require_once('coo2ll.php');
$baddies = array(
'areabot/1.0',
);
do {
if (strlen($_REQUEST['params'])<1) {
$errmess='This page requires a search argument with a params= term
(ie. ?params=... after the URL)';
break;
}
logit(); // before we modify the search arguments
$_SERVER['HTTP_USER_AGENT']=str_replace($baddies,'403 ',$_SERVER['HTTP_USER_AGENT']);
if ((int)$_SERVER['HTTP_USER_AGENT']==403) {
header("HTTP/1.0 403 Forbidden");
echo '403 Forbidden';
exit();
}
$_g['pms']=$_REQUEST['params'];
/* We assume that this item will not have any magic quote-able characters.
$_REQUEST['pagename'] and any other search arguments may well contain
magic quote-ables but we leave them untouched because if we are
going to include geohack.php, the state of $_REQUEST must be
compatible with geohack being called directly */
list($errmess,$lat,$long,$region)= g_os2ll();
if (strlen($errmess)) break;
$ll=round($lat,6) ."_N_". round($long,6) ."_E";
# echo "". var_export($ll,true) ."
";
$_g['pms']= "$ll{$_g['pms']}";
if (stripos($_g['pms'],'region:')===false)
$_g['pms'] .= "_region:$region";
$_REQUEST['params'] = $_g['pms'];
// Updating $_GET apparently does not change $_REQUEST.
// Since geohack.php uses $_REQUEST and ignores $_GET, we do the same
$new_qs='';
foreach( $_REQUEST as $ky => $val ) {
$new_qs .= (strlen($new_qs)==0 ? '' : '&'). $ky .'='.
urlencode( (get_magic_quotes_gpc() ? stripslashes($val) : $val) );
}
# $_SERVER["QUERY_STRING"] = $new_qs; // $_SERVER is not examined in either case
$uri = 'geohack.php?'. $new_qs;
if (!$testver) $uri = 'http://toolserver.org/~geohack/'. $uri;
# echo '
'. $new_qs .'
';
require_once('geohack.php');
exit;
} while (false);
include('cooerr.php');
exit;
// ----------------------------------------
function p_from_r( $referer ) // if referer is normal Wikipedia, return the pagename
{
global $ref_xlat;
$ref_list= array(
'http://en.wikipedia.org/wiki/',
'http://en.wikipedia.org/w/index.php?title=',
'http://en.m.wikipedia.org/wiki/',
);
$ref_x_list= array( 'p=>', 'p=>', 'm=>', );
$referer= str_replace($ref_list,$ref_x_list,$referer);
if (substr($referer,1,1)=='=') {
$ref_xlat=substr($referer,0,3); $pn=substr($referer,3);
if ($j1=strpos($pn,'?')) $pn=substr($pn,0,$j1);
if ($j1=strpos($pn,'&')) $pn=substr($pn,0,$j1);
return urldecode($pn);
} else {
return $ref_xlat=false;
}
}
// Logging --------------------------------
function logit()
{
global $testver, $refer_db, $ref_xlat;
$lognam='../../httpdocs/_dynamick/callog.txt';
$referer= isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : "-";
$refer_db=$referer;
if (strlen($referer)>0 && strlen($_REQUEST['pagename'])>0) {
// Wikipedia does not do a proper urlencode() but what it does is
// compatible with urldecode()
if (strcmp(urldecode($_REQUEST['pagename']), p_from_r($referer))!=0)
{ $refer_db=$referer; $refull=''; }
else { $refer_db=$ref_xlat; $refull=$referer; }
}
$loga=file($lognam);
$j=0; while (count($loga)>=4000) { unset($loga[$j++]); }
$loga[]=date('Y-m-d H:i:s') . " $referer {$_SERVER['QUERY_STRING']} ".
"\"{$_SERVER['HTTP_USER_AGENT']}\"\n";
file_put_contents($lognam,$loga);
/* logging to databases disabled
if ($rh_com) {
$dhn = mysql_connect('localhost','rhaworth_oscoo','osgb36')
or die('Could not connect: ' . mysql_error());
mysql_select_db('rhaworth_osco') or die('Could not select database');
} else {
require_once('../incl/mymysql.php');
$dhn= mymy_connect('sql','u_rhaworth_osco_p');
}
$msq = "INSERT INTO `". substr($lognam,0,6) ."`
(`datim`,`ipaddr`,`referer`,`refull`,`pagename`,`params`,`myby`,`browser`) VALUES
(now(),'". $_SERVER['REMOTE_ADDR'] ."','".
addslashes($refer_db) ."','". addslashes($refull) ."','".
addslashes($_REQUEST['pagename']) ."','".
$_REQUEST['params'] ."',". ($mybyflag? 1 : 0) .",'".
addslashes($_SERVER['HTTP_USER_AGENT']) ."')" ;
$insres= ( mysql_query($msq) ? '' : ' ** INSERR **');
# echo 'insres = '. $insres .'
';
mysql_close($dhn);
end logging disabled */
}
?>