function buildGetRequest($uri, $level) { global $myproxy, $dataarray; $uri = urldecode($uri); $xp = str_replace("/", "\\/", $myproxy); if (preg_match("/(.*?)(({$xp}\\?)?)" . URLNAMEENC . "=(F?)(.*?)" . URLDELIMITER . "(.*)/ms", $uri, $matches)) { $body = safeBase64_decode($matches[5]); $url = ""; if (($p1 = strpos($body, INFODELIMITER)) > 1) { $url = substr($body, 0, $p1); $body = substr($body, $p1 + strlen(INFODELIMITER)); $dataarray = rawdecode($dataarray, $body); } else { $url = $body; } if ($matches[4] == "F") { $url = $matchs[1] . $url . "?" . $matches[6]; } else { $url = $matches[1] . $url . $matches[6]; } //echo "e:$url\n"; return buildGetRequest($url, ++$level); } else { if ($level == 0) { return ""; } else { return replaceFunnyChars($uri); } } }
/* POST request */ $encoded = ""; /* * test the guard cookie to make avoid phishing accusations. */ $securityok = testguardcookie($_SERVER['HTTP_COOKIE'], $_SERVER['REMOTE_ADDR']); /* * Decode the URL */ if (isset($_GET[URLNAMEENC])) { if (!$securityok) { header(makeAllHTTPS("Location: {$mysecurityhtml}/html_security.php?" . URLNAMEENC . "=" . $_GET[URLNAMEENC])); exit(0); } $original_req_url = $_GET[URLNAMEENC]; $sub_req_url = buildGetRequest("{$myproxy}?" . $_SERVER['QUERY_STRING'], 0); } else { if (isset($_GET[URLNAMEJSENC])) { if (!$securityok) { header(makeAllHTTPS("Location: {$mysecurityhtml}/html_security.php?" . $_SERVER["QUERY_STRING"])); exit(0); } $original_req_url = xdecodecx($_GET[URLNAMEJSENC]); $sub_req_url = $original_req_url; makeDataarray($_GET, $dataarray); } else { if (isset($_GET[URLNAMEPLAIN])) { if (!$securityok) { header(makeAllHTTPS("Location: {$mysecurityhtml}/html_security.php?" . $_SERVER["QUERY_STRING"])); exit(0); }