add files to project

2025-03-09 15:39:59 +00:00 · 2020-02-05 06:34:26 +03:00 · 2020-02-05 06:34:26 +03:00 · 5cac498444
commit 5cac498444
3729 changed files with 836998 additions and 0 deletions
--- a/web/evercookie/php/_cookie_name.php
+++ b/web/evercookie/php/_cookie_name.php
@ -0,0 +1,14 @@
+<?php
+
+/**
+ * Gets evercookie's cookie name for PHP's scripts to get value froms
+ * 
+ * @param string $file_name Usually it's a file name like 'evercookie_blabla.php'
+ * @return string evercookie_blabla
+ */
+function evercookie_get_cookie_name($file_name) {
+    if (!empty($_GET['cookie'])) {
+        return $_GET['cookie'];
+    }
+    return basename($file_name, '.php');
+}
--- a/web/evercookie/php/evercookie_cache.php
+++ b/web/evercookie/php/evercookie_cache.php
@ -0,0 +1,25 @@
+<?php
+/* evercookie, by samy kamkar, 09/20/2010
+ *  http://samy.pl : code@samy.pl
+ *
+ * This is the server-side simple caching mechanism.
+ *
+ * -samy kamkar
+ */
+
+// we get cookie name from current file name so remember about it when rename of this file will be required 
+include dirname(__FILE__) . DIRECTORY_SEPARATOR . '_cookie_name.php';
+$cookie_name = evercookie_get_cookie_name(__FILE__);
+
+// we don't have a cookie, user probably deleted it, force cache
+if (empty($_COOKIE[$cookie_name])) {
+    header('HTTP/1.1 304 Not Modified');
+    exit;
+}
+
+header('Content-Type: text/html');
+header('Last-Modified: Wed, 30 Jun 2010 21:36:48 GMT');
+header('Expires: Tue, 31 Dec 2030 23:30:45 GMT');
+header('Cache-Control: private, max-age=630720000');
+
+echo $_COOKIE[$cookie_name];
--- a/web/evercookie/php/evercookie_etag.php
+++ b/web/evercookie/php/evercookie_etag.php
@ -0,0 +1,59 @@
+<?php
+/* evercookie, by samy kamkar, 09/20/2010
+ *  http://samy.pl : code@samy.pl
+ *
+ * This is the server-side ETag software which tags a user by
+ * using the Etag HTTP header, as well as If-None-Match to check
+ * if the user has been tagged before.
+ *
+ * -samy kamkar
+ */
+
+// we get cookie name from current file name so remember about it when rename of this file will be required
+include dirname(__FILE__) . DIRECTORY_SEPARATOR . '_cookie_name.php';
+$cookie_name = evercookie_get_cookie_name(__FILE__);
+
+// we don't have a cookie, so we're not setting it
+if (empty($_COOKIE[$cookie_name])) {
+    // read our etag and pass back
+    if (!function_exists('apache_request_headers')) {
+        function apache_request_headers() {
+            // Source: http://www.php.net/manual/en/function.apache-request-headers.php#70810
+            $arh = array();
+            $rx_http = '/\AHTTP_/';
+            foreach ($_SERVER as $key => $val) {
+                if (preg_match($rx_http, $key)) {
+                    $arh_key = preg_replace($rx_http, '', $key);
+                    $rx_matches = array();
+                    // do some nasty string manipulations to restore the original letter case
+                    // this should work in most cases
+                    $rx_matches = explode('_', $arh_key);
+                    if (count($rx_matches) > 0 and strlen($arh_key) > 2) {
+                        foreach ($rx_matches as $ak_key => $ak_val) {
+                            $rx_matches[$ak_key] = ucfirst(strtolower($ak_val));
+                        }
+                        $arh_key = implode('-', $rx_matches);
+                    }
+                    $arh[$arh_key] = $val;
+                }
+            }
+            return ($arh);
+        }
+    }
+
+    // Headers might have different letter case depending on the web server.
+    // So, change all headers to uppercase and compare it.
+    $headers = array_change_key_case(apache_request_headers(), CASE_UPPER);
+    if(isset($headers['IF-NONE-MATCH'])) {
+        // extracting value from ETag presented format (which may be prepended by Weak validator modifier)
+        $etag_value = preg_replace('|^(W/)?"(.+)"$|', '$2', $headers['IF-NONE-MATCH']);
+        header('HTTP/1.1 304 Not Modified');
+        header('ETag: "' . $etag_value . '"');
+        echo $etag_value;
+    }
+    exit;
+}
+
+// set our etag
+header('ETag: "' . $_COOKIE[$cookie_name] . '"');
+echo $_COOKIE[$cookie_name];
--- a/web/evercookie/php/evercookie_png.php
+++ b/web/evercookie/php/evercookie_png.php
@ -0,0 +1,59 @@
+<?php
+/* evercookie, by samy kamkar, 09/20/2010
+ *  http://samy.pl : code@samy.pl
+ *
+ * This is the server-side variable PNG generator for evercookie.
+ * If an HTTP cookie is passed, the cookie data gets converted into
+ * RGB-values in a PNG image. The PNG image is printed out with a
+ * 20-year cache expiration date.
+ *
+ * If for any reason this file is accessed again WITHOUT the cookie,
+ * as in the user deleted their cookie, the code returns back with
+ * a forced 'Not Modified' meaning the browser should look at its
+ * cache for the image.
+ *
+ * The client-side code then places the cached image in a canvas and
+ * reads it in pixel by pixel, converting the PNG back into a cookie.
+ *
+ * -samy kamkar
+ */
+
+// we get cookie name from current file name so remember about it when rename of this file will be required
+include dirname(__FILE__) . DIRECTORY_SEPARATOR . '_cookie_name.php';
+$cookie_name = evercookie_get_cookie_name(__FILE__);
+
+// we don't have a cookie, user probably deleted it, force cache
+if (empty($_COOKIE[$cookie_name])) {
+    if(!headers_sent()) {
+        header('HTTP/1.1 304 Not Modified');
+    }
+    exit;
+}
+
+// width of 200 means 600 bytes (3 RGB bytes per pixel)
+$x = 200;
+$y = 1;
+
+$gd = imagecreatetruecolor($x, $y);
+
+$data_arr = str_split($_COOKIE[$cookie_name]);
+
+$x = 0;
+$y = 0;
+for ($i = 0, $i_count = count($data_arr); $i < $i_count; $i += 3) {
+    $red   = isset($data_arr[$i])   ? ord($data_arr[$i])   : 0;
+    $green = isset($data_arr[$i+1]) ? ord($data_arr[$i+1]) : 0;
+    $blue  = isset($data_arr[$i+2]) ? ord($data_arr[$i+2]) : 0;
+    $color = imagecolorallocate($gd, $red, $green, $blue);
+    imagesetpixel($gd, $x++, $y, $color);
+}
+
+if(!headers_sent()) {
+    header('Content-Type: image/png');
+    header('Last-Modified: Wed, 30 Jun 2010 21:36:48 GMT');
+    header('Expires: Tue, 31 Dec 2030 23:30:45 GMT');
+    header('Cache-Control: private, max-age=630720000');
+}
+
+// boom. headshot.
+imagepng($gd);
--- a/web/evercookie/php/hsts_cookie.php
+++ b/web/evercookie/php/hsts_cookie.php
@ -0,0 +1,35 @@
+<?php
+//header('Access-Control-Allow-Origin: *');
+$is_ssl = !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off' || $_SERVER['SERVER_PORT'] == 443;
+
+if(isset($_GET['SET'])){
+	if($is_ssl){
+		header('Strict-Transport-Security: max-age=31536000');
+        header('Content-type: image/png');
+        echo base64_decode('iVBORw0KGgoAAAANSUhEUgAAAAgAAAAJCAIAAACAMfp5AAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAAAYSURBVBhXY/z//z8DNsAEpTHAkJJgYAAAo0sDD8axyJQAAAAASUVORK5CYII=');
+	}else{
+		$redirect = "https://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
+		header("Location: $redirect");
+	}
+	die();
+}
+
+if(isset($_GET['DEL'])){
+	if($is_ssl){
+		header('Strict-Transport-Security: max-age=0');
+	}else{
+		$redirect = "https://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
+		header("Location: $redirect");
+	}
+	die();
+}
+
+if($is_ssl){
+	header('Content-type: image/png');
+	// some white pixel
+	echo base64_decode('iVBORw0KGgoAAAANSUhEUgAAAAgAAAAJCAIAAACAMfp5AAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsMAAA7DAcdvqGQAAAAYSURBVBhXY/z//z8DNsAEpTHAkJJgYAAAo0sDD8axyJQAAAAASUVORK5CYII=');
+	die();
+}else{
+	header('X-PHP-Response-Code: 404', true, 404);
+}
+?>