From 88a529326e0632da807737bc8d47d0a09c03140e Mon Sep 17 00:00:00 2001
From: wibyweb <49052850+wibyweb@users.noreply.github.com>
Date: Tue, 23 May 2023 10:11:48 -0400
Subject: [PATCH] Add files via upload

---
 html/submit/index.php | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/html/submit/index.php b/html/submit/index.php
index 6f76827..b7fcdcd 100755
--- a/html/submit/index.php
+++ b/html/submit/index.php
@@ -4,7 +4,7 @@
 	{    
 	  include 'form.html.php';    
 	}
-	else if($_POST['url'] == '' || strpos("x".$_POST['url'],'.') == false || strpos("x".$_POST['url'],' ') == true)
+	else if($_POST['url'] == '' || strpos("x".$_POST['url'],'.') == false || strpos(trim("x".$_POST['url']),' ') == true)
 	{
 	  echo "It doesn't look like you submitted a valid URL.";
 	  include 'form.html.php';
@@ -50,8 +50,11 @@
 		  exit(); 
 		}
  
-	    $url = mysqli_real_escape_string($link, $_POST['url']);
-	    $url = str_replace("''", "%27", $url); 
+		$url = mysqli_real_escape_string($link, $_POST['url']);
+		$url = str_replace("''", "%27", $url);
+		$url = str_replace(":443", "", $url);
+		$url = trim($url);
+
 		//$url = str_replace("\"", "\"\"", $url); //not needed if using single quotes for query
 		$url = substr($url,0,400); //don't allow user to post a longer url than 400b (also limited in form)
 		$worksafe = mysqli_real_escape_string($link, $_POST['worksafe']);