-
Notifications
You must be signed in to change notification settings - Fork 15
/
shorten.php
136 lines (118 loc) · 4.64 KB
/
shorten.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
<?php
include 'inc/bdd.php';
session_start(['cookie_lifetime' => '1728000', 'name' => 'shortener', 'cookie_httponly' => true,'cookie_secure' => true]);
if(!empty($_SESSION['username'])){
$username = $_SESSION['username'];
$token = $_SESSION['token'];
}
if (PUBLIC_INSTANCE == 'true' and empty($username)){
$username = 'UNKNOWN';
}
function short($connexion, $username, $url, $custom, $comment) {
if (preg_match("_(^|[\s.:;?\-\]<\(])(https?://[-\w;/?:@&=+$\|\_.!~*\|'()\[\]%#,?]+[\w/#](\(\))?)(?=$|[\s',\|\(\).:;?\-\[\]>\)])_i", $url)) {
$unic = 0;
# Check if custom already exist
if (!empty($custom)) {
$verify_url = $connexion->prepare("SELECT * FROM shortener WHERE short=?");
$verify_url->execute(array($custom));
if (count($verify_url->fetchAll((PDO::FETCH_ASSOC))) == 0) {
$unic = 1;
$url_shortened = $custom;
}
}
while ($unic == 0) {
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$url_shortened = '';
for ($i = 0; $i < URL_SIZE; $i++) { // Generate the short url
$url_shortened .= $characters[rand(0, strlen($characters) - 1)];
}
# Check if already exist
$verify_url = $connexion->prepare("SELECT * FROM shortener WHERE short=?");
$verify_url->execute(array($url_shortened));
if (count($verify_url->fetchAll((PDO::FETCH_ASSOC))) == 0) {
$unic = 1;
}
}
$req = $connexion->prepare('INSERT INTO shortener(short,url,comment,username,date,views) VALUES (?,?,?,?,?,?)');
$req->execute(array($url_shortened, $url, $comment, $username, date("Y-m-d H:i:s"), '0'));
$req->closeCursor();
return $url_shortened;
}
else {
echo 'Wrong URL';
exit;
}
}
if (!empty($_GET['url'])) { // GET if bookmark used or API (with token if connected)
$url = $_GET['url'];
if (empty($_GET['comment'])) {
$comment = NULL;
}
else {
$comment = $_GET['comment'];
}
if (!empty($_GET['token']) and (PUBLIC_INSTANCE != 'true')) { //If token post, search the user to allow the shorten in case of private server
$req = $connexion->prepare('SELECT * FROM users where token = ?');
$req->execute(array($_GET['token']));
$res_user = $req->fetch(PDO::FETCH_ASSOC);
if ($res_user and !empty($_GET['url'])) { //token is valid
$url_shortened = short($connexion, $res_user['username'], $url, NULL, $comment);
}
}
elseif (PUBLIC_INSTANCE == 'true') {
$url_shortened = short($connexion, $username, $url, NULL, $comment);
}
else {
header('Location: ' . DEFAULT_URL);
}
}
else { // POST if webpage used
if (empty($username)) { // Not connect and not a public shortener
if (!empty($_POST['is_short_free'])) {
http_response_code(403); // 403 for the API is better than redirect
}
else {
header('Location: ' . DEFAULT_URL);
}
exit();
}
if (!empty($_POST['is_short_free'])) {
$verify_url = $connexion->prepare("SELECT * FROM shortener WHERE short=?");
$verify_url->execute(array($_POST['is_short_free']));
header('Content-type: application/json');
if (count($verify_url->fetchAll((PDO::FETCH_ASSOC))) == 0) {
echo json_encode(array('ok'=>true));
exit;
}
else {
echo json_encode(array('ok'=>false));
exit;
}
}
if (empty($_POST['url'])) { // nothing to short
header('Location: ' . DEFAULT_URL);
exit();
}
$url = htmlspecialchars(strip_tags($_POST['url']));
$comment = (!empty($_POST['comment'])) ? htmlspecialchars(strip_tags($_POST['comment'])) : NULL;
$custom = (!empty($_POST['custom'])) ? htmlspecialchars(strip_tags($_POST['custom'])) : NULL;
$url_shortened = short($connexion, $username, $url, $custom, $comment);
}
include 'inc/header.php';
echo '
<div id="content">
<div id="site">
<a href=".">Shortener</a>
</div>
<div id="shortened">
URL shortened : <br /><a id="newURL" href="' . DEFAULT_URL . '/' . $url_shortened . '">' . DEFAULT_URL . '/' . $url_shortened . '</a>
</div>
<div id="credits">
Shortener by Azlux
</div>
<script>
window.prompt("Copy to clipboard: Ctrl+C, Enter","' . DEFAULT_URL . '/' . $url_shortened . '");
</script>
</div>';
include 'inc/footer.php';
?>