Thank you to anyone who has already donated - your generous donations helped make three months of treatment possible.

My brother Nate continues to fight stage IV Hodgkin's lymphoma. He's just 31, with a wife and baby girl. They have no active income (since he's been unable to return to work), no insurance, and cannot afford the treatment he needs. Nate and his family need your help. Please consider a donation, every dollar helps. Thanks.

Read Nate's story Support Nate by buying an official Pastie t-shirt Hide this message

Document@2x
|
Chain_link@2x
|
Arrow_down@2x
|
Spiral_paper@2x
A A A

PHP       Report abuse 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75

<?php
/*
Plugin Name: yourls-virustotal
Plugin URI: http://x90.es/
Description: Prevent malware URLs using virustotal urlscan API
Version: 0.1
Author: pof
Author URI: http://pof.eslack.org/
*/

if( !defined( 'YOURLS_ABSPATH' ) ) die(); // No direct call

// On creation, check if this is malware
yourls_add_filter( 'pre_add_new_link', 'pof_pre_new_link' );
function pof_pre_new_link($args) {

        // virustotal api key, enter it here. 
        $KEY="";

        $API="https://www.virustotal.com/api/get_url_report.json";
        $url=urlencode($args[0]);

        $ch = curl_init();
        curl_setopt ($ch, CURLOPT_RETURNTRANSFER, TRUE);
        curl_setopt ($ch, CURLOPT_POST, TRUE);
        curl_setopt ($ch, CURLOPT_USERAGENT, "x90");
        curl_setopt ($ch, CURLOPT_POSTFIELDS, "scan=1&key=$KEY&resource=$url");
        curl_setopt ($ch, CURLOPT_URL, "$API");
        $result = curl_exec($ch);
        curl_close($ch);

        if (preg_match("/Malware site/",$result) || preg_match("/Phishing site/",$result) ) {
                echo "The requested URL cannot be shortened.";
                die();
        }
}


// On redirection, check if this is malware
yourls_add_action( 'pre_redirect', 'pof_malware_check' );
function pof_malware_check( $args ) {

        // virustotal api key, enter it here. 
        $KEY="";

        $API="https://www.virustotal.com/api/get_url_report.json";
        $url=$args[0];

        $ch = curl_init();
        curl_setopt ($ch, CURLOPT_RETURNTRANSFER, TRUE);
        curl_setopt ($ch, CURLOPT_POST, TRUE);
        curl_setopt ($ch, CURLOPT_USERAGENT, "x90");
        curl_setopt ($ch, CURLOPT_POSTFIELDS, "scan=0&key=$KEY&resource=$url");
        curl_setopt ($ch, CURLOPT_URL, "$API");
        $result = curl_exec($ch);
        curl_close($ch);

        if (preg_match("/Malware site/",$result) || preg_match("/Phishing site/",$result) ) {

                // Draw the warning page itself.
                yourls_html_head();
echo <<<PAGE
        <h2>WARNING: Possible malware / phishing / scam URL</h2>
        <p>You were being redirected to <strong>$url</strong> which has been detected as posibly malicious by <a href="http://www.virustotal.com/about.html">VirusTotal</a>.</p>
        <p><strong>This site might be harmful to your computer</strong>. <a href="$url">Click here</a> to access this site at your own risk.</p>
</div>
</body>
</html>
PAGE;
                die();
        } else {
                return;
        }
}
?>