realodix / urlhub Goto Github PK

CoreUI 3.0.0 is a major rewrite of the entire project.

https://coreui.io/docs/migration/

Describe the bug
A clear and concise description of what the bug is.

To Reproduce
Steps to reproduce the behavior:

1. Register an account.
2. Login and create an URL shorten data.
3. Edit the URL shorted, input a title with <script> code or onload onerror event listeners.
4. Try access admin account, find the allUlrTable, go to page which contains the URL shorten created by new user, view is browser executed code.

Expected behavior
Escape the code from execution.

Actual behavoir
Trigger a javascript code execution.

Screenshots

Additional Information
Security point:
https://github.com/realodix/urlhub/blob/e1dd2ba/app/Livewire/Table/AllUlrTable.php#L91-L102

                return
                    '<span title="'.htmlspecialchars($url->title).'">'
                        .Str::limit($url->title, self::STR_LIMIT).
                    '</span>
                    ....

The title was output directly without nothing escape but string limits for 60 chars.
And if the title was insecure content(which contains javascript), it shall trigger the XSS.

By my team's examination, the title is insecure because logged in user can edit it and without escaping.

Here is my team's PR: #916

Could you add RBAC (Role Based Access Control)? Like admin can view all link and manage setting, editor only can create, view and manage link he create.

It would lovely if this can integrate seamlessly with OIDC provider like keycloak.

Thanks in advance.

Dropped support for PHP 7.1 because Hashids doesn't support it, and because Newt should be a modern app, we are still able to drop support at this project status.

Can you hide the statistics of the shorten links to guests?

SQLSTATE[HY000]: General error: 1215 Cannot add foreign key constraint (SQL: alter table urls add constraint urls_user_id_foreign foreign key (user_id) references users (id) on delete casca de)

Without tests, we can't ensure changes doesn't break the existing system. If you can make up a testing environment as you have more experience on the whole architecture, I can try adding more and more features. + Tests

-No console error
-Network tap data call complete

• The same symptom occurred in 'All URLs', 'All Users'

Will it support PostgreSQL?

Coba ini
![git](https://img.shields.io/badge/PHP-^7%20.%202-777BB4.svg?style=flat-square)

Describe the bug
Is AllUlrTable.php a typo? it should be AllUrlTable.php by my understanding.
Can we correct if it is? to reduce further ambiguities。

Describe the bug
By my team(233sec) examination, This project(urlhub) has a feature which will crawl URL's title, might be utilized by hacker to flood attack URL/website. so there is my advice to do some throttles (base on IP, domain of target URL, and userID if registered).

Another feature can be edit url, so i can move people to another url using same link and qr code.

Hello
I would ask you is there any plan for translation to the Persian/farsi language ?

Would be cool to have referral stats and some graphs to show the stats showing clicks per day.

To install it, download it with wget in an ubuntu instance, download the latest version they released and unzip it. I wanted to know if there is any other process and if I have to run something from composer

In Application.php line 965:

The Mix manifest does not exist. See https://github.com/realodix/newt#compiling-assets-with-laravel-mix

Script @php artisan package:discover --ansi handling the post-autoload-dump event returned with error code 1

Its Showing me when i hit composer install command.

How can the copy button on the +keyword page copy https links instead of http links?

We already have style CI integration, we can add the badge into the readme

Describe the bug
Trying to access the admin with a fresh install.

To Reproduce

1. Perform the setup steps
2. login to admin

Expected behavior
See the dashboard

Screenshots

Describe the bug
The codeitnowin/barcode-generator repository has been taken down from a DMCA request

To Reproduce

1. composer install

Rename to UrlController

Describe the bug
Seems to be an issue building the frontend. Appears tired to the powergrid components.

To Reproduce
Steps to reproduce the behavior:

1. npm install
2. npm run dev

Expected behavior
Frontend builds

Actual behavoir

╰─$ npm run dev 

> dev
> npm run development


> development
> mix


✖ Mix
  Compiled with some errors in 1.37s

ERROR in ./resources/css/main.css
Module build failed (from ./node_modules/mini-css-extract-plugin/dist/loader.js):
ModuleBuildError: Module build failed (from ./node_modules/postcss-loader/dist/cjs.js):
Error: Cannot find module './vendor/power-components/livewire-powergrid/tailwind.config.js'
Require stack:
- /home/nathanr/Code/urlhub/tailwind.config.js
- /home/nathanr/Code/urlhub/node_modules/tailwindcss/lib/lib/setupTrackingContext.js
- /home/nathanr/Code/urlhub/node_modules/tailwindcss/lib/plugin.js
- /home/nathanr/Code/urlhub/node_modules/tailwindcss/lib/index.js
- /home/nathanr/Code/urlhub/webpack.mix.js
- /home/nathanr/Code/urlhub/node_modules/laravel-mix/setup/webpack.config.js
- /home/nathanr/Code/urlhub/node_modules/webpack-cli/lib/webpack-cli.js
- /home/nathanr/Code/urlhub/node_modules/webpack-cli/lib/bootstrap.js
- /home/nathanr/Code/urlhub/node_modules/webpack-cli/bin/cli.js
- /home/nathanr/Code/urlhub/node_modules/webpack/bin/webpack.js
    at Function.Module._resolveFilename (node:internal/modules/cjs/loader:985:15)
    at Function.Module._load (node:internal/modules/cjs/loader:833:27)
    at Module.require (node:internal/modules/cjs/loader:1057:19)
    at require (node:internal/modules/cjs/helpers:103:18)
    at Object.<anonymous> (/home/nathanr/Code/urlhub/tailwind.config.js:11:5)
    at Module._compile (node:internal/modules/cjs/loader:1155:14)
    at Object.Module._extensions..js (node:internal/modules/cjs/loader:1209:10)
    at Module.load (node:internal/modules/cjs/loader:1033:32)
    at Function.Module._load (node:internal/modules/cjs/loader:868:12)
    at Module.require (node:internal/modules/cjs/loader:1057:19)
    at require (node:internal/modules/cjs/helpers:103:18)
    at getTailwindConfig (/home/nathanr/Code/urlhub/node_modules/tailwindcss/lib/lib/setupTrackingContext.js:68:53)
    at /home/nathanr/Code/urlhub/node_modules/tailwindcss/lib/lib/setupTrackingContext.js:97:92
    at /home/nathanr/Code/urlhub/node_modules/tailwindcss/lib/processTailwindFeatures.js:46:11
    at plugins (/home/nathanr/Code/urlhub/node_modules/tailwindcss/lib/plugin.js:38:63)
    at LazyResult.runOnRoot (/home/nathanr/Code/urlhub/node_modules/postcss/lib/lazy-result.js:339:16)
    at LazyResult.runAsync (/home/nathanr/Code/urlhub/node_modules/postcss/lib/lazy-result.js:393:26)
    at LazyResult.async (/home/nathanr/Code/urlhub/node_modules/postcss/lib/lazy-result.js:221:30)
    at LazyResult.then (/home/nathanr/Code/urlhub/node_modules/postcss/lib/lazy-result.js:206:17)
    at processResult (/home/nathanr/Code/urlhub/node_modules/webpack/lib/NormalModule.js:760:19)
    at /home/nathanr/Code/urlhub/node_modules/webpack/lib/NormalModule.js:862:5
    at /home/nathanr/Code/urlhub/node_modules/loader-runner/lib/LoaderRunner.js:400:11
    at /home/nathanr/Code/urlhub/node_modules/loader-runner/lib/LoaderRunner.js:252:18
    at context.callback (/home/nathanr/Code/urlhub/node_modules/loader-runner/lib/LoaderRunner.js:124:13)
    at Object.loader (/home/nathanr/Code/urlhub/node_modules/postcss-loader/dist/index.js:142:7)

Screenshots
If applicable, add screenshots to help explain your problem.

Additional Information
Any additional information, configuration or data that might be necessary to reproduce the issue.

Argument 1 passed to App\Helpers\NumHlp::readable_int() must be of the type int, float given, called in C:\xampp\htdocs\blog\app\Helpers\Helpers.php on line 79 (View: C:\xampp\htdocs\blog\resources\views\backend\partials\stat.blade.php) (View: C:\xampp\htdocs\blog\resources\views\backend\partials\stat.blade.php)

Describe the bug
I followed the installation steps without encountering any errors. However, upon accessing the app, I found that the main menu isn't functional. When I checked the browser console, numerous errors were logged

To Reproduce
Steps to reproduce the behavior:

1. Go to the site
2. Log in
3. Attempt to click on the menu to access the admin dashboard.

Expected behavior
The menu should open and allow navigation.

Actual behavoir
The menu fails to open.

Screenshots
If applicable, add screenshots to help explain your problem.

Additional Information
I suspect the issue might be related to Livewire or something else.

ErrorException

Undefined array key 1

at C:\urlhub\vendor\laravel\framework\src\Illuminate\Foundation\Console\ServeCommand.php:309
305▕ : '/^[([^\]]+)]/';
306▕
307▕ preg_match($regex, $line, $matches);
308▕
➜ 309▕ return Carbon::createFromFormat('D M d H:i:s Y', $matches[1]);
310▕ }
311▕
312▕ /**
313▕ * Get the request port from the given PHP server output.

1 C:\urlhub\vendor\laravel\framework\src\Illuminate\Foundation\Console\ServeCommand.php:309
Illuminate\Foundation\Bootstrap\HandleExceptions::Illuminate\Foundation\Bootstrap{closure}("Undefined array key 1", "C:\urlhub\vendor\laravel\framework\src\Illuminate\Foundation\Console\ServeCommand.php")

2 C:\urlhub\vendor\laravel\framework\src\Illuminate\Foundation\Console\ServeCommand.php:255
Illuminate\Foundation\Console\ServeCommand::getDateFromLine(" Feb 17 19:53:16 2023] 10.8.50.18:51838 Accepted")

Is your feature request related to a problem? Please describe.
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]

Describe the solution you'd like
A clear and concise description of what you want to happen.

Describe alternatives you've considered
A clear and concise description of any alternative solutions or features you've considered.

Additional Information
Add any other context or screenshots about the feature request here.

Hey @realodix I have perfect domain for this. can we move to that one urlhub [dot] in

Hey Guys, Really appreciate the work. I would like to dedicate some of my time to this project. would like to point to some issues I can take a look?

• https://getbootstrap.com/docs/5.0/migration/#grid-updates
• https://popper.js.org/docs/v2/migration-guide/

In the past, we called this project with Plur. Now we have found a new name, so the screenshot needs to be replaced.

Describe the bug
Call to a member function prepare() on null

To Reproduce
Steps to reproduce the behavior:

1. [First Step]

php artisan migrate --seed

4. See error

Is your feature request related to a problem? Please describe.
No.

Describe the solution you'd like
Add an option, i.e. UH_GUEST_SHORTEN [true|false] in order to enable/disable guest users to shorten links.
And add an option in .env file, i.e. UH_ALLOW_REGISTER [true|false] in order to enable/disable to register new users, or UH_ALLOW_INVITATION [true|false] in order to allow only users who have an invitation code to register.

Describe alternatives you've considered
None. I look into source codes but I'm clueless because I don't know Laravel.

Additional Information
Now guest users can shorten any links and anyone can register, but I'd like to restrict them.

Hi guys,
there an issue i've found on user change password page.
this should not ask for current password, i cannot know user password when i need to change it, this field must be removed.

Thanks
Alex