Server IP : 85.214.239.14 / Your IP : 3.145.55.25 Web Server : Apache/2.4.62 (Debian) System : Linux h2886529.stratoserver.net 4.9.0 #1 SMP Tue Jan 9 19:45:01 MSK 2024 x86_64 User : www-data ( 33) PHP Version : 7.4.18 Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare, MySQL : OFF | cURL : OFF | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : OFF Directory : /proc/2/task/2/cwd/var/www/wordpress/phpMyAdmin/libraries/classes/Utils/ |
Upload File : |
<?php /* vim: set expandtab sw=4 ts=4 sts=4: */ /** * Hold the PhpMyAdmin\Utils\HttpRequest class * * @package PhpMyAdmin */ declare(strict_types=1); namespace PhpMyAdmin\Utils; /** * Handles HTTP requests * * @package PhpMyAdmin */ class HttpRequest { private $proxyUrl; private $proxyUser; private $proxyPass; /** * Constructor */ public function __construct() { global $cfg; $this->proxyUrl = $cfg['ProxyUrl']; $this->proxyUser = $cfg['ProxyUser']; $this->proxyPass = $cfg['ProxyPass']; } /** * Returns information with regards to handling the http request * * @param array $context Data about the context for which * to http request is sent * * @return array of updated context information */ private function handleContext(array $context) { if (strlen($this->proxyUrl) > 0) { $context['http'] = [ 'proxy' => $this->proxyUrl, 'request_fulluri' => true, ]; if (strlen($this->proxyUser) > 0) { $auth = base64_encode( $this->proxyUser . ':' . $this->proxyPass ); $context['http']['header'] .= 'Proxy-Authorization: Basic ' . $auth . "\r\n"; } } return $context; } /** * Creates HTTP request using curl * * @param mixed $response HTTP response * @param int $httpStatus HTTP response status code * @param bool $returnOnlyStatus If set to true, the method would only return response status * * @return string|null|bool */ private function response( $response, $httpStatus, $returnOnlyStatus ) { if ($httpStatus == 404) { return false; } if ($httpStatus != 200) { return null; } if ($returnOnlyStatus) { return true; } return $response; } /** * Creates HTTP request using curl * * @param string $url Url to send the request * @param string $method HTTP request method (GET, POST, PUT, DELETE, etc) * @param bool $returnOnlyStatus If set to true, the method would only return response status * @param mixed $content Content to be sent with HTTP request * @param string $header Header to be set for the HTTP request * @param int $ssl SSL mode to use * * @return string|null|bool */ private function curl( $url, $method, $returnOnlyStatus = false, $content = null, $header = '', $ssl = 0 ) { $curlHandle = curl_init($url); if ($curlHandle === false) { return null; } $curlStatus = true; if (strlen($this->proxyUrl) > 0) { $curlStatus &= curl_setopt($curlHandle, CURLOPT_PROXY, $this->proxyUrl); if (strlen($this->proxyUser) > 0) { $curlStatus &= curl_setopt( $curlHandle, CURLOPT_PROXYUSERPWD, $this->proxyUser . ':' . $this->proxyPass ); } } $curlStatus &= curl_setopt($curlHandle, CURLOPT_USERAGENT, 'phpMyAdmin'); if ($method != "GET") { $curlStatus &= curl_setopt($curlHandle, CURLOPT_CUSTOMREQUEST, $method); } if ($header) { $curlStatus &= curl_setopt($curlHandle, CURLOPT_HTTPHEADER, [$header]); } if ($method == "POST") { $curlStatus &= curl_setopt($curlHandle, CURLOPT_POSTFIELDS, $content); } $curlStatus &= curl_setopt($curlHandle, CURLOPT_SSL_VERIFYHOST, '2'); $curlStatus &= curl_setopt($curlHandle, CURLOPT_SSL_VERIFYPEER, '1'); /** * Configure ISRG Root X1 to be able to verify Let's Encrypt SSL * certificates even without properly configured curl in PHP. * * See https://letsencrypt.org/certificates/ */ $certsDir = ROOT_PATH . 'libraries/certs/'; /* See code below for logic */ if ($ssl == CURLOPT_CAPATH) { $curlStatus &= curl_setopt($curlHandle, CURLOPT_CAPATH, $certsDir); } elseif ($ssl == CURLOPT_CAINFO) { $curlStatus &= curl_setopt($curlHandle, CURLOPT_CAINFO, $certsDir . 'cacert.pem'); } $curlStatus &= curl_setopt($curlHandle, CURLOPT_RETURNTRANSFER, true); $curlStatus &= curl_setopt($curlHandle, CURLOPT_FOLLOWLOCATION, 0); $curlStatus &= curl_setopt($curlHandle, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4); $curlStatus &= curl_setopt($curlHandle, CURLOPT_TIMEOUT, 10); $curlStatus &= curl_setopt($curlHandle, CURLOPT_CONNECTTIMEOUT, 10); if (! $curlStatus) { return null; } $response = @curl_exec($curlHandle); if ($response === false) { /* * In case of SSL verification failure let's try configuring curl * certificate verification. Unfortunately it is tricky as setting * options incompatible with PHP build settings can lead to failure. * * So let's rather try the options one by one. * * 1. Try using system SSL storage. * 2. Try setting CURLOPT_CAINFO. * 3. Try setting CURLOPT_CAPATH. * 4. Fail. */ if (curl_getinfo($curlHandle, CURLINFO_SSL_VERIFYRESULT) != 0) { if ($ssl == 0) { return $this->curl($url, $method, $returnOnlyStatus, $content, $header, CURLOPT_CAINFO); } elseif ($ssl == CURLOPT_CAINFO) { return $this->curl($url, $method, $returnOnlyStatus, $content, $header, CURLOPT_CAPATH); } } return null; } $httpStatus = curl_getinfo($curlHandle, CURLINFO_HTTP_CODE); return $this->response($response, $httpStatus, $returnOnlyStatus); } /** * Creates HTTP request using file_get_contents * * @param string $url Url to send the request * @param string $method HTTP request method (GET, POST, PUT, DELETE, etc) * @param bool $returnOnlyStatus If set to true, the method would only return response status * @param mixed $content Content to be sent with HTTP request * @param string $header Header to be set for the HTTP request * * @return string|null|bool */ private function fopen( $url, $method, $returnOnlyStatus = false, $content = null, $header = '' ) { $context = [ 'http' => [ 'method' => $method, 'request_fulluri' => true, 'timeout' => 10, 'user_agent' => 'phpMyAdmin', 'header' => "Accept: */*", ], ]; if ($header) { $context['http']['header'] .= "\n" . $header; } if ($method == "POST") { $context['http']['content'] = $content; } $context = $this->handleContext($context); $response = @file_get_contents( $url, false, stream_context_create($context) ); if (isset($http_response_header)) { preg_match("#HTTP/[0-9\.]+\s+([0-9]+)#", $http_response_header[0], $out); $httpStatus = intval($out[1]); return $this->response($response, $httpStatus, $returnOnlyStatus); } return null; } /** * Creates HTTP request * * @param string $url Url to send the request * @param string $method HTTP request method (GET, POST, PUT, DELETE, etc) * @param bool $returnOnlyStatus If set to true, the method would only return response status * @param mixed $content Content to be sent with HTTP request * @param string $header Header to be set for the HTTP request * * @return string|null|bool */ public function create( $url, $method, $returnOnlyStatus = false, $content = null, $header = '' ) { if (function_exists('curl_init')) { return $this->curl($url, $method, $returnOnlyStatus, $content, $header); } elseif (ini_get('allow_url_fopen')) { return $this->fopen($url, $method, $returnOnlyStatus, $content, $header); } return null; } }