📄 ajax.php
字号:
} $this->debug->_saveError(); } die(); } } /** * Creates html to wrap serialized info for iframe xmlhttprequest fakeout * * @access private */ function _iframeWrapper($id, $data, $headers = array()) { $string = '<html><script type="text/javascript">'."\n".'var Iframe_XHR_headers = new Object();'; foreach($headers as $label => $value) { $string .= 'Iframe_XHR_headers["'.preg_replace("/\r?\n/", "\\n", addslashes($label)).'"] = "'.preg_replace("/\r?\n/", "\\n", addslashes($value))."\";\n"; } $string .= 'var Iframe_XHR_data = "' . preg_replace("/\r?\n/", "\\n", addslashes($data)) . '";</script>' . '<body onload="parent.HTML_AJAX_IframeXHR_instances[\''.$id.'\']' . '.isLoaded(Iframe_XHR_headers, Iframe_XHR_data);"></body></html>'; return $string; } /** * Handles a proxied grab request * * @return bool true to end the response, false to continue trying to handle it * @access private */ function _iframeGrabProxy() { if (!isset($_REQUEST['Iframe_XHR_id'])) { trigger_error('Invalid iframe ID'); return false; } $this->_iframe = $_REQUEST['Iframe_XHR_id']; $this->_payload = (isset($_REQUEST['Iframe_XHR_data']) ? $_REQUEST['Iframe_XHR_data'] : ''); $url = urldecode($_GET['px']); $url_parts = parse_url($url); $urlregex = '#^https?://#i'; if (!preg_match($urlregex, $url) || $url_parts['host'] != $_SERVER['HTTP_HOST']) { trigger_error('Invalid URL for grab proxy'); return true; } $method = (isset($_REQUEST['Iframe_XHR_HTTP_method']) ? strtoupper($_REQUEST['Iframe_XHR_HTTP_method']) : 'GET'); // validate method if ($method != 'GET' && $method != 'POST') { trigger_error('Invalid grab URL'); return true; } // validate headers $headers = ''; if (isset($_REQUEST['Iframe_XHR_headers'])) { foreach ($_REQUEST['Iframe_XHR_headers'] as $header) { if (strpos($header, "\r") !== false || strpos($header, "\n") !== false) { trigger_error('Invalid grab header'); return true; } $headers .= $header . "\r\n"; } } // tries to make request with file_get_contents() if (ini_get('allow_url_fopen') && version_compare(phpversion(), '5.0.0'. '>=')) { $opts = array( $url_parts['scheme'] => array( 'method' => $method, 'headers' => $headers, 'content' => $this->_payload ) ); $ret = @file_get_contents($url, false, stream_context_create($opts)); if (!empty($ret)) { $this->_sendResponse($ret); return true; } } // tries to make request using the curl extension if (function_exists('curl_setopt')) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_HEADER, $headers); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $ret = curl_exec($ch); if ($ret !== false) { curl_close($ch); $this->_sendResponse($ret); return true; } } if (isset($url_parts['port'])) { $port = $url_parts['port']; } else { $port = getservbyname(strtolower($url_parts['scheme']), 'tcp'); if ($port === false) { trigger_error('Grab proxy: Unknown port or service, defaulting to 80', E_USER_WARNING); $port = 80; } } if (!isset($url_parts['path'])) { $url_parts['path'] = '/'; } if (!empty($url_parts['query'])) { $url_parts['path'] .= '?' . $url_parts['query']; } $request = "$method {$url_parts['path']} HTTP/1.0\r\n" . "Host: {$url['host']}\r\n" . "Connection: close\r\n" . "$headers\r\n"; // tries to make request using the socket functions $fp = fsockopen($_SERVER['HTTP_HOST'], $port, $errno, $errstr, 4); if ($fp) { fputs($fp, $request); $ret = ''; $done_headers = false; while (!feof($fp)) { $ret .= fgets($fp, 2048); if ($done_headers || ($contentpos = strpos($ret, "\r\n\r\n")) === false) { continue; } $done_headers = true; $ret = substr($ret, $contentpos + 4); } fclose($fp); $this->_sendResponse($ret); return true; } // tries to make the request using the socket extension $host = gethostbyname($url['host']); if (($socket = socket_create(AF_INET, SOCK_STREAM, SOL_TCP)) < 0 || ($connected = socket_connect($socket, $host, $port)) < 0 || ($written = socket_write($socket, $request)) < strlen($request)) { trigger_error('Grab proxy failed: ' . socket_strerror($socket)); return true; } $ret = ''; $done_headers = false; while ($out = socket_read($socket, 2048)) { $ret .= $out; if ($done_headers || ($contentpos = strpos($ret, "\r\n\r\n")) === false) { continue; } $done_headers = true; $ret = substr($ret, $contentpos + 4); } socket_close($socket); $this->_sendResponse($ret); return true; } /** * Add a class or classes to those allowed to be unserialized * * @param mixed $classes * the class or array of classes to add * @access public */ function addAllowedClasses($classes) { if (!is_array($classes)) { $this->_allowedClasses[] = $classes; } else { $this->_allowedClasses = array_merge($this->_allowedClasses, $classes); } $this->_allowedClasses = array_unique($this->_allowedClasses); } /** * Checks that the given callback is callable and allowed to be called * * @param callback $callback * the callback to check * @return bool * true if the callback is valid, false otherwise * @access private */ function _validatePhpCallback($callback) { if (!is_callable($callback)) { return false; } $sig = md5(serialize($callback)); return isset($this->_validCallbacks[$sig]); } /** * Register a callback so it may be called from JS * * @param callback $callback * the callback to register * @access public */ function registerPhpCallback($callback) { $this->_validCallbacks[md5(serialize($callback))] = 1; } /** * Make JavaScript code smaller * * Currently just strips whitespace and comments, needs to remain fast * Strips comments only if they are not preceeded by code * Strips /*-style comments only if they span over more than one line * Since strings cannot span over multiple lines, it cannot be defeated by a string * containing /* */ function packJavaScript($input) { $stripPregs = array( '/^\s*$/', '/^\s*\/\/.*$/' ); $blockStart = '/^\s*\/\/\*/'; $blockEnd = '/\*\/\s*(.*)$/'; $inlineComment = '/\/\*.*\*\//'; $out = ''; $lines = explode("\n",$input); $inblock = false; foreach($lines as $line) { $keep = true; if ($inblock) { if (preg_match($blockEnd,$line)) { $inblock = false; $line = preg_match($blockEnd,'$1',$line); $keep = strlen($line) > 0; } } else if (preg_match($inlineComment,$line)) { $keep = true; } else if (preg_match($blockStart,$line)) { $inblock = true; $keep = false; } if (!$inblock) { foreach($stripPregs as $preg) { if (preg_match($preg,$line)) { $keep = false; break; } } } if ($keep && !$inblock) { $out .= trim($line)."\n"; } /* Enable to see what your striping out else { echo $line."<br>"; }//*/ } return $out; } /** * Set an intercptor class * * An interceptor class runs during the process of handling a request, it allows you to run security checks globally * It also allows you to rewrite parameters * * You can throw errors and exceptions in your intercptor methods and they will be passed to javascript * * You can add interceptors are 3 levels * For a particular class/method, this is done by add a method to you class named ClassName_MethodName($params) * For a particular class, method ClassName($methodName,$params) * Globally, method intercept($className,$methodName,$params) * * Only one match is done, using the most specific interceptor * * All methods have to return $params, if you want to empty all of the parameters return an empty array * * @todo handle php callbacks */ function setInterceptor($instance) { $this->_interceptor = $instance; } /** * Attempt to intercept a call * * @todo handle php callbacks */ function _processInterceptor($className,$methodName,$callback,$params) { $m = $className.'_'.$methodName; if (method_exists($this->_interceptor,$m)) { return $this->_interceptor->$m($params); } $m = $className; if (method_exists($this->_interceptor,$m)) { return $this->_interceptor->$m($methodName,$params); } $m = 'intercept'; if (method_exists($this->_interceptor,$m)) { return $this->_interceptor->$m($className,$methodName,$params); } return $params; }}function HTML_AJAX_class_exists($class,$autoload) { if (function_exists('interface_exists')) { return class_exists($class,$autoload); } else { return class_exists($class); }}/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */?>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -