|
|
|
@ -33,7 +33,7 @@ if (empty($RCMAIL->user->ID)) {
|
|
|
|
exit;
|
|
|
|
exit;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
$url = preg_replace('/[^a-z0-9.-_\?\$&=%]/i', '', $_GET['u']);
|
|
|
|
$url = preg_replace('![^a-z0-9:./\-_?$&=%]!i', '', $_GET['u']);
|
|
|
|
if ($url === null) {
|
|
|
|
if ($url === null) {
|
|
|
|
header('HTTP/1.1 403 Forbidden');
|
|
|
|
header('HTTP/1.1 403 Forbidden');
|
|
|
|
echo $error;
|
|
|
|
echo $error;
|
|
|
|
@ -45,42 +45,63 @@ $port = $a_uri['port'] ? $a_uri['port'] : 80;
|
|
|
|
$host = $a_uri['host'];
|
|
|
|
$host = $a_uri['host'];
|
|
|
|
$path = $a_uri['path'] . ($a_uri['query'] ? '?'.$a_uri['query'] : '');
|
|
|
|
$path = $a_uri['path'] . ($a_uri['query'] ? '?'.$a_uri['query'] : '');
|
|
|
|
|
|
|
|
|
|
|
|
if (!($fp = fsockopen($host, $port, $errno, $errstr, 30))) {
|
|
|
|
// don't allow any other connections than http(s)
|
|
|
|
|
|
|
|
if (strtolower(substr($a_uri['scheme'], 0, 4)) != 'http') {
|
|
|
|
|
|
|
|
header('HTTP/1.1 403 Forbidden');
|
|
|
|
|
|
|
|
echo "Invalid URL";
|
|
|
|
|
|
|
|
exit;
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// try to open socket connection
|
|
|
|
|
|
|
|
if (!($fp = fsockopen($host, $port, $errno, $error, 15))) {
|
|
|
|
header('HTTP/1.1 500 Internal Server Error');
|
|
|
|
header('HTTP/1.1 500 Internal Server Error');
|
|
|
|
echo $error;
|
|
|
|
echo $error;
|
|
|
|
exit;
|
|
|
|
exit;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// set timeout for socket
|
|
|
|
|
|
|
|
stream_set_timeout($fp, 30);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// send request
|
|
|
|
$out = "GET $path HTTP/1.0\r\n";
|
|
|
|
$out = "GET $path HTTP/1.0\r\n";
|
|
|
|
$out .= "Host: $host\r\n";
|
|
|
|
$out .= "Host: $host\r\n";
|
|
|
|
$out .= "Connection: Close\r\n\r\n";
|
|
|
|
$out .= "Connection: Close\r\n\r\n";
|
|
|
|
fwrite($fp, $out);
|
|
|
|
fwrite($fp, $out);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// read response
|
|
|
|
$header = true;
|
|
|
|
$header = true;
|
|
|
|
|
|
|
|
$headers = array();
|
|
|
|
while (!feof($fp)) {
|
|
|
|
while (!feof($fp)) {
|
|
|
|
$line = trim(fgets($fp, 4048));
|
|
|
|
$line = trim(fgets($fp, 4048));
|
|
|
|
|
|
|
|
|
|
|
|
if ($header
|
|
|
|
if ($header) {
|
|
|
|
&& preg_match('/^HTTP\/1\..\s+(\d+)/', $line, $regs)
|
|
|
|
if (preg_match('/^HTTP\/1\..\s+(\d+)/', $line, $regs)
|
|
|
|
&& intval($regs[1]) != 200) {
|
|
|
|
&& intval($regs[1]) != 200) {
|
|
|
|
break;
|
|
|
|
break;
|
|
|
|
} else if (empty($line) && $header) {
|
|
|
|
}
|
|
|
|
$header = false;
|
|
|
|
else if (empty($line)) {
|
|
|
|
} else if (!$header) {
|
|
|
|
$header = false;
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
else {
|
|
|
|
|
|
|
|
list($key, $value) = explode(': ', $line);
|
|
|
|
|
|
|
|
$headers[strtolower($key)] = $value;
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
else {
|
|
|
|
$source .= "$line\n";
|
|
|
|
$source .= "$line\n";
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
fclose($fp);
|
|
|
|
fclose($fp);
|
|
|
|
|
|
|
|
|
|
|
|
if (!empty($source)) {
|
|
|
|
// check content-type header and mod styles
|
|
|
|
|
|
|
|
$mimetype = strtolower($headers['content-type']);
|
|
|
|
|
|
|
|
if (!empty($source) && in_array($mimetype, array('text/css','text/plain'))) {
|
|
|
|
header('Content-Type: text/css');
|
|
|
|
header('Content-Type: text/css');
|
|
|
|
echo rcmail_mod_css_styles(
|
|
|
|
echo rcmail_mod_css_styles($source, preg_replace('/[^a-z0-9]/i', '', $_GET['c']));
|
|
|
|
$source,
|
|
|
|
|
|
|
|
preg_replace('/[^a-z0-9]/i', '', $_GET['c']),
|
|
|
|
|
|
|
|
$url
|
|
|
|
|
|
|
|
);
|
|
|
|
|
|
|
|
exit;
|
|
|
|
exit;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
else
|
|
|
|
|
|
|
|
$error = "Invalid response returned by server";
|
|
|
|
|
|
|
|
|
|
|
|
header('HTTP/1.0 404 Not Found');
|
|
|
|
header('HTTP/1.0 404 Not Found');
|
|
|
|
echo $error;
|
|
|
|
echo $error;
|
|
|
|
|
thomascube
15 years ago