* for the current domain.
*
* Cookie storage methods:
* (1) Server-side - cookies stored server-side and handled
* (mostly) internally by cURL
* (2) Encoded - cookies forwarded to client but encoded
* (3) Normal - cookies forwarded without encoding
******************************************************************/
# Are cookies allowed?
if ($options['allowCookies']) {
# Option (1): cookies stored server-side
if ($CONFIG['cookies_on_server']) {
# Check cookie folder exists or try to create it
if ($s = checkTmpDir($CONFIG['cookies_folder'], 'Deny from all')) {
# Set cURL to use this as the cookie jar
$toSet[CURLOPT_COOKIEFILE] = $toSet[CURLOPT_COOKIEJAR] = $CONFIG['cookies_folder'] . glype_session_id();
}
} else {
if (isset($_COOKIE[COOKIE_PREFIX])) {
# Encoded or unencoded?
if ($CONFIG['encode_cookies']) {
# Option (2): encoded cookies stored client-side
foreach ($_COOKIE[COOKIE_PREFIX] as $attributes => $value) {
# Decode cookie to [domain,path,name]
$attributes = explode(' ', base64_decode($attributes));
# Check successful decoding and skip if failed
if (!isset($attributes[2])) {
continue;
}
# Extract parts
list($domain, $path, $name) = $attributes;
break;
/*****************************************************************
* Delete individual proxy cookies
******************************************************************/
/*****************************************************************
* Delete individual proxy cookies
******************************************************************/
case 'cookies':
# Check we have some to delete
if (empty($_POST['delete']) || !is_array($_POST['delete'])) {
redirect('cookies.php');
}
# Go through all submitted cookies and delete them.
if ($CONFIG['cookies_on_server']) {
# Server-side storage. Look for cookie file.
if (file_exists($cookieFile = $CONFIG['cookies_folder'] . glype_session_id()) && ($file = file($cookieFile))) {
# Loop through lines, looking for cookies to delete
foreach ($file as $id => $line) {
# Ignore comment lines
if (!isset($line[0]) || $line[0] == '#') {
continue;
}
# Split by tab
$details = explode("\t", $line);
# Check valid split, expecting 7 items
if (count($details) != 7) {
continue;
}
# Create string formatted in same way as our input
$cookie = $details[0] . '|' . $details[2] . '|' . $details[5];
# Are we deleting this?
if (!defined('MULTIGLYPE') && file_exists($tmp = GLYPE_ROOT . '/themes/' . $CONFIG['theme'] . '/config.php')) {
# Load it
include $tmp;
}
/*****************************************************************
* Start session
******************************************************************/
# Set name to the configured value - change if running multiple proxies in same
# folder and experiencing session conflicts.
session_name('s');
# Allow caching. We don't want PHP to send any cache-related headers automatically
# (and by default it tries to stop all caching). Using this limiter sends the fewest
# headers, which we override later.
session_cache_limiter('private_no_expire');
# Don't call _start() if session.auto_start = 1
if (glype_session_id() == '') {
session_start();
}
/*****************************************************************
* Check IP bans
******************************************************************/
# Only check once per session or if the IP address changes
if (empty($_SESSION['ip_verified']) || $_SESSION['ip_verified'] != $_SERVER['REMOTE_ADDR']) {
if (!$CONFIG['enable_blockscript']) {
# Current IP matches a banned IP? true/false
$banned = false;
# Examine all IP bans
foreach ($CONFIG['ip_bans'] as $ip) {
# Is this a range or single?
if (($pos = strspn($ip, '0123456789.')) == strlen($ip)) {
# Just a single IP so check for a match
