OpenShorte.old/index.php

<?php
    session_start ( );
    require_once ( 'config.php' );
    require_once ( 'functions.php' );
    if ( isset ( $_GET [ 'go' ] ) ) {
        $link_id = $_GET [ 'go' ];
        $link_id = (int) $link_id;
        if ( ! is_int ( $link_id ) ) {
            die ( "You can't be forwarded to a non numerical URL link ID. If you think this is incorrect, please send an email to shorte@dev.bryanpedini.it with this URL: https://sh.bjphoster.com/?go=" . $link_id . " for more investigations" );
        }
        $db_connection = db_connect ( );
        $statement = db_prepare ( $db_connection, "SELECT links.URL FROM links WHERE links.ID = ?" );
        $parameters = [
            [ "i" ],
            [ &$link_id ],
        ];
        db_bind ( $statement, $parameters );
        db_execute ( $statement );
        $result = $statement->get_result ( );
        $row = $result->fetch_assoc ( );
        if ( ! $row ) {
            include ( 'errors/404.html' );
        }
        else {
            include ( 'includes/redirect.html' );
            echo ( '<script>var my_location = "' . $row [ 'URL' ] . '";</script>' );
        }
    }
    elseif ( isset ( $_REQUEST [ 'username' ] ) && isset  ( $_REQUEST [ 'password' ] ) ) {
        $username = $_REQUEST [ 'username' ];
        $password = $_REQUEST [ 'password' ];
        $db_connection = db_connect ( );
        $statement = db_prepare ( $db_connection, "SELECT users.id FROM users WHERE users.username = ? AND users.password = ?" );
        $parameters = [
            [ "ss" ],
            [ &$username, &$password ],
        ];
        db_bind ( $statement, $parameters );
        db_execute ( $statement );
        $result = $statement->get_result ( );
        $row = $result->fetch_assoc ( );
        if ( ! $row ) {
            header ( 'Content-Type: application/json' );
            $response = [
                'status' => 401,
                'error_message' => 'Username or password not correct.',
            ];
            echo ( json_encode ( $response ) );
        }
        else {
            $_SESSION [ 'user_id' ] = $row [ 'id' ];
            header ( 'Content-Type: application/json' );
            $response = [
                'status' => 200,
                'message' => 'Authentication succesfully executed.',
            ];
            echo ( json_encode ( $response ) );
        }
    }
    elseif ( isset ( $_GET [ 'logout' ] ) ) {
        $_SESSION = array ( );
        session_destroy ( );
        header ( "Location: " . $_SERVER [ 'SCRIPT_NAME' ] );
    }
    else {
        if ( ! isset ( $_SESSION [ 'user_id' ] ) ) {
?>
<!DOCTYPE html>
<html>
    <head>
        <title>BJPHoster URL Shortener | Login</title>
    </head>
    <body>
        <input type="text" id="form-username"><br>
        <input type="password" id="form-password"><br>
        <button onclick="login()">Login</button><br>
        <div id="responsetext"></div>
        <script src="js/sha512.min.js"></script>
        <script src="js/login.js"></script>
        <script>var script_name = "<?php echo $_SERVER['SCRIPT_NAME']?>";</script>
    </body>
</html>
<?php
        }
        else {
            if ( isset ( $_POST [ 'url' ] ) ) {
                $url = $_POST [ 'url' ];
                $db_connection = db_connect ( );
                $statement = db_prepare ( $db_connection, "INSERT INTO `links` ( `ID`, `URL`, `created_by` ) VALUES ( NULL, ?, " . $_SESSION [ 'user_id' ] . " );" );
                $parameters = [
                    [ "s" ],
                    [ &$url ],
                ];
                db_bind ( $statement, $parameters );
                db_execute ( $statement );
                $statement = db_prepare ( $db_connection, "SELECT COUNT( links.ID ) as `count` FROM links;");
                db_execute ( $statement );
                $result = $statement->get_result ( );
                $row = $result->fetch_assoc ( );
                header ( 'Content-Type: application/json' );
                $response = [
                    'status' => 200,
                    'message' => 'URL inserted correctly.',
                    'new_id' => $row [ 'count' ],
                ];
                echo ( json_encode ( $response ) );
            }
            else {
                $db_connection = db_connect ( );
                $statement = db_prepare ( $db_connection, "SELECT links.ID, links.URL FROM links WHERE links.created_by = " . $_SESSION [ 'user_id' ] );
                db_execute ( $statement );
                $result = $statement->get_result ( );
                $row = $result->fetch_assoc ( );
?>
<!DOCTYPE html>
<html>
    <head>
        <title>BJPHoster URL Shortener | Control Panel</title>
    </head>
    <body>
        <button onclick="logout()">Logout</button>
        <div id="urllist">
<?php
                if ( ! $row ) {
                    echo ( "You have not created any URL yet.<br>" );
                }
                else {
                    do {
                        echo ( "\t\t\t" . '<div>' . $row [ 'ID' ] . " | " . $row [ 'URL' ] . "</div>\n" );
                    } while ( $row = $result->fetch_assoc ( ) );
                }
?>
        </div>
        <input type="text" id="form-url" placeholder="URL:">
        <button onclick="urlinsert()">Insert new URL</button><br>
        <div id="responsetext"></div>
        <script src="js/insertnew.js"></script>
        <script>var script_name = "<?=$_SERVER['SCRIPT_NAME']?>";</script>
    </body>
</html>
<?php
            }
        }
    }
?>
first version of the website, it works as intended. 2019-01-26 22:34:48 +00:00			`<?php`
			`session_start ( );`
			`require_once ( 'config.php' );`
			`require_once ( 'functions.php' );`
			`if ( isset ( $_GET [ 'go' ] ) ) {`
			`$link_id = $_GET [ 'go' ];`
			`$link_id = (int) $link_id;`
			`if ( ! is_int ( $link_id ) ) {`
			`die ( "You can't be forwarded to a non numerical URL link ID. If you think this is incorrect, please send an email to shorte@dev.bryanpedini.it with this URL: https://sh.bjphoster.com/?go=" . $link_id . " for more investigations" );`
			`}`
			`$db_connection = db_connect ( );`
			`$statement = db_prepare ( $db_connection, "SELECT links.URL FROM links WHERE links.ID = ?" );`
			`$parameters = [`
			`[ "i" ],`
			`[ &$link_id ],`
			`];`
			`db_bind ( $statement, $parameters );`
			`db_execute ( $statement );`
			`$result = $statement->get_result ( );`
			`$row = $result->fetch_assoc ( );`
			`if ( ! $row ) {`
			`include ( 'errors/404.html' );`
			`}`
			`else {`
			`include ( 'includes/redirect.html' );`
			`echo ( '<script>var my_location = "' . $row [ 'URL' ] . '";</script>' );`
			`}`
			`}`
			`elseif ( isset ( $_REQUEST [ 'username' ] ) && isset ( $_REQUEST [ 'password' ] ) ) {`
			`$username = $_REQUEST [ 'username' ];`
			`$password = $_REQUEST [ 'password' ];`
			`$db_connection = db_connect ( );`
			`$statement = db_prepare ( $db_connection, "SELECT users.id FROM users WHERE users.username = ? AND users.password = ?" );`
			`$parameters = [`
			`[ "ss" ],`
			`[ &$username, &$password ],`
			`];`
			`db_bind ( $statement, $parameters );`
			`db_execute ( $statement );`
			`$result = $statement->get_result ( );`
			`$row = $result->fetch_assoc ( );`
			`if ( ! $row ) {`
			`header ( 'Content-Type: application/json' );`
			`$response = [`
			`'status' => 401,`
			`'error_message' => 'Username or password not correct.',`
			`];`
			`echo ( json_encode ( $response ) );`
			`}`
			`else {`
			`$_SESSION [ 'user_id' ] = $row [ 'id' ];`
			`header ( 'Content-Type: application/json' );`
			`$response = [`
			`'status' => 200,`
			`'message' => 'Authentication succesfully executed.',`
			`];`
			`echo ( json_encode ( $response ) );`
			`}`
			`}`
			`elseif ( isset ( $_GET [ 'logout' ] ) ) {`
			`$_SESSION = array ( );`
			`session_destroy ( );`
Minor bug fixes, added URL link on redirect page. 2019-02-07 10:51:47 +00:00			`header ( "Location: " . $_SERVER [ 'SCRIPT_NAME' ] );`
first version of the website, it works as intended. 2019-01-26 22:34:48 +00:00			`}`
			`else {`
			`if ( ! isset ( $_SESSION [ 'user_id' ] ) ) {`
			`?>`
			`<!DOCTYPE html>`
			`<html>`
			`<head>`
			`<title>BJPHoster URL Shortener \| Login</title>`
			`</head>`
			`<body>`
			`<input type="text" id="form-username"><br>`
			`<input type="password" id="form-password"><br>`
			`<button onclick="login()">Login</button><br>`
			`<div id="responsetext"></div>`
			`<script src="js/sha512.min.js"></script>`
			`<script src="js/login.js"></script>`
Minor bug fixes, added URL link on redirect page. 2019-02-07 10:51:47 +00:00			`<script>var script_name = "<?php echo $_SERVER['SCRIPT_NAME']?>";</script>`
first version of the website, it works as intended. 2019-01-26 22:34:48 +00:00			`</body>`
			`</html>`
			`<?php`
			`}`
			`else {`
			`if ( isset ( $_POST [ 'url' ] ) ) {`
			`$url = $_POST [ 'url' ];`
			`$db_connection = db_connect ( );`
			$statement = db_prepare ( $db_connection, "INSERT INTO `links` ( `ID`, `URL`, `created_by` ) VALUES ( NULL, ?, " . $_SESSION [ 'user_id' ] . " );" );
			`$parameters = [`
			`[ "s" ],`
			`[ &$url ],`
			`];`
			`db_bind ( $statement, $parameters );`
			`db_execute ( $statement );`
			$statement = db_prepare ( $db_connection, "SELECT COUNT( links.ID ) as `count` FROM links;");
			`db_execute ( $statement );`
			`$result = $statement->get_result ( );`
			`$row = $result->fetch_assoc ( );`
			`header ( 'Content-Type: application/json' );`
			`$response = [`
			`'status' => 200,`
			`'message' => 'URL inserted correctly.',`
			`'new_id' => $row [ 'count' ],`
			`];`
			`echo ( json_encode ( $response ) );`
			`}`
			`else {`
			`$db_connection = db_connect ( );`
			`$statement = db_prepare ( $db_connection, "SELECT links.ID, links.URL FROM links WHERE links.created_by = " . $_SESSION [ 'user_id' ] );`
			`db_execute ( $statement );`
			`$result = $statement->get_result ( );`
			`$row = $result->fetch_assoc ( );`
			`?>`
			`<!DOCTYPE html>`
			`<html>`
			`<head>`
			`<title>BJPHoster URL Shortener \| Control Panel</title>`
			`</head>`
			`<body>`
			`<button onclick="logout()">Logout</button>`
			`<div id="urllist">`
			`<?php`
			`if ( ! $row ) {`
			`echo ( "You have not created any URL yet.<br>" );`
			`}`
			`else {`
			`do {`
			`echo ( "\t\t\t" . '<div>' . $row [ 'ID' ] . " \| " . $row [ 'URL' ] . "</div>\n" );`
			`} while ( $row = $result->fetch_assoc ( ) );`
			`}`
			`?>`
			`</div>`
			`<input type="text" id="form-url" placeholder="URL:">`
			`<button onclick="urlinsert()">Insert new URL</button><br>`
			`<div id="responsetext"></div>`
			`<script src="js/insertnew.js"></script>`
Minor bug fixes, added URL link on redirect page. 2019-02-07 10:51:47 +00:00			`<script>var script_name = "<?=$_SERVER['SCRIPT_NAME']?>";</script>`
first version of the website, it works as intended. 2019-01-26 22:34:48 +00:00			`</body>`
			`</html>`
			`<?php`
			`}`
			`}`
			`}`
			`?>`