[3400] | 1 | <?php
|
---|
| 2 | /**
|
---|
| 3 | * CPAINT (Cross-Platform Asynchronous INterface Toolkit)
|
---|
| 4 | *
|
---|
| 5 | * http://sf.net/projects/cpaint
|
---|
| 6 | *
|
---|
| 7 | * released under the terms of the GPL
|
---|
| 8 | * see http://www.fsf.org/licensing/licenses/gpl.txt for details
|
---|
| 9 | *
|
---|
| 10 | * $Id$
|
---|
| 11 | * $Log$
|
---|
| 12 | * Revision 1.5 2005/07/20 17:25:14 saloon12yrd
|
---|
| 13 | * updated file headers to contain proper licensing information as well as @package info
|
---|
| 14 | *
|
---|
| 15 | * Revision 1.3 2005/07/14 04:43:20 saloon12yrd
|
---|
| 16 | * - changed parameter cpaint_returnxml=true to cpaint_response_type=(OBJECT|TEXT|XML) to be futureproof when JSON or other formats get implemented
|
---|
| 17 | * - added toXML() method in cpaint2.inc.php
|
---|
| 18 | * not sure it response-type TEXT worked in earlier version. now it does
|
---|
| 19 | *
|
---|
| 20 | *
|
---|
| 21 | * proxy script to pass request on to remote servers
|
---|
| 22 | *
|
---|
| 23 | * @package CPAINT
|
---|
| 24 | * @author Paul Sullivan <wiley14@gmail.com>
|
---|
| 25 | * @author Dominique Stender <dstender@st-webdevelopment.de>
|
---|
| 26 | * @copyright Copyright (c) 2005-2006 Paul Sullivan, Dominique Stender - http://sf.net/projects/cpaint
|
---|
| 27 | * @version 2.0.2
|
---|
| 28 | */
|
---|
| 29 |
|
---|
| 30 | //---- includes ----------------------------------------------------------------
|
---|
| 31 | /**
|
---|
| 32 | * @include config
|
---|
| 33 | */
|
---|
| 34 | require_once("cpaint2.config.php");
|
---|
| 35 |
|
---|
| 36 | //---- main code ---------------------------------------------------------------
|
---|
| 37 |
|
---|
| 38 | error_reporting (E_ALL ^ E_NOTICE ^ E_WARNING);
|
---|
| 39 | set_time_limit(0);
|
---|
| 40 |
|
---|
| 41 | if ($_GET['cpaint_remote_url'] != "") {
|
---|
| 42 | $cp_remote_url = urldecode($_GET['cpaint_remote_url']);
|
---|
| 43 | $cp_remote_method = urldecode($_GET['cpaint_remote_method']);
|
---|
| 44 | $cp_remote_query = urldecode($_GET['cpaint_remote_query']);
|
---|
| 45 | $cp_response_type = strtoupper($_GET['cpaint_response_type']);
|
---|
| 46 | }
|
---|
| 47 |
|
---|
| 48 | if ($_POST['cpaint_remote_url'] != "") {
|
---|
| 49 | $cp_remote_url = urldecode($_POST['cpaint_remote_url']);
|
---|
| 50 | $cp_remote_method = urldecode($_POST['cpaint_remote_method']);
|
---|
| 51 | $cp_remote_query = urldecode($_POST['cpaint_remote_query']);
|
---|
| 52 | $cp_response_type = strtoupper($_POST['cpaint_response_type']);
|
---|
| 53 | }
|
---|
| 54 |
|
---|
| 55 | // propagate XML header if necessary
|
---|
| 56 | if ($cp_response_type == 'XML'
|
---|
| 57 | || $cp_response_type == 'OBJECT') {
|
---|
| 58 | header("Content-type: text/xml");
|
---|
| 59 | }
|
---|
| 60 |
|
---|
| 61 | // transfer mode specifics
|
---|
| 62 | if ($cp_remote_method == 'GET') {
|
---|
| 63 | $cp_remote_url .= '?' . $cp_remote_query;
|
---|
| 64 | $cp_request_body = '';
|
---|
| 65 |
|
---|
| 66 | // prepare parameters
|
---|
| 67 | $url_parts = parse_url($cp_remote_url);
|
---|
| 68 |
|
---|
| 69 | // build basic header
|
---|
| 70 | $cp_request_header = 'GET ' . $url_parts['path'] . '?' . str_replace(' ', '+', $url_parts['query']) . " HTTP/1.0\r\n"
|
---|
| 71 | . "Host: " . $url_parts['host'] . "\r\n";
|
---|
| 72 |
|
---|
| 73 | } elseif ($cp_remote_method == 'POST') {
|
---|
| 74 | $cp_request_body = '&' . $cp_remote_query;
|
---|
| 75 |
|
---|
| 76 | // prepare parameters
|
---|
| 77 | $url_parts = parse_url($cp_remote_url);
|
---|
| 78 |
|
---|
| 79 | // check against whitelist
|
---|
| 80 | if ($cpaint2_config["proxy.security.use_whitelist"] == true) {
|
---|
| 81 | $url_allowed = false;
|
---|
| 82 | foreach($cpaint2_proxy_whitelist as $whitelistURL) {
|
---|
| 83 | $whiteList_parts = parse_url("http://" . $whitelistURL);
|
---|
| 84 | $url_parts_temp = parse_url("http://" . $cp_remote_url);
|
---|
| 85 | if (array_key_exists("path", $whiteList_parts)) {
|
---|
| 86 | if ((strtolower($whiteList_parts["path"]) == strtolower($url_parts_temp["path"])) && (strtolower($whiteList_parts["host"]) == strtolower($url_parts_temp["host"]))) $url_allowed = true;
|
---|
| 87 | } else { // no path, check only host
|
---|
| 88 | if (strtolower($whiteList_parts["host"]) == strtolower($url_parts_temp["host"])) $url_allowed = true;
|
---|
| 89 | }
|
---|
| 90 | }
|
---|
| 91 | if ($url_allowed == false) die("[CPAINT] The host or script cannot be accessed through this proxy.");
|
---|
| 92 | }
|
---|
| 93 |
|
---|
| 94 | // build basic header
|
---|
| 95 | $cp_request_header = 'POST ' . $url_parts['path'] . " HTTP/1.0\r\n"
|
---|
| 96 | . "Host: " . $url_parts['host'] . "\r\n"
|
---|
| 97 | . "Content-Type: application/x-www-form-urlencoded\r\n";
|
---|
| 98 | }
|
---|
| 99 |
|
---|
| 100 | // add port if none exists
|
---|
| 101 | if (!isset($url_parts['port'])) {
|
---|
| 102 | $url_parts['port'] = 80;
|
---|
| 103 | }
|
---|
| 104 |
|
---|
| 105 | // add content-length header
|
---|
| 106 | $cp_request_header .= "Content-Length: " . strlen($cp_request_body) . "\r\n";
|
---|
| 107 |
|
---|
| 108 | // add authentication to header if necessary
|
---|
| 109 | if ($url_parts['user'] != '') {
|
---|
| 110 | $cp_request_header .= 'Authorization: Basic ' . base64_encode($url_parts['user'] . ':' . $url_parts['pass']) . "\r\n";
|
---|
| 111 | }
|
---|
| 112 |
|
---|
| 113 | // open connection
|
---|
| 114 | $cp_socket = @fsockopen($url_parts['host'], $url_parts['port'], $error, $errstr, 10);
|
---|
| 115 |
|
---|
| 116 | if ($cp_socket !== false) {
|
---|
| 117 | // send headers
|
---|
| 118 | @fwrite($cp_socket, $cp_request_header . "\r\n\r\n");
|
---|
| 119 |
|
---|
| 120 | // send body if necessary
|
---|
| 121 | if ($cp_request_body != '') {
|
---|
| 122 | @fwrite($cp_socket, $cp_request_body . "\r\n");
|
---|
| 123 | }
|
---|
| 124 |
|
---|
| 125 | while (!feof($cp_socket)) {
|
---|
| 126 | $http_data = $http_data . fgets($cp_socket);
|
---|
| 127 | }
|
---|
| 128 |
|
---|
| 129 | list($http_headers, $http_body) = split("\r\n\r\n", $http_data, 2);
|
---|
| 130 | echo($http_body);
|
---|
| 131 | @fclose($cp_socket);
|
---|
| 132 | }
|
---|
| 133 |
|
---|
| 134 | ?> |
---|