unl · tommyneu · Oct 27, 2022 · Oct 18, 2022 · Oct 20, 2022 · Oct 20, 2022
diff --git a/src/goController.php b/src/goController.php
@@ -189,10 +189,10 @@ private function handleRouteManage() {
             $deleted = $this->lilurl->deleteURL($urlID, $this->auth->getUserId());
 
             if ($deleted) {
-                $this->flashBag->setParams(self::FLASHBAG_HEADING_DELETE_SUCCESSFUL, '<p>Your URL has been deleted.</p>', $this->flashBag::FLASH_BAG_TYPE_SUCCESS);
+                $this->flashBag->setParams(self::FLASHBAG_HEADING_DELETE_SUCCESSFUL, '<p>The URL &apos;' . htmlspecialchars($_POST['urlID']) . '&apos; has been deleted.</p>', $this->flashBag::FLASH_BAG_TYPE_SUCCESS);
                 $this->redirect($this->lilurl->getBaseUrl(self::ROUTE_PATH_LINKS));
             } else {
-                $this->flashBag->setParams(self::FLASHBAG_HEADING_DELETE_FAILED, '<p>Your URL has NOT been deleted.</p>', $this->flashBag::FLASH_BAG_TYPE_ERROR);
+                $this->flashBag->setParams(self::FLASHBAG_HEADING_DELETE_FAILED, '<p>The URL &apos;' . htmlspecialchars($_POST['urlID']) . '&apos; has NOT been deleted.</p>', $this->flashBag::FLASH_BAG_TYPE_ERROR);
                 $this->redirect($this->lilurl->getBaseUrl(self::ROUTE_PATH_LINKS));
             }
 

diff --git a/src/lilURL.php b/src/lilURL.php
@@ -23,6 +23,8 @@ class lilURL
     const MAX_RANDOM_ID_BUMP_LENGTH = 5;
     const MAX_RANDOM_ID_ATTEMPTS = 15000000;
 
+    const MIN_YEARS_OLD_LINK = 2;
+
     // Tables
     const TABLE_GROUPS = 'tblGroups';
     const TABLE_GROUP_USERS = 'tblGroupUsers';
@@ -632,9 +634,19 @@ public function userHasURLAccess($urlID, $uid) {
         return $this->userOwnsURL($urlID, $uid) || $this->userHasGroupURLAccess($urlID, $uid);
     }
 
+    public function checkOldURL($urlID)
+    {
+        $result = $this->db->run(
+            'SELECT count(*) AS oldURL FROM ' . self::TABLE_URLS . ' WHERE ' . self::WHERE_URL_ID . ' AND ((lastRedirect <= DATE_SUB(CURDATE(), INTERVAL ' . self::MIN_YEARS_OLD_LINK . ' YEAR)) OR (lastRedirect IS NULL AND submitDate <= DATE_SUB(CURDATE(), INTERVAL ' . self::MIN_YEARS_OLD_LINK . ' YEAR)));',
+            array(self::PDO_PLACEHOLDER_URL_ID => $urlID),
+            TRUE
+        );
+        return $result->oldURL > 0;
+    }
+
     public function deleteURL($urlID, $uid)
     {
-        if ($this->userHasURLAccess($urlID, $uid)) {
+        if ($this->userHasURLAccess($urlID, $uid) || $this->checkOldURL($urlID)) {
             return $this->db->delete(
                 self::TABLE_URLS,
                 self::WHERE_URL_ID . ' LIMIT 1',

diff --git a/www/templates/linkinfo.php b/www/templates/linkinfo.php
@@ -91,6 +91,22 @@
                         <?php endif; ?>
                     </dd>
                     <?php endif; ?>
+
+
+                    <?php if ($lilurl->checkOldURL($link->urlID)): ?>
+                        <form class="dcf-form dcf-mb-0" action="<?php echo htmlspecialchars($lilurl->getBaseUrl('a/links')) ?>" method="post">
+                            <input type="hidden" name="urlID" value="<?php echo $link->urlID; ?>" />
+                            <p class="dcf-bg-white dcf-p-4 dcf-rounded">
+                                This URL has NOT been used or created in the past two years. You may delete this URL if you would like to use it for a different purpose.
+                                <button class="dcf-btn dcf-btn-primary dcf-d-block dcf-mt-4" type="submit" onclick="return confirm('Are you for sure you want to delete \'<?php echo $link->urlID; ?>\'?');">Delete</button>
+                            </p>
+                        </form>
+                    <?php else:?>
+                        <p class="dcf-bg-white dcf-p-4 dcf-rounded">
+                            This URL has been used or created in the past two years. You will be unable to delete it for now, but you can always ask the person who created the URL to delete it.
+                        </p>
+                    <?php endif; ?>
+
                 </dl>
             </div>
             <?php endif; ?>