function redirect($javascript)
{
p::disable();
$url = $this->url;
if ($javascript) {
$url = 'location.replace(' . ('' !== $url ? "'" . addslashes($url) . "'" : 'location') . ')';
header('Content-Length: ' . strlen($url));
echo $url;
} else {
header('HTTP/1.1 302 Found');
header('Location: ' . ('' !== $url ? $url : $_SERVER['REQUEST_URI']));
}
}
function redirect($javascript)
{
p::disable();
$url = $this->url;
$url = '' === $url ? '' : (preg_match("'^([^:/]+:/|\\.+)?/'", $url) ? $url : p::__BASE__() . ('index' === $url ? '' : $url));
if ($javascript) {
$url = 'location.replace(' . ('' !== $url ? "'" . addslashes($url) . "'" : 'location') . ')';
header('Content-Length: ' . strlen($url));
echo $url;
} else {
header('HTTP/1.1 302 Found');
header('Location: ' . ('' !== $url ? $url : $_SERVER['REQUEST_URI']));
}
}
static function resolve($agent)
{
static $cache = array();
if (isset($cache[$agent])) {
return $cache[$agent];
} else {
$cache[$agent] =& $trace;
}
$args = array();
$BASE = p::__BASE__();
$agent = rawurlencode($agent);
$agent = str_replace(array('%21', '%7E', '%2A', '%28', '%29', '%2C', '%2F', '%3A', '%40', '%24', '%3B'), array('!', '~', '*', '(', ')', ',', '/', ':', '@', '$', ';'), $agent);
$agent = p::base($agent, true);
$agent = preg_replace("'^.*?://[^/]*'", '', $agent);
$h = patchwork_http_socket($_SERVER['SERVER_ADDR'], $_SERVER['SERVER_PORT'], isset($_SERVER['HTTPS']));
$keys = p::$lang;
$keys = "GET {$agent}?p:=k:{$keys} HTTP/1.0\r\n";
$keys .= "Host: {$_SERVER['HTTP_HOST']}\r\n";
$keys .= "Connection: close\r\n\r\n";
fwrite($h, $keys);
$keys = array();
while (false !== ($a = fgets($h))) {
$keys[] = $a;
}
fclose($h);
$h = '\'[^\'\\\\]*(?:\\\\.[^\'\\\\]*)*\'';
$h = "/w\\.k\\((-?[0-9]+),({$h}),({$h}),({$h}),\\[((?:{$h}(?:,{$h})*)?)\\]\\)/su";
if (!preg_match($h, implode('', $keys), $keys)) {
user_error('Error while getting meta info data for ' . htmlspecialchars($agent));
p::disable(true);
}
$appId = (int) $keys[1];
$base = stripcslashes(substr($keys[2], 1, -1));
$agent = stripcslashes(substr($keys[3], 1, -1));
$a = stripcslashes(substr($keys[4], 1, -1));
$keys = eval('return array(' . $keys[5] . ');');
if ('' !== $a) {
$args['__0__'] = $a;
$i = 0;
foreach (explode('/', $a) as $a) {
$args['__' . ++$i . '__'] = $a;
}
}
if ($base === $BASE) {
$appId = $base = false;
} else {
p::watch('foreignTrace');
}
return $trace = array($appId, $base, $agent, $keys, $args);
}
static function scriptAlert()
{
p::setMaxage(0);
if (p::$catchMeta) {
p::$metaInfo[1] = array('private');
}
if ('-' === strtr(self::$requestMode, '-tpax', '#----')) {
$a = '';
$cache = p::getContextualCachePath('agentArgs/' . p::$agentClass, 'txt');
if (file_exists($cache)) {
$h = fopen($cache, 'r+b');
if (!($a = fread($h, 1))) {
rewind($h);
fwrite($h, $a = '1');
p::touch('public/templates/js');
p::updateAppId();
}
fclose($h);
}
throw new e\PrivateResource($a);
}
user_error('Potential JavaScript-Hijacking. Stopping !');
p::disable(true);
}
static function readfile($file, $mime = true, $filename = true)
{
$h = patchworkPath($file);
if (!$h || !file_exists($h) || is_dir($h)) {
user_error(__METHOD__ . "(..): invalid file ({$file})");
return;
}
$file = $h;
if (true === $mime) {
$mime = strtolower(strrchr($file, '.'));
$mime = isset(self::$contentType[$mime]) ? self::$contentType[$mime] : false;
}
$mime || ($mime = isset(p::$headers['content-type']) ? substr(p::$headers['content-type'], 14) : 'application/octet-stream');
$mime = strtolower($mime);
$head = 'HEAD' == $_SERVER['REQUEST_METHOD'];
$gzip = p::gzipAllowed($mime);
$filter = $gzip || $head || !$CONFIG['xsendfile'] || in_array($mime, self::$ieSniffedTypes_edit) || in_array($mime, p::$ieSniffedTypes_download);
header('Content-Type: ' . $mime);
if ($filename) {
$filename = basename(true === $filename ? $_SERVER['PATCHWORK_REQUEST'] : $filename);
$size = false;
if (!$filter) {
// Force IE>=8 to respect attachment content disposition
header('X-Download-Options: noopen');
}
// It seems that IE assumes that filename is represented in its local system charset...
// But we don't want to introduce "Vary: User-Agent" just because of this.
if (('POST' === $_SERVER['REQUEST_METHOD'] || p::$private) && isset($_SERVER['HTTP_USER_AGENT']) && strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE') && !strpos($_SERVER['HTTP_USER_AGENT'], 'Opera') && preg_match('/[\\x80-\\xFF]/', $filename)) {
if (stripos(p::$headers['content-type'], 'octet-stream') && preg_match('#(.*)(\\.[- -,/-~]+)$#D', $filename, $size)) {
// Don't search any rational here, it's IE...
header('Content-Disposition: attachment; filename=' . rawurlencode($size[1]) . str_replace('"', "''", $size[2]));
} else {
$filename = Patchwork\Utf8::toAscii($filename);
}
}
$size || header('Content-Disposition: attachment; filename="' . str_replace('"', "''", $filename) . '"');
// If only RFC 2231 were in use... See http://greenbytes.de/tech/tc2231/
//header('Content-Disposition: attachment; filename*=utf-8''" . rawurlencode($filename));
} else {
if (false !== strpos($mime, 'html')) {
header('P3P: CP="' . $CONFIG['P3P'] . '"');
header('X-XSS-Protection: 1; mode=block');
}
}
$size = filesize($file);
p::$ETag = $size . '-' . p::$LastModified . '-' . fileinode($file);
p::$LastModified = filemtime($file);
p::$binaryMode = true;
p::disable();
class_exists('SESSION', false) && s::close();
class_exists('adapter_DB', false) && \adapter_DB::__free();
$gzip || ob_start();
$filter && ob_start(array(__CLASS__, 'ob_filterOutput'), 32768);
// Transform relative URLs to absolute ones
if ($gzip) {
if (0 === strncasecmp($mime, 'text/css', 8)) {
self::$filterRx = "@([\\s:]url\\(\\s*[\"']?)(?![/\\\\#\"']|[^\\)\n\r:/\"']+?:)@i";
ob_start(array(__CLASS__, 'filter'), 32768);
} else {
if (0 === strncasecmp($mime, 'text/html', 9) || 0 === strncasecmp($mime, 'text/x-component', 16)) {
self::$filterRx = "@(<[^<>]+?\\s(?:href|src)\\s*=\\s*[\"']?)(?![/\\\\#\"']|[^\n\r:/\"']+?:)@i";
ob_start(array(__CLASS__, 'filter'), 32768);
}
}
}
if ($filter) {
$h = fopen($file, 'rb');
echo $starting_data = fread($h, 256);
// For p::ob_filterOutput to fix IE
if ($gzip) {
if ($head) {
ob_end_clean();
}
$data = '';
$starting_data = false;
} else {
ob_end_flush();
$data = ob_get_clean();
$size += strlen($data) - strlen($starting_data);
$starting_data = $data == $starting_data;
}
} else {
$starting_data = true;
}
if (!$head) {
if ($starting_data && $CONFIG['xsendfile']) {
header(sprintf($CONFIG['xsendfile'], $file));
} else {
if ($range = $starting_data && !$gzip) {
header('Accept-Ranges: bytes');
$range = isset($_SERVER['HTTP_RANGE']) ? p\HttpRange::negociate($size, p::$ETag, p::$LastModified) : false;
} else {
header('Accept-Ranges: none');
}
set_time_limit(0);
ignore_user_abort(false);
if ($range) {
unset(p::$headers['content-type']);
p\HttpRange::sendChunks($range, $h, $mime, $size);
} else {
$gzip || header('Content-Length: ' . $size);
echo $data;
feof($h) || fpassthru($h);
}
}
}
$filter && fclose($h);
}
