<?php
    session_start();

    $catches = explode(":", $_SESSION['catch']);
    $catchid = $catches[0];
    $catchVal = $catches[1];

    if(empty($_GET['token']) || $_GET['token'] != $_SESSION['token'] || empty($_POST[$catchid]) || $_POST[$catchid] != $catchVal){ 
        die("<div id=\"error\">Oh Noes! Something happened and I can't continue.<br />Please try again by using the form located at <a href=\"http://unps.us\">http://unps.us</a>.</div>");
    } 

	require('api/api.backend.php');
	require('api/dbsettings.php');

    $key = '9a211e90b0a0570ed33e47428231e702af47b6f54fb347960f661184e063a1d0'; // KEEP THIS PRIVATE! This is the only thing that authenticates the application

	function sanitize($input){
		if ($input == null) die("<div id=\"error\">Sanatize() - No Input Provided, Aborting</div>");
		include('api/dbsettings.php');
		$output = strip_tags($input);
		$output = stripslashes($output);
		$output = $apidb->real_escape_string($output);
		return $output;
	}

	$unpsAPI = new api();

	if(!empty($_POST['link']) && !empty($_POST['linkmod'])){
		switch ($_POST['linkmod']){
    		case "shorten":
    			$short = sanitize($_POST['link']);
                if(strpos($short, "http://") === false && strpos($short, "https://") === false){
                    $short = "http://$short";
                }
    			echo $unpsAPI->shorten($apidb, $key, $shortdb, $short);
        		break;
    		case "dellink":
    			if(empty($_POST['password'])) die("<div id=\"error\">Something went wrong somewhere, but there's no password here</div>");
    			$link = sanitize($_POST['link']);
    			$password = sanitize($_POST['password']);
                $link = explode("=", $link);
                if(count($link) != 2){
                    die("<div id=\"error\">I'm sorry, but something went wrong... did you paste the whole link?</div>");
                }
                $link = $link[1];
    			echo $unpsAPI->delShort($apidb, $key, $shortdb, $link, $password);
        		break;
    		case "replink":
    			if(empty($_POST['report-details'])) die("<div id=\"error\">Something went wrong somewhere, but I can't find the reason for reporting this link</div>");
    			$link = sanitize($_POST['link']);
    			$details = sanitize($_POST['report-details']);
    			echo $unpsAPI->reportLink($apidb, $key, $shortdb, $link, $details);
        		break;
        	default:
        		die("<div id=\"error\">I don't know what you want to do... [-Check linkmod-]</div>");
	   }  
    }else{ die("<div id=\"error\">I can't do my job if I'm not given a link to work on...</div>"); }

?>