UnPS-Short/process.php
Arctic Code 04b1e997f9 Add token error to #error
Sometimes I forget things
2013-08-26 10:52:44 -05:00

59 lines
2.5 KiB
PHP

<?php
session_start();
$catches = explode(":", $_SESSION['catch']);
$catchid = $catches[0];
$catchVal = $catches[1];
if(empty($_GET['token']) || $_GET['token'] != $_SESSION['token'] || empty($_POST[$catchid]) || $_POST[$catchid] != $catchVal){
die("<div id=\"error\">Oh Noes! Something happened and I can't continue.<br />Please try again by using the form located at <a href=\"http://unps.us\">http://unps.us</a>.</div>");
}
require('api/api.backend.php');
require('api/dbsettings.php');
$key = '9a211e90b0a0570ed33e47428231e702af47b6f54fb347960f661184e063a1d0'; // KEEP THIS PRIVATE! This is the only thing that authenticates the application
function sanitize($input){
if ($input == null) die("<div id=\"error\">Sanatize() - No Input Provided, Aborting</div>");
include('api/dbsettings.php');
$output = strip_tags($input);
$output = stripslashes($output);
$output = $apidb->real_escape_string($output);
return $output;
}
$unpsAPI = new api();
if(!empty($_POST['link']) && !empty($_POST['linkmod'])){
switch ($_POST['linkmod']){
case "shorten":
$short = sanitize($_POST['link']);
if(strpos($short, "http://") === false && strpos($short, "https://") === false){
$short = "http://$short";
}
echo $unpsAPI->shorten($apidb, $key, $shortdb, $short);
break;
case "dellink":
if(empty($_POST['password'])) die("<div id=\"error\">Something went wrong somewhere, but there's no password here</div>");
$link = sanitize($_POST['link']);
$password = sanitize($_POST['password']);
$link = explode("=", $link);
if(count($link) != 2){
die("<div id=\"error\">I'm sorry, but something went wrong... did you paste the whole link?</div>");
}
$link = $link[1];
echo $unpsAPI->delShort($apidb, $key, $shortdb, $link, $password);
break;
case "replink":
if(empty($_POST['report-details'])) die("<div id=\"error\">Something went wrong somewhere, but I can't find the reason for reporting this link</div>");
$link = sanitize($_POST['link']);
$details = sanitize($_POST['report-details']);
echo $unpsAPI->reportLink($apidb, $key, $shortdb, $link, $details);
break;
default:
die("<div id=\"error\">I don't know what you want to do... [-Check linkmod-]</div>");
}
}else{ die("<div id=\"error\">I can't do my job if I'm not given a link to work on...</div>"); }
?>