PHP Developers Network

A community of PHP developers offering assistance, advice, discussion, and friendship.
 
Loading
It is currently Sun May 28, 2017 7:11 pm

All times are UTC - 5 hours




Post new topic Reply to topic  [ 5 posts ] 
Author Message
PostPosted: Fri May 12, 2017 7:03 pm 
Offline
Forum Commoner

Joined: Wed Jan 18, 2017 4:43 pm
Posts: 94
Howdy Pros!

If I was going to just track which urls from my own domain get clicked then I know how to do it.
On everyone of my links, I'll just add my tracking url, like so:

http://mydomain.com/?tracker.php

But like I said, I want to track what my users do on other sites.
For example, let's say I run a searchengine like google. And a user does a keyword search and my searchengine presents results on it's SERP (Searchengine Result Page).
Now, when a user clicks a foreign domain link then I would be able to track it because all the result links would carry my tracker url prior to their own url.
So, if my SERP was listing: fart.com then it would be foolish for my SERP to directly list:
http://fart.com

Instead, it would list like this:
http://mydomain.com/tracker.php?http://fart.com
(Google already does that sort of tracking).
And ofcourse, my tracker.php page would use the GET method to capture the destination url and log it before redirecting the visitor to it. I know how to do all that after I learnt from a few youtube tutorials on how to build your own member log/reg site. They taught how to code to build an account activation link that needs to be clicked by the user from his email to confirm his email. Don't worry about that. I know how to build a tracker. I'll just fiddle with the code that I learnt about the activation link and if I get stuck then you guys are here to help.
Now, once the user clicks a link on my SERP, I'd be able to track the click before he is redirected to the destination. But once his inside the destination site (foreign domain) I won't be able to track his movements from page to page on the third party site. I want to track his movements for my own ingenious purposes and don't object that I shouldn't do this by saying the user won't allow it. The user WILL allow it for their benefit and most likely YOU too but that's a different story I won't get into right now and spoil the fun. Wait and see what I pull out of my magician jacket in the upcoming few days. In the meanwhile, take a deep breath and hold it and don't let go unless I've brought Jacueline outside her box (lol!).
I have my own ways to pursuade users to allow it and I'll try it on you one day. Lol!
Now, the problem is, how on earth can I track the user's movements while he is clicking away on a foreign domain ? I noticed back in 1998/2000 that proxies show third party pages under a frame or whatever or by using cloaking methods or whatever and therefore was on the hunt a few mnths back to learn how they do it. Still looking for the right text and/or vid tutorial that'll teach me how to do all this. No matter how many forums and how many programmers I ask about this, not a single one can answer me and provide the name of the method used by the proxies save one programmer (tonight) who understood my intentions and suggested I look into url_rewriting which I will do now. He suggested I use the Gpl miniProxy. (In the past I downloaded Glype but that has restrictions in it's license) I have copied and pasted miniProxy's one page code onto my Xampp and wallah it is working as expected! Meaning, no matter what url is shown to the user, I am now able to proxify each and every link he clicks and proxify each and every page he views.
Let me explain again.
First, headover to this page:
http://probloggerbook.com/
Then, hover your mouse over "About the Book" but don't click it. You'll see the url is shown by your browser as:
http://probloggerbook.com/about/

Now, headover to:
http://anonymouse.org/anonwww.html
And, anonymously browse:
http://probloggerbook.com/

Finally, hover your mouse over "About the Book" but don't click it. You'll see the url is shown by your browser as:
http://anonymouse.org/cgi-bin/anon-www. ... com/about/

You see what is going on here ? Even though your on probloggerbook.com which has no affiliation with anonymouse.org, you'll see when you hover your mouse over any links on probloggerbook.com that their links are preceded by the proxy's domain "http://anonymouse.org/cgi-bin/anon-www.cgi/" in order for the proxy to start proxifying the new pages the visitor visits via their proxy. But, I don't think the proxy tracks the clicks and I am going to change this with your help.
So, from our example above, http://anonymouse.org was preceding **"http://anonymouse.org/cgi-bin/anon-www.cgi/"** to every link. In other words, they are preceding their own domain on every links the user clicks. The minProxy does this. So, if my miniProxy is installed on my "proxy" folder inside my public_html, then it will precede the following path on all links:

http://mydomain.com/proxy

Now, I need to add my tracker url so the miniProxy on every proxified pages/links precedes likes so:

**http://mydomain.com/proxy/tracker.php?url=**

Now, which part of the code in the following code do I change/replace and what do I replace it with to achieve my purpose ?

Code:

<?php
/*
miniProxy - A simple PHP web proxy. <https://github.com/joshdick/miniProxy>
Written and maintained by Joshua Dick <http://joshdick.net>.
miniProxy is licensed under the GNU GPL v3 <http://www.gnu.org/licenses/gpl.html>.
*/
/****************************** START CONFIGURATION ******************************/
//To allow proxying any URL, set $whitelistPatterns to an empty array (the default).
//To only allow proxying of specific URLs (whitelist), add corresponding regular expressions
//to the $whitelistPatterns array. Enter the most specific patterns possible, to prevent possible abuse.
//You can optionally use the "getHostnamePattern()" helper function to build a regular expression that
//matches all URLs for a given hostname.
$whitelistPatterns = array(
  //Usage example: To support any URL at example.net, including sub-domains, uncomment the
  //line below (which is equivalent to [ @^https?://([a-z0-9-]+\.)*example\.net@i ]):
  //getHostnamePattern("example.net")
);
//To enable CORS (cross-origin resource sharing) for proxied sites, set $forceCORS to true.
$forceCORS = false;
//URL that will be used as an example in the instructional text on the miniProxy landing page,
//and that will be proxied when pressing the 'Proxy It!' button on the landing page
//if the URL form is left blank.
$exampleURL = 'https://example.net';
/****************************** END CONFIGURATION ******************************/
ob_start("ob_gzhandler");
if (version_compare(PHP_VERSION, "5.4.7", "<")) {
    die("miniProxy requires PHP version 5.4.7 or later.");
}
if (!function_exists("curl_init")) die("miniProxy requires PHP's cURL extension. Please install/enable it on your server and try again.");
//Helper function for use inside $whitelistPatterns.
//Returns a regex that matches all HTTP[S] URLs for a given hostname.
function getHostnamePattern($hostname) {
  $escapedHostname = str_replace(".", "\.", $hostname);
  return "@^https?://([a-z0-9-]+\.)*" . $escapedHostname . "@i";
}
//Helper function used to removes/unset keys from an associative array using case insensitive matching
function removeKeys(&$assoc, $keys2remove) {
  $keys = array_keys($assoc);
  $map = array();
  foreach ($keys as $key) {
     $map[strtolower($key)] = $key;
  }
  foreach ($keys2remove as $key) {
    $key = strtolower($key);
    if (isset($map[$key])) {
       unset($assoc[$map[$key]]);
    }
  }
}
if (!function_exists("getallheaders")) {
  //Adapted from http://www.php.net/manual/en/function.getallheaders.php#99814
  function getallheaders() {
    $result = array();
    foreach($_SERVER as $key => $value) {
      if (substr($key, 0, 5) == "HTTP_") {
        $key = str_replace(" ", "-", ucwords(strtolower(str_replace("_", " ", substr($key, 5)))));
        $result[$key] = $value;
      }
    }
    return $result;
  }
}
$usingDefaultPort =  (!isset($_SERVER["HTTPS"]) && $_SERVER["SERVER_PORT"] === 80) || (isset($_SERVER["HTTPS"]) && $_SERVER["SERVER_PORT"] === 443);
$prefixPort = $usingDefaultPort ? "" : ":" . $_SERVER["SERVER_PORT"];
//Use HTTP_HOST to support client-configured DNS (instead of SERVER_NAME), but remove the port if one is present
$prefixHost = $_SERVER["HTTP_HOST"];
$prefixHost = strpos($prefixHost, ":") ? implode(":", explode(":", $_SERVER["HTTP_HOST"], -1)) : $prefixHost;
define("PROXY_PREFIX", "http" . (isset($_SERVER["HTTPS"]) ? "s" : "") . "://" . $prefixHost . $prefixPort . $_SERVER["SCRIPT_NAME"] . "?");
//Makes an HTTP request via cURL, using request data that was passed directly to this script.
function makeRequest($url) {
  //Tell cURL to make the request using the brower's user-agent if there is one, or a fallback user-agent otherwise.
  $user_agent = $_SERVER["HTTP_USER_AGENT"];
  if (empty($user_agent)) {
    $user_agent = "Mozilla/5.0 (compatible; miniProxy)";
  }
  $ch = curl_init();
  curl_setopt($ch, CURLOPT_USERAGENT, $user_agent);
  //Get ready to proxy the browser's request headers...
  $browserRequestHeaders = getallheaders();
  //...but let cURL set some headers on its own.
  removeKeys($browserRequestHeaders, array(
    "Host",
    "Content-Length",
    "Accept-Encoding" //Throw away the browser's Accept-Encoding header if any and let cURL make the request using gzip if possible.
  ));
  curl_setopt($ch, CURLOPT_ENCODING, "");
  //Transform the associative array from getallheaders() into an
  //indexed array of header strings to be passed to cURL.
  $curlRequestHeaders = array();
  foreach ($browserRequestHeaders as $name => $value) {
    $curlRequestHeaders[] = $name . ": " . $value;
  }
  curl_setopt($ch, CURLOPT_HTTPHEADER, $curlRequestHeaders);
  //Proxy any received GET/POST/PUT data.
  switch ($_SERVER["REQUEST_METHOD"]) {
    case "POST":
      curl_setopt($ch, CURLOPT_POST, true);
      //For some reason, $HTTP_RAW_POST_DATA isn't working as documented at
      //http://php.net/manual/en/reserved.variables.httprawpostdata.php
      //but the php://input method works. This is likely to be flaky
      //across different server environments.
      //More info here: http://stackoverflow.com/questions/8899239/http-raw-post-data-not-being-populated-after-upgrade-to-php-5-3
      //If the miniProxyFormAction field appears in the POST data, remove it so the destination server doesn't receive it.
      $postData = Array();
      parse_str(file_get_contents("php://input"), $postData);
      if (isset($postData["miniProxyFormAction"])) {
        unset($postData["miniProxyFormAction"]);
      }
      curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($postData));
    break;
    case "PUT":
      curl_setopt($ch, CURLOPT_PUT, true);
      curl_setopt($ch, CURLOPT_INFILE, fopen("php://input", "r"));
    break;
  }
  //Other cURL options.
  curl_setopt($ch, CURLOPT_HEADER, true);
  curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
  curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  //Set the request URL.
  curl_setopt($ch, CURLOPT_URL, $url);
  //Make the request.
  $response = curl_exec($ch);
  $responseInfo = curl_getinfo($ch);
  $headerSize = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
  curl_close($ch);
  //Setting CURLOPT_HEADER to true above forces the response headers and body
  //to be output together--separate them.
  $responseHeaders = substr($response, 0, $headerSize);
  $responseBody = substr($response, $headerSize);
  return array("headers" => $responseHeaders, "body" => $responseBody, "responseInfo" => $responseInfo);
}
//Converts relative URLs to absolute ones, given a base URL.
//Modified version of code found at http://nashruddin.com/PHP_Script_for_Converting_Relative_to_Absolute_URL
function rel2abs($rel, $base) {
  if (empty($rel)) $rel = ".";
  if (parse_url($rel, PHP_URL_SCHEME) != "" || strpos($rel, "//") === 0) return $rel; //Return if already an absolute URL
  if ($rel[0] == "#" || $rel[0] == "?") return $base.$rel; //Queries and anchors
  extract(parse_url($base)); //Parse base URL and convert to local variables: $scheme, $host, $path
  $path = isset($path) ? preg_replace("#/[^/]*$#", "", $path) : "/"; //Remove non-directory element from path
  if ($rel[0] == "/") $path = ""; //Destroy path if relative url points to root
  $port = isset($port) && $port != 80 ? ":" . $port : "";
  $auth = "";
  if (isset($user)) {
    $auth = $user;
    if (isset($pass)) {
      $auth .= ":" . $pass;
    }
    $auth .= "@";
  }
  $abs = "$auth$host$port$path/$rel"; //Dirty absolute URL
  for ($n = 1; $n > 0; $abs = preg_replace(array("#(/\.?/)#", "#/(?!\.\.)[^/]+/\.\./#"), "/", $abs, -1, $n)) {} //Replace '//' or '/./' or '/foo/../' with '/'
  return $scheme . "://" . $abs; //Absolute URL is ready.
}
//Proxify contents of url() references in blocks of CSS text.
function proxifyCSS($css, $baseURL) {
  // Add a "url()" wrapper to any CSS @import rules that only specify a URL without the wrapper,
  // so that they're proxified when searching for "url()" wrappers below.
  $sourceLines = explode("\n", $css);
  $normalizedLines = [];
  foreach ($sourceLines as $line) {
    if (preg_match("/@import\s+url/i", $line)) {
      $normalizedLines[] = $line;
    } else {
      $normalizedLines[] = preg_replace_callback(
        "/(@import\s+)([^;\s]+)([\s;])/i",
        function($matches) use ($baseURL) {
          return $matches[1] . "url(" . $matches[2] . ")" . $matches[3];
        },
        $line);
    }
  }
  $normalizedCSS = implode("\n", $normalizedLines);
  return preg_replace_callback(
    "/url\((.*?)\)/i",
    function($matches) use ($baseURL) {
        $url = $matches[1];
        //Remove any surrounding single or double quotes from the URL so it can be passed to rel2abs - the quotes are optional in CSS
        //Assume that if there is a leading quote then there should be a trailing quote, so just use trim() to remove them
        if (strpos($url, "'") === 0) {
          $url = trim($url, "'");
        }
        if (strpos($url, "\"") === 0) {
          $url = trim($url, "\"");
        }
        if (stripos($url, "data:") === 0) return "url(" . $url . ")"; //The URL isn't an HTTP URL but is actual binary data. Don't proxify it.
        return "url(" . PROXY_PREFIX . rel2abs($url, $baseURL) . ")";
    },
    $normalizedCSS);
}
//Proxify "srcset" attributes (normally associated with <img> tags.)
function proxifySrcset($srcset, $baseURL) {
  $sources = array_map("trim", explode(",", $srcset)); //Split all contents by comma and trim each value
  $proxifiedSources = array_map(function($source) use ($baseURL) {
    $components = array_map("trim", str_split($source, strrpos($source, " "))); //Split by last space and trim
    $components[0] = PROXY_PREFIX . rel2abs(ltrim($components[0], "/"), $baseURL); //First component of the split source string should be an image URL; proxify it
    return implode($components, " "); //Recombine the components into a single source
  }, $sources);
  $proxifiedSrcset = implode(", ", $proxifiedSources); //Recombine the sources into a single "srcset"
  return $proxifiedSrcset;
}
//Extract and sanitize the requested URL, handling cases where forms have been rewritten to point to the proxy.
if (isset($_POST["miniProxyFormAction"])) {
  $url = $_POST["miniProxyFormAction"];
  unset($_POST["miniProxyFormAction"]);
} else {
  $queryParams = Array();
  parse_str($_SERVER["QUERY_STRING"], $queryParams);
  //If the miniProxyFormAction field appears in the query string, make $url start with its value, and rebuild the the query string without it.
  if (isset($queryParams["miniProxyFormAction"])) {
    $formAction = $queryParams["miniProxyFormAction"];
    unset($queryParams["miniProxyFormAction"]);
    $url = $formAction . "?" . http_build_query($queryParams);
  } else {
    $url = substr($_SERVER["REQUEST_URI"], strlen($_SERVER["SCRIPT_NAME"]) + 1);
  }
}
if (empty($url)) {
    die("<html><head><title>miniProxy</title></head><body><h1>Welcome to miniProxy!</h1>miniProxy can be directly invoked like this: <a href=\"" . PROXY_PREFIX . $exampleURL . "\">" . PROXY_PREFIX . $exampleURL . "</a>

Or, you can simply enter a URL below:

<form onsubmit=\"if (document.getElementById('site').value) { window.location.href='" . PROXY_PREFIX . "' + document.getElementById('site').value; return false; } else { window.location.href='" . PROXY_PREFIX . $exampleURL . "'; return false; } \"><input id=\"site\" type=\"text\" size=\"50\" /><input type=\"submit\" value=\"Proxy It!\" /></form></body></html>");
} else if (strpos($url, ":/") !== strpos($url, "://")) {
    //Work around the fact that some web servers (e.g. IIS 8.5) change double slashes appearing in the URL to a single slash.
    //See https://github.com/joshdick/miniProxy/pull/14
    $pos = strpos($url, ":/");
    $url = substr_replace($url, "://", $pos, strlen(":/"));
}
$scheme = parse_url($url, PHP_URL_SCHEME);
if (empty($scheme)) {
  //Assume that any supplied URLs starting with // are HTTP URLs.
  if (strpos($url, "//") === 0) {
    $url = "http:" . $url;
  }
} else if (!preg_match("/^https?$/i", $scheme)) {
    die('Error: Detected a "' . $scheme . '" URL. miniProxy exclusively supports http[s] URLs.');
}
//Validate the requested URL against the whitelist.
$urlIsValid = count($whitelistPatterns) === 0;
foreach ($whitelistPatterns as $pattern) {
  if (preg_match($pattern, $url)) {
    $urlIsValid = true;
    break;
  }
}
if (!$urlIsValid) {
  die("Error: The requested URL was disallowed by the server administrator.");
}
$response = makeRequest($url);
$rawResponseHeaders = $response["headers"];
$responseBody = $response["body"];
$responseInfo = $response["responseInfo"];
//If CURLOPT_FOLLOWLOCATION landed the proxy at a diferent URL than
//what was requested, explicitly redirect the proxy there.
$responseURL = $responseInfo["url"];
if ($responseURL !== $url) {
  header("Location: " . PROXY_PREFIX . $responseURL, true);
  exit(0);
}
//A regex that indicates which server response headers should be stripped out of the proxified response.
$header_blacklist_pattern = "/^Content-Length|^Transfer-Encoding|^Content-Encoding.*gzip/i";
//cURL can make multiple requests internally (for example, if CURLOPT_FOLLOWLOCATION is enabled), and reports
//headers for every request it makes. Only proxy the last set of received response headers,
//corresponding to the final request made by cURL for any given call to makeRequest().
$responseHeaderBlocks = array_filter(explode("\r\n\r\n", $rawResponseHeaders));
$lastHeaderBlock = end($responseHeaderBlocks);
$headerLines = explode("\r\n", $lastHeaderBlock);
foreach ($headerLines as $header) {
  $header = trim($header);
  if (!preg_match($header_blacklist_pattern, $header)) {
    header($header, false);
  }
}
//Prevent robots from indexing proxified pages
header("X-Robots-Tag: noindex, nofollow", true);
if ($forceCORS) {
  //This logic is based on code found at: http://stackoverflow.com/a/9866124/278810
  //CORS headers sent below may conflict with CORS headers from the original response,
  //so these headers are sent after the original response headers to ensure their values
  //are the ones that actually end up getting sent to the browser.
  //Explicit [ $replace = true ] is used for these headers even though this is PHP's default behavior.
  //Allow access from any origin.
  header("Access-Control-Allow-Origin: *", true);
  header("Access-Control-Allow-Credentials: true", true);
  //Handle CORS headers received during OPTIONS requests.
  if ($_SERVER["REQUEST_METHOD"] == "OPTIONS") {
    if (isset($_SERVER["HTTP_ACCESS_CONTROL_REQUEST_METHOD"])) {
      header("Access-Control-Allow-Methods: GET, POST, OPTIONS", true);
    }
    if (isset($_SERVER["HTTP_ACCESS_CONTROL_REQUEST_HEADERS"])) {
      header("Access-Control-Allow-Headers: {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']}", true);
    }
    //No further action is needed for OPTIONS requests.
    exit(0);
  }
}
$contentType = "";
if (isset($responseInfo["content_type"])) $contentType = $responseInfo["content_type"];
//This is presumably a web page, so attempt to proxify the DOM.
if (stripos($contentType, "text/html") !== false) {
  //Attempt to normalize character encoding.
  $detectedEncoding = mb_detect_encoding($responseBody, "UTF-8, ISO-8859-1");
  if ($detectedEncoding) {
    $responseBody = mb_convert_encoding($responseBody, "HTML-ENTITIES", $detectedEncoding);
  }
  //Parse the DOM.
  $doc = new DomDocument();
  @$doc->loadHTML($responseBody);
  $xpath = new DOMXPath($doc);
  //Rewrite forms so that their actions point back to the proxy.
  foreach($xpath->query("//form") as $form) {
    $method = $form->getAttribute("method");
    $action = $form->getAttribute("action");
    //If the form doesn't have an action, the action is the page itself.
    //Otherwise, change an existing action to an absolute version.
    $action = empty($action) ? $url : rel2abs($action, $url);
    //Rewrite the form action to point back at the proxy.
    $form->setAttribute("action", rtrim(PROXY_PREFIX, "?"));
    //Add a hidden form field that the proxy can later use to retreive the original form action.
    $actionInput = $doc->createDocumentFragment();
    $actionInput->appendXML('<input type="hidden" name="miniProxyFormAction" value="' . htmlspecialchars($action) . '" />');
    $form->appendChild($actionInput);
  }
  //Proxify <meta> tags with an 'http-equiv="refresh"' attribute.
  foreach ($xpath->query("//meta[@http-equiv]") as $element) {
    if (strcasecmp($element->getAttribute("http-equiv"), "refresh") === 0) {
      $content = $element->getAttribute("content");
      if (!empty($content)) {
        $splitContent = preg_split("/=/", $content);
        if (isset($splitContent[1])) {
          $element->setAttribute("content", $splitContent[0] . "=" . PROXY_PREFIX . rel2abs($splitContent[1], $url));
        }
      }
    }
  }
  //Profixy <style> tags.
  foreach($xpath->query("//style") as $style) {
    $style->nodeValue = proxifyCSS($style->nodeValue, $url);
  }
  //Proxify tags with a "style" attribute.
  foreach ($xpath->query("//*[@style]") as $element) {
    $element->setAttribute("style", proxifyCSS($element->getAttribute("style"), $url));
  }
  //Proxify "srcset" attributes in <img> tags.
  foreach ($xpath->query("//img[@srcset]") as $element) {
    $element->setAttribute("srcset", proxifySrcset($element->getAttribute("srcset"), $url));
  }
  //Proxify any of these attributes appearing in any tag.
  $proxifyAttributes = array("href", "src");
  foreach($proxifyAttributes as $attrName) {
    foreach($xpath->query("//*[@" . $attrName . "]") as $element) { //For every element with the given attribute...
      $attrContent = $element->getAttribute($attrName);
      if ($attrName == "href" && preg_match("/^(about|javascript|magnet|mailto):/i", $attrContent)) continue;
      $attrContent = rel2abs($attrContent, $url);
      $attrContent = PROXY_PREFIX . $attrContent;
      $element->setAttribute($attrName, $attrContent);
    }
  }
  //Attempt to force AJAX requests to be made through the proxy by
  //wrapping window.XMLHttpRequest.prototype.open in order to make
  //all request URLs absolute and point back to the proxy.
  //The rel2abs() JavaScript function serves the same purpose as the server-side one in this file,
  //but is used in the browser to ensure all AJAX request URLs are absolute and not relative.
  //Uses code from these sources:
  //http://stackoverflow.com/questions/7775767/javascript-overriding-xmlhttprequest-open
  //https://gist.github.com/1088850
  //TODO: This is obviously only useful for browsers that use XMLHttpRequest but
  //it's better than nothing.
  $head = $xpath->query("//head")->item(0);
  $body = $xpath->query("//body")->item(0);
  $prependElem = $head != NULL ? $head : $body;
  //Only bother trying to apply this hack if the DOM has a <head> or <body> element;
  //insert some JavaScript at the top of whichever is available first.
  //Protects against cases where the server sends a Content-Type of "text/html" when
  //what's coming back is most likely not actually HTML.
  //TODO: Do this check before attempting to do any sort of DOM parsing?
  if ($prependElem != NULL) {
    $scriptElem = $doc->createElement("script",
      '(function() {
        if (window.XMLHttpRequest) {
          function parseURI(url) {
            var m = String(url).replace(/^\s+|\s+$/g, "").match(/^([^:\/?#]+:)?(\/\/(?:[^:@]*(?::[^:@]*)?@)?(([^:\/?#]*)(?::(\d*))?))?([^?#]*)(\?[^#]*)?(#[\s\S]*)?/);
            // authority = "//" + user + ":" + pass "@" + hostname + ":" port
            return (m ? {
              href : m[0] || "",
              protocol : m[1] || "",
              authority: m[2] || "",
              host : m[3] || "",
              hostname : m[4] || "",
              port : m[5] || "",
              pathname : m[6] || "",
              search : m[7] || "",
              hash : m[8] || ""
            } : null);
          }
          function rel2abs(base, href) { // RFC 3986
            function removeDotSegments(input) {
              var output = [];
              input.replace(/^(\.\.?(\/|$))+/, "")
                .replace(/\/(\.(\/|$))+/g, "/")
                .replace(/\/\.\.$/, "/../")
                .replace(/\/?[^\/]*/g, function (p) {
                  if (p === "/..") {
                    output.pop();
                  } else {
                    output.push(p);
                  }
                });
              return output.join("").replace(/^\//, input.charAt(0) === "/" ? "/" : "");
            }
            href = parseURI(href || "");
            base = parseURI(base || "");
            return !href || !base ? null : (href.protocol || base.protocol) +
            (href.protocol || href.authority ? href.authority : base.authority) +
            removeDotSegments(href.protocol || href.authority || href.pathname.charAt(0) === "/" ? href.pathname : (href.pathname ? ((base.authority && !base.pathname ? "/" : "") + base.pathname.slice(0, base.pathname.lastIndexOf("/") + 1) + href.pathname) : base.pathname)) +
            (href.protocol || href.authority || href.pathname ? href.search : (href.search || base.search)) +
            href.hash;
          }
          var proxied = window.XMLHttpRequest.prototype.open;
          window.XMLHttpRequest.prototype.open = function() {
              if (arguments[1] !== null && arguments[1] !== undefined) {
                var url = arguments[1];
                url = rel2abs("' . $url . '", url);
                url = "' . PROXY_PREFIX . '" + url;
                arguments[1] = url;
              }
              return proxied.apply(this, [].slice.call(arguments));
          };
        }
      })();'
    );
    $scriptElem->setAttribute("type", "text/javascript");
    $prependElem->insertBefore($scriptElem, $prependElem->firstChild);
  }
  echo "<!-- Proxified page constructed by miniProxy -->\n" . $doc->saveHTML();
} else if (stripos($contentType, "text/css") !== false) { //This is CSS, so proxify url() references.
  echo proxifyCSS($responseBody, $url);
} else { //This isn't a web page or CSS, so serve unmodified through the proxy with the correct headers (images, JavaScript, etc.)
  header("Content-Length: " . strlen($responseBody), true);
  echo $responseBody;
}



Here is the full script:

https://github.com/joshdick/miniProxy

If you know of any better script then do let me know by pointing out which part of the code to replace with what. Be 100% precise in your descriptions or I will get lost or drown in the code.

PS - I'm dozing off to sleep. Might roll out of my chair and so I will look into your answer/reply after I wake-up. Therefore, take your time in wading through the code to pin-point where I should add my tracker url. And, don't forget this thread and don't delay in answering this post.

PPS - Don't worry, I won't name the directory "proxy" as I know websites filter that keyword.

Thanks!


Top
 Profile  
 
PostPosted: Sat May 13, 2017 8:32 pm 
Offline
Forum Commoner

Joined: Wed Jan 18, 2017 4:43 pm
Posts: 94
Bros,

Do me a favour.
Follow the following steps and give me your results:

1. Fire-up Xampp.
2. Create a folder "PROXY" in the "localhost". Then, create file: test.php
3. Add the following code into test.php:

https://github.com/joshdick/miniProxy/b ... iProxy.php

It is from:
miniProxy - A simple PHP web proxy. https://github.com/joshdick/miniProxy

4. Test the proxy script by navigating over to: C:\Xamp\htdocs\PROXY\test.php

What do you see ?
You see a page that looks like this:

**Welcome to miniProxy!**

**miniProxy can be directly invoked like this: http://localhost:80/proxy/test.php?http ... mple.net**

**Or, you can simply enter a URL below:**

5. Type the following url to proxify it:
http://localhost:80/proxy/test.php?http ... rbook.com/

Now, hover your mouse over the "About the Book" but don't click it. What does the url get shown as ?
It gets shown as:
http://localhost:80/proxy/test.php?http ... com/about/

Note that the original url is:
http://probloggerbook.com/

But it gets shown to you by preceding: http://localhost:80/proxy/test.php?.

In other words, no matter what url you view via the proxy, it gets proxified by preceding "http://localhost:80/proxy/test.php?" onto the url. Like so:

http://localhost:80/proxy/test.php?http ... rbook.com/
http://localhost:80/proxy/test.php?http://ebay.com/

Those sites you are viewing do not host your http://localhost:80/proxy/test.php? links nor precede it but your proxy itself does it.
Now, as you can see the proxy is preceding "http://localhost:80/proxy/test.php?" in order to proxify your chosen url. But my idea is, instead of getting it to precede "http://localhost:80/proxy/test.php?", why don't we get it to precede "http://localhost:80/proxy/tracker.php?" instead. That way, our proxy tracker page script gets preceded and clicked in order for the tracker to log the user's clicked url (foreign domain) before forwarding the user to the proxified page http://localhost:80/proxy/test.php?somedomain.com.

Now, can you figure-out which part of the code to replace with what to get the script to start logging ?
I mean, which part in the script do we make changes so the script no longer precedes http://localhost:80/proxy/test.php?
but precedes instead:
http://localhost:80/proxy/tracker.php?that redirects the user to:
http://localhost:80/proxy/test.php?somedomain.com

In short, the script should not directly forward the user to the proxified page (the page user wants to view) but forward him to the tracker page in the middle as a doorway page before redirecting to the final destination.

Anyone are welcome to make replies!


Top
 Profile  
 
PostPosted: Sat May 13, 2017 8:33 pm 
Offline
Forum Commoner

Joined: Wed Jan 18, 2017 4:43 pm
Posts: 94
Php Geeks,


Can you tell me if it is possible to track internal pages of third party domains with a proxy ? I reckon it is possible but an experienced coder tells me otherwise. I want your opinion on this because if it's not possible then no good me fruitlessly trying.
Why do I reckon it is possible since I hardly have enough php skills ?
Follow the following steps and give me your results and then give me your opinion if it's possible or not:

1. Fire-up Xampp.
2. Create a folder "PROXY" in the "localhost". Then, create file: test.php
3. Add the following code into test.php:

https://github.com/joshdick/miniProxy/blob/master/miniProxy.php

4. Test the proxy script by navigating over to: C:\Xamp\htdocs\PROXY\test.php

What do you see ?
You see a page that looks like this:

**Welcome to miniProxy!**

**miniProxy can be directly invoked like this: [url=http://localhost:80/proxy/test.php?[url]https://example.net**]404[/url] Not Found[/url]

**Or, you can simply enter a URL below:**

5. Type the following url to proxify it:
[url=http://localhost:80/proxy/test.php?[url]http://probloggerbook.com/]404[/url] Not Found[/url]

Now, hover your mouse over the "About the Book" but don't click it. What does the url get shown as ?
It gets shown as:
[url=http://localhost:80/proxy/test.php?[url]http://probloggerbook.com/about/]404[/url] Not Found[/url]

Note that the original url is:
ProBlogger Book

But it gets shown to you by preceding: http://localhost:80/proxy/test.php?.

In other words, no matter what url you view via the proxy, it gets proxified by preceding "http://localhost:80/proxy/test.php?" onto the url. Like so:

[url=http://localhost:80/proxy/test.php?[url]http://probloggerbook.com/]404[/url] Not Found[/url]
http://localhost:80/proxy/test.php?http://ebay.com/

Those sites you are viewing do not host your http://localhost:80/proxy/test.php? links nor precede it but your proxy itself does it.
Now, as you can see the proxy is preceding "http://localhost:80/proxy/test.php?" in order to proxify your chosen url. But my idea is, instead of getting it to precede "http://localhost:80/proxy/test.php?", why don't we get it to precede "http://localhost:80/proxy/tracker.php?" instead. That way, our proxy tracker page script gets preceded and clicked in order for the tracker to log the user's clicked url (foreign domain) before forwarding the user to the proxified page http://localhost:80/proxy/test.php?somedomain.com.

Now, can you figure-out which part of the code to replace with what to get the script to start logging ?
I mean, which part in the script do we make changes so the script no longer precedes http://localhost:80/proxy/test.php?
but precedes instead:
http://localhost:80/proxy/tracker.php?
that redirects the user to:
http://localhost:80/proxy/test.php?somedomain.com

In short, the script should not directly forward the user to the proxified page (the page user wants to view) but forward him to the tracker page in the middle as a doorway page before redirecting to the final destination.

Anyone are welcome to make replies!


Last edited by UniqueIdeaMan on Mon May 15, 2017 8:15 am, edited 1 time in total.

Top
 Profile  
 
PostPosted: Mon May 15, 2017 8:14 am 
Offline
Forum Commoner

Joined: Wed Jan 18, 2017 4:43 pm
Posts: 94
I'd like to add that, I really have no intention of running a proxy to allow others to anonymously surf the net. Criminals would download illegal stuffs and probably do other illegal stuffs and get me in trouble.
I looked into the proxy because it had some function I wanted. Will save me from coding everything from top to bottom. That was the plan.
As you have figured by now, I just want to give my users an iframe/frame so they can browse the net with it. I just want to log what they're browsing. Pretty much like Team Viewer where you can see from your end what's on my screen. Only difference would be, you won't control my computer while with a Team Viewer session you can.
I come across lots of good text readings and videos. Sick and tired copying & pasting their links to forums or email messages for others to view what I am viewing or have viewed. Not all pages have the TWEET or LIKE or SHARE button.
With my project, I'll just browse the net in an iframe/frame/proxy and the tracker will log every page I visit and others can view on their end what I'm viewing without me having to hit the LIKE/SHARE/TWEET button. Others like family, friends and new buddies (like yourselves). Ofcourse, I have another goal to all this but that will go off-topic and so I won't mention it now.


Top
 Profile  
 
PostPosted: Mon May 15, 2017 6:09 pm 
Offline
Forum Commoner

Joined: Wed Jan 18, 2017 4:43 pm
Posts: 94
Folks,

I managed to do it with a little hiccup here and there. Do you want to have a look at the script ? I'm glad that you can learn something a little from me and my findings for a change after all the contributions this forum has made to me so far. :smile:

In short, 2 nights ago, I said to myself, instead of redirecting the user from the proxified page to the tracker and then back to the proxified page, why don't I just add the tracker code onto the proxy php file ? That way, no need for 2 files. The proxy page and the tracker page.
Anyway, I found a programmer confirming it can be done and he suggested what I was thinking to do (add the tracker code to the main proxy code file) and showed me where to make the changes. Doing it, worked. He said, if I try redirecting the user from the proxified page to the tracker page then the execution would be complete and no way can I redirect the user back to the proxified page. Therefore, his suggestion was to just add the tracking code in the same file where the code for the proxy is residing. Infact, the original script was one page anyway.

Anyone else interested in seeing the script ? It's not perfect but doing what programmers were saying in 2 forums (including this one) that what I am planning to do is impossible. With the help from a 3rd forum, I achieved what experienced guys were saying is impossible. Now, isn't that something ?
If you learn what I'm upto with the script, you'll agree I live upto my username "Unique Idea Man". Now, I'm thinking of changing it to "Mr Possible". Lol!
Btw, is anyone interested to learn what I'm upto ? Just don't pull your hairs saying "Why didn't I think of that ?". Lol!


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 5 posts ] 

All times are UTC - 5 hours


Who is online

Users browsing this forum: Bing [Bot], Google [Bot] and 16 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
Powered by phpBB® Forum Software © phpBB Group