-
Notifications
You must be signed in to change notification settings - Fork 52
/
Copy pathcookies.php
244 lines (172 loc) · 6.09 KB
/
cookies.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
<?php
/*******************************************************************
* Glype is copyright and trademark 2007-2012 UpsideOut, Inc. d/b/a Glype
* and/or its licensors, successors and assigners. All rights reserved.
*
* Use of Glype is subject to the terms of the Software License Agreement.
* http://www.glype.com/license.php
*******************************************************************
* This page displays a list of cookies that have been forwarded
* to the user and allows individual cookies to be deleted.
******************************************************************/
/*****************************************************************
* Initialize glype
******************************************************************/
require 'includes/init.php';
// Stop caching
sendNoCache();
// Start buffering
ob_start();
/*****************************************************************
* Create content
******************************************************************/
echo <<<OUT
<h2 class="first">Manage Cookies</h2>
<p>You can view and delete cookies set on your computer by sites accessed through our service. Your cookies are listed below:</p>
<form action="includes/process.php?action=cookies" method="post">
<table cellpadding="2" cellspacing="0" align="center">
<tr>
<th width="33%">Website</th>
<th width="33%">Name</th>
<th width="33%">Value</th>
<th> </th>
</tr>
OUT;
/*****************************************************************
* Find cookies
******************************************************************/
// Server side storage
if ( $CONFIG['cookies_on_server'] ) {
// Check cookie file exists
if ( file_exists($cookieFile = $CONFIG['cookies_folder'] . session_id()) ) {
// Load into array
if ( $cookieLine = file($cookieFile, FILE_IGNORE_NEW_LINES|FILE_SKIP_EMPTY_LINES) ) {
// Process line by line
foreach ( $cookieLine as $line ) {
// Comment line?
if ( ! isset($line[0]) || $line[0] == '#' ) {
continue;
}
// Clear newlines
$line = rtrim($line);
// Split by tab
$details = explode(' ', $line);
// Check valid split, expecting 7 items
if ( count($details) != 7 ) {
continue;
}
// Save in array(domain, path, name value)
$showCookies[] = array($details[0], $details[2], $details[5], $details[6]);
}
}
}
} else if ( isset($_COOKIE[COOKIE_PREFIX]) ) {
// Cookies on client
// Encoded or unencoded?
if ( $CONFIG['encode_cookies'] ) {
// Encoded cookies stored client-side
foreach ( $_COOKIE[COOKIE_PREFIX] as $attributes => $value ) {
// Decode cookie to [domain,path,name]
$attributes = explode(' ', base64_decode($attributes));
// Check successful decoding and skip if failed
if ( ! isset($attributes[2]) ) {
continue;
}
// Extract parts
list($domain, $path, $name) = $attributes;
// Decode cookie value
$value = base64_decode($value);
// Secure cookies marked by !SEC suffix so remove the suffix
$value = str_replace('!SEC', '', $value);
// Add cookie
$showCookies[] = array($domain, $path, $name, $value);
}
} else {
// Unencoded cookies stored client-side
foreach ( $_COOKIE[COOKIE_PREFIX] as $domain => $paths ) {
// $domain holds the domain (surprisingly) and $path is an array
// of keys (paths) and more arrays (each child array of $path = one cookie)
// e.g. Array('domain.com' => Array('/' => Array('cookie_name' => 'value')))
foreach ( $paths as $path => $cookies ) {
foreach ( $cookies as $name => $value ) {
// Secure cookies marked by !SEC suffix so remove the suffix
$value = str_replace('!SEC', '', $value);
// Add cookie
$showCookies[] = array($domain, $path, $name, $value);
}
}
}
}
}
/*****************************************************************
* Print cookies
******************************************************************/
// Any to print?
if ( empty($showCookies) ) {
echo <<<OUT
<tr>
<td colspan="4" align="center">No cookies found</td>
</tr>
OUT;
} else {
// Loop through and print them
foreach ( $showCookies as $id => $cookie ) {
// Join domain & path to create "website"
$website = $cookie[0] . ( $cookie[1] == '/' ? '' : $cookie[1] );
// Cookie name
$name = htmlentities($cookie[2]);
// Get cookie value
$value = $cookie[3];
// Truncate value to avoid stretching page
if ( strlen($value) > 35 ) {
// Create a row ID
$rowID = 'cookieRow' . $id;
// Wrap the long value and escape ' so we can use it in javascript
$wrapped = str_replace("'", "\'", wordwrap($cookie[3], 30, ' ', true));
// Truncate the string
$truncated = substr($value, 0, 30);
// Replace the value with a shorten version that expands onclick
$value = <<<OUT
<span id="{$rowID}">{$truncated}<a style="cursor:pointer;" onclick="document.getElementById('{$rowID}').innerHTML='{$wrapped}';">...</a></span>
OUT;
}
echo <<<OUT
<tr>
<td>{$website}</td>
<td>{$name}</td>
<td>{$value}</td>
<td><input type="checkbox" name="delete[]" value="{$cookie[0]}|{$cookie[1]}|{$name}"></td>
</tr>
OUT;
}
}
/*****************************************************************
* Finish page
******************************************************************/
echo <<<OUT
<tr>
<th colspan="3" align="right"><input type="submit" value="Delete"></th>
<th><input type="checkbox" name="checkall" onclick="selectAll(this)"></th>
</tr>
</table>
</form>
<script type="text/javascript">
function selectAll(checkbox) {
var theForm = checkbox.form;
for(var z=0; z<theForm.length;z++){
if(theForm[z].type == 'checkbox' && theForm[z].name != 'checkall'){
theForm[z].checked = checkbox.checked;
}
}
}
</script>
OUT;
/*****************************************************************
* Send content wrapped in our theme
******************************************************************/
// Get buffer
$content = ob_get_contents();
// Clear buffer
ob_end_clean();
// Print content wrapped in theme
echo replaceContent($content);