get_result ( ); $row = $result->fetch_assoc ( ); if ( ! $row ) { include ( 'errors/404.html' ); } else { include ( 'templates/redirect.html' ); echo ( '' ); } } break; case "login": if ( isset ( $_SESSION [ 'user_id' ] ) ) { header ( "Location: " . substr ( $_SERVER [ 'SCRIPT_NAME' ], 0, -10 ) . "/insert" ); exit; } if ( isset ( $_POST [ 'username' ] ) && isset ( $_POST [ 'password' ] ) ) { $username = $_POST [ 'username' ]; $password = $_POST [ 'password' ]; $db_connection = db_connect ( ); $statement = db_prepare ( $db_connection, "SELECT users.id FROM users WHERE users.username = ? AND users.password = ?" ); $parameters = [ [ "ss" ], [ &$username, &$password ], ]; db_bind ( $statement, $parameters ); db_execute ( $statement ); $result = $statement->get_result ( ); $row = $result->fetch_assoc ( ); if ( ! $row ) { header ( 'Content-Type: application/json' ); $response = [ 'status' => 401, 'error_message' => 'Username or password not correct.', ]; echo ( json_encode ( $response ) ); } else { $_SESSION [ 'user_id' ] = $row [ 'id' ]; header ( 'Content-Type: application/json' ); $response = [ 'status' => 200, 'message' => 'Authentication succesfully executed.', ]; echo ( json_encode ( $response ) ); } } else { include ( 'templates/login.php' ); } break; case "logout": $_SESSION = array ( ); session_destroy ( ); header ( "Location: " . substr ( $_SERVER [ 'SCRIPT_NAME' ], 0, -10 ) ); break; case "insert": if ( ! isset ( $_SESSION [ 'user_id' ] ) ) { header ( "Location: " . substr ( $_SERVER [ 'SCRIPT_NAME' ], 0, -10 ) . "/login" ); } if ( isset ( $_POST [ 'url' ] ) ) { $url = $_POST [ 'url' ]; $db_connection = db_connect ( ); $statement = db_prepare ( $db_connection, "INSERT INTO `links` ( `ID`, `URL`, `created_by` ) VALUES ( NULL, ?, " . $_SESSION [ 'user_id' ] . " );" ); $parameters = [ [ "s" ], [ &$url ], ]; db_bind ( $statement, $parameters ); db_execute ( $statement ); $statement = db_prepare ( $db_connection, "SELECT COUNT( links.ID ) as `count` FROM links;"); db_execute ( $statement ); $result = $statement->get_result ( ); $row = $result->fetch_assoc ( ); header ( 'Content-Type: application/json' ); $response = [ 'status' => 200, 'message' => 'URL inserted correctly.', 'new_id' => $row [ 'count' ], ]; echo ( json_encode ( $response ) ); } else { $db_connection = db_connect ( ); $statement = db_prepare ( $db_connection, "SELECT links.ID, links.URL FROM links WHERE links.created_by = " . $_SESSION [ 'user_id' ] ); db_execute ( $statement ); $result = $statement->get_result ( ); $row = $result->fetch_assoc ( ); include ( 'templates/insert.php' ); } break; default: http_response_code ( 404 ); echo "fuck, 404!"; die ( ); } } else { header ( "Location: " . substr ( $_SERVER [ 'SCRIPT_NAME' ], 0, -10 ) . "/login" ); } ?>