UniGUI Expiry Link Anonymizer
Let’s write a simple UniGUI link anonymizer with a limited link expiration date. First, let’s make a simple option – relying on the API of a third-party service. Our task is only to attach a time limit to such a link. Naturally, if we use a third-party service, then smart people will simply copy the anonymized link after clicking. But you can also download all the content with the substitution of links – and for most simple sites this method will work. But for now, let’s not complicate things and do everything on the API of a third-party service. The purpose of this post is to figure out how this can be done on UniGUI.
This is what the program will look like.
Login form
Main form
Intermediate form – for those who accidentally entered
Let’s start!
Login form
By default, the login form is loaded into UniGUI, if it exists. Or, you can set the parameter Visible: = True to it in the object inspector and then it will be shown first.
So, if the user types in the address bar
http://localhost:8077/?showloginform=true
, then we show him the login form, in OnShow we will write the following
procedure TfEncryptLink_LoginForm.UniLoginFormShow(Sender: TObject);
begin
if UniApplication.Parameters.Values[‘showloginform’]<>‘true’
then
begin
Hide;
fHelloForm.show;
//ShowMessage(‘Hello. Access denied. Try open login form’);
end else
begin
CreateCaptcha;
CenterElements;
end;
end;
That is, if there is no such parameter, we hide the login form from a random user.
How to show hide password on login form?
procedure TfEncryptLink_LoginForm.cbShowPasswordClick(Sender: TObject);
begin
if cbShowPassword.Checked then
UniEdit_Password.PasswordChar:=#0 else
UniEdit_Password.PasswordChar:=‘*’;
end;
How to add a CAPTCHA to a login form?
Separate article on adding CAPTCHA
How do I handle the Enter button?
procedure TfEncryptLink_LoginForm.bEnterClick(Sender: TObject);
begin
// Emtyness Check
if (UniEdit_Password.Text=”) then
begin
ShowMessage(‘Empty Password Field’);
Exit;
end;
if (UniEdit_Captcha.Text=”) then
begin
ShowMessage(‘Empty Captcha Field’);
Exit;
end;
//Password check
if not (UniEdit_Password.Text=FCorrectPassword) then
begin
ShowMessage(‘Wrong Password’);
Exit;
end;
// CAPTCHA CHECK
if not (FNumberInCAPTCHA.ToString=UniEdit_Captcha.Text) then
begin
ShowMessage(‘Wrong CAPTCHA CODE’);
Exit;
end;
Self.ModalResult:=mrOk;
Close;
fEncryptLinkApp.Visible:=True;
end;
Here, in principle, everything is obvious. We check the fields sequentially. Well, and accordingly, set the correct password
procedure TfEncryptLink_LoginForm.UniLoginFormCreate(Sender: TObject);
begin
FCorrectPassword:=‘CorrectPassword’;
end;
Centering elements and creating a CAPTCHA
procedure TfEncryptLink_LoginForm.CenterElements;
begin
//
UniEdit_Password.Left:=Trunc(
Self.Width/2 – UniEdit_Password.Width/2
);
UniEdit_Captcha.Left:=Trunc(
Self.Width/2 – UniEdit_Captcha.Width/2
);
bEnter.Left:=Trunc(
Self.Width/2 – bEnter.Width/2
);
UniPanel_Captcha.Left:=Trunc(
Self.Width/2 – UniPanel_Captcha.Width/2
);
lEnterPassword.Left:=UniPanel_Captcha.Left;
lEnterCaptcha.Left:=UniPanel_Captcha.Left;
cbShowPassword.Left:=UniPanel_Captcha.Left;
end;
procedure TfEncryptLink_LoginForm.CreateCaptcha;
begin
FNumberInCAPTCHA:=random(1000000);
UniCanvas_Captcha.Bitmap:= nil;
CreateCaptchaCore(
UniCanvas_Captcha,
inttostr(FNumberInCAPTCHA),
5
);
end;
Update CAPTCHA
procedure TfEncryptLink_LoginForm.bUpdateCaptchaClick(Sender: TObject);
begin
CreateCaptcha;
end;
Main form
Actually here we encrypt our original link
1. We do all kinds of checks – for emptiness, whether there are already such encrypted parameters. In parallel, select the GET parameters, if they were
2. Add our parameters – should I use a third-party service? Should you use a time limit?
procedure TfEncryptLinkApp.bEncryptLinkClick(Sender: TObject);
var
OriginLink:string;
NoBlockMeParam:string;
EncryptedNoBlockMeParam:string;
TimeLimitParam:string;
EncryptedTimeLimitParam:string;
ParamsToAdd:string;
ParamsThatWereInLink: string;
SplittedArrayAmpersand:TArray<string>;
SplittedArrayEqual:TArray<string>;
Position:integer;
i: Integer;
s: string;
DecryptedValue: string;
OriginLinkLowered: string;
StartDateTimeParam: string;
IsExitFromHere:boolean;
OriginLinkParam: string;
begin
//—————————–1 STEP Checks
//
eEncryptedLink.Text:=”;
eEncryptedLink.Clear;
OriginLink:=( (eOriginLink.Text) );
// Check if params already there…
if OriginLink.Contains(‘?’) then
begin
Position:=Pos(‘?’,OriginLink);
ParamsThatWereInLink:=OriginLink.Substring(Position);
ShowMessage(ParamsThatWereInLink);
SplittedArrayAmpersand:=ParamsThatWereInLink.Split([‘&’]);
for i := Low(SplittedArrayAmpersand) to High(SplittedArrayAmpersand) do
begin
//
if ( SplittedArrayAmpersand[i].Contains(‘noblockmeparam’) )
or ( SplittedArrayAmpersand[i].Contains(‘timelimitparam’) )
or ( SplittedArrayAmpersand[i].Contains(‘startdatetimeparam’))
then
begin
IsExitFromHere:=true;
ShowMessage(‘Clear Link from NoBlockMeParam or TimeLimitParam or both’);
Break;
end;
// if Params were Encrypted
//DecryptedValue:=IdDecoderXXE.DecodeString(SplittedArrayAmpersand[i]);
// dividing noblockmeparam=somevalue on [noblockmeparam,somevalue]
SplittedArrayEqual:=SplittedArrayAmpersand[i].Split([‘=’]);
if Length(SplittedArrayEqual)>0 then
begin
DecryptedValue:=IdDecoderXXE.DecodeString( SplittedArrayEqual[0] );
if (DecryptedValue.Contains(‘noblockmeparam’))
or (DecryptedValue.Contains(‘timelimitparam’))
or (DecryptedValue.Contains(‘startdatetimeparam’))
then begin
IsExitFromHere:=true;
eEncryptedLink.Text:=”;
eEncryptedLink.Clear;
ShowMessage(‘Clear Link from Encrypted NoBlockMeParam or TimeLimitParam or both’+
#13#10+‘just delete all encrypted symbols after ? sign’);
Break;
// Exit;
end;
end;
end;
end;
if IsExitFromHere then Exit;
// To not to Destroy Ecryption lets lower case here, after decrypt !
OriginLinkLowered:=AnsiLowerCase( (eOriginLink.Text) );
//Does it contain http:// or https:// ?
if not (OriginLinkLowered.Contains(‘http://’))
and not (OriginLinkLowered.Contains(‘https://’))
then
begin
ShowMessage(‘Give Link with http:// or https://’);
exit;
end;
// Is Emty Origin Link ?
if OriginLinkLowered.IsEmpty then
begin
ShowMessage(‘Origin Link is Empty’);
exit;
end;
//—————————————ADDING PARAMS——————–
//Adding OriginLinkParam
OriginLinkParam:=
IdEncoderXXE.Encode(‘originlinkparam’)+
‘=’+
IdEncoderXXE.Encode(OriginLink);
ParamsToAdd:=ParamsToAdd+OriginLinkParam;
//Adding TimeLimitParam
if cbTimeLimitation.Checked=true then
begin
StartDateTimeParam:=
IdEncoderXXE.Encode(‘startdatetimeparam’)+
‘=’+
IdEncoderXXE.Encode(DateTimeTostr(Now));
TimeLimitParam:=
IdEncoderXXE.Encode(‘timelimitparam’)+
‘=’+
IdEncoderXXE.Encode(seTimeLimitation.Value.ToString());
ParamsToAdd:=ParamsToAdd+‘&’+StartDateTimeParam+‘&’+TimeLimitParam;
end;
if cbUseNoBlockMe.Checked=true then
begin
NoBlockMeParam:=
IdEncoderXXE.Encode(‘noblockmeparam’)+
‘=’+
IdEncoderXXE.Encode(‘true’);
//NoBlockMeParam:=IdEncoderXXE.Encode(NoBlockMeParam);
ParamsToAdd:=ParamsToAdd+‘&’+NoBlockMeParam
end;
{ // Previous Variant
//Adding ParamsToAdd to OriginLink
if ( OriginLink.Contains(‘?’) )
// and last symbol<>?
and ( ( OriginLink.Substring(OriginLink.Length–1)<>(‘?’) ))
then
OriginLink:=OriginLink+‘&’+ParamsToAdd
else
if ( OriginLink.Contains(‘?’) )
// and last symbol=?
and ( ( OriginLink.Substring(OriginLink.Length–1)=(‘?’) ))
then OriginLink:=OriginLink+ParamsToAdd
else
OriginLink:=OriginLink+‘?’+ParamsToAdd;
}
// ShowMessage(UniSession.URL);
// eEncryptedLink.Text:=OriginLink;
if ParamsThatWereInLink<>” then
eEncryptedLink.Text:=UniSession.URL+‘?’+ParamsThatWereInLink+‘&’+ParamsToAdd else
eEncryptedLink.Text:=UniSession.URL+‘?’+ParamsToAdd
end;
In principle, nothing complicated, but there were a couple of moments with the peculiarities of UniGUI itself.
Intermediate HELLO form
The purpose of this form is to say hello to a random passer-by or make a redirect to the required resource, if we found the necessary one in the GET parameters …
Here, all the main action will take place in AfterSHow, because it worked incorrectly in OnSHow Redirect …
procedure TfHelloForm.UniFormAfterShow(Sender: TObject);
var noblockmeparam,timelimitparam,
startdatetimeparam,originlinkparam:string;
HoursLimit:integer;
Startdatetime:TDateTime;
AnonymizedLink: string;
// OriginLink:string;
begin
// In Encrypted Link we have encoded param names, so we should repeat it here
// to parse them in the link
noblockmeparam:=‘noblockmeparam’;
timelimitparam:=‘timelimitparam’;
startdatetimeparam:=‘startdatetimeparam’;
originlinkparam:=‘originlinkparam’;
noblockmeparam:=IdEncoderXXE.Encode(noblockmeparam);
timelimitparam:=IdEncoderXXE.Encode(timelimitparam);
startdatetimeparam:=IdEncoderXXE.Encode(startdatetimeparam);
originlinkparam:=IdEncoderXXE.Encode(originlinkparam);
// if noblockmeparam in params…
if UniApplication.Parameters.Values[noblockmeparam]=IdEncoderXXE.Encode(‘true’)
then begin
//Getting Origin Link
FOriginLink:=
IdDecoderXXE.DecodeString(
UniApplication.Parameters.Values[originlinkparam]
);
AnonymizedLink:=AnonymizeLink(FOriginLink);
//———-Check if Link Expired
// ShowMessage(OriginLink);
if UniApplication.Parameters.Values[timelimitparam]<>” then
HoursLimit:=
IdDecoderXXE.DecodeString(
UniApplication.Parameters.Values[timelimitparam]
).ToInteger;
if UniApplication.Parameters.Values[startdatetimeparam]<>” then
Startdatetime:=
StrTodateTime(
IdDecoderXXE.DecodeString(
UniApplication.Parameters.Values[startdatetimeparam]
)
);
//—————–Check Time Expired
if ( UniApplication.Parameters.Values[startdatetimeparam]<>” )
and (UniApplication.Parameters.Values[timelimitparam]<>”)
and ((UniApplication.Parameters.Values[originlinkparam]<>”))
then
begin
if HoursBetween(Now,Startdatetime)<HoursLimit
then
begin
lStatus.Caption:=‘Link Expired’;
ShowMessage(‘Link Expired’);
end else
begin
lStatus.Caption:=‘All Ok. Link not Expired. Redirecting’;
UniSession.UrlRedirect(AnonymizedLink);
end;
end else
//—if No Check Time Expired then just redirecting
begin
UniSession.UrlRedirect(AnonymizedLink);
end;
end;
end;
