本文整理匯總了PHP中http_class::Open方法的典型用法代碼示例。如果您正苦於以下問題:PHP http_class::Open方法的具體用法?PHP http_class::Open怎麽用?PHP http_class::Open使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在類http_class
的用法示例。
在下文中一共展示了http_class::Open方法的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的PHP代碼示例。
示例1: http_adv_get
function http_adv_get($qtype, $url, $extra = array(), $headers = array())
{
$http = new http_class();
$http->debug = 0;
$http->html_debug = 0;
$http->request_method = $qtype;
$http->GetRequestArguments($url, $args);
$err = $http->Open($args);
foreach ($extra as $key => $value) {
$args[$key] = $value;
}
$body = "";
foreach ($headers as $key => $value) {
$args['Headers'][$key] = $value;
}
if ($err == "") {
$err = $http->Open($args);
$err = $http->SendRequest($args);
$http->ReadReplyHeaders($headers);
if ($err == "") {
if ($err == "") {
for (;;) {
$err = $http->ReadReplyBody($acc, 2000);
if ($err != "" || $acc == "") {
break;
}
$body .= $acc;
}
}
}
$http->close();
}
return array($headers, $body);
}
示例2: PNB_getPingbackUrl
/**
* Get the Pingback URL for a given URL
*
* @param string $url URL to get the Pingback URL for
* @return string Pingback URL or empty string
*/
function PNB_getPingbackUrl($url)
{
$retval = '';
$http = new http_class();
$http->timeout = 0;
$http->data_timeout = 0;
$http->debug = 0;
$http->html_debug = 0;
$http->user_agent = 'glFusion/' . GVERSION;
$error = $http->GetRequestArguments($url, $arguments);
$error = $http->Open($arguments);
$error = $http->SendRequest($arguments);
if ($error == "") {
$http->ReadReplyHeaders($headers);
if (isset($headers['x-pingback'])) {
$retval = $headers['x-pingback'];
} else {
COM_errorLog("Pingback (HEAD): unable to locate x-pingback header");
}
} else {
COM_errorLog('Pingback (HEAD): ' . $error);
return false;
}
if (empty($retval)) {
// search for <link rel="pingback">
$http = new http_class();
$http->timeout = 0;
$http->data_timeout = 0;
$http->debug = 0;
$http->html_debug = 0;
$http->user_agent = 'glFusion/' . GVERSION;
$error = $http->GetRequestArguments($url, $arguments);
$error = $http->Open($arguments);
$error = $http->SendRequest($arguments);
if ($error == "") {
$http->ReadReplyHeaders($headers);
if ($http->response_status == 200) {
$error = $http->ReadWholeReplyBody($body);
if ($error != "" && strlen($body) === 0) {
COM_errorLog("Pingback (GET): unable to retrieve response body");
return false;
}
} else {
COM_errorLog("Pingback (GET): Got HTTP response code " . $http->response_status . " when requesting " . $url);
return false;
}
} else {
COM_errorLog("Pingback (GET): " . $error . " when requesting " . $url);
return false;
}
// only search for the first match - it doesn't make sense to have
// more than one pingback URL
$found = preg_match("/<link rel=\"pingback\"[^>]*href=[\"']([^\"']*)[\"'][^>]*>/i", $body, $matches);
if ($found === 1 && !empty($matches[1])) {
$url = str_replace('&', '&', $matches[1]);
$retval = urldecode($url);
}
}
return $retval;
}
示例3: send_request
public function send_request($request)
{
$response_code = '0';
$response_info = array();
$response_headers = array();
$error = '';
$http = new http_class();
$http->follow_redirect = 1;
$http->redirection_limit = 5;
$http->prefer_curl = 0;
$error = $http->GetRequestArguments($request->uri, $arguments);
if ($request->credentials != null) {
$http->authentication_mechanism = "Digest";
$arguments['AuthUser'] = $request->credentials->get_username();
$arguments['AuthPassword'] = $request->credentials->get_password();
}
$arguments["RequestMethod"] = $request->method;
foreach ($request->headers as $k => $v) {
$arguments["Headers"][$k] = $v;
}
if ($request->body != null) {
$arguments["Body"] = $request->body;
}
$error = $http->Open($arguments);
if (!$error) {
$error = $http->SendRequest($arguments);
}
if (!$error) {
$error = $http->ReadReplyHeaders($response_headers);
$response_code = $http->response_status;
$response_body = '';
for (;;) {
$error = $http->ReadReplyBody($body, 1000);
if ($error != "" || strlen($body) == 0) {
break;
}
$response_body .= $body;
}
} else {
if ($request->_cache && $cached_response) {
return $cached_response;
}
$response_body = "Request failed: " . $error;
}
$http->Close();
$response = new HttpResponse();
$response->status_code = $response_code;
$response->headers = $response_headers;
$response->body = $response_body;
$response->info = $response_info;
//ID20100317 $response->request = $request;
$response->request_method = $request->method;
$response->request_uri = $request->uri;
$response->request_headers = $request->headers;
$response->request_body = $request->body;
$key = spl_object_hash($request);
$this->responses[$key] = $response;
return $key;
}
示例4: _checkSFS
function _checkSFS($username, $email, $ip = '')
{
global $_TABLES, $_SPX_CONF, $LANG_SX00;
$rc = 0;
$arguments = array();
$response = '';
$http = new http_class();
$http->timeout = 0;
$http->data_timeout = 0;
$http->debug = 0;
$http->html_debug = 0;
$http->user_agent = 'glFusion/' . GVERSION;
$url = "http://www.stopforumspam.com/api";
$requestArgs = '?f=serial&';
if ($ip != '') {
$requestArgs .= 'ip=' . $ip . '&';
}
if ($email != '') {
$requestArgs .= 'email=' . urlencode($email) . '&';
}
if ($username != '') {
$requestArgs .= 'username=' . urlencode($username) . '&';
}
$requestArgs .= 'cmd=display';
$url = $url . $requestArgs;
$error = $http->GetRequestArguments($url, $arguments);
$error = $http->Open($arguments);
$error = $http->SendRequest($arguments);
if ($error == "") {
$error = $http->ReadReplyBody($body, 1024);
if ($error != "" || strlen($body) == 0) {
break;
}
$response = $response . $body;
$result = @unserialize($response);
if (!$result) {
return 0;
}
// invalid data, assume ok
if (isset($result['email']) && $result['email']['appears'] == 1) {
$rc = $rc + 1;
}
if (isset($result['ip']) && $result['ip']['appears'] == 1) {
$rc = $rc + 2;
}
if (isset($result['username']) && $result['username']['appears'] == 1) {
$rc = $rc + 4;
}
}
return $rc;
}
示例5: get
/**
* Fetch a remote URI then return results.
*
* If this method is triggered without the second parameter, <b>$target</b>, then
* result will be return in the following format:
*
* <pre>array(
* 'header' => array(
* 'header_1' => 'header_value_1',
* 'header_2' => 'header_value_2',
* etc...
* ),
* 'body' => 'fetched response body'
* )</pre>
*
* Otherwise, the fetched response body will be saved to the local file specified
* by the variable <b>$target</b>. The example below will download the remote image
* <b>http://placehold.it/300x200.gif</b> then save to the local file
* <b>/tmp/downloaded_image.gif</b>:
*
* <pre>JSNUtilsHttp::get(
* 'http://placehold.it/300x200.gif',
* '/tmp/downloaded_image.gif'
* );</pre>
*
* When the second parameter is set in method call, the method will always return
* the boolean value <b>true</b> if file is successfully saved or <b>false</b>
* if file is not saved.
*
* @param string $uri Remote URI for fetching content.
* @param string $target Set to a file path to save fetched content as local file.
* @param boolean $validateHeader Check for 200 OK header or not?
*
* @return array array('header' => 'Associative array of fetched header', 'body' => 'Fetched content')
*/
public static function get($uri, $target = '', $validateHeader = false)
{
// Preset return result
$result = array();
// Initialize HTTP client
$http = new http_class();
$http->follow_redirect = 1;
$http->redirection_limit = 5;
$http->GetRequestArguments($uri, $arguments);
// Open connection
if (($error = $http->Open($arguments)) == '') {
if (($error = $http->SendRequest($arguments)) == '') {
// Get response header
$header = array();
if (($error = $http->ReadReplyHeaders($header)) != '') {
throw new Exception(JText::sprintf('JSN_EXTFW_HTTP_CONNECTION_ERROR', $error));
}
$result['header'] = $header;
// Validate header
if ($validateHeader) {
foreach ($result['header'] as $header => $value) {
if (strtolower(substr($header, 0, 5)) == 'http/' and strpos($header, '200') === false) {
throw new Exception(JText::sprintf('JSN_EXTFW_HTTP_CONNECTION_ERROR', substr($header, strpos($header, ' '))));
}
}
}
// Get response body
$result['body'] = '';
while (true) {
if (($error = $http->ReadReplyBody($body, 1000)) != '' or strlen($body) == 0) {
break;
}
$result['body'] .= $body;
}
} else {
throw new Exception(JText::sprintf('JSN_EXTFW_HTTP_CONNECTION_ERROR', $error));
}
// Close connection
$http->Close();
} else {
throw new Exception(JText::sprintf('JSN_EXTFW_HTTP_CONNECTION_ERROR', $error));
}
return !empty($target) ? JFile::write($target, $result['body']) : $result;
}
示例6: doHeadRequest
/**
* Send an HTTP HEAD request for the given URL
*
* @param string $url URL to request
* @param string $errmsg error message, if any (on return)
* @return int HTTP response code or 777 on error
*
*/
function doHeadRequest($url, &$errmsg)
{
$http = new http_class();
$http->timeout = 0;
$http->data_timeout = 0;
$http->debug = 0;
$http->html_debug = 0;
$http->user_agent = 'glFusion/' . GVERSION;
$error = $http->GetRequestArguments($url, $arguments);
$error = $http->Open($arguments);
$error = $http->SendRequest($arguments);
if ($error == "") {
$http->ReadReplyHeaders($headers);
return $http->response_status;
} else {
$errmsg = $error;
return 777;
}
}
示例7: CheckForSpam
/**
* Check for spam links
*
* @param string $post post to check for spam
* @return boolean true = spam found, false = no spam
*
* Note: Also returns 'false' in case of problems communicating with SFS.
* Error messages are logged in glFusion's error.log
*
*/
function CheckForSpam($post)
{
global $_SPX_CONF, $REMOTE_ADDR;
$retval = false;
$ip = $REMOTE_ADDR;
if (empty($post) || $ip == '') {
return $retval;
}
$arguments = array();
$response = '';
$http = new http_class();
$http->timeout = 0;
$http->data_timeout = 0;
$http->debug = 0;
$http->html_debug = 0;
$http->user_agent = 'glFusion/' . GVERSION;
$url = "http://www.stopforumspam.com/api";
$requestArgs = '?f=serial&';
if ($ip != '') {
$requestArgs .= 'ip=' . $ip . '&';
}
$requestArgs .= 'cmd=display';
$url = $url . $requestArgs;
$error = $http->GetRequestArguments($url, $arguments);
$error = $http->Open($arguments);
$error = $http->SendRequest($arguments);
if ($error == "") {
$error = $http->ReadReplyBody($body, 1024);
if ($error == "" || strlen($body) > 0) {
$response = $response . $body;
$result = @unserialize($response);
if (!$result) {
return 0;
}
// invalid data, assume ok
if (isset($result['ip']) && $result['ip']['appears'] == 1 && $result['ip']['confidence'] > (double) 25) {
$retval = true;
SPAMX_log("SFS: spam detected");
}
}
}
return $retval;
}
示例8: array
function open_url($type, $params = array())
{
$http = new http_class();
$http->request_method = 'POST';
$http->user_agent = "cesar-rodas/1.0 | Akismet-Class/" . CLASS_VERSION;
$http->follow_redirect = 1;
$http->redirection_limit = 5;
$http->exclude_address = "";
$http->protocol_version = "1.1";
$http->GetRequestArguments($this->get_url($type), $arguments);
$arguments['PostValues'] = $params;
$this->err = $http->Open($arguments);
if ($this->err != "") {
return false;
}
$this->err = $http->SendRequest($arguments);
if ($this->err != "") {
return false;
}
$this->err = $http->ReadReplyHeaders($gHeaders);
if ($this->err != "") {
return false;
}
if ($http->response_status != 200) {
$this->err = "Pages status: " . $http->response_status;
$http->Close();
return false;
}
$response = '';
for (;;) {
$this->error = $http->ReadReplyBody($body, 1000);
if ($this->error != "" || strlen($body) == 0) {
break;
}
$response .= $body;
}
$http->close();
return $response;
}
示例9: array
/* Define your PHP Classes site access name here */
$password_line = __LINE__;
$host_name = "phpclasses.UpperDesign.com";
$uri = "/browse.html/file/5/download/1/name/http.php";
if ($user == "") {
echo "PHP Classes site user was not specified in script " . __FILE__ . " line {$user_line}\n";
exit;
}
if ($password == "") {
echo "PHP Classes site password was not specified in script " . __FILE__ . " line {$password_line}\n";
exit;
}
require "http.php";
set_time_limit(0);
$http_connection = new http_class();
$error = $http_connection->Open(array("HostName" => $host_name));
if ($error == "") {
$error = $http_connection->SendRequest(array("RequestURI" => $uri, "RequestMethod" => "POST", "PostValues" => array("alias" => $user, "password" => $password, "Submit" => "Login", "dologin" => 1)));
if ($error == "") {
$error = $http_connection->ReadReplyHeaders(&$headers);
if ($error == "") {
for ($header = 0, Reset($headers); $header < count($headers); Next($headers), $header++) {
if (Key($headers) == "set-cookie") {
break;
}
}
if ($header < count($headers)) {
for (;;) {
$error = $http_connection->ReadReplyBody(&$body, 1000);
if ($error != "" || strlen($body) == 0) {
break;
示例10: array
require "http.php";
set_time_limit(0);
$http = new http_class();
$http->timeout = 0;
$http->data_timeout = 0;
$http->debug = 0;
$http->html_debug = 1;
$url = "http://www.cs.tut.fi/cgi-bin/run/~jkorpela/echoraw.cgi";
$error = $http->GetRequestArguments($url, $arguments);
$arguments["RequestMethod"] = "POST";
$arguments["PostValues"] = array("somefield" => "Upload forms", "MAX_FILE_SIZE" => "1000000");
$arguments["PostFiles"] = array("userfile" => array("Data" => "This is just a plain text attachment file named attachment.txt .", "Name" => "attachment.txt", "Content-Type" => "automatic/name"), "anotherfile" => array("FileName" => "test_http_post.php", "Content-Type" => "automatic/name"));
$arguments["Referer"] = "http://www.alltheweb.com/";
echo "<H2><LI>Opening connection to:</H2>\n<PRE>", HtmlEntities($arguments["HostName"]), "</PRE>\n";
flush();
$error = $http->Open($arguments);
if ($error == "") {
$error = $http->SendRequest($arguments);
if ($error == "") {
echo "<H2><LI>Request:</LI</H2>\n<PRE>\n" . HtmlEntities($http->request) . "</PRE>\n";
echo "<H2><LI>Request headers:</LI</H2>\n<PRE>\n";
for (Reset($http->request_headers), $header = 0; $header < count($http->request_headers); Next($http->request_headers), $header++) {
$header_name = Key($http->request_headers);
if (GetType($http->request_headers[$header_name]) == "array") {
for ($header_value = 0; $header_value < count($http->request_headers[$header_name]); $header_value++) {
echo $header_name . ": " . $http->request_headers[$header_name][$header_value], "\r\n";
}
} else {
echo $header_name . ": " . $http->request_headers[$header_name], "\r\n";
}
}
示例11: _saveUserPhoto
protected function _saveUserPhoto($from, $to)
{
$ret = 0;
$img = '';
$arguments = array();
$http = new http_class();
$http->user_agent = 'glFusion/' . GVERSION;
$error = $http->GetRequestArguments($from, $arguments);
$error = $http->Open($arguments);
if ($error == "") {
$error = $http->SendRequest($arguments);
if ($error == "") {
for (;;) {
$error = $http->ReadReplyBody($body, 10240);
if ($error != "" || strlen($body) == 0) {
break;
}
$img = $img . $body;
}
$ret = file_put_contents($to, $img);
}
}
$http->Close();
return $ret;
}
示例12: UpdateStep4
function UpdateStep4()
{
global $clang, $scriptname, $homedir, $buildnumber, $updatebuild, $debug, $rootdir, $publicdir, $tempdir, $database_exists, $databasetype, $action, $demoModeOnly;
echo '<div class="header ui-widget-header">'.sprintf($clang->gT('ComfortUpdate step %s'),'4').'</div><div class="updater-background"><br />';
if (!isset( $_SESSION['updateinfo']))
{
echo $clang->gT('On requesting the update information from limesurvey.org there has been an error:').'<br />';
if ($updateinfo['error']==1)
{
setGlobalSetting('updatekey','');
echo $clang->gT('Your update key is invalid and was removed. ').'<br />';
}
else
echo $clang->gT('On requesting the update information from limesurvey.org there has been an error:').'<br />';
}
else
{
$updateinfo=$_SESSION['updateinfo'];
}
// this is the last step - Download the zip file, unpack it and replace files accordingly
// Create DB and file backups now
require_once("classes/pclzip/pclzip.lib.php");
// require_once('classes/pclzip/pcltrace.lib.php');
// require_once('classes/pclzip/pclzip-trace.lib.php');
// PclTraceOn(2);
require_once($homedir."/classes/http/http.php");
$downloaderror=false;
$http=new http_class;
// Allow redirects
$http->follow_redirect=1;
/* Connection timeout */
$http->timeout=0;
/* Data transfer timeout */
$http->data_timeout=0;
$http->user_agent="Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)";
$http->GetRequestArguments("http://update.limesurvey.org/updates/download/{$updateinfo['downloadid']}",$arguments);
$http->RestoreCookies($_SESSION['updatesession']);
$error=$http->Open($arguments);
$error=$http->SendRequest($arguments);
$http->ReadReplyHeaders($headers);
if ($headers['content-type']=='text/html')
{
@unlink($tempdir.'/update.zip');
}
elseif($error=='') {
$body='';
$pFile = fopen($tempdir.'/update.zip', 'w');
for(;;){
$error = $http->ReadReplyBody($body,100000);
if($error != "" || strlen($body)==0) break;
fwrite($pFile, $body);
}
fclose($pFile);
}
else
{
print( $error );
}
// Now remove all files that are to be deleted according to update process
foreach ($updateinfo['files'] as $afile)
{
if ($afile['type']=='D' && file_exists($rootdir.$afile['file']))
{
if (is_file($rootdir.$afile['file']))
{
unlink($rootdir.$afile['file']);
}
else{
rmdirr($rootdir.$afile['file']);
}
echo sprintf($clang->gT('File deleted: %s'),$afile['file']).'<br />';
}
}
//Now unzip the new files over the existing ones.
if (file_exists($tempdir.'/update.zip')){
$archive = new PclZip($tempdir.'/update.zip');
if ($archive->extract(PCLZIP_OPT_PATH, $rootdir.'/', PCLZIP_OPT_REPLACE_NEWER)== 0) {
die("Error : ".$archive->errorInfo(true));
}
else
{
echo $clang->gT('New files were successfully installed.').'<br />';
unlink($tempdir.'/update.zip');
}
}
else
{
echo $clang->gT('There was a problem downloading the update file. Please try to restart the update process.').'<br />';
$downloaderror=true;
}
// PclTraceDisplay();
//.........這裏部分代碼省略.........
示例13: testForReflectedXSS
function testForReflectedXSS($urlToCheck, $urlOfSite, $testId)
{
connectToDb($db);
updateStatus($db, "Testing {$urlToCheck} for Reflected Cross-Site Scripting...", $testId);
$log = new Logger();
$log->lfile('logs/eventlogs');
$log->lwrite("Starting Reflected XXS test function on {$urlToCheck}");
$postUrl = $urlToCheck;
$postUrlPath = parse_url($postUrl, PHP_URL_PATH);
//Check URL is not responding with 5xx codes
$log->lwrite("Checking what response code is received from {$urlToCheck}");
$http = new http_class();
$http->timeout = 0;
$http->data_timeout = 0;
//$http->debug=1;
$http->user_agent = "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)";
$http->follow_redirect = 1;
$http->redirection_limit = 5;
$http->setTestId($testId);
$error = $http->GetRequestArguments($urlToCheck, $arguments);
$error = $http->Open($arguments);
$log->lwrite("URL to be requested is: {$urlToCheck}");
if ($error == "") {
$log->lwrite("Sending HTTP request to {$urlToCheck}");
$error = $http->SendRequest($arguments);
if ($error == "") {
$headers = array();
$error = $http->ReadReplyHeaders($headers);
if ($error == "") {
$responseCode = $http->response_status;
//This is a string
$log->lwrite("Received response code: {$responseCode}");
if (intval($responseCode) >= 500 && intval($responseCode) < 600) {
$log->lwrite("Response code: {$responseCode} received from: {$urlToCheck}");
return;
}
}
}
$http->Close();
}
if (strlen($error)) {
echo "<H2 align=\"center\">Error: ", $error, "</H2>\n";
$log->lwrite("Error: {$error}");
}
$html = file_get_html($postUrl, $testId);
if (empty($html)) {
//This can happen due to file_get_contents returning a 500 code. Then the parser won't parse it
$log->lwrite("Problem getting contents from {$urlToCheck}");
return;
}
//Submit these
//If adding string to this array, add a corresponding string (to look for in response), with he same index, in the array below
//The response to look for can be the same as the payload or different.
$payloads = array('<webvulscan>', 'javascript:alert(webvulscan)');
//Look for these in response after submitting corresponding payload
$harmfulResponses = array('<webvulscan>', 'src="javascript:alert(webvulscan)"');
//First check does the URL passed into this function contain parameters and submit payloads as those parameters if it does
$parsedUrl = parse_url($urlToCheck);
$log->lwrite("Check if {$urlToCheck} contains parameters");
if ($parsedUrl) {
if (isset($parsedUrl['query'])) {
$log->lwrite("{$urlToCheck} does contain parameters");
$scheme = $parsedUrl['scheme'];
$host = $parsedUrl['host'];
$path = $parsedUrl['path'];
$query = $parsedUrl['query'];
parse_str($query, $parameters);
$originalQuery = $query;
$payloadIndex = 0;
foreach ($payloads as $currentPayload) {
$http = new http_class();
$http->timeout = 0;
$http->data_timeout = 0;
//$http->debug=1;
$http->user_agent = "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)";
$http->follow_redirect = 1;
$http->redirection_limit = 5;
$http->setTestId($testId);
foreach ($parameters as $para) {
$query = $originalQuery;
$newQuery = str_replace($para, $currentPayload, $query);
$query = $newQuery;
$testUrl = $scheme . '://' . $host . $path . '?' . $query;
$log->lwrite("URL to be requested is: {$testUrl}");
$error = $http->GetRequestArguments($testUrl, $arguments);
$error = $http->Open($arguments);
echo "<br>Sending HTTP request to " . htmlspecialchars($testUrl) . "<br>";
if ($error == "") {
$log->lwrite("Sending HTTP request to {$testUrl}");
$error = $http->SendRequest($arguments);
if ($error == "") {
$headers = array();
$error = $http->ReadReplyHeaders($headers);
if ($error == "") {
$error = $http->ReadWholeReplyBody($body);
if (strlen($error) == 0) {
$indicatorStr = $harmfulResponses[$payloadIndex];
if (stripos($body, $indicatorStr)) {
echo '<br>Reflected XSS Present!<br>Query: ' . HtmlSpecialChars($urlToCheck) . '<br>';
echo 'Method: GET <br>';
//.........這裏部分代碼省略.........
示例14: testAuthenticationSQLi
function testAuthenticationSQLi($urlToCheck, $urlOfSite, $testId)
{
connectToDb($db);
updateStatus($db, "Testing {$urlToCheck} for Broken Authentication using SQL Injection...", $testId);
$log = new Logger();
$log->lfile('logs/eventlogs');
$log->lwrite("Starting Broken Authentication SQLi test function on {$urlToCheck}");
$postUrl = $urlToCheck;
$postUrlPath = parse_url($postUrl, PHP_URL_PATH);
//Check URL is not responding with 5xx codes
$log->lwrite("Checking what response code is received from {$urlToCheck}");
$http = new http_class();
$http->timeout = 0;
$http->data_timeout = 0;
//$http->debug=1;
$http->user_agent = "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)";
$http->follow_redirect = 1;
$http->redirection_limit = 5;
$http->setTestId($testId);
$error = $http->GetRequestArguments($urlToCheck, $arguments);
$error = $http->Open($arguments);
$log->lwrite("URL to be requested is: {$urlToCheck}");
if ($error == "") {
$log->lwrite("Sending HTTP request to {$urlToCheck}");
$error = $http->SendRequest($arguments);
if ($error == "") {
$headers = array();
$error = $http->ReadReplyHeaders($headers);
if ($error == "") {
$responseCode = $http->response_status;
//This is a string
$log->lwrite("Received response code: {$responseCode}");
if (intval($responseCode) >= 500 && intval($responseCode) < 600) {
$log->lwrite("Response code: {$responseCode} received from: {$urlToCheck}");
return;
}
}
}
$http->Close();
}
if (strlen($error)) {
echo "<H2 align=\"center\">Error: ", $error, "</H2>\n";
$log->lwrite("Error: {$error}");
}
$html = file_get_html($postUrl, $testId);
if (empty($html)) {
//This can happen due to file_get_contents returning a 500 code. Then the parser won't parse it
updateStatus($db, "Problem getting contents from {$urlToCheck}...", $testId);
$log->lwrite("Problem getting contents from {$urlToCheck}");
return;
}
//Array containing all form objects found
$arrayOfForms = array();
//Array containing all input fields
$arrayOfInputFields = array();
$log->lwrite("Searching {$postUrl} for forms");
$formNum = 1;
//Must use an integer to identify form as forms could have same names and ids
foreach ($html->find('form') as $form) {
isset($form->attr['id']) ? $formId = htmlspecialchars($form->attr['id']) : ($formId = '');
isset($form->attr['name']) ? $formName = htmlspecialchars($form->attr['name']) : ($formName = '');
isset($form->attr['method']) ? $formMethod = htmlspecialchars($form->attr['method']) : ($formMethod = 'get');
isset($form->attr['action']) ? $formAction = htmlspecialchars($form->attr['action']) : ($formAction = '');
$formMethod = strtolower($formMethod);
//If the action of the form is empty, set the action equal to everything
//after the URL that the user entered
if (empty($formAction)) {
$strLengthUrl = strlen($urlToCheck);
$strLengthSite = strlen($urlOfSite);
$firstIndexOfSlash = strpos($urlToCheck, '/', $strLengthSite - 1);
$formAction = substr($urlToCheck, $firstIndexOfSlash + 1, $strLengthUrl);
}
$log->lwrite("Found form on {$postUrl}: {$formId} {$formName} {$formMethod} {$formAction} {$formNum}");
$newForm = new Form($formId, $formName, $formMethod, $formAction, $formNum);
array_push($arrayOfForms, $newForm);
foreach ($form->find('input') as $input) {
isset($input->attr['id']) ? $inputId = htmlspecialchars($input->attr['id']) : ($inputId = '');
isset($input->attr['name']) ? $inputName = htmlspecialchars($input->attr['name']) : ($inputName = '');
isset($input->attr['value']) ? $inputValue = htmlspecialchars($input->attr['value']) : ($inputValue = '');
isset($input->attr['type']) ? $inputType = htmlspecialchars($input->attr['type']) : ($inputType = '');
$log->lwrite("Found input field on {$postUrl}: {$inputId} {$inputName} {$formId} {$formName} {$inputValue} {$inputType} {$formNum}");
$inputField = new InputField($inputId, $inputName, $formId, $formName, $inputValue, $inputType, $formNum);
array_push($arrayOfInputFields, $inputField);
}
$formNum++;
}
//At this stage, we should have captured all forms and their input fields into the appropriate arrays
//Begin testing each of the forms
//Defintion of all payloads used and warnings to examine for
//Payloads can be added to this
$arrayOfPayloads = array("1'or'1'='1", "1'or'1'='1';#");
//Check if the URL passed into this function displays the same webpage at different intervals
//If it does then attempt to login and if this URL displays a different page, the vulnerability is present
//e.g. a login page would always look different when you are and are not logged in
$log->lwrite("Checking if {$urlToCheck} displays the same page at different intervals");
$responseBodies = array();
$http = new http_class();
$http->timeout = 0;
$http->data_timeout = 0;
//$http->debug=1;
//.........這裏部分代碼省略.........
示例15: testFetch
function testFetch($url)
{
$http = new http_class();
owa_coreAPI::debug('hello owa_http testfetch method');
/* Connection timeout */
$http->timeout = 0;
/* Data transfer timeout */
$http->data_timeout = 0;
/* Output debugging information about the progress of the connection */
$http->debug = 1;
$http->user_agent = owa_coreAPI::getSetting('base', 'owa_user_agent');
$http->follow_redirect = 1;
$http->redirection_limit = 5;
$http->exclude_address = "";
$http->prefer_curl = 0;
$arguments = array();
$error = $http->GetRequestArguments($url, $arguments);
$error = $http->Open($arguments);
//for(;;)
// {
$error = $http->ReadReplyBody($body, 50000);
if ($error != "" || strlen($body) == 0) {
owa_coreAPI::debug(HtmlSpecialChars($body));
}
// }
}