathur/setup-php from 2.14.0 to 2.15.0

Bumps [shivammathur/setup-php](https://github.com/shivammathur/setup-php) from 2.14.0 to 2.15.0.
- [Release notes](https://github.com/shivammathur/setup-php/releases)
- [Commits](shivammathur/setup-php@2.14.0...2.15.0)

---
updated-dependencies:
- dependency-name: shivammathur/setup-php
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump actions/checkout from 2.3.4 to 2.3.5

Bumps [actions/checkout](https://github.com/actions/checkout) from 2.3.4 to 2.3.5.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v2.3.4...v2.3.5)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Remove explicit matrix tag in workflow name

Let GitHub auto tag jobs and make them more generic

* Fix incorrect "prefix and shorten" notice while logged out

Fixes YOURLS#2688

Co-authored-by: ྅༻ Ǭɀħ ༄༆ཉ <ozh@ozh.org>

* Automatic PR for Helm charts after a release

* Fix workflow file

[ci skip]

* Bump actions/checkout from 2.3.5 to 2.4.0

Bumps [actions/checkout](https://github.com/actions/checkout) from 2.3.5 to 2.4.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v2.3.5...v2.4.0)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump peter-evans/create-pull-request from 3.10.1 to 3.11.0

Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 3.10.1 to 3.11.0.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](peter-evans/create-pull-request@v3.10.1...v3.11.0)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump shivammathur/setup-php from 2.15.0 to 2.16.0

Bumps [shivammathur/setup-php](https://github.com/shivammathur/setup-php) from 2.15.0 to 2.16.0.
- [Release notes](https://github.com/shivammathur/setup-php/releases)
- [Commits](shivammathur/setup-php@2.15.0...2.16.0)

---
updated-dependencies:
- dependency-name: shivammathur/setup-php
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump peter-evans/create-pull-request from 3.11.0 to 3.12.0

Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 3.11.0 to 3.12.0.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](peter-evans/create-pull-request@v3.11.0...v3.12.0)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Revert 3090 & fix tests (YOURLS#3188)

* Allow prefix n shortening without being logged in

Fixes YOURLS#3189

- Allow prefix n shortening without being logged in
- Test checking for redirection on successful auth

Props @dan-r for the initial digging on this issue !

* Update GeoIP db (YOURLS#3191)

* Update GeoIP2 db
* Update tests

Fixes YOURLS#3173

* Bump peter-evans/create-pull-request from 3.12.0 to 3.12.1

Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 3.12.0 to 3.12.1.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](peter-evans/create-pull-request@v3.12.0...v3.12.1)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump shivammathur/setup-php from 2.16.0 to 2.17.0

Bumps [shivammathur/setup-php](https://github.com/shivammathur/setup-php) from 2.16.0 to 2.17.0.
- [Release notes](https://github.com/shivammathur/setup-php/releases)
- [Commits](shivammathur/setup-php@2.16.0...2.17.0)

---
updated-dependencies:
- dependency-name: shivammathur/setup-php
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Reuse org workflows

* Drop release workflows

The relative actions has been moved to downstream to simplify maintenance

* Updated default links from 'http' to 'https' (YOURLS#3229)

* Updated default links from 'http' to 'https'
* Updated unit test

* Bump to php 8.1 and drop 7.2, 7.3 (YOURLS#3230)

* Bump tests to php 8.1 and drop 7.2, 7.3
* Bump vendor version to align with new requirements
* Drop conflicted and deprecated YDB functions
* Use proper Request namespace
* Fix a deprecation warning

Co-authored-by: ྅༻ Ǭɀħ ༄༆ཉ <ozh@ozh.org>

* Update .gitattributes

* Clean up gitattributes

* Mark vendor files as generated

* Remove ozh/phpass and use on password_* functions (YOURLS#3232)

Fixes YOURLS#3231

* Bump shivammathur/setup-php from 2.17.0 to 2.17.1

Bumps [shivammathur/setup-php](https://github.com/shivammathur/setup-php) from 2.17.0 to 2.17.1.
- [Release notes](https://github.com/shivammathur/setup-php/releases)
- [Commits](shivammathur/setup-php@2.17.0...2.17.1)

---
updated-dependencies:
- dependency-name: shivammathur/setup-php
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump actions/checkout from 2.4.0 to 3

Bumps [actions/checkout](https://github.com/actions/checkout) from 2.4.0 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v2.4.0...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Upload coverage only when coverage is enabled

ref YOURLS#3238

* Try and catch concurrency errors (YOURLS#3233)

* Try and catch concurrency errors when creating new short urls, updating click count and logging redirects
* Code refactoring
* Couple more tests while at it

Fixes YOURLS#2538
Fixes YOURLS#765
Fixes YOURLS#1974
Fixes YOURLS#2829

* Remove scrutinizer (YOURLS#3245)

* Make element ID independent from the short URL (YOURLS#3244)

Fixing a dumb idea introduced in version 0.1 :^P

Fixes YOURLS#2925

* Restore certificates (YOURLS#3250)

* Restore certificates
* Make sure to test againts HTTPS so this won't happen again

* Explicitely exit after redirection where needed (YOURLS#3257)

Fixes YOURLS#3217
Would fix YOURLS#2688 if it weren't already fixed

* Bump shivammathur/setup-php from 2.17.1 to 2.18.0

Bumps [shivammathur/setup-php](https://github.com/shivammathur/setup-php) from 2.17.1 to 2.18.0.
- [Release notes](https://github.com/shivammathur/setup-php/releases)
- [Commits](shivammathur/setup-php@2.17.1...2.18.0)

---
updated-dependencies:
- dependency-name: shivammathur/setup-php
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Add nonce to the logout link (YOURLS#3264)

* Add nonce to the logout link
* Add tests for cookies being set or reset
* More tests: check nonces are different for different actions & users

Fixes YOURLS#3170

* More hooks for the admin view & search (YOURLS#3265)

Will fix YOURLS#3074 and YOURLS#3262

* Plugin API : sandbox and uninstall procedure (YOURLS#3258)

- foolproof (?) activation sandbox that actually works
- uninstall method
- Plugin activation sandbox and unit tests
- Uninstall script and tests

* Update version checking and use /version/1.1/ (YOURLS#3268)

* Fix typo

[skip ci]

* Do not use md5() in yourls_salt() (YOURLS#3278)

* Do not use md5() in yourls_salt()
* More tests while we're here

Fixes YOURLS#3277

* Bump shivammathur/setup-php from 2.18.0 to 2.18.1

Bumps [shivammathur/setup-php](https://github.com/shivammathur/setup-php) from 2.18.0 to 2.18.1.
- [Release notes](https://github.com/shivammathur/setup-php/releases)
- [Commits](shivammathur/setup-php@2.18.0...2.18.1)

---
updated-dependencies:
- dependency-name: shivammathur/setup-php
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* More plugin functions (YOURLS#3281)

Introduce yourls_get_actions() and yourls_get_filters(), and their tests

* Update certificates (YOURLS#3283)

Co-authored-by: ozh <ozh@ozh.org>

* Regularly update certificates (YOURLS#3282)

Workflow to update cacert every monday if a new bundle is published

* Update GeoIP DB (YOURLS#3289)

Co-authored-by: ozh <ozh@ozh.org>

* Regularly update GeoIP db (YOURLS#3284)

Regularly update GeoIP db
Workflow to update geoip db every monday if a new version is available

* More checks with new version notices (YOURLS#3290)

* add unit tests to make sure running 1.8.3-dev will trigger a new version notice when 1.8.3 is out (I think it already works this way)
* more validation of the api core/update response

* Promote docs.yourls.org (YOURLS#3291)

* Don't delete branch when closing `update-geoip` PR (YOURLS#3294)

* Update GeoIP with Github App (YOURLS#3298)

* Update GeoIP with Github App
Source: https://github.com/peter-evans/create-pull-request/blob/main/docs/concepts-guidelines.md#authenticating-with-github-app-generated-tokens

Co-authored-by: Léo Colombaro <git@colombaro.fr>

* Update GeoIP DB (YOURLS#3303)

Co-authored-by: ozh <ozh@ozh.org>

* More helpful "URL already exists" (YOURLS#3305)

Fixes YOURLS#1676 opened by... myself... 8 years ago 😅

* 1.9 (YOURLS#3304)

Co-authored-by: dgw <dgw@technobabbl.es>
Co-authored-by: Léo Colombaro <git@colombaro.fr>

* Post release bump

* Bump dependencies and remove (YOURLS#3309)

Updates : 
- aura/sql (3.0.0 => 3.1.0)
- maxmind/web-service-common (v0.8.1 => v0.9.0)
- rmccue/requests (v2.0.1 => 2.0.2)
- symfony/polyfill-intl-idn (v1.24.0 => v1.25.0)
- symfony/polyfill-intl-normalizer (v1.24.0 => v1.25.0)
- symfony/polyfill-mbstring (v1.24.0 => v1.25.0)
- symfony/polyfill-php72 (v1.24.0 => v1.25.0)

* Fix checking for new certs (YOURLS#3313)

Stop fighthing with the etags, just download the darn files

* Update GeoIP DB (YOURLS#3315)

Co-authored-by: ozh <ozh@users.noreply.github.com>

* Update certificates (YOURLS#3316)

Co-authored-by: ozh <ozh@users.noreply.github.com>

* Remove warnings on PHP 8.1 (YOURLS#3317)

Also, minor code styles doc & typo
* Refactor yourls_filter_unique_id() to remove useless vars
* Comply with phpstan level 4
* add some tests to cover newly discovered potential issues

* Add missing inline documentation (YOURLS#3325)

* Inline documentation (YOURLS#3329)

Now 100% complete

* Fix error `Undefined constant "intval"` when upgrading (YOURLS#3332)

Closes YOURLS#3331

* Update GeoIP DB (YOURLS#3334)

Co-authored-by: ozh <ozh@users.noreply.github.com>

* Update GeoIP DB (YOURLS#3340)

Co-authored-by: ozh <ozh@users.noreply.github.com>

* List required/suggested PHP extensions in composer.json (YOURLS#3339)

* List required/suggested PHP extensions in composer.json

Best-effort attempt to declare all extensions used by YOURLS.

Based on the output of https://github.com/RogerGee/php-ext-depends

`composer check-platform-reqs` will show the status of all except those
in "suggest", which is a limitation to sort out later.

* Update composer.json extension requirements after further research

Co-authored-by: ྅༻ Ǭɀħ ༄༆ཉ <ozh@ozh.org>

* Update GeoIP DB (YOURLS#3348)

Co-authored-by: ozh <ozh@users.noreply.github.com>

* No hyphen in random keywords (YOURLS#3353)

Fixes  YOURLS#2281
Fixes YOURLS/random-keywords#8

* Always include `functions-(upgrade|install).php` (YOURLS#3354)

Fixes YOURLS#3326

* Return 400 instead of 500 when duplicate (YOURLS#3355)

Fixes YOURLS#3319

* Update GeoIP DB (YOURLS#3356)

Co-authored-by: ozh <ozh@users.noreply.github.com>

* Release v1.9.1 (YOURLS#3350)

* Version 1.9.1
Co-authored-by: dgw <dgw@technobabbl.es>
Co-authored-by: ྅༻ Ǭɀħ ༄༆ཉ <ozh@ozh.org>

* Post release bump

* Bump shivammathur/setup-php from 2.18.1 to 2.19.0

Bumps [shivammathur/setup-php](https://github.com/shivammathur/setup-php) from 2.18.1 to 2.19.0.
- [Release notes](https://github.com/shivammathur/setup-php/releases)
- [Commits](shivammathur/setup-php@2.18.1...2.19.0)

---
updated-dependencies:
- dependency-name: shivammathur/setup-php
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump shivammathur/setup-php from 2.19.0 to 2.19.1

Bumps [shivammathur/setup-php](https://github.com/shivammathur/setup-php) from 2.19.0 to 2.19.1.
- [Release notes](https://github.com/shivammathur/setup-php/releases)
- [Commits](shivammathur/setup-php@2.19.0...2.19.1)

---
updated-dependencies:
- dependency-name: shivammathur/setup-php
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update GeoIP DB (YOURLS#3362)

Co-authored-by: ozh <ozh@users.noreply.github.com>

* Fix geoip tests with a more confident ipv6 (YOURLS#3369)

This one is in Japan according to all tools I could check

* Update GeoIP DB (YOURLS#3368)

Co-authored-by: ozh <ozh@users.noreply.github.com>
Co-authored-by: ྅༻ Ǭɀħ ༄༆ཉ <ozh@ozh.org>

* Update GeoIP DB (YOURLS#3370)

Co-authored-by: ozh <ozh@users.noreply.github.com>

* Bump shivammathur/setup-php from 2.19.1 to 2.20.0

Bumps [shivammathur/setup-php](https://github.com/shivammathur/setup-php) from 2.19.1 to 2.20.0.
- [Release notes](https://github.com/shivammathur/setup-php/releases)
- [Commits](shivammathur/setup-php@2.19.1...2.20.0)

---
updated-dependencies:
- dependency-name: shivammathur/setup-php
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump shivammathur/setup-php from 2.20.0 to 2.20.1

Bumps [shivammathur/setup-php](https://github.com/shivammathur/setup-php) from 2.20.0 to 2.20.1.
- [Release notes](https://github.com/shivammathur/setup-php/releases)
- [Commits](shivammathur/setup-php@2.20.0...2.20.1)

---
updated-dependencies:
- dependency-name: shivammathur/setup-php
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update GeoIP DB (YOURLS#3373)

Co-authored-by: ozh <ozh@users.noreply.github.com>

* Bump shivammathur/setup-php from 2.20.1 to 2.21.0

Bumps [shivammathur/setup-php](https://github.com/shivammathur/setup-php) from 2.20.1 to 2.21.0.
- [Release notes](https://github.com/shivammathur/setup-php/releases)
- [Commits](shivammathur/setup-php@2.20.1...2.21.0)

---
updated-dependencies:
- dependency-name: shivammathur/setup-php
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update GeoIP DB (YOURLS#3385)

Co-authored-by: ozh <ozh@users.noreply.github.com>

* Bump shivammathur/setup-php from 2.21.0 to 2.21.1

Bumps [shivammathur/setup-php](https://github.com/shivammathur/setup-php) from 2.21.0 to 2.21.1.
- [Release notes](https://github.com/shivammathur/setup-php/releases)
- [Commits](shivammathur/setup-php@2.21.0...2.21.1)

---
updated-dependencies:
- dependency-name: shivammathur/setup-php
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update certificates (YOURLS#3389)

Co-authored-by: ozh <ozh@users.noreply.github.com>
Co-authored-by: ྅༻ Ǭɀħ ༄༆ཉ <ozh@ozh.org>

* Update GeoIP DB (YOURLS#3397)

Co-authored-by: ozh <ozh@users.noreply.github.com>

* Update GeoIP DB (YOURLS#3405)

Co-authored-by: ozh <ozh@users.noreply.github.com>

* Bump shivammathur/setup-php from 2.21.1 to 2.21.2

Bumps [shivammathur/setup-php](https://github.com/shivammathur/setup-php) from 2.21.1 to 2.21.2.
- [Release notes](https://github.com/shivammathur/setup-php/releases)
- [Commits](shivammathur/setup-php@2.21.1...2.21.2)

---
updated-dependencies:
- dependency-name: shivammathur/setup-php
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update GeoIP DB (YOURLS#3417)

Co-authored-by: ozh <ozh@users.noreply.github.com>

* Update GeoIP DB (YOURLS#3419)

Co-authored-by: ozh <ozh@users.noreply.github.com>

* Update GeoIP DB (YOURLS#3424)

Co-authored-by: ozh <ozh@users.noreply.github.com>

* Update GeoIP DB (YOURLS#3432)

Co-authored-by: ozh <ozh@users.noreply.github.com>

* When adding URLs, new HTML rows should have unique HTML IDs. (YOURLS#3431)

* When adding URLs, new HTML rows should have unique HTML IDs.
* Fix newly added assertions in Format_General::test_string2htmlid()

Co-authored-by: ྅༻ Ǭɀħ ༄༆ཉ <ozh@ozh.org>

* Typofixes

* Update admin/index.php

Co-authored-by: dgw <dgw@technobabbl.es>

* Update GeoIP DB (YOURLS#3436)

Co-authored-by: ozh <ozh@users.noreply.github.com>

* Update GeoIP DB

* Update certificates

* Bump shivammathur/setup-php from 2.21.2 to 2.22.0

Bumps [shivammathur/setup-php](https://github.com/shivammathur/setup-php) from 2.21.2 to 2.22.0.
- [Release notes](https://github.com/shivammathur/setup-php/releases)
- [Commits](shivammathur/setup-php@2.21.2...2.22.0)

---
updated-dependencies:
- dependency-name: shivammathur/setup-php
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update GeoIP DB (YOURLS#3453)

Co-authored-by: ozh <ozh@users.noreply.github.com>

* Support PHP 8.2 (YOURLS#3474)

* Update GeoIP DB

* Update GeoIP DB (YOURLS#3477)

Co-authored-by: ozh <ozh@users.noreply.github.com>

* Update GeoIP DB (YOURLS#3479)

Co-authored-by: ozh <ozh@users.noreply.github.com>

* Bump shivammathur/setup-php from 2.22.0 to 2.23.0

Bumps [shivammathur/setup-php](https://github.com/shivammathur/setup-php) from 2.22.0 to 2.23.0.
- [Release notes](https://github.com/shivammathur/setup-php/releases)
- [Commits](shivammathur/setup-php@2.22.0...2.23.0)

---
updated-dependencies:
- dependency-name: shivammathur/setup-php
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump dependencies

  - Upgrading composer/ca-bundle (1.3.1 => 1.3.4)
  - Upgrading geoip2/geoip2 (v2.12.2 => v2.13.0)
  - Upgrading ozh/bookmarkletgen (1.2 => 1.2.2)
  - Upgrading pomo/pomo (v1.4.1 => v1.5.0)
  - Upgrading rmccue/requests (2.0.2 => v2.0.5)
  - Upgrading spatie/array-to-xml (2.16.0 => 2.17.1)
  - Upgrading symfony/polyfill-intl-idn (v1.25.0 => v1.27.0)
  - Upgrading symfony/polyfill-intl-normalizer (v1.25.0 => v1.27.0)
  - Upgrading symfony/polyfill-mbstring (v1.25.0 => v1.27.0)
  - Upgrading symfony/polyfill-php72 (v1.25.0 => v1.27.0)

* Update certificates

* Update GeoIP DB (YOURLS#3488)

Co-authored-by: ozh <ozh@users.noreply.github.com>
Co-authored-by: Léo Colombaro <git@colombaro.fr>

* Bump shivammathur/setup-php from 2.23.0 to 2.24.0

Bumps [shivammathur/setup-php](https://github.com/shivammathur/setup-php) from 2.23.0 to 2.24.0.
- [Release notes](https://github.com/shivammathur/setup-php/releases)
- [Commits](shivammathur/setup-php@2.23.0...2.24.0)

---
updated-dependencies:
- dependency-name: shivammathur/setup-php
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update GeoIP workflow; set-output is deprecated

* Update cert workflow: set-output is deprecated

* Use the correct version 9 of PHPUnit

* Improve Actions name readability

* Update GeoIP DB (YOURLS#3499)

Co-authored-by: ozh <ozh@users.noreply.github.com>

* Support usernames containing brackets (YOURLS#3365)

* wrapped $user in preg_quote function
* updated auth test for special character in username

Co-authored-by: Léo Colombaro <git@colombaro.fr>
Co-authored-by: ྅༻ Ǭɀħ ༄༆ཉ <ozh@ozh.org>

* Use sandbox for all included files (YOURLS#3478)

- updated calls to functions
- deprecate function yourls_activate_plugin_sandbox()
- add unit tests
- log loaded files
- tweak yourls_debug_log to allow early uses

Co-authored-by: e-ht <1045813+e-ht@users.noreply.github>
Co-authored-by: eht <1045813+e-ht@users.noreply.github.com>
Co-authored-by: ྅༻ Ǭɀħ ༄༆ཉ <ozh@ozh.org>

Closes YOURLS#3321

* Fix bug where editing a URL will update the first entry in the table (YOURLS#3485)

Pass id to yourls_table_edit_row() so the correct line in the table is updated.
Fixes YOURLS#3485 

Co-authored-by: ྅༻ Ǭɀħ ༄༆ཉ <ozh@ozh.org>

* Remove cookies from $_REQUEST (YOURLS#3516)

Closes YOURLS#3383
Closes YOURLS#3351

* Make Googlebot indexing filterable (YOURLS#3517)

Closes YOURLS#3486

* Fix click threshold in admin view (YOURLS#3518)

Fixes YOURLS#3460

* Update GeoIP DB (YOURLS#3519)

Co-authored-by: ozh <ozh@users.noreply.github.com>

* Update GeoIP DB (YOURLS#3526)

Co-authored-by: ozh <ozh@users.noreply.github.com>

* Comment what "cache" means here

[skip ci]

* Fixes bookmarklets with URL containing special chars (YOURLS#3527)

Fixes YOURLS#3523

Co-authored-by: ྅༻ Ǭɀħ ༄༆ཉ <ozh@ozh.org>

* Update CHANGELOG

[skip ci]

* Fix typo in comment (YOURLS#3535)

* Bump version for 1.9.2 (YOURLS#3537)

* Bump version

[skip ci]

* sync to upstream/master

---------

Signed-off-by: Aaron <admin@datahoarder.dev>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: ྅༻ Ǭɀħ ༄༆ཉ <ozh@ozh.org>
Co-authored-by: Léo Colombaro <git@colombaro.fr>
Co-authored-by: Darrell Agee <dagee3@users.noreply.github.com>
Co-authored-by: Marcus <MarcProe@users.noreply.github.com>
Co-authored-by: Liu Yue <hangxingliu@gmail.com>
Co-authored-by: Artur Weigandt <Art4@users.noreply.github.com>
Co-authored-by: Philip Colmer <pcolmer@users.noreply.github.com>
Co-authored-by: Lukas Müller <info@muellerlukas.de>
Co-authored-by: Audrey Maniez <amaniez@access42.net>
Co-authored-by: paulgoodchild <paulgoodchild@users.noreply.github.com>
Co-authored-by: Michael Bemmerl <mail@mx-server.de>
Co-authored-by: Jérémy K <JeremyKeusters@users.noreply.github.com>
Co-authored-by: hdkjjsk612 <47492172+hdkjjsk612@users.noreply.github.com>
Co-authored-by: Ingo Kleiber <ikleiber@gmail.com>
Co-authored-by: ueickmann <45387393+ueickmann@users.noreply.github.com>
Co-authored-by: Aaryan Porwal <54525904+aaryanporwal@users.noreply.github.com>
Co-authored-by: Hitesh Jethva <hitjethva@gmail.com>
Co-authored-by: dgw <dgw@technobabbl.es>
Co-authored-by: Florian Latifi <mail@florian-latifi.at>
Co-authored-by: The Zach <zach2825@users.noreply.github.com>
Co-authored-by: Leo Viezens <leo.viezens@web.de>
Co-authored-by: Bibo-Joshi <hinrich.mahler@freenet.de>
Co-authored-by: Dan Benton <dan@dogsbody.com>
Co-authored-by: Aaron <admin@datahoarder.dev>
Co-authored-by: simon-eller <63782380+simon-eller@users.noreply.github.com>
Co-authored-by: LinuxStans <78315004+LinuxStans@users.noreply.github.com>
Co-authored-by: Jay Holtslander <j.holtslander@gmail.com>
Co-authored-by: Karsten Hoffmeyer <mediawiki@kghoffmeyer.de>
Co-authored-by: Jonathan Dahan <55917666+jonathandhn@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jens Spanier <42373861+Virinum@users.noreply.github.com>
Co-authored-by: David Faber <dcfaber@gmail.com>
Co-authored-by: Peter Gasser <github@boedah.de>
Co-authored-by: Bryan Joshua Pedini <b.pedini@bjphoster.com>
Co-authored-by: Kaito Udagawa <umireon@gmail.com>
Co-authored-by: Dan Raper <djr2468@gmail.com>
Co-authored-by: jaas666 <30204147+jaas666@users.noreply.github.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: yourls-bot[bot] <104057305+yourls-bot[bot]@users.noreply.github.com>
Co-authored-by: ozh <ozh@users.noreply.github.com>
Co-authored-by: Barry Hughes <3594411+barryhughes@users.noreply.github.com>
Co-authored-by: JT Smith <nexxai@gmail.com>
Co-authored-by: SXN31 <43016545+SXN31@users.noreply.github.com>
Co-authored-by: jarebear6expepjozn6rakjq5iczi3irqwphcvbswgkahd6b6twnxxid <1045813+jarebear6expepjozn6rakjq5iczi3irqwphcvb@users.noreply.github.com>
Co-authored-by: 4BRobby <robby@4bytes.de>
Co-authored-by: firfin <marck@wickedfruit.com>
Co-authored-by: Rodney Stromlund <Rodney.Stromlund@wnco.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants