Untitled

<?php

// To run this proxy as a stand-alone script, edit the options below to the appropriate values ( as-is they use the RePress Wordpress options )
// You should normally NOT have to change any of these values

/** -- options -- **/

$rewritebase = repress_make_rewrite_base();
$remoteservers = json_decode( get_option('repress_remoteservers'), TRUE );
$agentstring = "RePress plugin/" . plugin_get_version() . " (PHP " . phpversion() . " streamer) - please read https://all4xs.net";
if (get_option('repress_push_post') == 'yes') {
    $doPosts = true;
} else {
    $doPosts = false;
}
if (get_option('repress_push_cookie') == 'yes') {
    $doCookies = true;
} else {
    $doCookies = false;
}
if (get_option('repress_secret') !== '') {
    $secret = get_option('repress_secret');
} else {
    $secret = 'repress';        // make something up if you want to support hashed cookies
}
$acceptCookies = array ( '' );

$GLOBALS['proxydebug'] = false;     // debugging? will dump all output to flat file.
error_reporting(E_NONE);

/** -- end of options -- **/


/*** Proxy code begins here. ***/


// Include dependencies

// proxyhelp requirement
require_once('proxyhelp/proxify_html_resource.php');
// domain functions
require_once('domains.php');

// Attempt to destroy cookies above RePress base

require_once("emptycookieredirect.php");

/* Process request */

logline("Proxy intercepted request: " . $_SERVER['REQUEST_URI']);

$hit = false; $extra = ''; $remoteserver = ''; $abbreviation = ''; $text = false;

$len = strlen($rewritebase);
if (strncmp($_SERVER['REQUEST_URI'], $rewritebase, $len) == 0) {

    logline("$rewritebase/ in url. Seems promising at first sight.");

    // strip repress/ part

    if (preg_match("/#/", $rewritebase)) { continue; }
    $strippedRepress = preg_replace("#^" . $rewritebase . "[\/]?#", "", $_SERVER['REQUEST_URI']);

    // strip everything after first slash

    $stripped = preg_replace("/\/.*$/", "", $strippedRepress);

    // domain name should be left over

    // generic domain name validation regular expression

    /** Possible hit. Is the domain one we proxy? **/

    // split into subdomains
    $subdomains = explode('.', $stripped);

    $illegalPart = false;

    foreach ($subdomains as $subdom) {
        if (!is_legal_domain_part($subdom)) {
            logline("ILLEGAL DOMAIN PART $subdom");
            $illegalPart = true;
            break;
        }
    }

    if (!$illegalPart) {

        foreach ($remoteservers as $hostname) {

            // future work: support hash matching in URLs instead of hostnames.
            logline("$hostname -> match checking");

            // split the proxied domain into subdomains
            $proxiedSubdomains = explode('.', $hostname);
            $numParts = count($proxiedSubdomains);

            $okMatch = true;

            if ($numParts > count($subdomains)) {
                logline("no match: subdomains count of request is less");
                $okMatch = false;
            } else {

                for ($i = $numParts - 1, $b = count($subdomains) - 1; $i >= 0; $i--,$b--) {
                    if ($proxiedSubdomains[$i] !== $subdomains[$b]) {
                        logline("proxied domain subpart " . $proxiedSubdomains[$i] . " does not match " . $subdomains[$b]);
                        $okMatch = false;
                        break;
                    } else {
                        logline("proxied domain subpart " . $proxiedSubdomains[$i] . " MATCHES " . $subdomains[$b]);
                    }
                }

            }

            if ($okMatch) {
                $hit = true; $remoteserver = $stripped; $abbreviation = $hostname;

                logline("looking for something extra");

                // now strippedRepress looks something like: wikileaks.org[/][....]

                // if no slashes, no extra
                if (strpos($strippedRepress,'/') == FALSE) {
                    $extra = '';
                } else {
                    // extra is everything after the first slash
                    $extra = preg_replace("/^.*?\//", "", $strippedRepress);
                }

            }

        }

    }


    if ($hit == false) {
        header('HTTP/1.0 404 Not Found');
        exit;       // close, but no cigar.
    }
}

if ($hit) {

    // try to protect against XSS attacks on Wordpress sessions if running as plugin
    if (function_exists('repress_logout_wordpress_user')) {
        repress_logout_wordpress_user();
    }

    // determine net link by stripping the ?GET parameters
    $fopenLink = preg_replace("/\?.*$/", "", "http://$remoteserver/$extra");

    logline("Interpreted! hit as follows:");
    logline("Remoteserver = $remoteserver, abbreviation = $abbreviation, extra = $extra and net open link is http://$remoteserver/$extra");

    // do we do a POST?

    if ($doPosts && is_array($_POST) && count($_POST) > 0) {
        $requestType = 'POST';
    } else {
        $requestType = 'GET';
    }

    // do we do cookies?

    $cookieHeaders = '';

    if ($doCookies && is_array($_COOKIE) && count($_COOKIE) > 0) {
        foreach ($_COOKIE as $name => $val) {
            $encodeName = rawurlencode($name);
            $encodeVal = rawurlencode($val);
            $cookieHeaders .= "Cookie: $encodeName=$encodeVal\r\n";
        }
    }

    /* Establish streaming connection to the remote server */

    if ($requestType == 'GET') {
        $streamOptions = array(
                      'http'=>array(
                                  'method'=>"GET",
                          'host'=>$remoteserver,
                          'user_agent'=>$agentstring,
                          'header'=>$cookieHeaders
                           )
                      );
    } else {
        $postData = http_build_query($_POST);

        $streamOptions = array(
                      'http'=>array(
                                      'method'=>"POST",
                          'host'=>$remoteserver,
                          'user_agent'=>$agentstring,
                          'header'=>"Content-type: application/x-www-form-urlencoded\r\n" .
                                    "Content-Length: " . strlen($postData) . "\r\n" .
                                $cookieHeaders,
                          'content'=>$postData
                           )
                      );
    }

    $context = stream_context_create($streamOptions);
    logline("Open to location " . "http://$remoteserver/$extra");
    $handle = fopen("http://$remoteserver/$extra", "rb", false, $context);
    if ($handle == FALSE) {
        if (isset($GLOBALS['proxydebug']) && $GLOBALS['proxydebug']) {
            echo("Proxy error to: http://$remoteserver/$extra");
        }
        exit;
    }

    /* Start working on headers */
    $one_byte = fread($handle, 1); // mh_edit this is used to stop the "bug" reported here https://bugs.php.net/bug.php?id=46896 where the responce headers are missing
    $meta = stream_get_meta_data($handle);
    $headerData = $meta['wrapper_data'];
    if(is_array($headerData) && is_array(@$headerData['headers'])) $headerData = $headerData['headers']; // mh_edit this is added to get to the actual response headers into $headerData

    if (preg_match("/HTTP.... 30./", $headerData[0])) $redirect = true;
    else {
        $redirect = false;
    }

    $i = 0;
    foreach ($headerData as $line) {
        $i++;

        if ($i > 1 && preg_match("/^HTTP\/1../", $line)) {
            // no multiple HTTP headers will be replied
            exit;
        }

        // make 302 redirects work
        if ($redirect && !preg_match("#$rewritebase#", $line)) {

            // a redirect to root is a redirect to main page here
            $line = preg_replace("#^Location: /#", "Location: $rewritebase/$abbreviation/", $line);

            // we localize redirects to all known hosts, and subdomains of those hosts
            foreach ($remoteservers as $knownhost) {
                $knownhostAbbr = $knownhost;            // future work: support hashing

                // an absolute redirect to a main page
                $line = preg_replace("#^Location: http://$knownhost#", "Location: $rewritebase/$knownhostAbbr", $line);
                $line = preg_replace("#^Location: http://$knownhost/#", "Location: $rewritebase/$knownhostAbbr", $line);
                // an absolute redirect to a lower page
                $line = preg_replace("#^Location: http://$knownhost/(.*)$#", "Location: $rewritebase/$knownhostAbbr/$1", $line);

                // Support subdomains

                // an absolute redirect to a main page
                $line = preg_replace("#^Location: http://(.*?)\.$knownhost#", "Location: $rewritebase/$1.$knownhostAbbr", $line);
                $line = preg_replace("#^Location: http://(.*?)\.$knownhost/#", "Location: $rewritebase/$1.$knownhostAbbr", $line);
                // an absolute redirect to a lower page
                $line = preg_replace("#^Location: http://(.*?)\.$knownhost/(.*)$#", "Location: $rewritebase/$1.$knownhostAbbr/$2", $line);

            }
        }

        // cookie handling
        if (preg_match("/^Set-Cookie: /i", $line)) {

            if ($doCookies == false) {

                continue;

            }

            logline("Found cookie header $line");

            // rewrite cookie paths

            if (preg_match("#; path=([^;]*)#", $line, $matches)) {

                $pathNow = $matches[1];

                logline("Cookie path found $pathNow");

                if (preg_match("/^/", $pathNow)) {

                    $pathNew = "$rewritebase/$abbreviation" . $pathNow;
                    $line = preg_replace("#; path=([^;]*)#", "; path=$pathNew", $line);

                    logline("Insecure path. Setting to $pathNew");
                }
            }

        }

        // get content type
        if (preg_match("/^Content-Type: text\/.*$/i", $line)) {
            $text = true;
        }

        // ignore robots header. we have our own

        if (preg_match("/^X-Robots-Tag: /i", $line)) {
            continue;
        }

        // pass through headers

        logline("Give header: $line");
        header($line);

    }

    // After a 30x relocation response, exit immediatly
    if ($redirect) {
        logline("EXIT because relocate");
        exit;
    }

    // add no robots header
    header("X-Robots-Tag: noindex, nofollow", true);

    if ($text) {

        /* Read text page and close handle */
        $contents = $one_byte . stream_get_contents($handle); // mh_edit add the one byte read already to $contents
        fclose($handle);

    } else {

        /* Pass through binary content or non-parsed content */
        echo $one_byte; // mh_edit add the one byte read already to the output stream
        $size = fpassthru($handle)+1; // mh_edit add the one byte read already to the size of the data read
        fclose($handle);
        register_bandwidth_usage($size);
        exit;

    }

    // Proxy rewrite resource

    proxyhelp_init_for_repress($rewritebase, $abbreviation, $remoteservers);

    $contents = proxify_html_resource($contents);

    /* Push text. */

    $size = strlen($contents);
    register_bandwidth_usage($size);
    echo $contents;

    /* Done. */

    exit;

}

function register_bandwidth_usage($size) {

    if ( function_exists('repress_register_bandwidth_usage') ) {
        repress_register_bandwidth_usage($size);
    }

}

/** Log and debug functions **/

function logline($line) {
    if (!$GLOBALS['proxydebug']) { return; }

    if (!is_link("/tmp/repress.module.debug.log")) {
        $f = fopen("/tmp/repress.module.debug.log", "a");
        fputs($f, $line . "\n");
        fclose($f);
    }
}