Skip to content

Commit

Permalink
fix replace urls errors
Browse files Browse the repository at this point in the history
  • Loading branch information
@YehudaEi
YehudaEi committed May 25, 2020
1 parent 48108ad commit 9bbde22
Show file tree
Hide file tree
Showing 7 changed files with 290 additions and 289 deletions.
2 changes: 2 additions & 0 deletions include/autoload.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,4 +9,6 @@
include_once(APP_INCLUDE . DS . 'login.php');
include_once(APP_INCLUDE . DS . 'functions.php');
include_once(APP_INCLUDE . DS . 'browser.php');
include_once(APP_INCLUDE . DS . 'request.php');

set_exception_handler('errorHandler');
351 changes: 74 additions & 277 deletions include/browser.php
View file

Large diffs are not rendered by default.

7 changes: 6 additions & 1 deletion include/config.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,9 @@

define('FAVICON', "https://yehudae.net/favicon.ico"); # or base64 (data:image/png;base64,)

define('CUSTOM_USER_AGENT', null);
define('CUSTOM_REFERRER', null);

define('USERS', array(
'admin' => password_hash('admin@123', PASSWORD_DEFAULT),
'user' => password_hash('12345', PASSWORD_DEFAULT),
Expand All @@ -18,6 +21,8 @@
'user' => 0, // user can't view logs
));

define('LOGGING', 1);

define('DEBUG_MODE', 0);

if(DEBUG_MODE){
Expand All @@ -34,7 +39,7 @@
define('DS', DIRECTORY_SEPARATOR);

// Credit: https://github.com/NoamDev
define('URL_REGEX', '/(?:https?:)?(?:\/\/|\\\\\\/\\\\\\/)(?:(?:(?:[a-z0-9]+\.)+[a-z]{2,})|(?:(?:\d{1,3}\.){3}\d{1,3}))(?=["\'\s\/\:])/i');
define('URL_REGEX', '/(?:https?:)?(?:\/\/|\\\\\\/\\\\\\/)(?:(?:(?:[a-z0-9\-]+\.)+[a-z]{2,})|(?:(?:\d{1,3}\.){3}\d{1,3}))(?=["\'\s\/\:])/i');

define('SESSION_NAME', 'ProxySystem');

Expand Down
58 changes: 57 additions & 1 deletion include/functions.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ function proxyUrl($url){
return $url;
}

function getProxyUrl($url = null){
function unProxyUrl($url = null){
$tmp = explode("--" , str_replace(".".SERVER_BASE_DOMAIN, "", ($url ?? $_SERVER['HTTP_HOST'])));
$baseUrl = "";
foreach($tmp as $k => $domain){
Expand All @@ -66,3 +66,59 @@ function getProxyUrl($url = null){
return $fullUrl;
}

function logAction($line, $fileName) {
if (LOGGING) {
if (!file_exists(APP_TMP)) {mkdir(APP_TMP, 0777);}
$dir = APP_TMP . DS . "logs" . DS;
if (!file_exists($dir)) {mkdir($dir, 0777);}

file_put_contents($dir . $fileName, $line, FILE_APPEND | LOCK_EX);

return true;
}
return false;
}

function errorHandler($exception) {
if (is_object($exception) && trim(strtolower(@get_class($exception))) == "exception") {
$message = trim($exception->getMessage());

if (!empty($message)) {
echo $message;
return true;
}
}
return false;
}

function createCookieFile() {
if(!isset($_SESSION[SESSION_NAME]['cookieName'])){
$cookieFileName = uniqid();
$_SESSION[SESSION_NAME]['cookieName'] = $cookieFileName;
}
else{
$cookieFileName = $_SESSION[SESSION_NAME]['cookieName'];
}

$dir = APP_TMP . DS . "cookies" . DS;
if (!file_exists($dir)) {mkdir($dir, 0777);}

$fileName = $dir . $cookieFileName . ".txt";
return $fileName;
}

function modifyURL($URL) {
if (!preg_match("~^[a-z]+://~is", $URL = htmlspecialchars_decode(trim($URL)))) {
$validDomainName = (preg_match("~^([a-z\d](-*[a-z\d])*)(\.([a-z\d](-*[a-z\d])*))*$~i", $h = parse_url("http://" . $URL, PHP_URL_HOST)) && preg_match("~^.{1,253}$~", $h) && preg_match("~^[^\.]{1,63}(\.[^\.]{1,63})*$~", $h)) && browser::getResponseType(pathinfo($h, PATHINFO_EXTENSION)) == "URL";

$scheme = (($s = parse_url($URL, PHP_URL_SCHEME)) == "" ? "http" : strtolower($s));
$host = ((isset($validDomainName) && !$validDomainName) || @$URL[0] == "/" ? parse_url($URL, PHP_URL_HOST) : "");
$URL = ($URL == "#" ? $URL : $scheme . "://" . $host . $URL);

while (preg_match("~/[A-Za-z0-9_]+/\.\./~", $URL)) {
$URL = preg_replace("~/[A-Za-z0-9_]+/\.\./~", "/", $URL);
}
}
return str_replace(array(" ", "\\"), array("+", ""), $URL);
}

13 changes: 6 additions & 7 deletions include/login.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,29 +17,28 @@ function login(){
}
else{
unset($_SESSION[SESSION_NAME]['user']);
unset($_SESSION[SESSION_NAME]['clientIP']);
$_SESSION[SESSION_NAME]['message'] = "<h2 style='color:blue;'>⚠️ Your IP address has changed</h2>";
header("Location: https://".SERVER_BASE_DOMAIN);
}
}
elseif(isset($_POST['user'], $_POST['pass'])) {
if (!file_exists(APP_TMP)) {mkdir(APP_TMP, 0777);}
$dir = APP_TMP . DS . "logs" . DS;
if (!file_exists($dir)) {mkdir($dir, 0777);}

elseif(isset($_POST['user'], $_POST['pass'])) {
if (isset(USERS[strtolower($_POST['user'])]) && isset($_POST['pass']) && password_verify($_POST['pass'], USERS[strtolower($_POST['user'])])) {
$_SESSION[SESSION_NAME]['user'] = strtolower($_POST['user']);
$_SESSION[SESSION_NAME]['clientIP'] = $_SERVER["REMOTE_ADDR"];
$_SESSION[SESSION_NAME]['message'] = "<h2 style='color:lime;'>Success Connected 😀</h2>";

$line = "[" . date("H:i:s d-m-Y") . "][" . $_SERVER["REMOTE_ADDR"] . "][" . $_SERVER["HTTP_USER_AGENT"] . "][" . $_POST['user'] . "][USER_PASSWORD]" . PHP_EOL;
$logFileName = "Success Connections.txt";
} else {
unset($_SESSION[SESSION_NAME]['user']);
$_SESSION[SESSION_NAME]['message'] = "<h2 style='color:red;'>username or password is incorrect 😕</h2>";

$line = "[" . date("H:i:s d-m-Y") . "][" . $_SERVER["REMOTE_ADDR"] . "][" . $_SERVER["HTTP_USER_AGENT"] . "][" . $_POST['user'] . "][" . $_POST['pass'] . "]" . PHP_EOL;
$logFileName = "Failed Connections.txt";
}

file_put_contents($dir . $logFileName, $line, FILE_APPEND | LOCK_EX);
logAction($line, $logFileName);
header("Refresh: 0");
}
else{
Expand All @@ -60,7 +59,7 @@ function login(){
<div align="center">
<h1>Yehuda\'s System - Login</h1>
' . $message . '
<form method="POST" action="/Home">
<form method="POST">
<input type="text" name="user" required placeholder="Username"><br><br>
<input type="password" name="pass" required placeholder="Password"><br><br>
<button type="submit">Login</button>
Expand Down
131 changes: 131 additions & 0 deletions include/request.php
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,131 @@
<?php

class request {
public $URL = "";
public $cookieFile = "";
public $errors = "";
public $responseUrl = "";
public $responseCode = false;
public $responseHeaders = "";
public $response = "";

function __construct($URL){
$this->URL = $URL;
$this->cookieFile = createCookieFile();
}

public function exec() {
if(!empty($this->URL)){
$curl = curl_init($this->URL);

curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($curl, CURLOPT_ENCODING, $_SERVER['HTTP_ACCEPT_ENCODING']);
curl_setopt($curl, CURLOPT_HTTPHEADER, array(
"Accept-Language:" . $_SERVER['HTTP_ACCEPT_LANGUAGE'],
"Accept:" . $_SERVER['HTTP_ACCEPT'],
));
curl_setopt($curl, CURLOPT_NOPROGRESS, true);
curl_setopt_array($curl, array(
CURLOPT_TIMEOUT => false,
CURLOPT_CONNECTTIMEOUT => 2,
CURLOPT_DNS_CACHE_TIMEOUT => 200,
CURLOPT_SSL_VERIFYHOST => (HTTPS ? 2 : 0),
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_LOW_SPEED_LIMIT => 5,
CURLOPT_LOW_SPEED_TIME => 20,
));

if(isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW']))
curl_setopt($curl, CURLOPT_USERPWD, $_SERVER['PHP_AUTH_USER'] . ":" . $_SERVER['PHP_AUTH_PW']);


curl_setopt($curl, CURLOPT_WRITEFUNCTION, (function ($curl, $p) use (&$body, &$headers, &$totalBuffer) {
$shouldStream = (preg_match("~(video/|image/)~i", $headers["content-type"][0]) && strpos($headers["content-type"][0], "+") === false);
if (!@$headers["content-length"][1] && $shouldStream) {
$start = 0;
$end = 0;
if (preg_match("~bytes\=([0-9]+|)\-([0-9]+|)~i", $_SERVER['HTTP_RANGE'], $r)) {
header('HTTP/1.1 206 Partial Content');
$start = $r[1][0];
$end = (!empty($r[2][0]) ? $r[2][0] : $headers["content-length"][0]) - 1;
}
$headers["content-length"][1] = true;
$headers["accept-ranges"] = array("0-" . $end, true);
$headers["content-range"] = array("bytes " . $start . "-" . $end . "/" . $headers["content-length"][0], true);
header("Content-Length: " . $headers["content-length"][0]);
header("Accept-Ranges: " . $headers["accept-ranges"][0]);
header("Content-Range: " . $headers["content-range"][0]);
}

if (!$shouldStream && $curl) {
$body .= $p;
}
else {
$body = null;
echo $p;
ob_end_flush();
flush();
}
return strlen($p);
}));

curl_setopt($curl, CURLOPT_HEADERFUNCTION, (function($curl, $header) use (&$headers){
$len = strlen($header);
$header = explode(':', $header, 2);
if (count($header) < 2)
return $len;

$headers[strtolower(trim($header[0]))] = trim($header[1]);

return $len;
}));

if (!empty(CUSTOM_USER_AGENT))
curl_setopt($curl, CURLOPT_USERAGENT, CUSTOM_USER_AGENT);
else
curl_setopt($curl, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);

if (!is_null(CUSTOM_REFERRER))
curl_setopt($curl, CURLOPT_REFERER, CUSTOM_REFERRER);
else
curl_setopt($curl, CURLOPT_REFERER, (!empty($_SERVER["HTTP_REFERER"]) ? unProxyUrl($_SERVER["HTTP_REFERER"]) : ""));


curl_setopt($curl, CURLOPT_COOKIEFILE, $this->cookieFile);
curl_setopt($curl, CURLOPT_COOKIEJAR, $this->cookieFile);

foreach ($_FILES as $upload => $files) {
for ($i = 0;$i < count($files["name"]);$i++) {
if ($files["error"][$i] == false) {
$name = $upload . (count($files["name"]) > 1 ? "[$i]" : "");
}
}
}

if (count($_POST) > 0) {
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, (count($_FILES) > 0 ? $_POST : http_build_query($_POST)));
}

curl_exec($curl);

if($errors = curl_error($curl)){
$this->errors = $errors;
$this->responseCode = curl_getinfo($curl, CURLINFO_HTTP_CODE);

curl_close($curl);
return false;
}
else{
$this->responseUrl = curl_getinfo($curl, CURLINFO_EFFECTIVE_URL);
$this->responseCode = curl_getinfo($curl, CURLINFO_HTTP_CODE);
$this->responseHeaders = $headers;
$this->response = $body;

curl_close($curl);
return true;
}
}
}
}
17 changes: 14 additions & 3 deletions public/index.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@

if(!empty($isLogged)){
if($_SERVER['HTTP_HOST'] != SERVER_BASE_DOMAIN){
$proxyUrl = getProxyUrl();
$proxyUrl = unProxyUrl();
$proxy = new browser($proxyUrl);

$page = $proxy->openPage();
Expand Down Expand Up @@ -83,8 +83,14 @@
elseif(isset($_GET['date'])){
$showMain = false;
$date = basename($_GET['date']);
if(file_exists(APP_TMP . DS . "logs" . DS . $date . ".log")){
echo file_get_contents(APP_TMP . DS . "logs" . DS . $date . ".log");
$fileName = APP_TMP . DS . "logs" . DS . $date . ".log";
if(file_exists($fileName)){
header('Content-Type: text/plain');
echo file_get_contents($fileName);

$line = "[" . date("H:i:s d-m-Y") . "][" . $_SERVER["REMOTE_ADDR"] . "][" . $_SESSION[SESSION_NAME]['user'] . "][" . $date . ".log" . "]" . PHP_EOL;
$logFileName = "View Logs.txt";
logAction($line, $logFileName);
}
else{
$_SESSION[SESSION_NAME]['message'] = "<h2 style='color:red;'>The " . htmlspecialchars($date) . " log was not found 😔</h2>";
Expand All @@ -96,7 +102,12 @@
$logName = ucfirst($_GET['special']);
$fileName = APP_TMP . DS . "logs" . DS . $logName . " Connections.txt";
if(file_exists($fileName)){
header('Content-Type: text/plain');
echo file_get_contents($fileName);

$line = "[" . date("H:i:s d-m-Y") . "][" . $_SERVER["REMOTE_ADDR"] . "][" . $_SESSION[SESSION_NAME]['user'] . "][" . $logName . " Connections.txt" . "]" . PHP_EOL;
$logFileName = "View Logs.txt";
logAction($line, $logFileName);
}
else{
$_SESSION[SESSION_NAME]['message'] = "<h2 style='color:red;'>The " . htmlspecialchars($logName) . " log was not found 😔</h2>";
Expand Down

0 comments on commit 9bbde22

Please sign in to comment.