function ServeRemoteContent($strServerRelativeUrl, $strLocalActionProxyUrl = false, $intCacheResultForSeconds = false) { // ** Security checks if (strlen($strServerRelativeUrl) <= 0) { // No url return false; } if ($strServerRelativeUrl[0] != "/") { // starting / $strServerRelativeUrl = "/" . $strServerRelativeUrl; } // ** Init if ($strLocalActionProxyUrl === false) { $strLocalActionProxyUrl = CrankyAdsHelper::GetFullRequestUri("serverurl"); } /* The following code transparently handles redirects. The replacement code further below simply passes these to the original requester // ** Get the content // Note: // We manually handle redirects here so we can capture and send on all the Set-Cookie headers // This means we also need to manage the raw Cookie string between redirects $cookies = isset($_SERVER["HTTP_COOKIE"]) ? $_SERVER["HTTP_COOKIE"] : false; $targetUrl = $strServerRelativeUrl; $intMaxRedirects = 3; while ( $intMaxRedirects >=0 ) { // * Build the Cookies header if($cookies === false) $headers = false; else $headers = array("Cookie" =>$cookies); // * Get the response (without auto-redirects) $httpResponse = $this->Proxy->GetRemoteContent($targetUrl,true,true,$intCacheResultForSeconds,0,false,true,$headers,CrankyAdsCacheBehaviourFlags::DoNotCacheHtml | CrankyAdsCacheBehaviourFlags::UseTimedOutCacheAsFallbackOnServerError | CrankyAdsCacheBehaviourFlags::ReplaceContentUrlPlaceholdersOnServerResponse, false, "content"); // * Response received if($httpResponse !== false) { // Redirect if($httpResponse->hLocation !== false && ($httpResponse->HttpResponseCode === 301 || $httpResponse->HttpResponseCode === 302 ) ) { $targetUrl = $httpResponse->hLocation; // Update the target Url $httpResponse->CopySetCookieHeadersToResponse(); // Send on all the Set-Cookie headers from this response (if any) $cookies = $httpResponse->AppendSetCookieHeadersToCookieString($cookies); // Maintain the set of cookies sent to the server for the next request } // Done else { break; } } // * No Response else { break; } // * Try again? $intMaxRedirects--; } */ // ** Get the content $httpResponse = $this->Proxy->GetRemoteContent($strServerRelativeUrl, true, true, $intCacheResultForSeconds, 0, true, true, false, CrankyAdsCacheBehaviourFlags::DoNotCacheHtml | CrankyAdsCacheBehaviourFlags::UseTimedOutCacheAsFallbackOnServerError | CrankyAdsCacheBehaviourFlags::ReplaceContentUrlPlaceholdersOnServerResponse, false, "content"); // ** Serve the content // Success if ($httpResponse !== false && $httpResponse->HttpResponseCode === 200) { $httpResponse->ReplaceAllContentPlaceholders($strLocalActionProxyUrl); $httpResponse->CopyToResponse(true, false); // Note: No real need NOT to copy the result code, I'm just making a point that 200 is the default result return true; } else { if ($httpResponse !== false && $httpResponse->HttpResponseCode === 304) { $httpResponse->CopyToResponse(true, true); return true; } else { if ($httpResponse !== false && $httpResponse->hLocation !== false && ($httpResponse->HttpResponseCode === 301 || $httpResponse->HttpResponseCode === 302)) { // Build the re-direction url $redirectTo = $strLocalActionProxyUrl; if (strpos($redirectTo, "?") === false) { $redirectTo .= "?"; } else { $redirectTo .= "&"; } $redirectTo .= "serverurl=" . urlencode($httpResponse->hLocation); // Copy the result to the output $httpResponse->ReplaceAllContentPlaceholders($strLocalActionProxyUrl); header("Location: " . $redirectTo, true, $httpResponse->HttpResponseCode); $httpResponse->CopyToResponse(true, false); return true; } else { if (CRANKY_ADS_DEBUG) { if ($httpResponse !== false) { echo "<div><h2>DEBUG:ContentController.ServeRemoteContent(..)</h2><br/>Error occurred - Http Response code is unexpected (" . $httpResponse->HttpResponseCode . ");<br/><br/><b>Content:</b><br/>" . $httpResponse->Content . "</div>"; } else { echo "<div><h2>DEBUG:ContentController.ServeRemoteContent(..)</h2><br/>Error occurred - Http Response is empty</div>"; } return false; } else { return false; } } } } }
function ReplaceActionUrlPlaceholders($strLocalActionProxyUrl = false) { // Insert the current Url if ($strLocalActionProxyUrl === false) { $strLocalActionProxyUrl = CrankyAdsHelper::GetFullRequestUri("serverurl"); } $this->ReplaceUrlPlaceholder($this->CA_SERVER_ACTION_URL_PLACEHOLDER, $strLocalActionProxyUrl); }
function ServeRemoteContent() { // ** Serve the content $serverUrl = $_GET["serverurl"]; if (isset($serverUrl)) { // Don't let anyone mess with our output $errorReportingSave = error_reporting(0); if (CRANKY_ADS_DISABLE_ERROR_SUPPRESSION) { error_reporting($errorReportingSave); } // Note: // . For security reasons this page will serve content from the server /Content directory or /Plugin directory ONLY where content has been marked as public. // |-> We don't want users accessing plugin settings without being admins // |-> We don't want malicious users using this page as a proxy to hit just any page on the server (and slowing down this blog) // |-> We can't limit this call to admins only because this page needs to serve images and other content to users of the blog. if (!$this->ContentController->ServeRemoteContent($serverUrl, CrankyAdsHelper::GetFullRequestUri("serverurl"), 0)) { echo "Error contacting the server"; // <- Serving at least something tends to keep colorbox happy } error_reporting($errorReportingSave); } else { echo "Invalid URL"; } die; // We've completed successfully so Wordpress shouldn't output anything else }