From 278829a641d3526002fa406983cba4fa68970e3b Mon Sep 17 00:00:00 2001 From: Arctic Code Date: Sun, 13 Apr 2014 19:50:36 -0500 Subject: [PATCH] Revert "Broke the shortener" This reverts commit 25ab98ae1ca3b52506f1d85ccccf026cd2fbfbbc. Conflicts: api/dbsettings.php --- api/api.backend.php | 37 +------------------------------------ index.php | 25 ++++++++++++++++++++----- process.php | 9 +++++---- 3 files changed, 26 insertions(+), 45 deletions(-) diff --git a/api/api.backend.php b/api/api.backend.php index effecfa..6d7b7f1 100644 --- a/api/api.backend.php +++ b/api/api.backend.php @@ -37,10 +37,8 @@ function checkRemoteFile($ip=null){ } class api{ - require_once('dbsettings.php'); - // Begin Short - function shorten($link, $dpass=null){ + function shorten($apidb, $apikey, $sdb, $link, $dpass=null){ $apisql = "SELECT * FROM `users` WHERE `key` = '$apikey' LIMIT 1"; if(!$result = $apidb->query($apisql)) return 'ERROR: ['.$apidb->error.']'; if($row = $result->fetch_assoc()){ @@ -128,39 +126,6 @@ class api{ return "
Reported $link. Please check back in a day or two
"; } - function trackLink($apidb, $apikey, $sdb, $linkid){ - $apisql = "SELECT * FROM `users` WHERE `key` = '$apikey' LIMIT 1;"; - if(!$result = $apidb->query($apisql)) return 'ERROR: ['.$apidb->error.']'; - if($row = $result->fetch_assoc()){ - $canshort = $row['short']; - $name = $row['name']; - - $ip = $_SERVER['REMOTE_ADDR']; - - $apisql = "INSERT INTO `apiuse` (time, name, apikey, ip, type, allowed, misc) VALUES (NOW(), '$name', '$apikey', '$ip', 'Track Link', '$canshort', '$link')"; - if(!$result = $apidb->query($apisql)) return 'ERROR: ['.$apidb->error.']'; - } - if($canshort != 1) return '
Failed to report
'; - - $sql = "INSERT INTO `tracking` (time, apikey, ip, linkid) VALUES (NOW(), '$apikey', '$ip', '$linkid')"; - if(!$result = $sdb->query($sql)): die( 'ERROR: ['.$sdb->error.']'); - else: die("SUCCESS"); - endif; - } - - function resLink($link){ - $link = sanitize($link); - $sql = "SELECT * FROM `links` WHERE `shortlink` = '$link' LIMIT 1;"; - if($result = $shortdb->query($sql)){ - if($row = $result->fetch_assoc()){ - $link = $row['link']; - trackLink($apidb, $key, $sdb, $link); - header("location:$link"); - exit(); // Stop script execution to save on resources - } - } - } - // End Short } diff --git a/index.php b/index.php index b0c5756..1b0ba4d 100644 --- a/index.php +++ b/index.php @@ -13,18 +13,33 @@ $catchVal = base_convert($catchVal.$catchid, 10, 36); $_SESSION['catch'] = $catchid.":".$catchVal; - require('api/api.backend.php'); - $api = new api(); - // This has been depreciated. Still here for backwards compatibility with existing links if(!empty($_GET['l'])){ - $api->resLink($_GET['l']); + include('api/dbsettings.php'); + $link = $shortdb->real_escape_string(strtolower(stripslashes(strip_tags($_GET['l'])))); + $sql = "SELECT * FROM `links` WHERE `shortlink` = '$link' LIMIT 1;"; + if($result = $shortdb->query($sql)){ + if($row = $result->fetch_assoc()){ + $link = $row['link']; + header("location:$link"); + exit(); // Stop script execution to save on resources + } + } } // New way to check for valid short links, two characters shorter than the if statement above if(!empty($_GET)){ $key = key($_GET); - $api->resLink($key); + include('api/dbsettings.php'); + $link = $shortdb->real_escape_string(strtolower(stripslashes(strip_tags($key)))); + $sql = "SELECT * FROM `links` WHERE `shortlink` = '$link' LIMIT 1;"; + if($result = $shortdb->query($sql)){ + if($row = $result->fetch_assoc()){ + $link = $row['link']; + header("location:$link"); + exit(); // Stop script execution to save on resources + } + } } ?> diff --git a/process.php b/process.php index ba57f98..b9e0718 100644 --- a/process.php +++ b/process.php @@ -5,6 +5,10 @@ $catchid = $catches[0]; $catchVal = $catches[1]; + if(empty($_GET['token']) || $_GET['token'] != $_SESSION['token'] || empty($_POST[$catchid]) || $_POST[$catchid] != $catchVal){ + die("
Oh Noes! Something happened and I can't continue.
Please try again by using the form located at http://unps.us.
"); + } + require('api/api.backend.php'); require('api/dbsettings.php'); @@ -22,16 +26,13 @@ $unpsAPI = new api(); if(!empty($_POST['link']) && !empty($_POST['linkmod'])){ - if(empty($_GET['token']) || $_GET['token'] != $_SESSION['token'] || empty($_POST[$catchid]) || $_POST[$catchid] != $catchVal){ - die("
Oh Noes! Something happened and I can't continue.
Please try again by using the form located at http://unps.us.
"); - } switch ($_POST['linkmod']){ case "shorten": $short = sanitize($_POST['link']); if(strpos($short, "http://") === false && strpos($short, "https://") === false){ $short = "http://$short"; } - echo $unpsAPI->shorten($short); + echo $unpsAPI->shorten($apidb, $key, $shortdb, $short); break; default: die("
I don't know what you want to do... [-Check linkmod-]
");