jappixmini: move modified BOSH proxy out of Jappix source tree to be able to use vanilla Jappix.

This is possible because bosh.php is under MIT license.
2012-04-16 21:40:23 +02:00 · 2012-04-16 21:40:23 +02:00 · 479d8ad96f
parent b4aa673c5d
commit 479d8ad96f
3 changed files with 201 additions and 7 deletions
--- a/jappixmini/README
+++ b/jappixmini/README
@ -27,8 +27,9 @@ Installation
 Jappix Mini (AGPL license) is not distributed with this addon. You need to
 install it manually:

-* Download latest zip file named friendica-addon-* from
-  https://github.com/Leberwurscht/jappix/tags and place the zip file in the
-  addon folder. Make sure to name it 'jappix.zip' - the download link required
-  by the AGPL points there.
-* Unpack the zip file, rename the folder to 'jappix'. Do not delete jappix.zip.
+* Download latest jappix version from https://github.com/jappix/jappix/tags to
+  addon/jappixmini/jappix.zip. Really make sure you name it 'jappix.zip' - the
+  download link required by the AGPL points there.
+* Unpack the zip file to addon/jappixmini/jappix/. Do not delete jappix.zip.
+* Delete the file addon/jappixmini/jappix/index.php. This is important, because
+  otherwise the installer of Jappix would be publicly accessible.
--- a/jappixmini/jappixmini.php
+++ b/jappixmini/jappixmini.php
@ -100,7 +100,22 @@ function jappixmini_plugin_admin(&$a, &$o) {
 	// display instructions and warnings on addon settings page for admin

 	if (!file_exists("addon/jappixmini/jappix")) {
-		$o .= '<p><strong>You need to install the Jappix application, adapted for Friendica (see README).</strong></p>';
+		$o .= '<p><strong>You need to install the Jappix application (see README).</strong></p>';
+	}
+	else if (file_exists("addon/jappixmini/jappix/index.php")) {
+		// try to delete automatically
+		try {
+			unlink("addon/jappixmini/jappix/index.php");
+		}
+		catch (Exception $e) {}
+
+		// warn admin if this is not possible
+		if (file_exists("addon/jappixmini/jappix/index.php"))
+			$o .= '<p><strong style="color:#fff;background-color:#f00">You must delete addon/jappixmini/jappix/index.php (see README).</strong></p>';
+		else {
+			info("Deleted addon/jappixmini/jappix/index.php automatically.");
+			$o .= '<p>Jappix is installed.</p>';
+		}
 	}
 	else if (!file_exists("addon/jappixmini/jappix.zip")) {
 		$o .= '<p><strong style="color:#fff;background-color:#f00">The source archive jappix.zip does not exist. This is probably a violation of the Jappix License (see README).</strong></p>';
@ -422,7 +437,7 @@ function jappixmini_script(&$a,&$s) {
    // set proxy if necessary
    $use_proxy = get_config('jappixmini','bosh_proxy');
    if ($use_proxy) {
-        $proxy = $a->get_baseurl().'/addon/jappixmini/jappix/php/bosh.php';
+        $proxy = $a->get_baseurl().'/addon/jappixmini/proxy.php';
    }
    else {
        $proxy = "";
--- a/jappixmini/proxy.php
+++ b/jappixmini/proxy.php
@ -0,0 +1,178 @@
+<?php
+
+/*
+
+Jappix - An open social platform
+This is a PHP BOSH proxy
+
+-------------------------------------------------
+
+License: MIT
+Authors: Vanaryon, Leberwurscht
+
+*/
+
+// PHP base
+define('JAPPIX_BASE', './jappix');
+
+// Get the configuration
+require_once('./jappix/php/functions.php');
+require_once('./jappix/php/read-main.php');
+require_once('./jappix/php/read-hosts.php');
+
+// Optimize the page rendering
+hideErrors();
+compressThis();
+
+// Not allowed?
+if(!BOSHProxy()) {
+	header('Status: 403 Forbidden', true, 403);
+	exit('HTTP/1.1 403 Forbidden');
+}
+
+// custom BOSH host
+$HOST_BOSH = HOST_BOSH;
+if(isset($_GET['host_bosh']) && $_GET['host_bosh']) {
+	$host_bosh = $_GET['host_bosh'];
+	if (substr($host_bosh, 0, 7)==="http://" || substr($host_bosh, 0, 8)==="https://") {
+		$HOST_BOSH = $host_bosh;
+	}
+}
+
+// OPTIONS method?
+if($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
+	// CORS headers
+	header('Access-Control-Allow-Origin: *');
+	header('Access-Control-Allow-Methods: GET, POST, OPTIONS');
+	header('Access-Control-Allow-Headers: Content-Type');
+	header('Access-Control-Max-Age: 31536000');
+	
+	exit;
+}
+
+// Read POST content
+$data = file_get_contents('php://input');
+
+// POST method?
+if($data) {
+	// CORS headers
+	header('Access-Control-Allow-Origin: *');
+	header('Access-Control-Allow-Headers: Content-Type');
+	
+	$method = 'POST';
+}
+
+// GET method?
+else if(isset($_GET['data']) && $_GET['data'] && isset($_GET['callback']) && $_GET['callback']) {
+	$method = 'GET';
+	$data = $_GET['data'];
+	$callback = $_GET['callback'];
+}
+
+// Invalid method?
+else {
+	header('Status: 400 Bad Request', true, 400);
+	exit('HTTP/1.1 400 Bad Request');
+}
+
+// HTTP headers
+$headers = array('User-Agent: Jappix (BOSH PHP Proxy)', 'Connection: keep-alive', 'Content-Type: text/xml; charset=utf-8', 'Content-Length: '.strlen($data));
+
+// CURL is better if available
+if(function_exists('curl_init'))
+	$use_curl = true;
+else
+	$use_curl = false;
+
+// CURL caused problems for me
+$use_curl = false;
+
+// CURL stream functions
+if($use_curl) {
+	// Initialize CURL
+	$connection = curl_init($HOST_BOSH);
+	
+	// Set the CURL settings
+	curl_setopt($connection, CURLOPT_HEADER, 0);
+	curl_setopt($connection, CURLOPT_POST, 1);
+	curl_setopt($connection, CURLOPT_POSTFIELDS, $data);
+	curl_setopt($connection, CURLOPT_FOLLOWLOCATION, true);
+	curl_setopt($connection, CURLOPT_HTTPHEADER, $headers);
+	curl_setopt($connection, CURLOPT_VERBOSE, 0);
+	curl_setopt($connection, CURLOPT_CONNECTTIMEOUT, 30);
+	curl_setopt($connection, CURLOPT_TIMEOUT, 30);
+	curl_setopt($connection, CURLOPT_SSL_VERIFYHOST, 0);
+	curl_setopt($connection, CURLOPT_SSL_VERIFYPEER, 0);
+	curl_setopt($connection, CURLOPT_RETURNTRANSFER, 1);
+	
+	// Get the CURL output
+	$output = curl_exec($connection);
+}
+
+// Built-in stream functions
+else {
+	// HTTP parameters
+	$parameters = array('http' => array(
+					'method' => 'POST',
+					'content' => $data
+				      )
+		      );
+
+	$parameters['http']['header'] = $headers;
+
+	// Change default timeout
+	ini_set('default_socket_timeout', 30);
+
+	// Create the connection
+	$stream = @stream_context_create($parameters);
+	$connection = @fopen($HOST_BOSH, 'rb', false, $stream);
+
+	// Failed to connect!
+	if($connection == false) {
+		header('Status: 502 Proxy Error', true, 502);
+		exit('HTTP/1.1 502 Proxy Error');
+	}
+
+	// Allow stream blocking to handle incoming BOSH data
+	@stream_set_blocking($connection, true);
+
+	// Get the output content
+	$output = @stream_get_contents($connection);
+}
+
+// Cache headers
+header('Cache-Control: no-cache, must-revalidate');
+header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
+
+// POST output
+if($method == 'POST') {
+	// XML header
+	header('Content-Type: text/xml; charset=utf-8');
+	
+	if(!$output)
+		echo('<body xmlns=\'http://jabber.org/protocol/httpbind\' type=\'terminate\'/>');
+	else
+		echo($output);
+}
+
+// GET output
+if($method == 'GET') {
+	// JSON header
+	header('Content-type: application/json');
+	
+	// Encode output to JSON
+	$json_output = json_encode($output);
+	
+	if(($output == false) || ($output == '') || ($json_output == 'null'))
+		echo($callback.'({"reply":"<body xmlns=\'http:\/\/jabber.org\/protocol\/httpbind\' type=\'terminate\'\/>"});');
+	else
+		echo($callback.'({"reply":'.$json_output.'});');
+}
+
+// Close the connection
+if($use_curl)
+	curl_close($connection);
+else
+	@fclose($connection);
+
+?>