Merge pull request #226 from qkqpttgf/refer

only designated referrer
pull/228/head
qkqpttgf 2021-02-23 17:27:53 +08:00 committed by GitHub
commit c610eb6a85
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 141 additions and 133 deletions

View File

@ -36,6 +36,7 @@ $EnvConfigs = [
'customTheme' => 0b011, 'customTheme' => 0b011,
'theme' => 0b010, 'theme' => 0b010,
'dontBasicAuth' => 0b010, 'dontBasicAuth' => 0b010,
'referrer' => 0b011,
'Driver' => 0b100, 'Driver' => 0b100,
'client_id' => 0b100, 'client_id' => 0b100,
@ -254,6 +255,8 @@ function main($path)
} }
} }
if (!isreferhost()) return message('Must visit from designated host', 'NOT_ALLOWED', 403);
// Show disks in root // Show disks in root
if ($files['showname'] == 'root') return render_list($path, $files); if ($files['showname'] == 'root') return render_list($path, $files);
@ -419,6 +422,19 @@ function extendShow_diskenv($drive)
return $drive->ext_show_innerenv(); return $drive->ext_show_innerenv();
} }
function isreferhost() {
$referer = $_SERVER['referhost'];
if ($referer=='') return true;
if ($referer==$_SERVER['HTTP_HOST']) return true;
$referrer = getConfig('referrer');
if ($referrer=='') return true;
$arr = explode('|', $referrer);
foreach ($arr as $host) {
if ($host == $referer) return true;
}
return false;
}
function pass2cookie($name, $pass) function pass2cookie($name, $pass)
{ {
return md5($name . ':' . md5($pass)); return md5($name . ':' . md5($pass));
@ -639,44 +655,6 @@ function curl($method, $url, $data = '', $headers = [], $returnheader = 0)
return $response; return $response;
} }
function curl_request($url, $data = false, $headers = [], $returnheader = 0)
{
if (!isset($headers['Accept'])) $headers['Accept'] = '*/*';
//if (!isset($headers['Referer'])) $headers['Referer'] = $url;
//if (!isset($headers['Content-Type'])) $headers['Content-Type'] = 'application/x-www-form-urlencoded';
$sendHeaders = array();
foreach ($headers as $headerName => $headerVal) {
$sendHeaders[] = $headerName . ': ' . $headerVal;
}
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
if ($data !== false) {
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
}
curl_setopt($ch, CURLOPT_TIMEOUT, 5);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HEADER, $returnheader);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_HTTPHEADER, $sendHeaders);
//$response['body'] = curl_exec($ch);
if ($returnheader) {
list($returnhead, $response['body']) = explode("\r\n\r\n", curl_exec($ch));
foreach (explode("\r\n", $returnhead) as $head) {
$tmp = explode(': ', $head);
$heads[$tmp[0]] = $tmp[1];
}
$response['returnhead'] = $heads;
} else {
$response['body'] = curl_exec($ch);
}
$response['stat'] = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
return $response;
}
function clearbehindvalue($path,$page1,$maxpage,$pageinfocache) function clearbehindvalue($path,$page1,$maxpage,$pageinfocache)
{ {
for ($page=$page1+1;$page<$maxpage;$page++) { for ($page=$page1+1;$page<$maxpage;$page++) {
@ -776,6 +754,7 @@ function message($message, $title = 'Message', $statusCode = 200)
<meta name=viewport content="width=device-width,initial-scale=1"> <meta name=viewport content="width=device-width,initial-scale=1">
<body> <body>
<h1>' . $title . '</h1> <h1>' . $title . '</h1>
<a href="' . $_SERVER['base_path'] . '">' . getconstStr('Back') . getconstStr('Home') . '</a>
<p> <p>
' . $message . ' ' . $message . '
@ -814,8 +793,9 @@ function needUpdate()
function output($body, $statusCode = 200, $headers = ['Content-Type' => 'text/html'], $isBase64Encoded = false) function output($body, $statusCode = 200, $headers = ['Content-Type' => 'text/html'], $isBase64Encoded = false)
{ {
//$headers['Referrer-Policy'] = 'same-origin'; if (isset($_SERVER['Set-Cookie'])) $headers['Set-Cookie'] = $_SERVER['Set-Cookie'];
$headers['Referrer-Policy'] = 'no-referrer'; $headers['Referrer-Policy'] = 'no-referrer'; //$headers['Referrer-Policy'] = 'same-origin';
$headers['X-Frame-Options'] = 'sameorigin';
return [ return [
'isBase64Encoded' => $isBase64Encoded, 'isBase64Encoded' => $isBase64Encoded,
'statusCode' => $statusCode, 'statusCode' => $statusCode,
@ -874,12 +854,8 @@ function adminform($name = '', $pass = '', $path = '')
<body>' . getconstStr('LoginSuccess') . '</body></html>'; <body>' . getconstStr('LoginSuccess') . '</body></html>';
$statusCode = 201; $statusCode = 201;
date_default_timezone_set('UTC'); date_default_timezone_set('UTC');
$header = [ $_SERVER['Set-Cookie'] = $name . '=' . $pass . '; path=/; expires=' . date(DATE_COOKIE, strtotime('+7day'));
'Set-Cookie' => $name . '=' . $pass . '; path=/; expires=' . date(DATE_COOKIE, strtotime('+7day')), return output($html, $statusCode);
//'Location' => $path,
'Content-Type' => 'text/html'
];
return output($html, $statusCode, $header);
} }
$statusCode = 401; $statusCode = 401;
$html .= ' $html .= '
@ -1059,7 +1035,8 @@ function EnvOpt($needUpdate = 0)
global $drive; global $drive;
ksort($EnvConfigs); ksort($EnvConfigs);
$envs = ''; $envs = '';
foreach ($EnvConfigs as $env => $v) if (isCommonEnv($env)) $envs .= '\'' . $env . '\', '; //foreach ($EnvConfigs as $env => $v) if (isCommonEnv($env)) $envs .= '\'' . $env . '\', ';
$envs = substr(json_encode(array_keys ($EnvConfigs)), 1, -1);
$html = '<title>OneManager '.getconstStr('Setup').'</title>'; $html = '<title>OneManager '.getconstStr('Setup').'</title>';
if (isset($_POST['updateProgram'])&&$_POST['updateProgram']==getconstStr('updateProgram')) { if (isset($_POST['updateProgram'])&&$_POST['updateProgram']==getconstStr('updateProgram')) {
@ -1127,7 +1104,7 @@ function EnvOpt($needUpdate = 0)
$preurl = path_format($_SERVER['PHP_SELF'] . '/'); $preurl = path_format($_SERVER['PHP_SELF'] . '/');
} }
$html .= ' $html .= '
<a href="'.$preurl.'">'.getconstStr('Back').'</a>&nbsp;&nbsp;&nbsp;<a href="'.$_SERVER['base_path'].'">'.getconstStr('Back').getconstStr('Home').'</a><br> <a href="'.$preurl.'">'.getconstStr('Back').'</a><br>
<a href="https://github.com/qkqpttgf/OneManager-php">Github</a><br>'; <a href="https://github.com/qkqpttgf/OneManager-php">Github</a><br>';
$html .= ' $html .= '
@ -1137,11 +1114,12 @@ function EnvOpt($needUpdate = 0)
<td colspan="2">'.getconstStr('PlatformConfig').'</td> <td colspan="2">'.getconstStr('PlatformConfig').'</td>
</tr>'; </tr>';
foreach ($EnvConfigs as $key => $val) if (isCommonEnv($key) && isShowedEnv($key)) { foreach ($EnvConfigs as $key => $val) if (isCommonEnv($key) && isShowedEnv($key)) {
if ($key=='timezone') {
$html .= ' $html .= '
<tr> <tr>
<td><label>' . $key . '</label></td> <td><label>' . $key . '</label></td>
<td width=100%> <td width=100%>';
if ($key=='timezone') {
$html .= '
<select name="' . $key .'">'; <select name="' . $key .'">';
foreach (array_keys($timezones) as $zone) { foreach (array_keys($timezones) as $zone) {
$html .= ' $html .= '
@ -1149,15 +1127,10 @@ function EnvOpt($needUpdate = 0)
} }
$html .= ' $html .= '
</select> </select>
'.getconstStr('EnvironmentsDescription')[$key].' ' . getconstStr('EnvironmentsDescription')[$key];
</td>
</tr>';
} elseif ($key=='theme') { } elseif ($key=='theme') {
$theme_arr = scandir(__DIR__ . $slash . 'theme'); $theme_arr = scandir(__DIR__ . $slash . 'theme');
$html .= ' $html .= '
<tr>
<td><label>' . $key . '</label></td>
<td width=100%>
<select name="' . $key .'"> <select name="' . $key .'">
<option value=""></option>'; <option value=""></option>';
foreach ($theme_arr as $v1) { foreach ($theme_arr as $v1) {
@ -1166,9 +1139,7 @@ function EnvOpt($needUpdate = 0)
} }
$html .= ' $html .= '
</select> </select>
'.getconstStr('EnvironmentsDescription')[$key].' ' . getconstStr('EnvironmentsDescription')[$key];
</td>
</tr>';
} /*elseif ($key=='domain_path') { } /*elseif ($key=='domain_path') {
$tmp = getConfig($key); $tmp = getConfig($key);
$domain_path = ''; $domain_path = '';
@ -1182,9 +1153,9 @@ function EnvOpt($needUpdate = 0)
<td width=100%><input type="text" name="' . $key .'" value="' . $domain_path . '" placeholder="' . getconstStr('EnvironmentsDescription')[$key] . '" style="width:100%"></td> <td width=100%><input type="text" name="' . $key .'" value="' . $domain_path . '" placeholder="' . getconstStr('EnvironmentsDescription')[$key] . '" style="width:100%"></td>
</tr>'; </tr>';
}*/ else $html .= ' }*/ else $html .= '
<tr> <input type="text" name="' . $key . '" value="' . htmlspecialchars(getConfig($key)) . '" placeholder="' . getconstStr('EnvironmentsDescription')[$key] . '" style="width:100%">';
<td><label>' . $key . '</label></td> $html .= '
<td width=100%><input type="text" name="' . $key .'" value="' . htmlspecialchars(getConfig($key)) . '" placeholder="' . getconstStr('EnvironmentsDescription')[$key] . '" style="width:100%"></td> </td>
</tr>'; </tr>';
} }
$html .= ' $html .= '
@ -1249,7 +1220,7 @@ function EnvOpt($needUpdate = 0)
} }
envs = [' . $envs . ']; envs = [' . $envs . '];
if (envs.indexOf(t.disktag_sort.value)>-1) { if (envs.indexOf(t.disktag_sort.value)>-1) {
alert("Do not input ' . $envs . '"); alert(\'Do not input ' . $envs . '\');
return false; return false;
} }
return true; return true;
@ -1279,6 +1250,10 @@ function EnvOpt($needUpdate = 0)
<input type="hidden" name="disktag_del" value="' . $disktag . '"> <input type="hidden" name="disktag_del" value="' . $disktag . '">
<input type="submit" name="submit1" value="' . getconstStr('DelDisk') . '"> <input type="submit" name="submit1" value="' . getconstStr('DelDisk') . '">
</form> </form>
<form action="" method="post" style="margin: 0">
<input type="hidden" name="disktag_copy" value="' . $disktag . '">
<input type="submit" name="submit1" value="' . getconstStr('CopyDisk') . '">
</form>
</td> </td>
<td> <td>
<form action="" method="post" style="margin: 0" onsubmit="return renametag(this);"> <form action="" method="post" style="margin: 0" onsubmit="return renametag(this);">
@ -1286,10 +1261,6 @@ function EnvOpt($needUpdate = 0)
<input type="text" name="disktag_newname" value="' . $disktag . '" placeholder="' . getconstStr('EnvironmentsDescription')['disktag'] . '"> <input type="text" name="disktag_newname" value="' . $disktag . '" placeholder="' . getconstStr('EnvironmentsDescription')['disktag'] . '">
<input type="submit" name="submit1" value="' . getconstStr('RenameDisk') . '"> <input type="submit" name="submit1" value="' . getconstStr('RenameDisk') . '">
</form> </form>
<form action="" method="post" style="margin: 0">
<input type="hidden" name="disktag_copy" value="' . $disktag . '">
<input type="submit" name="submit1" value="' . getconstStr('CopyDisk') . '">
</form>
</td> </td>
</tr> </tr>
<tr> <tr>
@ -1321,7 +1292,7 @@ function EnvOpt($needUpdate = 0)
} else { } else {
$html .= ' $html .= '
<tr> <tr>
<td colspan="2">Please add this disk again.</td> <td colspan="2">' . $disk_tmp->error['body'] . '</td>
</tr>'; </tr>';
} }
$html .= ' $html .= '
@ -1397,7 +1368,7 @@ function EnvOpt($needUpdate = 0)
} }
envs = [' . $envs . ']; envs = [' . $envs . '];
if (envs.indexOf(t.disktag_newname.value)>-1) { if (envs.indexOf(t.disktag_newname.value)>-1) {
alert("Do not input ' . $envs . '"); alert(\'Do not input ' . $envs . '\');
return false; return false;
} }
var reg = /^[a-zA-Z]([_a-zA-Z0-9]{1,20})$/; var reg = /^[a-zA-Z]([_a-zA-Z0-9]{1,20})$/;
@ -1413,7 +1384,6 @@ function EnvOpt($needUpdate = 0)
var xhr = new XMLHttpRequest(); var xhr = new XMLHttpRequest();
xhr.open("GET", "https://api.github.com/repos/"+document.updateform.auth.value+"/"+document.updateform.project.value+"/branches"); xhr.open("GET", "https://api.github.com/repos/"+document.updateform.auth.value+"/"+document.updateform.project.value+"/branches");
//xhr.setRequestHeader("User-Agent","qkqpttgf/OneManager"); //xhr.setRequestHeader("User-Agent","qkqpttgf/OneManager");
xhr.send(null);
xhr.onload = function(e){ xhr.onload = function(e){
console.log(xhr.responseText+","+xhr.status); console.log(xhr.responseText+","+xhr.status);
if (xhr.status==200) { if (xhr.status==200) {
@ -1430,6 +1400,7 @@ function EnvOpt($needUpdate = 0)
xhr.onerror = function(e){ xhr.onerror = function(e){
alert("Network Error "+xhr.status); alert("Network Error "+xhr.status);
} }
xhr.send(null);
} }
</script> </script>
'; ';
@ -2426,6 +2397,6 @@ function render_list($path = '', $files = [])
$tmp = splitfirst($html, '</title>'); $tmp = splitfirst($html, '</title>');
$html = $tmp[0] . '</title>' . $authinfo . $tmp[1]; $html = $tmp[0] . '</title>' . $authinfo . $tmp[1];
if (isset($_SERVER['Set-Cookie'])) return output($html, $statusCode, [ 'Set-Cookie' => $_SERVER['Set-Cookie'], 'Content-Type' => 'text/html' ]); //if (isset($_SERVER['Set-Cookie'])) return output($html, $statusCode, [ 'Set-Cookie' => $_SERVER['Set-Cookie'], 'Content-Type' => 'text/html' ]);
return output($html, $statusCode); return output($html, $statusCode);
} }

View File

@ -93,6 +93,7 @@ $constStr = [
'customScript' => '<script> in all pages, e.g. http turn to https', 'customScript' => '<script> in all pages, e.g. http turn to https',
'customCss' => '<style> in <head>', 'customCss' => '<style> in <head>',
'customTheme' => 'an url of html', 'customTheme' => 'an url of html',
'referrer' => 'only these domains can refer resourse in this site, format is a1.com|b2.com',
'domain_path' => 'more custom domain, format is a1.com:/dirto/path1|b2.com:/path2', 'domain_path' => 'more custom domain, format is a1.com:/dirto/path1|b2.com:/path2',
'diskname' => 'The disk name you want show.', 'diskname' => 'The disk name you want show.',
'disktag' => 'A tag used in store config and url.', 'disktag' => 'A tag used in store config and url.',
@ -119,6 +120,7 @@ $constStr = [
'customScript' => '<script>,在所有页都会存在,例如放一个http跳转https', 'customScript' => '<script>,在所有页都会存在,例如放一个http跳转https',
'customCss' => '<style>,在<head>最后面', 'customCss' => '<style>,在<head>最后面',
'customTheme' => 'html格式的主题的url', 'customTheme' => 'html格式的主题的url',
'referrer' => '只有这些域名能引用本站资源。格式为a1.com|b1.com',
'domain_path' => '使用多个自定义域名时指定每个域名看到的目录。格式为a1.com:/dirto/path1|b1.com:/path2比private_path优先。', 'domain_path' => '使用多个自定义域名时指定每个域名看到的目录。格式为a1.com:/dirto/path1|b1.com:/path2比private_path优先。',
'diskname' => '这个盘你想显示什么名称。', 'diskname' => '这个盘你想显示什么名称。',
'disktag' => '一个标签用于保存配置多盘时会显示在url中。', 'disktag' => '一个标签用于保存配置多盘时会显示在url中。',
@ -145,6 +147,7 @@ $constStr = [
'customScript' => '<script>,在所有頁都會存在,例如放一個http跳轉https', 'customScript' => '<script>,在所有頁都會存在,例如放一個http跳轉https',
'customCss' => '<style>,在<head>最後面', 'customCss' => '<style>,在<head>最後面',
'customTheme' => 'html格式的主題的url', 'customTheme' => 'html格式的主題的url',
'referrer' => '',
'domain_path' => '使用多個自訂域名時指定每個域名看到的目錄。格式為a1.com:/dirto/path1|b1.com:/path2比private_path優先。', 'domain_path' => '使用多個自訂域名時指定每個域名看到的目錄。格式為a1.com:/dirto/path1|b1.com:/path2比private_path優先。',
'diskname' => '這個盤你想顯示什麼名稱。', 'diskname' => '這個盤你想顯示什麼名稱。',
'disktag' => '一個標籤用於儲存配置多盤時會顯示在url中。', 'disktag' => '一個標籤用於儲存配置多盤時會顯示在url中。',
@ -170,6 +173,7 @@ $constStr = [
'customScript' => 'scriptは、すべてのページに存在します。例えば、httpを置いてhttpsをジャンプします。', 'customScript' => 'scriptは、すべてのページに存在します。例えば、httpを置いてhttpsをジャンプします。',
'customCss' => 'styleは、headの一番後ろにあります。', 'customCss' => 'styleは、headの一番後ろにあります。',
'customTheme' => 'htmlフォーマットのテーマのurl', 'customTheme' => 'htmlフォーマットのテーマのurl',
'referrer' => '',
'domain_path' => '複数のドメイン名を使用する場合、ドメイン名ごとに見られるディレクトリを指定します。フォーマットはa 1.com:/dirto/path 1.com:/path 2で、prvate_path優先。', 'domain_path' => '複数のドメイン名を使用する場合、ドメイン名ごとに見られるディレクトリを指定します。フォーマットはa 1.com:/dirto/path 1.com:/path 2で、prvate_path優先。',
'diskname' => 'このディスクの名前を表示したいですか?', 'diskname' => 'このディスクの名前を表示したいですか?',
'disktag' => '一つのラベルは保存配置に使い、複数のディスクはurlに表示されます。', 'disktag' => '一つのラベルは保存配置に使い、複数のディスクはurlに表示されます。',
@ -195,6 +199,7 @@ $constStr = [
'customScript' => '< script > 은 모든 페이지 에 존재 합 니 다. 예 를 들 어 http 을 하나 넣 고 https 로 이동 합 니 다.', 'customScript' => '< script > 은 모든 페이지 에 존재 합 니 다. 예 를 들 어 http 을 하나 넣 고 https 로 이동 합 니 다.',
'customCss' => '< 스타일 >, < 헤드 > 맨 뒤에', 'customCss' => '< 스타일 >, < 헤드 > 맨 뒤에',
'customTheme' => 'html 형식의 테마 url', 'customTheme' => 'html 형식의 테마 url',
'referrer' => '',
'domain_path' => '도 메 인 이름 을 여러 개 사용자 정의 할 때 도 메 인 이름 마다 보 이 는 디 렉 터 리 를 지정 합 니 다.형식 은 a1. com: / dirto / path 1 | b1. com: / path 2, privatepath 우선.', 'domain_path' => '도 메 인 이름 을 여러 개 사용자 정의 할 때 도 메 인 이름 마다 보 이 는 디 렉 터 리 를 지정 합 니 다.형식 은 a1. com: / dirto / path 1 | b1. com: / path 2, privatepath 우선.',
'diskname' => '이 접시 에 당신 은 어떤 명칭 을 표시 하고 싶 습 니까?', 'diskname' => '이 접시 에 당신 은 어떤 명칭 을 표시 하고 싶 습 니까?',
'disktag' => '디스크가 여러 개인 경우 구성을 저장하는 데 사용되는 레이블이 url에 표시됩니다.', 'disktag' => '디스크가 여러 개인 경우 구성을 저장하는 데 사용되는 레이블이 url에 표시됩니다.',
@ -216,6 +221,7 @@ $constStr = [
'fa' => [ 'fa' => [
'admin' => 'رمز عبور ادمین، در صورت خالی بودن دکمه لاگین به نمایش در نمی‌آید', 'admin' => 'رمز عبور ادمین، در صورت خالی بودن دکمه لاگین به نمایش در نمی‌آید',
'adminloginpage' => 'در صورت تنظیم ، دکمه ورود نمایش داده نمی شود و صفحه ورود دیگر \?admin\ نیست بلکه \?{مقدار ورودی شما}\ است.', 'adminloginpage' => 'در صورت تنظیم ، دکمه ورود نمایش داده نمی شود و صفحه ورود دیگر \?admin\ نیست بلکه \?{مقدار ورودی شما}\ است.',
'referrer' => '',
'domain_path' => 'تنظیم دامنه سفارشی، به صورت a1.com:/dirto/path1|b2.com:/path2', 'domain_path' => 'تنظیم دامنه سفارشی، به صورت a1.com:/dirto/path1|b2.com:/path2',
'diskname' => 'نام دیسک که می‌خواهید نشان دهید.', 'diskname' => 'نام دیسک که می‌خواهید نشان دهید.',
'disktag' => 'تگی که در ذخیره پیکربندی و نشانی اینترنتی استفاده می‌شود.', 'disktag' => 'تگی که در ذخیره پیکربندی و نشانی اینترنتی استفاده می‌شود.',
@ -234,6 +240,7 @@ $constStr = [
'customScript' => 'في جميع الصفحات ، على سبيل المثال ، وضع النص المتشعب القفز HTTPS', 'customScript' => 'في جميع الصفحات ، على سبيل المثال ، وضع النص المتشعب القفز HTTPS',
'customCss' => '<style>,في الجزء الخلفي من', 'customCss' => '<style>,في الجزء الخلفي من',
'customTheme' => 'أتش تي أم أل شكل عنوان الموضوع', 'customTheme' => 'أتش تي أم أل شكل عنوان الموضوع',
'referrer' => '',
'domain_path' => 'عند استخدام العديد من أسماء النطاقات المخصصة ، حدد الدليل الذي يرى كل اسم النطاق هذا هو القانون ؛ بات اولا', 'domain_path' => 'عند استخدام العديد من أسماء النطاقات المخصصة ، حدد الدليل الذي يرى كل اسم النطاق هذا هو القانون ؛ بات اولا',
'diskname' => 'ما اسم هذا القرص الذي تريد أن تظهر ؟', 'diskname' => 'ما اسم هذا القرص الذي تريد أن تظهر ؟',
'disktag' => 'العلامة التي تستخدم لحفظ التكوين ، يتم عرضها في عناوين المواقع عند تعدد الأقراص', 'disktag' => 'العلامة التي تستخدم لحفظ التكوين ، يتم عرضها في عناوين المواقع عند تعدد الأقراص',

View File

@ -28,12 +28,6 @@ function GetGlobalVariable($event)
$pos = strpos($cookievalues,"="); $pos = strpos($cookievalues,"=");
$_COOKIE[urldecode(substr($cookievalues,0,$pos))]=urldecode(substr($cookievalues,$pos+1)); $_COOKIE[urldecode(substr($cookievalues,0,$pos))]=urldecode(substr($cookievalues,$pos+1));
} }
if (isset($event['headers']['Authorization'])) {
$basicAuth = splitfirst(base64_decode(splitfirst($event['headers']['Authorization'][0], 'Basic ')[1]), ':');
$_SERVER['PHP_AUTH_USER'] = $basicAuth[0];
$_SERVER['PHP_AUTH_PW'] = $basicAuth[1];
}
$_SERVER['FC_SERVER_PATH'] = '/var/fc/runtime/php7.2';
} }
function GetPathSetting($event, $context) function GetPathSetting($event, $context)
@ -57,6 +51,17 @@ function GetPathSetting($event, $context)
$_SERVER['PHP_SELF'] = path_format($_SERVER['base_path'] . $path); $_SERVER['PHP_SELF'] = path_format($_SERVER['base_path'] . $path);
$_SERVER['REMOTE_ADDR'] = $event['clientIP']; $_SERVER['REMOTE_ADDR'] = $event['clientIP'];
$_SERVER['HTTP_X_REQUESTED_WITH'] = $event['headers']['X-Requested-With'][0]; $_SERVER['HTTP_X_REQUESTED_WITH'] = $event['headers']['X-Requested-With'][0];
if (isset($event['headers']['Authorization'])) {
$basicAuth = splitfirst(base64_decode(splitfirst($event['headers']['Authorization'][0], 'Basic ')[1]), ':');
$_SERVER['PHP_AUTH_USER'] = $basicAuth[0];
$_SERVER['PHP_AUTH_PW'] = $basicAuth[1];
}
$_SERVER['HTTP_HOST'] = $event['headers']['Host'][0];
$_SERVER['REQUEST_SCHEME'] = $event['headers']['X-Forwarded-Proto'][0];
$_SERVER['host'] = $_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['HTTP_HOST'];
//if ($_SERVER['HTTP_REFERER']!='')
$_SERVER['referhost'] = explode('/', $event['headers']['Referer'][0])[2];
$_SERVER['FC_SERVER_PATH'] = '/var/fc/runtime/php7.2';
return $path; return $path;
} }

View File

@ -26,14 +26,6 @@ function GetGlobalVariable($event)
$pos = strpos($cookievalues,"="); $pos = strpos($cookievalues,"=");
$_COOKIE[urldecode(substr($cookievalues,0,$pos))]=urldecode(substr($cookievalues,$pos+1)); $_COOKIE[urldecode(substr($cookievalues,0,$pos))]=urldecode(substr($cookievalues,$pos+1));
} }
$_SERVER['HTTP_USER_AGENT'] = $event['headers']['User-Agent'];
if (isset($event['headers']['authorization'])) {
$basicAuth = splitfirst(base64_decode(splitfirst($event['headers']['authorization'], 'Basic ')[1]), ':');
$_SERVER['PHP_AUTH_USER'] = $basicAuth[0];
$_SERVER['PHP_AUTH_PW'] = $basicAuth[1];
}
$_SERVER['HTTP_TRANSLATE'] = $event['headers']['translate'];//'f'
$_SERVER['BCE_CFC_RUNTIME_NAME'] = 'php7';
} }
function GetPathSetting($event, $context) function GetPathSetting($event, $context)
@ -47,6 +39,19 @@ function GetPathSetting($event, $context)
$_SERVER['PHP_SELF'] = path_format($_SERVER['base_path'] . $path); $_SERVER['PHP_SELF'] = path_format($_SERVER['base_path'] . $path);
$_SERVER['REMOTE_ADDR'] = $event['requestContext']['sourceIp']; $_SERVER['REMOTE_ADDR'] = $event['requestContext']['sourceIp'];
$_SERVER['HTTP_X_REQUESTED_WITH'] = $event['headers']['X-Requested-With']; $_SERVER['HTTP_X_REQUESTED_WITH'] = $event['headers']['X-Requested-With'];
$_SERVER['HTTP_USER_AGENT'] = $event['headers']['User-Agent'];
if (isset($event['headers']['authorization'])) {
$basicAuth = splitfirst(base64_decode(splitfirst($event['headers']['authorization'], 'Basic ')[1]), ':');
$_SERVER['PHP_AUTH_USER'] = $basicAuth[0];
$_SERVER['PHP_AUTH_PW'] = $basicAuth[1];
}
$_SERVER['HTTP_HOST'] = $event['headers']['Host'];
$_SERVER['REQUEST_SCHEME'] = $event['headers']['X-Forwarded-Proto'];
$_SERVER['host'] = $_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['HTTP_HOST'];
//if ($_SERVER['HTTP_REFERER']!='')
$_SERVER['referhost'] = explode('/', $event['headers']['Referer'])[2];
$_SERVER['HTTP_TRANSLATE'] = $event['headers']['translate'];//'f'
$_SERVER['BCE_CFC_RUNTIME_NAME'] = 'php7';
return $path; return $path;
} }

View File

@ -4,6 +4,9 @@ function getpath()
{ {
$_SERVER['firstacceptlanguage'] = strtolower(splitfirst(splitfirst($_SERVER['HTTP_ACCEPT_LANGUAGE'],';')[0],',')[0]); $_SERVER['firstacceptlanguage'] = strtolower(splitfirst(splitfirst($_SERVER['HTTP_ACCEPT_LANGUAGE'],';')[0],',')[0]);
$_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_X_FORWARDED_FOR']; $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_X_FORWARDED_FOR'];
$_SERVER['REQUEST_SCHEME'] = $_SERVER['HTTP_X_FORWARDED_PROTO'];
$_SERVER['host'] = $_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['HTTP_HOST'];
$_SERVER['referhost'] = explode('/', $_SERVER['HTTP_REFERER'])[2];
$_SERVER['base_path'] = path_format(substr($_SERVER['SCRIPT_NAME'], 0, -10) . '/'); $_SERVER['base_path'] = path_format(substr($_SERVER['SCRIPT_NAME'], 0, -10) . '/');
$p = strpos($_SERVER['REQUEST_URI'],'?'); $p = strpos($_SERVER['REQUEST_URI'],'?');
if ($p>0) $path = substr($_SERVER['REQUEST_URI'], 0, $p); if ($p>0) $path = substr($_SERVER['REQUEST_URI'], 0, $p);

View File

@ -39,14 +39,6 @@ function GetGlobalVariable($event)
$pos = strpos($cookievalues,"="); $pos = strpos($cookievalues,"=");
$_COOKIE[urldecode(substr($cookievalues,0,$pos))]=urldecode(substr($cookievalues,$pos+1)); $_COOKIE[urldecode(substr($cookievalues,0,$pos))]=urldecode(substr($cookievalues,$pos+1));
} }
$_SERVER['HTTP_USER_AGENT'] = $event['headers']['user-agent'];
if (isset($event['headers']['authorization'])) {
$basicAuth = splitfirst(base64_decode(splitfirst($event['headers']['authorization'], 'Basic ')[1]), ':');
$_SERVER['PHP_AUTH_USER'] = $basicAuth[0];
$_SERVER['PHP_AUTH_PW'] = $basicAuth[1];
}
$_SERVER['HTTP_TRANSLATE'] = $event['headers']['translate'];//'f'
$_SERVER['_APP_SHARE_DIR'] = '/var/share/CFF/processrouter';
} }
function GetPathSetting($event, $context) function GetPathSetting($event, $context)
@ -69,6 +61,18 @@ function GetPathSetting($event, $context)
$_SERVER['PHP_SELF'] = path_format($_SERVER['base_path'] . $path); $_SERVER['PHP_SELF'] = path_format($_SERVER['base_path'] . $path);
$_SERVER['REMOTE_ADDR'] = $event['headers']['x-real-ip']; $_SERVER['REMOTE_ADDR'] = $event['headers']['x-real-ip'];
$_SERVER['HTTP_X_REQUESTED_WITH'] = $event['headers']['x-requested-with']; $_SERVER['HTTP_X_REQUESTED_WITH'] = $event['headers']['x-requested-with'];
$_SERVER['HTTP_USER_AGENT'] = $event['headers']['user-agent'];
if (isset($event['headers']['authorization'])) {
$basicAuth = splitfirst(base64_decode(splitfirst($event['headers']['authorization'], 'Basic ')[1]), ':');
$_SERVER['PHP_AUTH_USER'] = $basicAuth[0];
$_SERVER['PHP_AUTH_PW'] = $basicAuth[1];
}
$_SERVER['REQUEST_SCHEME'] = $event['headers']['x-forwarded-proto'];
$_SERVER['host'] = $_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['HTTP_HOST'];
//if ($_SERVER['HTTP_REFERER']!='')
$_SERVER['referhost'] = explode('/', $event['headers']['referer'])[2];
$_SERVER['HTTP_TRANSLATE'] = $event['headers']['translate'];//'f'
$_SERVER['_APP_SHARE_DIR'] = '/var/share/CFF/processrouter';
return $path; return $path;
} }

View File

@ -39,14 +39,6 @@ function GetGlobalVariable($event)
$pos = strpos($cookievalues,"="); $pos = strpos($cookievalues,"=");
$_COOKIE[urldecode(substr($cookievalues,0,$pos))]=urldecode(substr($cookievalues,$pos+1)); $_COOKIE[urldecode(substr($cookievalues,0,$pos))]=urldecode(substr($cookievalues,$pos+1));
} }
$_SERVER['HTTP_USER_AGENT'] = $event['headers']['user-agent'];
if (isset($event['headers']['authorization'])) {
$basicAuth = splitfirst(base64_decode(splitfirst($event['headers']['authorization'], 'Basic ')[1]), ':');
$_SERVER['PHP_AUTH_USER'] = $basicAuth[0];
$_SERVER['PHP_AUTH_PW'] = $basicAuth[1];
}
$_SERVER['HTTP_TRANSLATE'] = $event['headers']['translate'];//'f'
$_SERVER['_APP_SHARE_DIR'] = '/var/share/CFF/processrouter';
} }
function GetPathSetting($event, $context) function GetPathSetting($event, $context)
@ -69,6 +61,18 @@ function GetPathSetting($event, $context)
$_SERVER['PHP_SELF'] = path_format($_SERVER['base_path'] . $path); $_SERVER['PHP_SELF'] = path_format($_SERVER['base_path'] . $path);
$_SERVER['REMOTE_ADDR'] = $event['headers']['x-real-ip']; $_SERVER['REMOTE_ADDR'] = $event['headers']['x-real-ip'];
$_SERVER['HTTP_X_REQUESTED_WITH'] = $event['headers']['x-requested-with']; $_SERVER['HTTP_X_REQUESTED_WITH'] = $event['headers']['x-requested-with'];
$_SERVER['HTTP_USER_AGENT'] = $event['headers']['user-agent'];
if (isset($event['headers']['authorization'])) {
$basicAuth = splitfirst(base64_decode(splitfirst($event['headers']['authorization'], 'Basic ')[1]), ':');
$_SERVER['PHP_AUTH_USER'] = $basicAuth[0];
$_SERVER['PHP_AUTH_PW'] = $basicAuth[1];
}
$_SERVER['REQUEST_SCHEME'] = $event['headers']['x-forwarded-proto'];
$_SERVER['host'] = $_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['HTTP_HOST'];
//if ($_SERVER['HTTP_REFERER']!='')
$_SERVER['referhost'] = explode('/', $event['headers']['referer'])[2];
$_SERVER['HTTP_TRANSLATE'] = $event['headers']['translate'];//'f'
$_SERVER['_APP_SHARE_DIR'] = '/var/share/CFF/processrouter';
return $path; return $path;
} }

View File

@ -4,6 +4,9 @@ function getpath()
{ {
$_SERVER['firstacceptlanguage'] = strtolower(splitfirst(splitfirst($_SERVER['HTTP_ACCEPT_LANGUAGE'],';')[0],',')[0]); $_SERVER['firstacceptlanguage'] = strtolower(splitfirst(splitfirst($_SERVER['HTTP_ACCEPT_LANGUAGE'],';')[0],',')[0]);
if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_X_FORWARDED_FOR']; if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_X_FORWARDED_FOR'];
$_SERVER['host'] = $_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['HTTP_HOST'];
//if ($_SERVER['HTTP_REFERER']!='')
$_SERVER['referhost'] = explode('/', $_SERVER['HTTP_REFERER'])[2];
if (isset($_SERVER['DOCUMENT_ROOT'])&&$_SERVER['DOCUMENT_ROOT']==='/app') $_SERVER['base_path'] = '/'; if (isset($_SERVER['DOCUMENT_ROOT'])&&$_SERVER['DOCUMENT_ROOT']==='/app') $_SERVER['base_path'] = '/';
else $_SERVER['base_path'] = path_format(substr($_SERVER['SCRIPT_NAME'], 0, -10) . '/'); else $_SERVER['base_path'] = path_format(substr($_SERVER['SCRIPT_NAME'], 0, -10) . '/');
if (isset($_SERVER['UNENCODED_URL'])) $_SERVER['REQUEST_URI'] = $_SERVER['UNENCODED_URL']; if (isset($_SERVER['UNENCODED_URL'])) $_SERVER['REQUEST_URI'] = $_SERVER['UNENCODED_URL'];

View File

@ -23,14 +23,6 @@ function GetGlobalVariable($event)
$pos = strpos($cookievalues,"="); $pos = strpos($cookievalues,"=");
$_COOKIE[urldecode(substr($cookievalues,0,$pos))]=urldecode(substr($cookievalues,$pos+1)); $_COOKIE[urldecode(substr($cookievalues,0,$pos))]=urldecode(substr($cookievalues,$pos+1));
} }
$_SERVER['HTTP_USER_AGENT'] = $event['headers']['user-agent'];
if (isset($event['headers']['authorization'])) {
$basicAuth = splitfirst(base64_decode(splitfirst($event['headers']['authorization'], 'Basic ')[1]), ':');
$_SERVER['PHP_AUTH_USER'] = $basicAuth[0];
$_SERVER['PHP_AUTH_PW'] = $basicAuth[1];
}
$_SERVER['HTTP_TRANSLATE']==$event['headers']['translate'];//'f'
$_SERVER['USER'] = 'qcloud';
} }
function GetPathSetting($event, $context) function GetPathSetting($event, $context)
@ -54,6 +46,17 @@ function GetPathSetting($event, $context)
$_SERVER['PHP_SELF'] = path_format($_SERVER['base_path'] . $path); $_SERVER['PHP_SELF'] = path_format($_SERVER['base_path'] . $path);
$_SERVER['REMOTE_ADDR'] = $event['requestContext']['sourceIp']; $_SERVER['REMOTE_ADDR'] = $event['requestContext']['sourceIp'];
$_SERVER['HTTP_X_REQUESTED_WITH'] = $event['headers']['x-requested-with']; $_SERVER['HTTP_X_REQUESTED_WITH'] = $event['headers']['x-requested-with'];
$_SERVER['HTTP_USER_AGENT'] = $event['headers']['user-agent'];
if (isset($event['headers']['authorization'])) {
$basicAuth = splitfirst(base64_decode(splitfirst($event['headers']['authorization'], 'Basic ')[1]), ':');
$_SERVER['PHP_AUTH_USER'] = $basicAuth[0];
$_SERVER['PHP_AUTH_PW'] = $basicAuth[1];
}
$_SERVER['REQUEST_SCHEME'] = $event['headers']['x-forwarded-proto'];
$_SERVER['host'] = $_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['HTTP_HOST'];
$_SERVER['referhost'] = explode('/', $event['headers']['referer'])[2];
$_SERVER['HTTP_TRANSLATE']==$event['headers']['translate'];//'f'
$_SERVER['USER'] = 'qcloud';
return $path; return $path;
} }

View File

@ -23,14 +23,6 @@ function GetGlobalVariable($event)
$pos = strpos($cookievalues,"="); $pos = strpos($cookievalues,"=");
$_COOKIE[urldecode(substr($cookievalues,0,$pos))]=urldecode(substr($cookievalues,$pos+1)); $_COOKIE[urldecode(substr($cookievalues,0,$pos))]=urldecode(substr($cookievalues,$pos+1));
} }
$_SERVER['HTTP_USER_AGENT'] = $event['headers']['user-agent'];
if (isset($event['headers']['authorization'])) {
$basicAuth = splitfirst(base64_decode(splitfirst($event['headers']['authorization'], 'Basic ')[1]), ':');
$_SERVER['PHP_AUTH_USER'] = $basicAuth[0];
$_SERVER['PHP_AUTH_PW'] = $basicAuth[1];
}
$_SERVER['HTTP_TRANSLATE']==$event['headers']['translate'];//'f'
$_SERVER['USER'] = 'qcloud';
} }
function GetPathSetting($event, $context) function GetPathSetting($event, $context)
@ -54,6 +46,17 @@ function GetPathSetting($event, $context)
$_SERVER['PHP_SELF'] = path_format($_SERVER['base_path'] . $path); $_SERVER['PHP_SELF'] = path_format($_SERVER['base_path'] . $path);
$_SERVER['REMOTE_ADDR'] = $event['requestContext']['sourceIp']; $_SERVER['REMOTE_ADDR'] = $event['requestContext']['sourceIp'];
$_SERVER['HTTP_X_REQUESTED_WITH'] = $event['headers']['x-requested-with']; $_SERVER['HTTP_X_REQUESTED_WITH'] = $event['headers']['x-requested-with'];
$_SERVER['HTTP_USER_AGENT'] = $event['headers']['user-agent'];
if (isset($event['headers']['authorization'])) {
$basicAuth = splitfirst(base64_decode(splitfirst($event['headers']['authorization'], 'Basic ')[1]), ':');
$_SERVER['PHP_AUTH_USER'] = $basicAuth[0];
$_SERVER['PHP_AUTH_PW'] = $basicAuth[1];
}
$_SERVER['REQUEST_SCHEME'] = $event['headers']['x-forwarded-proto'];
$_SERVER['host'] = $_SERVER['REQUEST_SCHEME'] . '://' . $_SERVER['HTTP_HOST'];
$_SERVER['referhost'] = explode('/', $event['headers']['referer'])[2];
$_SERVER['HTTP_TRANSLATE']==$event['headers']['translate'];//'f'
$_SERVER['USER'] = 'qcloud';
return $path; return $path;
} }