gama.io/UnPS-Short
1
0
Fork 0
mirror of https://github.com/gamaio/UnPS-Short.git synced 2024-11-13 04:37:26 +00:00
Code Issues Projects Releases Wiki Activity

Remove foreach loop and fix multiple id vulnerability

Browse Source 
I found that right after committing the last commit, the last id
entered would be the one finally redirected to. This also slowed
page load time. By grabbing only the very first key of $_GET and
throwing away the rest, the script will only look at the first
string after the '?'

Need to change links to reflect these changes (or it will try to
redirect to 'l' everytime instead of the id)
This commit is contained in:
Arctic Code 2014-01-29 01:41:05 -06:00
parent b62f922cb1
commit 63a2724f86
1 changed files with 8 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
index.php
View File

@ -28,15 +28,14 @@
*/
if(!empty($_GET)){
foreach($_GET as $key=>$value){
include('api/dbsettings.php');
$link = $shortdb->real_escape_string(strtolower(stripslashes(strip_tags($key))));
$sql = "SELECT * FROM `links` WHERE `shortlink` = '$link' LIMIT 1;";
if($result = $shortdb->query($sql)){
if($row = $result->fetch_assoc()){
$link = $row['link'];
header("location:$link");
}
$key = key($_GET);
include('api/dbsettings.php');
$link = $shortdb->real_escape_string(strtolower(stripslashes(strip_tags($key))));
$sql = "SELECT * FROM `links` WHERE `shortlink` = '$link' LIMIT 1;";
if($result = $shortdb->query($sql)){
if($row = $result->fetch_assoc()){
$link = $row['link'];
header("location:$link");
}
}
}