bosteen

1. <?php /* api.php ( lilURL implementation ) */
2.  
3. require_once 'includes/conf.php'; // <- site-specific settings
4. require_once 'includes/lilurl.php'; // <- lilURL class file
5.  
6. $lilurl = new lilURL();
7. $msg = '';
8.  
9. // if the form has been submitted
10. if ( isset($_POST['longurl']) )
11. {
12.     // escape bad characters from the user's url
13.     $longurl = trim(mysql_escape_string($_POST['longurl']));
14.  
15.     // set the protocol to not ok by default
16.     $protocol_ok = false;
17.    
18.     // if there's a list of allowed protocols,
19.     // check to make sure that the user's url uses one of them
20.     if ( count($allowed_protocols) )
21.     {
22.         foreach ( $allowed_protocols as $ap )
23.         {
24.             if ( strtolower(substr($longurl, 0, strlen($ap))) == strtolower($ap) )
25.             {
26.                 $protocol_ok = true;
27.                 break;
28.             }
29.         }
30.     }
31.     else // if there's no protocol list, screw all that
32.     {
33.         $protocol_ok = true;
34.     }
35.        
36.     // add the url to the database
37.     if ( $protocol_ok && $lilurl->add_url($longurl) )
38.     {
39.         if ( REWRITE ) // mod_rewrite style link
40.         {
41.             $url = 'http://'.$_SERVER['SERVER_NAME'].'/s/'.$lilurl->get_id($longurl);
42.         }
43.         else // regular GET style link
44.         {
45.             $url = 'http://'.$_SERVER['SERVER_NAME'].$_SERVER['PHP_SELF'].'?id='.$lilurl->get_id($longurl);
46.         }
47.         // Return a 201 w/ msg body = url
48.         header('HTTP/1.0 201 Created');
49.         $msg = $url;
50.     }
51.     elseif ( !$protocol_ok )
52.     {
53.         // Return 501 - Not Implemented (for unknown protocols)
54.         header('HTTP/1.0 501 Not Implemented');
55.             $msg = 'Invalid protocol!';
56.     }
57.     else
58.     {
59.         // Return a good ole 500 - Server Error
60.         header('HTTP/1.0 500 Server Error');
61.         $msg = 'Creation of your ur1 failed for some reason.';
62.     }
63. }
64. else // if the form hasn't been submitted, look for an id to redirect to
65. {
66.     if ( isSet($_GET['id']) ) // check GET first
67.     {
68.         $id = mysql_escape_string($_GET['id']);
69.     }
70.     elseif ( REWRITE ) // check the URI if we're using mod_rewrite
71.     {
72.         $explodo = explode('/', $_SERVER['REQUEST_URI']);
73.         $id = mysql_escape_string($explodo[count($explodo)-1]);
74.     }
75.     else // otherwise, just make it empty
76.     {
77.         $id = '';
78.     }
79.    
80.     // if the id isn't empty and it's not this file, redirect to it's url
81.     if ( $id != '' && $id != basename($_SERVER['PHP_SELF']) )
82.     {
83.         $location = $lilurl->get_url($id);
84.        
85.         if ( $location != -1 )
86.         {
87.             header('HTTP/1.0 200 OK');
88.             $msg = $location;
89.         }
90.         else
91.         {
92.             header('HTTP/1.0 404 Not Found');
93.             $msg = 'Sorry, but that ur1 isn\'t in our database.';
94.         }
95.     }
96. }
97.  
98. ?><?php echo $msg; ?>