#1
  1. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2017
    Posts
    127
    Rep Power
    1

    Question Where To Precede The Tracking Url ?


    Howdy Pros!

    If I was going to just track which urls from my own domain get clicked then I know how to do it.
    On everyone of my links, I'll just add my tracking url, like so:

    301 Moved Permanently

    But like I said, I want to track what my users do on other sites.
    For example, let's say I run a searchengine like google. And a user does a keyword search and my searchengine presents results on it's SERP (Searchengine Result Page).
    Now, when a user clicks a foreign domain link then I would be able to track it because all the result links would carry my tracker url prior to their own url.
    So, if my SERP was listing: fart.com then it would be foolish for my SERP to directly list:
    fart.com

    Instead, it would list like this:
    301 Moved Permanently
    (Google already does that sort of tracking).
    And ofcourse, my tracker.php page would use the GET method to capture the destination url and log it before redirecting the visitor to it. I know how to do all that after I learnt from a few youtube tutorials on how to build your own member log/reg site. They taught how to code to build an account activation link that needs to be clicked by the user from his email to confirm his email. Don't worry about that. I know how to build a tracker. I'll just fiddle with the code that I learnt about the activation link and if I get stuck then you guys are here to help.
    Now, once the user clicks a link on my SERP, I'd be able to track the click before he is redirected to the destination. But once his inside the destination site (foreign domain) I won't be able to track his movements from page to page on the third party site. I want to track his movements for my own ingenious purposes and don't object that I shouldn't do this by saying the user won't allow it. The user WILL allow it for their benefit and most likely YOU too but that's a different story I won't get into right now and spoil the fun. Wait and see what I pull out of my magician jacket in the upcoming few days. In the meanwhile, take a deep breath and hold it and don't let go unless I've brought Jacueline outside her box (lol!).
    I have my own ways to pursuade users to allow it and I'll try it on you one day. Lol!
    Now, the problem is, how on earth can I track the user's movements while he is clicking away on a foreign domain ? I noticed back in 1998/2000 that proxies show third party pages under a frame or whatever or by using cloaking methods or whatever and therefore was on the hunt a few mnths back to learn how they do it. Still looking for the right text and/or vid tutorial that'll teach me how to do all this. No matter how many forums and how many programmers I ask about this, not a single one can answer me and provide the name of the method used by the proxies save one programmer (tonight) who understood my intentions and suggested I look into url_rewriting which I will do now. He suggested I use the Gpl miniProxy. (In the past I downloaded Glype but that has restrictions in it's license) I have copied and pasted miniProxy's one page code onto my Xampp and wallah it is working as expected! Meaning, no matter what url is shown to the user, I am now able to proxify each and every link he clicks and proxify each and every page he views.
    Let me explain again.
    First, headover to this page:
    ProBlogger Book
    Then, hover your mouse over "About the Book" but don't click it. You'll see the url is shown by your browser as:
    About the Book

    Now, headover to:
    http://anonymouse.org/anonwww.html
    And, anonymously browse:
    ProBlogger Book

    Finally, hover your mouse over "About the Book" but don't click it. You'll see the url is shown by your browser as:
    http://anonymouse.org/cgi-bin/anon-w...ook.com/about/

    You see what is going on here ? Even though your on probloggerbook.com which has no affiliation with anonymouse.org, you'll see when you hover your mouse over any links on probloggerbook.com that their links are preceded by the proxy's domain "http://anonymouse.org/cgi-bin/anon-www.cgi/" in order for the proxy to start proxifying the new pages the visitor visits via their proxy. But, I don't think the proxy tracks the clicks and I am going to change this with your help.
    So, from our example above, http://anonymouse.org was preceding **"http://anonymouse.org/cgi-bin/anon-www.cgi/"** to every link. In other words, they are preceding their own domain on every links the user clicks. The minProxy does this. So, if my miniProxy is installed on my "proxy" folder inside my public_html, then it will precede the following path on all links:

    http://mydomain.com/proxy

    Now, I need to add my tracker url so the miniProxy on every proxified pages/links precedes likes so:

    **http://mydomain.com/proxy/tracker.php?url=**

    Now, which part of the code in the following code do I change/replace and what do I replace it with to achieve my purpose ?

    Code:
    <?php
    /*
    miniProxy - A simple PHP web proxy. <https://github.com/josh****/miniProxy>
    Written and maintained by Joshua **** <http://josh****.net>.
    miniProxy is licensed under the GNU GPL v3 <http://www.gnu.org/licenses/gpl.html>.
    */
    /****************************** START CONFIGURATION ******************************/
    //To allow proxying any URL, set $whitelistPatterns to an empty array (the default).
    //To only allow proxying of specific URLs (whitelist), add corresponding regular expressions
    //to the $whitelistPatterns array. Enter the most specific patterns possible, to prevent possible abuse.
    //You can optionally use the "getHostnamePattern()" helper function to build a regular expression that
    //matches all URLs for a given hostname.
    $whitelistPatterns = array(
      //Usage example: To support any URL at example.net, including sub-domains, uncomment the
      //line below (which is equivalent to [ @^https?://([a-z0-9-]+\.)*example\.net@i ]):
      //getHostnamePattern("example.net")
    );
    //To enable CORS (cross-origin resource sharing) for proxied sites, set $forceCORS to true.
    $forceCORS = false;
    //URL that will be used as an example in the instructional text on the miniProxy landing page,
    //and that will be proxied when pressing the 'Proxy It!' button on the landing page
    //if the URL form is left blank.
    $exampleURL = 'https://example.net';
    /****************************** END CONFIGURATION ******************************/
    ob_start("ob_gzhandler");
    if (version_compare(PHP_VERSION, "5.4.7", "<")) {
        die("miniProxy requires PHP version 5.4.7 or later.");
    }
    if (!function_exists("curl_init")) die("miniProxy requires PHP's cURL extension. Please install/enable it on your server and try again.");
    //Helper function for use inside $whitelistPatterns.
    //Returns a regex that matches all HTTP[S] URLs for a given hostname.
    function getHostnamePattern($hostname) {
      $escapedHostname = str_replace(".", "\.", $hostname);
      return "@^https?://([a-z0-9-]+\.)*" . $escapedHostname . "@i";
    }
    //Helper function used to removes/unset keys from an associative array using case insensitive matching
    function removeKeys(&$assoc, $keys2remove) {
      $keys = array_keys($assoc);
      $map = array();
      foreach ($keys as $key) {
         $map[strtolower($key)] = $key;
      }
      foreach ($keys2remove as $key) {
        $key = strtolower($key);
        if (isset($map[$key])) {
           unset($assoc[$map[$key]]);
        }
      }
    }
    if (!function_exists("getallheaders")) {
      //Adapted from http://www.php.net/manual/en/function.getallheaders.php#99814
      function getallheaders() {
        $result = array();
        foreach($_SERVER as $key => $value) {
          if (substr($key, 0, 5) == "HTTP_") {
            $key = str_replace(" ", "-", ucwords(strtolower(str_replace("_", " ", substr($key, 5)))));
            $result[$key] = $value;
          }
        }
        return $result;
      }
    }
    $usingDefaultPort =  (!isset($_SERVER["HTTPS"]) && $_SERVER["SERVER_PORT"] === 80) || (isset($_SERVER["HTTPS"]) && $_SERVER["SERVER_PORT"] === 443);
    $prefixPort = $usingDefaultPort ? "" : ":" . $_SERVER["SERVER_PORT"];
    //Use HTTP_HOST to support client-configured DNS (instead of SERVER_NAME), but remove the port if one is present
    $prefixHost = $_SERVER["HTTP_HOST"];
    $prefixHost = strpos($prefixHost, ":") ? implode(":", explode(":", $_SERVER["HTTP_HOST"], -1)) : $prefixHost;
    define("PROXY_PREFIX", "http" . (isset($_SERVER["HTTPS"]) ? "s" : "") . "://" . $prefixHost . $prefixPort . $_SERVER["SCRIPT_NAME"] . "?");
    //Makes an HTTP request via cURL, using request data that was passed directly to this script.
    function makeRequest($url) {
      //Tell cURL to make the request using the brower's user-agent if there is one, or a fallback user-agent otherwise.
      $user_agent = $_SERVER["HTTP_USER_AGENT"];
      if (empty($user_agent)) {
        $user_agent = "Mozilla/5.0 (compatible; miniProxy)";
      }
      $ch = curl_init();
      curl_setopt($ch, CURLOPT_USERAGENT, $user_agent);
      //Get ready to proxy the browser's request headers...
      $browserRequestHeaders = getallheaders();
      //...but let cURL set some headers on its own.
      removeKeys($browserRequestHeaders, array(
        "Host",
        "Content-Length",
        "Accept-Encoding" //Throw away the browser's Accept-Encoding header if any and let cURL make the request using gzip if possible.
      ));
      curl_setopt($ch, CURLOPT_ENCODING, "");
      //Transform the associative array from getallheaders() into an
      //indexed array of header strings to be passed to cURL.
      $curlRequestHeaders = array();
      foreach ($browserRequestHeaders as $name => $value) {
        $curlRequestHeaders[] = $name . ": " . $value;
      }
      curl_setopt($ch, CURLOPT_HTTPHEADER, $curlRequestHeaders);
      //Proxy any received GET/POST/PUT data.
      switch ($_SERVER["REQUEST_METHOD"]) {
        case "POST":
          curl_setopt($ch, CURLOPT_POST, true);
          //For some reason, $HTTP_RAW_POST_DATA isn't working as documented at
          //http://php.net/manual/en/reserved.variables.httprawpostdata.php
          //but the php://input method works. This is likely to be flaky
          //across different server environments.
          //More info here: http://stackoverflow.com/questions/8899239/http-raw-post-data-not-being-populated-after-upgrade-to-php-5-3
          //If the miniProxyFormAction field appears in the POST data, remove it so the destination server doesn't receive it.
          $postData = Array();
          parse_str(file_get_contents("php://input"), $postData);
          if (isset($postData["miniProxyFormAction"])) {
            unset($postData["miniProxyFormAction"]);
          }
          curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($postData));
        break;
        case "PUT":
          curl_setopt($ch, CURLOPT_PUT, true);
          curl_setopt($ch, CURLOPT_INFILE, fopen("php://input", "r"));
        break;
      }
      //Other cURL options.
      curl_setopt($ch, CURLOPT_HEADER, true);
      curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
      curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
      //Set the request URL.
      curl_setopt($ch, CURLOPT_URL, $url);
      //Make the request.
      $response = curl_exec($ch);
      $responseInfo = curl_getinfo($ch);
      $headerSize = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
      curl_close($ch);
      //Setting CURLOPT_HEADER to true above forces the response headers and body
      //to be output together--separate them.
      $responseHeaders = substr($response, 0, $headerSize);
      $responseBody = substr($response, $headerSize);
      return array("headers" => $responseHeaders, "body" => $responseBody, "responseInfo" => $responseInfo);
    }
    //Converts relative URLs to absolute ones, given a base URL.
    //Modified version of code found at http://nashruddin.com/PHP_Script_for_Converting_Relative_to_Absolute_URL
    function rel2abs($rel, $base) {
      if (empty($rel)) $rel = ".";
      if (parse_url($rel, PHP_URL_SCHEME) != "" || strpos($rel, "//") === 0) return $rel; //Return if already an absolute URL
      if ($rel[0] == "#" || $rel[0] == "?") return $base.$rel; //Queries and anchors
      extract(parse_url($base)); //Parse base URL and convert to local variables: $scheme, $host, $path
      $path = isset($path) ? preg_replace("#/[^/]*$#", "", $path) : "/"; //Remove non-directory element from path
      if ($rel[0] == "/") $path = ""; //Destroy path if relative url points to root
      $port = isset($port) && $port != 80 ? ":" . $port : "";
      $auth = "";
      if (isset($user)) {
        $auth = $user;
        if (isset($pass)) {
          $auth .= ":" . $pass;
        }
        $auth .= "@";
      }
      $abs = "$auth$host$port$path/$rel"; //Dirty absolute URL
      for ($n = 1; $n > 0; $abs = preg_replace(array("#(/\.?/)#", "#/(?!\.\.)[^/]+/\.\./#"), "/", $abs, -1, $n)) {} //Replace '//' or '/./' or '/foo/../' with '/'
      return $scheme . "://" . $abs; //Absolute URL is ready.
    }
    //Proxify contents of url() references in blocks of CSS text.
    function proxifyCSS($css, $baseURL) {
      // Add a "url()" wrapper to any CSS @import rules that only specify a URL without the wrapper,
      // so that they're proxified when searching for "url()" wrappers below.
      $sourceLines = explode("\n", $css);
      $normalizedLines = [];
      foreach ($sourceLines as $line) {
        if (preg_match("/@import\s+url/i", $line)) {
          $normalizedLines[] = $line;
        } else {
          $normalizedLines[] = preg_replace_callback(
            "/(@import\s+)([^;\s]+)([\s;])/i",
            function($matches) use ($baseURL) {
              return $matches[1] . "url(" . $matches[2] . ")" . $matches[3];
            },
            $line);
        }
      }
      $normalizedCSS = implode("\n", $normalizedLines);
      return preg_replace_callback(
        "/url\((.*?)\)/i",
        function($matches) use ($baseURL) {
            $url = $matches[1];
            //Remove any surrounding single or double quotes from the URL so it can be passed to rel2abs - the quotes are optional in CSS
            //Assume that if there is a leading quote then there should be a trailing quote, so just use trim() to remove them
            if (strpos($url, "'") === 0) {
              $url = trim($url, "'");
            }
            if (strpos($url, "\"") === 0) {
              $url = trim($url, "\"");
            }
            if (stripos($url, "data:") === 0) return "url(" . $url . ")"; //The URL isn't an HTTP URL but is actual binary data. Don't proxify it.
            return "url(" . PROXY_PREFIX . rel2abs($url, $baseURL) . ")";
        },
        $normalizedCSS);
    }
    //Proxify "srcset" attributes (normally associated with <img> tags.)
    function proxifySrcset($srcset, $baseURL) {
      $sources = array_map("trim", explode(",", $srcset)); //Split all contents by comma and trim each value
      $proxifiedSources = array_map(function($source) use ($baseURL) {
        $components = array_map("trim", str_split($source, strrpos($source, " "))); //Split by last space and trim
        $components[0] = PROXY_PREFIX . rel2abs(ltrim($components[0], "/"), $baseURL); //First component of the split source string should be an image URL; proxify it
        return implode($components, " "); //Recombine the components into a single source
      }, $sources);
      $proxifiedSrcset = implode(", ", $proxifiedSources); //Recombine the sources into a single "srcset"
      return $proxifiedSrcset;
    }
    //Extract and sanitize the requested URL, handling cases where forms have been rewritten to point to the proxy.
    if (isset($_POST["miniProxyFormAction"])) {
      $url = $_POST["miniProxyFormAction"];
      unset($_POST["miniProxyFormAction"]);
    } else {
      $queryParams = Array();
      parse_str($_SERVER["QUERY_STRING"], $queryParams);
      //If the miniProxyFormAction field appears in the query string, make $url start with its value, and rebuild the the query string without it.
      if (isset($queryParams["miniProxyFormAction"])) {
        $formAction = $queryParams["miniProxyFormAction"];
        unset($queryParams["miniProxyFormAction"]);
        $url = $formAction . "?" . http_build_query($queryParams);
      } else {
        $url = substr($_SERVER["REQUEST_URI"], strlen($_SERVER["SCRIPT_NAME"]) + 1);
      }
    }
    if (empty($url)) {
        die("<html><head><title>miniProxy</title></head><body><h1>Welcome to miniProxy!</h1>miniProxy can be directly invoked like this: <a href=\"" . PROXY_PREFIX . $exampleURL . "\">" . PROXY_PREFIX . $exampleURL . "</a><br /><br />Or, you can simply enter a URL below:<br /><br /><form onsubmit=\"if (document.getElementById('site').value) { window.location.href='" . PROXY_PREFIX . "' + document.getElementById('site').value; return false; } else { window.location.href='" . PROXY_PREFIX . $exampleURL . "'; return false; } \"><input id=\"site\" type=\"text\" size=\"50\" /><input type=\"submit\" value=\"Proxy It!\" /></form></body></html>");
    } else if (strpos($url, ":/") !== strpos($url, "://")) {
        //Work around the fact that some web servers (e.g. IIS 8.5) change double slashes appearing in the URL to a single slash.
        //See https://github.com/josh****/miniProxy/pull/14
        $pos = strpos($url, ":/");
        $url = substr_replace($url, "://", $pos, strlen(":/"));
    }
    $scheme = parse_url($url, PHP_URL_SCHEME);
    if (empty($scheme)) {
      //Assume that any supplied URLs starting with // are HTTP URLs.
      if (strpos($url, "//") === 0) {
        $url = "http:" . $url;
      }
    } else if (!preg_match("/^https?$/i", $scheme)) {
        die('Error: Detected a "' . $scheme . '" URL. miniProxy exclusively supports http[s] URLs.');
    }
    //Validate the requested URL against the whitelist.
    $urlIsValid = count($whitelistPatterns) === 0;
    foreach ($whitelistPatterns as $pattern) {
      if (preg_match($pattern, $url)) {
        $urlIsValid = true;
        break;
      }
    }
    if (!$urlIsValid) {
      die("Error: The requested URL was disallowed by the server administrator.");
    }
    $response = makeRequest($url);
    $rawResponseHeaders = $response["headers"];
    $responseBody = $response["body"];
    $responseInfo = $response["responseInfo"];
    //If CURLOPT_FOLLOWLOCATION landed the proxy at a diferent URL than
    //what was requested, explicitly redirect the proxy there.
    $responseURL = $responseInfo["url"];
    if ($responseURL !== $url) {
      header("Location: " . PROXY_PREFIX . $responseURL, true);
      exit(0);
    }
    //A regex that indicates which server response headers should be stripped out of the proxified response.
    $header_blacklist_pattern = "/^Content-Length|^Transfer-Encoding|^Content-Encoding.*gzip/i";
    //cURL can make multiple requests internally (for example, if CURLOPT_FOLLOWLOCATION is enabled), and reports
    //headers for every request it makes. Only proxy the last set of received response headers,
    //corresponding to the final request made by cURL for any given call to makeRequest().
    $responseHeaderBlocks = array_filter(explode("\r\n\r\n", $rawResponseHeaders));
    $lastHeaderBlock = end($responseHeaderBlocks);
    $headerLines = explode("\r\n", $lastHeaderBlock);
    foreach ($headerLines as $header) {
      $header = trim($header);
      if (!preg_match($header_blacklist_pattern, $header)) {
        header($header, false);
      }
    }
    //Prevent robots from indexing proxified pages
    header("X-Robots-Tag: noindex, nofollow", true);
    if ($forceCORS) {
      //This logic is based on code found at: http://stackoverflow.com/a/9866124/278810
      //CORS headers sent below may conflict with CORS headers from the original response,
      //so these headers are sent after the original response headers to ensure their values
      //are the ones that actually end up getting sent to the browser.
      //Explicit [ $replace = true ] is used for these headers even though this is PHP's default behavior.
      //Allow access from any origin.
      header("Access-Control-Allow-Origin: *", true);
      header("Access-Control-Allow-Credentials: true", true);
      //Handle CORS headers received during OPTIONS requests.
      if ($_SERVER["REQUEST_METHOD"] == "OPTIONS") {
        if (isset($_SERVER["HTTP_ACCESS_CONTROL_REQUEST_METHOD"])) {
          header("Access-Control-Allow-Methods: GET, POST, OPTIONS", true);
        }
        if (isset($_SERVER["HTTP_ACCESS_CONTROL_REQUEST_HEADERS"])) {
          header("Access-Control-Allow-Headers: {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']}", true);
        }
        //No further action is needed for OPTIONS requests.
        exit(0);
      }
    }
    $contentType = "";
    if (isset($responseInfo["content_type"])) $contentType = $responseInfo["content_type"];
    //This is presumably a web page, so attempt to proxify the DOM.
    if (stripos($contentType, "text/html") !== false) {
      //Attempt to normalize character encoding.
      $detectedEncoding = mb_detect_encoding($responseBody, "UTF-8, ISO-8859-1");
      if ($detectedEncoding) {
        $responseBody = mb_convert_encoding($responseBody, "HTML-ENTITIES", $detectedEncoding);
      }
      //Parse the DOM.
      $doc = new DomDocument();
      @$doc->loadHTML($responseBody);
      $xpath = new DOMXPath($doc);
      //Rewrite forms so that their actions point back to the proxy.
      foreach($xpath->query("//form") as $form) {
        $method = $form->getAttribute("method");
        $action = $form->getAttribute("action");
        //If the form doesn't have an action, the action is the page itself.
        //Otherwise, change an existing action to an absolute version.
        $action = empty($action) ? $url : rel2abs($action, $url);
        //Rewrite the form action to point back at the proxy.
        $form->setAttribute("action", rtrim(PROXY_PREFIX, "?"));
        //Add a hidden form field that the proxy can later use to retreive the original form action.
        $actionInput = $doc->createDocumentFragment();
        $actionInput->appendXML('<input type="hidden" name="miniProxyFormAction" value="' . htmlspecialchars($action) . '" />');
        $form->appendChild($actionInput);
      }
      //Proxify <meta> tags with an 'http-equiv="refresh"' attribute.
      foreach ($xpath->query("//meta[@http-equiv]") as $element) {
        if (strcasecmp($element->getAttribute("http-equiv"), "refresh") === 0) {
          $content = $element->getAttribute("content");
          if (!empty($content)) {
            $splitContent = preg_split("/=/", $content);
            if (isset($splitContent[1])) {
              $element->setAttribute("content", $splitContent[0] . "=" . PROXY_PREFIX . rel2abs($splitContent[1], $url));
            }
          }
        }
      }
      //Profixy <style> tags.
      foreach($xpath->query("//style") as $style) {
        $style->nodeValue = proxifyCSS($style->nodeValue, $url);
      }
      //Proxify tags with a "style" attribute.
      foreach ($xpath->query("//*[@style]") as $element) {
        $element->setAttribute("style", proxifyCSS($element->getAttribute("style"), $url));
      }
      //Proxify "srcset" attributes in <img> tags.
      foreach ($xpath->query("//img[@srcset]") as $element) {
        $element->setAttribute("srcset", proxifySrcset($element->getAttribute("srcset"), $url));
      }
      //Proxify any of these attributes appearing in any tag.
      $proxifyAttributes = array("href", "src");
      foreach($proxifyAttributes as $attrName) {
        foreach($xpath->query("//*[@" . $attrName . "]") as $element) { //For every element with the given attribute...
          $attrContent = $element->getAttribute($attrName);
          if ($attrName == "href" && preg_match("/^(about|javascript|magnet|mailto):/i", $attrContent)) continue;
          $attrContent = rel2abs($attrContent, $url);
          $attrContent = PROXY_PREFIX . $attrContent;
          $element->setAttribute($attrName, $attrContent);
        }
      }
      //Attempt to force AJAX requests to be made through the proxy by
      //wrapping window.XMLHttpRequest.prototype.open in order to make
      //all request URLs absolute and point back to the proxy.
      //The rel2abs() JavaScript function serves the same purpose as the server-side one in this file,
      //but is used in the browser to ensure all AJAX request URLs are absolute and not relative.
      //Uses code from these sources:
      //http://stackoverflow.com/questions/7775767/javascript-overriding-xmlhttprequest-open
      //https://gist.github.com/1088850
      //TODO: This is obviously only useful for browsers that use XMLHttpRequest but
      //it's better than nothing.
      $head = $xpath->query("//head")->item(0);
      $body = $xpath->query("//body")->item(0);
      $prependElem = $head != NULL ? $head : $body;
      //Only bother trying to apply this hack if the DOM has a <head> or <body> element;
      //insert some JavaScript at the top of whichever is available first.
      //Protects against cases where the server sends a Content-Type of "text/html" when
      //what's coming back is most likely not actually HTML.
      //TODO: Do this check before attempting to do any sort of DOM parsing?
      if ($prependElem != NULL) {
        $scriptElem = $doc->createElement("script",
          '(function() {
            if (window.XMLHttpRequest) {
              function parseURI(url) {
                var m = String(url).replace(/^\s+|\s+$/g, "").match(/^([^:\/?#]+:)?(\/\/(?:[^:@]*(?::[^:@]*)?@)?(([^:\/?#]*)(?::(\d*))?))?([^?#]*)(\?[^#]*)?(#[\s\S]*)?/);
                // authority = "//" + user + ":" + pass "@" + hostname + ":" port
                return (m ? {
                  href : m[0] || "",
                  protocol : m[1] || "",
                  authority: m[2] || "",
                  host : m[3] || "",
                  hostname : m[4] || "",
                  port : m[5] || "",
                  pathname : m[6] || "",
                  search : m[7] || "",
                  hash : m[8] || ""
                } : null);
              }
              function rel2abs(base, href) { // RFC 3986
                function removeDotSegments(input) {
                  var output = [];
                  input.replace(/^(\.\.?(\/|$))+/, "")
                    .replace(/\/(\.(\/|$))+/g, "/")
                    .replace(/\/\.\.$/, "/../")
                    .replace(/\/?[^\/]*/g, function (p) {
                      if (p === "/..") {
                        output.pop();
                      } else {
                        output.push(p);
                      }
                    });
                  return output.join("").replace(/^\//, input.charAt(0) === "/" ? "/" : "");
                }
                href = parseURI(href || "");
                base = parseURI(base || "");
                return !href || !base ? null : (href.protocol || base.protocol) +
                (href.protocol || href.authority ? href.authority : base.authority) +
                removeDotSegments(href.protocol || href.authority || href.pathname.charAt(0) === "/" ? href.pathname : (href.pathname ? ((base.authority && !base.pathname ? "/" : "") + base.pathname.slice(0, base.pathname.lastIndexOf("/") + 1) + href.pathname) : base.pathname)) +
                (href.protocol || href.authority || href.pathname ? href.search : (href.search || base.search)) +
                href.hash;
              }
              var proxied = window.XMLHttpRequest.prototype.open;
              window.XMLHttpRequest.prototype.open = function() {
                  if (arguments[1] !== null && arguments[1] !== undefined) {
                    var url = arguments[1];
                    url = rel2abs("' . $url . '", url);
                    url = "' . PROXY_PREFIX . '" + url;
                    arguments[1] = url;
                  }
                  return proxied.apply(this, [].slice.call(arguments));
              };
            }
          })();'
        );
        $scriptElem->setAttribute("type", "text/javascript");
        $prependElem->insertBefore($scriptElem, $prependElem->firstChild);
      }
      echo "<!-- Proxified page constructed by miniProxy -->\n" . $doc->saveHTML();
    } else if (stripos($contentType, "text/css") !== false) { //This is CSS, so proxify url() references.
      echo proxifyCSS($responseBody, $url);
    } else { //This isn't a web page or CSS, so serve unmodified through the proxy with the correct headers (images, JavaScript, etc.)
      header("Content-Length: " . strlen($responseBody), true);
      echo $responseBody;
    }
    Here is the full script:

    https://github.com/josh****/miniProxy

    If you know of any better script then do let me know by pointing out which part of the code to replace with what. Be 100% precise in your descriptions or I will get lost or drown in the code.

    PS - I'm dozing off to sleep. Might roll out of my chair and so I will look into your answer/reply after I wake-up. Therefore, take your time in wading through the code to pin-point where I should add my tracker url. And, don't forget this thread and don't delay in answering this post.

    PPS - Don't worry, I won't name the directory "proxy" as I know websites filter that keyword.

    Thanks!
  2. #2
  3. Forgotten Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Mar 2007
    Location
    Washington, USA
    Posts
    16,046
    Rep Power
    9616
    You cannot know what they do on another site unless that site hosts your Javascript code. Good luck convincing the internet to do that.
  4. #3
  5. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2017
    Posts
    127
    Rep Power
    1

    Question


    Originally Posted by requinix
    You cannot know what they do on another site unless that site hosts your Javascript code. Good luck convincing the internet to do that.
    Bros,

    Do me a favour.
    Follow the following steps and give me your results:

    1. Fire-up Xampp.
    2. Create a folder "PROXY" in the "localhost". Then, create file: test.php
    3. Add the following code into test.php:

    https://github.com/josh****/miniProx.../miniProxy.php

    It is from:
    miniProxy - A simple PHP web proxy. https://github.com/josh****/miniProxy

    4. Test the proxy script by navigating over to: C:\Xamp\htdocs\PROXY\test.php

    What do you see ?
    You see a page that looks like this:

    **Welcome to miniProxy!**

    **miniProxy can be directly invoked like this: https://example.net**]301 Moved Permanently[/url]

    **Or, you can simply enter a URL below:**

    5. Type the following url to proxify it:
    http://probloggerbook.com/]301 Moved Permanently[/url]

    Now, hover your mouse over the "About the Book" but don't click it. What does the url get shown as ?
    It gets shown as:
    http://probloggerbook.com/about/]301 Moved Permanently[/url]

    Note that the original url is:
    http://probloggerbook.com/

    But it gets shown to you by preceding: http://localhost:80/proxy/test.php?.

    In other words, no matter what url you view via the proxy, it gets proxified by preceding "http://localhost:80/proxy/test.php?" onto the url. Like so:

    http://probloggerbook.com/]301 Moved Permanently[/url]
    http://localhost:80/proxy/test.php?http://ebay.com/

    Those sites you are viewing do not host your http://localhost:80/proxy/test.php? links nor precede it but your proxy itself does it.
    Now, as you can see the proxy is preceding "http://localhost:80/proxy/test.php?" in order to proxify your chosen url. But my idea is, instead of getting it to precede "http://localhost:80/proxy/test.php?", why don't we get it to precede "http://localhost:80/proxy/tracker.php?" instead. That way, our proxy tracker page script gets preceded and clicked in order for the tracker to log the user's clicked url (foreign domain) before forwarding the user to the proxified page http://localhost:80/proxy/test.php?somedomain.com.

    Now, can you figure-out which part of the code to replace with what to get the script to start logging ?
    I mean, which part in the script do we make changes so the script no longer precedes http://localhost:80/proxy/test.php?
    but precedes instead:
    http://localhost:80/proxy/tracker.php?that redirects the user to:
    http://localhost:80/proxy/test.php?somedomain.com

    In short, the script should not directly forward the user to the proxified page (the page user wants to view) but forward him to the tracker page in the middle as a doorway page before redirecting to the final destination.

    Anyone are welcome to make replies!
    Last edited by UniqueIdeaMan; May 13th, 2017 at 08:39 PM.
  6. #4
  7. Forgotten Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Mar 2007
    Location
    Washington, USA
    Posts
    16,046
    Rep Power
    9616
    That's a standard tracker. One you've already talked about.

    But once you've sent the user to the "final destination" you cannot track what happens. Is that not what you're asking to do?
  8. #5
  9. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2017
    Posts
    127
    Rep Power
    1
    Originally Posted by requinix
    That's a standard tracker. One you've already talked about.

    But once you've sent the user to the "final destination" you cannot track what happens. Is that not what you're asking to do?

    Nope! I want to track even at the final destination. I want to track their whole session no matter what websites and webpages they view.
    I'd like to add that, I really have no intention of running a proxy to allow others to anonymously surf the net. Criminals would download illegal stuffs and probably do other illegal stuffs and get me in trouble.
    I looked into the proxy because it had some function I wanted. Will save me from coding everything from top to bottom. That was the plan.
    As you have figured by now, I just want to give my users an iframe/frame so they can browse the net with it. I just want to log what they're browsing. Pretty much like Team Viewer where you can see from your end what's on my screen. Only difference would be, you won't control my computer while with a Team Viewer session you can.
    I come across lots of good text readings and videos. Sick and tired copying & pasting their links to forums or email messages for others to view what I am viewing or have viewed. Not all pages have the TWEET or LIKE or SHARE button.
    With my project, I'll just browse the net in an iframe/frame/proxy and the tracker will log every page I visit and others can view on their end what I'm viewing without me having to hit the LIKE/SHARE/TWEET button. Others like family, friends and new buddies (like yourselves). Ofcourse, I have another goal to all this but that will go off-topic and so I won't mention it now.
  10. #6
  11. Forgotten Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Mar 2007
    Location
    Washington, USA
    Posts
    16,046
    Rep Power
    9616
    Okay then, I was not mistaken.

    It is not possible in any sort of way you're imagining. At all.
  12. #7
  13. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2017
    Posts
    127
    Rep Power
    1

    Thumbs up


    Originally Posted by requinix
    Okay then, I was not mistaken.

    It is not possible in any sort of way you're imagining. At all.
    Requinix my man,

    I managed to do it with a little hiccup here and there. Do you want to have a look at the script ? I'm glad that you can learn something a little from me and my findings for a change after all the contributions this forum has made to me so far. :smile:

    In short, 2 nights ago, I said to myself, instead of redirecting the user from the proxified page to the tracker and then back to the proxified page, why don't I just add the tracker code onto the proxy php file ? That way, no need for 2 files. The proxy page and the tracker page.
    Anyway, I found a programmer confirming it can be done and he suggested what I was thinking to do (add the tracker code to the main proxy code file) and showed me where to make the changes. Doing it, worked. He said, if I try redirecting the user from the proxified page to the tracker page then the execution would be complete and no way can I redirect the user back to the proxified page. Therefore, his suggestion was to just add the tracking code in the same file where the code for the proxy is residing. Infact, the original script was one page anyway.

    Anyone else interested in seeing the script ? It's not perfect but doing what programmers were saying in 2 forums (including this one) that what I am planning to do is impossible. With the help from a 3rd forum, I achieved what experienced guys were saying is impossible. Now, isn't that something ?
    If you learn what I'm upto with the script, you'll agree I live upto my username "Unique Idea Man". Now, I'm thinking of changing it to "Mr Possible". Lol!
    Btw, is anyone interested to learn what I'm upto ? Just don't pull your hairs saying "Why didn't I think of that ?". Lol!
    Last edited by UniqueIdeaMan; May 15th, 2017 at 04:41 PM.
  14. #8
  15. Forgotten Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Mar 2007
    Location
    Washington, USA
    Posts
    16,046
    Rep Power
    9616


    It's obvious that you don't know what you're talking about. It's been obvious for weeks now.

    You've been describing two different things: tracking someone going through a redirection script and tracking someone once they're left your site. The former is definitely possible. The latter is definitely not possible* because of technical and security limitations. Not "mostly" impossible or "generally" impossible but actually impossible.

    You say you have something working the way you want? Great. Congratulations. But it is not this thing you have been talking about for tracking people on other sites. I don't know what it is, but I do know what it isn't. Maybe it's s a simple case of miscommunication.

    Good luck with the rest of what you're doing.

    * without using proxying or having your Javascript installed on other sites.
  16. #9
  17. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2017
    Posts
    127
    Rep Power
    1

    Thumbs up


    Originally Posted by requinix


    It's obvious that you don't know what you're talking about. It's been obvious for weeks now.

    You've been describing two different things: tracking someone going through a redirection script and tracking someone once they're left your site. The former is definitely possible. The latter is definitely not possible* because of technical and security limitations. Not "mostly" impossible or "generally" impossible but actually impossible.

    You say you have something working the way you want? Great. Congratulations. But it is not this thing you have been talking about for tracking people on other sites. I don't know what it is, but I do know what it isn't. Maybe it's s a simple case of miscommunication.

    Good luck with the rest of what you're doing.

    * without using proxying or having your Javascript installed on other sites.
    I thought you understood me all along, mate. But I guess programmers and marketing geniuses don't go hand in hand.
    I'm talking about proxifying sites and tracking the users while they browse the proxified sites. But, I'm not going to run a usual standard proxy service so that users can anonymously browse the web and download harmful stuffs onto my servers. No, infact, it would be the opposite. Users would use the proxy to announce to the world which websites they are currently browsing.
    It's a little like this ...
    I give you an account. You log in to your account and see an iframe or a text box (like proxies show you) where you type the url of the webpage you want to browse.
    Now, when you start your session, the logging would occur until you end your session. Throughout the session, whatever websites and pages you viewed would be logged.
    I'd be using a proxy script to give you this feature to view websites. I won't write my own proxy because I don't know how to write one as I'm still learning php and looking into cURL at the moment. And so, I'll just grab a gpl one or whatever and add php code so the proxy tracks the urls of the websites and webpages you visit.
    So yes, the third party sites you browse would be proxified. Hence, trackable. But, it won't be an anonymous proxy since it publicizes what you are browsing.
    It won't be a true standard proxy either because with standard proxies you can download stuffs. I'll be worried users would download viruses and illegal stuffs and so I'll try to edit the proxies code so that downloading is barred. That means, you can only browse webpages but not download anything. This is for my security.
    I've already added the tracking code and it's tracking the users (at this moment, I am the only user) visits to third party sites.
    I am happy, I got this working. Are you not happy ?
    Now, your question is: Why would any user allow me to track them and publicize their surfing ? That is a different topic and I'll get banned if I write lengthy descriptions in this thread. I'll just say this much. From a website's point of view. You would personally knock on my door and ask me to track my users who visit your proxified pages.
    Finally, another question: Why would any user allow me to track them ? Well, that's the billion, oops! trillion dollar answer. It's an answer that (I believe) will defeat every single searchengine and social network in existance. Either they adapt and do as I do or go extinct. I'm not crazy. Nor bluffing and I know you're angrily gonna reply sarcastically "Good luck to you mate if you can really do that!". But I can.
    Like I said, this is a coding thread and so I can't discuss marketing here.
    Also, I don't want others with better experience in php jumping at the idea and building this thing before I do and taking all the credit for it.
    I will just say this much. If you're interested in a social network that earns viral traffic & viral income for it's users and make a change on the internet where the top 10 searchengines and social networks find themselves in a tight corner about to go extinct if they don;t copy my idea then PM me. PM me, only if you're interested in hopping aboard and taking part in building it.
    Anyway, I got other less important features (viral traffic) to finish first and so opening another thread about it. On that thread, do not reference anything to this thread. I want to keep the topics separate. Also, I might find programmers on it willing to help me in my coding but if they read this thread then (like you) they will jump to conclusion and think I'm crazy and just start ignoring me.

    You know what ? You've been helpful to me in this thread and I get the feeling, unless I show you a little that I know what I'm talking about then I'm guessing you won't contribute on my new thread. Therefore, to prove that I'm not crazy, I will just reveal half the secret here so that others can read it and also conclude that I'm not talking nonsense.
    The other half (why the PUBLIC will allow BEG me to LOG their internet activities) of my secret, I will keep it secret for now. That way, any copycats coming will fail in competition due to them failing to get the public's permission to track them.
    As a website owner, you DO NOT have access to the contact details of every single one of your website visitors who drop by to your site. Some purchase from you and leave their email or fone to your order form but a lot hit the BACK button (WRONGFULLY assuming your site does not have what they're looking for) and leave without leaving their contact detais to you.
    No way, you can ask them why they left. No feed back. Unless, ofcourse, you knock on my door and tell me to check my logs who's hit the BACK button on your website so that you can PM check the stats to understand what was on their mind.
    What was that they were searching for. What their budget is. Etc. You'd be pleading me to PM them your marketing material so they are obstructed from buying from your competition. Lead hunting. That's the game.
    Anyway, like I said, this is a coding thread. I won't reveal my genius wisdoms any further. Those who hop aboard and work with me, now that is different.
    When I say "you knock on my door" etc. I don't mean you personally. It's just an expression and so don't lash out. I'll probably do you more good if you stay as a mate.
    Take care!

    PS - This idea itself is good enough to give every single searchengine in the world a bloody nose. This is only one idea I have revealed to you so you take me seriously. I got a bunch more up my magic sleeves and all the searchengines in the world are gonna feel my magic staff/rod on their bald heads. Real soon. Lol!
    Last edited by UniqueIdeaMan; May 16th, 2017 at 09:27 AM.
  18. #10
  19. Wiser? Not exactly.
    Devshed God 1st Plane (5500 - 5999 posts)

    Join Date
    May 2001
    Location
    Bonita Springs, FL
    Posts
    5,962
    Rep Power
    4058
    Whatever you're smoking must be pretty good stuff if you think people are going to be begging you to track them so that you can sell their contact information to every scammer/spammer on the internet. Aside from that just knowing someones browser history isn't going to tell you how to contact them, and sites would be pretty quick to just blacklist your proxy from their site to protect their user's privacy. It's clear you know nothing of how the internet and the people using it function.

    Beyond all that, if you really want to try and bring this half-baked crazy idea to life you are going about it all wrong. What you want to build is not a proxy but a web browser with all this tracking built into it. Grab a copy of the firefox / chromium source code and build your own version that logs everything a person does then convince them to download that and use it as their daily browser. Building a browser might actually get you some users if you provide enough incentive. Building a website to proxy all the traffic is doomed for failure.
    Recycle your old CD's, don't just trash them



    If I helped you out, show some love with some reputation, or tip with Bitcoins to 1N645HfYf63UbcvxajLKiSKpYHAq2Zxud
  20. #11
  21. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2017
    Posts
    127
    Rep Power
    1
    Originally Posted by kicken
    Whatever you're smoking must be pretty good stuff if you think people are going to be begging you to track them so that you can sell their contact information to every scammer/spammer on the internet. Aside from that just knowing someones browser history isn't going to tell you how to contact them, and sites would be pretty quick to just blacklist your proxy from their site to protect their user's privacy. It's clear you know nothing of how the internet and the people using it function.

    Beyond all that, if you really want to try and bring this half-baked crazy idea to life you are going about it all wrong. What you want to build is not a proxy but a web browser with all this tracking built into it. Grab a copy of the firefox / chromium source code and build your own version that logs everything a person does then convince them to download that and use it as their daily browser. Building a browser might actually get you some users if you provide enough incentive. Building a website to proxy all the traffic is doomed for failure.
    Already built a web browser more than 6 mnths back. I get thumbs up but no one uses it. I suspect they fear a spyware as people are weary to install .exe nowadays from unknown brands. Therefore, unable to track them.
    Hence, looking into building a social network, searchengine, proxy, etc. That way, public don't fear a virus or spyware or malware or whatever!

    Can even try dns cache! Lol!

    And no. I don;t take drugs. Already have people telling me they'd permit the tracking in return for the incentives.
  22. #12
  23. Contributing User
    Devshed Supreme Being (6500+ posts)

    Join Date
    Mar 2003
    Location
    in da kitchen ...
    Posts
    12,871
    Rep Power
    6447
    someone has 'good' smoke ... lads, this is news worth sharing ...
    --Ax
    without exception, there is no rule ...
    Handmade Irish Jewellery
    Targeted Advertising Cookie Optout (TACO) extension for Firefox
    The great thing about Object Oriented code is that it can make small, simple problems look like large, complex ones


    09 F9 11 02
    9D 74 E3 5B
    D8 41 56 C5
    63 56 88 C0
    Some people, when confronted with a problem, think "I know, I'll use regular expressions." Now they have two problems.
    -- Jamie Zawinski
    Detavil - the devil is in the detail, allegedly, and I use the term advisedly, allegedly ... oh, no, wait I did ...
    BIT COINS ANYONE
  24. #13
  25. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2017
    Posts
    127
    Rep Power
    1

    Question


    Originally Posted by requinix
    You cannot know what they do on another site unless that site hosts your Javascript code. Good luck convincing the internet to do that.
    Look at it this way. i can run a proxy. My users can view your website through my proxy. I can track their movements on each of your webpages (profixied pages). Do I really need to convince the whole world to add my javascript onto their pages.
    Your the 2nd programmer who keeps insisting it's not possible to track anyone on proxified pages. One even opened a bet that it cant be done. I just can't wait to earn his $500+. Do you want to bet another $500 too ? I'd love to earn the $1000+. Lol!

    Anyway. See if you can pour some knowledge this way ...
    Preg_replace() Delimiter problem

IMN logo majestic logo threadwatch logo seochat tools logo