bryanpedini/OpenShorte.old
Archived
0
0
Fork 0
Code Releases Activity

Updated the login page with a new cool template.

Browse Source 
Source template from https://bootsnipp.com/snippets/z8aQr.
This commit is contained in:
Bryan Pedini 2019-03-18 11:23:48 +01:00
parent 81134c90e6
commit 7b5a149477
No known key found for this signature in database
GPG Key ID: 688D440AE31B40C2
6 changed files with 195 additions and 108 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

107
index.php
View File

@ -6,115 +6,16 @@
if ( isset ( $request [ 0 ] ) && $request [ 0 ] != "" ) { if ( isset ( $request [ 0 ] ) && $request [ 0 ] != "" ) {
switch ( $request [ 0 ] ) { switch ( $request [ 0 ] ) {
case "go": case "go":
if ( isset ( $request [ 1 ] ) ) { include ( 'lib/php/go.php' );
$link_id = $request [ 1 ];
if ( ! ctype_digit ( $link_id ) ) {
die ( "You can't be forwarded to a non numerical URL link ID. If you think this is incorrect, please send an email to shorte@dev.bryanpedini.it with this URL: https://sh.bjphoster.com/?go=" . $link_id . " for more investigations" );
}
$link_id = (int) $link_id;
$db_connection = db_connect ( );
$statement = db_prepare ( $db_connection, "SELECT links.URL FROM links WHERE links.ID = ?" );
$parameters = [
[ "i" ],
[ &$link_id ],
];
db_bind ( $statement, $parameters );
db_execute ( $statement );
$result = $statement->get_result ( );
$row = $result->fetch_assoc ( );
if ( ! $row ) {
http_response_code ( 404 );
include ( 'errors/404.html' );
exit;
}
else {
include ( 'templates/redirect.html' );
echo ( '<script>var my_location = "' . $row [ 'URL' ] . '";</script>' );
}
}
else {
header ( "Location: " . substr ( $_SERVER [ 'SCRIPT_NAME' ], 0, -10 ) );
}
break; break;
case "login": case "login":
if ( isset ( $_SESSION [ 'user_id' ] ) ) { include ( 'lib/php/login.php' );
header ( "Location: " . substr ( $_SERVER [ 'SCRIPT_NAME' ], 0, -10 ) . "/insert" );
exit;
}
if ( isset ( $_POST [ 'username' ] ) && isset ( $_POST [ 'password' ] ) ) {
$username = $_POST [ 'username' ];
$password = $_POST [ 'password' ];
$db_connection = db_connect ( );
$statement = db_prepare ( $db_connection, "SELECT users.id FROM users WHERE users.username = ? AND users.password = ?" );
$parameters = [
[ "ss" ],
[ &$username, &$password ],
];
db_bind ( $statement, $parameters );
db_execute ( $statement );
$result = $statement->get_result ( );
$row = $result->fetch_assoc ( );
if ( ! $row ) {
header ( 'Content-Type: application/json' );
$response = [
'status' => 401,
'error_message' => 'Username or password not correct.',
];
echo ( json_encode ( $response ) );
}
else {
$_SESSION [ 'user_id' ] = $row [ 'id' ];
header ( 'Content-Type: application/json' );
$response = [
'status' => 200,
'message' => 'Authentication succesfully executed.',
];
echo ( json_encode ( $response ) );
}
}
else {
include ( 'lib/php/login.php' );
}
break; break;
case "logout": case "logout":
$_SESSION = array ( ); include ( 'lib/php/logout.php' );
session_destroy ( );
header ( "Location: " . substr ( $_SERVER [ 'SCRIPT_NAME' ], 0, -10 ) . "/" );
break; break;
case "insert": case "insert":
if ( ! isset ( $_SESSION [ 'user_id' ] ) ) { include ( 'lib/php/insert.php' );
header ( "Location: " . substr ( $_SERVER [ 'SCRIPT_NAME' ], 0, -10 ) . "/login" );
}
if ( isset ( $_POST [ 'url' ] ) ) {
$url = $_POST [ 'url' ];
$db_connection = db_connect ( );
$statement = db_prepare ( $db_connection, "INSERT INTO `links` ( `ID`, `URL`, `created_by` ) VALUES ( NULL, ?, " . $_SESSION [ 'user_id' ] . " );" );
$parameters = [
[ "s" ],
[ &$url ],
];
db_bind ( $statement, $parameters );
db_execute ( $statement );
$statement = db_prepare ( $db_connection, "SELECT COUNT( links.ID ) as `count` FROM links;");
db_execute ( $statement );
$result = $statement->get_result ( );
$row = $result->fetch_assoc ( );
header ( 'Content-Type: application/json' );
$response = [
'status' => 200,
'message' => 'URL inserted correctly.',
'new_id' => $row [ 'count' ],
];
echo ( json_encode ( $response ) );
}
else {
$db_connection = db_connect ( );
$statement = db_prepare ( $db_connection, "SELECT links.ID, links.URL FROM links WHERE links.created_by = " . $_SESSION [ 'user_id' ] );
db_execute ( $statement );
$result = $statement->get_result ( );
$row = $result->fetch_assoc ( );
include ( 'lib/php/insert.php' );
}
break; break;
default: default:
http_response_code ( 404 ); http_response_code ( 404 );

31
lib/php/go.php Normal file
View File

@ -0,0 +1,31 @@
<?php
if ( isset ( $request [ 1 ] ) ) {
$link_id = $request [ 1 ];
if ( ! ctype_digit ( $link_id ) ) {
die ( "You can't be forwarded to a non numerical URL link ID. If you think this is incorrect, please send an email to shorte@dev.bryanpedini.it with this URL: https://sh.bjphoster.com/?go=" . $link_id . " for more investigations" );
}
$link_id = (int) $link_id;
$db_connection = db_connect ( );
$statement = db_prepare ( $db_connection, "SELECT links.URL FROM links WHERE links.ID = ?" );
$parameters = [
[ "i" ],
[ &$link_id ],
];
db_bind ( $statement, $parameters );
db_execute ( $statement );
$result = $statement->get_result ( );
$row = $result->fetch_assoc ( );
if ( ! $row ) {
http_response_code ( 404 );
include ( 'errors/404.html' );
exit;
}
else {
include ( 'templates/redirect.html' );
echo ( '<script>var my_location = "' . $row [ 'URL' ] . '";</script>' );
}
}
else {
header ( "Location: " . substr ( $_SERVER [ 'SCRIPT_NAME' ], 0, -10 ) );
}
?>

36
lib/php/insert.php
View File

@ -1,3 +1,36 @@
<?php
if ( ! isset ( $_SESSION [ 'user_id' ] ) ) {
header ( "Location: " . substr ( $_SERVER [ 'SCRIPT_NAME' ], 0, -10 ) . "/login" );
}
if ( isset ( $_POST [ 'url' ] ) ) {
$url = $_POST [ 'url' ];
$db_connection = db_connect ( );
$statement = db_prepare ( $db_connection, "INSERT INTO `links` ( `ID`, `URL`, `created_by` ) VALUES ( NULL, ?, " . $_SESSION [ 'user_id' ] . " );" );
$parameters = [
[ "s" ],
[ &$url ],
];
db_bind ( $statement, $parameters );
db_execute ( $statement );
$statement = db_prepare ( $db_connection, "SELECT COUNT( links.ID ) as `count` FROM links;");
db_execute ( $statement );
$result = $statement->get_result ( );
$row = $result->fetch_assoc ( );
header ( 'Content-Type: application/json' );
$response = [
'status' => 200,
'message' => 'URL inserted correctly.',
'new_id' => $row [ 'count' ],
];
echo ( json_encode ( $response ) );
}
else {
$db_connection = db_connect ( );
$statement = db_prepare ( $db_connection, "SELECT links.ID, links.URL FROM links WHERE links.created_by = " . $_SESSION [ 'user_id' ] );
db_execute ( $statement );
$result = $statement->get_result ( );
$row = $result->fetch_assoc ( );
?>
<!DOCTYPE html> <!DOCTYPE html>
<html> <html>
<head> <head>
@ -24,3 +57,6 @@
<script>var script_name = "<?=substr($_SERVER['SCRIPT_NAME'],0,-10)?>";</script> <script>var script_name = "<?=substr($_SERVER['SCRIPT_NAME'],0,-10)?>";</script>
</body> </body>
</html> </html>
<?php
}
?>

107
lib/php/login.php
View File

@ -1,15 +1,116 @@
<?php
if ( isset ( $_SESSION [ 'user_id' ] ) ) {
header ( "Location: " . substr ( $_SERVER [ 'SCRIPT_NAME' ], 0, -10 ) . "/insert" );
exit;
}
if ( isset ( $session [ 1 ] ) && $session [ 1 ] == "forgot" ) {
include ( 'lib/php/forgotpassword.php' );
exit;
}
if ( isset ( $_POST [ 'username' ] ) && isset ( $_POST [ 'password' ] ) ) {
$username = $_POST [ 'username' ];
$password = $_POST [ 'password' ];
$db_connection = db_connect ( );
$statement = db_prepare ( $db_connection, "SELECT users.id FROM users WHERE users.username = ? AND users.password = ?" );
$parameters = [
[ "ss" ],
[ &$username, &$password ],
];
db_bind ( $statement, $parameters );
db_execute ( $statement );
$result = $statement->get_result ( );
$row = $result->fetch_assoc ( );
if ( ! $row ) {
header ( 'Content-Type: application/json' );
$response = [
'status' => 401,
'error_message' => 'Username or password not correct.',
];
echo ( json_encode ( $response ) );
}
else {
$_SESSION [ 'user_id' ] = $row [ 'id' ];
header ( 'Content-Type: application/json' );
$response = [
'status' => 200,
'message' => 'Authentication succesfully executed.',
];
echo ( json_encode ( $response ) );
}
}
else {
?>
<!DOCTYPE html> <!DOCTYPE html>
<html> <html>
<head> <head>
<title>BJPHoster URL Shortener | Login</title> <title>BJPHoster URL Shortener | Login</title>
<link href="//maxcdn.bootstrapcdn.com/bootstrap/4.1.1/css/bootstrap.min.css" rel="stylesheet" id="bootstrap-css">
<style>
.login-container{
margin-top: 5%;
margin-bottom: 5%;
margin-left: 30%;
}
.login-form-1{
padding: 5%;
box-shadow: 0 5px 8px 0 rgba(0, 0, 0, 0.2), 0 9px 26px 0 rgba(0, 0, 0, 0.19);
}
.login-form-1 h3{
text-align: center;
color: #333;
}
.login-container form{
padding: 10%;
}
.btnSubmit
{
width: 50%;
border-radius: 1rem;
padding: 1.5%;
border: none;
cursor: pointer;
}
.login-form-1 .btnSubmit{
font-weight: 600;
color: #fff;
background-color: #0062cc;
}
.login-form-1 .ForgetPwd{
color: #0062cc;
font-weight: 600;
text-decoration: none;
}
</style>
</head> </head>
<body> <body>
<input type="text" id="form-username"><br> <div class="container login-container">
<input type="password" id="form-password"><br> <div class="row">
<button onclick="login()">Login</button><br> <div class="col-md-6 login-form-1">
<h3>Login for Form 1</h3>
<form>
<div class="form-group">
<input type="text" class="form-control" placeholder="Username" value="" id="form-username" />
</div>
<div class="form-group">
<input type="password" class="form-control" placeholder="Password" value="" id="form-password" />
</div>
<div class="form-group">
<input type="submit" class="btnSubmit" value="Login" onclick="login()" />
</div>
<div class="form-group">
<a href="<?=substr($_SERVER[ 'SCRIPT_NAME' ],0,-10)."/login/forgot"?>" class="ForgetPwd">Forgot Password?</a>
</div>
</form>
</div>
</div>
<div id="responsetext"></div> <div id="responsetext"></div>
<script src="//maxcdn.bootstrapcdn.com/bootstrap/4.1.1/js/bootstrap.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js"></script>
<script src="js/sha512.min.js"></script> <script src="js/sha512.min.js"></script>
<script src="js/login.js"></script> <script src="js/login.js"></script>
<script>var script_name = "<?=substr($_SERVER['SCRIPT_NAME'],0,-10)?>";</script> <script>var script_name = "<?=substr($_SERVER['SCRIPT_NAME'],0,-10)?>";</script>
</body> </body>
</html> </html>
<?php
}
?>

5
lib/php/logout.php Normal file
View File

@ -0,0 +1,5 @@
<?php
$_SESSION = array ( );
session_destroy ( );
header ( "Location: " . substr ( $_SERVER [ 'SCRIPT_NAME' ], 0, -10 ) . "/" );
?>

13
lib/php/lostpassword.php Normal file
View File

@ -0,0 +1,13 @@
<?php
?>
<!DOCTYPE HTML>
<html>
<head>
<title>BJPHoster URL Shortener | Password Reset</title>
</head>
<body>
<center>
<p>Reset your password here - Placeholder</p>
</center>
</body>
</html>