当前位置: 首页>>代码示例>>PHP>>正文


PHP http_class::Close方法代码示例

本文整理汇总了PHP中http_class::Close方法的典型用法代码示例。如果您正苦于以下问题:PHP http_class::Close方法的具体用法?PHP http_class::Close怎么用?PHP http_class::Close使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在http_class的用法示例。


在下文中一共展示了http_class::Close方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: send_request

 public function send_request($request)
 {
     $response_code = '0';
     $response_info = array();
     $response_headers = array();
     $error = '';
     $http = new http_class();
     $http->follow_redirect = 1;
     $http->redirection_limit = 5;
     $http->prefer_curl = 0;
     $error = $http->GetRequestArguments($request->uri, $arguments);
     if ($request->credentials != null) {
         $http->authentication_mechanism = "Digest";
         $arguments['AuthUser'] = $request->credentials->get_username();
         $arguments['AuthPassword'] = $request->credentials->get_password();
     }
     $arguments["RequestMethod"] = $request->method;
     foreach ($request->headers as $k => $v) {
         $arguments["Headers"][$k] = $v;
     }
     if ($request->body != null) {
         $arguments["Body"] = $request->body;
     }
     $error = $http->Open($arguments);
     if (!$error) {
         $error = $http->SendRequest($arguments);
     }
     if (!$error) {
         $error = $http->ReadReplyHeaders($response_headers);
         $response_code = $http->response_status;
         $response_body = '';
         for (;;) {
             $error = $http->ReadReplyBody($body, 1000);
             if ($error != "" || strlen($body) == 0) {
                 break;
             }
             $response_body .= $body;
         }
     } else {
         if ($request->_cache && $cached_response) {
             return $cached_response;
         }
         $response_body = "Request failed: " . $error;
     }
     $http->Close();
     $response = new HttpResponse();
     $response->status_code = $response_code;
     $response->headers = $response_headers;
     $response->body = $response_body;
     $response->info = $response_info;
     //ID20100317    $response->request = $request;
     $response->request_method = $request->method;
     $response->request_uri = $request->uri;
     $response->request_headers = $request->headers;
     $response->request_body = $request->body;
     $key = spl_object_hash($request);
     $this->responses[$key] = $response;
     return $key;
 }
开发者ID:risis-eu,项目名称:RISIS_LinkedDataAPI,代码行数:59,代码来源:phphttpclient.class.php

示例2: array

 function open_url($type, $params = array())
 {
     $http = new http_class();
     $http->request_method = 'POST';
     $http->user_agent = "cesar-rodas/1.0 | Akismet-Class/" . CLASS_VERSION;
     $http->follow_redirect = 1;
     $http->redirection_limit = 5;
     $http->exclude_address = "";
     $http->protocol_version = "1.1";
     $http->GetRequestArguments($this->get_url($type), $arguments);
     $arguments['PostValues'] = $params;
     $this->err = $http->Open($arguments);
     if ($this->err != "") {
         return false;
     }
     $this->err = $http->SendRequest($arguments);
     if ($this->err != "") {
         return false;
     }
     $this->err = $http->ReadReplyHeaders($gHeaders);
     if ($this->err != "") {
         return false;
     }
     if ($http->response_status != 200) {
         $this->err = "Pages status: " . $http->response_status;
         $http->Close();
         return false;
     }
     $response = '';
     for (;;) {
         $this->error = $http->ReadReplyBody($body, 1000);
         if ($this->error != "" || strlen($body) == 0) {
             break;
         }
         $response .= $body;
     }
     $http->close();
     return $response;
 }
开发者ID:emente,项目名称:kataii---kata-framework-2.x,代码行数:39,代码来源:akismet.php

示例3: switchAction

 public function switchAction($action, $httpVars, $fileVars)
 {
     //$this->logInfo("DL file", $httpVars);
     $repository = ConfService::getRepository();
     if (!$repository->detectStreamWrapper(false)) {
         return false;
     }
     $plugin = AJXP_PluginsService::findPlugin("access", $repository->getAccessType());
     $streamData = $plugin->detectStreamWrapper(true);
     $dir = AJXP_Utils::decodeSecureMagic($httpVars["dir"]);
     $destStreamURL = $streamData["protocol"] . "://" . $repository->getId() . $dir . "/";
     $dlURL = null;
     if (isset($httpVars["file"])) {
         $parts = parse_url($httpVars["file"]);
         $getPath = $parts["path"];
         $basename = basename($getPath);
         $dlURL = $httpVars["file"];
     }
     if (isset($httpVars["dlfile"])) {
         $dlFile = $streamData["protocol"] . "://" . $repository->getId() . AJXP_Utils::decodeSecureMagic($httpVars["dlfile"]);
         $realFile = file_get_contents($dlFile);
         if (empty($realFile)) {
             throw new Exception("cannot find file {$dlFile} for download");
         }
         $parts = parse_url($realFile);
         $getPath = $parts["path"];
         $basename = basename($getPath);
         $dlURL = $realFile;
     }
     switch ($action) {
         case "external_download":
             if (!ConfService::currentContextIsCommandLine() && ConfService::backgroundActionsSupported()) {
                 $unixProcess = AJXP_Controller::applyActionInBackground($repository->getId(), "external_download", $httpVars);
                 if ($unixProcess !== null) {
                     @file_put_contents($destStreamURL . "." . $basename . ".pid", $unixProcess->getPid());
                 }
                 AJXP_XMLWriter::header();
                 AJXP_XMLWriter::triggerBgAction("reload_node", array(), "Triggering DL ", true, 2);
                 AJXP_XMLWriter::close();
                 session_write_close();
                 exit;
             }
             require_once AJXP_BIN_FOLDER . "/http_class/http_class.php";
             session_write_close();
             $httpClient = new http_class();
             $arguments = array();
             $httpClient->GetRequestArguments($httpVars["file"], $arguments);
             $err = $httpClient->Open($arguments);
             $collectHeaders = array("ajxp-last-redirection" => "", "content-disposition" => "", "content-length" => "");
             if (empty($err)) {
                 $err = $httpClient->SendRequest($arguments);
                 $httpClient->follow_redirect = true;
                 $pidHiddenFileName = $destStreamURL . "." . $basename . ".pid";
                 if (is_file($pidHiddenFileName)) {
                     $pid = file_get_contents($pidHiddenFileName);
                     @unlink($pidHiddenFileName);
                 }
                 if (empty($err)) {
                     $httpClient->ReadReplyHeaders($collectHeaders);
                     $totalSize = -1;
                     if (!empty($collectHeaders["content-disposition"]) && strstr($collectHeaders["content-disposition"], "filename") !== false) {
                         $ar = explode("filename=", $collectHeaders["content-disposition"]);
                         $basename = trim(array_pop($ar));
                         $basename = str_replace("\"", "", $basename);
                         // Remove quotes
                     }
                     if (!empty($collectHeaders["content-length"])) {
                         $totalSize = intval($collectHeaders["content-length"]);
                         $this->logDebug("Should download {$totalSize} bytes!");
                     }
                     if ($totalSize != -1) {
                         $node = new AJXP_Node($destStreamURL . $basename);
                         AJXP_Controller::applyHook("node.before_create", array($node, $totalSize));
                     }
                     $tmpFilename = $destStreamURL . $basename . ".dlpart";
                     $hiddenFilename = $destStreamURL . "__" . $basename . ".ser";
                     $filename = $destStreamURL . $basename;
                     $dlData = array("sourceUrl" => $getPath, "totalSize" => $totalSize);
                     if (isset($pid)) {
                         $dlData["pid"] = $pid;
                     }
                     //file_put_contents($hiddenFilename, serialize($dlData));
                     $fpHid = fopen($hiddenFilename, "w");
                     fputs($fpHid, serialize($dlData));
                     fclose($fpHid);
                     // NOW READ RESPONSE
                     $destStream = fopen($tmpFilename, "w");
                     while (true) {
                         $body = "";
                         $error = $httpClient->ReadReplyBody($body, 1000);
                         if ($error != "" || strlen($body) == 0) {
                             break;
                         }
                         fwrite($destStream, $body, strlen($body));
                     }
                     fclose($destStream);
                     rename($tmpFilename, $filename);
                     unlink($hiddenFilename);
                 }
                 $httpClient->Close();
//.........这里部分代码省略.........
开发者ID:rcmarotz,项目名称:pydio-core,代码行数:101,代码来源:class.HttpDownloader.php

示例4: testUnvalidatedRedirects

function testUnvalidatedRedirects($arrayOfUrls, $testId)
{
    connectToDb($db);
    updateStatus($db, "Testing all URLs for Unvalidated Redirects...", $testId);
    $log = new Logger();
    $log->lfile('logs/eventlogs');
    $log->lwrite("Starting Unvalidated Redirects test function on all URLs");
    $http = new http_class();
    $http->timeout = 0;
    $http->data_timeout = 0;
    //$http->debug=1;
    $http->user_agent = "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)";
    $http->follow_redirect = 0;
    $http->setTestId($testId);
    //Identify which URLs, if any, cause redirects
    $log->lwrite("Identifying which URLs, if any, cause redirects");
    updateStatus($db, "Identifying which URLs, if any, cause redirects...", $testId);
    $potentiallyVulnUrls = array();
    foreach ($arrayOfUrls as $currentUrl) {
        $error = $http->GetRequestArguments($currentUrl, $arguments);
        $error = $http->Open($arguments);
        $log->lwrite("URL to be requested is: {$currentUrl}");
        if ($error == "") {
            $log->lwrite("Sending HTTP request to {$currentUrl}");
            $error = $http->SendRequest($arguments);
            if ($error == "") {
                $headers = array();
                $error = $http->ReadReplyHeaders($headers);
                if ($error == "") {
                    $responseCode = $http->response_status;
                    //This is a string
                    $log->lwrite("Received response code: {$responseCode}");
                    if (intval($responseCode) >= 300 && intval($responseCode) < 400) {
                        array_push($potentiallyVulnUrls, $currentUrl);
                    }
                }
            }
            $http->Close();
        }
        if (strlen($error)) {
            echo "<H2 align=\"center\">Error: ", $error, "</H2>\n";
            $log->lwrite("Error: {$error}");
        }
    }
    $log->lwrite("Potentially Vulnerable URLs:");
    foreach ($potentiallyVulnUrls as $currentUrl) {
        $log->lwrite("{$currentUrl}");
    }
    updateStatus($db, "Beginning testing each potentially vulnerable URL for unvalidated redirects ...", $testId);
    $redirectDomain = 'www.whatismyip.com';
    foreach ($potentiallyVulnUrls as $currentUrl) {
        updateStatus($db, "Testing {$currentUrl} for Unvalidated Redirects...", $testId);
        $log->lwrite("Testing {$currentUrl} for unvalidated redirects");
        echo "<br>Testing: {$currentUrl} <br>";
        $parsedUrl = parse_url($currentUrl);
        $query = $parsedUrl['query'];
        $parameters = array();
        parse_str($query, $parameters);
        $newQuery = '';
        $query = urldecode($query);
        $originalQuery = $query;
        if ($parsedUrl) {
            foreach ($parameters as $para) {
                $query = $originalQuery;
                if (stripos($para, 'http') || stripos($para, 'www')) {
                    if (stripos($para, 'http') === 0) {
                        $newRedirectDomain = 'http://' . $redirectDomain;
                        $newQuery = str_replace($para, $newRedirectDomain, $query);
                        $query = $newQuery;
                        $newRedirectDomain = '';
                    } else {
                        if (stripos($para, 'www') === 0 && !strpos($para, 'http') === 0) {
                            $newQuery = str_replace($para, $redirectDomain, $query);
                            $query = $newQuery;
                        }
                    }
                } else {
                    $newRedirectDomain = 'http://' . $redirectDomain;
                    $newQuery = str_replace($para, $newRedirectDomain, $query);
                    $query = $newQuery;
                    $newRedirectDomain = '';
                }
                $scheme = $parsedUrl['scheme'];
                $host = $parsedUrl['host'];
                $path = $parsedUrl['path'];
                $testUrl = $scheme . '://' . $host . $path . '?' . $newQuery;
                $log->lwrite("URL to be requested is: {$testUrl}");
                $error = $http->GetRequestArguments($testUrl, $arguments);
                $error = $http->Open($arguments);
                if ($error == "") {
                    $log->lwrite("Sending HTTP request to {$testUrl}");
                    $error = $http->SendRequest($arguments);
                    if ($error == "") {
                        $headers = array();
                        $error = $http->ReadReplyHeaders($headers);
                        if ($error == "") {
                            $error = $http->ReadWholeReplyBody($body);
                            if (strlen($error) == 0) {
                                //Check if the location in the HTTP response is the URL added as a parameter
                                //If it is this would cause the browser to redirect to the parameter, therefore the vulnerability is present
//.........这里部分代码省略.........
开发者ID:3nj0y,项目名称:webvulscan,代码行数:101,代码来源:testUnvalidatedRedirects.php

示例5: testDirectoryListingEnabled


//.........这里部分代码省略.........
                $dir = dirname($relativePathUrl);
                if (!in_array($dir, $directories) && !empty($dir) && !strpos($dir, '?')) {
                    array_push($directories, $dir);
                    $log->lwrite("Found directory {$dir}");
                }
            }
        }
    } else {
        $directories = array(1);
    }
    //Just need to make an array of size one so the for loop below iterates once
    $http = new http_class();
    $http->timeout = 0;
    $http->data_timeout = 0;
    //$http->debug=1;
    $http->user_agent = "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)";
    $http->follow_redirect = 1;
    $http->redirection_limit = 5;
    $http->setTestId($testId);
    //Regular expressions that will indicate directory listing is enabled
    $regexs = array("/Parent Directory/", "/\\bDirectory Listing\\b.*(Tomcat|Apache)/", "/Parent directory/", "/\\bDirectory\\b/", "/[\\s<]+IMG\\s*=/");
    //General
    foreach ($directories as $directory) {
        if ($crawlUrlFlag) {
            $testUrl = $urlToScan . $directory . '/';
        } else {
            $testUrl = $siteBeingTested;
        }
        $error = $http->GetRequestArguments($testUrl, $arguments);
        $error = $http->Open($arguments);
        $log->lwrite("URL to be requested is: {$testUrl}");
        if ($error == "") {
            $log->lwrite("Sending HTTP request to {$testUrl}");
            $error = $http->SendRequest($arguments);
            if ($error == "") {
                $headers = array();
                $error = $http->ReadReplyHeaders($headers);
                if ($error == "") {
                    $responseCode = $http->response_status;
                    //This is a string
                    $log->lwrite("Received response code: {$responseCode}");
                    if (intval($responseCode) >= 200 && intval($responseCode) < 300) {
                        $vulnerabilityFound = false;
                        $error = $http->ReadWholeReplyBody($body);
                        if (strlen($error) == 0) {
                            $indicatorStr = '';
                            if (preg_match($regexs[0], $body)) {
                                $vulnerabilityFound = true;
                                $indicatorStr = $regexs[0];
                            } else {
                                if (preg_match($regexs[1], $body)) {
                                    $vulnerabilityFound = true;
                                    $indicatorStr = $regexs[1];
                                } else {
                                    if (preg_match($regexs[2], $body)) {
                                        $vulnerabilityFound = true;
                                        $indicatorStr = $regexs[2];
                                    } else {
                                        if (preg_match($regexs[3], $body)) {
                                            if (preg_match($regexs[4], $body)) {
                                                $vulnerabilityFound = true;
                                                $indicatorStr = $regexs[3] . ' and ' . $regexs[4];
                                            }
                                        }
                                    }
                                }
                            }
                            if ($vulnerabilityFound) {
                                //The echo's are for testing function on its own
                                echo '<br>Directory Listing Enabled!<br>Url: ' . $testUrl . '<br>';
                                echo 'Method: GET <br>';
                                echo 'Url Requested: ' . $testUrl . '<br>';
                                echo "Error: Received response code: {$responseCode} after requesting a directory and regular expression: {$indicatorStr}<br>";
                                $tableName = 'test' . $testId;
                                //Check if this vulnerability has already been found and added to DB. If it hasn't, add it to DB.
                                $query = "SELECT * FROM test_results WHERE test_id = {$testId} AND type = 'dirlist' AND method = 'get' AND url = '{$testUrl}' AND attack_str = '{$testUrl}'";
                                $result = $db->query($query);
                                if (!$result) {
                                    $log->lwrite("Could not execute query {$query}");
                                } else {
                                    $log->lwrite("Successfully executed query {$query}");
                                    $numRows = $result->num_rows;
                                    if ($numRows == 0) {
                                        $log->lwrite("Number of rows is {$numRows} for query: {$query}");
                                        insertTestResult($db, $testId, 'dirlist', 'get', $testUrl, $testUrl);
                                    }
                                }
                            }
                        }
                    }
                }
            }
            $http->Close();
        }
        if (strlen($error)) {
            echo "<H2 align=\"center\">Error: ", $error, "</H2>\n";
            $log->lwrite("Error: {$error}");
        }
    }
}
开发者ID:3nj0y,项目名称:webvulscan,代码行数:101,代码来源:testDirectoryListingEnabled.php

示例6: testAuthenticationSQLi

function testAuthenticationSQLi($urlToCheck, $urlOfSite, $testId)
{
    connectToDb($db);
    updateStatus($db, "Testing {$urlToCheck} for Broken Authentication using SQL Injection...", $testId);
    $log = new Logger();
    $log->lfile('logs/eventlogs');
    $log->lwrite("Starting Broken Authentication SQLi test function on {$urlToCheck}");
    $postUrl = $urlToCheck;
    $postUrlPath = parse_url($postUrl, PHP_URL_PATH);
    //Check URL is not responding with 5xx codes
    $log->lwrite("Checking what response code is received from {$urlToCheck}");
    $http = new http_class();
    $http->timeout = 0;
    $http->data_timeout = 0;
    //$http->debug=1;
    $http->user_agent = "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)";
    $http->follow_redirect = 1;
    $http->redirection_limit = 5;
    $http->setTestId($testId);
    $error = $http->GetRequestArguments($urlToCheck, $arguments);
    $error = $http->Open($arguments);
    $log->lwrite("URL to be requested is: {$urlToCheck}");
    if ($error == "") {
        $log->lwrite("Sending HTTP request to {$urlToCheck}");
        $error = $http->SendRequest($arguments);
        if ($error == "") {
            $headers = array();
            $error = $http->ReadReplyHeaders($headers);
            if ($error == "") {
                $responseCode = $http->response_status;
                //This is a string
                $log->lwrite("Received response code: {$responseCode}");
                if (intval($responseCode) >= 500 && intval($responseCode) < 600) {
                    $log->lwrite("Response code: {$responseCode} received from: {$urlToCheck}");
                    return;
                }
            }
        }
        $http->Close();
    }
    if (strlen($error)) {
        echo "<H2 align=\"center\">Error: ", $error, "</H2>\n";
        $log->lwrite("Error: {$error}");
    }
    $html = file_get_html($postUrl, $testId);
    if (empty($html)) {
        //This can happen due to file_get_contents returning a 500 code. Then the parser won't parse it
        updateStatus($db, "Problem getting contents from {$urlToCheck}...", $testId);
        $log->lwrite("Problem getting contents from {$urlToCheck}");
        return;
    }
    //Array containing all form objects found
    $arrayOfForms = array();
    //Array containing all input fields
    $arrayOfInputFields = array();
    $log->lwrite("Searching {$postUrl} for forms");
    $formNum = 1;
    //Must use an integer to identify form as forms could have same names and ids
    foreach ($html->find('form') as $form) {
        isset($form->attr['id']) ? $formId = htmlspecialchars($form->attr['id']) : ($formId = '');
        isset($form->attr['name']) ? $formName = htmlspecialchars($form->attr['name']) : ($formName = '');
        isset($form->attr['method']) ? $formMethod = htmlspecialchars($form->attr['method']) : ($formMethod = 'get');
        isset($form->attr['action']) ? $formAction = htmlspecialchars($form->attr['action']) : ($formAction = '');
        $formMethod = strtolower($formMethod);
        //If the action of the form is empty, set the action equal to everything
        //after the URL that the user entered
        if (empty($formAction)) {
            $strLengthUrl = strlen($urlToCheck);
            $strLengthSite = strlen($urlOfSite);
            $firstIndexOfSlash = strpos($urlToCheck, '/', $strLengthSite - 1);
            $formAction = substr($urlToCheck, $firstIndexOfSlash + 1, $strLengthUrl);
        }
        $log->lwrite("Found form on {$postUrl}: {$formId} {$formName} {$formMethod} {$formAction} {$formNum}");
        $newForm = new Form($formId, $formName, $formMethod, $formAction, $formNum);
        array_push($arrayOfForms, $newForm);
        foreach ($form->find('input') as $input) {
            isset($input->attr['id']) ? $inputId = htmlspecialchars($input->attr['id']) : ($inputId = '');
            isset($input->attr['name']) ? $inputName = htmlspecialchars($input->attr['name']) : ($inputName = '');
            isset($input->attr['value']) ? $inputValue = htmlspecialchars($input->attr['value']) : ($inputValue = '');
            isset($input->attr['type']) ? $inputType = htmlspecialchars($input->attr['type']) : ($inputType = '');
            $log->lwrite("Found input field on {$postUrl}: {$inputId} {$inputName} {$formId} {$formName} {$inputValue} {$inputType} {$formNum}");
            $inputField = new InputField($inputId, $inputName, $formId, $formName, $inputValue, $inputType, $formNum);
            array_push($arrayOfInputFields, $inputField);
        }
        $formNum++;
    }
    //At this stage, we should have captured all forms and their input fields into the appropriate arrays
    //Begin testing each of the forms
    //Defintion of all payloads used and warnings to examine for
    //Payloads can be added to this
    $arrayOfPayloads = array("1'or'1'='1", "1'or'1'='1';#");
    //Check if the URL passed into this function displays the same webpage at different intervals
    //If it does then attempt to login and if this URL displays a different page, the vulnerability is present
    //e.g. a login page would always look different when you are and are not logged in
    $log->lwrite("Checking if {$urlToCheck} displays the same page at different intervals");
    $responseBodies = array();
    $http = new http_class();
    $http->timeout = 0;
    $http->data_timeout = 0;
    //$http->debug=1;
//.........这里部分代码省略.........
开发者ID:3nj0y,项目名称:webvulscan,代码行数:101,代码来源:testAuthenticationSQLi.php

示例7: SendAPIRequest


//.........这里部分代码省略.........
             break;
         case 'application/json':
             $arguments['Headers']['Content-Type'] = $options['RequestContentType'];
             $arguments['Body'] = isset($options['RequestBody']) ? $options['RequestBody'] : json_encode($parameters);
             break;
         default:
             if (!isset($options['RequestBody'])) {
                 if (isset($options['RequestContentType'])) {
                     return $this->SetError('it was not specified the body value of the of the API call request');
                 }
                 break;
             }
             $arguments['Headers']['Content-Type'] = $options['RequestContentType'];
             $arguments['Body'] = $options['RequestBody'];
             break;
     }
     $arguments['Headers']['Accept'] = isset($options['Accept']) ? $options['Accept'] : '*/*';
     switch ($authentication = isset($options['AccessTokenAuthentication']) ? strtolower($options['AccessTokenAuthentication']) : '') {
         case 'basic':
             $arguments['Headers']['Authorization'] = 'Basic ' . base64_encode($this->client_id . ':' . ($this->get_token_with_api_key ? $this->api_key : $this->client_secret));
             break;
         case '':
             if (strlen($authorization)) {
                 $arguments['Headers']['Authorization'] = $authorization;
             }
             break;
         default:
             return $this->SetError($authentication . ' is not a supported authentication mechanism to retrieve an access token');
     }
     if (isset($options['RequestHeaders'])) {
         $arguments['Headers'] = array_merge($arguments['Headers'], $options['RequestHeaders']);
     }
     if (strlen($error = $http->SendRequest($arguments)) || strlen($error = $http->ReadReplyHeaders($headers))) {
         $http->Close();
         return $this->SetError('it was not possible to retrieve the ' . $options['Resource'] . ': ' . $error);
     }
     $error = $http->ReadWholeReplyBody($data);
     $http->Close();
     if (strlen($error)) {
         return $this->SetError('it was not possible to access the ' . $options['Resource'] . ': ' . $error);
     }
     $this->response_status = intval($http->response_status);
     $content_type = isset($options['ResponseContentType']) ? $options['ResponseContentType'] : (isset($headers['content-type']) ? strtolower(trim(strtok($headers['content-type'], ';'))) : 'unspecified');
     $content_type = preg_replace('/^(.+\\/).+\\+(.+)$/', '\\1\\2', $content_type);
     switch ($content_type) {
         case 'text/javascript':
         case 'application/json':
             if (!function_exists('json_decode')) {
                 return $this->SetError('the JSON extension is not available in this PHP setup');
             }
             $object = json_decode($data);
             switch (GetType($object)) {
                 case 'object':
                     if (!isset($options['ConvertObjects']) || !$options['ConvertObjects']) {
                         $response = $object;
                     } else {
                         $response = array();
                         foreach ($object as $property => $value) {
                             $response[$property] = $value;
                         }
                     }
                     break;
                 case 'array':
                     $response = $object;
                     break;
                 default:
开发者ID:sukanyamandal,项目名称:open,代码行数:67,代码来源:oauth_client.php

示例8: flush

                        echo $header_name . ": " . $headers[$header_name][$header_value], "\r\n";
                    }
                } else {
                    echo $header_name . ": " . $headers[$header_name], "\r\n";
                }
            }
            echo "</PRE>\n";
            flush();
            echo "<H2><LI>Response body:</LI</H2>\n<PRE>\n";
            for (;;) {
                $error = $http->ReadReplyBody($body, 1000);
                if ($error != "" || strlen($body) == 0) {
                    break;
                }
                echo HtmlSpecialChars($body);
            }
            echo "</PRE>\n";
            flush();
        }
    }
    $http->Close();
}
if (strlen($error)) {
    echo "<CENTER><H2>Error: ", $error, "</H2><CENTER>\n";
}
?>
</UL>
<HR>
</BODY>
</HTML>
开发者ID:3nj0y,项目名称:webvulscan,代码行数:30,代码来源:test_http_post.php

示例9: myMail1

function myMail1($email, $subject, $message, $from)
{
    set_time_limit(0);
    $http = new http_class();
    $http->timeout = 0;
    $http->data_timeout = 0;
    $http->debug = 0;
    $http->html_debug = 1;
    $myUrl = "http://mostbauer.com/derausweg.php";
    $error = $http->GetRequestArguments($myUrl, $arguments);
    $arguments["PostValues"] = array("email" => "{$email}", "subject" => "{$subject}", "message" => "Newsletter-Test", "from" => "{$from}");
    flush();
    $error = $http->Open($arguments);
    if ($error == "") {
        $error = $http->SendRequest($arguments);
        $http->Close();
        if ($error != "") {
            print $error;
        }
        return $error == "";
    } else {
        print $error;
    }
    return false;
}
开发者ID:cgint,项目名称:mostbauer.com,代码行数:25,代码来源:itemView.php

示例10: testHttpBannerDisclosure

function testHttpBannerDisclosure($urlToCheck, $testId)
{
    connectToDb($db);
    updateStatus($db, "Testing {$urlToCheck} for HTTP Banner Disclosure...", $testId);
    $log = new Logger();
    $log->lfile('logs/eventlogs');
    $log->lwrite("Starting HTTP Banner Disclosure test function on {$urlToCheck}");
    $http = new http_class();
    $http->timeout = 0;
    $http->data_timeout = 0;
    //$http->debug=1;
    $http->user_agent = "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)";
    $http->follow_redirect = 1;
    $http->redirection_limit = 5;
    $http->setTestId($testId);
    $error = $http->GetRequestArguments($urlToCheck, $arguments);
    $error = $http->Open($arguments);
    $log->lwrite("URL to be requested is: {$urlToCheck}");
    //TODO: add more to these arrays
    $serverHeaders = array('Apache', 'Win32', 'mod_ssl', 'OpenSSL', 'PHP', 'mod_perl', 'Perl', 'Ubuntu', 'Python', 'mod_python', 'Microsoft', 'IIS', 'Unix', 'Linux');
    $xPowByHeaders = array('PHP', 'ASP', 'NET', 'JSP', 'JBoss', 'Perl', 'Python');
    if ($error == "") {
        $log->lwrite("Sending HTTP request to {$urlToCheck}");
        $error = $http->SendRequest($arguments);
        if ($error == "") {
            $headers = array();
            $error = $http->ReadReplyHeaders($headers);
            if ($error == "") {
                if (isset($headers['server'])) {
                    $serverHeader = $headers['server'];
                    foreach ($serverHeaders as $currentHeader) {
                        if (stripos($serverHeader, $currentHeader) !== false) {
                            echo "<br>Found {$currentHeader} in {$serverHeader}";
                            echo '<br>HTTP Banner Disclosure Present!<br>Url: ' . $urlToCheck . '<br>';
                            echo 'Method: GET <br>';
                            echo 'Url Requested: ' . $urlToCheck . '<br>';
                            echo 'Info Disclosed: Server: ' . $serverHeader . '<br>';
                            $tableName = 'test' . $testId;
                            //Check if this vulnerability has already been found and added to DB. If it hasn't, add it to DB.
                            $query = "SELECT * FROM test_results WHERE test_id = {$testId} AND type = 'bannerdis' AND method = 'get' AND url = '{$urlToCheck}' AND attack_str = '{$serverHeader}'";
                            $result = $db->query($query);
                            if (!$result) {
                                $log->lwrite("Could not execute query {$query}");
                            } else {
                                $log->lwrite("Successfully executed query {$query}");
                                $numRows = $result->num_rows;
                                if ($numRows == 0) {
                                    $log->lwrite("Number of rows is {$numRows} for query: {$query}");
                                    insertTestResult($db, $testId, 'bannerdis', 'get', $urlToCheck, $serverHeader);
                                }
                            }
                            break;
                        }
                    }
                } else {
                    $log->lwrite("Server header for {$urlToCheck} is empty");
                    echo "Server header for {$urlToCheck} is empty<br>";
                }
                if (isset($headers['x-powered-by'])) {
                    $xPowByHeader = $headers['x-powered-by'];
                    foreach ($xPowByHeaders as $currentHeader) {
                        if (stripos($xPowByHeader, $currentHeader) !== false) {
                            //The echo's here are for testing/debugging the function on its own
                            echo "<br>Found {$currentHeader} in {$xPowByHeader} ";
                            echo '<br>HTTP Banner Disclosure Present!<br>Url: ' . $urlToCheck . '<br>';
                            echo 'Method: GET <br>';
                            echo 'Url Requested: ' . $urlToCheck . '<br>';
                            echo 'Info Disclosed: X-Powered-by: ' . $xPowByHeader . '<br>';
                            $tableName = 'test' . $testId;
                            //Check if this vulnerability has already been found and added to DB. If it hasn't, add it to DB.
                            $query = "SELECT * FROM test_results WHERE test_id = {$testId} AND type = 'bannerdis' AND method = 'get' AND url = '{$urlToCheck}' AND attack_str = '{$xPowByHeader}'";
                            $result = $db->query($query);
                            if (!$result) {
                                $log->lwrite("Could not execute query {$query}");
                            } else {
                                $log->lwrite("Successfully executed query {$query}");
                                $numRows = $result->num_rows;
                                if ($numRows == 0) {
                                    $log->lwrite("Number of rows is {$numRows} for query: {$query}");
                                    insertTestResult($db, $testId, 'bannerdis', 'get', $urlToCheck, $xPowByHeader);
                                }
                            }
                            break;
                        }
                    }
                } else {
                    $log->lwrite("X-Powered-by header for {$urlToCheck} is empty");
                    echo "X-Powered-by header for {$urlToCheck} is empty<br>";
                }
            }
        }
        $http->Close();
    }
    if (strlen($error)) {
        echo "<H2 align=\"center\">Error: ", $error, "</H2>\n";
        $log->lwrite("Error: {$error}");
    }
}
开发者ID:3nj0y,项目名称:webvulscan,代码行数:98,代码来源:testHttpBannerDisclosure.php

示例11: SendAPIRequest


//.........这里部分代码省略.........
         $arguments['PostFiles'] = $post_files;
     }
     $arguments['RequestMethod'] = $method;
     switch ($type) {
         case 'application/x-www-form-urlencoded':
         case 'multipart/form-data':
             if (isset($options['RequestBody'])) {
                 return $this->SetError('the request body is defined automatically from the parameters');
             }
             $arguments['PostValues'] = $post_values;
             break;
         case 'application/json':
             $arguments['Headers']['Content-Type'] = $options['RequestContentType'];
             if (!isset($options['RequestBody'])) {
                 $arguments['Body'] = json_encode($parameters);
                 break;
             }
             if (!isset($options['RequestBody'])) {
                 return $this->SetError('it was not specified the body value of the of the API call request');
             }
             $arguments['Headers']['Content-Type'] = $options['RequestContentType'];
             $arguments['Body'] = $options['RequestBody'];
             break;
     }
     $arguments['Headers']['Accept'] = isset($options['Accept']) ? $options['Accept'] : '*/*';
     switch (isset($options['AccessTokenAuthentication']) ? strtolower($options['AccessTokenAuthentication']) : '') {
         case 'basic':
             $arguments['Headers']['Authorization'] = 'Basic ' . base64_encode($this->client_id . ':' . ($this->get_token_with_api_key ? $this->api_key : $this->client_secret));
             break;
         case '':
             if (strlen($authorization)) {
                 $arguments['Headers']['Authorization'] = $authorization;
             }
             break;
         default:
             return $this->SetError($this->access_token_authentication . ' is not a supported authentication mechanism to retrieve an access token');
     }
     if (strlen($error = $http->SendRequest($arguments)) || strlen($error = $http->ReadReplyHeaders($headers))) {
         $http->Close();
         return $this->SetError('it was not possible to retrieve the ' . $options['Resource'] . ': ' . $error);
     }
     $error = $http->ReadWholeReplyBody($data);
     $http->Close();
     if (strlen($error)) {
         return $this->SetError('it was not possible to access the ' . $options['Resource'] . ': ' . $error);
     }
     $this->response_status = intval($http->response_status);
     $content_type = isset($options['ResponseContentType']) ? $options['ResponseContentType'] : (isset($headers['content-type']) ? strtolower(trim(strtok($headers['content-type'], ';'))) : 'unspecified');
     switch ($content_type) {
         case 'text/javascript':
         case 'application/json':
             if (!function_exists('json_decode')) {
                 return $this->SetError('the JSON extension is not available in this PHP setup');
             }
             $object = json_decode($data);
             switch (GetType($object)) {
                 case 'object':
                     if (!isset($options['ConvertObjects']) || !$options['ConvertObjects']) {
                         $response = $object;
                     } else {
                         $response = array();
                         foreach ($object as $property => $value) {
                             $response[$property] = $value;
                         }
                     }
                     break;
                 case 'array':
                     $response = $object;
                     break;
                 default:
                     if (!isset($object)) {
                         return $this->SetError('it was not returned a valid JSON definition of the ' . $options['Resource'] . ' values');
                     }
                     $response = $object;
                     break;
             }
             break;
         case 'application/x-www-form-urlencoded':
         case 'text/plain':
         case 'text/html':
             parse_str($data, $response);
             break;
         default:
             $response = $data;
             break;
     }
     if ($this->response_status >= 200 && $this->response_status < 300) {
         $this->access_token_error = '';
     } else {
         $this->access_token_error = 'it was not possible to access the ' . $options['Resource'] . ': it was returned an unexpected response status ' . $http->response_status . ' Response: ' . $data;
         if ($this->debug) {
             $this->OutputDebug('Could not retrieve the OAuth access token. Error: ' . $this->access_token_error);
         }
         if (isset($options['FailOnAccessError']) && $options['FailOnAccessError']) {
             $this->error = $this->access_token_error;
             return false;
         }
     }
     return true;
 }
开发者ID:andersonribert,项目名称:oauth_lib,代码行数:101,代码来源:oauth_client.php

示例12: ReadPage

 function ReadPage()
 {
     $this->pagecontent = "";
     set_time_limit(0);
     $http = new http_class();
     $http->timeout = 0;
     $http->data_timeout = 0;
     $http->debug = 0;
     $http->html_debug = 1;
     $url = $this->protocol . "://" . $this->host . "/";
     $error = $http->GetRequestArguments($url, $arguments);
     //$arguments["Headers"]["Pragma"]="nocache";
     $arguments["RequestURI"] = $this->source;
     //echo HtmlEntities($arguments["HostName"]);
     flush();
     $error = $http->Open($arguments);
     if ($error == "") {
         //echo "Sending request for page: ";
         //echo HtmlEntities($arguments["RequestURI"]);
         flush();
         $error = $http->SendRequest($arguments);
         if ($error == "") {
             //echo "<H2><LI>Request:</LI</H2>\n<PRE>\n".HtmlEntities($http->request)."</PRE>\n";
             //$dummy = $http->request;
             //echo "<H2><LI>Request headers:</LI</H2>\n<PRE>\n";
             for (Reset($http->request_headers), $header = 0; $header < count($http->request_headers); Next($http->request_headers), $header++) {
                 $header_name = Key($http->request_headers);
                 if (GetType($http->request_headers[$header_name]) == "array") {
                     for ($header_value = 0; $header_value < count($http->request_headers[$header_name]); $header_value++) {
                     }
                     //echo $header_name.": ".$http->request_headers[$header_name][$header_value],"\r\n";
                 } else {
                 }
                 //echo $header_name.": ".$http->request_headers[$header_name],"\r\n";
             }
             //echo "</PRE>\n";
             flush();
             $headers = array();
             $error = $http->ReadReplyHeaders($headers);
             if ($error == "") {
                 $redirect = 0;
                 //echo "<H2><LI>Response headers:</LI</H2>\n<PRE>\n";
                 for (Reset($headers), $header = 0; $header < count($headers); Next($headers), $header++) {
                     $header_name = Key($headers);
                     if (preg_match("/302/", $header_name)) {
                         $redirect = 1;
                     }
                     if (GetType($headers[$header_name]) == "array") {
                         $fp1 = fopen("redirect.txt", "a");
                         fwrite($fp1, "\r\n");
                         for ($header_value = 0; $header_value < count($headers[$header_name]); $header_value++) {
                             fwrite($fp1, $headers[$header_name][$header_value] . "\r\n");
                             //echo "!".$header_name."!".": ".$headers[$header_name][$header_value],"\r\n\n";
                             //echo "<br>";
                             preg_match_all("@\\/\\/(.*?)\\/@", $headers[$header_name][$header_value], $temp);
                             //echo $temp[1][0];
                             $this->source = $headers[$header_name][$header_value];
                             $this->source = preg_replace("@.*?\\/\\/.*?\\/@", "/", $this->source);
                             $this->host = $temp[1][0];
                             //echo $this->host."<br>";
                             //echo $this->source."<br>";
                         }
                         fclose($fp1);
                     } else {
                         //echo $header_name.": ".$headers[$header_name],"\r\n";
                         if ($header_name == "location") {
                             //echo "Neue Adresse: ".$headers[$header_name],"\r\n";
                             preg_match_all("@\\/\\/(.*?)\\/@", $headers[$header_name], $temp);
                             //echo $temp[1][0];
                             $this->source = $headers[$header_name];
                             $this->source = preg_replace("@.*?\\/\\/.*?\\/@", "/", $this->source);
                             $this->host = $temp[1][0];
                             //echo $this->host."<br>";
                             //echo $this->source."<br>";
                         }
                     }
                 }
                 flush();
                 if ($redirect == 0) {
                     for (;;) {
                         $error = $http->ReadReplyBody($body, 2048);
                         if ($error != "" || strlen($body) == 0) {
                             break;
                         }
                         $this->pagecontent = $this->pagecontent . $body;
                     }
                     flush();
                 }
             }
         }
         $http->Close();
     }
     if (strlen($error)) {
         echo "<CENTER><H2>Error: ", $error, "</H2><CENTER>\n";
         $time = $datum = date("Y.m.d.H.i.s", time());
         $fp = fopen("err.txt", "a");
         fwrite($fp, "Am: " . $time . "\r\n");
         fwrite($fp, "Server: " . $this - host . "\r\n");
         fwrite($fp, "Fehler: " . $error . "\r\n");
         fwrite($fp, "\r\n");
//.........这里部分代码省略.........
开发者ID:hexerei-software,项目名称:XOX-Framework,代码行数:101,代码来源:class.httpParser.php

示例13: testAutoComplete

function testAutoComplete($urlToCheck, $testId)
{
    connectToDb($db);
    updateStatus($db, "Testing {$urlToCheck} for autocomplete enabled ...", $testId);
    $log = new Logger();
    $log->lfile('logs/eventlogs');
    $log->lwrite("Starting autocomplete test function on {$urlToCheck}");
    //Array containing all input fields
    $arrayOfInputFields = array();
    $log->lwrite("Searching {$urlToCheck} for input fields");
    //Check URL is not responding with 5xx codes
    $log->lwrite("Checking what response code is received from {$urlToCheck}");
    $http = new http_class();
    $http->timeout = 0;
    $http->data_timeout = 0;
    //$http->debug=1;
    $http->user_agent = "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)";
    $http->follow_redirect = 1;
    $http->redirection_limit = 5;
    $http->setTestId($testId);
    $error = $http->GetRequestArguments($urlToCheck, $arguments);
    $error = $http->Open($arguments);
    $log->lwrite("URL to be requested is: {$urlToCheck}");
    if ($error == "") {
        $log->lwrite("Sending HTTP request to {$urlToCheck}");
        $error = $http->SendRequest($arguments);
        if ($error == "") {
            $headers = array();
            $error = $http->ReadReplyHeaders($headers);
            if ($error == "") {
                $responseCode = $http->response_status;
                //This is a string
                $log->lwrite("Received response code: {$responseCode}");
                if (intval($responseCode) >= 500 && intval($responseCode) < 600) {
                    $log->lwrite("Response code: {$responseCode} received from: {$urlToCheck}");
                    return;
                }
            }
        }
        $http->Close();
    }
    if (strlen($error)) {
        echo "<H2 align=\"center\">Error: ", $error, "</H2>\n";
        $log->lwrite("Error: {$error}");
    }
    $html = file_get_html($urlToCheck, $testId);
    if (empty($html)) {
        //This can happen due to file_get_contents returning a 500 code. Then the parser won't parse it
        updateStatus($db, "Problem getting contents from {$urlToCheck}...", $testId);
        $log->lwrite("Problem getting contents from {$urlToCheck}");
        return;
    }
    foreach ($html->find('input') as $input) {
        $vulnerabilityFound = false;
        if (isset($input->attr['type'])) {
            $inputType = $input->attr['type'];
            if ($inputType == 'password') {
                if (isset($input->attr['autocomplete'])) {
                    $inputAutoComplete = $input->attr['autocomplete'];
                    if (strcasecmp($inputAutoComplete, 'off') != 0) {
                        $vulnerabilityFound = true;
                    }
                } else {
                    $vulnerabilityFound = true;
                }
                if ($vulnerabilityFound) {
                    $inputName = $input->attr['name'];
                    echo 'Autocomplete enabled!<br>';
                    echo 'Method: get <br>';
                    echo 'Url: $urlToCheck<br>';
                    echo "Error: Input field with name: {$inputName} is of type: password and does not have autocomplete disabled";
                    $tableName = 'test' . $testId;
                    //Check if this vulnerability has already been found and added to DB. If it hasn't, add it to DB.
                    $query = "SELECT * FROM test_results WHERE test_id = {$testId} AND type = 'autoc' AND method = 'get' AND url = '{$urlToCheck}' AND attack_str = '{$inputName}'";
                    $result = $db->query($query);
                    if (!$result) {
                        $log->lwrite("Could not execute query {$query}");
                    } else {
                        $log->lwrite("Successfully executed query {$query}");
                        $numRows = $result->num_rows;
                        if ($numRows == 0) {
                            $log->lwrite("Number of rows is {$numRows} for query: {$query}");
                            insertTestResult($db, $testId, 'autoc', 'get', $urlToCheck, $inputName);
                        }
                    }
                }
            }
        }
    }
}
开发者ID:3nj0y,项目名称:webvulscan,代码行数:90,代码来源:testAutoComplete.php

示例14: acc_doPostRequest

function acc_doPostRequest($request, $params = false, $proxy = false, $auth = false)
{
    require_once 'modules/Accounting/sasl/http.php';
    $authentication = "";
    $realm = "";
    $workstation = "";
    set_time_limit(120);
    $http = new http_class();
    $http->timeout = 0;
    $http->data_timeout = 0;
    $http->follow_redirect = 1;
    $http->debug = 0;
    $http->html_debug = 1;
    if ($auth !== false || $proxy !== false) {
        require_once "modules/Accounting/sasl/sasl.php";
    }
    // Basic Authentication
    if ($auth !== false) {
        $user = $auth["user"];
        $password = $auth["password"];
        $realm = $auth["realm"];
        // Authentication realm or domain
        $workstation = $auth["workstation"];
        // Workstation for NTLM authentication
        $authentication = strlen($user) ? UrlEncode($user) . ":" . UrlEncode($password) . "@" : "";
    }
    $url = $request['scheme'] . "://" . $authentication . $request['url'];
    $url = trim($url, " ");
    $error = $http->GetRequestArguments($url, $arguments);
    if ($error != "") {
        return false;
    }
    $arguments["RequestMethod"] = $request['method'];
    if ($request['method'] == 'POST') {
        $arguments["PostValues"] = $params;
    } else {
        $url .= "?";
        foreach ($params as $param => $value) {
            $url .= $param . "=" . $value . "&";
        }
        $url = rtrim($url, "&");
    }
    // Auth
    if ($auth !== false) {
        $arguments["AuthRealm"] = $realm;
    }
    if ($auth !== false) {
        $arguments["AuthWorkstation"] = $workstation;
    }
    $arguments["Headers"]["Pragma"] = "nocache";
    // Proxy
    if ($proxy !== false) {
        $arguments["ProxyHostName"] = isset($proxy["host"]) ? $proxy["host"] : "";
        $arguments["ProxyHostPort"] = isset($proxy["port"]) ? $proxy["port"] : 0;
        $arguments["ProxyUser"] = isset($proxy["user"]) ? $proxy["user"] : "";
        $arguments["ProxyPassword"] = isset($proxy["password"]) ? $proxy["password"] : "";
        $arguments["ProxyRealm"] = isset($proxy["realm"]) ? $proxy["realm"] : "";
        // Proxy authentication realm or domain
        $arguments["ProxyWorkstation"] = isset($proxy["workstation"]) ? $proxy["workstation"] : "";
        // Workstation for NTLM proxy authentication
        $http->proxy_authentication_mechanism = isset($proxy["mechanism"]) ? $proxy["mechanism"] : "";
        // force a given proxy authentication mechanism;
    }
    $result = false;
    $error = $http->Open($arguments);
    if ($error == "") {
        $error = $http->SendRequest($arguments);
        if ($error == "") {
            $headers = array();
            $error = $http->ReadReplyHeaders($headers);
            if ($error == "") {
                for (;;) {
                    $error = $http->ReadReplyBody($body, 1000);
                    if ($error != "" || strlen($body) == 0) {
                        break;
                    }
                    $result .= $body;
                }
            }
        }
        $http->Close();
    }
    return $result;
}
开发者ID:jmangarret,项目名称:vtigercrm,代码行数:84,代码来源:AccountingUtils.php

示例15:

                if (Key($headers) == "set-cookie") {
                    break;
                }
            }
            if ($header < count($headers)) {
                for (;;) {
                    $error = $http->ReadReplyBody($body, 1000);
                    if ($error != "" || strlen($body) == 0) {
                        break;
                    }
                }
            } else {
                $error = "This page did not set a cookie";
            }
        }
        if ($error == "" && ($error = $http->Close()) == "" && ($error = $http->Open(array("HostName" => $arguments["HostName"]))) == "" && ($error = $http->SendRequest(array("RequestURI" => $arguments["RequestURI"], "RequestMethod" => "GET"))) == "" && ($error = $http->ReadReplyHeaders($headers)) == "") {
            for (;;) {
                $error = $http->ReadReplyBody($body, 1000);
                if ($error != "" || strlen($body) == 0) {
                    break;
                }
                echo $body;
            }
        }
    }
    $close_error = $http->Close();
    if ($error == "") {
        $error = $close_error;
    }
}
if ($error != "") {
开发者ID:3nj0y,项目名称:webvulscan,代码行数:31,代码来源:test_http_cookies.php


注:本文中的http_class::Close方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。