## for basic HTTP authentication ########################################## case 'authenticate': require 'init.php'; ## Check we have a URL to authenticate for if (empty($_SESSION['auth']) || empty($_SESSION['authdomain'])) { localRedirect(); } ## Check we have login details if (empty($_POST['pass'])) { header('Location: ' . proxifyURL($_SESSION['auth'])); exit; } ## Save login details $user = empty($_POST['user']) ? '' : stripEscape($_POST['user']); $pass = stripEscape($_POST['pass']); setcookie('auth[' . $_SESSION['authdomain'] . ']', $user . ':' . $pass, false, '/'); header('Location: ' . proxifyURL($_SESSION['auth']) . '&refresh'); break; ########################################## ## Cookie management - deletions ########################################## ########################################## ## Cookie management - deletions ########################################## case 'cookies': require 'init.php'; ## Delete all or specific? if (isset($_GET['type']) && $_GET['type'] == 'all') { if (!empty($_COOKIE[optCOOKIE])) { foreach ($_COOKIE[optCOOKIE] as $domain => $value) {
if (isset($_SERVER['HTTP_USER_AGENT'])) { $toSet[CURLOPT_USERAGENT] = $_SERVER['HTTP_USER_AGENT']; } // Show SSL without verifying $toSet[CURLOPT_SSL_VERIFYPEER] = false; $toSet[CURLOPT_SSL_VERIFYHOST] = false; // Set referrer (but only if their browser sends referrer) if (!empty($_SERVER['HTTP_REFERER']) && strpos($referrer = deproxifyURL($_SERVER['HTTP_REFERER'], $options['encodeURL']), optURL) === false && strpos($referrer, 'http') === 0) { $toSet[CURLOPT_REFERER] = $referrer; } ########################################## ## Manage basic auth ########################################## if (isset($_COOKIE['auth'][urlDOMAIN])) { $toSet[CURLOPT_HTTPAUTH] = CURLAUTH_BASIC; $toSet[CURLOPT_USERPWD] = stripEscape($_COOKIE['auth'][urlDOMAIN]); } ########################################## ## Handle caching ########################################## ## If client sends "if modified since", pass it to cURL ## and (hopefully) we can send back a 304 response instead ## of the whole file if (!empty($_SERVER['HTTP_IF_MODIFIED_SINCE'])) { $toSet[CURLOPT_TIMECONDITION] = CURL_TIMECOND_IFMODSINCE; $toSet[CURLOPT_TIMEVALUE] = strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE']); } ########################################## ## COOKIES - Read and send in request ########################################## ## Any at all?