/doc/forum/proxy/includes/init.php
PHP | 976 lines | 386 code | 297 blank | 293 comment | 120 complexity | d018c18fa5f3069589d5259ed4ccfcec MD5 | raw file
Possible License(s): AGPL-3.0, GPL-3.0, Apache-2.0, CC-BY-3.0
- <?php
- /*******************************************************************
- * Glype Proxy Script
- *
- * Copyright (c) 2008, http://www.glype.com/
- *
- * Permission to use this script is granted free of charge
- * subject to the terms displayed at http://www.glype.com/downloads
- * and in the LICENSE.txt document of the glype package.
- *******************************************************************
- * This file is a global include used everywhere in the script.
- * Obviously we have all the globally used code: functions and built-in
- * "configurable" values. Ideally keep it as light as possible!
- ******************************************************************/
-
- /*****************************************************************
- * Initialise
- ******************************************************************/
-
- // Choose error reporting levels
- error_reporting(E_ALL);
- ini_set('display_errors', 0); // Always report but don't display on live installation
-
- // Script name (change this if you rename browse.php)
- define('SCRIPT_NAME', 'browse.php');
-
- // Prefix for cookies (change if having trouble running multiple proxies on same domain)
- define('COOKIE_PREFIX', 'c');
-
- // Running on HTTPS?
- define('HTTPS', ( empty($_SERVER['HTTPS']) || strtolower($_SERVER['HTTPS']) == 'off' ? false : true ));
-
- // Running in safe_mode?
- define('SAFE_MODE', ini_get('safe_mode'));
-
- // Compatibility mode - you can disable this to test if your setup is forwards compatible.
- // Backwards compatiblity is frequently removed so keep up to date! Checking this is
- // ESSENTIAL if you're distributing a theme or plugin.
- define('COMPATABILITY_MODE', true);
-
- // Set up paths/urls
- define('GLYPE_ROOT', str_replace('\\', '/', dirname(dirname(__FILE__))));
- define('GLYPE_URL',
- 'http'
- . ( HTTPS ? 's' : '' )
- . '://'
- . $_SERVER['HTTP_HOST']
- . preg_replace('#/(?:(?:includes/)?[^/]*|' . preg_quote(SCRIPT_NAME) . '.*)$#', '', $_SERVER['PHP_SELF'])
- );
- define('GLYPE_BROWSE', GLYPE_URL . '/' . SCRIPT_NAME);
-
- // Set timezone (uncomment and set to desired timezone)
- #date_default_timezone_set('GMT');
-
- // Ensure request time is available
- $_SERVER['REQUEST_TIME'] = time();
-
- // Load settings
- require GLYPE_ROOT . '/includes/settings.php';
-
-
- /*****************************************************************
- * Language - text for error messages
- ******************************************************************/
-
- $phrases['no_hotlink'] = 'Hotlinking directly to proxified pages is not permitted.';
- $phrases['unique_mismatch'] = 'The unique URL requested did not match your stored unique salt - this URL was not generated for you or has expired.';
- $phrases['invalid_url'] = 'The requested URL was not recognised as a valid URL. Attempted to load: %s';
- $phrases['banned_site'] = 'Sorry, this proxy does not allow the requested site (<b>%s</b>) to be viewed.';
- $phrases['file_too_large'] = 'The requested file is too large. The maximum permitted filesize is %s MB.';
- $phrases['server_busy'] = 'The server is currently busy and unable to process your request. Please try again in a few minutes. We apologise for any inconvenience.';
- $phrases['http_error'] = 'The requested resource could not be loaded because the server returned an error:<br> <b>%s %s</b> (<span class="tooltip" onmouseout="exit()" onmouseover="tooltip(\'%s\');">?</span>).';
- $phrases['curl_error'] = 'The requested resource could not be loaded. libcurl returned the error:<br><b>%s</b>';
- $phrases['unknown_error'] = 'The script encountered an unknown error. Error id: <b>%s</b>.';
-
- // If an HTTP error (status code >= 400) is encountered, the script will look here
- // for an additional "friendly" explanation of the problem.
- $httpErrors = array('404' => 'A 404 error occurs when the requested resource does not exist.');
-
-
- /*****************************************************************
- * Load theme config
- ******************************************************************/
-
- // Current version - no need to change this!
- $themeReplace['version'] = 'v1.1';
-
- // Look for a config.php in the /themes/themeName/ folder
- if ( ! defined('MULTIGLYPE') && file_exists($tmp = GLYPE_ROOT . '/themes/' . $CONFIG['theme'] . '/config.php') ) {
-
- // Load it
- include $tmp;
-
- }
-
- // NB if running multiple proxies off the same source files - with glype
- // manager or any other product - set the MULTIGLYPE constant to stop the
- // script automatically loading theme config files.
-
-
- /*****************************************************************
- * Start session
- ******************************************************************/
-
- // Set name to the configured value - change if running multiple proxies in same
- // folder and experiencing session conflicts.
- session_name('s');
-
- // Allow caching. We don't want PHP to send any cache-related headers automatically
- // (and by default it tries to stop all caching). Using this limiter sends the fewest
- // headers, which we override later.
- session_cache_limiter('private_no_expire');
-
- // Don't call _start() if session.auto_start = 1
- if ( session_id() == '' ) {
- session_start();
- }
-
-
- /*****************************************************************
- * Check IP bans
- ******************************************************************/
-
- // Only check once per session or if the IP address changes
- if ( empty($_SESSION['ip_verified']) || $_SESSION['ip_verified'] != $_SERVER['REMOTE_ADDR'] ) {
-
- // Current IP matches a banned IP? true/false
- $banned = false;
-
- // Examine all IP bans
- foreach ( $CONFIG['ip_bans'] as $ip ) {
-
- // Is this a range or single?
- if ( ($pos = strspn($ip, '0123456789.')) == strlen($ip) ) {
-
- // Just a single IP so check for a match
- if ( $_SERVER['REMOTE_ADDR'] == $ip ) {
-
- // Flag the match and break out the loop
- $banned = true;
- break;
-
- }
-
- // And try next IP
- continue;
-
- }
-
- // Must be some form of IP range if still here. Convert our own
- // IP address to int and binary.
- $ownLong = ip2long($_SERVER['REMOTE_ADDR']);
- $ownBin = decbin($ownLong);
-
- // What kind of range?
- if ( $ip[$pos] == '/' ) {
-
- // Slash notation - split by slash
- list($net, $mask) = explode('/', $ip);
-
- // Fill IP with .0 if shortened form
- if ( ( $tmp = substr_count($net, '.') ) < 3 ) {
- $net .= str_repeat('.0', 3-$tmp);
- }
-
- // Note: there MUST be a better way of doing the rest of this section
- // but couldn't understand and/or get anything else to work...
- // To do: improve!
-
- // Convert a subnet mask to a prefix length
- if ( strpos($mask, '.') ) {
- $mask = substr_count(decbin(ip2long($mask)), '1');
- }
-
- // Produce a binary string of the network address of prefix length
- // and compare to the equivalent for own address
- if ( substr(decbin(ip2long($net)), 0, $mask) === substr($ownBin, 0, $mask) ) {
-
- // They match so must be banned
- $banned = true;
- break;
-
- }
-
- } else {
-
- // No slash so it should just be a pair of dotted quads
- $from = ip2long(substr($ip, 0, $pos));
- $to = ip2long(substr($ip, $pos+1));
-
- // Did we get valid ranges?
- if ( $from && $to ) {
-
- // Are we in the range?
- if ( $ownLong >= $from && $ownLong <= $to ) {
-
- // We're banned. Don't bother checking the rest of the bans.
- $banned = true;
- break;
-
- }
-
- }
-
- }
-
- }
-
- // Is the IP address banned?
- if ( $banned ) {
-
- // Send a Forbidden header
- header('HTTP/1.1 403 Forbidden', true, 403);
-
- // Print the banned page and exit!
- echo loadTemplate('banned.page');
- exit;
-
- }
-
- // Still here? Must be OK so save IP in session to prevent rechecking next time
- $_SESSION['ip_verified'] = $_SERVER['REMOTE_ADDR'];
-
- }
-
-
- /*****************************************************************
- * Find bitfield to determine options from
- ******************************************************************/
-
- // First, find the bitfield!
- if ( $CONFIG['path_info_urls'] && ! empty($_SERVER['PATH_INFO']) && preg_match('#/b([0-9]{1,5})(?:/f([a-z]{1,10}))?/?$#', $_SERVER['PATH_INFO'], $tmp) ) {
-
- // Found a /bXX/ value at end of path info
- $bitfield = $tmp[1];
-
- // (And while we're here, grab the flag too)
- $flag = isset($tmp[2]) ? $tmp[2] : '';
-
- } else if ( ! empty($_GET['b']) ) {
-
- // Found a b= value in the query string
- $bitfield = intval($_GET['b']);
-
- } else if ( ! empty($_SESSION['bitfield']) ) {
-
- // Use stored session bitfield - mid-browsing but somehow lost the bitfield
- $bitfield = $_SESSION['bitfield'];
-
- } else {
-
- // Could not find any bitfield, regenerate (later)
- $regenerate = true;
- $bitfield = 0;
-
- }
-
- // Get flag from query string while we're here
- if ( ! isset($flag) ) {
- $flag = isset($_GET['f']) ? $_GET['f'] : '';
- }
-
-
- /*****************************************************************
- * Determine options / use defaults
- ******************************************************************/
-
- $i = 0;
-
- // Loop through the possible options
- foreach ( $CONFIG['options'] as $name => $details ) {
-
- // Is the option forced?
- if ( ! empty($details['force']) ) {
-
- // Use default
- $options[$name] = $details['default'];
-
- // And move onto next option
- continue;
- }
-
- // Which bit does this option occupy in the bitfield?
- $bit = pow(2, $i);
-
- // Use value from bitfield if possible,
- if ( ! isset($regenerate) ) {
-
- // Use value from bitfield
- $options[$name] = checkBit($bitfield, $bit);
-
- }
-
- // No bitfield available - use defaults and regenerate
- else {
-
- // Use default value
- $options[$name] = $details['default'];
-
- // Set bit
- if ( $details['default'] ) {
- setBit($bitfield, $bit);
- }
-
- }
-
- // Increase index
- ++$i;
-
- }
-
- // Save new session value
- $_SESSION['bitfield'] = $bitfield;
-
-
- /*****************************************************************
- * Unique URLs
- ******************************************************************/
-
- if ( $CONFIG['unique_urls'] ) {
-
- // First visit? Ensure we have a unique salt
- if ( ! isset($_SESSION['unique_salt']) ) {
-
- // Generate random string
- $_SESSION['unique_salt'] = substr(md5(uniqid(true)),rand(0,10),rand(11,20));
-
- }
-
- // Session gets closed before all parsing complete so copy unique to globals
- $GLOBALS['unique_salt'] = $_SESSION['unique_salt'];
-
- }
-
-
- /*****************************************************************
- * Sort javascript flags
- * These determine how much parsing we do server-side and what can
- * be left for the browser client-side.
- * FALSE - unknown capabilities, parse all non-standard code
- * NULL - javascript override disabled, parse everything
- * (array) - flags of which overrides have failed (so parse these)
- ******************************************************************/
-
- if ( $CONFIG['override_javascript'] ) {
- $jsFlags = isset($_SESSION['js_flags']) ? $_SESSION['js_flags'] : false;
- } else {
- $jsFlags = null;
- }
-
-
- /*****************************************************************
- * Custom browser - set up defaults
- ******************************************************************/
-
- if ( ! isset($_SESSION['custom_browser']) ) {
-
- $_SESSION['custom_browser'] = array(
- 'user_agent' => isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '',
- 'referrer' => 'real',
- 'tunnel' => '',
- 'tunnel_port' => '',
- 'tunnel_type' => '',
- );
-
- }
-
-
- /*****************************************************************
- * Global functions
- * NB: Some of these (e.g. templating) could make up a whole new class
- * that could be easily swapped out to completely change how it works.
- * In the interests of speed - but at the cost of convenience - all this
- * is stuck together in here as functions.
- ******************************************************************/
-
- /*****************************************************************
- * URL encoding
- * There are 3 options that affect URL encodings - the path info setting,
- * the unique URLs setting and the users choice of to encode or not.
- ******************************************************************/
-
- // Takes a normal URL and converts it to a URL that, when requested,
- // will load the resource through our proxy
- function proxifyURL($url, $givenFlag = false) {
-
- global $CONFIG, $options, $bitfield, $flag;
-
- // Remove excess whitespace
- $url = trim($url);
-
- // Validate the input - ensure it's not empty, not an anchor, not javascript
- // and not already proxified
- if ( empty($url) || $url[0] == '#' || stripos($url, 'javascript:') === 0 || strpos($url, GLYPE_BROWSE) === 0 ) {
- return '';
- }
-
- // Extract any #anchor since we don't want to encode that
- if ( $tmp = strpos($url, '#') ) {
- $anchor = substr($url, $tmp);
- $url = substr($url, 0, $tmp-1);
- } else {
- $anchor = '';
- }
-
- // Convert to absolute URL (if not already)
- $url = absoluteURL($url);
-
- // Add encoding
- if ( $options['encodeURL'] ) {
-
- // Part of our encoding is to remove HTTP (saves space and helps avoid detection)
- $url = substr($url, 4);
-
- // Apply base64
- $url = base64_encode($url);
-
- // Add the salt if we're using unique URLs
- if ( $CONFIG['unique_urls'] ) {
- $url = $GLOBALS['unique_salt'] . $url;
- }
-
- }
-
- // Protect chars that have other meaning in URLs
- $url = rawurlencode($url);
-
- // Determine flag to use - $givenFlag is passed into function, $flag
- // is global flag currently in use (used here for persisting the frame state)
- $addFlag = $givenFlag ? $givenFlag : ( $flag == 'frame' ? 'frame' : '' );
-
- // Return in path info format (only when encoding is on)
- if ( $CONFIG['path_info_urls'] && $options['encodeURL'] ) {
- return GLYPE_BROWSE . '/' . str_replace('%', '_', chunk_split($url, 8, '/')) . 'b' . $bitfield . '/' . ( $addFlag ? 'f' . $addFlag : '') . $anchor;
- }
-
- // Otherwise, return in 'normal' (query string) format
- return GLYPE_BROWSE . '?url=' . $url . '&b=' . $bitfield . ( $addFlag ? '&f=' . $addFlag : '' ) . $anchor;
-
- }
-
- // Takes a URL that has been "proxified" by the proxifyURL() function
- // and returns it to a normal, direct URL
- function deproxifyURL($url, $verifyUnique=false) {
-
- // Check we have URL to deproxify
- if ( empty($url) ) {
- return $url;
- }
-
- // Remove our prefix
- $url = str_replace(GLYPE_BROWSE, '', $url);
-
- // Take off flags and bitfield
- if ( $url[0] == '/' ) {
-
- // First char is slash, must be path info format
- $url = preg_replace('#/b[0-9]{1,5}(?:/f[a-z]{1,10})?/?$#', '', $url);
-
- // Return % and strip /
- $url = str_replace('_', '%', $url);
- $url = str_replace('/', '', $url);
-
- } else {
-
- // First char not / so must be the standard query string format
- if ( preg_match('#\burl=([^&]+)#', $url, $tmp) ) {
- $url = $tmp[1];
- }
-
- }
-
- // Remove URL encoding (returns special chars such as /)
- $url = rawurldecode($url);
-
- // Is it encoded? Presence of :// means unencoded.
- if ( ! strpos($url, '://') ) {
-
- // Check for unique salt to remove
- if ( isset($GLOBALS['unique_salt']) ) {
-
- // Verify the salt
- if ( $verifyUnique && substr($url, 0, strlen($GLOBALS['unique_salt'])) != $GLOBALS['unique_salt'] ) {
- error('unique_mismatch', false);
- }
-
- // Remove the salt
- $url = substr($url, strlen($GLOBALS['unique_salt']));
-
- }
-
- // Remove base64
- $url = base64_decode($url);
-
- // Add http back
- $url = 'http' . $url;
-
- }
-
- // URLs were originally HTML attributes so *should* have had all
- // entities encoded. Decode it.
- $url = htmlspecialchars_decode($url);
-
- // Check for successful decoding
- if ( strpos($url, '://') === false ) {
- return false;
- }
-
- // Return decoded URL
- return $url;
-
- }
-
- // Take any type of URL (relative, absolute, with base, from root, etc.)
- // and return an absolute URL.
- function absoluteURL($input) {
-
- global $base, $URL;
-
- // Check we have something to work with
- if ( $input == false ) {
- return $input;
- }
-
- // "//domain.com" is valid - add the HTTP protocol if we have this
- if ( $input[0] == '/' && isset($input[1]) && $input[1] == '/' ) {
- $url = 'http:' . $url;
- }
-
- // Look for http or https and if necessary, convert relative to absolute
- if ( stripos($input, 'http://') !== 0 && stripos($input, 'https://') !== 0 ) {
-
- // . refers to current directory so do nothing if we find it
- if ( $input == '.' ) {
- $input = '';
- }
-
- // Check for the first char indicating the URL is relative from root,
- // in which case we just need to add the hostname prefix
- if ( $input && $input[0] == '/' ) {
-
- $input = $URL['scheme_host'] . $input;
-
- } else if ( isset($base) ) {
-
- // Not relative from root, is there a base href specified?
- $input = $base . $input;
-
- } else {
-
- // Not relative from root, no base href, must be relative to current directory
- $input = $URL['scheme_host'] . $URL['path'] . $input;
-
- }
-
- }
-
- // URL is absolute. Now attempt to simplify path.
- // Strip ./ (refers to current directory)
- $input = str_replace('/./', '/', $input);
-
- // Strip double slash //
- if ( isset($input[8]) && strpos($input, '//', 8) ) {
- # $input = preg_replace('#(?<!:)//#', '/', $input);
- }
-
- // Look for ../
- if ( strpos($input, '../') ) {
-
- // Extract path component only
- $oldPath =
- $path = parse_url($input, PHP_URL_PATH);
-
- // Convert ../ into "go up a directory"
- while ( ( $tmp = strpos($path, '/../') ) !== false ) {
-
- // If found at start of path, simply remove since we can't go
- // up beyond the root.
- if ( $tmp === 0 ) {
- $path = substr($path, 3);
- continue;
- }
-
- // It was found later so find the previous /
- $previousDir = strrpos($path, '/', - ( strlen($path) - $tmp + 1 ) );
-
- // And splice that directory out
- $path = substr_replace($path, '', $previousDir, $tmp+3-$previousDir);
-
- }
-
- // Replace path component with new
- $input = str_replace($oldPath, $path, $input);
-
- }
-
- return $input;
-
- }
-
-
- /*****************************************************************
- * Templating System
- ******************************************************************/
-
- // Load a template
- function loadTemplate($file, $vars=array()) {
-
- // Extract passed vars
- extract($vars);
-
- // Start output buffer
- ob_start();
-
- // Ensure file exists
- if ( $path = getTemplatePath($file) ) {
-
- // Load template into buffer
- include $path;
-
- // Get buffer into variable
- $template = ob_get_contents();
-
- }
-
- // Dispose of output buffer
- ob_end_clean();
-
- // Ensure template loaded properly
- if ( empty($template) ) {
-
- // Return an error message
- return '<b>ERROR:</b> template failed to load. Please ensure you have correctly installed any custom themes and check you have not removed any files from the default theme.';
-
- }
-
- // Apply theme replacements to template
- $template = replaceThemeTags($template);
-
- // Return HTML
- return $template;
- }
-
- // Take a template name and return absolute path
- function getTemplatePath($file) {
- global $CONFIG;
-
- // First look in custom theme folder
- if ( ! file_exists($return = GLYPE_ROOT . '/themes/' . $CONFIG['theme'] . '/' . $file . '.php') ) {
-
- // Then look in default folder (if different)
- if ( $CONFIG['theme'] == 'default' || ! file_exists($return = GLYPE_ROOT . '/themes/default/' . $file . '.php') ) {
-
- // Still not found? Fail.
- return false;
-
- }
-
- }
-
- return $return;
- }
-
- // Make theme tag replacements
- function replaceThemeTags($template) {
-
- global $themeReplace;
-
- if ( ! empty($themeReplace) ) {
-
- foreach ( $themeReplace as $tag => $value ) {
-
- // Make the replacement
- $template = str_replace('<!--[' . $tag . ']-->', $value, $template);
-
- // And for backwards compatability - will be removed at next major release
- if ( COMPATABILITY_MODE ) {
- $template = str_replace('<!--[glype:' . $tag . ']-->', $value, $template);
- }
-
- }
-
- }
-
- // Return updated
- return $template;
- }
- function render($buffer) { /*This is just to remind users of the terms of the license - removing the credit link is still illegal and enforced by copyright law.*/global$CONFIG;if(defined('LCNSE_KEY'))$CONFIG['license_key']=LCNSE_KEY;if($buffer&&(empty($CONFIG['license_key'])||strlen($CONFIG['license_key'])!=17)&&!preg_match('#<a[^>]+href\s*=\s*(["\\\']?)http://(?:www\.)?glype\.com#i', $buffer)){$buffer.=base64_decode('PHNwYW4gc3R5bGU9XCJmb250LXNpemU6eC1sYXJnZTtcIj5Qb3dlcmVkIGJ5IDxhIGhyZWY9XCJodHRwOi8vd3d3LmdseXBlLmNvbS9cIj5nbHlwZTwvYT4uIDxicj5UaGlzIGNvcHkgb2YgZ2x5cGUgcHJveHkgaXMgcnVubmluZyB3aXRob3V0IGEgY3JlZGl0IGxpbmsgb3IgbGljZW5zZSB0byByZW1vdmUgdGhlIGNyZWRpdCBsaW5rLjxicj4gUGxlYXNlIGJ1eSBhIGxpY2Vuc2UgZnJvbSA8YSBocmVmPVwiaHR0cDovL3d3dy5nbHlwZS5jb20vbGljZW5zZVwiPmdseXBlLmNvbTwvYT4gb3IgcmV0dXJuIHRoZSBjcmVkaXQgbGluayB0byB0aGUgdGVtcGxhdGUuPC9zcGFuPg==');}header('Content-Length: '.strlen($buffer));return $buffer;}
- // Replace content of main.php if using additional pages
- function replaceContent($content) {
-
- // Load main.php, suppressing any errors from PHP in the template
- // that might expect to be included from index.php.
- ob_start();
- include getTemplatePath('main');
- $output = ob_get_contents();
- ob_end_clean();
-
- // Return with theme tags replaced
- return replaceThemeTags(preg_replace('#<!-- CONTENT START -->.*<!-- CONTENT END -->#s', $content, $output));
- }
-
-
- /*****************************************************************
- * Input encoding / decoding
- * PHP converts a number of characters to underscores in incoming
- * variable names in an attempt to be compatible with register globals.
- * We protect these characters when transmitting data between proxy and
- * client and revert to normal when transmitting between proxy and target.
- ******************************************************************/
-
- // Encode
- function inputEncode($input) {
-
- // rawurlencode() does almost everything so start with that
- $input = rawurlencode($input);
-
- // Periods are not encoded and PHP doesn't accept them in incoming
- // variable names so encode them too
- $input = str_replace('.', '%2E', $input);
-
- // [] can be used to create an array so preserve them
- $input = str_replace('%5B', '[', $input);
- $input = str_replace('%5D', ']', $input);
-
- // And return changed
- return $input;
-
- }
-
- // And the complementary decode
- function inputDecode($input) {
- return rawurldecode($input);
- }
-
-
- /*****************************************************************
- * Bitfield operations
- ******************************************************************/
-
- function checkBit($value, $bit) {
- return ($value & $bit) ? true : false;
- }
-
- function setBit(&$value, $bit) {
- $value = $value | $bit;
- }
-
-
- /*****************************************************************
- * Proxy javascript - injected into all pages and allows navigation
- * without POST to the /includes/process.php page.
- ******************************************************************/
-
- function injectionJS() {
-
- global $CONFIG, $URL, $options, $base, $bitfield, $jsFlags;
-
- // Prepare options to make available for our javascript
-
- // Constants
- $siteURL = GLYPE_URL;
- $scriptName = SCRIPT_NAME;
-
- // URL parts
- $targetHost = isset($URL['scheme_host']) ? $URL['scheme_host'] : '';
- $targetPath = isset($URL['path']) ? $URL['path'] : '';
-
- // Optional values (may not be set):
- $base = isset($base) ? $base : '';
- $unique = $CONFIG['unique_urls'] ? $GLOBALS['unique_salt'] : '';
-
- // Do we want to override javascript and/or test javascript client-side capabilities?
- $optional = isset($URL) && $CONFIG['override_javascript'] ? ',override:1' : '';
- $optional .= $jsFlags === false ? ',test:1' : '';
-
- // Path to our javascript file
- $jsFile = GLYPE_URL . '/includes/main.js';
-
- return <<<OUT
- <script type="text/javascript">ginf={url:'{$siteURL}',script:'{$scriptName}',target:{h:'{$targetHost}',p:'{$targetPath}',b:'{$base}'},enc:{u:'{$unique}',e:'{$options['encodeURL']}',p:'{$CONFIG['path_info_urls']}'},b:'{$bitfield}'{$optional}}</script>
- <script type="text/javascript" src="{$jsFile}"></script>
- OUT;
- }
-
-
- /*****************************************************************
- * Compatability
- ******************************************************************/
-
- // Requirements are only PHP5 but this function was introduced in PHP 5.1.3
- if ( ! function_exists('curl_setopt_array') ) {
-
- // Takes an array of options and sets all at once
- function curl_setopt_array($ch, $options) {
-
- foreach ( $options as $option => $value ) {
- curl_setopt($ch, $option, $value);
- }
-
- }
-
- }
-
- if ( COMPATABILITY_MODE ) {
- // Function renamed at 1.0, here for backwards compatability
- function render_injectionJS() {
- return injectionJS();
- }
- }
-
- /*****************************************************************
- * Miscelleanous
- ******************************************************************/
-
- // Send no-cache headers.
- function sendNoCache() {
- header( 'Cache-Control: no-store, no-cache, must-revalidate' );
- header( 'Cache-Control: post-check=0, pre-check=0', false );
- header( 'Pragma: no-cache' );
- }
-
- // Trim and stripslashes
- function clean($value) {
-
- // Static $magic saves us recalling get_magic_quotes_gpc() every time
- static $magic;
-
- // Recurse if array
- if ( is_array($value) ) {
- return array_map($value);
- }
-
- // Trim extra spaces
- $value = trim($value);
-
- // Check magic quotes status
- if ( ! isset($magic) ) {
- $magic = get_magic_quotes_gpc();
- }
-
- // Stripslashes if magic
- if ( $magic && is_string($value) ) {
- $value = stripslashes($value);
- }
-
- // Return cleaned
- return $value;
-
- }
-
- // Redirect
- function redirect($to = 'index.php') {
-
- // Did we have an absolute URL?
- if ( strpos($to, 'http') !== 0 ) {
-
- // If not, prefix our current URL
- $to = GLYPE_URL . '/' . $to;
-
- }
-
- // Send redirect
- header('Location: ' . $to);
-
- exit;
-
- }
-
- // Error message
- function error($type, $allowReload=false) {
-
- global $phrases, $flag;
-
- // Get extra arguments
- $args = func_get_args();
-
- // Remove first argument (we have that as $type)
- array_shift($args);
-
- // Check error exists
- if ( ! isset($phrases[$type]) ) {
-
- // Force to the "unknown" error message
- $args = array($type);
- $type = 'unknown_error';
-
- }
-
- // If in frame or ajax, don't redirect back to index
- if ( isset($flag) && ( $flag == 'frame' || $flag == 'ajax' ) ) {
-
- // Extra arguments to take care of?
- if ( $args ) {
-
- // Error text must be generated by calling sprintf - we only have
- // the extra args as an array so we have to use call_user_func_array
- $errorText = call_user_func_array('sprintf', array_merge((array) $phrases[$type], $args));
-
- } else {
-
- // Error text can be fetched simply from the $phrases array
- $errorText = $phrases[$type];
-
- }
-
- die($errorText . ' <a href="index.php">Return to index</a>.');
-
- }
-
- // Still here? Not frame so serialize to pass in query string
- $pass = $args ? '&p=' . base64_encode(serialize($args)) : '';
-
- // Don't cache the error
- sendNoCache();
-
- // Do we want to allow refresh?
- $return = $allowReload ? '&return=' . rawurlencode(currentURL()) : '';
-
- // And go to error page
- redirect('index.php?e=' . $type . $return . $pass);
- exit;
-
- }
-
- // Return current URL (absolute URL to proxified page)
- function currentURL() {
-
- // Which method are we using
- $method = empty($_SERVER['PATH_INFO']) ? 'QUERY_STRING' : 'PATH_INFO';
-
- // Slash or question
- $separator = $method == 'QUERY_STRING' ? '?' : '';
-
- // Return full URL
- return GLYPE_BROWSE . $separator . ( isset($_SERVER[$method]) ? $_SERVER[$method] : '');
-
- }
-
- // Check tmp directory and create it if necessary
- function checkTmpDir($path, $htaccess=false) {
-
- global $CONFIG;
-
- // Does it already exist?
- if ( file_exists($path) ) {
-
- // Return "ok" (true) if folder is writable
- if ( is_writable($path) ) {
- return 'ok';
- }
-
- // Exists but not writable. Nothing else we can do.
- return false;
-
- } else {
-
- // Does not exist, can we create it? (No if the desired dir is not
- // inside the temp dir)
- if ( is_writable($CONFIG['tmp_dir']) && realpath($CONFIG['tmp_dir']) == realpath(dirname($path) . '/') && mkdir($path, 0755, true) ) {
-
- // New dir, protect it with .htaccess
- if ( $htaccess ) {
- file_put_contents($path . '/.htaccess', $htaccess);
- }
-
- // Return (true) "made"
- return 'made';
-
- }
-
- }
-
- return false;
-
- }