Example #1
0
// ############################################################################
$url = isset($_GET['url']) ? urldecode($_GET['url']) : false;
//Replace white spaces with compliant %20
$url = str_replace(" ", "%20", $url);
$header = '';
if (!$url) {
    // Passed url not specified.
    $contents = 'ERROR: url not specified';
    $status = array('http_code' => 'ERROR');
} else {
    if (!preg_match($valid_url_regex, $url)) {
        // Passed url doesn't match $valid_url_regex.
        $contents = 'ERROR: invalid url';
        $status = array('http_code' => 'ERROR');
    } else {
        if (!isValidHost($url)) {
            // URL host is not whitelisted
            $contents = 'ERROR: URL not in Kaltura domain whitelist [DENIED]';
            $status = array('http_code' => 'ERROR');
        } else {
            $ch = curl_init($url);
            // Always follow redirects:
            curl_setopt($ch, CURLOPT_AUTOREFERER, true);
            // Add a total curl execute timeout of 10 seconds:
            curl_setopt($ch, CURLOPT_TIMEOUT, 10);
            if (strtolower($_SERVER['REQUEST_METHOD']) == 'post') {
                curl_setopt($ch, CURLOPT_POST, true);
                curl_setopt($ch, CURLOPT_POSTFIELDS, $_POST);
            }
            if (isset($_GET['send_cookies']) || $proxyCookies) {
                $cookie = array();
Example #2
0
                            }
                        }
                    }
                }
            }
        }
    }
} else {
    if ($currentAction == "AddRpcServer") {
        if (!isLoggedIn()) {
            $jsonData = array('success' => false, 'root' => array(), 'error' => array('title' => 'Login Required', 'reason' => 'You have to login for this operation.'));
        } else {
            if (defined("DEMO_MODE") && DEMO_MODE) {
                $jsonData = array('success' => false, 'root' => array(), 'error' => array('title' => 'Demo Mode Enabled', 'reason' => 'Change is not allowed in demo mode!'));
            } else {
                if (empty($_POST['rpc_host']) || !isValidHost($_POST['rpc_host'])) {
                    $jsonData = array('success' => false, 'root' => array(), 'error' => array('title' => 'Unable to Add Server!', 'reason' => 'Invalid hostname or ipv4 address.'));
                } else {
                    if (empty($_POST['rpc_port']) || intval($_POST['rpc_port']) < 1 || intval($_POST['rpc_port']) > 65535) {
                        $jsonData = array('success' => false, 'root' => array(), 'error' => array('title' => 'Unable to Add Server!', 'reason' => 'Invalid Port Number.'));
                    } else {
                        if (empty($_POST['rpc_user'])) {
                            $jsonData = array('success' => false, 'root' => array(), 'error' => array('title' => 'Unable to Add Server!', 'reason' => 'Invalid username.'));
                        } else {
                            if (empty($_POST['rpc_pass'])) {
                                $jsonData = array('success' => false, 'root' => array(), 'error' => array('title' => 'Unable to Add Server!', 'reason' => 'Invalid password.'));
                            } else {
                                if (!empty($_POST['rpc_ssl_enabled']) && !empty($_POST['rpc_ssl_options']) && in_array(8, $_POST['rpc_ssl_options']) && !is_readable($_POST['rpc_peer_cainfo_path'])) {
                                    $jsonData = array('success' => false, 'root' => array(), 'error' => array('title' => 'Unable to Add Server!', 'reason' => 'unable to access local certificate.!'));
                                } else {
                                    $RpcSrv = array('id' => '', 'host' => $_POST['rpc_host'], 'port' => intval($_POST['rpc_port']), 'useSSL' => 0, 'username' => $_POST['rpc_user'], 'password' => $_POST['rpc_pass'], 'created' => date("Y-m-d H:i:s"), 'title' => !empty($_POST['rpc_title']) ? $_POST['rpc_title'] : "Untitled", 'icon' => !empty($_POST['rpc_icon']) && file_exists(DIR_COIN_ICONS . $_POST['rpc_icon']) ? $_POST['rpc_icon'] : "default.png", 'ca_path' => '', 'backup_path' => !empty($_POST['rpc_backup_path']) ? $_POST['rpc_backup_path'] : "");