1
0
mirror of https://github.com/cydrobolt/polr.git synced 2024-11-10 04:02:28 +01:00
polr/createurl.php

164 lines
6.2 KiB
PHP
Raw Normal View History

<?php
require_once("req.php");
require_once('header.php');
require_once('polrauth.php');
$polrauth = new polrauth();
$protocol = '://';
$hpi = $_POST['hp'];
2014-11-08 16:10:31 +01:00
$ps = $_POST['options'];
$country_code = @$_SERVER["HTTP_CF_IPCOUNTRY"];
2014-12-02 22:33:27 +01:00
if ($li_shorten_only == true) {
2014-12-02 22:41:40 +01:00
if (!isset($_SESSION['username'])) {
2014-12-02 22:33:27 +01:00
echo "<h2>Only logged in users may shorten links. Did you mean to <a href='login.php'>log in</a>?</h2>";
require_once('footer.php');
die();
}
}
2014-11-08 16:10:31 +01:00
function bve($bv) {
global $mysqli;
$query1 = "SELECT `rid` FROM `redirinfo` WHERE baseval='{$bv}'"; // Check if exists natura
$result = $mysqli->query($query1);
$row = mysqli_fetch_assoc($result);
$existing = $row['rid'];
if ($existing != NULL ) {
return true;
}
else {
return false;
}
}
if(!strstr($_POST['urlr'], $protocol)) {
2014-11-08 16:10:31 +01:00
$urlr = "http".$protocol.trim($_POST['urlr']); //add http:// if :// not there
}
else {
$urlr = trim($_POST['urlr']);
}
if(!filterurl($urlr)) {
echo "You entered an invalid url<br>";
2014-03-03 20:37:35 +01:00
echo "<a href='index.php'>Back</a>";
die();
}
if($hpi !== $hp) {
echo "We have detected that you may be using automated methods to shorten links. <br>We offer a free API, please do not use our shorten page as an API.<br>If you are getting this message, but you are not a bot, please email support@polr.cf <br> Thanks.";
die();
}
2014-11-08 16:10:31 +01:00
function rStr($length = 4) {
return substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, $length);
}
if($ps == "s") {
// if secret url
$rstr = rStr(4);
}
$userinfo = $polrauth->islogged();
if(!is_array($userinfo)) {
$il = false;
}
else {
$il = true;
}
$urlr = $mysqli->real_escape_string($urlr);
2014-02-17 21:30:36 +01:00
//Other URL Shorteners List Array
2014-11-08 16:10:31 +01:00
$isshort = array('polr.me', 'polr.cf','bit.ly','is.gd','tiny.cc','adf.ly','ur1.ca','goo.gl','ow.ly','j.mp','t.co');
2014-02-17 21:30:36 +01:00
foreach ($isshort as $url_shorteners) {
if(strstr($urlr, $protocol.$url_shorteners)) {
2014-02-17 21:30:36 +01:00
echo "You entered an already shortened URL.<br>";
2014-03-03 20:37:35 +01:00
echo "<a href='index.php'>Back</a>";
2014-02-17 21:30:36 +01:00
die();
}
2014-11-25 02:22:01 +01:00
}$query1 = "SELECT `rid`,`lkey` FROM `redirinfo` WHERE `rurl`='{$urlr}' AND iscustom='no';"; // Check if exists naturally
$result = $mysqli->query($query1);
$row = mysqli_fetch_assoc($result);
$existing = $row['rid'];
2014-11-25 02:22:01 +01:00
$lkey_ex = $row['lkey'];
2014-06-26 22:15:46 +02:00
$decodescript = "<script src='js/durl.js'></script>";
$ip = $mysqli->real_escape_string($ip);
$customurl = $mysqli->real_escape_string($_POST['custom']);
if($customurl == "") {
$iscustom = "no";
}
//check custom url
$not_allowed_custom = array('.');
if($customurl!="") {
if(!ctype_alnum($customurl)) {
echo "<b>Symbols or spaces are not allowed in a customized URL - alphanumeric only. <a href='index.php'>Try again</a></b>";
die();
}
if(strlen($customurl)>20) {
echo "<b>The maximum length for a custom url is 20 letters. <a href='index.php'>Try again</a></b>";
die();
}
}
2014-11-25 02:22:01 +01:00
if(!$existing || $customurl!="" || $ps=="s" || $lkey_ex) {
2014-11-08 16:10:31 +01:00
// If does not exist or creating custom URL. If requesting a secret link, recreate as well.
$query1 = "SELECT MAX(rid) AS `rid` FROM `redirinfo` WHERE `iscustom`='no';";
$result = $mysqli->query($query1);
$row = mysqli_fetch_assoc($result);
$ridr = $row['rid'];
// Check if next URL in base32 has been occupied by a custom url
$q_checkbv = "SELECT `baseval` FROM `redirinfo` WHERE `rid`='{$ridr}';";
$perform_cbv = $mysqli->query($q_checkbv);
$cbvr = mysqli_fetch_assoc($perform_cbv);
$based_val = $cbvr['baseval'];
$nbnum = base_convert($based_val,36,10);
$baseval = base_convert($nbnum+1,10,36);
while (bve($baseval) == true) {
$nbnum = base_convert($baseval,36,10);
$baseval = base_convert($nbnum+1,10,36);
}
if($customurl!="") {
2014-11-08 16:10:31 +01:00
// creating custom URL?
$baseval = $customurl;
$iscustom = "yes";
2014-12-02 22:33:27 +01:00
$query = "SELECT `rid` FROM `redirinfo` WHERE `baseval`='{$customurl}';"; //check if baseval used already
$result = $mysqli->query($query);
$row = mysqli_fetch_assoc($result);
$custom_existing = $row['rid'];
if($custom_existing) {
echo "The custom shorturl ending you specified is already in use. <a href='index.php'>Try again</a>";
die();
}
}
2014-11-08 16:10:31 +01:00
if($ps == "p" || !$ps) {
2014-11-25 02:22:01 +01:00
$query2 = "INSERT INTO `redirinfo` (baseval,rurl,ip,user,iscustom,country) VALUES ('{$baseval}','{$urlr}','{$ip}','{$userinfo['username']}','{$iscustom}','{$country_code}');";
2014-11-08 16:10:31 +01:00
}
else if($ps=="s") {
2014-11-25 02:22:01 +01:00
$query2 = "INSERT INTO `redirinfo` (baseval,rurl,ip,user,iscustom,lkey,country) VALUES ('{$baseval}','{$urlr}','{$ip}','{$userinfo['username']}','{$iscustom}','{$rstr}','{$country_code}');";
2014-11-08 16:10:31 +01:00
$baseval .= "?".$rstr;
}
$result2r = $mysqli->query($query2);// or showerror();
$basewsa = base64_encode($wsa);
$basebv =base64_encode($baseval);
echo "<input type='hidden' value='$basebv' id='j' /><input type='hidden' value='$basewsa' id='k' />";
echo $decodescript;
2014-12-02 22:59:22 +01:00
echo "<div style='text-align:center;padding-left:11%;padding-right:11%;'><h3>URL:</h3> <input type='text' id='i' onselect=\"select_text();\" onclick=\"select_text();\" readonly=\"readonly\" class='form-control' value=\"Please enable Javascript\" />";
}
else {
2014-11-08 16:10:31 +01:00
// Already exists. Fetch from DB and send over.
2014-11-25 02:22:01 +01:00
$query1 = "SELECT `baseval` FROM `redirinfo` WHERE `rurl`='{$urlr}' AND iscustom='no'";
$result = $mysqli->query($query1);
$row = mysqli_fetch_assoc($result);
$baseval = $row['baseval'];
$basebv = base64_encode($baseval);
$basewsa = base64_encode($wsa);
echo "<input type='hidden' value='$basebv' id='j' /><input type='hidden' value='$basewsa' id='k' />";
echo $decodescript;
2014-12-02 22:59:22 +01:00
echo "<div style='text-align:center;padding-left:11%;padding-right:11%;'><h3>URL:</h3> <input type='text' id='i' onselect=\"select_text();\" onclick=\"select_text();\" readonly=\"readonly\" class='form-control' value=\"Please enable JavaScript\" />";
}
echo '<br><a href="index.php" class="btn btn-primary btn-large">Shorten Another Link</a></div>';
require_once('footer.php');