My Fellow Php Folks!
I am now doing a peeping Tom into Php-Proxy script to gain work experience in building a web proxy as I am struggling to build one from scratch.
The script has 2 major pp files.
index.php
config.php
I am including both’s code below.
I need your aid to add comments on the lines so by looking at your comments I can learn what each line does. So, who will be the good Samaritan ?
In the past, the following have helped. Ranked according to who started helping first (according to my memory):
SpaceShipTrooper
droopsnoot
mlukac89
SamA74
John_Betong
CpRadio
If I’ve forgotten anybody then please excuse.
Let’s not forget the mighty TechnoBear.
Actually, let’s play a little game and make this forum a little fun.
The first person who reads this, make your comments on the first few lines. The 2nd person who reads this can do for the next few lines and so on.
That way, everyone contributes a little.
Ok, the index.php, I believe is the actual script and even though it has comments they are very brief and not so friendly to a newbie. Therefore, any volunteering to make them in depth would be appreciated by all newbies.
Once I finish learning from your comments, then it would be easy for me to complete my other learning project where I try building the web proxy from scratch.
Thanks
PS - In the index.php, on which line do I add the content filtering code ?
This is where, I will list a list of banned words and if these banned words are found on the page the user is trying to load via the web proxy then the page would not load. I’ll write code for the user to get alerted that the page won’t load because it has banned words in it’s content/title/ meta keywords/meta descriptions/file names/img names/link anchors/etc.
index.php
<?php
define('PROXY_START', microtime(true));
require("vendor/autoload.php");
use Proxy\Http\Request;
use Proxy\Http\Response;
use Proxy\Plugin\AbstractPlugin;
use Proxy\Event\FilterEvent;
use Proxy\Config;
use Proxy\Proxy;
// start the session
session_start();
// load config...
Config::load('./config.php');
// custom config file to be written to by a bash script or something
Config::load('./custom_config.php');
if(!Config::get('app_key')){
die("app_key inside config.php cannot be empty!");
}
if(!function_exists('curl_version')){
die("cURL extension is not loaded!");
}
// how are our URLs be generated from this point? this must be set here so the proxify_url function below can make use of it
if(Config::get('url_mode') == 2){
Config::set('encryption_key', md5(Config::get('app_key').$_SERVER['REMOTE_ADDR']));
} else if(Config::get('url_mode') == 3){
Config::set('encryption_key', md5(Config::get('app_key').session_id()));
}
// very important!!! otherwise requests are queued while waiting for session file to be unlocked
session_write_close();
// form submit in progress...
if(isset($_POST['url'])){
$url = $_POST['url'];
$url = add_http($url);
header("HTTP/1.1 302 Found");
header('Location: '.proxify_url($url));
exit;
} else if(!isset($_GET['q'])){
// must be at homepage - should we redirect somewhere else?
if(Config::get('index_redirect')){
// redirect to...
header("HTTP/1.1 302 Found");
header("Location: ".Config::get('index_redirect'));
} else {
echo render_template("./templates/main.php", array('version' => Proxy::VERSION));
}
exit;
}
// decode q parameter to get the real URL
$url = url_decrypt($_GET['q']);
$proxy = new Proxy();
// load plugins
foreach(Config::get('plugins', array()) as $plugin){
$plugin_class = $plugin.'Plugin';
if(file_exists('./plugins/'.$plugin_class.'.php')){
// use user plugin from /plugins/
require_once('./plugins/'.$plugin_class.'.php');
} else if(class_exists('\\Proxy\\Plugin\\'.$plugin_class)){
// does the native plugin from php-proxy package with such name exist?
$plugin_class = '\\Proxy\\Plugin\\'.$plugin_class;
}
// otherwise plugin_class better be loaded already through composer.json and match namespace exactly \\Vendor\\Plugin\\SuperPlugin
$proxy->getEventDispatcher()->addSubscriber(new $plugin_class());
}
try {
// request sent to index.php
$request = Request::createFromGlobals();
// remove all GET parameters such as ?q=
$request->get->clear();
// forward it to some other URL
$response = $proxy->forward($request, $url);
// if that was a streaming response, then everything was already sent and script will be killed before it even reaches this line
$response->send();
} catch (Exception $ex){
// if the site is on server2.proxy.com then you may wish to redirect it back to proxy.com
if(Config::get("error_redirect")){
$url = render_string(Config::get("error_redirect"), array(
'error_msg' => rawurlencode($ex->getMessage())
));
// Cannot modify header information - headers already sent
header("HTTP/1.1 302 Found");
header("Location: {$url}");
} else {
echo render_template("./templates/main.php", array(
'url' => $url,
'error_msg' => $ex->getMessage(),
'version' => Proxy::VERSION
));
}
}
?>
config.php
<?php
// all possible options will be stored
$config = array();
// a unique key that identifies this application - DO NOT LEAVE THIS EMPTY!
$config['app_key'] = '04e8155d1ddc8d00c578a7ffc0018692';
// a secret key to be used during encryption
$config['encryption_key'] = '';
/*
how unique is each URL that is generated by this proxy app?
0 - no encoding of any sort. People can link to proxy pages directly: ?q=http://www.yahoo.com
1 - Base64 encoding only, people can hotlink to your proxy
2 - unique to the IP address that generated it. A person that generated that URL, can bookmark it and visit it and any point
3 - unique to that session and IP address - URL no longer valid anywhere when that browser session that generated it ends
*/
$config['url_mode'] = 2;
// plugins to load - plugins will be loaded in this exact order as in array
$config['plugins'] = array(
'HeaderRewrite',
'Stream',
// ^^ do not disable any of the plugins above
'Cookie',
'Proxify',
'UrlForm',
// site specific plugins below
'Youtube',
'DailyMotion',
'RedTube',
'XHamster',
'XVideos',
'Twitter'
);
// additional curl options to go with each request
$config['curl'] = array(
// CURLOPT_PROXY => '',
// CURLOPT_CONNECTTIMEOUT => 5
);
//$config['replace_title'] = 'Google Search';
//$config['error_redirect'] = "https://unblockvideos.com/#error={error_msg}";
//$config['index_redirect'] = 'https://unblockvideos.com/';
// $config['replace_icon'] = 'icon_url';
// this better be here other Config::load fails
return $config;
?>