1 | <?php
|
---|
2 | /**
|
---|
3 | * CPAINT (Cross-Platform Asynchronous INterface Toolkit)
|
---|
4 | *
|
---|
5 | * http://sf.net/projects/cpaint
|
---|
6 | *
|
---|
7 | * released under the terms of the GPL
|
---|
8 | * see http://www.fsf.org/licensing/licenses/gpl.txt for details
|
---|
9 | *
|
---|
10 | * $Id$
|
---|
11 | * $Log$
|
---|
12 | * Revision 1.5 2005/07/20 17:25:14 saloon12yrd
|
---|
13 | * updated file headers to contain proper licensing information as well as @package info
|
---|
14 | *
|
---|
15 | * Revision 1.3 2005/07/14 04:43:20 saloon12yrd
|
---|
16 | * - changed parameter cpaint_returnxml=true to cpaint_response_type=(OBJECT|TEXT|XML) to be futureproof when JSON or other formats get implemented
|
---|
17 | * - added toXML() method in cpaint2.inc.php
|
---|
18 | * not sure it response-type TEXT worked in earlier version. now it does
|
---|
19 | *
|
---|
20 | *
|
---|
21 | * proxy script to pass request on to remote servers
|
---|
22 | *
|
---|
23 | * @package CPAINT
|
---|
24 | * @author Paul Sullivan <wiley14@gmail.com>
|
---|
25 | * @author Dominique Stender <dstender@st-webdevelopment.de>
|
---|
26 | * @copyright Copyright (c) 2005-2006 Paul Sullivan, Dominique Stender - http://sf.net/projects/cpaint
|
---|
27 | * @version 2.0.2
|
---|
28 | */
|
---|
29 |
|
---|
30 | //---- includes ----------------------------------------------------------------
|
---|
31 | /**
|
---|
32 | * @include config
|
---|
33 | */
|
---|
34 | require_once("cpaint2.config.php");
|
---|
35 |
|
---|
36 | //---- main code ---------------------------------------------------------------
|
---|
37 |
|
---|
38 | error_reporting (E_ALL ^ E_NOTICE ^ E_WARNING);
|
---|
39 | set_time_limit(0);
|
---|
40 |
|
---|
41 | if ($_GET['cpaint_remote_url'] != "") {
|
---|
42 | $cp_remote_url = urldecode($_GET['cpaint_remote_url']);
|
---|
43 | $cp_remote_method = urldecode($_GET['cpaint_remote_method']);
|
---|
44 | $cp_remote_query = urldecode($_GET['cpaint_remote_query']);
|
---|
45 | $cp_response_type = strtoupper($_GET['cpaint_response_type']);
|
---|
46 | }
|
---|
47 |
|
---|
48 | if ($_POST['cpaint_remote_url'] != "") {
|
---|
49 | $cp_remote_url = urldecode($_POST['cpaint_remote_url']);
|
---|
50 | $cp_remote_method = urldecode($_POST['cpaint_remote_method']);
|
---|
51 | $cp_remote_query = urldecode($_POST['cpaint_remote_query']);
|
---|
52 | $cp_response_type = strtoupper($_POST['cpaint_response_type']);
|
---|
53 | }
|
---|
54 |
|
---|
55 | // propagate XML header if necessary
|
---|
56 | if ($cp_response_type == 'XML'
|
---|
57 | || $cp_response_type == 'OBJECT') {
|
---|
58 | header("Content-type: text/xml");
|
---|
59 | }
|
---|
60 |
|
---|
61 | // transfer mode specifics
|
---|
62 | if ($cp_remote_method == 'GET') {
|
---|
63 | $cp_remote_url .= '?' . $cp_remote_query;
|
---|
64 | $cp_request_body = '';
|
---|
65 |
|
---|
66 | // prepare parameters
|
---|
67 | $url_parts = parse_url($cp_remote_url);
|
---|
68 |
|
---|
69 | // build basic header
|
---|
70 | $cp_request_header = 'GET ' . $url_parts['path'] . '?' . str_replace(' ', '+', $url_parts['query']) . " HTTP/1.0\r\n"
|
---|
71 | . "Host: " . $url_parts['host'] . "\r\n";
|
---|
72 |
|
---|
73 | } elseif ($cp_remote_method == 'POST') {
|
---|
74 | $cp_request_body = '&' . $cp_remote_query;
|
---|
75 |
|
---|
76 | // prepare parameters
|
---|
77 | $url_parts = parse_url($cp_remote_url);
|
---|
78 |
|
---|
79 | // check against whitelist
|
---|
80 | if ($cpaint2_config["proxy.security.use_whitelist"] == true) {
|
---|
81 | $url_allowed = false;
|
---|
82 | foreach($cpaint2_proxy_whitelist as $whitelistURL) {
|
---|
83 | $whiteList_parts = parse_url("http://" . $whitelistURL);
|
---|
84 | $url_parts_temp = parse_url("http://" . $cp_remote_url);
|
---|
85 | if (array_key_exists("path", $whiteList_parts)) {
|
---|
86 | if ((strtolower($whiteList_parts["path"]) == strtolower($url_parts_temp["path"])) && (strtolower($whiteList_parts["host"]) == strtolower($url_parts_temp["host"]))) $url_allowed = true;
|
---|
87 | } else { // no path, check only host
|
---|
88 | if (strtolower($whiteList_parts["host"]) == strtolower($url_parts_temp["host"])) $url_allowed = true;
|
---|
89 | }
|
---|
90 | }
|
---|
91 | if ($url_allowed == false) die("[CPAINT] The host or script cannot be accessed through this proxy.");
|
---|
92 | }
|
---|
93 |
|
---|
94 | // build basic header
|
---|
95 | $cp_request_header = 'POST ' . $url_parts['path'] . " HTTP/1.0\r\n"
|
---|
96 | . "Host: " . $url_parts['host'] . "\r\n"
|
---|
97 | . "Content-Type: application/x-www-form-urlencoded\r\n";
|
---|
98 | }
|
---|
99 |
|
---|
100 | // add port if none exists
|
---|
101 | if (!isset($url_parts['port'])) {
|
---|
102 | $url_parts['port'] = 80;
|
---|
103 | }
|
---|
104 |
|
---|
105 | // add content-length header
|
---|
106 | $cp_request_header .= "Content-Length: " . strlen($cp_request_body) . "\r\n";
|
---|
107 |
|
---|
108 | // add authentication to header if necessary
|
---|
109 | if ($url_parts['user'] != '') {
|
---|
110 | $cp_request_header .= 'Authorization: Basic ' . base64_encode($url_parts['user'] . ':' . $url_parts['pass']) . "\r\n";
|
---|
111 | }
|
---|
112 |
|
---|
113 | // open connection
|
---|
114 | $cp_socket = @fsockopen($url_parts['host'], $url_parts['port'], $error, $errstr, 10);
|
---|
115 |
|
---|
116 | if ($cp_socket !== false) {
|
---|
117 | // send headers
|
---|
118 | @fwrite($cp_socket, $cp_request_header . "\r\n\r\n");
|
---|
119 |
|
---|
120 | // send body if necessary
|
---|
121 | if ($cp_request_body != '') {
|
---|
122 | @fwrite($cp_socket, $cp_request_body . "\r\n");
|
---|
123 | }
|
---|
124 |
|
---|
125 | while (!feof($cp_socket)) {
|
---|
126 | $http_data = $http_data . fgets($cp_socket);
|
---|
127 | }
|
---|
128 |
|
---|
129 | list($http_headers, $http_body) = preg_split('/\r\n\r\n/', $http_data, 2);
|
---|
130 | echo($http_body);
|
---|
131 | @fclose($cp_socket);
|
---|
132 | }
|
---|
133 |
|
---|
134 | ?> |
---|