2013-12-25 20:54:37 -06:00
< ? php
session_start ();
$catches = explode ( " : " , $_SESSION [ 'catch' ]);
$catchid = $catches [ 0 ];
$catchVal = $catches [ 1 ];
if ( empty ( $_GET [ 'token' ]) || $_GET [ 'token' ] != $_SESSION [ 'token' ] || empty ( $_POST [ $catchid ]) || $_POST [ $catchid ] != $catchVal ){
die ( " <div id= \" error \" >Oh Noes! Something happened and I can't continue.<br />Please try again by using the form located at <a href= \" http://unps.us \" >http://unps.us</a>.</div> " );
}
2013-12-25 20:59:01 -06:00
require ( '../api/api.backend.php' );
require ( '../api/dbsettings.php' );
2013-12-25 20:54:37 -06:00
$key = '9a211e90b0a0570ed33e47428231e702af47b6f54fb347960f661184e063a1d0' ; // KEEP THIS PRIVATE! This is the only thing that authenticates the application
function sanitize ( $input ){
if ( $input == null ) die ( " <div id= \" error \" >Sanatize() - No Input Provided, Aborting</div> " );
2013-12-25 20:59:01 -06:00
include ( '../api/dbsettings.php' );
2013-12-25 20:54:37 -06:00
$output = strip_tags ( $input );
$output = stripslashes ( $output );
$output = $apidb -> real_escape_string ( $output );
return $output ;
}
$unpsAPI = new api ();
if ( ! empty ( $_POST [ 'link' ]) && ! empty ( $_POST [ 'linkmod' ])){
switch ( $_POST [ 'linkmod' ]){
case " shorten " :
$short = sanitize ( $_POST [ 'link' ]);
if ( strpos ( $short , " http:// " ) === false && strpos ( $short , " https:// " ) === false ){
$short = " http:// $short " ;
}
echo $unpsAPI -> shorten ( $apidb , $key , $shortdb , $short );
break ;
case " dellink " :
if ( empty ( $_POST [ 'password' ])) die ( " <div id= \" error \" >Something went wrong somewhere, but there's no password here</div> " );
$link = sanitize ( $_POST [ 'link' ]);
$password = sanitize ( $_POST [ 'password' ]);
$link = explode ( " = " , $link );
if ( count ( $link ) != 2 ){
die ( " <div id= \" error \" >I'm sorry, but something went wrong... did you paste the whole link?</div> " );
}
$link = $link [ 1 ];
echo $unpsAPI -> delShort ( $apidb , $key , $shortdb , $link , $password );
break ;
case " replink " :
if ( empty ( $_POST [ 'report-details' ])) die ( " <div id= \" error \" >Something went wrong somewhere, but I can't find the reason for reporting this link</div> " );
$link = sanitize ( $_POST [ 'link' ]);
$details = sanitize ( $_POST [ 'report-details' ]);
echo $unpsAPI -> reportLink ( $apidb , $key , $shortdb , $link , $details );
break ;
default :
die ( " <div id= \" error \" >I don't know what you want to do... [-Check linkmod-]</div> " );
}
} else { die ( " <div id= \" error \" >I can't do my job if I'm not given a link to work on...</div> " ); }
?>