Revert "Broke the shortener"

This reverts commit 25ab98ae1c.

Conflicts:
	api/dbsettings.php
This commit is contained in:
Arctic Code 2014-04-13 19:50:36 -05:00
parent c2fe7d6106
commit 278829a641
3 changed files with 26 additions and 45 deletions

View File

@ -37,10 +37,8 @@ function checkRemoteFile($ip=null){
} }
class api{ class api{
require_once('dbsettings.php');
// Begin Short // Begin Short
function shorten($link, $dpass=null){ function shorten($apidb, $apikey, $sdb, $link, $dpass=null){
$apisql = "SELECT * FROM `users` WHERE `key` = '$apikey' LIMIT 1"; $apisql = "SELECT * FROM `users` WHERE `key` = '$apikey' LIMIT 1";
if(!$result = $apidb->query($apisql)) return 'ERROR: ['.$apidb->error.']'; if(!$result = $apidb->query($apisql)) return 'ERROR: ['.$apidb->error.']';
if($row = $result->fetch_assoc()){ if($row = $result->fetch_assoc()){
@ -128,39 +126,6 @@ class api{
return "<div id=\"success\">Reported $link. Please check back in a day or two</div>"; return "<div id=\"success\">Reported $link. Please check back in a day or two</div>";
} }
function trackLink($apidb, $apikey, $sdb, $linkid){
$apisql = "SELECT * FROM `users` WHERE `key` = '$apikey' LIMIT 1;";
if(!$result = $apidb->query($apisql)) return 'ERROR: ['.$apidb->error.']';
if($row = $result->fetch_assoc()){
$canshort = $row['short'];
$name = $row['name'];
$ip = $_SERVER['REMOTE_ADDR'];
$apisql = "INSERT INTO `apiuse` (time, name, apikey, ip, type, allowed, misc) VALUES (NOW(), '$name', '$apikey', '$ip', 'Track Link', '$canshort', '$link')";
if(!$result = $apidb->query($apisql)) return 'ERROR: ['.$apidb->error.']';
}
if($canshort != 1) return '<div id="error">Failed to report</div>';
$sql = "INSERT INTO `tracking` (time, apikey, ip, linkid) VALUES (NOW(), '$apikey', '$ip', '$linkid')";
if(!$result = $sdb->query($sql)): die( 'ERROR: ['.$sdb->error.']');
else: die("SUCCESS");
endif;
}
function resLink($link){
$link = sanitize($link);
$sql = "SELECT * FROM `links` WHERE `shortlink` = '$link' LIMIT 1;";
if($result = $shortdb->query($sql)){
if($row = $result->fetch_assoc()){
$link = $row['link'];
trackLink($apidb, $key, $sdb, $link);
header("location:$link");
exit(); // Stop script execution to save on resources
}
}
}
// End Short // End Short
} }

View File

@ -13,18 +13,33 @@
$catchVal = base_convert($catchVal.$catchid, 10, 36); $catchVal = base_convert($catchVal.$catchid, 10, 36);
$_SESSION['catch'] = $catchid.":".$catchVal; $_SESSION['catch'] = $catchid.":".$catchVal;
require('api/api.backend.php');
$api = new api();
// This has been depreciated. Still here for backwards compatibility with existing links // This has been depreciated. Still here for backwards compatibility with existing links
if(!empty($_GET['l'])){ if(!empty($_GET['l'])){
$api->resLink($_GET['l']); include('api/dbsettings.php');
$link = $shortdb->real_escape_string(strtolower(stripslashes(strip_tags($_GET['l']))));
$sql = "SELECT * FROM `links` WHERE `shortlink` = '$link' LIMIT 1;";
if($result = $shortdb->query($sql)){
if($row = $result->fetch_assoc()){
$link = $row['link'];
header("location:$link");
exit(); // Stop script execution to save on resources
}
}
} }
// New way to check for valid short links, two characters shorter than the if statement above // New way to check for valid short links, two characters shorter than the if statement above
if(!empty($_GET)){ if(!empty($_GET)){
$key = key($_GET); $key = key($_GET);
$api->resLink($key); include('api/dbsettings.php');
$link = $shortdb->real_escape_string(strtolower(stripslashes(strip_tags($key))));
$sql = "SELECT * FROM `links` WHERE `shortlink` = '$link' LIMIT 1;";
if($result = $shortdb->query($sql)){
if($row = $result->fetch_assoc()){
$link = $row['link'];
header("location:$link");
exit(); // Stop script execution to save on resources
}
}
} }
?> ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

View File

@ -5,6 +5,10 @@
$catchid = $catches[0]; $catchid = $catches[0];
$catchVal = $catches[1]; $catchVal = $catches[1];
if(empty($_GET['token']) || $_GET['token'] != $_SESSION['token'] || empty($_POST[$catchid]) || $_POST[$catchid] != $catchVal){
die("<div id=\"error\">Oh Noes! Something happened and I can't continue.<br />Please try again by using the form located at <a href=\"http://unps.us\">http://unps.us</a>.</div>");
}
require('api/api.backend.php'); require('api/api.backend.php');
require('api/dbsettings.php'); require('api/dbsettings.php');
@ -22,16 +26,13 @@
$unpsAPI = new api(); $unpsAPI = new api();
if(!empty($_POST['link']) && !empty($_POST['linkmod'])){ if(!empty($_POST['link']) && !empty($_POST['linkmod'])){
if(empty($_GET['token']) || $_GET['token'] != $_SESSION['token'] || empty($_POST[$catchid]) || $_POST[$catchid] != $catchVal){
die("<div id=\"error\">Oh Noes! Something happened and I can't continue.<br />Please try again by using the form located at <a href=\"http://unps.us\">http://unps.us</a>.</div>");
}
switch ($_POST['linkmod']){ switch ($_POST['linkmod']){
case "shorten": case "shorten":
$short = sanitize($_POST['link']); $short = sanitize($_POST['link']);
if(strpos($short, "http://") === false && strpos($short, "https://") === false){ if(strpos($short, "http://") === false && strpos($short, "https://") === false){
$short = "http://$short"; $short = "http://$short";
} }
echo $unpsAPI->shorten($short); echo $unpsAPI->shorten($apidb, $key, $shortdb, $short);
break; break;
default: default:
die("<div id=\"error\">I don't know what you want to do... [-Check linkmod-]</div>"); die("<div id=\"error\">I don't know what you want to do... [-Check linkmod-]</div>");