// If captcha is enabled if($resultSettings[9]) { if($_POST['captcha'] !== "{$_SESSION['captcha']}" || empty($_POST['captcha'])) { echo '<div class="container-short"><div class="info">Sorry but the captcha is invalid.</div></div>'; return; } }
$postData = array('longUrl' => $_POST['short'], 'key' => $resultSettings[1]); // prepare the array for JSON encoding $jsonData = json_encode($postData); // encode to JSON format
// JSON string to object format $json = json_decode($response); if(empty($json->id)) { echo '<div class="container-short"><div class="info">Sorry but the link you have entered is not valid.</div></div>'; $x = 1; } else { //echo $json->id; //echo $json->longUrl; $gid = str_replace(array('http://goo.gl/', 'https://goo.gl/'), array('', ''), $json->id); // strip the goo.gl url and get the id alone if(ctype_alnum($_POST['custom']) || $_POST['custom'] == '') { // verify if the Alias is only letters+-numbers or if it empty/not set. if(!empty($_POST['custom'])) { // verify if the custom input is set if(verifyAlias('gid', 'alias', $gid, $_POST['custom']) == 0 && $_POST['custom'] !== 'disclaimer' && $_POST['custom'] !== 'privacy' && $_POST['custom'] !== 'contact' && $_POST['custom'] !== 'admin' && $_POST['custom'] !== 'api' && $_POST['custom'] !== 'welcome' && $_POST['custom'] !== 'tos' && $_POST['custom'] !== 'latest' && $_POST['custom'] !== 'stats' && $_POST['custom'] !== 'short') { // verify if the alias already exists or have the same value as the `gid` $query = sprintf("INSERT INTO links (`url`, `gid`, `alias`, `date`) VALUES ('%s', '%s', '%s', '%s')", mysqli_real_escape_string($db, $json->longUrl), mysqli_real_escape_string($db, $gid), mysqli_real_escape_string($db, $_POST['custom']), mysqli_real_escape_string($db, date("Y-m-d H:i:s"))); mysqli_query($db, $query); } else { echo '<div class="container-short"><div class="info">The current link can\'t have an alias.</div></div>'; $x = 1; } } else { if(verifyId('gid', $gid) == 0) { // Check if Google Shortened ID exists in the database $query = sprintf("INSERT INTO links (`url`, `gid`, `alias`, `date`) VALUES ('%s', '%s', '%s', '%s')", mysqli_real_escape_string($db, $json->longUrl), mysqli_real_escape_string($db, $gid), mysqli_real_escape_string($db, ''), mysqli_real_escape_string($db, date("Y-m-d H:i:s"))); mysqli_query($db, $query); } } } else { echo '<div class="container-short"><div class="info">The alias must consist only from letters and numbers.</div></div>'; $x = 1; } } mysqli_close($db); ?> <?php // OUTPUT THE RESULT if($x !== 1) { // Check if there is no error to display the content echo '<div class="container-short"><div class="short-container" id="focus">'; if(!empty($_POST['custom'])) { echo '<div class="text-inputs">Url Personalizzato:</div><input class="select" type="text" value="'.$confUrl.'/'.$_POST['custom'].'" readonly="readonly" /><br />'; } echo '<div class="text-inputs">Url Abbreviato:</div><input class="select" type="text" value="'.$confUrl.'/'.$gid.'" readonly="readonly" /><br />';