本文整理匯總了PHP中http_class::GetRequestArguments方法的典型用法代碼示例。如果您正苦於以下問題:PHP http_class::GetRequestArguments方法的具體用法?PHP http_class::GetRequestArguments怎麽用?PHP http_class::GetRequestArguments使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在類http_class
的用法示例。
在下文中一共展示了http_class::GetRequestArguments方法的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的PHP代碼示例。
示例1: PNB_getPingbackUrl
/**
* Get the Pingback URL for a given URL
*
* @param string $url URL to get the Pingback URL for
* @return string Pingback URL or empty string
*/
function PNB_getPingbackUrl($url)
{
$retval = '';
$http = new http_class();
$http->timeout = 0;
$http->data_timeout = 0;
$http->debug = 0;
$http->html_debug = 0;
$http->user_agent = 'glFusion/' . GVERSION;
$error = $http->GetRequestArguments($url, $arguments);
$error = $http->Open($arguments);
$error = $http->SendRequest($arguments);
if ($error == "") {
$http->ReadReplyHeaders($headers);
if (isset($headers['x-pingback'])) {
$retval = $headers['x-pingback'];
} else {
COM_errorLog("Pingback (HEAD): unable to locate x-pingback header");
}
} else {
COM_errorLog('Pingback (HEAD): ' . $error);
return false;
}
if (empty($retval)) {
// search for <link rel="pingback">
$http = new http_class();
$http->timeout = 0;
$http->data_timeout = 0;
$http->debug = 0;
$http->html_debug = 0;
$http->user_agent = 'glFusion/' . GVERSION;
$error = $http->GetRequestArguments($url, $arguments);
$error = $http->Open($arguments);
$error = $http->SendRequest($arguments);
if ($error == "") {
$http->ReadReplyHeaders($headers);
if ($http->response_status == 200) {
$error = $http->ReadWholeReplyBody($body);
if ($error != "" && strlen($body) === 0) {
COM_errorLog("Pingback (GET): unable to retrieve response body");
return false;
}
} else {
COM_errorLog("Pingback (GET): Got HTTP response code " . $http->response_status . " when requesting " . $url);
return false;
}
} else {
COM_errorLog("Pingback (GET): " . $error . " when requesting " . $url);
return false;
}
// only search for the first match - it doesn't make sense to have
// more than one pingback URL
$found = preg_match("/<link rel=\"pingback\"[^>]*href=[\"']([^\"']*)[\"'][^>]*>/i", $body, $matches);
if ($found === 1 && !empty($matches[1])) {
$url = str_replace('&', '&', $matches[1]);
$retval = urldecode($url);
}
}
return $retval;
}
示例2: http_adv_get
function http_adv_get($qtype, $url, $extra = array(), $headers = array())
{
$http = new http_class();
$http->debug = 0;
$http->html_debug = 0;
$http->request_method = $qtype;
$http->GetRequestArguments($url, $args);
$err = $http->Open($args);
foreach ($extra as $key => $value) {
$args[$key] = $value;
}
$body = "";
foreach ($headers as $key => $value) {
$args['Headers'][$key] = $value;
}
if ($err == "") {
$err = $http->Open($args);
$err = $http->SendRequest($args);
$http->ReadReplyHeaders($headers);
if ($err == "") {
if ($err == "") {
for (;;) {
$err = $http->ReadReplyBody($acc, 2000);
if ($err != "" || $acc == "") {
break;
}
$body .= $acc;
}
}
}
$http->close();
}
return array($headers, $body);
}
示例3: send_request
public function send_request($request)
{
$response_code = '0';
$response_info = array();
$response_headers = array();
$error = '';
$http = new http_class();
$http->follow_redirect = 1;
$http->redirection_limit = 5;
$http->prefer_curl = 0;
$error = $http->GetRequestArguments($request->uri, $arguments);
if ($request->credentials != null) {
$http->authentication_mechanism = "Digest";
$arguments['AuthUser'] = $request->credentials->get_username();
$arguments['AuthPassword'] = $request->credentials->get_password();
}
$arguments["RequestMethod"] = $request->method;
foreach ($request->headers as $k => $v) {
$arguments["Headers"][$k] = $v;
}
if ($request->body != null) {
$arguments["Body"] = $request->body;
}
$error = $http->Open($arguments);
if (!$error) {
$error = $http->SendRequest($arguments);
}
if (!$error) {
$error = $http->ReadReplyHeaders($response_headers);
$response_code = $http->response_status;
$response_body = '';
for (;;) {
$error = $http->ReadReplyBody($body, 1000);
if ($error != "" || strlen($body) == 0) {
break;
}
$response_body .= $body;
}
} else {
if ($request->_cache && $cached_response) {
return $cached_response;
}
$response_body = "Request failed: " . $error;
}
$http->Close();
$response = new HttpResponse();
$response->status_code = $response_code;
$response->headers = $response_headers;
$response->body = $response_body;
$response->info = $response_info;
//ID20100317 $response->request = $request;
$response->request_method = $request->method;
$response->request_uri = $request->uri;
$response->request_headers = $request->headers;
$response->request_body = $request->body;
$key = spl_object_hash($request);
$this->responses[$key] = $response;
return $key;
}
示例4: _checkSFS
function _checkSFS($username, $email, $ip = '')
{
global $_TABLES, $_SPX_CONF, $LANG_SX00;
$rc = 0;
$arguments = array();
$response = '';
$http = new http_class();
$http->timeout = 0;
$http->data_timeout = 0;
$http->debug = 0;
$http->html_debug = 0;
$http->user_agent = 'glFusion/' . GVERSION;
$url = "http://www.stopforumspam.com/api";
$requestArgs = '?f=serial&';
if ($ip != '') {
$requestArgs .= 'ip=' . $ip . '&';
}
if ($email != '') {
$requestArgs .= 'email=' . urlencode($email) . '&';
}
if ($username != '') {
$requestArgs .= 'username=' . urlencode($username) . '&';
}
$requestArgs .= 'cmd=display';
$url = $url . $requestArgs;
$error = $http->GetRequestArguments($url, $arguments);
$error = $http->Open($arguments);
$error = $http->SendRequest($arguments);
if ($error == "") {
$error = $http->ReadReplyBody($body, 1024);
if ($error != "" || strlen($body) == 0) {
break;
}
$response = $response . $body;
$result = @unserialize($response);
if (!$result) {
return 0;
}
// invalid data, assume ok
if (isset($result['email']) && $result['email']['appears'] == 1) {
$rc = $rc + 1;
}
if (isset($result['ip']) && $result['ip']['appears'] == 1) {
$rc = $rc + 2;
}
if (isset($result['username']) && $result['username']['appears'] == 1) {
$rc = $rc + 4;
}
}
return $rc;
}
示例5: get
/**
* Fetch a remote URI then return results.
*
* If this method is triggered without the second parameter, <b>$target</b>, then
* result will be return in the following format:
*
* <pre>array(
* 'header' => array(
* 'header_1' => 'header_value_1',
* 'header_2' => 'header_value_2',
* etc...
* ),
* 'body' => 'fetched response body'
* )</pre>
*
* Otherwise, the fetched response body will be saved to the local file specified
* by the variable <b>$target</b>. The example below will download the remote image
* <b>http://placehold.it/300x200.gif</b> then save to the local file
* <b>/tmp/downloaded_image.gif</b>:
*
* <pre>JSNUtilsHttp::get(
* 'http://placehold.it/300x200.gif',
* '/tmp/downloaded_image.gif'
* );</pre>
*
* When the second parameter is set in method call, the method will always return
* the boolean value <b>true</b> if file is successfully saved or <b>false</b>
* if file is not saved.
*
* @param string $uri Remote URI for fetching content.
* @param string $target Set to a file path to save fetched content as local file.
* @param boolean $validateHeader Check for 200 OK header or not?
*
* @return array array('header' => 'Associative array of fetched header', 'body' => 'Fetched content')
*/
public static function get($uri, $target = '', $validateHeader = false)
{
// Preset return result
$result = array();
// Initialize HTTP client
$http = new http_class();
$http->follow_redirect = 1;
$http->redirection_limit = 5;
$http->GetRequestArguments($uri, $arguments);
// Open connection
if (($error = $http->Open($arguments)) == '') {
if (($error = $http->SendRequest($arguments)) == '') {
// Get response header
$header = array();
if (($error = $http->ReadReplyHeaders($header)) != '') {
throw new Exception(JText::sprintf('JSN_EXTFW_HTTP_CONNECTION_ERROR', $error));
}
$result['header'] = $header;
// Validate header
if ($validateHeader) {
foreach ($result['header'] as $header => $value) {
if (strtolower(substr($header, 0, 5)) == 'http/' and strpos($header, '200') === false) {
throw new Exception(JText::sprintf('JSN_EXTFW_HTTP_CONNECTION_ERROR', substr($header, strpos($header, ' '))));
}
}
}
// Get response body
$result['body'] = '';
while (true) {
if (($error = $http->ReadReplyBody($body, 1000)) != '' or strlen($body) == 0) {
break;
}
$result['body'] .= $body;
}
} else {
throw new Exception(JText::sprintf('JSN_EXTFW_HTTP_CONNECTION_ERROR', $error));
}
// Close connection
$http->Close();
} else {
throw new Exception(JText::sprintf('JSN_EXTFW_HTTP_CONNECTION_ERROR', $error));
}
return !empty($target) ? JFile::write($target, $result['body']) : $result;
}
示例6: doHeadRequest
/**
* Send an HTTP HEAD request for the given URL
*
* @param string $url URL to request
* @param string $errmsg error message, if any (on return)
* @return int HTTP response code or 777 on error
*
*/
function doHeadRequest($url, &$errmsg)
{
$http = new http_class();
$http->timeout = 0;
$http->data_timeout = 0;
$http->debug = 0;
$http->html_debug = 0;
$http->user_agent = 'glFusion/' . GVERSION;
$error = $http->GetRequestArguments($url, $arguments);
$error = $http->Open($arguments);
$error = $http->SendRequest($arguments);
if ($error == "") {
$http->ReadReplyHeaders($headers);
return $http->response_status;
} else {
$errmsg = $error;
return 777;
}
}
示例7: CheckForSpam
/**
* Check for spam links
*
* @param string $post post to check for spam
* @return boolean true = spam found, false = no spam
*
* Note: Also returns 'false' in case of problems communicating with SFS.
* Error messages are logged in glFusion's error.log
*
*/
function CheckForSpam($post)
{
global $_SPX_CONF, $REMOTE_ADDR;
$retval = false;
$ip = $REMOTE_ADDR;
if (empty($post) || $ip == '') {
return $retval;
}
$arguments = array();
$response = '';
$http = new http_class();
$http->timeout = 0;
$http->data_timeout = 0;
$http->debug = 0;
$http->html_debug = 0;
$http->user_agent = 'glFusion/' . GVERSION;
$url = "http://www.stopforumspam.com/api";
$requestArgs = '?f=serial&';
if ($ip != '') {
$requestArgs .= 'ip=' . $ip . '&';
}
$requestArgs .= 'cmd=display';
$url = $url . $requestArgs;
$error = $http->GetRequestArguments($url, $arguments);
$error = $http->Open($arguments);
$error = $http->SendRequest($arguments);
if ($error == "") {
$error = $http->ReadReplyBody($body, 1024);
if ($error == "" || strlen($body) > 0) {
$response = $response . $body;
$result = @unserialize($response);
if (!$result) {
return 0;
}
// invalid data, assume ok
if (isset($result['ip']) && $result['ip']['appears'] == 1 && $result['ip']['confidence'] > (double) 25) {
$retval = true;
SPAMX_log("SFS: spam detected");
}
}
}
return $retval;
}
示例8: array
function open_url($type, $params = array())
{
$http = new http_class();
$http->request_method = 'POST';
$http->user_agent = "cesar-rodas/1.0 | Akismet-Class/" . CLASS_VERSION;
$http->follow_redirect = 1;
$http->redirection_limit = 5;
$http->exclude_address = "";
$http->protocol_version = "1.1";
$http->GetRequestArguments($this->get_url($type), $arguments);
$arguments['PostValues'] = $params;
$this->err = $http->Open($arguments);
if ($this->err != "") {
return false;
}
$this->err = $http->SendRequest($arguments);
if ($this->err != "") {
return false;
}
$this->err = $http->ReadReplyHeaders($gHeaders);
if ($this->err != "") {
return false;
}
if ($http->response_status != 200) {
$this->err = "Pages status: " . $http->response_status;
$http->Close();
return false;
}
$response = '';
for (;;) {
$this->error = $http->ReadReplyBody($body, 1000);
if ($this->error != "" || strlen($body) == 0) {
break;
}
$response .= $body;
}
$http->close();
return $response;
}
示例9: array
<TITLE>Test for Manuel Lemos' PHP HTTP class to simulate a HTTP POST form submission</TITLE>
</HEAD>
<BODY>
<H1><CENTER>Test for Manuel Lemos' PHP HTTP class to simulate a HTTP POST form submission</CENTER></H1>
<HR>
<UL>
<?php
require "http.php";
set_time_limit(0);
$http = new http_class();
$http->timeout = 0;
$http->data_timeout = 0;
$http->debug = 0;
$http->html_debug = 1;
$url = "http://www.cs.tut.fi/cgi-bin/run/~jkorpela/echoraw.cgi";
$error = $http->GetRequestArguments($url, $arguments);
$arguments["RequestMethod"] = "POST";
$arguments["PostValues"] = array("somefield" => "Upload forms", "MAX_FILE_SIZE" => "1000000");
$arguments["PostFiles"] = array("userfile" => array("Data" => "This is just a plain text attachment file named attachment.txt .", "Name" => "attachment.txt", "Content-Type" => "automatic/name"), "anotherfile" => array("FileName" => "test_http_post.php", "Content-Type" => "automatic/name"));
$arguments["Referer"] = "http://www.alltheweb.com/";
echo "<H2><LI>Opening connection to:</H2>\n<PRE>", HtmlEntities($arguments["HostName"]), "</PRE>\n";
flush();
$error = $http->Open($arguments);
if ($error == "") {
$error = $http->SendRequest($arguments);
if ($error == "") {
echo "<H2><LI>Request:</LI</H2>\n<PRE>\n" . HtmlEntities($http->request) . "</PRE>\n";
echo "<H2><LI>Request headers:</LI</H2>\n<PRE>\n";
for (Reset($http->request_headers), $header = 0; $header < count($http->request_headers); Next($http->request_headers), $header++) {
$header_name = Key($http->request_headers);
if (GetType($http->request_headers[$header_name]) == "array") {
示例10: UpdateStep4
function UpdateStep4()
{
global $clang, $scriptname, $homedir, $buildnumber, $updatebuild, $debug, $rootdir, $publicdir, $tempdir, $database_exists, $databasetype, $action, $demoModeOnly;
echo '<div class="header ui-widget-header">'.sprintf($clang->gT('ComfortUpdate step %s'),'4').'</div><div class="updater-background"><br />';
if (!isset( $_SESSION['updateinfo']))
{
echo $clang->gT('On requesting the update information from limesurvey.org there has been an error:').'<br />';
if ($updateinfo['error']==1)
{
setGlobalSetting('updatekey','');
echo $clang->gT('Your update key is invalid and was removed. ').'<br />';
}
else
echo $clang->gT('On requesting the update information from limesurvey.org there has been an error:').'<br />';
}
else
{
$updateinfo=$_SESSION['updateinfo'];
}
// this is the last step - Download the zip file, unpack it and replace files accordingly
// Create DB and file backups now
require_once("classes/pclzip/pclzip.lib.php");
// require_once('classes/pclzip/pcltrace.lib.php');
// require_once('classes/pclzip/pclzip-trace.lib.php');
// PclTraceOn(2);
require_once($homedir."/classes/http/http.php");
$downloaderror=false;
$http=new http_class;
// Allow redirects
$http->follow_redirect=1;
/* Connection timeout */
$http->timeout=0;
/* Data transfer timeout */
$http->data_timeout=0;
$http->user_agent="Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)";
$http->GetRequestArguments("http://update.limesurvey.org/updates/download/{$updateinfo['downloadid']}",$arguments);
$http->RestoreCookies($_SESSION['updatesession']);
$error=$http->Open($arguments);
$error=$http->SendRequest($arguments);
$http->ReadReplyHeaders($headers);
if ($headers['content-type']=='text/html')
{
@unlink($tempdir.'/update.zip');
}
elseif($error=='') {
$body='';
$pFile = fopen($tempdir.'/update.zip', 'w');
for(;;){
$error = $http->ReadReplyBody($body,100000);
if($error != "" || strlen($body)==0) break;
fwrite($pFile, $body);
}
fclose($pFile);
}
else
{
print( $error );
}
// Now remove all files that are to be deleted according to update process
foreach ($updateinfo['files'] as $afile)
{
if ($afile['type']=='D' && file_exists($rootdir.$afile['file']))
{
if (is_file($rootdir.$afile['file']))
{
unlink($rootdir.$afile['file']);
}
else{
rmdirr($rootdir.$afile['file']);
}
echo sprintf($clang->gT('File deleted: %s'),$afile['file']).'<br />';
}
}
//Now unzip the new files over the existing ones.
if (file_exists($tempdir.'/update.zip')){
$archive = new PclZip($tempdir.'/update.zip');
if ($archive->extract(PCLZIP_OPT_PATH, $rootdir.'/', PCLZIP_OPT_REPLACE_NEWER)== 0) {
die("Error : ".$archive->errorInfo(true));
}
else
{
echo $clang->gT('New files were successfully installed.').'<br />';
unlink($tempdir.'/update.zip');
}
}
else
{
echo $clang->gT('There was a problem downloading the update file. Please try to restart the update process.').'<br />';
$downloaderror=true;
}
// PclTraceDisplay();
//.........這裏部分代碼省略.........
示例11: _saveUserPhoto
protected function _saveUserPhoto($from, $to)
{
$ret = 0;
$img = '';
$arguments = array();
$http = new http_class();
$http->user_agent = 'glFusion/' . GVERSION;
$error = $http->GetRequestArguments($from, $arguments);
$error = $http->Open($arguments);
if ($error == "") {
$error = $http->SendRequest($arguments);
if ($error == "") {
for (;;) {
$error = $http->ReadReplyBody($body, 10240);
if ($error != "" || strlen($body) == 0) {
break;
}
$img = $img . $body;
}
$ret = file_put_contents($to, $img);
}
}
$http->Close();
return $ret;
}
示例12: TRB_detectTrackbackUrl
/**
* Attempt to auto-detect the Trackback URL of a post.
*
* @param string $url URL of post with embedded RDF for the Trackback URL
* @return mixed Trackback URL, or false on error
* Note: The RDF, if found, is only parsed using a regular expression. Using
* the XML parser may be more successful on some occassions ...
*/
function TRB_detectTrackbackUrl($url)
{
$retval = false;
$http = new http_class();
$http->timeout = 0;
$http->data_timeout = 0;
$http->debug = 0;
$http->html_debug = 0;
$http->user_agent = 'glFusion/' . GVERSION;
$error = $http->GetRequestArguments($url, $arguments);
$error = $http->Open($arguments);
$error = $http->SendRequest($arguments);
if ($error == "") {
$http->ReadReplyHeaders($headers);
if ($http->response_status == 200) {
$error = $http->ReadWholeReplyBody($page);
if ($error != "" && strlen($body) === 0) {
COM_errorLog("Trackback Detect TRB URL: unable to retrieve response body");
return false;
}
} else {
COM_errorLog("Trackback Detect TRB URL: Got HTTP response code " . $http->response_status . " when requesting " . $url);
return false;
}
} else {
COM_errorLog("Trackback Detect TRB URL: " . $error . " when requesting " . $url);
return false;
}
// search for the RDF first
$startPos = strpos($page, '<rdf:RDF ');
if ($startPos !== false) {
$endPos = strpos($page, '</rdf:RDF>', $startPos);
$endPos += strlen('</rdf:RDF>');
$rdf = substr($page, $startPos, $endPos - $startPos);
// Okay, we COULD fire up the XML parser now. But then again ...
if (preg_match('/trackback:ping="(.*)"/', $rdf, $matches) == 1) {
if (!empty($matches[1])) {
$retval = $matches[1];
}
}
}
// no luck with the RDF? try searching for a rel="trackback" link
if ($retval === false) {
// remove all linefeeds first to help the regexp below
$page = str_replace(array("\r", "\n"), '', $page);
preg_match_all("/<a[^>]*href=[\"']([^\"']*)[\"'][^>]*>(.*?)<\\/a>/i", $page, $matches);
for ($i = 0; $i < count($matches[0]); $i++) {
$link = $matches[0][$i];
if (strpos($link, 'rel="trackback"') !== false) {
$retval = $matches[1][$i];
break;
}
}
}
return $retval;
}
示例13: _checkVersion
function _checkVersion()
{
global $_CONF, $_USER, $_PLUGIN_INFO;
// build XML request
require_once $_CONF['path'] . 'lib/http/http.php';
$result = '';
$http = new http_class();
$http->timeout = 5;
$http->data_timeout = 5;
$http->debug = 0;
$http->html_debug = 0;
$http->user_agent = 'glFusion/' . GVERSION;
$url = "http://www.glfusion.org/versions/index.php";
$error = $http->GetRequestArguments($url, $arguments);
$arguments["RequestMethod"] = "POST";
$arguments["PostValues"] = array("v" => "v" . GVERSION . PATCHLEVEL);
if ($_CONF['send_site_data']) {
$arguments["PostValues"]['s'] = $_CONF['site_url'];
}
$error = $http->Open($arguments);
if ($error == "") {
$error = $http->SendRequest($arguments);
if ($error == "") {
for (;;) {
$error = $http->ReadReplyBody($body, 1000);
if ($error != "" || strlen($body) == 0) {
break;
}
$result = $result . $body;
}
}
}
if (!$result) {
return array(-1, -1, array());
}
// parse XML response
$response = xml2array($result);
if (isset($response['response'])) {
if (isset($response['response']['glfusion'])) {
$latest = $response['response']['glfusion']['version'];
} else {
$latest = 'unknown';
}
if (isset($response['response']['glfusion']['date'])) {
$releaseDate = $response['response']['glfusion']['date'];
} else {
$releaseDate = 'unknown';
}
}
// check glFusion CMS version
$current = GVERSION . PATCHLEVEL;
list($latestMajor, $latestMinor, $latestRev, $latestExtra) = explode('.', $latest . '....');
list($currentMajor, $currentMinor, $currentRev, $currentExtra) = explode('.', $current . '....');
$glFusionUpToDate = 0;
if ($currentMajor >= $latestMajor) {
if ($currentMajor > $latestMajor) {
$glFusionUpToDate = 2;
} else {
if ($currentMinor >= $latestMinor) {
if ($currentMinor > $latestMinor) {
$glFusionUpToDate = 2;
} else {
if ($currentRev >= $latestRev) {
if ($currentRev > $latestRev) {
$glFusionUpToDate = 2;
} else {
if ($currentExtra != '' || $latestExtra != '') {
if (strcmp($currentExtra, $latestExtra) == 0) {
$glFusionUpToDate = 1;
}
} else {
$glFusionUpToDate = 1;
}
}
}
}
}
}
}
// run through all our active plugins and see if any are out of date
$pluginsUpToDate = 1;
$done = 0;
if (is_array($response['response']['plugin'])) {
foreach ($_PLUGIN_INFO as $iPlugin => $iPluginVer) {
$upToDate = 0;
foreach ($response['response']['plugin'] as $plugin) {
if (strcmp($plugin['name'], $iPlugin) == 0) {
if (_upToDate($plugin['version'], $iPluginVer) == 0) {
$pluginsUpToDate = 0;
$done = 1;
break;
}
}
}
if ($done) {
break;
}
}
}
// build data if we need it...
//.........這裏部分代碼省略.........
示例14: testForReflectedXSS
function testForReflectedXSS($urlToCheck, $urlOfSite, $testId)
{
connectToDb($db);
updateStatus($db, "Testing {$urlToCheck} for Reflected Cross-Site Scripting...", $testId);
$log = new Logger();
$log->lfile('logs/eventlogs');
$log->lwrite("Starting Reflected XXS test function on {$urlToCheck}");
$postUrl = $urlToCheck;
$postUrlPath = parse_url($postUrl, PHP_URL_PATH);
//Check URL is not responding with 5xx codes
$log->lwrite("Checking what response code is received from {$urlToCheck}");
$http = new http_class();
$http->timeout = 0;
$http->data_timeout = 0;
//$http->debug=1;
$http->user_agent = "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)";
$http->follow_redirect = 1;
$http->redirection_limit = 5;
$http->setTestId($testId);
$error = $http->GetRequestArguments($urlToCheck, $arguments);
$error = $http->Open($arguments);
$log->lwrite("URL to be requested is: {$urlToCheck}");
if ($error == "") {
$log->lwrite("Sending HTTP request to {$urlToCheck}");
$error = $http->SendRequest($arguments);
if ($error == "") {
$headers = array();
$error = $http->ReadReplyHeaders($headers);
if ($error == "") {
$responseCode = $http->response_status;
//This is a string
$log->lwrite("Received response code: {$responseCode}");
if (intval($responseCode) >= 500 && intval($responseCode) < 600) {
$log->lwrite("Response code: {$responseCode} received from: {$urlToCheck}");
return;
}
}
}
$http->Close();
}
if (strlen($error)) {
echo "<H2 align=\"center\">Error: ", $error, "</H2>\n";
$log->lwrite("Error: {$error}");
}
$html = file_get_html($postUrl, $testId);
if (empty($html)) {
//This can happen due to file_get_contents returning a 500 code. Then the parser won't parse it
$log->lwrite("Problem getting contents from {$urlToCheck}");
return;
}
//Submit these
//If adding string to this array, add a corresponding string (to look for in response), with he same index, in the array below
//The response to look for can be the same as the payload or different.
$payloads = array('<webvulscan>', 'javascript:alert(webvulscan)');
//Look for these in response after submitting corresponding payload
$harmfulResponses = array('<webvulscan>', 'src="javascript:alert(webvulscan)"');
//First check does the URL passed into this function contain parameters and submit payloads as those parameters if it does
$parsedUrl = parse_url($urlToCheck);
$log->lwrite("Check if {$urlToCheck} contains parameters");
if ($parsedUrl) {
if (isset($parsedUrl['query'])) {
$log->lwrite("{$urlToCheck} does contain parameters");
$scheme = $parsedUrl['scheme'];
$host = $parsedUrl['host'];
$path = $parsedUrl['path'];
$query = $parsedUrl['query'];
parse_str($query, $parameters);
$originalQuery = $query;
$payloadIndex = 0;
foreach ($payloads as $currentPayload) {
$http = new http_class();
$http->timeout = 0;
$http->data_timeout = 0;
//$http->debug=1;
$http->user_agent = "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)";
$http->follow_redirect = 1;
$http->redirection_limit = 5;
$http->setTestId($testId);
foreach ($parameters as $para) {
$query = $originalQuery;
$newQuery = str_replace($para, $currentPayload, $query);
$query = $newQuery;
$testUrl = $scheme . '://' . $host . $path . '?' . $query;
$log->lwrite("URL to be requested is: {$testUrl}");
$error = $http->GetRequestArguments($testUrl, $arguments);
$error = $http->Open($arguments);
echo "<br>Sending HTTP request to " . htmlspecialchars($testUrl) . "<br>";
if ($error == "") {
$log->lwrite("Sending HTTP request to {$testUrl}");
$error = $http->SendRequest($arguments);
if ($error == "") {
$headers = array();
$error = $http->ReadReplyHeaders($headers);
if ($error == "") {
$error = $http->ReadWholeReplyBody($body);
if (strlen($error) == 0) {
$indicatorStr = $harmfulResponses[$payloadIndex];
if (stripos($body, $indicatorStr)) {
echo '<br>Reflected XSS Present!<br>Query: ' . HtmlSpecialChars($urlToCheck) . '<br>';
echo 'Method: GET <br>';
//.........這裏部分代碼省略.........
示例15: switchAction
public function switchAction($action, $httpVars, $fileVars)
{
//$this->logInfo("DL file", $httpVars);
$repository = ConfService::getRepository();
if (!$repository->detectStreamWrapper(false)) {
return false;
}
$plugin = AJXP_PluginsService::findPlugin("access", $repository->getAccessType());
$streamData = $plugin->detectStreamWrapper(true);
$dir = AJXP_Utils::decodeSecureMagic($httpVars["dir"]);
$destStreamURL = $streamData["protocol"] . "://" . $repository->getId() . $dir . "/";
$dlURL = null;
if (isset($httpVars["file"])) {
$parts = parse_url($httpVars["file"]);
$getPath = $parts["path"];
$basename = basename($getPath);
$dlURL = $httpVars["file"];
}
if (isset($httpVars["dlfile"])) {
$dlFile = $streamData["protocol"] . "://" . $repository->getId() . AJXP_Utils::decodeSecureMagic($httpVars["dlfile"]);
$realFile = file_get_contents($dlFile);
if (empty($realFile)) {
throw new Exception("cannot find file {$dlFile} for download");
}
$parts = parse_url($realFile);
$getPath = $parts["path"];
$basename = basename($getPath);
$dlURL = $realFile;
}
switch ($action) {
case "external_download":
if (!ConfService::currentContextIsCommandLine() && ConfService::backgroundActionsSupported()) {
$unixProcess = AJXP_Controller::applyActionInBackground($repository->getId(), "external_download", $httpVars);
if ($unixProcess !== null) {
@file_put_contents($destStreamURL . "." . $basename . ".pid", $unixProcess->getPid());
}
AJXP_XMLWriter::header();
AJXP_XMLWriter::triggerBgAction("reload_node", array(), "Triggering DL ", true, 2);
AJXP_XMLWriter::close();
session_write_close();
exit;
}
require_once AJXP_BIN_FOLDER . "/http_class/http_class.php";
session_write_close();
$httpClient = new http_class();
$arguments = array();
$httpClient->GetRequestArguments($httpVars["file"], $arguments);
$err = $httpClient->Open($arguments);
$collectHeaders = array("ajxp-last-redirection" => "", "content-disposition" => "", "content-length" => "");
if (empty($err)) {
$err = $httpClient->SendRequest($arguments);
$httpClient->follow_redirect = true;
$pidHiddenFileName = $destStreamURL . "." . $basename . ".pid";
if (is_file($pidHiddenFileName)) {
$pid = file_get_contents($pidHiddenFileName);
@unlink($pidHiddenFileName);
}
if (empty($err)) {
$httpClient->ReadReplyHeaders($collectHeaders);
$totalSize = -1;
if (!empty($collectHeaders["content-disposition"]) && strstr($collectHeaders["content-disposition"], "filename") !== false) {
$ar = explode("filename=", $collectHeaders["content-disposition"]);
$basename = trim(array_pop($ar));
$basename = str_replace("\"", "", $basename);
// Remove quotes
}
if (!empty($collectHeaders["content-length"])) {
$totalSize = intval($collectHeaders["content-length"]);
$this->logDebug("Should download {$totalSize} bytes!");
}
if ($totalSize != -1) {
$node = new AJXP_Node($destStreamURL . $basename);
AJXP_Controller::applyHook("node.before_create", array($node, $totalSize));
}
$tmpFilename = $destStreamURL . $basename . ".dlpart";
$hiddenFilename = $destStreamURL . "__" . $basename . ".ser";
$filename = $destStreamURL . $basename;
$dlData = array("sourceUrl" => $getPath, "totalSize" => $totalSize);
if (isset($pid)) {
$dlData["pid"] = $pid;
}
//file_put_contents($hiddenFilename, serialize($dlData));
$fpHid = fopen($hiddenFilename, "w");
fputs($fpHid, serialize($dlData));
fclose($fpHid);
// NOW READ RESPONSE
$destStream = fopen($tmpFilename, "w");
while (true) {
$body = "";
$error = $httpClient->ReadReplyBody($body, 1000);
if ($error != "" || strlen($body) == 0) {
break;
}
fwrite($destStream, $body, strlen($body));
}
fclose($destStream);
rename($tmpFilename, $filename);
unlink($hiddenFilename);
}
$httpClient->Close();
//.........這裏部分代碼省略.........