* for the current domain. * * Cookie storage methods: * (1) Server-side - cookies stored server-side and handled * (mostly) internally by cURL * (2) Encoded - cookies forwarded to client but encoded * (3) Normal - cookies forwarded without encoding ******************************************************************/ # Are cookies allowed? if ($options['allowCookies']) { # Option (1): cookies stored server-side if ($CONFIG['cookies_on_server']) { # Check cookie folder exists or try to create it if ($s = checkTmpDir($CONFIG['cookies_folder'], 'Deny from all')) { # Set cURL to use this as the cookie jar $toSet[CURLOPT_COOKIEFILE] = $toSet[CURLOPT_COOKIEJAR] = $CONFIG['cookies_folder'] . glype_session_id(); } } else { if (isset($_COOKIE[COOKIE_PREFIX])) { # Encoded or unencoded? if ($CONFIG['encode_cookies']) { # Option (2): encoded cookies stored client-side foreach ($_COOKIE[COOKIE_PREFIX] as $attributes => $value) { # Decode cookie to [domain,path,name] $attributes = explode(' ', base64_decode($attributes)); # Check successful decoding and skip if failed if (!isset($attributes[2])) { continue; } # Extract parts list($domain, $path, $name) = $attributes;
break; /***************************************************************** * Delete individual proxy cookies ******************************************************************/ /***************************************************************** * Delete individual proxy cookies ******************************************************************/ case 'cookies': # Check we have some to delete if (empty($_POST['delete']) || !is_array($_POST['delete'])) { redirect('cookies.php'); } # Go through all submitted cookies and delete them. if ($CONFIG['cookies_on_server']) { # Server-side storage. Look for cookie file. if (file_exists($cookieFile = $CONFIG['cookies_folder'] . glype_session_id()) && ($file = file($cookieFile))) { # Loop through lines, looking for cookies to delete foreach ($file as $id => $line) { # Ignore comment lines if (!isset($line[0]) || $line[0] == '#') { continue; } # Split by tab $details = explode("\t", $line); # Check valid split, expecting 7 items if (count($details) != 7) { continue; } # Create string formatted in same way as our input $cookie = $details[0] . '|' . $details[2] . '|' . $details[5]; # Are we deleting this?
if (!defined('MULTIGLYPE') && file_exists($tmp = GLYPE_ROOT . '/themes/' . $CONFIG['theme'] . '/config.php')) { # Load it include $tmp; } /***************************************************************** * Start session ******************************************************************/ # Set name to the configured value - change if running multiple proxies in same # folder and experiencing session conflicts. session_name('s'); # Allow caching. We don't want PHP to send any cache-related headers automatically # (and by default it tries to stop all caching). Using this limiter sends the fewest # headers, which we override later. session_cache_limiter('private_no_expire'); # Don't call _start() if session.auto_start = 1 if (glype_session_id() == '') { session_start(); } /***************************************************************** * Check IP bans ******************************************************************/ # Only check once per session or if the IP address changes if (empty($_SESSION['ip_verified']) || $_SESSION['ip_verified'] != $_SERVER['REMOTE_ADDR']) { if (!$CONFIG['enable_blockscript']) { # Current IP matches a banned IP? true/false $banned = false; # Examine all IP bans foreach ($CONFIG['ip_bans'] as $ip) { # Is this a range or single? if (($pos = strspn($ip, '0123456789.')) == strlen($ip)) { # Just a single IP so check for a match