UnPS-Short/index.php

<?php
  session_start(); 

  $appname = "  Shortener";

  // Generate a token on the fly. This should prevent POST spam attacks directly into process.php
  $token = substr(number_format(time() * mt_rand(),0,'',''),0,10); 
  $token = base_convert($token, 10, 36); 
  $_SESSION['token'] = $token;

  $catchid = substr(number_format(time() * mt_rand(),0,'',''),0,10);
  $catchVal = hash('sha256', $catchid.mt_rand().time().substr(number_format(time() * mt_rand(),0,'',''),0,10));
  $catchVal = base_convert($catchVal.$catchid, 10, 36);
  $_SESSION['catch'] = $catchid.":".$catchVal;

  // This has been depreciated. Still here for backwards compatibility with existing links
  if(!empty($_GET['l'])){
    include('api/dbsettings.php');
    $link = $shortdb->real_escape_string(strtolower(stripslashes(strip_tags($_GET['l']))));
    $sql = "SELECT * FROM `links` WHERE `shortlink` = '$link' LIMIT 1;";
    if($result = $shortdb->query($sql)){
      if($row = $result->fetch_assoc()){
        $link = $row['link'];
        header("location:$link");
        exit(); // Stop script execution to save on resources
      }
    }
  }

  // New way to check for valid short links, two characters shorter than the if statement above
  if(!empty($_GET)){
    $key = key($_GET);
    include('api/dbsettings.php');
    $link = $shortdb->real_escape_string(strtolower(stripslashes(strip_tags($key))));
    $sql = "SELECT * FROM `links` WHERE `shortlink` = '$link' LIMIT 1;";
    if($result = $shortdb->query($sql)){
      if($row = $result->fetch_assoc()){
        $link = $row['link'];
        header("location:$link");
        exit(); // Stop script execution to save on resources
      }
    }
  }

  if(isset($_GET['newbg'])){
    echo "<style>body{background-image: url('assets/images/newbody.jpg') !important;}</style>";
  }

  function userpic($email){
    $default = "http://fox.gy/fCDIjceUvkk.png"; 
    $size = 20;
    $grav_url = "http://www.gravatar.com/avatar/".md5(strtolower(trim($email)))."?d=".urlencode($default)."&s=".$size;
    return $grav_url;
  }
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" prefix="og: http://ogp.me/ns# fb: http://www.facebook.com/2008/fbml">
  <head>
    <title>UnPS Link Shortener</title>
    
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <meta http-equiv="Content-Type" content="text/html;charset=utf-8"/>
    <meta name="description" content="UnPS Link Shortener"/>
    <meta name="keywords" content="UnPS, GAMA, Shorten, Link"/>
    <meta name="author" content="David Todd"/>
    <meta property="og:image" content="http://fox.gy/fCDIjceUvkk.png"/>
    
    <link href="assets/bootstrap/css/bootstrap.css" rel="stylesheet" media="screen" />
    <link href="assets/css/elements.css?<?php echo time(); ?>" rel="stylesheet" />

    <!-- Vex CSS (http://github.hubspot.com/vex/) -->
    <link href="../CDN/vex-1.3.5/css/vex.css" rel="stylesheet" />
    <link href="../CDN/vex-1.3.5/css/vex-theme-os.css" rel="stylesheet" />

    <link rel="shortcut icon" type="image/ico" href="favicon.ico"/>
    <link rel="shortcut icon" type="image/x-icon" href="favicon.ico"/>

  </head>
  <body>
    <div id="wrap">
      <?php include('navbar.php'); ?>

      <div class="container" style="float:center;padding-bottom:7%;">
        <p></p>
      </div>

      <div class="container">
        <form class="form-shorten" id="form-shorten">
          <h2 class="form-shorten-heading">Please give me a link to shorten...</h2>
          <input type="text" id="link" class="form-control" name="link" placeholder="http://" autofocus>
          <div id="shorten-password">
            <input type="text" id="pass" class="form-control" name="password" placeholder="Password">
          </div>
          <div id="report-details">
            <textarea name="report-details" id="report" class="form-control" placeholder="Reason for reporting this link"></textarea>
          </div>

          <input type="hidden" name="<?php echo $catchid; ?>" value="<?php echo $catchVal; ?>"/>
          <button class="btn btn-block btn-primary" id="short-button" type="submit">Shorten</button>

          <div id="radio-center" style="padding-top:.078%;width:100%;padding-left:3%;" class="btn-group">
            <label class="btn btn-primary" id="shortlab" style="color:#eee;"><input type="radio" id="shorten" name="linkmod" value="shorten" checked="checked">Shorten Link</label>
            <label class="btn btn-primary" id="dellab" style="color:#eee;"><input type="radio" id="dellink" name="linkmod" value="dellink">Delete Link</label>
            <label class="btn btn-primary" id="replab" style="color:#eee;"><input type="radio" id="replink" name="linkmod" value="replink">Report Link</label>
          </div>
        </form>
        <div id="message"></div>
      </div>
    </div>

    <div id="footer" style="position:fixed;width:100%;bottom:2px;">
      <div class="container">
        <br /><p class="text-muted credit" style="padding-bottom:20px;">
          Copyright &copy; 2012-2013 UnPS-GAMATechnologies - Fork me on <a href="https://github.com/alopexc0de/UnPS-Short">GitHub</a>
          <a id="privacy-link" href="http://unps-gama.info/privacy.php">Privacy Policy</a> <a id="tos-link" href="terms.php">Terms Of Service</a>
        </p>
      </div>
    </div>

    <!-- Load the JS after the DOM so speed up load times -->
    <script type="text/javascript" language="JavaScript"  src="//ajax.googleapis.com/ajax/libs/jquery/1.9.0/jquery.min.js"></script>
    <script type="text/javascript" language="JavaScript"  src="assets/bootstrap/js/bootstrap.js"></script>
    <script type="text/javascript" language="JavaScript"  src="assets/js/autoresize.jquery.js"></script> <!-- Credit to http://james.padolsey.com for this jQuery plugin -->
    <script type="text/javascript" language="JavaScript" src="assets/js/unps.core.js"></script>
    
    <!-- Vex stuff -->
    <script src="../CDN/vex-1.3.5/js/vex.combined.min.js"></script>
    <script src="assets/js/vex.js"></script>

    <script type="text/javascript" language="JavaScript">
      // This is our AJAX - Thank you Wizzy <3
      $("#form-shorten").submit(function(event){
        event.preventDefault();
        event.stopPropagation();
        $.post("process.php?token=<?php echo $token; ?>", $(this).serialize(), function(data){
          $("#message").hide().html(data).fadeIn("fast");
          if($('#error').length){
            $('#short-button').removeClass('btn-primary');
            $('#short-button').removeClass('btn-success');
            $('#short-button').addClass('btn-danger');
          }else if($('#success').length){
            $('#short-button').removeClass('btn-primary');
            $('#short-button').removeClass('btn-danger');
            $('#short-button').addClass('btn-success');
          }
        });
      });
    </script>
  </body>
</html>
Add Shortv4-2 files, watered down UnPSAPI, and Bootstrap 3 2013-08-11 21:21:53 +00:00			`<?php`
Add anti-spam measures, change dead links, disable user area The anti-spam is fairly simple and will only stop basic threats I coded this with future planning (and to fill the navbar), half links don't actually work as of yet There currently is no user system, login button disabled as a result 2013-08-26 06:36:28 +00:00			`session_start();`

Add a global navbar This is a upcoming feature, it's going to need a little more work for the current page selection. 2013-09-26 23:41:42 +00:00			`$appname = " Shortener";`

Add anti-spam measures, change dead links, disable user area The anti-spam is fairly simple and will only stop basic threats I coded this with future planning (and to fill the navbar), half links don't actually work as of yet There currently is no user system, login button disabled as a result 2013-08-26 06:36:28 +00:00			`// Generate a token on the fly. This should prevent POST spam attacks directly into process.php`
			`$token = substr(number_format(time() * mt_rand(),0,'',''),0,10);`
			`$token = base_convert($token, 10, 36);`
			`$_SESSION['token'] = $token;`

			`$catchid = substr(number_format(time() * mt_rand(),0,'',''),0,10);`
			`$catchVal = hash('sha256', $catchid.mt_rand().time().substr(number_format(time() * mt_rand(),0,'',''),0,10));`
			`$catchVal = base_convert($catchVal.$catchid, 10, 36);`
			`$_SESSION['catch'] = $catchid.":".$catchVal;`
Add Shortv4-2 files, watered down UnPSAPI, and Bootstrap 3 2013-08-11 21:21:53 +00:00
Keep old way to find short links to not break existing ones I realized that every single existing link created with v4-2.8 or earlier would break since it relies on the value of $_GET['l']. This will keep the old links working, and to reduce server load a little bit, we will exit after those header statements 2014-01-29 07:52:03 +00:00			`// This has been depreciated. Still here for backwards compatibility with existing links`
Add Shortv4-2 files, watered down UnPSAPI, and Bootstrap 3 2013-08-11 21:21:53 +00:00			`if(!empty($_GET['l'])){`
			`include('api/dbsettings.php');`
			`$link = $shortdb->real_escape_string(strtolower(stripslashes(strip_tags($_GET['l']))));`
			$sql = "SELECT * FROM `links` WHERE `shortlink` = '$link' LIMIT 1;";
			`if($result = $shortdb->query($sql)){`
			`if($row = $result->fetch_assoc()){`
			`$link = $row['link'];`
			`header("location:$link");`
Keep old way to find short links to not break existing ones I realized that every single existing link created with v4-2.8 or earlier would break since it relies on the value of $_GET['l']. This will keep the old links working, and to reduce server load a little bit, we will exit after those header statements 2014-01-29 07:52:03 +00:00			`exit(); // Stop script execution to save on resources`
Add Shortv4-2 files, watered down UnPSAPI, and Bootstrap 3 2013-08-11 21:21:53 +00:00			`}`
			`}`
			`}`
Make short links two characters shorter By breaking up the $_GET array and grabbing the key (what used to be l), ignoring the value, we can shorten links by two more characters. This is kinda hacky since it does this for multiple get values -- Still need to test to see what happens with multiple link ids. I assume it will just go with the first id given 2014-01-29 07:31:27 +00:00
Keep old way to find short links to not break existing ones I realized that every single existing link created with v4-2.8 or earlier would break since it relies on the value of $_GET['l']. This will keep the old links working, and to reduce server load a little bit, we will exit after those header statements 2014-01-29 07:52:03 +00:00			`// New way to check for valid short links, two characters shorter than the if statement above`
Make short links two characters shorter By breaking up the $_GET array and grabbing the key (what used to be l), ignoring the value, we can shorten links by two more characters. This is kinda hacky since it does this for multiple get values -- Still need to test to see what happens with multiple link ids. I assume it will just go with the first id given 2014-01-29 07:31:27 +00:00			`if(!empty($_GET)){`
Remove foreach loop and fix multiple id vulnerability I found that right after committing the last commit, the last id entered would be the one finally redirected to. This also slowed page load time. By grabbing only the very first key of $_GET and throwing away the rest, the script will only look at the first string after the '?' Need to change links to reflect these changes (or it will try to redirect to 'l' everytime instead of the id) 2014-01-29 07:41:05 +00:00			`$key = key($_GET);`
			`include('api/dbsettings.php');`
			`$link = $shortdb->real_escape_string(strtolower(stripslashes(strip_tags($key))));`
			$sql = "SELECT * FROM `links` WHERE `shortlink` = '$link' LIMIT 1;";
			`if($result = $shortdb->query($sql)){`
			`if($row = $result->fetch_assoc()){`
			`$link = $row['link'];`
			`header("location:$link");`
Keep old way to find short links to not break existing ones I realized that every single existing link created with v4-2.8 or earlier would break since it relies on the value of $_GET['l']. This will keep the old links working, and to reduce server load a little bit, we will exit after those header statements 2014-01-29 07:52:03 +00:00			`exit(); // Stop script execution to save on resources`
Make short links two characters shorter By breaking up the $_GET array and grabbing the key (what used to be l), ignoring the value, we can shorten links by two more characters. This is kinda hacky since it does this for multiple get values -- Still need to test to see what happens with multiple link ids. I assume it will just go with the first id given 2014-01-29 07:31:27 +00:00			`}`
			`}`
			`}`
Add Shortv4-2 files, watered down UnPSAPI, and Bootstrap 3 2013-08-11 21:21:53 +00:00
Change layout of theme and move most javascript to assets To change the theme (change to the dark background) go to http://unps.us/?newbg Other changes include redesigning the form area to make them look like buttons that automatically resize depending on which one is selected. 2013-10-08 15:47:14 +00:00			`if(isset($_GET['newbg'])){`
			`echo "<style>body{background-image: url('assets/images/newbody.jpg') !important;}</style>";`
			`}`

Add Shortv4-2 files, watered down UnPSAPI, and Bootstrap 3 2013-08-11 21:21:53 +00:00			`function userpic($email){`
			`$default = "http://fox.gy/fCDIjceUvkk.png";`
			`$size = 20;`
			`$grav_url = "http://www.gravatar.com/avatar/".md5(strtolower(trim($email)))."?d=".urlencode($default)."&s=".$size;`
			`return $grav_url;`
			`}`
			`?>`
Change the HTML5 declaration back to XHTML1 For some reason, I found that when it's HTML5, it adds a scrollbar, the only fix I found for it was to just revert back to XHTML1. Oh well XD 2013-12-26 02:32:04 +00:00			`<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">`
			`<html xmlns="http://www.w3.org/1999/xhtml" prefix="og: http://ogp.me/ns# fb: http://www.facebook.com/2008/fbml">`
Add Shortv4-2 files, watered down UnPSAPI, and Bootstrap 3 2013-08-11 21:21:53 +00:00			`<head>`
			`<title>UnPS Link Shortener</title>`

			`<meta name="viewport" content="width=device-width, initial-scale=1.0">`
			`<meta http-equiv="Content-Type" content="text/html;charset=utf-8"/>`
			`<meta name="description" content="UnPS Link Shortener"/>`
			`<meta name="keywords" content="UnPS, GAMA, Shorten, Link"/>`
			`<meta name="author" content="David Todd"/>`
Change from HTML4 to HTML5 and include OG image for facebook icon And another change is that I changed the link to terms.php 2013-10-31 00:45:42 +00:00			`<meta property="og:image" content="http://fox.gy/fCDIjceUvkk.png"/>`
Add Shortv4-2 files, watered down UnPSAPI, and Bootstrap 3 2013-08-11 21:21:53 +00:00
			`<link href="assets/bootstrap/css/bootstrap.css" rel="stylesheet" media="screen" />`
			`<link href="assets/css/elements.css?<?php echo time(); ?>" rel="stylesheet" />`
Include Vex files This has a slightly better look than the dropdown menu 2013-12-11 20:20:30 +00:00
			`<!-- Vex CSS (http://github.hubspot.com/vex/) -->`
			`<link href="../CDN/vex-1.3.5/css/vex.css" rel="stylesheet" />`
			`<link href="../CDN/vex-1.3.5/css/vex-theme-os.css" rel="stylesheet" />`

Add Shortv4-2 files, watered down UnPSAPI, and Bootstrap 3 2013-08-11 21:21:53 +00:00			`<link rel="shortcut icon" type="image/ico" href="favicon.ico"/>`
			`<link rel="shortcut icon" type="image/x-icon" href="favicon.ico"/>`

			`</head>`
			`<body>`
			`<div id="wrap">`
Add a global navbar This is a upcoming feature, it's going to need a little more work for the current page selection. 2013-09-26 23:41:42 +00:00			`<?php include('navbar.php'); ?>`
Add Shortv4-2 files, watered down UnPSAPI, and Bootstrap 3 2013-08-11 21:21:53 +00:00
Add anti-spam measures, change dead links, disable user area The anti-spam is fairly simple and will only stop basic threats I coded this with future planning (and to fill the navbar), half links don't actually work as of yet There currently is no user system, login button disabled as a result 2013-08-26 06:36:28 +00:00			`<div class="container" style="float:center;padding-bottom:7%;">`
			`<p></p>`
Add Shortv4-2 files, watered down UnPSAPI, and Bootstrap 3 2013-08-11 21:21:53 +00:00			`</div>`

			`<div class="container">`
			`<form class="form-shorten" id="form-shorten">`
			`<h2 class="form-shorten-heading">Please give me a link to shorten...</h2>`
			`<input type="text" id="link" class="form-control" name="link" placeholder="http://" autofocus>`
			`<div id="shorten-password">`
Add anti-spam measures, change dead links, disable user area The anti-spam is fairly simple and will only stop basic threats I coded this with future planning (and to fill the navbar), half links don't actually work as of yet There currently is no user system, login button disabled as a result 2013-08-26 06:36:28 +00:00			`<input type="text" id="pass" class="form-control" name="password" placeholder="Password">`
Add Shortv4-2 files, watered down UnPSAPI, and Bootstrap 3 2013-08-11 21:21:53 +00:00			`</div>`
			`<div id="report-details">`
			`<textarea name="report-details" id="report" class="form-control" placeholder="Reason for reporting this link"></textarea>`
			`</div>`
Change layout of theme and move most javascript to assets To change the theme (change to the dark background) go to http://unps.us/?newbg Other changes include redesigning the form area to make them look like buttons that automatically resize depending on which one is selected. 2013-10-08 15:47:14 +00:00
Add anti-spam measures, change dead links, disable user area The anti-spam is fairly simple and will only stop basic threats I coded this with future planning (and to fill the navbar), half links don't actually work as of yet There currently is no user system, login button disabled as a result 2013-08-26 06:36:28 +00:00			`<input type="hidden" name="<?php echo $catchid; ?>" value="<?php echo $catchVal; ?>"/>`
Change layout of theme and move most javascript to assets To change the theme (change to the dark background) go to http://unps.us/?newbg Other changes include redesigning the form area to make them look like buttons that automatically resize depending on which one is selected. 2013-10-08 15:47:14 +00:00			`<button class="btn btn-block btn-primary" id="short-button" type="submit">Shorten</button>`

			`<div id="radio-center" style="padding-top:.078%;width:100%;padding-left:3%;" class="btn-group">`
			`<label class="btn btn-primary" id="shortlab" style="color:#eee;"><input type="radio" id="shorten" name="linkmod" value="shorten" checked="checked">Shorten Link</label>`
			`<label class="btn btn-primary" id="dellab" style="color:#eee;"><input type="radio" id="dellink" name="linkmod" value="dellink">Delete Link</label>`
			`<label class="btn btn-primary" id="replab" style="color:#eee;"><input type="radio" id="replink" name="linkmod" value="replink">Report Link</label>`
			`</div>`
Add Shortv4-2 files, watered down UnPSAPI, and Bootstrap 3 2013-08-11 21:21:53 +00:00			`</form>`
Include Vex files This has a slightly better look than the dropdown menu 2013-12-11 20:20:30 +00:00			`<div id="message"></div>`
Add Shortv4-2 files, watered down UnPSAPI, and Bootstrap 3 2013-08-11 21:21:53 +00:00			`</div>`
			`</div>`

Change layout of theme and move most javascript to assets To change the theme (change to the dark background) go to http://unps.us/?newbg Other changes include redesigning the form area to make them look like buttons that automatically resize depending on which one is selected. 2013-10-08 15:47:14 +00:00			`<div id="footer" style="position:fixed;width:100%;bottom:2px;">`
Add Shortv4-2 files, watered down UnPSAPI, and Bootstrap 3 2013-08-11 21:21:53 +00:00			`<div class="container">`
Change layout of theme and move most javascript to assets To change the theme (change to the dark background) go to http://unps.us/?newbg Other changes include redesigning the form area to make them look like buttons that automatically resize depending on which one is selected. 2013-10-08 15:47:14 +00:00			`<br /><p class="text-muted credit" style="padding-bottom:20px;">`
Change bootstrap copyright to github fork eh I guess I'm a bit of a narcissist. UnPS-Short is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc-sa/3.0/ Bootstrap is Copyright 2013 Twitter, Inc under the Apache 2.0 license. 2013-08-26 15:34:06 +00:00			`Copyright © 2012-2013 UnPS-GAMATechnologies - Fork me on <a href="https://github.com/alopexc0de/UnPS-Short">GitHub</a>`
Change from HTML4 to HTML5 and include OG image for facebook icon And another change is that I changed the link to terms.php 2013-10-31 00:45:42 +00:00			`<a id="privacy-link" href="http://unps-gama.info/privacy.php">Privacy Policy</a> <a id="tos-link" href="terms.php">Terms Of Service</a>`
Add Shortv4-2 files, watered down UnPSAPI, and Bootstrap 3 2013-08-11 21:21:53 +00:00			`</p>`
			`</div>`
			`</div>`

			`<!-- Load the JS after the DOM so speed up load times -->`
Change layout of theme and move most javascript to assets To change the theme (change to the dark background) go to http://unps.us/?newbg Other changes include redesigning the form area to make them look like buttons that automatically resize depending on which one is selected. 2013-10-08 15:47:14 +00:00			`<script type="text/javascript" language="JavaScript" src="//ajax.googleapis.com/ajax/libs/jquery/1.9.0/jquery.min.js"></script>`
			`<script type="text/javascript" language="JavaScript" src="assets/bootstrap/js/bootstrap.js"></script>`
			`<script type="text/javascript" language="JavaScript" src="assets/js/autoresize.jquery.js"></script> <!-- Credit to http://james.padolsey.com for this jQuery plugin -->`
			`<script type="text/javascript" language="JavaScript" src="assets/js/unps.core.js"></script>`
Include Vex files This has a slightly better look than the dropdown menu 2013-12-11 20:20:30 +00:00
			`<!-- Vex stuff -->`
			`<script src="../CDN/vex-1.3.5/js/vex.combined.min.js"></script>`
			`<script src="assets/js/vex.js"></script>`

Change layout of theme and move most javascript to assets To change the theme (change to the dark background) go to http://unps.us/?newbg Other changes include redesigning the form area to make them look like buttons that automatically resize depending on which one is selected. 2013-10-08 15:47:14 +00:00			`<script type="text/javascript" language="JavaScript">`
Add Shortv4-2 files, watered down UnPSAPI, and Bootstrap 3 2013-08-11 21:21:53 +00:00			`// This is our AJAX - Thank you Wizzy <3`
			`$("#form-shorten").submit(function(event){`
			`event.preventDefault();`
			`event.stopPropagation();`
Add anti-spam measures, change dead links, disable user area The anti-spam is fairly simple and will only stop basic threats I coded this with future planning (and to fill the navbar), half links don't actually work as of yet There currently is no user system, login button disabled as a result 2013-08-26 06:36:28 +00:00			`$.post("process.php?token=<?php echo $token; ?>", $(this).serialize(), function(data){`
Speed up the fade transition on the status box While it looks kinda nice, some people might not apprecieate that it takes so much time for the page to pop up and it looks like the page froze or something. 2013-10-08 22:50:40 +00:00			`$("#message").hide().html(data).fadeIn("fast");`
Change layout of theme and move most javascript to assets To change the theme (change to the dark background) go to http://unps.us/?newbg Other changes include redesigning the form area to make them look like buttons that automatically resize depending on which one is selected. 2013-10-08 15:47:14 +00:00			`if($('#error').length){`
			`$('#short-button').removeClass('btn-primary');`
			`$('#short-button').removeClass('btn-success');`
			`$('#short-button').addClass('btn-danger');`
			`}else if($('#success').length){`
			`$('#short-button').removeClass('btn-primary');`
			`$('#short-button').removeClass('btn-danger');`
			`$('#short-button').addClass('btn-success');`
			`}`
Add Shortv4-2 files, watered down UnPSAPI, and Bootstrap 3 2013-08-11 21:21:53 +00:00			`});`
			`});`
			`</script>`
			`</body>`
			`</html>`