// ############################################################################
$url = isset($_GET['url']) ? urldecode($_GET['url']) : false;
//Replace white spaces with compliant %20
$url = str_replace(" ", "%20", $url);
$header = '';
if (!$url) {
// Passed url not specified.
$contents = 'ERROR: url not specified';
$status = array('http_code' => 'ERROR');
} else {
if (!preg_match($valid_url_regex, $url)) {
// Passed url doesn't match $valid_url_regex.
$contents = 'ERROR: invalid url';
$status = array('http_code' => 'ERROR');
} else {
if (!isValidHost($url)) {
// URL host is not whitelisted
$contents = 'ERROR: URL not in Kaltura domain whitelist [DENIED]';
$status = array('http_code' => 'ERROR');
} else {
$ch = curl_init($url);
// Always follow redirects:
curl_setopt($ch, CURLOPT_AUTOREFERER, true);
// Add a total curl execute timeout of 10 seconds:
curl_setopt($ch, CURLOPT_TIMEOUT, 10);
if (strtolower($_SERVER['REQUEST_METHOD']) == 'post') {
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $_POST);
}
if (isset($_GET['send_cookies']) || $proxyCookies) {
$cookie = array();
}
}
}
}
}
}
}
} else {
if ($currentAction == "AddRpcServer") {
if (!isLoggedIn()) {
$jsonData = array('success' => false, 'root' => array(), 'error' => array('title' => 'Login Required', 'reason' => 'You have to login for this operation.'));
} else {
if (defined("DEMO_MODE") && DEMO_MODE) {
$jsonData = array('success' => false, 'root' => array(), 'error' => array('title' => 'Demo Mode Enabled', 'reason' => 'Change is not allowed in demo mode!'));
} else {
if (empty($_POST['rpc_host']) || !isValidHost($_POST['rpc_host'])) {
$jsonData = array('success' => false, 'root' => array(), 'error' => array('title' => 'Unable to Add Server!', 'reason' => 'Invalid hostname or ipv4 address.'));
} else {
if (empty($_POST['rpc_port']) || intval($_POST['rpc_port']) < 1 || intval($_POST['rpc_port']) > 65535) {
$jsonData = array('success' => false, 'root' => array(), 'error' => array('title' => 'Unable to Add Server!', 'reason' => 'Invalid Port Number.'));
} else {
if (empty($_POST['rpc_user'])) {
$jsonData = array('success' => false, 'root' => array(), 'error' => array('title' => 'Unable to Add Server!', 'reason' => 'Invalid username.'));
} else {
if (empty($_POST['rpc_pass'])) {
$jsonData = array('success' => false, 'root' => array(), 'error' => array('title' => 'Unable to Add Server!', 'reason' => 'Invalid password.'));
} else {
if (!empty($_POST['rpc_ssl_enabled']) && !empty($_POST['rpc_ssl_options']) && in_array(8, $_POST['rpc_ssl_options']) && !is_readable($_POST['rpc_peer_cainfo_path'])) {
$jsonData = array('success' => false, 'root' => array(), 'error' => array('title' => 'Unable to Add Server!', 'reason' => 'unable to access local certificate.!'));
} else {
$RpcSrv = array('id' => '', 'host' => $_POST['rpc_host'], 'port' => intval($_POST['rpc_port']), 'useSSL' => 0, 'username' => $_POST['rpc_user'], 'password' => $_POST['rpc_pass'], 'created' => date("Y-m-d H:i:s"), 'title' => !empty($_POST['rpc_title']) ? $_POST['rpc_title'] : "Untitled", 'icon' => !empty($_POST['rpc_icon']) && file_exists(DIR_COIN_ICONS . $_POST['rpc_icon']) ? $_POST['rpc_icon'] : "default.png", 'ca_path' => '', 'backup_path' => !empty($_POST['rpc_backup_path']) ? $_POST['rpc_backup_path'] : "");