From a46a1ce6807555a8eb2041104fefc1ceaddc6d7b Mon Sep 17 00:00:00 2001 From: Chaoyi Zha Date: Wed, 1 Apr 2015 13:02:49 +0000 Subject: [PATCH] Fix secret URL stats and fix 404 --- r.php | 11 ++++++----- stats.php | 16 +++++++++++----- 2 files changed, 17 insertions(+), 10 deletions(-) diff --git a/r.php b/r.php index 70ffecdac..f2f056c5a 100644 --- a/r.php +++ b/r.php @@ -17,22 +17,23 @@ $row = mysqli_fetch_assoc($result); - -if (!$row['rurl']) { +if (!isset($row['rurl']) || strlen($row['rurl']) < 1) { header("Location: 404.php", true, 302); + die(); } if (strtolower($row['rurl']) == "disabled") { require_once 'layout-headerlg.php'; echo "

The link you are trying to reach has been disabled.


" . "Sorry for the inconvienience."; require_once 'layout-footerlg.php'; + die(); } $lkey = @$row['lkey']; -if (strlen($lkey)>1) { - // Key needed? Check for it +if (strlen($lkey) > 1) { + // check for key $sent_lkey = isset($_GET[$lkey]); if ($sent_lkey) { - // yup, right key...continue on + // correct key } else { require_once('layout-headerlg.php'); diff --git a/stats.php b/stats.php index 2310b4708..7b85494d5 100644 --- a/stats.php +++ b/stats.php @@ -7,18 +7,24 @@ require_once 'layout-footerlg.php'; die(); } -$query = "SELECT `clicks`,`country`,`rurl` FROM redirinfo WHERE baseval='{$bv}';"; +$query = "SELECT `clicks`,`country`,`rurl`,`lkey` FROM redirinfo WHERE baseval='{$bv}';"; $result = $mysqli->query($query); $row = mysqli_fetch_assoc($result); -if(!$row) { + +if(isset($row['lkey']) == true && strlen($row['lkey']) > 0) { + echo "

Cannot show stats for a secret URL

"; + die(); +} +if(!isset($row)) { echo "404 Not Found"; - require_once 'layout-footerlg.php';die(); + require_once 'layout-footerlg.php'; + die(); } -if(!$row['user']) { +if(!isset($row['user']) || strlen($row['user']) < 1) { $row['user'] = 'Anonymous'; } -if(!$row['country']) { +if(!isset($row['country']) || strlen($row['country']) < 1) { $row['country'] = 'Unknown'; }