diff --git a/api/api.backend.php b/api/api.backend.php index ea2c355..29d53b1 100644 --- a/api/api.backend.php +++ b/api/api.backend.php @@ -31,16 +31,16 @@ class api{ $apisql = "INSERT INTO `apiuse` (time, name, apikey, ip, type, allowed, misc) VALUES (NOW(), '$name', '$apikey', '$ip', 'Link Shorten', '$canshort', '$link')"; if(!$result = $apidb->query($apisql)) return 'ERROR: ['.$apidb->error.']'; } - if($canshort != 1) return 'You are not authorized to shorten links'; + if($canshort != 1) return '
You are not authorized to shorten links
'; $sql = "SELECT * FROM `links` WHERE `link` = '$link' LIMIT 1;"; if($result = $sdb->query($sql)){ if($row = $result->fetch_assoc()){ $short = $row['shortlink']; - return "Existing link: http://unps.us/?l=$short"; + return "
Existing link: http://unps.us/?l=$short
"; } } - if(checkRemoteFile($link) !== true) return "Dead Link: $link"; + if(checkRemoteFile($link) !== true) return "
Dead Link: $link
"; $short = substr(number_format(time() * mt_rand(),0,'',''),0,10); $short = base_convert($short, 10, 36); @@ -52,7 +52,7 @@ class api{ endif; if($result = $sdb->query($sql)): return "Shortened: http://unps.us/?l=$short
Your link deletion password (write this down): $dpass"; - else: return 'ERROR: ['.$sdb->error.']'; + else: return '
ERROR: ['.$sdb->error.']
'; endif; } @@ -68,7 +68,7 @@ class api{ $apisql = "INSERT INTO `apiuse` (time, name, apikey, ip, type, allowed, misc) VALUES (NOW(), '$name', '$apikey', '$ip', 'Short Link Delete', '$canshort', '$link')"; if(!$result = $apidb->query($apisql)) return 'ERROR: ['.$apidb->error.']'; } - if($canshort != 1) return 'You are not authorized to delete short links'; + if($canshort != 1) return '
You are not authorized to delete short links
'; $sql = "SELECT * FROM `links` WHERE `shortlink` = '$link' LIMIT 1;"; if($result = $sdb->query($sql)){ @@ -80,12 +80,12 @@ class api{ if($apikey == $password){ $sql = "DELETE FROM `links` WHERE `shortlink` = '$link' AND `dpass` = '$apikey' LIMIT 1;"; - if(!$result = $sdb->query($sql)) return 'ERROR: ['.$sdb->error.']'; + if(!$result = $sdb->query($sql)) return '
ERROR: ['.$sdb->error.'
]'; echo "Deleted: $link"; return; - }else{ return "The password doesn't match. Delete $link aborted!"; } + }else{ return "
The password doesn't match. Delete $link aborted!
"; } } - }else{ return 'ERROR: ['.$sdb->error.']'; } + }else{ return '
ERROR: ['.$sdb->error.']
'; } } function reportLink($apidb, $apikey, $sdb, $link, $reason){ @@ -100,10 +100,10 @@ class api{ $apisql = "INSERT INTO `apiuse` (time, name, apikey, ip, type, allowed, misc) VALUES (NOW(), '$name', '$apikey', '$ip', 'Report Link', '$canshort', '$link')"; if(!$result = $apidb->query($apisql)) return 'ERROR: ['.$apidb->error.']'; } - if($canshort != 1) return 'You are not authorized to shorten links, meaning you also can\'t report false negatives'; + if($canshort != 1) return '
You are not authorized to shorten links, meaning you also can\'t report false negatives
'; $sql = "INSERT INTO `manual` (time, apikey, ip, link, reason) VALUES(NOW(), '$apikey', '$ip', '$link', '$reason');"; - if(!$result = $sdb->query($sql)) return 'ERROR: ['.$sdb->error.']'; + if(!$result = $sdb->query($sql)) return '
ERROR: ['.$sdb->error.']
'; return "Reported $link. Please check back in a day or two"; } diff --git a/assets/css/elements.css b/assets/css/elements.css index 833b201..fc49d59 100644 --- a/assets/css/elements.css +++ b/assets/css/elements.css @@ -104,7 +104,6 @@ body{ .form-shorten input[type="text"], .form-shorten textarea{ position: relative; font-size: 14px; - height: auto; padding: 7px; -webkit-box-sizing: border-box; -moz-box-sizing: border-box; @@ -142,6 +141,16 @@ body{ float: center; text-align: center; color: #bbb; + padding-left: 25.6% !important; +} + +#message #error{ + float: center; + text-align: center; + background-color: #cb3434; + border-radius: 5px; + padding: 5px; + width: 66%; } #footer { diff --git a/process.php b/process.php index 9b6d281..c65c996 100644 --- a/process.php +++ b/process.php @@ -1,4 +1,13 @@ Please try again by using the form located at http://unps.us."); + } require('api/api.backend.php'); require('api/dbsettings.php'); @@ -6,7 +15,7 @@ $key = '9a211e90b0a0570ed33e47428231e702af47b6f54fb347960f661184e063a1d0'; // KEEP THIS PRIVATE! This is the only thing that authenticates the application function sanitize($input){ - if ($input == null) die("Sanatize() - No Input Provided, Aborting\r\n
"); + if ($input == null) die("
Sanatize() - No Input Provided, Aborting
"); include('api/dbsettings.php'); $output = strip_tags($input); $output = stripslashes($output); @@ -23,22 +32,25 @@ echo $unpsAPI->shorten($apidb, $key, $shortdb, $short); break; case "dellink": - if(empty($_POST['password'])) die("Something went wrong somewhere, but there's no password here"); + if(empty($_POST['password'])) die("
Something went wrong somewhere, but there's no password here
"); $link = sanitize($_POST['link']); $password = sanitize($_POST['password']); $link = explode("=", $link); + if(count($link) != 2){ + die("
I'm sorry, but something went wrong... did you paste the whole link?
"); + } $link = $link[1]; echo $unpsAPI->delShort($apidb, $key, $shortdb, $link, $password); break; case "replink": - if(empty($_POST['report-details'])) die("Something went wrong somewhere, but I can't find the reason for reporting this link"); + if(empty($_POST['report-details'])) die("
Something went wrong somewhere, but I can't find the reason for reporting this link
"); $link = sanitize($_POST['link']); $details = sanitize($_POST['report-details']); echo $unpsAPI->reportLink($apidb, $key, $shortdb, $link, $details); break; default: - die("I don't know what you want to do... [-Check linkmod-]"); + die("
I don't know what you want to do... [-Check linkmod-]
"); } - }else{ die("I can't do my job if I'm not given a link to work on..."); } + }else{ die("
I can't do my job if I'm not given a link to work on...
"); } ?> \ No newline at end of file