diff options
Diffstat (limited to 'linkshorter/index.php')
| -rw-r--r-- | linkshorter/index.php | 155 |
1 files changed, 59 insertions, 96 deletions
diff --git a/linkshorter/index.php b/linkshorter/index.php index 1d56be5..c60bc82 100644 --- a/linkshorter/index.php +++ b/linkshorter/index.php @@ -1,114 +1,77 @@ <?php require 'functions.php'; -require 'db.php'; +require 'config.php'; +require 'class/db.php'; -//ob_start("sanitize_output"); -ob_start(); +if ( ! isset($_REQUEST['url']) || $_REQUEST['url'] == "" ){ +if ( ! isset($_REQUEST['checkpassword']) || $_REQUEST['checkpassword'] != 1 ) -if ( $_SERVER['REQUEST_METHOD'] != 'POST'){ + require 'view/templ-index.php'; -/* - $key = "lscache_" . md5( strtolower($_SERVER["HTTP_HOST"].$_SERVER["REQUEST_URI"].$_SERVER["QUERY_STRING"])); - if ( $db->exists($key) ) { - header("X-Cache: Hit"); - echo $db->get($key); - ob_end_flush(); - exit; + else { + + if ( ! isset($_REQUEST["short"]) || $_REQUEST["short"] == "" ){ + header($_SERVER["SERVER_PROTOCOL"] . " 404 Not Found"); + _do_output("Failure!", "Requested ID not found."); + } + + $db = new Database(REDIS_CONNECT, REDIS_SELECT); + + $options = json_decode( $db->get($_REQUEST["short"]), true ); + + if ( password_verify( $_REQUEST["password"] . PEPPER, $options["password"] ) ) + redirect($options["url"]); + else + _do_output("Failure!", "Wrong password supplied"); } -*/ - -?> -<!doctype html> -<html> -<head> - <meta charset="utf-8"> - <title>Link Shorter</title> - <link rel="stylesheet" href="//maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/bootstrap.min.css"> - <link href="//maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css" rel="stylesheet"> - <style> - <?php echo file_get_contents("../tools/style.css"); ?> - </style> - <noscript><style>.navbar{margin-bottom:0;}</style></noscript> - <link rel='shortcut icon' href='../tools/favicon.ico' type='image/x-icon'> - <meta name="viewport" content="width=device-width, initial-scale=1.0"> -</head> - <?php require("../tools/navbar.php"); ?> - <div class="container"> - <div class="text-center"> - <div class="row center-block vertical-center"> - <form class="form-horizontal " method="POST"> - <fieldset> - - <legend class="text-centered"><h1>Amazing Linkshorter</h1> - <p>Short your link and use a easy to remembery query string</p> - </legend> - - <div class="form-group"> - <label class="col-md-4 control-label" for="url">Link:</label> - <div class="col-md-5"> - <input id="url" name="url" placeholder="http://www.moehm.org/" class="form-control input-md" required="" type="text"> - - </div> - </div> - - <div class="form-group"> - <label class="col-md-4 control-label" for="short">(optional)</label> - <div class="col-md-4"> - <input id="short" name="short" placeholder="Your own query string here." class="form-control input-md" type="text"> - - </div> - </div> - - <div class="form-group"> - <label class="col-md-4 control-label" for="singlebutton"></label> - <div class="col-md-4"> - <button id="singlebutton" name="singlebutton" class="btn btn-primary" type="submit">Short!</button> - </div> - </div> - - </fieldset> - </form> - </div> - </div> - </div> - <?php require("../tools/footer.php"); ?> -</body> -<?php - $html = ob_get_contents(); - $db->set($key, $html, 3600); - ob_end_flush(); } else { - if ( empty($_POST["url"]) || $_POST["url"] == "" ){ - do_output("<p>We need a link to be shortened.</p>", "400 Client Failed", false, "<h1>Missing URL</h1>"); - } + $url = trim($_REQUEST['url']); - if ( ! preg_match("/^[a-z]+:\/\/[a-z0-9_]+/i", $_POST["url"]) ){ - do_output("<p>Only schemas like http:// or ftp:// are supported.</p>", "400 Client Failed", false, "<h1>This does not look like an url</h1>"); + if( ! preg_match("/^https?:\/\//", $url) ){ + $heading = "Failure!"; + $reason = "This doesn't look like a valid URL."; + _do_output($heading, $reason); } + $options = array("url" => $url); + if ( ! isset($_REQUEST["short"]) || $_REQUEST["short"] == "" ) + $options["short"] = ""; + else + $options["short"] = $_REQUEST["short"]; + + if ( ! isset($_REQUEST["ttl"]) || $_REQUEST["ttl"] == "" ) + $options["ttl"] = ""; + else { + if ( ! preg_match( "/^[0-9]+$/", trim($_REQUEST["ttl"]) ) ){ + _do_output("Failure", "Your Lifetime doesn't look like a valid number."); + } + $options["ttl"] = $_REQUEST["ttl"]; + } - $hash = md5($_POST["url"]); - if( ! empty($_POST["short"]) && $_POST["short"] != "" ) { - $short = $_POST["short"]; - if ( $db->exists($short) == 1 && $_POST["url"] != $db->get($short) ) - do_output("<p>Someone else has already a registered entry under '".htmlentities($short)."'.</p>", "422 Unprocessable Entity", false, "<h1>Query string already exists.</h1>"); + if ( ! isset($_REQUEST["password"]) || $_REQUEST["password"] == "" ) + $options["password"] = ""; + else + $options["password"] = password_hash($_REQUEST["password"] . PEPPER, PASSWORD_DEFAULT); + + $db = new Database(REDIS_CONNECT, REDIS_SELECT); + + if ( $options["short"] != "" && $db->exists($options["short"]) ) + _do_output("Failure", "Query string '".htmlentities($options["short"])."' already taken. Please choose a different one."); + + if ( $options["short"] == "" ) + $options["short"] = getToken(); + + if ( $options["ttl"] != "" ){ + if ( ! $db->set($options["short"], json_encode($options), $options["ttl"]) ){ + _do_output("Failure", "Database went away. :("); + } } else { - if( ! $short = $db->get($hash) ){ - $arr = array("a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z", "A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9"); - - do { - $short=""; - for ($i=0;$i<5;$i++){ - $r = mt_rand(0, count($arr)-1); - $short.=$arr[$r]; - } - } while ( $db->exists($short) ); - $db->set($hash, $short); + if ( ! $db->set($options["short"], json_encode($options)) ){ + _do_output("Failure", "Database went away. :("); } } - $db->set($short, $_POST["url"]); - do_output("<p>Your short link for <a href=\"".htmlentities($_POST["url"])."\">".htmlentities($_POST["url"])."</a> is <br> http://s.moehm.org/".$short."</p>", "200 OK", false, "<h1>Success</h1>"); + _do_output("Success!", "Your shortlink is " . SHORTDOMAIN . htmlentities($options["short"]) . "."); } |