<?php
/* $Id: phproxy.php,v 1.30 2004/10/05 15:09:31 metac0m Exp $ */
/*************************************************************/
/* pHproxy                                                   */
/*************************************************************/
/*

pHproxy
Copyright (C) The Citizen Lab 2004.
Developed by: Nart Villeneuve
Contact: http://ice.citizenlab.org | nart@citizenlab.org

Special Thanks to:
Catspaw
Tim Smith
Bennett Haselton
David Warde-Farley

The Hacktivist (http://www.thehacktivist.com/)
Catspaw (http://www.insacecats.com/)
Citizen Lab (http://www.citizenlab.org/)
OpenNet Initiative (http://www.opennetinitiative.net)
Peacefire, Bennett Haselton  (http://www.peacefire.org/)

pHproxy is inpired by CGIProxy and CECID and many ideas
and maybe a few lines of code have been hacked from these
fine folks:

CGIProxy: http://www.jmarshall.com/tools/cgiproxy/
CECID: http://cecid.sourceforge.net/

LICENSE

This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License (GPL)
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

To read the license please visit
http://www.gnu.org/copyleft/gpl.html

INSTALL

Edit php.ini

allow_url_fopen = On

*/

/*************************************************************/
/* GLOBALS                                                   */
/*************************************************************/

//Settings

//This option should be set to the method through
//which users should access pHproxy: HTTP or HTTPS. 

$server_mode = "http"; //(http or https)

//This option controls what media types are allowed 

$media_mode = 1; //text only=0, text & images=1, all = 2

//This option encodes requested URLs
//XOR is the recomended option 

$url_obfuscation = 1; //None=0, base64=1, rot-13=2, xor=3

//This option prevents cookies from being sent to the end user
//This setting will not prevent JavaScript cookies from being set

$no_cookies = 0; //Allow Cookies=0, Remove Cookies=1

//This option removes common script tags
//It is not 100% effective at removing all
//scripts. For maximum protection users should disable
//scripts, such as JavaScript, in their browser settings.

$script_stripper = 0; //Allow Scripts=0, Remove Scripts=1

//This option alters the content and filesize of images
//(GIF, JPG, PNG). Requires GD Library.

$pad_images = 0; //No=0, Yes=1 

//This option acts as a whitelist

$allowed_servers = array();

//This option acts as a blocklist

$banned_servers = array();

//This option denies access to internal networks

$banned_networks = array('127.0.0.1', '192.168', '10');

//These options are used to identify URLs
//Change these to something unique

$getprefix = "go2url";
$postprefix = "go2post";

//Used for XOR (url obfcusation and XOR MODE)
//Change to something unique

$passwd = "hello"; 

//XOR MODE
/*
XORMODE is an experimental hack of pHproxy using XOR to
obfuscate web pages and then have the user decode the 
content on the client side with JavaScript.
*/

$xormode = 0; //NO=0, YES=1

//Globals
$servername = $server_mode."://".$_SERVER['SERVER_NAME'].$_SERVER['SCRIPT_NAME'];
$serverpath = $servername."?".$getprefix."=";
$serverpost = $servername."?".$postprefix."=";
$version = preg_split("/ /", '$Revision: 1.30 $');
$version = $version[1];

/*************************************************************/
/* GET & POST                                                */
/*************************************************************/

if ($_POST) {

    //For the index() form & location bar form
    if (isset($_POST[$getprefix])) {


        $url = $_POST[$getprefix];

        //De-Obfuscate (not needed until obfuscation on
        //client side with Javascript implemented
        //$url = de_obfuscate($_POST[$getprefix]);

        //Set method, postval & cookieval
        $method = "GET";
        $postval = "NULL";
        $cookieval = array();

        //Check the link
        linkcheck($url,$method,$postval,$cookieval);

    } else {
        
        //For POST forms
        //De-Obfuscate
        $url = de_obfuscate($_POST[$postprefix]);

        //Nasty hack for url's with extra args e.g. &k=v
        if (count($_POST) > 1) {

            foreach ($_POST as $k => $v ) {
                if ($k == $postprefix) {
                    //We aldready have the url, so do nothing
                } else {
                    //Assemble the post with keys & values
                    $postval .= urlencode($k)."=".urlencode($v)."&";
                }
            }
        }

        //Set method, postval & cookieval
        $method = "POST";
        $postval = substr($postval, 0, -1);
        $cookieval = array();

        //Check the link
        linkcheck($url,$method,$postval,$cookieval);

    }

} elseif ($_GET) {

    //De-Obfuscate
    $url = de_obfuscate($_GET[$getprefix]);

    //Nasty hack for url's with extra args e.g. &k=v
    if (count($_GET) > 1) {

        //We only want one ?
        if (!preg_match("/\?/", $url)) {
            $url .= "?";
        }

        foreach ($_GET as $k => $v ) {
            if ($k == $getprefix) {
                //We aldready have the url, so do nothing
            } else {
                //Reassemble the url with keys & values
                $url .= "&$k=$v";
            }
        }
        // Gets rid of the GET variables in the URL after a GET form.
        // Added by xcham, Aug 06/04

        header("Location: " . $serverpath . obfuscate($url));

    }



    //Set holder
    $cookieval = array();

    if ($_COOKIE) {
        //Get any Cookies we've set
        //for the right host

        //Parse the url
        $urlparsed = parse_url($url);
        //Get the host
        $host = $urlparsed['host'];


        foreach ($_COOKIE as $k => $v ) {
            $val = explode("|", $v);
            if ($url_obfuscation > 0) {
                $val[1] = de_obfuscate($val[1]);
            }
            if ($val[1] == ".".$host) {
                array_push($cookieval, "$k=$val[0]");
            }

        }
    }

    //Set method & postval
    $method = "GET";
    $postval = "NULL";
    //Check the link
    linkcheck($url,$method,$postval,$cookieval);

} else {

    //If server_mode is https force the user
    //to access via https
    if ($server_mode == "https") {
        if (!isset($_SERVER['HTTPS'])) {
        header("Location: " . $servername);
        exit();
        }
    }

    index();
}


/*************************************************************/
/* Index                                                     */
/*************************************************************/

function index() {
    global $getprefix, $version;
    
    echo "
    <html>
    <head><title>pHproxy</title></head>
    <body>
    <h1>pHproxy</h1>
    <p>Start browsing through this php-based proxy by entering a URL below.

    <form action=\"".$_SERVER['PHP_SELF']."\" method=\"post\">
    <input name=\"$getprefix\" size=\"66\" value=\"\">
    <br><input type=\"submit\" value=\"   Begin browsing   \">
    </form>

    <p>
    <hr>
    <table width=\"100%\"><tr>
    <td align=\"left\"> 
    <a href=\"".$_SERVER['PHP_SELF']."\"><i>pHproxy $version</i></a>
    </td>
    <td align=\"right\">
    <a href=\"".$_SERVER['PHP_SELF']."\"><i>Restart</i></a>
    </td>
    </tr></table>
    <p>
    </body>
    </html>
    ";

}

/*************************************************************/
/* Location Bar                                              */
/*************************************************************/

function location($fullurl) {
    global $getprefix;

    $location = "
    <center>
    <table>
    <tr>
    <td align=\"left\">
    <form action=\"".$_SERVER['PHP_SELF']."\" method=\"post\">
    <input name=\"$getprefix\" size=\"50\" value=\"$fullurl\"> 
    &nbsp;&nbsp; <input type=\"submit\" value=\"Browse\">
    &nbsp;&nbsp;&nbsp;[ <a href=\"".$_SERVER['PHP_SELF']."\"><i>Restart</i></a> ]
    </form>
    </td>
    </tr>
    </table>
    </center>
    <hr><br>
    ";
    return $location;
}

/*************************************************************/
/* Error Messages                                            */
/*************************************************************/

function error_blank() {
    echo "<b>pHproxy</b><br>";
    echo "<b>You have to enter a url or domain name</b><br>";
    echo "<br><a href=\"".$_SERVER['PHP_SELF']."\"><i>Restart</i></a><br>";
}

function error_loop() {
    echo "<b>pHproxy</b><br>";
    echo "<b>You have entered the url of this proxy.</b><br>";
    echo "<br><a href=\"".$_SERVER['PHP_SELF']."\"><i>Restart</i></a><br>";
}

function error_banned() {
   echo "<b>pHproxy</b><br>";
   echo "<b>You tried to access a restricted server. The owner of this
         proxy has restricted which servers it can access,
         presumably for security or bandwidth reasons.</b><br>";
   echo "<br><a href=\"".$_SERVER['PHP_SELF']."\"><i>Restart</i></a><br>";
}

function error_mime() {
   echo "<b>pHproxy</b><br>";
   echo "<b>You tried to access a non-text mime type. This
         proxy has been configured to operate in text-only mode,
         presumably for security or bandwidth reasons.</b><br>";
   echo "<br><a href=\"".$_SERVER['PHP_SELF']."\"><i>Restart</i></a><br>";
}

function error_gd() {
   echo "<b>pHproxy</b><br>";
   echo "<b>This proxy has been configured on a server that does
         not have GD support. Please disable the pad_images option.</b><br>";
   echo "<br><a href=\"".$_SERVER['PHP_SELF']."\"><i>Restart</i></a><br>";
}

function error_crypt2plain() {
   global $serverpath;
   echo "<b>pHproxy</b><br>";
   echo "<b>You have requested the encrypted contents of an
        SSL-enabled web server (HTTPS) but have accessed pHproxy though
        plaintext (HTTP). The encrypted contents will be transfered to
        you in plaintext. This is a serious security risk.";
   echo "<br><a href=\"".$_SERVER['PHP_SELF']."\"><i>Restart</i></a><br>";
}

/*************************************************************/
/* (De) Obfuscate                                            */
/*************************************************************/

function obfuscate($url) {
    global $url_obfuscation, $passwd;
    if ($url_obfuscation == 1) {
        return base64_encode($url);
    } elseif ($url_obfuscation == 2) {
        return str_rot13($url);
    } elseif ($url_obfuscation == 3) {
        return xorcist($url, $passwd);
    } else {
        return rawurlencode($url);
    }
}

function de_obfuscate($url) {
    global $url_obfuscation, $passwd;
    if ($url_obfuscation == 1) {
        return base64_decode($url);
    } elseif ($url_obfuscation == 2) {
        return str_rot13($url);
    } elseif ($url_obfuscation == 3) {
        return de_xorcist($url, $passwd);
    } else {
        return rawurldecode($url);
    }
}

/*************************************************************/
/* XOR (Server Side)                                         */
/*************************************************************/
function xorcist($string, $passwd) {

    $xorized = "";

    $index = 0;
    $ichars = str_split($string);

    foreach ($ichars as $i) {
        $xor1 = ord($i);
        $xor2 = ord($passwd[$index % strlen($passwd)]);
        $xored = ($xor1 ^ $xor2);
        $xorized .= sprintf("%02x", $xored);
        $index++;

    }

    return $xorized;
}

function str_split($string, $split_length = 1) {
   $strlen = strlen($string);
  
   for ($i = 0; $i < $strlen; $i += $split_length) {
       $array[] = substr($string, $i, $split_length);
   }
  
   return $array;
}

/*************************************************************/
/* de-XOR (Server Side)                                      */
/*************************************************************/

function de_xorcist($string, $passwd) {
    // Decode string
    $string = base16_decode($string);
    //de-XOR
    $output = '';
    for ($i = 0; $i < strlen($string); $i++) {
        $output .= chr(ord($string{$i}) 
            ^ ord($passwd{$i % strlen($passwd)}));                           
    }

    return $output;
}

function base16_decode($string) {
    $hex_digits = '0123456789abcdef';
    $output='';
  
    for ($i = 0; $i < strlen($string); $i = $i + 2) {
        $char_code = (strpos($hex_digits, $string{$i}) << 4)
            | (strpos($hex_digits, $string{$i+1}));
        $output .= chr($char_code);
    }
  
    return $output;
}

/*************************************************************/
/* XOR (Client Side)                                         */
/*************************************************************/
// Original JavaScript by Tim Smith.



function gen_symbolname() {
    $obfusc_ch = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890";
    // choose a random length between 13 and 32
    $len = rand(13,32); // should be long enough to avoid collision
    $s_name = "";
    for ($i = 0; $i < $len; $i++) {
        $s_name .= substr($obfusc_ch,rand(0,strlen($obfusc_ch) - 1),1);
    }
    // ensure that it starts with a letter and not a number
    // index 51 is where the letters end (26 * 2 - 1)
    $s_name = substr($obfusc_ch,rand(0,51),1) . $s_name;
    return $s_name;
} 

function gen_spaces() {
    $MAX = 50;
    $MIN = 20;
    $N = rand($MIN,$MAX);
    $str = "";
    for ($i = 0; $i < $N; $i++)
    {
        $str .= " ";
    }
    return $str;
}

function spaceify($str) {
    $ar = explode("\n",$str);
    $str2 = "";
    foreach ($ar as $val) {
        $str2 .= gen_spaces() . $val . (rand(0,1) ? "\n" : "");
    }
    return $str2;
}

function xorjs($xorized, $passwd) {
    $symbols = array(
        "base16_decode" => gen_symbolname(),
        "string" => gen_symbolname(),
        "hex_digits" => gen_symbolname(),
        "output" => gen_symbolname(),
        "i" => gen_symbolname(),
        "char_code" => gen_symbolname(),
        "xor_decode" => gen_symbolname(),
        "output" => gen_symbolname(),
        "passwd" => gen_symbolname(),
        "key" => gen_symbolname(),
        "j" => gen_symbolname(),
        "docwritefn" => gen_symbolname()
    );
    // randomly create javascript function, to throw off pattern matching
    // for doc.write
    $coinflip = rand(0,1);
    $obfusc_fn = "
    function " . $symbols['docwritefn'] . "(str) {
        document.write(str);
    }";
    if ($coinflip == 0) {
        $symbols['docwritefn'] = "document.write";
    }
    $position = rand(0,3);
    return spaceify("
    <script language=\"Javascript\">
    " . (($coinflip && $position == 0) ? $obfusc_fn : "") . "
    function " . $symbols['base16_decode'] . "(".$symbols['string'].") {
        var " . $symbols['hex_digits'] . "= '0123456789abcdef';
        var " . $symbols['output'] . " ='';
      
        for (var ".$symbols['i']." = 0; " . $symbols['i'] . " < ".$symbols['string'].".length; " . $symbols['i'] . " += 2) {
            var " . $symbols['char_code'] ." = (" . $symbols["hex_digits"] .".indexOf(". $symbols['string'] . ".charAt(". $symbols['i'] .")) << 4)
                | (".$symbols["hex_digits"].".indexOf(".$symbols['string'].".charAt(". $symbols['i']."+1)));
            ".$symbols['output']." += String.fromCharCode(".$symbols['char_code'].");
        }
      
        return ".$symbols['output'].";
    }
    " . (($coinflip && $position == 1) ? $obfusc_fn : "") . "    
    function ". $symbols['xor_decode'] . "(".$symbols['passwd'].", ".$symbols['string'].") {
        var ".$symbols['output'] ." = '';
        for (var ". $symbols['j'] ." = 0; ". $symbols['j'] ." < ".$symbols['string'].".length; ".$symbols['j']."++) {
            ".$symbols['output']." += String.fromCharCode(".$symbols['string'].".charCodeAt(".$symbols['j'].") 
                ^ ".$symbols['passwd'].".charCodeAt(".$symbols['j']." % ".$symbols['passwd'].".length));
        }
      
        return ".$symbols['output'].";
    }
    " . (($coinflip && $position == 2) ? $obfusc_fn : "") . "
    
    var ".$symbols['key']." = \"\";
    ".$symbols['key']." = prompt(\"Please enter your key: (The key is: $passwd)\",\"\");
   " . (($coinflip && $position == 3) ? $obfusc_fn : "") . "
    ". $symbols['docwritefn'] . "(".$symbols['xor_decode'] . "(".$symbols['key'].", " . $symbols["base16_decode"] . "(\"$xorized\")));

    </script>
    ");
}

/*************************************************************/
/* Link Check                                                */
/*************************************************************/

function linkcheck($url,$method,$postval,$cookieval) {
    global $servername, $allowed_servers, $banned_servers, $banned_networks;

    $ok = 1;

    //Blank Check
    if ($url == "") {
        //No url
        error_blank();

    } elseif ($url == $servername) {
        //Calling itself, infinite loop
        error_loop();

    } else {

        //Get rid of any space
        $url = preg_replace("/ /i", "%20", $url);

        //Check if url starts with http
        preg_match("/^(.*:\/\/)?([^:\/]+)/i", $url, $match);
        if (!preg_match("/^http(s?):\/\//i", $match[1])) { $url = "http://$url";};

        //Parse the url
        $urlparsed = parse_url($url);
        $host = $urlparsed['host'];
        $hostaddr = gethostbyname($host);

        //Check if banned_network
        if (count($banned_networks) > 0) {
            foreach ($banned_networks as $banned_net) {
                if (preg_match("/^$banned_net/", $hostaddr)) {
                    $ok = 0;
                }
            }
        }

        //Check if banned_server
        if (count($banned_servers) > 0) {
            foreach ($banned_servers as $banned_serv) {
                $banned_ip = gethostbyname($banned_serv);
                if (preg_match("/^$banned_ip/", $hostaddr)) {
                    $ok = 0;
                }
            }
        }

        //Check if allowed_servers
        if (count($allowed_servers) > 0) {
            $ok = 0;
            foreach ($allowed_servers as $allowed_serv) {
                $allowed_ip = gethostbyname($allowed_serv);
                if (preg_match("/^$allowed_ip/", $hostaddr)) {
                    $ok = 1;
                }
            }
        }

        //Get the URL
        if ($ok == 1) {
            proxy($url,$method,$postval,$cookieval);
        } else {
            //Server is banned
            error_banned();
        }

    }
     
}

/*************************************************************/
/* URL Join                                                  */
/*************************************************************/
//URLJoin was made possible thanks to uber-help from Catspaw!

function urljoin($prev,$next) {
    //Don't fuck with the order of things, this was unpleasant

    //move $next & $prev to lowercase
    //$prev = strtolower($prev);
    //$next = strtolower($next);

    //Parse the url
    $urlparsed = parse_url($prev);
    //Get the scheme
    $scheme = $urlparsed['scheme']."://";


    //Strip anchor
    $prev = array_shift(split("#", $prev));
    $next = array_shift(split("#", $next));

    $prev = preg_replace("/\?.*/","",$prev);

    //If there is nothing after the hostname, ensure there is a trailing slash
    if (count(split("/", $prev)) < 4) { 
        $prev = "$prev"."/";
    }

    //Kick the previous filename off, so we can append other stuff
    //array_pop(split("/", $prev));

    $x = split("/", $prev);
    array_pop($x);
    $prev = implode("/", $x);

    //If the next url is ablsolute, just use it
    if (preg_match("/:\/\//", $next)) {
        return $next;
    }

    //Split by /
    $baseURL = split("/", preg_replace("/.*:\/\//","",$prev));

    //Remove blanks
    $baseURL = array_filter($baseURL, "is_blank");

    //If it doesnt start with a / or a . then append to url
    if ((substr("$next",0,1) != "/") && (substr("$next",0,1) != ".")) {
        return $scheme.implode("/", $baseURL)."/$next";
    }

    elseif ($next == "/") {
        return $scheme.array_shift($baseURL);
    }

    elseif (substr("$next",0,2) == "//") {
        return $scheme.substr("$next",2);
    }

    elseif (substr("$next",0,1) == "/") {
        return $scheme.array_shift($baseURL)."/".substr("$next",1);
    }

    elseif (substr("$next",0,2) == "./") {
        return $scheme.implode("/", $prev)."/".substr("$next",2);
    }

    else {

        $adders = split("/", $next);
            foreach ($adders as $m) {
                if (($m == "..") && (count($baseURL) > 1)) {
                    array_pop($baseURL);
                } elseif ($m != "..") {
                    array_push($baseURL, "$m");
                } 
            }

         return $scheme.implode("/", $baseURL);

         }

}

//Blank Remove Check
function is_blank($var) {
    return ($var != "");
}

/*************************************************************/
/* Script Stripper                                           */
/*************************************************************/

//TODO: This needs to be done right!

function script_stripper($stuff) {

    //Script Tags
    $tags = array("'<script[^>]*?>.*?</script>'si",
                   "'<link[^>]*?>'si",
                   "'<meta http-equiv[^>]*?>'si",
                   "'<applet[^>]*?>.*?</applet>'si",
                   "'<object[^>]*?>.*?</object>'si",
                   "'<style[^>]*?>.*?</style>'si");

    $stuff = preg_replace($tags, "", $stuff);

    /*
    //JS event handlers found inside html tags
    //Takes too long if using more than 5 tags
    $intags = array(/<(\w*\s)(.*?)(style=['\"].*?['\"])/si",
                    "/<(\w*\s)(.*?)(onClick=['\"].*?['\"])/si",
                    "/<(\w*\s)(.*?)(onload=['\"].*?['\"])/si",
                    "/<(\w*\s)(.*?)(onMouseOut=['\"].*?['\"])/si",
                    "/<(\w*\s)(.*?)(onMouseOver=['\"].*?['\"])/si",
                    "/<(\w*\s)(.*?)(onSubmit=['\"].*?['\"])/si",
                    "/<(\w*\s)(.*?)(onChange=['\"].*?['\"])/si",
                    "/<(\w*\s)(.*?)(onFocus=['\"].*?['\"])/si",
                    "/<(\w*\s)(.*?)(onBlur=['\"].*?['\"])/si",
                    "/<(\w*\s)(.*?)(onDblClick=['\"].*?['\"])/si",
                    "/<(\w*\s)(.*?)(onDragDrop=['\"].*?['\"])/si",
                    "/<(\w*\s)(.*?)(onError=['\"].*?['\"])/si",
                    "/<(\w*\s)(.*?)(onKeyDown=['\"].*?['\"])/si",
                    "/<(\w*\s)(.*?)(onKeyPress=['\"].*?['\"])/si",
                    "/<(\w*\s)(.*?)(onKeyUp=['\"].*?['\"])/si",
                    "/<(\w*\s)(.*?)(onMouseDown=['\"].*?['\"])/si",
                    "/<(\w*\s)(.*?)(onMouseUp=['\"].*?['\"])/si",
                    "/<(\w*\s)(.*?)(onMove=['\"].*?['\"])/si",
                    "/<(\w*\s)(.*?)(onReset=['\"].*?['\"])/si",
                    "/<(\w*\s)(.*?)(onResize=['\"].*?['\"])/si",
                    "/<(\w*\s)(.*?)(onSelect=['\"].*?['\"])/si",
                    "/<(\w*\s)(.*?)(onUnload=['\"].*?['\"])/si");

     $replacement = "<\$1\$2";
     $stuff = preg_replace($intags, $replacement, $stuff);
     */

     return $stuff;
}

//Fix postnuke's &amp;
function fixpostnuke($stuff) {
    $stuff = preg_replace("/&amp;/si", "&", $stuff);
    return $stuff;
}

/*************************************************************/
/* Pad Images                                                */
/*************************************************************/
function padimages($img,$mime) {

    //Get GD info
    $gdinfo = gd_info();
    $image_mime = array();

    foreach ($gdinfo as $k => $v ) {
        if (($k == "JPG Support") && ($v)) {
            array_push($image_mime, "image/jpeg");
        }
        if (($k == "PNG Support") && ($v)) {
            array_push($image_mime, "image/png");
        }
        //Support for GIF was restored in gd 2.0.28
        if (($k == "GIF Create Support") && ($v)) {
            array_push($image_mime, "image/gif");
        }
    }

    if (in_array($mime, $image_mime)) {
        $imgpad = str_repeat(decbin(rand(1,100)), rand(1,10));
        $src_img = imagecreatefromstring($img);
        $text_color = imagecolorallocate($src_img, 0, 0, 255);
        imagestring($src_img, 1, 5, 5,  $imgpad, $text_color);

        if (preg_match("/image\/gif/i", $mime)) {
            imagegif($src_img);
        }

        if (preg_match("/image\/jpeg/i", $mime)) {
            imagejpeg($src_img);
        }

        if (preg_match("/image\/png/i", $mime)) {
            imagepng($src_img);
        }

        imagedestroy($src_img);

    } else {

        echo $img;

    }

}

/*************************************************************/
/* Proxy Socket                                              */
/*************************************************************/
function proxysocket($url,$method,$postval,$cookieval) {
    global $server_mode, $serverpath, $url_obfuscation, $version;

    $headers = "";
    $html = "";

    //Parse the url
    $urlparsed = parse_url($url);
    $scheme = $urlparsed['scheme'];
    $host = $urlparsed['host'];

    if(count($urlparsed) > 2) {
        //It parsed a path
        $path = $urlparsed['path'];
    } else {
        $path = "/";
    }

    //Strip _underscore that parse_url sometimes 
    //puts on the end of the path
    if (substr($path, -1) == '_') {
        $path = substr_replace($path, "", strlen($path)-1, strlen($path));
    }

    //Check the path, is there isn't one its /
    if ($path == "") {
        $path = "/";
    }


    //If phproxy is access through http, but is requesting https
    //then warn the user that the encrypted text is transfered in plaintext
    if (($server_mode == "http") && ($scheme == "https")) {
        error_crypt2plain();
        exit();
    }


    //Construct the link path
    $link = '';
    if (isset($urlparsed['query'])) {
        $link .= "?$urlparsed[query]";
    }
    if (isset($urlparsed['fragment'])) {
        $link .= "#$urlparsed[fragment]";
    }
    $link = $path.$link;

    //Get the IP
    //fsockopen cannot handle domains with _underscores ?
    $ip = gethostbyname($host);

    if ($scheme == "https") {
    $fp = fsockopen("ssl://".$ip, 443, $errno, $errstr, 30);
    } else {
    $fp = fsockopen($ip, 80, $errno, $errstr, 30);
    }
    if (!$fp) {
       echo "$errstr ($errno)\n";
    } else {

        if ($method == "POST") {
            $length = strlen($postval);
            $out = "POST $path HTTP/1.0\r\n";
            $out .= "Host: $host\r\n";
            $out .= "User-Agent: Mozilla/5.0 (compatible; pHproxy/$version)\r\n";
            $out .= "Referer: $url\r\n";
            $out .= "Content-Type: application/x-www-form-urlencoded\r\n";
            $out .= "Content-Length: $length\r\n";
            $out .= "\r\n";
            $out .= $postval;

        } else {
            $out = "GET $link HTTP/1.0\r\n";
            $out .= "Host: $host\r\n";
            $out .= "User-Agent: Mozilla/5.0 (compatible; pHproxy/$version)\r\n";
            $out .= "Referer: $url\r\n";
            if (count($cookieval) > 0) {
                foreach ($cookieval as $cookie) {
                $out .= "Cookie: $cookie\r\n";
                }
            }
            $out .= "Connection: Close\r\n\r\n";
       }

       fwrite($fp, $out);
       $fheader = 1;
       $headers = "";
       while (!feof($fp)) {
           $line = fgets($fp, 128);
           //Grab the headers
           if ($fheader == 1) {

               if ($line == "\r\n") { 
                   $fheader = 0;
               } else {
                   //Assemble the headers
                   $headers .= $line;
               }

           } else {
               //Grab the page content
               $html .= $line;
           }
       }

       fclose($fp);
    }

    //Return headers & html
    return array($headers, $html);
}

/*************************************************************/
/* Process Headers                                           */
/*************************************************************/
function processheaders($url,$headers) {
    global $serverpath, $url_obfuscation, $media_mode, $no_cookies;

    //Place holder for headers to process and return
    $location = "";
    $content_type = "";
    $content_disposition = "";
    $set_cookie = "";

    //Parse the url
    $urlparsed = parse_url($url);
    $scheme = $urlparsed['scheme'];
    $host = $urlparsed['host'];
    
    //Split headers into array
    $headers = preg_split("/\n/", $headers);

    //Start processing the headers
    foreach ($headers as $headerline) {

        //Location header (302 re-direct)
        if (preg_match("/Location: (.*)/i", $headerline)) {

            //Some 302 redirects use just the path, need to construct a full url
            if (!preg_match("/[Ll]ocation: $scheme/i", $headerline)) {
                $fullurl = $scheme."://".$host."/";
                $headerline = preg_replace("/Location: (.*)/ie","'Location: $fullurl'.'\\1'",$headerline);
            }
           
            if ($url_obfuscation == 0) {

                $location = preg_replace("/Location: (.*)/ie","'Location: $serverpath'.'\\1'",$headerline);

            } else {
                
                $location = preg_replace("/Location: (.*)/ie","'Location: $serverpath'.obfuscate('\\1')",$headerline);
                
            }

        }
        
        // Content-Type
        //Text Mimes
        $text_mime = array("text/plain",
                     "text/html",
                     "text/css");
	                    
        if (preg_match("/Content-Type: (\w+\/\w+)(.*)/i", $headerline, $matches)) {
            
            $mime = $matches[1];

            if (in_array($mime, $text_mime)) {

                //Yay text
                $content_type = $headerline;
                
            } else {
                //media_mode is 2 (all), images are handled in proxy()
                if ($media_mode == 2) {
                    //Get the name of the file
                    $filearray = preg_split("/\//", $url);
                    $output_file = $filearray[count($filearray) -1];
                    $content_type = $headerline;
                    $content_disposition = "Content-Disposition: attachment; filename=".$output_file;
                } else {
                   //Error
                   error_mime();
                   exit();
                }
            }

        }

        //Cookies
        if (!$no_cookies) {
            if (preg_match("/Set-Cookie: (.*)/i", $headerline)) {
                //Append the real host to the val, split with |
                if ($url_obfuscation > 0) {
                    $set_cookie = preg_replace("/Set-Cookie: (.*?=.*?)(;)(.*)/ie",
                        "'Set-Cookie: '.'\\1'.'|'.obfuscate('.$host').'\\2\\3'",$headerline);
                } else {
                    $set_cookie = preg_replace("/Set-Cookie: (.*?=.*?)(;)(.*)/ie",
                        "'Set-Cookie: '.'\\1'.'|.$host'.'\\2\\3'",$headerline);
                }
                //Get rid of the real domain if there is one
                $set_cookie = preg_replace("/Set-Cookie: (.*?)(domain=.*)/ie",
                    "'Set-Cookie: '.'\\1'",$set_cookie);
            }
        }

        //Process more headers

    }

    return array($location, $content_type, $content_disposition, $set_cookie);

}

/*************************************************************/
/* Proxify HTML                                              */
/*************************************************************/

function proxifyhtml($url,$html) {
    global $servername, $serverpath, $serverpost,
           $script_stripper, $getprefix, $postprefix,
           $passwd, $xormode;

    //Proxify the HTML
    //Fix postnuke's &amp;
    $url_tags = "href=|url=|src=|background=|code=|codebase=|archive=|data=|usemap=";
    $html = preg_replace("/(<[^>]*)($url_tags)(['\"]?)(.*?)(['\" >])/ie",
        "'\\1\\2\\3'.'$serverpath'.obfuscate(urljoin('$url',fixpostnuke('\\4'))).'\\5'", $html);


    //Proxify weird css tag
    $html = preg_replace("/(<style type=\"text\/css\">@import url\(\")(.*?)(\"\); <\/style>)/ie",
        "'\\1'.'$serverpath'.obfuscate(urljoin('$url','\\2')).'\\3'", $html);

    //Proxify if method=post
    //Warning: nasty hack to get post working!
    if (preg_match("/(<[^>]*)method=(['\"]?)post(['\"]?)/ie", $html)) {

        //We need the joined post url
        if (preg_match("/(<[^>]*)(action=)(['\"]?)(.*?)(['\" >])/ie", $html, $matches)) {
            $posturl = "<input type=hidden name=$postprefix value=".obfuscate(urljoin($url,$matches[4]))."></form>";
            $html = preg_replace("/<\/form>/i", $posturl, $html);
        }
        
        //proxify the action
        $html = preg_replace("/(<[^>]*)(action=)(['\"]?)(.*?)(['\" >])/ie",
            "'\\1\\2\\3'.'$servername'.'\\5'", $html);
        
    } else {
        
        //Fucking forms that are get not post, like google
        //This is outright nasty too
        //We need the joined post url
        if (preg_match("/(<[^>]*)(action=)(['\"]?)(.*?)(['\" >])/ie", $html, $matches)) {
            $geturl = "<input type=hidden name=$getprefix value=".obfuscate(urljoin($url,$matches[4]))."></form>";
            $html = preg_replace("/<\/form>/i", $geturl, $html);
        }

        //Proxify the action
        $html = preg_replace("/(<[^>]*)(action=)(['\"]?)(.*?)(['\" >])/ie",
            "'\\1\\2\\3'.'$servername'.'\\5'", $html);
    }
    
    // Strip some scripts?
    if ($script_stripper > 0) {
        $html = script_stripper($html);
    }

    //Check for magic quotes
    if (!get_magic_quotes_gpc()) {
         //
    } else {
        $html = stripslashes($html);
    }
    //Add Location Bar
    $html = location($url).$html;
    
    //Check for XOR MODE
    if ($xormode == 1) {
        $xorized = xorcist($html, $passwd);
        $html = xorjs($xorized,$passwd);
    }

    return $html;
}

/*************************************************************/
/* Main Proxy function                                       */
/*************************************************************/

function proxy($url,$method,$postval,$cookieval) {
    global $server_mode, $media_mode, $version, $pad_images;
    
    ini_set("user_agent","Mozilla/5.0 (compatible) pHproxy/$version");

    //If its not an image, we want to suppress the error message
    if (list($width, $height, $type, $attr) = @ getimagesize($url)) {
        //Check media_mode
        if ($media_mode > 0) {

            //Parse the url
            $urlparsed = parse_url($url);
            $scheme = $urlparsed['scheme'];
            
            //If phproxy is access through http, but is requesting https
            //then warn the user that the encrypted text is transfered in plaintext
            if (($server_mode == "http") && ($scheme == "https")) {
                error_crypt2plain();
                exit();
            }
            $img = "";
            $size = getimagesize($url);
            $mime = $size['mime'];
            $fp=fopen($url, "rb");
                if ($size && $fp) {
                    header("Content-type: $mime");
                    while (!feof($fp)) {
                        $img .= fgets($fp, 128);
                    }
                    fclose($fp);

                }

            //Pad Images
            if ($pad_images) {
                //If GD do it
                if(function_exists("gd_info")){
                    padimages($img,$mime);
                } else {
                    //Error (No GD)
                    error_gd();
                    exit();
                }

            } else {
                //Image pad is off
                //Just send the image
                echo $img;

            }


        } else {
            //Error (Text Only Mode)
            error_mime();
            exit();
        }

    } else {

        //Connect via proxy socket
        $result = proxysocket($url,$method,$postval,$cookieval);

        //Headers & HTML
        $headers = $result[0];
        $html = $result[1];

        //Process & print headers
        $processedheaders = processheaders($url, $headers);
        $isfile = 0;
        foreach($processedheaders as $pheader) {
            
            //If the header is Content-Disposition its a file to be
            //downloaded, we don't want to proxify its contents
            if (preg_match("/^Content-Disposition: (.*)/i", $pheader)) {
                $isfile = 1;
            }

            if ($pheader != "") {
                header($pheader);
            }
            
        }

        if ($isfile != 0) {
            //If its a file, don't proxify contents
            echo $html;
        } else {
            //Process & print the html
            echo proxifyhtml($url, $html);
        }
        
    }

}

?>