Skip to content
Permalink
Browse files

Add proxy.php needed when using setting "lp_fix_embed_content" BT#15102

First import as is from zandbak
  • Loading branch information...
jmontoyaa committed Dec 5, 2018
1 parent 71cdcde commit c243556393b516edd3cac4649347210f97247e1c
Showing with 123 additions and 0 deletions.
  1. +123 −0 tests/scripts/proxy.php
@@ -0,0 +1,123 @@
<?php
/* For licensing terms, see /license.txt */
/**
* Script needed in order to avoid mixed content in links inside a learning path
* In order to use this file you have to:
*
* 1. Modify configuration.php and add this setting: $_configuration['lp_fix_embed_content'] = true;
* 2. Copy this file in app/courses/proxy.php
* 3. Change your .htacces in order to let the proxy.php to be read inside app/courses
*
*/
/**
* Returns "%" or "px"
*
* 800px => function returns "px"
* 800% => function returns %
*
* @param string $value
* @return string
*/
function addPixelOrPercentage($value)
{
$addPixel = strpos($value, 'px');
$addPixel = !($addPixel === false);
$addCharacter = '';
if ($addPixel == false) {
$addPercentage = strpos($value, '%');
$addPercentage = !($addPercentage === false);
if ($addPercentage) {
$addCharacter = '%';
}
} else {
$addCharacter = 'px';
}
return $addCharacter;
}
function get_http_response_code($theURL) {
$headers = get_headers($theURL);
return substr($headers[0], 9, 3);
}
$height = isset($_GET['height']) ? (int) $_GET['height'].addPixelOrPercentage($_GET['height']) : '';
$width = isset($_GET['width']) ? (int) $_GET['width'].addPixelOrPercentage($_GET['width']) : '';
$vars = isset($_GET['flashvars']) ? htmlentities($_GET['flashvars']) : '';
$src = isset($_GET['src']) ? htmlentities($_GET['src']) : '';
$id = isset($_GET['id']) ? htmlentities($_GET['id']) : '';
$type = isset($_GET['type']) ? $_GET['type'] : 'flash';
// Fixes URL like: https://www.vopspsy.ugent.be/pdfs/download.php?own=mvsteenk&file=caleidoscoop.pdf
if (strpos($src, 'download.php') !== false) {
$src = str_replace('download.php', 'download.php?', $src);
$src .= isset($_GET['own']) ? '&own='.htmlentities($_GET['own']) : '';
$src .= isset($_GET['file']) ? '&file='.htmlentities($_GET['file']) : '';
}
$result = get_http_response_code($src);
$urlToTest = parse_url($src, PHP_URL_HOST);
$g = stream_context_create (array("ssl" => array("capture_peer_cert" => true)));
$r = @stream_socket_client("ssl://$urlToTest:443", $errno, $errstr, 30, STREAM_CLIENT_CONNECT, $g);
$cont = stream_context_get_params($r);
$convertToSecure = false;
$certinfo = openssl_x509_parse($cont['options']['ssl']['peer_certificate']);
if (isset($certinfo) && isset($certinfo['subject']) && isset($certinfo['subject']['CN'])) {
$certUrl = $certinfo['subject']['CN'];
$parsed = parse_url($certUrl);
// Remove www from URL
$parsedUrl = preg_replace('#^(http(s)?://)?w{3}\.#', '$1', $certUrl);
if ($urlToTest == $certUrl || $parsedUrl == $urlToTest) {
$convertToSecure = true;
}
if ($urlToTest != $certUrl) {
// url and cert url are different this will show a warning in browsers
// use normal "http" version
$result = false;
}
}
if ($result == false) {
$src = str_replace('https', 'http', $src);
}
if ($convertToSecure) {
$src = str_replace('http', 'https', $src);
}
$result = '';
switch ($type) {
case 'link':
if (strpos($src, 'http') === false) {
$src = "http://$src";
}
header('Location: '.$src);
exit;
break;
case 'iframe':
$result = '<iframe src="'.$src.'" width="'.$width.'" height="'.$height.'" ></iframe>';
break;
case 'flash':
$result = '
<object codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,40,0" id="'.$id.'" width="'.$width.'" height="'.$height.'" align="center">
<param name="id" value="'.$id.'">
<param name="width" value="'.$width.'">
<param name="height" value="'.$height.'">
<param name="bgcolor" value="#ffffff">
<param name="align" value="center">
<param name="allowfullscreen" value="true">
<param name="allowscriptaccess" value="always">
<param name="quality" value="high">
<param name="wmode" value="transparent">
<param name="flashvars" value="'.$vars.'">
<param name="src" value="'.$src.'">
<embed type="application/x-shockwave-flash" id="'.$id.'" width="'.$width.'" height="'.$height.'" bgcolor="#ffffff" align="center" allowfullscreen="true" allowscriptaccess="always" quality="high" wmode="transparent" flashvars="'.$vars.'" src="'.$src.'">
</object>';
}
echo $result;

0 comments on commit c243556

Please sign in to comment.
You can’t perform that action at this time.