<?php
// do_away_with_the_boring_bits.php
// RJM Programming
// January, 2017
// Help out do_away_with_the_boring_bits.html with long entries, for example
function server_remote_addr() {
$rma = $_SERVER['REMOTE_ADDR'];
$ua = strtolower($_SERVER['HTTP_USER_AGENT']);
// you can add different browsers with the same way ..
if(preg_match('/(chromium)[ \/]([\w.]+)/', $ua))
$rma = '000000'.$rma;
elseif(preg_match('/(chrome)[ \/]([\w.]+)/', $ua))
$rma = '00000'.$rma;
elseif(preg_match('/(safari)[ \/]([\w.]+)/', $ua))
$rma = '0000'.$rma;
elseif(preg_match('/(opera)[ \/]([\w.]+)/', $ua))
$rma = '000'.$rma;
elseif(preg_match('/(msie)[ \/]([\w.]+)/', $ua))
$rma = '00'.$rma;
elseif(preg_match('/(mozilla)[ \/]([\w.]+)/', $ua))
$rma = '0'.$rma;
return str_replace(":", "_", $rma);
}
if (isset($_GET['rand'])) {
if (strlen($_GET['rand']) > 0) {
$filis='/tmp/media_' . server_remote_addr() . '.' . explode(';',explode(',',explode('/', str_replace(' ','+',urldecode($_GET['rand'])))[1])[0])[0];
echo "<html><body>" . $filis . "</body></html>";
exit;
}
} else if (isset($_POST['url']) && isset($_POST['durto']) && isset($_POST['justfgcdu'])) {
file_put_contents('x1.x1', $_POST['url']);
$filis='/tmp/media_' . server_remote_addr() . '.' . explode(';',explode(',',explode('/', str_replace(' ','+',urldecode($_POST['justfgcdu'])))[1])[0])[0];
file_put_contents('x2.x2', $filis);
if (file_exists($filis)) {
unlink($filis);
}
file_put_contents('x3.x3', base64_decode( explode(';base64,', str_replace(' ','+',urldecode($_POST['url'])))[1]) );
file_put_contents($filis, base64_decode( explode(';base64,', str_replace(' ','+',urldecode($_POST['url'])))[1]) );
file_put_contents('x4.x4', "<html><body onload=\"parent.document.getElementById('audio" . str_replace('end','',$_POST['durto']) . "').value='" . $filis . "'; \"></body></html>");
echo "<html><body onload=\"parent.document.getElementById('audio" . str_replace('end','',$_POST['durto']) . "').value='" . $filis . "'; \">" . $filis . "</body></html>";
exit;
} else if (isset($_GET['url']) && isset($_GET['durto']) && isset($_GET['justfgcdu'])) {
if (strpos(('@' . urldecode($_GET['url'])), '@/tmp/') !== false) {
$htmlis = @file_get_contents(urldecode($_GET['url']));
} else if (strpos(urldecode($_GET['url']), '//') !== false) {
$htmlis = @file_get_contents('http://' . explode('//', urldecode($_GET['url']))[1]);
} else if (strpos(urldecode($_GET['url']), '/') !== false) {
$htmlis = @file_get_contents('http://www.rjmprogramming.com.au/' . urldecode($_GET['url']));
if ($htmlis == '') {
$htmlis = @file_get_contents('http://www.rjmprogramming.com.au/HTMLCSS/' . urldecode($_GET['url']));
}
} else {
$htmlis = @file_get_contents('http://www.rjmprogramming.com.au/' . urldecode($_GET['url']));
}
echo '<html><body>' . str_replace(' ','+',urldecode($_GET['justfgcdu'])) . base64_encode($htmlis) . '</body></html>';
exit;
}
if (isset($_POST['tags'])) {
if (!file_exists('do_away_with_the_boring_bits.xxx')) {
file_put_contents('do_away_with_the_boring_bits.xxx', file_get_contents(str_replace('+',' ',urldecode($_POST['tags']))));
}
$xh=file_get_contents(str_replace('+',' ',urldecode($_POST['tags'])));
if (strpos($xh, "<td>") === false && file_exists('do_away_with_the_boring_bits.xxx')) {
echo file_get_contents('./do_away_with_the_boring_bits.xxx');
} else {
echo $xh;
}
exit;
}
$htmltoendupwith="";
if (isset($_POST['delthis'])) {
if ("temp_do_away" . server_remote_addr() . ".htm" == urldecode($_POST[delthis])) {
sleep(5);
unlink(urldecode($_POST['delthis']));
exit;
}
} else if (isset($_GET['delthis'])) {
if ("temp_do_away" . server_remote_addr() . ".htm" == urldecode($_GET[delthis])) {
sleep(5);
unlink(urldecode($_GET['delthis']));
exit;
}
}
if (isset($_GET['url'])) {
$htmlis = @file_get_contents(urldecode($_GET['url']));
$urlbit=urldecode($_GET['url']);
$nonfbits=explode("/", $urlbit);
if ($nonfbits[-1 + sizeof($nonfbits)] != "") $urlbit = str_replace("/" . $nonfbits[-1 + sizeof($nonfbits)], "/", $urlbit);
$htmltoendupwith="<!doctype html><html><body onload=\" if (top.document.getElementById('urlprefix')) { top.document.getElementById('urlprefix')='" . $urlbit . "'; } if (top.document.getElementById('htmlcontent')) { top.document.getElementById('htmlcontent').value=decodeURIComponent('" . urlencode($htmlis) . "'.replace(/\+/g,'%20')); } \"></body></html>";
} else {
header("X-XSS-Protection: 0");
$filename="do_away_with_the_boring_bits.html";
$handle = fopen($filename, "r");
$htmlis = fread($handle, filesize($filename));
fclose($handle);
//echo $htmlis;
//exit;
$htmltoendupwith=$htmlis;
$andintoitgoes="";
if (isset($_POST['htmlcontent'])) {
$andintoitgoes=$_POST['htmlcontent'];
} else if (isset($_GET['htmlcontent'])) {
$andintoitgoes=$_GET['htmlcontent'];
}
if (strpos(urldecode($andintoitgoes), "<s" . "cript") !== false) {
file_put_contents("temp_do_away" . server_remote_addr() . ".htm", urldecode($andintoitgoes));
echo "<!doctype html><html><body onload=\" if (parent.document.getElementById('delthis')) { parent.document.getElementById('delthis').value='temp_do_away" . server_remote_addr() . ".htm'; } if (parent.document.getElementById('htmlcontent')) { parent.document.getElementById('htmlcontent').value=decodeURIComponent('" . urlencode($andintoitgoes) . "'.replace(/\+/g,'%20')); } if (parent.document.getElementById('dhtmlcontent')) { parent.document.getElementById('dhtmlcontent').innerHTML='<iframe name=ihtmlcontent id=ihtmlcontent src=./temp_do_away" . server_remote_addr() . ".htm style=height:650px;background-color:lightblue;></iframe>'; } if (parent.document.getElementById('delthis')) { parent.perhapsdel(); } \"></body></html>";
//echo "<!doctype html><html><body onload=\" if (parent.document.getElementById('dhtmlcontent')) { parent.document.getElementById('dhtmlcontent').innerHTML='<iframe name=ihtmlcontent id=ihtmlcontent src=./temp_do_away.htm style=height:650px;background-color:lightblue;></iframe>'; } \"></body></html>";
//sleep(5);
//unlink("temp_do_away" . server_remote_addr() . ".htm");
//exit;
} else if (strpos($andintoitgoes, "<s" . "cript") !== false) {
file_put_contents("temp_do_away" . server_remote_addr() . ".htm", $andintoitgoes);
echo "<!doctype html><html><body onload=\" if (parent.document.getElementById('delthis')) { parent.document.getElementById('delthis').value='temp_do_away" . server_remote_addr() . ".htm'; } if (parent.document.getElementById('htmlcontent')) { parent.document.getElementById('htmlcontent').value=decodeURIComponent('" . urlencode($andintoitgoes) . "'.replace(/\+/g,'%20')); } if (parent.document.getElementById('dhtmlcontent')) { parent.document.getElementById('dhtmlcontent').innerHTML='<iframe name=ihtmlcontent id=ihtmlcontent src=./temp_do_away" . server_remote_addr() . ".htm style=height:650px;background-color:lightblue;></iframe>'; } if (parent.document.getElementById('delthis')) { parent.perhapsdel(); } \"></body></html>";
//echo "<!doctype html><html><body onload=\" if (parent.document.getElementById('dhtmlcontent')) { parent.document.getElementById('dhtmlcontent').innerHTML='<iframe name=ihtmlcontent id=ihtmlcontent src=./temp_do_away.htm style=height:650px;background-color:lightblue;></iframe>'; } \"></body></html>";
//sleep(5);
//unlink("temp_do_away" . server_remote_addr() . ".htm");
//exit;
} else {
$anda=explode(' :' . ' defh', $htmlis);
$andintoitgoes="";
if (isset($_POST['htmlcontent'])) {
$andintoitgoes=$_POST['htmlcontent'];
if (strpos(urldecode($andintoitgoes), "<?") !== false) {
$file = 'doityourself.php';
if (!file_exists($file)) {
file_put_contents($file, urldecode($andintoitgoes));
}
if (file_exists($file)) {
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="'.basename($file).'"');
header('Expires: 0');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Content-Length: ' . filesize($file));
readfile($file);
unlink($file);
exit;
}
} else if (sizeof($anda) == 2) {
$htmltoendupwith=$anda[0] . ' :' . ' ourdecodeURIComponent("' . urlencode($andintoitgoes) . '")' . $anda[1];
} else {
$htmltoendupwith=str_replace(' :' . ' defh', ' :' . ' ourdecodeURIComponent("' . urlencode($andintoitgoes) . '")', $htmlis);
}
if (isset($_POST['shortcuts'])) {
$htmltoendupwith=str_replace(" :" . " '')" . ";", " :" . "'" . ' ourdecodeURIComponent("' . urlencode($_POST['shortcuts']) . "')" . ";", $htmltoendupwith);
}
} else if (isset($_GET['htmlcontent'])) {
$andintoitgoes=$_GET['htmlcontent'];
if (strpos(urldecode($andintoitgoes), "<?") !== false) {
$file = 'doityourself.php';
if (!file_exists($file)) {
file_put_contents($file, urldecode($andintoitgoes));
}
if (file_exists($file)) {
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="'.basename($file).'"');
header('Expires: 0');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Content-Length: ' . filesize($file));
readfile($file);
unlink($file);
exit;
}
} else {
$htmltoendupwith=str_replace("'htmlc" . "ontent='", "'htmlXXXc" . "ontent='", str_replace(' :' . ' defh', ' :' . ' ourdecodeURIComponent("' . urlencode($andintoitgoes) . '")', $htmltoendupwith));
}
if (isset($_GET['shortcuts'])) {
$htmltoendupwith=str_replace(" :" . " '')" . ";", " :" . "'" . ' ourdecodeURIComponent("' . urlencode($_GET['shortcuts']) . "')" . ";", $htmltoendupwith);
}
}
}
}
echo $htmltoendupwith;
?>