<?php
/
$_SERVER['PHP_SELF']='/testproxy.php';
session_start();
/*
* Get starting variables for processing the security
*/
$referer=$_SERVER['HTTP_REFERER'];
/*
* auto set the permission to true unless it fails any of the following security checks
*/
$allow=true;
$error='';
/*
* Check to see if its coming from the right domain location
*/
switch ($referer) {
/*
* Allowed domain and link
* Replace the domains below with the address of the page your openlayers map is on
*/
case 'http://example.com/map/':
case 'http://www.example.com':
case 'http://dev.example.com':
$allow=true;
break;
/*
* Any blocked domains not in allowed list comes through default and is blocked
*/
default:
$allow=false;
$error.="ErrorCode 001: Your domain is not trusted";
break;
}//end switch
/*
* Define the function that makes the request to map server
*/
function getMS() {
$url=$_REQUEST['url'];
$reqfields='';
foreach ($_GET as $k=>$v) {
$reqfields.="&$k=$v";
}//end foreach
$request = curl_init($url); // initiate curl object
curl_setopt($request, CURLOPT_HEADER, 1); // set to 0 to eliminate header info from response
curl_setopt($request, CURLOPT_RETURNTRANSFER, 1); // Returns response data instead of TRUE(1)
curl_setopt($request, CURLOPT_POST,0);
curl_setopt($request, CURLOPT_POSTFIELDS, $reqfields); // use HTTP POST to send form data
curl_setopt($request, CURLOPT_SSL_VERIFYPEER, FALSE); // uncomment this line if you get no gateway response.
curl_setopt($request, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
curl_setopt($request, CURLOPT_USERPWD, 'USERNAME:PASSWORD');
//replace USERNAME and PASSWORD with a real username password that is already setup in your geoserver security properties
$post_response = curl_exec($request); // execute curl post and store results in $post_response
$info=curl_getinfo($request);
curl_close ($request); // close curl object)
header(substr($post_response,0,$info['header_size']));
echo substr($post_response,$info['header_size']);
}
/*
* If allowed use curl to proxy to the map server, login, aquire the info, and then echo it back out
*/
if ($allow) {
getMS();
} else {
/*
* Echo the error for when authentication/permission is failed
*/
echo $error;
}//end if
?>