/**
* Start the Session on request
*
*/
public static function start()
{
//=====
//--
if (self::$started !== false) {
return;
// avoid start session if already started ...
}
//end if
self::$started = true;
// avoid run start again
//--
//=====
//--
$browser_os_ip_identification = SmartUtils::get_os_browser_ip();
// get browser and os identification
//--
if ((string) $browser_os_ip_identification['bw'] == '@s#' or (string) $browser_os_ip_identification['bw'] == 'bot') {
return;
// in this case start no session for robots or the self browser (as they do not need to share info between many visits) ; if the self browser fail to identify will be at least identified as robot in the worst case
}
//end if
//--
//=====
//-- no log as the cookies can be dissalowed by the browser
if ((string) SMART_APP_VISITOR_COOKIE == '') {
return;
// session need cookies
}
//end if
//--
//=====
//--
$sf_sess_mode = 'files';
$sf_sess_area = 'default-sess';
$sf_sess_ns = 'unknown';
$sf_sess_dir = 'tmp/sess';
//--
//=====
if (!defined('SMART_FRAMEWORK_SESSION_PREFIX')) {
Smart::log_warning('FATAL ERROR: Invalid Session Prefix :: SMART_FRAMEWORK_SESSION_PREFIX');
return;
}
//end if
if (strlen(SMART_FRAMEWORK_SESSION_PREFIX) < 3 or strlen(SMART_FRAMEWORK_SESSION_PREFIX) > 9) {
Smart::log_warning('WARNING: Session Prefix must have a length between 3 and 9 characters :: SMART_FRAMEWORK_SESSION_PREFIX');
return;
}
//end if
if (!preg_match('/^[a-z\\-]+$/', (string) SMART_FRAMEWORK_SESSION_PREFIX)) {
Smart::log_warning('WARNING: Session Prefix contains invalid characters :: SMART_FRAMEWORK_SESSION_PREFIX');
return;
}
//end if
//--
if (!defined('SMART_FRAMEWORK_SESSION_NAME')) {
Smart::log_warning('FATAL ERROR: Invalid Session Name :: SMART_FRAMEWORK_SESSION_NAME');
return;
}
//end if
if (strlen(SMART_FRAMEWORK_SESSION_NAME) < 10 or strlen(SMART_FRAMEWORK_SESSION_NAME) > 25) {
Smart::log_warning('WARNING: Session Name must have a length between 10 and 25 characters :: SMART_FRAMEWORK_SESSION_NAME');
return;
}
//end if
if (!preg_match('/^[_A-Za-z0-9]+$/', (string) SMART_FRAMEWORK_SESSION_NAME)) {
Smart::log_warning('WARNING: Session Name contains invalid characters :: SMART_FRAMEWORK_SESSION_NAME');
return;
}
//end if
if (!SmartFrameworkSecurity::ValidateVariableName(strtolower(SMART_FRAMEWORK_SESSION_NAME))) {
Smart::log_warning('WARNING: Session Name have an invalid value :: SMART_FRAMEWORK_SESSION_NAME');
return;
}
//end if
//--
if (!defined('SMART_FRAMEWORK_SESSION_LIFETIME')) {
Smart::log_warning('FATAL ERROR: Invalid Session GC Lifetime :: SMART_FRAMEWORK_SESSION_LIFETIME');
return;
}
//end if
if (!is_int(SMART_FRAMEWORK_SESSION_LIFETIME)) {
Smart::log_warning('Invalid INIT constant value for SMART_FRAMEWORK_SESSION_LIFETIME');
return;
}
//end if
//--
if (!is_dir('tmp/sessions/')) {
Smart::log_warning('FATAL ERROR: The Folder \'tmp/sessions/\' does not exists for use with Session !');
return;
}
//end if
//--
$detected_session_mode = (string) ini_get('session.save_handler');
if ((string) $detected_session_mode === 'files') {
if ((string) SMART_FRAMEWORK_SESSION_HANDLER !== 'files') {
Smart::log_warning('FATAL ERROR: The value set for SMART_FRAMEWORK_SESSION_HANDLER is not set to: files / but the value found in session.save_handler is: ' . $detected_session_mode);
return;
}
//end if
} elseif ((string) $detected_session_mode === 'user') {
if ((string) SMART_FRAMEWORK_SESSION_HANDLER === 'files') {
Smart::log_warning('FATAL ERROR: The value set for SMART_FRAMEWORK_SESSION_HANDLER is set to: files / but the value found in session.save_handler is: ' . $detected_session_mode);
return;
}
//end if
} else {
Smart::log_warning('FATAL ERROR: The value set for session.save_handler must be set to one of these modes: files or user');
return;
}
//end if
//--
//=====
//-- generate a the client private key based on it's IP and Browser
$the_sess_client_uuid = SmartUtils::unique_client_private_key();
// SHA512 key to protect session data agains forgers
//-- a very secure approach based on a chain, derived with a secret salt from the framework security key:
// (1) an almost unique client private key lock based on it's IP and Browser
// (2) an entropy derived from the client random cookie combined with the (1)
// (3) a unique session name suffix derived from (1) and (2)
// (4) a unique session id composed from (1) and (2)
//-- thus the correlation between the random public client cookie, the session name suffix and the session id makes impossible to forge it as it locks to IP+Browser, using a public entropy cookie all encrypted with a secret key and derived and related, finally composed.
$the_sess_client_lock = SmartHashCrypto::sha1(SMART_FRAMEWORK_SECURITY_KEY . '#' . $the_sess_client_uuid);
$the_sess_client_entropy = SmartHashCrypto::sha1(SMART_APP_VISITOR_COOKIE . '*' . $the_sess_client_uuid . '%' . SMART_FRAMEWORK_SECURITY_KEY);
$the_sess_nsuffix = SmartHashCrypto::sha1($the_sess_client_uuid . ':' . SMART_FRAMEWORK_SECURITY_KEY . '^' . $the_sess_client_entropy . '+' . $the_sess_client_lock . '$' . SMART_APP_VISITOR_COOKIE);
$the_sess_id = $the_sess_client_entropy . '-' . $the_sess_client_lock;
// session ID combines the secret client key based on it's IP / Browser and the Client Entropy Cookie
//--
$sf_sess_area = Smart::safe_filename((string) SMART_FRAMEWORK_SESSION_PREFIX);
$sf_sess_dpfx = substr($the_sess_client_entropy, 0, 1) . '-' . substr($the_sess_client_lock, 0, 1);
// this come from hexa so 3 chars are 16x16x16=4096 dirs
//--
if ((string) $browser_os_ip_identification['bw'] == '@s#') {
$sf_sess_ns = '@sr-' . $sf_sess_dpfx;
} elseif ((string) $browser_os_ip_identification['bw'] == 'bot') {
$sf_sess_ns = 'r0-' . $sf_sess_dpfx;
// we just need a short prefix for robots (on disk is costly for GC to keep separate folders, but of course, not so safe)
} else {
$sf_sess_ns = 'c-' . substr($browser_os_ip_identification['bw'], 0, 3) . '-' . $sf_sess_dpfx;
// we just need a short prefix for clients (on disk is costly for GC to keep separate folders, but of course, not so safe)
}
//end if else
$sf_sess_ns = Smart::safe_filename($sf_sess_ns);
//-- by default set for files
$sf_sess_mode = 'files';
$sf_sess_dir = 'tmp/sessions/' . $sf_sess_area . '/' . $sf_sess_ns . '/';
if ((string) $detected_session_mode === 'user') {
if (class_exists('SmartCustomSession')) {
if ((string) get_parent_class('SmartCustomSession') == 'SmartAbstractCustomSession') {
$sf_sess_mode = 'user-custom';
$sf_sess_dir = 'tmp/sessions/' . $sf_sess_area . '/';
// here the NS is saved in DB so we do not need to complicate paths
} else {
Smart::log_warning('SESSION INIT ERROR: Invalid Custom Session Handler. The class SmartCustomSession must be extended from class SmartAbstractCustomSession ...');
return;
}
//end if else
} else {
Smart::log_warning('SESSION INIT ERROR: Custom Session Handler requires the class SmartCustomSession ...');
return;
}
//end if
}
//end if
$sf_sess_dir = Smart::safe_pathname($sf_sess_dir);
//--
if (!is_dir($sf_sess_dir)) {
SmartFileSystem::dir_recursive_create($sf_sess_dir);
}
//end if
SmartFileSystem::write_if_not_exists('tmp/sessions/' . $sf_sess_area . '/' . 'index.html', '');
//=====
//--
@session_save_path($sf_sess_dir);
@session_cache_limiter('nocache');
//--
$the_name_of_session = (string) SMART_FRAMEWORK_SESSION_NAME . '__Key_' . $the_sess_nsuffix;
// protect session name data agains forgers
//--
@session_id((string) $the_sess_id);
@session_name((string) $the_name_of_session);
//--
$tmp_exp_seconds = Smart::format_number_int(SMART_FRAMEWORK_SESSION_LIFETIME, '+');
if ($tmp_exp_seconds > 0) {
@session_set_cookie_params((int) $tmp_exp_seconds, '/');
// session cookie expire and the path
}
// end if
//-- be sure that session_write_close() is executed at the end of script if script if die('') premature and before pgsql shutdown register in the case of DB sessions
register_shutdown_function('session_write_close');
//-- handle custom session handler
if ((string) $sf_sess_mode === 'user-custom') {
//--
$sess_obj = new SmartCustomSession();
$sess_obj->sess_area = (string) $sf_sess_area;
$sess_obj->sess_ns = (string) $sf_sess_ns;
$sess_obj->sess_expire = (int) $tmp_exp_seconds;
//--
session_set_save_handler(array($sess_obj, 'open'), array($sess_obj, 'close'), array($sess_obj, 'read'), array($sess_obj, 'write'), array($sess_obj, 'destroy'), array($sess_obj, 'gc'));
//--
}
//end if else
//-- start session
@session_start();
//--
if ((string) $_SESSION['SoftwareFramework_VERSION'] != (string) SMART_FRAMEWORK_VERSION or (string) $_SESSION['website_ID'] != (string) SMART_SOFTWARE_NAMESPACE or strlen($_SESSION['session_ID']) < 32) {
//--
$_SESSION['SoftwareFramework_VERSION'] = (string) SMART_FRAMEWORK_VERSION;
// software version
$_SESSION['SoftwareFramework_SessionMode'] = (string) $sf_sess_mode;
// session mode
$_SESSION['website_ID'] = (string) SMART_SOFTWARE_NAMESPACE;
// the website ID
$_SESSION['uniqbrowser_ID'] = (string) $the_sess_client_uuid;
// a true unique browser ID (this is a protection against sessionID forgers)
$_SESSION['session_ID'] = (string) @session_id();
// read current session ID
$_SESSION['session_STARTED'] = (string) date('Y-m-d H:i:s O');
// read current session ID
//--
}
//end if
//--
if (!isset($_SESSION['visit_COUNTER'])) {
$_SESSION['visit_COUNTER'] = 1;
} else {
$_SESSION['visit_COUNTER'] += 1;
}
//end if else
//--
$_SESSION['SmartFramework__Browser__Identification__Data'] = (array) $browser_os_ip_identification;
//--
if ((string) $_SESSION['uniqbrowser_ID'] != (string) $the_sess_client_uuid) {
// we need at least a md5 session
//-- log, then unset old session (these are not well tested ...)
Smart::log_notice('Session Security Breakpoint :: Session-BrowserUniqueID = ' . $_SESSION['uniqbrowser_ID'] . "\n" . 'SessionSecurityUniqueID = ' . $the_sess_client_uuid . "\n" . 'Browser Ident = ' . $browser_os_ip_identification['bw'] . "\n" . 'Cookies = ' . print_r($_COOKIE, 1) . "\n" . 'SessID = ' . $_SESSION['session_ID'] . "\n" . 'ClientIP = ' . SmartUtils::get_ip_client() . ' @ ' . $_SERVER['REMOTE_ADDR'] . "\n" . 'UserAgent = ' . $_SERVER['HTTP_USER_AGENT']);
$_SESSION = array();
// reset it
//-- unset the cookie (from this below is tested)
@setcookie($the_name_of_session, 'EXPIRED', 1, '/');
//-- stop execution with message
Smart::raise_error('SESSION // SECURITY BREAK POINT: Possible Session Forgery Detected ...', 'SESSION // SECURITY BREAK POINT: Possible Session Forgery Detected ! Please refresh the page ... A new session will be assigned ! If you are not trying to forge another user\' session this situation can occur also if you are behind a proxy and some of your navigation parameters has been changed ! If this problem persist try to restart your browser or use other browser. If still persist, contact the website administrator');
die('');
// just in case
return;
// or is better to silent discard it ?
//--
}
//end if
//--
self::$active = time();
// successfuly started
//--
}
public static function SetVisitorEntropyIDCookie()
{
//--
if (!defined('SMART_FRAMEWORK_VERSION')) {
die('Smart Runtime // Set Visitor Entropy ID Cookie :: Requires SmartFramework to be loaded ...');
}
//end if
//--
if (defined('SMART_APP_VISITOR_COOKIE')) {
die('SetVisitorEntropyIDCookie :: SMART_APP_VISITOR_COOKIE must not be re-defined ...');
}
//end if
//--
$cookie = '';
//-- {{{SYNC-SMART-UNIQUE-COOKIE}}}
if (defined('SMART_FRAMEWORK_UNIQUE_ID_COOKIE_NAME') and !defined('SMART_FRAMEWORK_UNIQUE_ID_COOKIE_SKIP')) {
if ((string) SMART_FRAMEWORK_UNIQUE_ID_COOKIE_NAME != '') {
if (SmartFrameworkSecurity::ValidateVariableName(strtolower((string) SMART_FRAMEWORK_UNIQUE_ID_COOKIE_NAME))) {
//--
$cookie = (string) trim(strtolower(SmartFrameworkSecurity::FilterUnsafeString((string) $_COOKIE[(string) SMART_FRAMEWORK_UNIQUE_ID_COOKIE_NAME])));
if ((string) $cookie == '' or strlen((string) $cookie) != 40 or !preg_match('/^[a-f0-9]+$/', (string) $cookie)) {
$entropy = (string) sha1((string) Smart::unique_entropy('uuid-cookie'));
// generate a random unique key ; cookie was not yet set or is invalid
if (defined('SMART_FRAMEWORK_UNIQUE_ID_COOKIE_DOMAIN') and (string) SMART_FRAMEWORK_UNIQUE_ID_COOKIE_DOMAIN != '') {
@setcookie((string) SMART_FRAMEWORK_UNIQUE_ID_COOKIE_NAME, (string) $entropy, 0, '/', (string) SMART_FRAMEWORK_UNIQUE_ID_COOKIE_DOMAIN);
// set it using domain
} else {
@setcookie((string) SMART_FRAMEWORK_UNIQUE_ID_COOKIE_NAME, (string) $entropy, 0, '/');
// set it
}
//end if else
$cookie = (string) $entropy;
}
//end if
//--
}
//end if
}
//end if
}
//end if
//-- #end# sync
define('SMART_APP_VISITOR_COOKIE', (string) $cookie);
// empty or cookie ID
//--
}
/**
* Load a File or an URL
* it may use 3 methods: FileRead, CURL or HTTP-Browser class
*
* @param STRING $y_url_or_path :: /path/to/file | http(s)://some.url:port/path (port is optional)
* @param NUMBER $y_timeout :: timeout in seconds
* @param ENUM $y_method :: used only for URLs, the browsing method: GET | POST
* @param ENUM $y_ssl_method :: SSL Mode: tls | sslv3 | sslv2 | ssl
* @param STRING $y_auth_name :: used only for URLs, the auth user name
* @param STRING $y_auth_pass :: used only for URLs, the auth password
* @param YES/NO y_allow_set_credentials :: DEFAULT MUST BE set to NO ; if YES must be set just for internal URLs ; if the $y_url_or_path to get is detected to be under current URL will send also the Unique / session IDs ; more if detected that is from admin.php and if this is set to YES will send the HTTP-BASIC Auth credentials if detected (using YES with other URLs than SmartFramework's current URL can be a serious SECURITY ISSUE, so don't !)
*/
public static function load_url_or_file($y_url_or_path, $y_timeout = 30, $y_method = 'GET', $y_ssl_method = '', $y_auth_name = '', $y_auth_pass = '', $y_allow_set_credentials = 'no')
{
//-- v.2016-01-15
// fixed sessionID with new Dynamic generated
// TODO: use the CURL to browse also FTP and SSH ...
//--
$y_url_or_path = (string) $y_url_or_path;
//--
if ((string) $y_url_or_path == '') {
//--
return array('log' => 'ERROR: FILE Name is Empty ...', 'mode' => 'file', 'result' => '0', 'code' => '400', 'headers' => '', 'content' => '', 'debuglog' => '');
//--
}
//end if
//-- detect if file or url
if (substr($y_url_or_path, 0, 7) == 'http://' or substr($y_url_or_path, 0, 8) == 'https://') {
$is_file = 0;
// it is a url
} else {
$is_file = 1;
// it is a file
}
//end if
//--
if ($is_file == 1) {
//--
$y_url_or_path = trim($y_url_or_path);
//-- try to detect if data:image/ :: {{{SYNC-DATA-IMAGE}}}
if (strtolower(substr($y_url_or_path, 0, 11)) == 'data:image/' and stripos($y_url_or_path, ';base64,') !== false) {
//--
$eimg = explode(';base64,', $y_url_or_path);
//--
return array('log' => 'OK ? Not sure, decoded from embedded b64 image: ', 'mode' => 'embedded', 'result' => '1', 'code' => '200', 'headers' => SmartUnicode::sub_str($y_url_or_path, 0, 50) . '...', 'content' => @base64_decode(trim($eimg[1])), 'debuglog' => '');
//--
} elseif (is_file($y_url_or_path)) {
//--
return array('log' => 'OK: FILE Exists', 'mode' => 'file', 'result' => '1', 'code' => '200', 'headers' => 'Content-Disposition: inline; filename="' . basename($y_url_or_path) . '"' . "\n", 'content' => SmartFileSystem::read($y_url_or_path), 'debuglog' => '');
//--
} else {
//--
return array('log' => 'ERROR: FILE Not Found or Invalid Data ...', 'mode' => 'file', 'result' => '0', 'code' => '404', 'headers' => '', 'content' => '', 'debuglog' => '');
//--
}
//end if else
//--
} else {
//--
if ((string) $y_ssl_method == '') {
if (defined('SMART_FRAMEWORK_SSL_MODE')) {
$y_ssl_method = (string) SMART_FRAMEWORK_SSL_MODE;
} else {
Smart::log_notice('NOTICE: LibUtils/Load-URL-or-File // The SSL Method not defined and SMART_FRAMEWORK_SSL_MODE was not defined. Using the `tls` as default ...');
$y_ssl_method = 'tls';
}
//end if else
}
//end if
//--
$browser = new SmartHttpClient();
//--
$y_timeout = Smart::format_number_int($y_timeout, '+');
if ($y_timeout <= 0) {
$y_timeout = 30;
// default value
}
//end if
$browser->connect_timeout = (int) $y_timeout;
//--
if ((string) SMART_FRAMEWORK_DEBUG_MODE == 'yes') {
$browser->debug = 1;
}
//end if
//--
if ((string) self::get_server_current_protocol() == 'https://') {
$tmp_current_protocol = 'https://';
} else {
$tmp_current_protocol = 'http://';
}
//end if else
//--
$tmp_current_server = self::get_server_current_domain_name();
$tmp_current_port = self::get_server_current_port();
//--
$tmp_current_path = self::get_server_current_request_uri();
$tmp_current_script = self::get_server_current_full_script();
//--
$tmp_test_url_arr = Smart::separe_url_parts($y_url_or_path);
$tmp_test_browser_id = self::get_os_browser_ip();
//--
$tmp_extra_log = '';
if ((string) SMART_FRAMEWORK_DEBUG_MODE == 'yes') {
$tmp_extra_log .= "\n" . '===== # =====' . "\n";
}
//end if
//--
$cookies = array();
$auth_name = (string) $y_auth_name;
$auth_pass = (string) $y_auth_pass;
//--
if ((string) $y_allow_set_credentials == 'yes') {
//--
if ((string) SMART_FRAMEWORK_DEBUG_MODE == 'yes') {
$tmp_extra_log .= '[EXTRA]: I will try to detect if this is my current Domain and I will check if it is safe to send my sessionID COOKIE and my Auth CREDENTIALS ...' . "\n";
}
//end if
//--
if ((string) $tmp_current_protocol == (string) $tmp_test_url_arr['protocol'] and (string) $tmp_current_server == (string) $tmp_test_url_arr['server'] and (string) $tmp_current_port == (string) $tmp_test_url_arr['port']) {
//--
if ((string) SMART_FRAMEWORK_DEBUG_MODE == 'yes') {
$tmp_extra_log .= '[EXTRA]: OK, Seems that the browsed Domain is identical with my current Domain which is: ' . $tmp_current_protocol . $tmp_current_server . ':' . $tmp_current_port . ' and the browsed one is: ' . $tmp_test_url_arr['protocol'] . $tmp_test_url_arr['server'] . ':' . $tmp_test_url_arr['port'] . "\n";
$tmp_extra_log .= '[EXTRA]: I will also check if my current script and path are identical with the browsed ones ...' . "\n";
}
//end if
//--
if ((string) $tmp_current_script == (string) $tmp_test_url_arr['scriptname'] and substr($tmp_current_path, 0, strlen($tmp_current_script)) == (string) $tmp_test_url_arr['scriptname']) {
//--
if ((string) SMART_FRAMEWORK_DEBUG_MODE == 'yes') {
$tmp_extra_log .= '[EXTRA]: OK, Seems that the current script is identical with the browsed one :: ' . 'Current Path is: \'' . $tmp_current_script . '\' / Browsed Path is: \'' . $tmp_test_url_arr['scriptname'] . '\' !' . "\n";
$tmp_extra_log .= '[EXTRA]: I will check if I have to send my SessionID so I will check the browserID ...' . "\n";
}
//end if
//--
$browser->useragent = (string) self::get_selfrobot_useragent_name();
// this must be set just when detected the same path and script ; it is a requirement to detect it as the self-robot [ @s# ] in order to send the credentials or the current
//-- {{{SYNC-SMART-UNIQUE-COOKIE}}}
if (defined('SMART_FRAMEWORK_UNIQUE_ID_COOKIE_NAME') and !defined('SMART_FRAMEWORK_UNIQUE_ID_COOKIE_SKIP')) {
if ((string) SMART_FRAMEWORK_UNIQUE_ID_COOKIE_NAME != '') {
if (SmartFrameworkSecurity::ValidateVariableName(strtolower((string) SMART_FRAMEWORK_UNIQUE_ID_COOKIE_NAME))) {
//--
if ((string) SMART_APP_VISITOR_COOKIE != '') {
// if set, then forward
if ((string) SMART_FRAMEWORK_DEBUG_MODE == 'yes') {
$tmp_extra_log .= '[EXTRA]: OK, I will send my current Visitor Unique Cookie ID as it is set and not empty ...' . "\n";
}
//end if
$cookies[(string) SMART_FRAMEWORK_UNIQUE_ID_COOKIE_NAME] = (string) SMART_APP_VISITOR_COOKIE;
// this is a requirement
}
//end if
//--
}
//end if
}
//end if
}
//end if
//-- #end# sync
if ((string) SmartAuth::get_login_method() == 'HTTP-BASIC' and (string) $auth_name == '' and (string) $auth_pass == '' and strpos($tmp_current_script, '/admin.php') !== false and strpos($tmp_test_url_arr['scriptname'], '/admin.php') !== false) {
//--
if ((string) SMART_FRAMEWORK_DEBUG_MODE == 'yes') {
$tmp_extra_log .= '[EXTRA]: HTTP-BASIC Auth method detected / Allowed to pass the Credentials - as the browsed URL belongs to this ADMIN Server as I run, the Auth credentials are set but passed as empty - everything seems to be safe I will send my credentials: USERNAME = \'' . SmartAuth::get_login_id() . '\' ; PASS = *****' . "\n";
}
//end if
//--
$auth_name = (string) SmartAuth::get_login_id();
$auth_pass = (string) SmartAuth::get_login_password();
//--
}
//end if
//--
} else {
//--
if ((string) SMART_FRAMEWORK_DEBUG_MODE == 'yes') {
$tmp_extra_log .= '[EXTRA]: Seems that the scripts are NOT identical :: ' . 'Current Script is: \'' . $tmp_current_script . '\' / Browsed Script is: \'' . $tmp_test_url_arr['scriptname'] . '\' !' . "\n";
$tmp_extra_log .= '[EXTRA]: This is the diff for having a comparation: ' . substr($tmp_current_path, 0, strlen($tmp_current_script)) . "\n";
}
//end if
//--
}
//end if
//--
}
//end if
//--
}
//end if
//--
$browser->cookies = (array) $cookies;
//--
$data = (array) $browser->browse_url($y_url_or_path, $y_method, $y_ssl_method, $auth_name, $auth_pass);
// do browse
//--
return array('log' => (string) $data['log'] . $tmp_extra_log, 'mode' => (string) $data['mode'], 'result' => (string) $data['result'], 'code' => (string) $data['code'], 'headers' => (string) $data['headers'], 'content' => (string) $data['content'], 'debuglog' => (string) $data['debuglog']);
//--
}
//end if else
//--
}