bryanpedini/OpenShorte.old
Archived
0
0
Fork 0
Code Releases Activity

Updated the login page with a new cool template.

Browse Source 
Source template from https://bootsnipp.com/snippets/z8aQr.
This commit is contained in:
Bryan Pedini
2019-03-18 11:23:48 +01:00
parent 81134c90e6
commit 7b5a149477
6 changed files with 195 additions and 108 deletions
Download Patch File Download Diff File Expand all files Collapse all files

107
index.php
View File

@@ -6,115 +6,16 @@
if ( isset ( $request [ 0 ] ) && $request [ 0 ] != "" ) {
switch ( $request [ 0 ] ) {
case "go":
if ( isset ( $request [ 1 ] ) ) {
$link_id = $request [ 1 ];
if ( ! ctype_digit ( $link_id ) ) {
die ( "You can't be forwarded to a non numerical URL link ID. If you think this is incorrect, please send an email to shorte@dev.bryanpedini.it with this URL: https://sh.bjphoster.com/?go=" . $link_id . " for more investigations" );
}
$link_id = (int) $link_id;
$db_connection = db_connect ( );
$statement = db_prepare ( $db_connection, "SELECT links.URL FROM links WHERE links.ID = ?" );
$parameters = [
[ "i" ],
[ &$link_id ],
];
db_bind ( $statement, $parameters );
db_execute ( $statement );
$result = $statement->get_result ( );
$row = $result->fetch_assoc ( );
if ( ! $row ) {
http_response_code ( 404 );
include ( 'errors/404.html' );
exit;
}
else {
include ( 'templates/redirect.html' );
echo ( '<script>var my_location = "' . $row [ 'URL' ] . '";</script>' );
}
}
else {
header ( "Location: " . substr ( $_SERVER [ 'SCRIPT_NAME' ], 0, -10 ) );
}
include ( 'lib/php/go.php' );
break;
case "login":
if ( isset ( $_SESSION [ 'user_id' ] ) ) {
header ( "Location: " . substr ( $_SERVER [ 'SCRIPT_NAME' ], 0, -10 ) . "/insert" );
exit;
}
if ( isset ( $_POST [ 'username' ] ) && isset ( $_POST [ 'password' ] ) ) {
$username = $_POST [ 'username' ];
$password = $_POST [ 'password' ];
$db_connection = db_connect ( );
$statement = db_prepare ( $db_connection, "SELECT users.id FROM users WHERE users.username = ? AND users.password = ?" );
$parameters = [
[ "ss" ],
[ &$username, &$password ],
];
db_bind ( $statement, $parameters );
db_execute ( $statement );
$result = $statement->get_result ( );
$row = $result->fetch_assoc ( );
if ( ! $row ) {
header ( 'Content-Type: application/json' );
$response = [
'status' => 401,
'error_message' => 'Username or password not correct.',
];
echo ( json_encode ( $response ) );
}
else {
$_SESSION [ 'user_id' ] = $row [ 'id' ];
header ( 'Content-Type: application/json' );
$response = [
'status' => 200,
'message' => 'Authentication succesfully executed.',
];
echo ( json_encode ( $response ) );
}
}
else {
include ( 'lib/php/login.php' );
}
include ( 'lib/php/login.php' );
break;
case "logout":
$_SESSION = array ( );
session_destroy ( );
header ( "Location: " . substr ( $_SERVER [ 'SCRIPT_NAME' ], 0, -10 ) . "/" );
include ( 'lib/php/logout.php' );
break;
case "insert":
if ( ! isset ( $_SESSION [ 'user_id' ] ) ) {
header ( "Location: " . substr ( $_SERVER [ 'SCRIPT_NAME' ], 0, -10 ) . "/login" );
}
if ( isset ( $_POST [ 'url' ] ) ) {
$url = $_POST [ 'url' ];
$db_connection = db_connect ( );
$statement = db_prepare ( $db_connection, "INSERT INTO `links` ( `ID`, `URL`, `created_by` ) VALUES ( NULL, ?, " . $_SESSION [ 'user_id' ] . " );" );
$parameters = [
[ "s" ],
[ &$url ],
];
db_bind ( $statement, $parameters );
db_execute ( $statement );
$statement = db_prepare ( $db_connection, "SELECT COUNT( links.ID ) as `count` FROM links;");
db_execute ( $statement );
$result = $statement->get_result ( );
$row = $result->fetch_assoc ( );
header ( 'Content-Type: application/json' );
$response = [
'status' => 200,
'message' => 'URL inserted correctly.',
'new_id' => $row [ 'count' ],
];
echo ( json_encode ( $response ) );
}
else {
$db_connection = db_connect ( );
$statement = db_prepare ( $db_connection, "SELECT links.ID, links.URL FROM links WHERE links.created_by = " . $_SESSION [ 'user_id' ] );
db_execute ( $statement );
$result = $statement->get_result ( );
$row = $result->fetch_assoc ( );
include ( 'lib/php/insert.php' );
}
include ( 'lib/php/insert.php' );
break;
default:
http_response_code ( 404 );