2014-02-14 16:02:59 +01:00
< ? php
2014-12-28 20:52:06 +01:00
require_once ( " lib-core.php " );
require_once ( 'layout-headerlg.php' );
require_once ( 'lib-auth.php' );
2014-06-21 15:27:18 +02:00
$polrauth = new polrauth ();
$protocol = '://' ;
$hpi = $_POST [ 'hp' ];
2014-11-08 16:10:31 +01:00
$ps = $_POST [ 'options' ];
2014-06-21 15:27:18 +02:00
$country_code = @ $_SERVER [ " HTTP_CF_IPCOUNTRY " ];
2014-12-02 22:33:27 +01:00
if ( $li_shorten_only == true ) {
2014-12-02 22:41:40 +01:00
if ( ! isset ( $_SESSION [ 'username' ])) {
2014-12-02 22:33:27 +01:00
echo " <h2>Only logged in users may shorten links. Did you mean to <a href='login.php'>log in</a>?</h2> " ;
2014-12-28 20:52:06 +01:00
require_once ( 'layout-footerlg.php' );
2014-12-02 22:33:27 +01:00
die ();
}
}
2014-06-21 15:27:18 +02:00
2014-11-08 16:10:31 +01:00
function bve ( $bv ) {
global $mysqli ;
$query1 = " SELECT `rid` FROM `redirinfo` WHERE baseval=' { $bv } ' " ; // Check if exists natura
$result = $mysqli -> query ( $query1 );
$row = mysqli_fetch_assoc ( $result );
$existing = $row [ 'rid' ];
if ( $existing != NULL ) {
return true ;
}
else {
return false ;
}
}
2014-06-21 15:27:18 +02:00
if ( ! strstr ( $_POST [ 'urlr' ], $protocol )) {
2014-11-08 16:10:31 +01:00
2014-06-21 15:27:18 +02:00
$urlr = " http " . $protocol . trim ( $_POST [ 'urlr' ]); //add http:// if :// not there
}
else {
$urlr = trim ( $_POST [ 'urlr' ]);
}
if ( ! filterurl ( $urlr )) {
2014-02-14 16:02:59 +01:00
echo " You entered an invalid url<br> " ;
2014-03-03 20:37:35 +01:00
echo " <a href='index.php'>Back</a> " ;
2014-02-14 16:02:59 +01:00
die ();
}
2014-06-21 15:27:18 +02:00
if ( $hpi !== $hp ) {
echo " We have detected that you may be using automated methods to shorten links. <br>We offer a free API, please do not use our shorten page as an API.<br>If you are getting this message, but you are not a bot, please email support@polr.cf <br> Thanks. " ;
die ();
}
2014-11-08 16:10:31 +01:00
function rStr ( $length = 4 ) {
return substr ( str_shuffle ( " 0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ " ), 0 , $length );
}
if ( $ps == " s " ) {
// if secret url
$rstr = rStr ( 4 );
}
2014-06-21 15:27:18 +02:00
$userinfo = $polrauth -> islogged ();
if ( ! is_array ( $userinfo )) {
$il = false ;
}
else {
$il = true ;
}
2014-02-14 16:02:59 +01:00
$urlr = $mysqli -> real_escape_string ( $urlr );
2014-02-17 21:30:36 +01:00
//Other URL Shorteners List Array
2014-11-08 16:10:31 +01:00
$isshort = array ( 'polr.me' , 'polr.cf' , 'bit.ly' , 'is.gd' , 'tiny.cc' , 'adf.ly' , 'ur1.ca' , 'goo.gl' , 'ow.ly' , 'j.mp' , 't.co' );
2014-02-17 21:30:36 +01:00
foreach ( $isshort as $url_shorteners ) {
2014-06-21 15:27:18 +02:00
if ( strstr ( $urlr , $protocol . $url_shorteners )) {
2014-02-17 21:30:36 +01:00
echo " You entered an already shortened URL.<br> " ;
2014-03-03 20:37:35 +01:00
echo " <a href='index.php'>Back</a> " ;
2014-02-17 21:30:36 +01:00
die ();
}
2014-11-25 02:22:01 +01:00
} $query1 = " SELECT `rid`,`lkey` FROM `redirinfo` WHERE `rurl`=' { $urlr } ' AND iscustom='no'; " ; // Check if exists naturally
2014-02-14 16:02:59 +01:00
$result = $mysqli -> query ( $query1 );
$row = mysqli_fetch_assoc ( $result );
$existing = $row [ 'rid' ];
2014-11-25 02:22:01 +01:00
$lkey_ex = $row [ 'lkey' ];
2014-06-26 22:15:46 +02:00
$decodescript = " <script src='js/durl.js'></script> " ;
2014-02-14 16:02:59 +01:00
$ip = $mysqli -> real_escape_string ( $ip );
2014-06-21 15:27:18 +02:00
$customurl = $mysqli -> real_escape_string ( $_POST [ 'custom' ]);
if ( $customurl == " " ) {
$iscustom = " no " ;
}
//check custom url
$not_allowed_custom = array ( '.' );
if ( $customurl != " " ) {
if ( ! ctype_alnum ( $customurl )) {
echo " <b>Symbols or spaces are not allowed in a customized URL - alphanumeric only. <a href='index.php'>Try again</a></b> " ;
die ();
}
if ( strlen ( $customurl ) > 20 ) {
echo " <b>The maximum length for a custom url is 20 letters. <a href='index.php'>Try again</a></b> " ;
die ();
}
}
2014-11-25 02:22:01 +01:00
if ( ! $existing || $customurl != " " || $ps == " s " || $lkey_ex ) {
2014-11-08 16:10:31 +01:00
// If does not exist or creating custom URL. If requesting a secret link, recreate as well.
$query1 = " SELECT MAX(rid) AS `rid` FROM `redirinfo` WHERE `iscustom`='no'; " ;
$result = $mysqli -> query ( $query1 );
$row = mysqli_fetch_assoc ( $result );
$ridr = $row [ 'rid' ];
// Check if next URL in base32 has been occupied by a custom url
$q_checkbv = " SELECT `baseval` FROM `redirinfo` WHERE `rid`=' { $ridr } '; " ;
$perform_cbv = $mysqli -> query ( $q_checkbv );
$cbvr = mysqli_fetch_assoc ( $perform_cbv );
$based_val = $cbvr [ 'baseval' ];
$nbnum = base_convert ( $based_val , 36 , 10 );
$baseval = base_convert ( $nbnum + 1 , 10 , 36 );
while ( bve ( $baseval ) == true ) {
$nbnum = base_convert ( $baseval , 36 , 10 );
$baseval = base_convert ( $nbnum + 1 , 10 , 36 );
}
2014-02-14 16:02:59 +01:00
2014-06-21 15:27:18 +02:00
if ( $customurl != " " ) {
2014-11-08 16:10:31 +01:00
// creating custom URL?
2014-06-21 15:27:18 +02:00
$baseval = $customurl ;
$iscustom = " yes " ;
2014-12-02 22:33:27 +01:00
$query = " SELECT `rid` FROM `redirinfo` WHERE `baseval`=' { $customurl } '; " ; //check if baseval used already
2014-06-21 15:27:18 +02:00
$result = $mysqli -> query ( $query );
$row = mysqli_fetch_assoc ( $result );
$custom_existing = $row [ 'rid' ];
if ( $custom_existing ) {
echo " The custom shorturl ending you specified is already in use. <a href='index.php'>Try again</a> " ;
die ();
}
}
2014-11-08 16:10:31 +01:00
if ( $ps == " p " || ! $ps ) {
2014-11-25 02:22:01 +01:00
$query2 = " INSERT INTO `redirinfo` (baseval,rurl,ip,user,iscustom,country) VALUES (' { $baseval } ',' { $urlr } ',' { $ip } ',' { $userinfo [ 'username' ] } ',' { $iscustom } ',' { $country_code } '); " ;
2014-11-08 16:10:31 +01:00
}
else if ( $ps == " s " ) {
2014-11-25 02:22:01 +01:00
$query2 = " INSERT INTO `redirinfo` (baseval,rurl,ip,user,iscustom,lkey,country) VALUES (' { $baseval } ',' { $urlr } ',' { $ip } ',' { $userinfo [ 'username' ] } ',' { $iscustom } ',' { $rstr } ',' { $country_code } '); " ;
2014-11-08 16:10:31 +01:00
$baseval .= " ? " . $rstr ;
}
$result2r = $mysqli -> query ( $query2 ); // or showerror();
2014-06-21 15:27:18 +02:00
$basewsa = base64_encode ( $wsa );
$basebv = base64_encode ( $baseval );
echo " <input type='hidden' value=' $basebv ' id='j' /><input type='hidden' value=' $basewsa ' id='k' /> " ;
echo $decodescript ;
2014-12-02 22:59:22 +01:00
echo " <div style='text-align:center;padding-left:11%;padding-right:11%;'><h3>URL:</h3> <input type='text' id='i' onselect= \" select_text(); \" onclick= \" select_text(); \" readonly= \" readonly \" class='form-control' value= \" Please enable Javascript \" /> " ;
2014-06-21 15:27:18 +02:00
}
2014-02-14 16:02:59 +01:00
else {
2014-11-08 16:10:31 +01:00
// Already exists. Fetch from DB and send over.
2014-11-25 02:22:01 +01:00
$query1 = " SELECT `baseval` FROM `redirinfo` WHERE `rurl`=' { $urlr } ' AND iscustom='no' " ;
2014-02-14 16:02:59 +01:00
$result = $mysqli -> query ( $query1 );
$row = mysqli_fetch_assoc ( $result );
$baseval = $row [ 'baseval' ];
2014-06-21 15:27:18 +02:00
$basebv = base64_encode ( $baseval );
$basewsa = base64_encode ( $wsa );
echo " <input type='hidden' value=' $basebv ' id='j' /><input type='hidden' value=' $basewsa ' id='k' /> " ;
echo $decodescript ;
2014-12-02 22:59:22 +01:00
echo " <div style='text-align:center;padding-left:11%;padding-right:11%;'><h3>URL:</h3> <input type='text' id='i' onselect= \" select_text(); \" onclick= \" select_text(); \" readonly= \" readonly \" class='form-control' value= \" Please enable JavaScript \" /> " ;
2014-06-21 15:27:18 +02:00
}
echo '<br><a href="index.php" class="btn btn-primary btn-large">Shorten Another Link</a></div>' ;
2014-12-28 20:52:06 +01:00
require_once ( 'layout-footerlg.php' );
