Local mshannaq work

README.md

@@ -33,21 +33,21 @@ In addition to shortening URLs (based on domain that you use), SmartyURL also of
 
 Currently, as SmartyURL is in its early stages, you can only install it using Composer. Once we release the first official version of SmartyURL, we will offer detailed installation instructions for other methods.
 
-see [Developers Guide](docs/developers.md#installation) for more information about how to install SmartyURL.
+see [Developers Guide](http://extendy.github.io/SmartyURL/developers) for more information about how to install SmartyURL.
 
-Certainly, please refer to the [documentation](docs/index.md) for detailed instructions How configure, and effectively use SmartyURL for comprehensive guidance.
+Certainly, please refer to the [documentation](http://extendy.github.io/SmartyURL) for detailed instructions How configure, and effectively use SmartyURL for comprehensive guidance.
 
 ## Documentation
 
-Please take a look to SmartyURL [documentation](docs/index.md) for detailed installation, configuration, and usage instructions.
+Please take a look to SmartyURL [documentation](http://extendy.github.io/SmartyURL) for detailed installation, configuration, and usage instructions.
 
 **Visitors IP Country detection**
 
-SmartyURL uses the `ip2location/ip2location-php` library to determine visitors country based on their IP addresses. It includes the free "IP2Location™ LITE IP-COUNTRY Database" for both personal and commercial use. For enhanced geographical redirect conditions with more accurate and up-to-date IP-based country data or if you need more accuracy consider purchasing a licensed IP2Location database. Refer to [IP2Location Database Docs](docs/ip2location.md) for more details.
+SmartyURL uses the `ip2location/ip2location-php` library to determine visitors country based on their IP addresses. It includes the free "IP2Location™ LITE IP-COUNTRY Database" for both personal and commercial use. For enhanced geographical redirect conditions with more accurate and up-to-date IP-based country data or if you need more accuracy consider purchasing a licensed IP2Location database. Refer to [IP2Location Database Docs](http://extendy.github.io/SmartyURL/ip2location/) for more details.
 
 
 ## License
-This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.
+This project is licensed under the MIT License - see the [LICENSE](http://extendy.github.io/SmartyURL/license) file for details.
 
 ## Acknowledgments
 
@@ -63,4 +63,4 @@ Also We would like to acknowledge the following resources and contributors for t
 
 ## SmartyURL Legal Notice
 
-For more information, please refer to the [Legal Notice](docs/legalnotice.md).
+For more information, please refer to the [Legal Notice](http://extendy.github.io/SmartyURL/legalnotice).

app/Config/Routes.php

@@ -29,6 +29,7 @@
     $routes->get('hits/(:num)', 'Url::hitslist/$1', ['filter' => 'session']);
     $routes->get('hitslistdata/(:num)', 'Url::hitslistData/$1', ['filter' => 'session']); // json hits list for url
     $routes->get('qrcode/(:num)', 'Url::generateQRCode/$1', ['filter' => 'session']);
+    $routes->post('del/(:num)', 'Url::delUrl/$1', ['filter' => 'session']); // json del url
 });
 
 // language route

app/Config/Smarty.php

@@ -8,7 +8,7 @@ class Smarty extends BaseConfig
 {
     public $smarty_name        = 'SmartyURL';
     public $smarty_online_repo = 'https://smartyurl.extendy.net';
-    public $smarty_version     = '0.0.0-dev-dnd.2';
+    public $smarty_version     = '0.0.0-dev-dnd.3';
 
     /**
      * @var string contain the file name of jquery supported version eg jquery-3.7.1 without js

app/Controllers/Assist.php

@@ -555,6 +555,7 @@ function format(d) {
                             '' +
                             d.url_tags +
                             d.url_owner +
+                            d.url_addtionaloptions +
                             '<br>'
                         );
                     }

app/Controllers/Url.php

@@ -9,6 +9,7 @@
 use chillerlan\QRCode\Output\QROutputInterface;
 use chillerlan\QRCode\QRCode;
 use chillerlan\QRCode\QROptions;
+use CodeIgniter\Shield\Models\UserModel;
 use Extendy\Smartyurl\SmartyUrl;
 use Extendy\Smartyurl\UrlConditions;
 use Extendy\Smartyurl\UrlIdentifier;
@@ -74,9 +75,6 @@ public function listuserurls($urlOwnerUserId = null)
         }
         $user_id = user_id();
 
-        // @TODO FIX ME I must make sure user is exists
-        // @TODO and make sure from permission
-
         $data['filterrule']  = 'user';
         $data['filtervalue'] = $urlOwnerUserId;
         $data['filtertext']  = lang('Url.urlsUserLinks') . ' ' . smarty_get_user_username($user_id);
@@ -88,6 +86,17 @@ public function listuserurls($urlOwnerUserId = null)
             $data['filtertext'] = lang('Url.urlsMyLink');
         }
 
+        // make sure user $urlOwnerUserId is exists user
+        // I place it after the permission check to prevent any potential data bypass.
+        $usermodel = new UserModel();
+        if ($urlOwnerUserId !== null) {
+            $user = $usermodel->find($urlOwnerUserId);
+            if (! $user) {
+                // user is not exists
+                return redirect()->to('dashboard')->with('notice', lang('Users.UserNotFound'));
+            }
+        }
+
         return view(smarty_view('url/list'), $data);
     }
 
@@ -264,9 +273,16 @@ public function listData()
                 } else {
                     $url_owner = '';
                 }
+
                 $result->url_identifier = esc($result->url_identifier);
                 // $result->url_id],$result->url_title,$result->url_hitscounter
-                $Go_Url    = esc(smarty_detect_site_shortlinker() . $result->url_identifier);
+                $Go_Url = esc(smarty_detect_site_shortlinker() . $result->url_identifier);
+
+                // addtional options for the url
+                $url_addtionaloptions = '<div class="d-flex justify-content-end"><button id="deleteurlButton" data-url-go="' . $Go_Url . '"  data-url-id="' . $result->url_id . '" type="button" class=" btn btn-outline-danger flex-shrink-0">
+                                        <i class="bi bi-trash"></i>
+                                    </button></div>';
+
                 $records[] = [
                     'url_id_col'         => $result->url_id,
                     'url_identifier_col' => "<a class='link-dark listurls-link' href='" . site_url("url/view/{$result->url_id}") . "' data-url='{$Go_Url}'>{$result->url_identifier}</a>
@@ -275,10 +291,11 @@ public function listData()
                     'url_title_col' => " {$urlTitle}
                     <a target='_blank' title='" . lang('Url.visitOriginalUrl') . ' ' . $result->url_targeturl . "' href='{$result->url_targeturl}' class='link-dark edit-link'><i class='bi bi-box-arrow-up-right'></i></a>
                     ",
-                    'url_hits_col' => $result->url_hitscounter,
-                    'url_id'       => $result->url_id,
-                    'url_tags'     => $url_tags,
-                    'url_owner'    => $url_owner,
+                    'url_hits_col'         => "<a class='text-secondary' href='" . site_url("url/hits/{$result->url_id}") . "'>" . $result->url_hitscounter . '</a>',
+                    'url_id'               => $result->url_id,
+                    'url_tags'             => $url_tags,
+                    'url_owner'            => $url_owner,
+                    'url_addtionaloptions' => $url_addtionaloptions,
                 ];
             }
         }
@@ -550,7 +567,7 @@ public function edit($UrlId)
 
                     foreach ($urlRedirectConditions->conditions as $country => $finalUrl) {
                         $geocountry[]  = $country;
-                        $geofinalurl[] = urldecode($finalUrl);
+                        $geofinalurl[] = $finalUrl;
                     }
                     $data['geocountry'] = $geocountry;
                     // var_dump($data['geocountry']);
@@ -565,7 +582,7 @@ public function edit($UrlId)
 
                     foreach ($urlRedirectConditions->conditions as $device => $finalUrl) {
                         $devicecond[]     = $device;
-                        $devicefinalurl[] = urldecode($finalUrl);
+                        $devicefinalurl[] = $finalUrl;
                     }
                     break;
 
@@ -580,7 +597,7 @@ public function edit($UrlId)
         $data = [
             'UrlId'             => $url_id,
             'editUrlAction'     => site_url("/url/edit/{$url_id}"),
-            'originalUrl'       => esc(urldecode($urlData['url_targeturl'])),
+            'originalUrl'       => esc($urlData['url_targeturl']),
             'UrlTitle'          => esc($urlData['url_title']),
             'UrlIdentifier'     => esc($urlData['url_identifier']),
             'urlTags'           => esc($urlTagsCloud), // i must get the URLTags
@@ -620,7 +637,7 @@ public function editAction($UrlId)
 
         // user cannot edit others URLs unless he is can super.admin or admin.manageurls
         // check if original url is valid url
-        $originalUrl = esc($this->request->getPost('originalUrl'));
+        $originalUrl = $this->request->getPost('originalUrl');
         if (! $this->smartyurl->isValidURL($originalUrl)) {
             return redirect()->to("url/edit/{$UrlId}")->withInput()->with('error', lang('Url.urlInvalidOriginal'));
         }
@@ -846,7 +863,7 @@ public function hitslistData($urlId)
                     'hit_country_col'   => $result->urlhit_country,
                     'hit_device_col'    => $result->urlhit_visitordevice,
                     'hit_useragent_col' => esc($result->urlhit_useragent),
-                    'hit_finalurl_col'  => esc($result->urlhit_finaltarget),
+                    'hit_finalurl_col'  => urldecode($result->urlhit_finaltarget),
                 ];
             }
         }
@@ -935,4 +952,45 @@ public function generateQRCode(int $UrlId)
         // now i will return the image
         return $response->setBody($out);
     }
+
+    public function delUrl(int $UrlId)
+    {
+        $response = [];
+        if (! auth()->user()->can('url.manage', 'admin.manageotherurls', 'super.admin')) {
+            $response['error'] = lang('Common.permissionsNoenoughpermissions');
+
+            return $this->response->setJSON($response);
+        }
+        $url_id = (int) esc(smarty_remove_whitespace_from_url_identifier($UrlId));
+        if ($url_id === 0) {
+            $response['error'] = lang('Url.urlDelInvalidURL');
+        }
+        // i will check if the url id is exists or not
+        $urlData = $this->urlmodel->where('url_id', $url_id)->first();
+        if ($urlData === null) {
+            // url not exsists in dataase
+            $response['error'] = lang('Url.urlNotFoundShort');
+
+            return $this->response->setJSON($response);
+        }
+        // i will see if the current user can manage this url
+        $userManageUrl = $this->smartyurl->userCanManageUrl($url_id);
+        if (! $userManageUrl) {
+            $response['error'] = lang('Url.urlDelCannotDelthisUrlDuePermissions');
+
+            return $this->response->setJSON($response);
+        }
+        // i will try to delete the url
+
+        $delurl = $this->urlmodel->deleteUrlById($url_id);
+        if ($delurl > 0) {
+            // deleted
+            $response['status'] = 'deleted';
+        } else {
+            // not deleted or error
+            $response['error'] = lang('Url.urlDelError');
+        }
+
+        return $this->response->setJSON($response);
+    }
 }

app/Language/ar/Common.php

@@ -13,4 +13,9 @@
 
     'btnDelete' => 'حذف',
     'Optional'  => 'اختياري',
+    'btnOK'     => 'موافق',
+    'btnNo'     => 'لا',
+
+    'ajaxErrorTitle' => 'خطا',
+    'ajaxCallError1' => 'لا يمكن اتمام طلبك الان ، تاكد من اتصالك بالانترنت وحاول مجددا',
 ];

app/Language/ar/Url.php

@@ -82,4 +82,11 @@
     'urlInfoVisitorUserAgent'     => 'الوكيل',
     'urlInfoFinalTarget'          => 'الرابط النهائي',
     'urlInfoNoHitsYet'            => 'لا يوجد زيارات للرابط حتى الان!',
+
+    'urlDelConfrim'                        => 'هل انت متاكد من انك تود حذف الرابط',
+    'urlDelYes'                            => 'نعم ، احذف',
+    'urlDelInvalidURL'                     => 'رابط غير صحيح',
+    'urlDelCannotDelthisUrlDuePermissions' => 'لا يمكنك حذف هذا الرابط لكونك لا تمتلك الصلاحيات الكافية لحذفه',
+    'urlDelError'                          => 'لا يمكن حذف هذا الرابط الان ، حاول مرة اخرى لاحقا',
+    'urlDelOK'                             => 'لقم تم حذف الرابط بنجاح',
 ];

app/Language/ar/Users.php

@@ -0,0 +1,5 @@
+<?php
+
+return [
+    'UserNotFound' => 'مستخدم غير موجود.',
+];

app/Language/en/Common.php

@@ -13,4 +13,9 @@
 
     'btnDelete' => 'Delete',
     'Optional'  => 'Optional',
+    'btnOK'     => 'OK',
+    'btnNo'     => 'No',
+
+    'ajaxErrorTitle' => 'Error',
+    'ajaxCallError1' => 'Your request cannot be completed at the moment. Please ensure that you are connected to the internet and try again.',
 ];

app/Language/en/Url.php

@@ -82,4 +82,11 @@
     'urlInfoVisitorUserAgent'     => 'User-Agent',
     'urlInfoFinalTarget'          => 'Final Target',
     'urlInfoNoHitsYet'            => 'No visits for the URL yet!',
+
+    'urlDelConfrim'                        => 'Are you sure you want delete this',
+    'urlDelYes'                            => 'Yes, Delete',
+    'urlDelInvalidURL'                     => 'Invalid URL',
+    'urlDelCannotDelthisUrlDuePermissions' => 'You cannot delete this URL because you do not have sufficient permissions to do so.',
+    'urlDelError'                          => 'Cannot delete this URL now , please try again later',
+    'urlDelOK'                             => 'The URL has been successfully deleted',
 ];

app/Language/en/Users.php

@@ -0,0 +1,5 @@
+<?php
+
+return [
+    'UserNotFound' => 'User Not found.',
+];

app/Models/UrlModel.php

@@ -110,4 +110,18 @@ public function getUrlsForUser(int|array|null $userIds = null, int|null $start =
         // Retrieve the records
         return $builder->get()->getResult();
     }
+
+    public function deleteUrlById(int|array $urlId)
+    {
+        if (is_array($urlId)) {
+            // If $urlId is an array, delete multiple records
+            $this->whereIn('url_id', $urlId)->delete();
+        } else {
+            // If $urlId is a single value, delete a single record
+            $this->where('url_id', $urlId)->delete();
+        }
+
+        // Check the affected rows to determine if the deletion was successful
+        return $this->db->affectedRows() > 0;
+    }
 }