index.php

<?php
  session_start(); 

  $appname = "  Shortener";

  // Generate a token on the fly. This should prevent POST spam attacks directly into process.php
  $token = substr(number_format(time() * mt_rand(),0,'',''),0,10); 
  $token = base_convert($token, 10, 36); 
  $_SESSION['token'] = $token;

  $catchid = substr(number_format(time() * mt_rand(),0,'',''),0,10);
  $catchVal = hash('sha256', $catchid.mt_rand().time().substr(number_format(time() * mt_rand(),0,'',''),0,10));
  $catchVal = base_convert($catchVal.$catchid, 10, 36);
  $_SESSION['catch'] = $catchid.":".$catchVal;

  // This has been depreciated. Still here for backwards compatibility with existing links
  if(!empty($_GET['l'])){
    include('api/dbsettings.php');
    $link = $shortdb->real_escape_string(strtolower(stripslashes(strip_tags($_GET['l']))));
    $sql = "SELECT * FROM `links` WHERE `shortlink` = '$link' LIMIT 1;";
    if($result = $shortdb->query($sql)){
      if($row = $result->fetch_assoc()){
        $link = $row['link'];
        header("location:$link");
        exit(); // Stop script execution to save on resources
      }
    }
  }

  // New way to check for valid short links, two characters shorter than the if statement above
  if(!empty($_GET)){
    $key = key($_GET);
    include('api/dbsettings.php');
    $link = $shortdb->real_escape_string(strtolower(stripslashes(strip_tags($key))));
    $sql = "SELECT * FROM `links` WHERE `shortlink` = '$link' LIMIT 1;";
    if($result = $shortdb->query($sql)){
      if($row = $result->fetch_assoc()){
        $link = $row['link'];
        header("location:$link");
        exit(); // Stop script execution to save on resources
      }
    }
  }

  if(isset($_GET['newbg'])){
    echo "<style>body{background-image: url('assets/images/newbody.jpg') !important;}</style>";
  }

  function userpic($email){
    $default = "http://fox.gy/fCDIjceUvkk.png"; 
    $size = 20;
    $grav_url = "http://www.gravatar.com/avatar/".md5(strtolower(trim($email)))."?d=".urlencode($default)."&s=".$size;
    return $grav_url;
  }
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" prefix="og: http://ogp.me/ns# fb: http://www.facebook.com/2008/fbml">
  <head>
    <title>UnPS Link Shortener</title>
    
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <meta http-equiv="Content-Type" content="text/html;charset=utf-8"/>
    <meta name="description" content="UnPS Link Shortener"/>
    <meta name="keywords" content="UnPS, GAMA, Shorten, Link"/>
    <meta name="author" content="David Todd"/>
    <meta property="og:image" content="http://fox.gy/fCDIjceUvkk.png"/>
    
    <link href="assets/bootstrap/css/bootstrap.css" rel="stylesheet" media="screen" />
    <link href="assets/css/elements.css?<?php echo time(); ?>" rel="stylesheet" />

    <!-- Vex CSS (http://github.hubspot.com/vex/) -->
    <link href="../CDN/vex-1.3.5/css/vex.css" rel="stylesheet" />
    <link href="../CDN/vex-1.3.5/css/vex-theme-os.css" rel="stylesheet" />

    <link rel="shortcut icon" type="image/ico" href="favicon.ico"/>
    <link rel="shortcut icon" type="image/x-icon" href="favicon.ico"/>

  </head>
  <body>
    <div id="wrap">
      <?php include('navbar.php'); ?>


      <div class="container">
        <form class="form-shorten" id="form-shorten">

          <h2 class="form-shorten-heading">Please give me a link to shorten...</h2>
          <input type="text" id="link" class="form-control" name="link" placeholder="http://" autofocus>
          <div id="shorten-password">
            <input type="text" id="pass" class="form-control" name="password" placeholder="Password">
          </div>
          <div id="report-details">
            <textarea name="report-details" id="report" class="form-control" placeholder="Reason for reporting this link"></textarea>
          </div>

          <input type="hidden" name="<?php echo $catchid; ?>" value="<?php echo $catchVal; ?>"/>
          <button class="btn btn-block btn-primary" id="short-button" type="submit">Shorten</button>

          <div id="radio-center" style="padding-top:.078%;width:100%;padding-left:3%;" class="btn-group">
            <label class="btn btn-primary" id="shortlab" style="color:#eee;"><input type="radio" id="shorten" name="linkmod" value="shorten" checked="checked">Shorten Link</label>
            <label class="btn btn-primary" id="dellab" style="color:#eee;"><input type="radio" id="dellink" name="linkmod" value="dellink">Delete Link</label>
            <label class="btn btn-primary" id="replab" style="color:#eee;"><input type="radio" id="replink" name="linkmod" value="replink">Report Link</label>
          </div>

        </form>
        <div id="message">
          <div class="gab" align="center">
            <script async src="//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js"></script>
            <!-- unps.bottom -->
            <ins class="adsbygoogle"
                 style="display:block"
                 data-ad-client="ca-pub-6762927271223365"
                 data-ad-slot="7270772487"
                 data-ad-format="auto"></ins>
            <script>
            (adsbygoogle = window.adsbygoogle || []).push({});
            </script>
          </div>
        </div>

        
        <div id="theLoader">
          <div id="ajaxloader"></div><p id="loading">Loading...</p>
        </div>
      </div>
    </div>

    <div id="footer" style="position:absolute;width:100%;bottom:1%;">
      <div class="container">
        <p class="text-muted credit" style="padding-bottom:2.3%;">
          Copyright &copy; 2014 Unified Programming Solutions - Fork me on <a href="https://github.com/alopexc0de/UnPS-Short">GitHub</a>
          <a id="tos-link" href="terms.php">Terms Of Service</a>
        </p>
      </div>
    </div>

    <!-- Load the JS after the DOM so speed up load times -->
    <script type="text/javascript" language="JavaScript"  src="//ajax.googleapis.com/ajax/libs/jquery/1.9.0/jquery.min.js"></script>
    <script type="text/javascript" language="JavaScript"  src="assets/bootstrap/js/bootstrap.js"></script>
    <script type="text/javascript" language="JavaScript"  src="assets/js/autoresize.jquery.js"></script> <!-- Credit to http://james.padolsey.com for this jQuery plugin -->
    <script type="text/javascript" language="JavaScript" src="assets/js/unps.core.js"></script>
    
    <!-- Vex stuff -->
    <script src="../CDN/vex-1.3.5/js/vex.combined.min.js"></script>
    <script src="assets/js/vex.js"></script>

    <script type="text/javascript" language="JavaScript">
      // This is our AJAX - Thank you Wizzy <3
      $("#form-shorten").submit(function(event){
        $("#theLoader").fadeIn("fast");
        event.preventDefault();
        event.stopPropagation();
        $.post("process.php?token=<?php echo $token; ?>", $(this).serialize(), function(data){
          $("#message").hide().html(data+'<br /><div class="gab"></div>').fadeIn("fast");
          $("#theLoader").hide();
          if($('#error').length){
            $('#short-button').removeClass('btn-primary');
            $('#short-button').removeClass('btn-success');
            $('#short-button').addClass('btn-danger');
          }else if($('#success').length){
            $('#short-button').removeClass('btn-primary');
            $('#short-button').removeClass('btn-danger');
            $('#short-button').addClass('btn-success');
          }
        });
      });
    </script>
  </body>
</html>
Add Shortv4-2 files, watered down UnPSAPI, and Bootstrap 3 2013-08-11 16:21:53 -05:00			`<?php`
Add anti-spam measures, change dead links, disable user area 2013-08-26 01:36:28 -05:00			`session_start();`

Add a global navbar 2013-09-26 18:41:42 -05:00			`$appname = " Shortener";`

Add anti-spam measures, change dead links, disable user area 2013-08-26 01:36:28 -05:00			`// Generate a token on the fly. This should prevent POST spam attacks directly into process.php`
			`$token = substr(number_format(time() * mt_rand(),0,'',''),0,10);`
			`$token = base_convert($token, 10, 36);`
			`$_SESSION['token'] = $token;`

			`$catchid = substr(number_format(time() * mt_rand(),0,'',''),0,10);`
			`$catchVal = hash('sha256', $catchid.mt_rand().time().substr(number_format(time() * mt_rand(),0,'',''),0,10));`
			`$catchVal = base_convert($catchVal.$catchid, 10, 36);`
			`$_SESSION['catch'] = $catchid.":".$catchVal;`
Add Shortv4-2 files, watered down UnPSAPI, and Bootstrap 3 2013-08-11 16:21:53 -05:00
Keep old way to find short links to not break existing ones 2014-01-29 01:52:03 -06:00			`// This has been depreciated. Still here for backwards compatibility with existing links`
Add Shortv4-2 files, watered down UnPSAPI, and Bootstrap 3 2013-08-11 16:21:53 -05:00			`if(!empty($_GET['l'])){`
			`include('api/dbsettings.php');`
			`$link = $shortdb->real_escape_string(strtolower(stripslashes(strip_tags($_GET['l']))));`
			$sql = "SELECT * FROM `links` WHERE `shortlink` = '$link' LIMIT 1;";
			`if($result = $shortdb->query($sql)){`
			`if($row = $result->fetch_assoc()){`
			`$link = $row['link'];`
			`header("location:$link");`
Keep old way to find short links to not break existing ones 2014-01-29 01:52:03 -06:00			`exit(); // Stop script execution to save on resources`
Add Shortv4-2 files, watered down UnPSAPI, and Bootstrap 3 2013-08-11 16:21:53 -05:00			`}`
			`}`
			`}`
Make short links two characters shorter 2014-01-29 01:31:27 -06:00
Keep old way to find short links to not break existing ones 2014-01-29 01:52:03 -06:00			`// New way to check for valid short links, two characters shorter than the if statement above`
Make short links two characters shorter 2014-01-29 01:31:27 -06:00			`if(!empty($_GET)){`
Remove foreach loop and fix multiple id vulnerability 2014-01-29 01:41:05 -06:00			`$key = key($_GET);`
			`include('api/dbsettings.php');`
			`$link = $shortdb->real_escape_string(strtolower(stripslashes(strip_tags($key))));`
			$sql = "SELECT * FROM `links` WHERE `shortlink` = '$link' LIMIT 1;";
			`if($result = $shortdb->query($sql)){`
			`if($row = $result->fetch_assoc()){`
			`$link = $row['link'];`
			`header("location:$link");`
Keep old way to find short links to not break existing ones 2014-01-29 01:52:03 -06:00			`exit(); // Stop script execution to save on resources`
Make short links two characters shorter 2014-01-29 01:31:27 -06:00			`}`
			`}`
			`}`
Add Shortv4-2 files, watered down UnPSAPI, and Bootstrap 3 2013-08-11 16:21:53 -05:00
Change layout of theme and move most javascript to assets 2013-10-08 10:47:14 -05:00			`if(isset($_GET['newbg'])){`
			`echo "<style>body{background-image: url('assets/images/newbody.jpg') !important;}</style>";`
			`}`

Add Shortv4-2 files, watered down UnPSAPI, and Bootstrap 3 2013-08-11 16:21:53 -05:00			`function userpic($email){`
			`$default = "http://fox.gy/fCDIjceUvkk.png";`
			`$size = 20;`
			`$grav_url = "http://www.gravatar.com/avatar/".md5(strtolower(trim($email)))."?d=".urlencode($default)."&s=".$size;`
			`return $grav_url;`
			`}`
			`?>`
Change the HTML5 declaration back to XHTML1 2013-12-25 20:32:04 -06:00			`<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">`
			`<html xmlns="http://www.w3.org/1999/xhtml" prefix="og: http://ogp.me/ns# fb: http://www.facebook.com/2008/fbml">`
Add Shortv4-2 files, watered down UnPSAPI, and Bootstrap 3 2013-08-11 16:21:53 -05:00			`<head>`
			`<title>UnPS Link Shortener</title>`

			`<meta name="viewport" content="width=device-width, initial-scale=1.0">`
			`<meta http-equiv="Content-Type" content="text/html;charset=utf-8"/>`
			`<meta name="description" content="UnPS Link Shortener"/>`
			`<meta name="keywords" content="UnPS, GAMA, Shorten, Link"/>`
			`<meta name="author" content="David Todd"/>`
Change from HTML4 to HTML5 and include OG image for facebook icon 2013-10-30 19:45:42 -05:00			`<meta property="og:image" content="http://fox.gy/fCDIjceUvkk.png"/>`
Add Shortv4-2 files, watered down UnPSAPI, and Bootstrap 3 2013-08-11 16:21:53 -05:00
			`<link href="assets/bootstrap/css/bootstrap.css" rel="stylesheet" media="screen" />`
			`<link href="assets/css/elements.css?<?php echo time(); ?>" rel="stylesheet" />`
Include Vex files 2013-12-11 14:20:30 -06:00
			`<!-- Vex CSS (http://github.hubspot.com/vex/) -->`
			`<link href="../CDN/vex-1.3.5/css/vex.css" rel="stylesheet" />`
			`<link href="../CDN/vex-1.3.5/css/vex-theme-os.css" rel="stylesheet" />`

Add Shortv4-2 files, watered down UnPSAPI, and Bootstrap 3 2013-08-11 16:21:53 -05:00			`<link rel="shortcut icon" type="image/ico" href="favicon.ico"/>`
			`<link rel="shortcut icon" type="image/x-icon" href="favicon.ico"/>`

			`</head>`
			`<body>`
			`<div id="wrap">`
Add a global navbar 2013-09-26 18:41:42 -05:00			`<?php include('navbar.php'); ?>`
Add Shortv4-2 files, watered down UnPSAPI, and Bootstrap 3 2013-08-11 16:21:53 -05:00

			`<div class="container">`
			`<form class="form-shorten" id="form-shorten">`
Add Google Ads 2014-02-13 12:21:33 -06:00
Add Shortv4-2 files, watered down UnPSAPI, and Bootstrap 3 2013-08-11 16:21:53 -05:00			`<h2 class="form-shorten-heading">Please give me a link to shorten...</h2>`
			`<input type="text" id="link" class="form-control" name="link" placeholder="http://" autofocus>`
			`<div id="shorten-password">`
Add anti-spam measures, change dead links, disable user area 2013-08-26 01:36:28 -05:00			`<input type="text" id="pass" class="form-control" name="password" placeholder="Password">`
Add Shortv4-2 files, watered down UnPSAPI, and Bootstrap 3 2013-08-11 16:21:53 -05:00			`</div>`
			`<div id="report-details">`
			`<textarea name="report-details" id="report" class="form-control" placeholder="Reason for reporting this link"></textarea>`
			`</div>`
Change layout of theme and move most javascript to assets 2013-10-08 10:47:14 -05:00
Add anti-spam measures, change dead links, disable user area 2013-08-26 01:36:28 -05:00			`<input type="hidden" name="<?php echo $catchid; ?>" value="<?php echo $catchVal; ?>"/>`
Change layout of theme and move most javascript to assets 2013-10-08 10:47:14 -05:00			`<button class="btn btn-block btn-primary" id="short-button" type="submit">Shorten</button>`

			`<div id="radio-center" style="padding-top:.078%;width:100%;padding-left:3%;" class="btn-group">`
			`<label class="btn btn-primary" id="shortlab" style="color:#eee;"><input type="radio" id="shorten" name="linkmod" value="shorten" checked="checked">Shorten Link</label>`
			`<label class="btn btn-primary" id="dellab" style="color:#eee;"><input type="radio" id="dellink" name="linkmod" value="dellink">Delete Link</label>`
			`<label class="btn btn-primary" id="replab" style="color:#eee;"><input type="radio" id="replink" name="linkmod" value="replink">Report Link</label>`
			`</div>`
Add Google Ads 2014-02-13 12:21:33 -06:00
Add Shortv4-2 files, watered down UnPSAPI, and Bootstrap 3 2013-08-11 16:21:53 -05:00			`</form>`
Add Google Ads 2014-02-13 12:21:33 -06:00			`<div id="message">`
			`<div class="gab" align="center">`
			`<script async src="//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js"></script>`
			`<!-- unps.bottom -->`
			`<ins class="adsbygoogle"`
			`style="display:block"`
			`data-ad-client="ca-pub-6762927271223365"`
			`data-ad-slot="7270772487"`
			`data-ad-format="auto"></ins>`
			`<script>`
			`(adsbygoogle = window.adsbygoogle \|\| []).push({});`
			`</script>`
			`</div>`
			`</div>`


Add a loading animation to run when the form gets submitted 2014-02-13 12:51:01 -06:00			`<div id="theLoader">`
Fix wrong closing tag 2014-02-16 17:00:42 -06:00			`<div id="ajaxloader"></div><p id="loading">Loading...</p>`
Add a loading animation to run when the form gets submitted 2014-02-13 12:51:01 -06:00			`</div>`
Add Shortv4-2 files, watered down UnPSAPI, and Bootstrap 3 2013-08-11 16:21:53 -05:00			`</div>`
			`</div>`

Change the footer to scale better 2014-02-19 08:41:40 -06:00			`<div id="footer" style="position:absolute;width:100%;bottom:1%;">`
Add Shortv4-2 files, watered down UnPSAPI, and Bootstrap 3 2013-08-11 16:21:53 -05:00			`<div class="container">`
Change the footer to scale better 2014-02-19 08:41:40 -06:00			`<p class="text-muted credit" style="padding-bottom:2.3%;">`
			`Copyright © 2014 Unified Programming Solutions - Fork me on <a href="https://github.com/alopexc0de/UnPS-Short">GitHub</a>`
			`<a id="tos-link" href="terms.php">Terms Of Service</a>`
Add Shortv4-2 files, watered down UnPSAPI, and Bootstrap 3 2013-08-11 16:21:53 -05:00			`</p>`
			`</div>`
			`</div>`

			`<!-- Load the JS after the DOM so speed up load times -->`
Change layout of theme and move most javascript to assets 2013-10-08 10:47:14 -05:00			`<script type="text/javascript" language="JavaScript" src="//ajax.googleapis.com/ajax/libs/jquery/1.9.0/jquery.min.js"></script>`
			`<script type="text/javascript" language="JavaScript" src="assets/bootstrap/js/bootstrap.js"></script>`
			`<script type="text/javascript" language="JavaScript" src="assets/js/autoresize.jquery.js"></script> <!-- Credit to http://james.padolsey.com for this jQuery plugin -->`
			`<script type="text/javascript" language="JavaScript" src="assets/js/unps.core.js"></script>`
Include Vex files 2013-12-11 14:20:30 -06:00
			`<!-- Vex stuff -->`
			`<script src="../CDN/vex-1.3.5/js/vex.combined.min.js"></script>`
			`<script src="assets/js/vex.js"></script>`

Change layout of theme and move most javascript to assets 2013-10-08 10:47:14 -05:00			`<script type="text/javascript" language="JavaScript">`
Add Shortv4-2 files, watered down UnPSAPI, and Bootstrap 3 2013-08-11 16:21:53 -05:00			`// This is our AJAX - Thank you Wizzy <3`
			`$("#form-shorten").submit(function(event){`
Fix wrong closing tag 2014-02-16 17:00:42 -06:00			`$("#theLoader").fadeIn("fast");`
Add Shortv4-2 files, watered down UnPSAPI, and Bootstrap 3 2013-08-11 16:21:53 -05:00			`event.preventDefault();`
			`event.stopPropagation();`
Add anti-spam measures, change dead links, disable user area 2013-08-26 01:36:28 -05:00			`$.post("process.php?token=<?php echo $token; ?>", $(this).serialize(), function(data){`
Add Google Ads 2014-02-13 12:21:33 -06:00			`$("#message").hide().html(data+'<br /><div class="gab"></div>').fadeIn("fast");`
Add a loading animation to run when the form gets submitted 2014-02-13 12:51:01 -06:00			`$("#theLoader").hide();`
Change layout of theme and move most javascript to assets 2013-10-08 10:47:14 -05:00			`if($('#error').length){`
			`$('#short-button').removeClass('btn-primary');`
			`$('#short-button').removeClass('btn-success');`
			`$('#short-button').addClass('btn-danger');`
			`}else if($('#success').length){`
			`$('#short-button').removeClass('btn-primary');`
			`$('#short-button').removeClass('btn-danger');`
			`$('#short-button').addClass('btn-success');`
			`}`
Add Shortv4-2 files, watered down UnPSAPI, and Bootstrap 3 2013-08-11 16:21:53 -05:00			`});`
			`});`
			`</script>`
			`</body>`
			`</html>`