Documentation | TrimURLs — Guides & API Reference

File Structure

The system consists of the following key files:

index.php - Homepage with URL shortening form
db.php - Database connection configuration
login.php - User authentication
signup.php - User registration
dashboard.php - User dashboard for URL management
track.php - URL redirection and tracking
tracker.js - Client-side tracking script
log.php - Server-side visit logging
navbar.php - Navigation bar component
blog.php - Blog management and display
blog_detail.php - Individual blog post view
mac.php - MAC address lookup utility
stats.php - Statistics display
forgot_password.php - Password recovery
reset_password.php - Password reset functionality
verify.php - Email verification
logout.php - Session termination

Database Structure

The system uses the following tables:

admin_users Table

                    CREATE TABLE admin_users (

                      id INT AUTO_INCREMENT PRIMARY KEY,

                      username VARCHAR(50) NOT NULL UNIQUE,

                      email VARCHAR(100) NOT NULL UNIQUE,

                      password VARCHAR(255) NOT NULL,

                      role ENUM('admin', 'user') DEFAULT 'user',

                      first_name VARCHAR(50),

                      last_name VARCHAR(50),

                      phone VARCHAR(20),

                      verification_token VARCHAR(32),

                      is_verified BOOLEAN DEFAULT FALSE,

                      reset_token VARCHAR(32),

                      reset_token_expiry DATETIME,

                      created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,

                      profile_updated_at DATETIME

                    );

short_urls Table

                    CREATE TABLE short_urls (

                      id INT AUTO_INCREMENT PRIMARY KEY,

                      short_code VARCHAR(10) NOT NULL UNIQUE,

                      long_url TEXT NOT NULL,

                      user_id INT,

                      custom_name VARCHAR(50),

                      created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,

                      FOREIGN KEY (user_id) REFERENCES admin_users(id)

                    );

url_visits Table

                    CREATE TABLE url_visits (

                      id INT AUTO_INCREMENT PRIMARY KEY,

                      short_code VARCHAR(10) NOT NULL,

                      ip_address VARCHAR(45),

                      extra_info TEXT,

                      device_info TEXT,

                      device_type VARCHAR(20),

                      visit_time TIMESTAMP DEFAULT CURRENT_TIMESTAMP,

                      FOREIGN KEY (short_code) REFERENCES short_urls(short_code)

                    );

blogs Table

                    CREATE TABLE blogs (

                      id INT AUTO_INCREMENT PRIMARY KEY,

                      title VARCHAR(255) NOT NULL,

                      content TEXT NOT NULL,

                      author INT,

                      image VARCHAR(255),

                      created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,

                      FOREIGN KEY (author) REFERENCES admin_users(id)

                    );

User Flow

1. URL Shortening Process

User submits a long URL via the form on index.php
System generates a unique 6-character short code
URL mapping is stored in the short_urls table
Short URL is returned to the user (e.g., https://trimu.io/abc123)

2. URL Redirection Process

User visits a short URL
Request is handled by track.php which looks up the short code
track.php serves an HTML page that loads tracker.js
tracker.js collects device and browser information
Data is sent to log.php via AJAX
Visit is recorded in the url_visits table
User is redirected to the original long URL

3. User Registration Process

User fills out registration form on signup.php
Data is validated and CSRF token is verified
Password is hashed before storage
Verification email is sent with unique token
User clicks verification link in email (verify.php)
Account is marked as verified in database
User can now log in

4. Authentication Process

User provides credentials on login.php
System verifies CSRF token
Credentials are checked against database
If valid, session is created with user data
User is redirected to dashboard.php

Tracking Details

The system collects extensive analytics data for each URL visit:

Device Information

Platform and OS details
Device model (for mobile devices)
Screen resolution
GPU information
Browser user agent
Touch support capability

Geolocation Data

IP address
VPN detection
Approximate location (city, region, country)
ISP information

Behavioral Data

Referrer information
Language preferences
Timezone
Ad blocker detection
Incognito mode detection (where possible)

Security Features

Authentication Security

Passwords are hashed using PHP's password_hash() function
CSRF tokens protect all forms
Session management with proper validation
Email verification for new accounts

Input Validation

All user inputs are sanitized with appropriate filters
URL validation before shortening
SQL injection prevention using prepared statements
XSS prevention through output escaping

Data Protection

HTTPS recommended for all communications
Sensitive data not stored in plain text
Access control checks for all authenticated actions
Rate limiting considerations for public endpoints

Admin Features

User Management

Admin users have additional capabilities in the dashboard:

View all shortened URLs (not just their own)
Delete any URL or visit record
See which user created each shortened URL

Blog Management

Admin users can create and manage blog posts:

Create new blog posts with rich content
Upload images for blog posts
Manage existing posts

API Endpoints

POST /log.php

Records a visit to a shortened URL. Accepts JSON data with shortCode and info parameters.

                    {

                      "shortCode": "abc123",

                      "info": {

                        "platform": "Win32",

                        "userAgent": "Mozilla/5.0...",

                        // ... additional tracking data

                      }

                    }

POST /dashboard.php (dt=clicks)

DataTables server-side processing endpoint for click statistics. Requires authentication.

Integration Points

External APIs

macvendors.com - For MAC address lookup in mac.php
ipify.org - For public IP detection in tracker.js
ipapi.is - For VPN detection and geolocation in tracker.js
OpenStreetMap Nominatim - For geocoding in dashboard.php

Libraries & Frameworks

Tailwind CSS - For styling
Bootstrap - For some UI components
DataTables - For tabular data presentation
SweetAlert2 - For alert dialogs
Leaflet - For map visualization
UAParser.js - For user agent parsing

System Documentation

Overview