aravind/glink-website
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added server-side checks to input

Browse Source
This commit is contained in:
Aadhavan Srinivasan
2023-06-08 10:46:41 -05:00
parent 92b70e632b
commit 1b52864952
2 changed files with 16 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
result.js
View File

@@ -1,14 +0,0 @@
console.log('Beginning database execution');
const cassandra = require('cassandra-driver');
const client = new cassandra.Client({
contactPoints: ['127.0.0.1:9042'],
keyspace: 'glink',
});
const query = 'SELECT name FROM data WHERE id = ?';
console.log(query);
client.execute(query, [5]).then(result => console.log('User name is %s',result.rows[0].name));

26
result.php
View File

@@ -6,24 +6,30 @@ $cluster = Cassandra::cluster()->build();
$keyspace = 'glink'; $keyspace = 'glink';
$url = $_GET["url"]; $url = $_GET["url"];
$matches = preg_match('/^http(s)*:\\/\\/[a-zA-Z0-9\\-]+(\\.[a-zA-Z0-9\\-]+)+$/',$url);
if (($matches == 0) || ($matches == false)) {
printf("The URL entered was invalid. Please try again.");
return;
}
$shortlink = $_GET["glink"]; $shortlink = $_GET["glink"];
$matches_shortlink = preg_match('/^[a-zA-Z]+$/',$shortlink);
if (($matches_shortlink == 0) || ($matches_shortlink == false)) {
printf("The GLink entered was invalid. The GLink can only contain letters. Please try again.");
return;
}
$session = $cluster->connect($keyspace); $session = $cluster->connect($keyspace);
//$statement = new Cassandra\SimpleStatement('SELECT name FROM data WHERE id=5'); //$statement = new Cassandra\SimpleStatement('SELECT name FROM data WHERE id=5');
$rand_num = rand(0,99999999); $rand_num = rand(0,99999999);
$values = array( $statement = $session->prepare('INSERT INTO data (id, url, shortlink, when_created) VALUES (?,?,?,toTimestamp(now()))');
'id' => $rand_num, $result = $session->execute($statement,array('arguments' => array($rand_num,$url,$shortlink)));
'url' => $url,
'shortlink' => $shortlink,
);
$statement = new Cassandra\SimpleStatement('INSERT INTO data (id, url, shortlink, when_created) VALUES (?,?,?,toTimestamp(now()))');
$options = array('arguments' => $values);
$result = $session->execute($statement,$options);
$statement = new Cassandra\SimpleStatement('SELECT url,shortlink FROM data WHERE id=?'); $statement = $session->prepare('SELECT url,shortlink FROM data WHERE id=?');
$options = array('arguments' => array('id' => $rand_num)); $options = array('arguments' => array($rand_num));
$result = $session->execute($statement,$options); $result = $session->execute($statement,$options);
//$stringRepresentation= json_encode($result[0]); //$stringRepresentation= json_encode($result[0]);