bryanpedini/OpenShorte.old
Archived
0
0
Fork 0
Code Releases Activity

Refactored the website

Browse Source 
Renamed "includes" to "templates"
Added .htaccess to redirect requests to index.php
Added function to split request URL into array
Corrected locations in scripts and pages
This commit is contained in:
Bryan Pedini 2019-02-07 12:36:44 +01:00
parent 9210890eda
commit 7acb2ca533
No known key found for this signature in database
GPG Key ID: 688D440AE31B40C2
8 changed files with 173 additions and 138 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.htaccess Normal file
View File

@ -0,0 +1,3 @@
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ index.php?query=$1 [L,QSA]

13
functions.php
View File

@ -24,4 +24,17 @@
die ( "Execute failed: (" . $statement->errno . ") " . $statement->error );
}
}
function split_uri_array ( string $php_self, string $request_uri ) : Array {
$uri = substr ( $request_uri, strlen ( substr ( $php_self, 0, strrpos ( $php_self, 'index.php' ) ) ), strlen ( $request_uri ) - strlen ( substr ( $php_self, 0, strrpos ( $php_self, 'index.php' ) ) ) );
$arr = Array ( );
$last_arg_pos = 0;
for ( $i = 1; $i < ( strlen ( $uri ) ) - 1; $i ++ ) {
if ( substr ( $uri, $i, 1 ) == "/" && substr ( $uri, $i + 1, 1 ) != "/" && substr ( $uri, $i - 1, 1 ) != "/" ) {
$arr [ ] = substr ( $uri, $last_arg_pos, $i - $last_arg_pos);
$last_arg_pos = $i + 1;
}
}
$arr [ ] = substr ( $uri, $last_arg_pos, $i - $last_arg_pos + 1);
return $arr;
}
?>

90
index.php
View File

@ -2,8 +2,12 @@
session_start ( );
require_once ( 'config.php' );
require_once ( 'functions.php' );
if ( isset ( $_GET [ 'go' ] ) ) {
$link_id = $_GET [ 'go' ];
$request = split_uri_array ( $_SERVER [ 'SCRIPT_NAME' ], $_SERVER [ 'REQUEST_URI' ] );
if ( isset ( $request [ 0 ] ) && $request [ 0 ] != "" ) {
switch ( $request [ 0 ] ) {
case "go":
if ( isset ( $request [ 1 ] ) ) {
$link_id = $request [ 1 ];
$link_id = (int) $link_id;
if ( ! is_int ( $link_id ) ) {
die ( "You can't be forwarded to a non numerical URL link ID. If you think this is incorrect, please send an email to shorte@dev.bryanpedini.it with this URL: https://sh.bjphoster.com/?go=" . $link_id . " for more investigations" );
@ -22,13 +26,19 @@
include ( 'errors/404.html' );
}
else {
include ( 'includes/redirect.html' );
include ( 'templates/redirect.html' );
echo ( '<script>var my_location = "' . $row [ 'URL' ] . '";</script>' );
}
}
elseif ( isset ( $_REQUEST [ 'username' ] ) && isset ( $_REQUEST [ 'password' ] ) ) {
$username = $_REQUEST [ 'username' ];
$password = $_REQUEST [ 'password' ];
break;
case "login":
if ( isset ( $_SESSION [ 'user_id' ] ) ) {
header ( "Location: " . substr ( $_SERVER [ 'SCRIPT_NAME' ], 0, -10 ) . "/insert" );
exit;
}
if ( isset ( $_POST [ 'username' ] ) && isset ( $_POST [ 'password' ] ) ) {
$username = $_POST [ 'username' ];
$password = $_POST [ 'password' ];
$db_connection = db_connect ( );
$statement = db_prepare ( $db_connection, "SELECT users.id FROM users WHERE users.username = ? AND users.password = ?" );
$parameters = [
@ -57,32 +67,19 @@
echo ( json_encode ( $response ) );
}
}
elseif ( isset ( $_GET [ 'logout' ] ) ) {
else {
include ( 'templates/login.php' );
}
break;
case "logout":
$_SESSION = array ( );
session_destroy ( );
header ( "Location: " . $_SERVER [ 'SCRIPT_NAME' ] );
}
else {
header ( "Location: " . substr ( $_SERVER [ 'SCRIPT_NAME' ], 0, -10 ) );
break;
case "insert":
if ( ! isset ( $_SESSION [ 'user_id' ] ) ) {
?>
<!DOCTYPE html>
<html>
<head>
<title>BJPHoster URL Shortener | Login</title>
</head>
<body>
<input type="text" id="form-username"><br>
<input type="password" id="form-password"><br>
<button onclick="login()">Login</button><br>
<div id="responsetext"></div>
<script src="js/sha512.min.js"></script>
<script src="js/login.js"></script>
<script>var script_name = "<?php echo $_SERVER['SCRIPT_NAME']?>";</script>
</body>
</html>
<?php
header ( "Location: " . substr ( $_SERVER [ 'SCRIPT_NAME' ], 0, -10 ) . "/login" );
}
else {
if ( isset ( $_POST [ 'url' ] ) ) {
$url = $_POST [ 'url' ];
$db_connection = db_connect ( );
@ -111,35 +108,16 @@
db_execute ( $statement );
$result = $statement->get_result ( );
$row = $result->fetch_assoc ( );
?>
<!DOCTYPE html>
<html>
<head>
<title>BJPHoster URL Shortener | Control Panel</title>
</head>
<body>
<button onclick="logout()">Logout</button>
<div id="urllist">
<?php
if ( ! $row ) {
echo ( "You have not created any URL yet.<br>" );
include ( 'templates/insert.php' );
}
break;
default:
http_response_code ( 404 );
echo "fuck, 404!";
die ( );
}
}
else {
do {
echo ( "\t\t\t" . '<div>' . $row [ 'ID' ] . " | " . $row [ 'URL' ] . "</div>\n" );
} while ( $row = $result->fetch_assoc ( ) );
}
?>
</div>
<input type="text" id="form-url" placeholder="URL:">
<button onclick="urlinsert()">Insert new URL</button><br>
<div id="responsetext"></div>
<script src="js/insertnew.js"></script>
<script>var script_name = "<?=$_SERVER['SCRIPT_NAME']?>";</script>
</body>
</html>
<?php
}
}
header ( "Location: " . substr ( $_SERVER [ 'SCRIPT_NAME' ], 0, -10 ) . "/login" );
}
?>

4
js/insertnew.js
View File

@ -1,7 +1,7 @@
function urlinsert() {
var url = document.getElementById ( "form-url" ).value;
var xhr = new XMLHttpRequest ( );
xhr.open ( "POST", 'index.php', true );
xhr.open ( "POST", 'insert', true );
xhr.onreadystatechange = function ( ) {
if ( xhr.readyState == XMLHttpRequest.DONE && xhr.status == 200 ) {
if (xhr.status == 200) {
@ -28,5 +28,5 @@ function urlinsert() {
xhr.send( data );
}
function logout ( ) {
window.location.href = script_name+"?logout";
window.location.href = script_name+"/logout";
}

2
js/login.js
View File

@ -3,7 +3,7 @@ function login() {
var password = document.getElementById ( "form-password" ).value;
password = SHA512 ( password );
var xhr = new XMLHttpRequest ( );
xhr.open ( "POST", 'index.php', true );
xhr.open ( "POST", 'login', true );
xhr.onreadystatechange = function ( ) {
if ( xhr.readyState == XMLHttpRequest.DONE && xhr.status == 200 ) {
if (xhr.status == 200) {

26
templates/insert.php Normal file
View File

@ -0,0 +1,26 @@
<!DOCTYPE html>
<html>
<head>
<title>BJPHoster URL Shortener | Control Panel</title>
</head>
<body>
<button onclick="logout()">Logout</button>
<div id="urllist">
<?php
if ( ! $row ) {
echo ( "You have not created any URL yet.<br>" );
}
else {
do {
echo ( "\t\t\t" . '<div>' . $row [ 'ID' ] . " | " . $row [ 'URL' ] . "</div>\n" );
} while ( $row = $result->fetch_assoc ( ) );
}
?>
</div>
<input type="text" id="form-url" placeholder="URL:">
<button onclick="urlinsert()">Insert new URL</button><br>
<div id="responsetext"></div>
<script src="js/insertnew.js"></script>
<script>var script_name = "<?=substr($_SERVER['SCRIPT_NAME'],0,-10)?>";</script>
</body>
</html>

15
templates/login.php Normal file
View File

@ -0,0 +1,15 @@
<!DOCTYPE html>
<html>
<head>
<title>BJPHoster URL Shortener | Login</title>
</head>
<body>
<input type="text" id="form-username"><br>
<input type="password" id="form-password"><br>
<button onclick="login()">Login</button><br>
<div id="responsetext"></div>
<script src="js/sha512.min.js"></script>
<script src="js/login.js"></script>
<script>var script_name = "<?=substr($_SERVER['SCRIPT_NAME'],0,-10)?>";</script>
</body>
</html>

0
includes/redirect.html → templates/redirect.html
View File