Hello,

Today I noticed if I use this setting:
Configuration -> Link Checking -> Duplicate checking type = domain


it doesn't work with sub-domain names, the script is telling the user that the URL already exists while there is no entry.

I debugged the SQL statement for the and the value for domain is empty (that's the reason why the user gets this message. a lot of the domain fields are empty)

Is there any way to debug this myself?

Or any ways to reproduce it (so that I debug it locally)? E.g. post one link, then post another link with subdomain, etc...

Is there any way to debug this myself?

Or any ways to reproduce it (so that I debug it locally)? E.g. post one link, then post another link with subdomain, etc...
Hi vincent,

can't believe that this problem doesn't exists on your own installation.
try to add the url:
http://info.vilesilencer.com/

with this setting I mentioned

That's what I did:

Logged into admin panel, opened Configuration >> Link Checking page.

Set the following options:

Duplicate link checking = enabled
Duplicate checking type = domain

Saved changes.

Now I tried to submit this url:
http://info.vilesilencer.com/

The link was accepted by the script. I didn't encounter any error.

Hello Vincent,

thats strange... I noticed also that people can submit invalid URL's

I which file is the URL check located?

The whole data sanitizing code is in suggest-link.php. It seems that URLs are not checked at all (except for empty values).

The whole data sanitizing code is in suggest-link.php. It seems that URLs are not checked at all (except for empty values).

sorry Vincent I can't locate there the URL check code, how is the check done regex, dns check?

The way the links are checked is very strange. I have just attempted to submit "blah blah blah" as the url and it says this:

Your link already exists in directory.

I have to find out why.

Vincent this is the current function to check the existens of the url:


function checkDuplicateLinks($aUrl, $aType = 'exact')
{
$sql = "SELECT `status` ";
$sql .= "FROM `{$this->mPrefix}links` ";
$cause = ($aType == 'domain') ? "WHERE `domain` = '{$aUrl}'" : "WHERE `url` = '{$aUrl}'";
$sql .= ($aType == 'contain') ? "WHERE `url` = '%{$aUrl}%'" : $cause;

return $this->mDb->getOne($sql);
}


I think there must be some "LIKE" statement?

and this is the problem I think:
function get_link_header($aUrl)
{
if (preg_match("'^http://'",$aUrl))
{
$content = @file($aUrl);
if ($content)
{
$header = join("\n", $http_response_header);
list(,$http_header,) = split(" ", $header, 3);
}
else
{
$http_header = 0;
}
}
return $http_header;
}

the host where the script is installed has this setting

allow_url_fopen = Off

With allow_url_fopen = Off the functions like fopen(), file(), file_get_contents(), and fsockopen() don't work.

Well, I will take a close look at this snippet a little bit later (tomorrow).

With allow_url_fopen = Off the functions like fopen(), file(), file_get_contents(), and fsockopen() don't work.

Well, I will take a close look at this snippet a little bit later (tomorrow).


I will replace this file function with some cURL code, and you're sure that the mysql statements are ?

WHERE `url` = '%{$aUrl}%'

I thought it must like this:

WHERE `url` LIKE '%{$aUrl}%'

Ah, sure... how could I forget about CURL module....

Vincent,

what is this for a buggy function: get_link_header?

look at all the var names which are unused/undefined...

the function using cURL:


function get_link_header($aUrl) {
if (preg_match("/^http:\/\//",$aUrl)) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $aUrl);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_NOBODY, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
curl_exec($ch);
$info = curl_getinfo($ch);
curl_close ($ch);
if (!empty($info)) {
return $info['http_code'];
} else {
return 0;
}
} else {
return 0;
}
}

Thanks Olaf, I will definitely make use of this snippet.

Vincent,

are you sure that this whole validation is working (check the code inside the suggest-link.php), there is a check but no alternative code if the check wasn't OK)

Yes, it is probably slightly buggy. I will take a look at it.