advanced code snippet search

Posted By

bcmoney on 12/10/10


Tagged

http php proxy


Versions (?)

Who likes this?

3 people have marked this snippet as a favorite

fabiobruna
wirenaught
mmcachran


proxy.php

 / Published in: PHP
 

URL: http://bcmoney-mobiletv.com/blog/2009/05/01/the-server-side-proxy/

Source to get me started on a PHP proxy using CURL: http://developer.yahoo.com/javascript/howto-proxy.html

Nice tutorial on using PHP proxy for cross-server JSON without JSONp: http://benalman.com/projects/php-simple-proxy/

SalesForce.com's full-blown CORS and CRUD supporting REST toolkit proxy: https://github.com/developerforce/Force.com-JavaScript-REST-Toolkit/blob/master/proxy.php

Expand | Embed | Plain Text 
  1. <?php
  2. /**
  3.  * proxy.php
  4.  *   Acts as a server-side requestor for data on behalf of the client-side, in order to get around the "same-origin" problem
  5.  *   (NOTE: there could be a small security risk by doing a naiive REQUEST to pass the proxy URL without POST + SSL and more thorough validation. Only if an attacker knew the location of this script, would there be a chance they can use it as a proxy for attacks to other servers, or this server. For our purposes, it probably is negligible, but for more on how to solve potential issues, see: http://php.net/manual/en/function.fopen.php  or:  http://www.virtualforge.de/vmovie/xss_selling_platform_v1.0.php)
  6.  */
  7.  
  8. $url = $_REQUEST['url']; //URL to grab (again, see NOTE on security above)
  9. if (empty($url)) { $url = "http://dd.weatheroffice.ec.gc.ca/citypage_weather/xml/NB/s0000687_e.xml"; } //make sure we always get some data (default to a Weather feed)
  10.  
  11. /**
  12.  * getAddress
  13.  * @get the full url of the current page (protocol + host + request URI including parameters)
  14.  * @return string
  15.  */
  16.  function getAddress() {
  17.     $protocol = $_SERVER['HTTPS'] == 'on' ? 'https' : 'http'; /*** check for https ***/
  18.     return $protocol.'://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']; /*** return the full address ***/
  19.  }
  20.  
  21. //parse the passed in URL using parameterized query object (could add validation here, see: http://www.scriptol.com/how-to/parsing-url.php )
  22. $arr = parse_url(getAddress()); //use PHP convenience function for full address
  23. $parameters = $arr["query"];
  24. parse_str($parameters, $param);
  25.  
  26. $format = $param['f']; //examples:   &f=xml | &f=json | &f=html  (for more MIME-Types, see: http://en.wikipedia.org/wiki/Mime_type)
  27. $encoding = $param['e']; //examples:   &e=utf-8 | &e=iso-8859-1 | &e=Shift-JIS  (for more Character Encodings, see: http://en.wikipedia.org/wiki/Character_encoding)
  28. $e = (!empty($encoding)) ? $encoding : "utf-8"; //might want to limit allowed charset/encoding types
  29.  
  30. 	header('Cache-Control: no-cache, must-revalidate'); //force fresh request
  31. 	header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
  32. // Set your return content type, based on the expected response type... 
  33. switch ($format) {
  34. 	case "xml":
  35. 	case "xsl":	
  36. 	case "kml":
  37. 		header("Content-type: application/xml; charset={$e}");
  38. 		break;
  39. 	case "geojson":
  40. 	case "json": 
  41. 	case "rdfjson": case "rdf/json": case "rdf+json": case "jron":
  42. 		header("Content-type: application/json; charset={$e}");
  43. 		break;
  44. 	case "georss":
  45. 	case "atom":
  46. 		header("Content-type: application/atom+xml; charset={$e}");
  47. 		break;
  48. 	case "rss":
  49. 	case "rss2": case "rss2.0":
  50. 	case "rss1": case "rss1.0":
  51. 	case "rss0.92":	case "rss0.91":	case "rss0.90":  case "feed": case "rdf":
  52. 		header("Content-type: text/xml; charset={$e}");
  53. 		break;
  54. 	case "owl":
  55. 	case "rdf+xml":	case "rdfxml":	
  56. 		header("Content-type: application/rdf+xml; charset={$e}");
  57. 		break;		
  58. 	case "swf":
  59. 	case "flash": case "flv":
  60. 		header("Content-type: application/x-shockwave-flash");
  61. 		break;
  62. 	case "image":
  63. 		header("Content-type: image/png");
  64. 		break;
  65. 	case "svg":
  66. 		header("Content-type: image/svg+xml");
  67. 		break;	
  68. 	case "audio": case "ogg":
  69. 		header("Content-type: audio/ogg");
  70. 		break;
  71. 	case "mp3":
  72. 		header("Content-type: audio/mpeg");
  73. 		break;			
  74. 	case "video": case "webm":
  75. 		header("Content-type: video/webm");
  76. 		break;
  77. 	case "mp4":
  78. 		header("Content-type: video/mp4");
  79. 		break;
  80. 	case "xhtml":
  81. 		header("Content-type: application/xhtml+xml; charset={$e}");
  82. 		break;			
  83. 	case "xslt":
  84. 	case "html":
  85. 	case "html5":
  86. 		header("Content-type: text/html; charset={$e}");
  87. 		break;		
  88. 	default:
  89. 		header("Content-type: text/plain; charset={$e}"); //could be any other plaintext format (including: CSV, TSV, conf, ini, rtf, txt, dat, n3, turtle, JSONp etc...)
  90. 		break;
  91. }
  92.  
  93.  
  94. try {
  95. 	// Get remote content/data  (NOTE: your hosting provider may not allow fopen, if not you can request they allow for your VPS...if still not, we can use file_get_contents  or CURL lib instead)
  96. 	$handle = fopen($url, "r");
  97.  
  98. 	// some content/data was received, then read & return
  99. 	if ($handle) {
  100. 		while (!feof($handle)) {
  101. 			$buffer = fgets($handle, 4096);
  102. 			echo $buffer;
  103. 		}
  104. 		fclose($handle);
  105. 	}
  106. }
  107. catch (Exception $e) {
  108. 	print file_get_contents($url);
  109. }
  110. ?>

Report this snippet  

You need to login to post a comment.