#! /bin/sh
# anonphp - PHP module to prevent PHP pages from logging remote addresses.
# Location: <https://www.inventati.org/inventa/doku.php?id=anonphp>
# NO Copyright (C)  2005  NonfirmareNiente.
# Released under the Public Domain.
# Copying and distribution of this file, with or without modification,
# are permitted.
# This software is provided by the authors and contributors `as is'
# and any express or implied warranties are disclaimed.  In no event
# shall the authors or contributors be liable for any damages however
# caused and on any theory of liability, whether in contract, strict
# liability, or tort arising in any way out of the use of this
# software, even if advised of the possibility of such damage.
# Run this script to extract `Makefile' and `anonphp.c' in the current
# directory.
# Then type `make install' to install anonphp.
# Then add `extension=anonphp.so' to you `php.ini' file.
# Please note the following things:
#  - this module had very poor testing
#  - I don't think it works with register_globals=on (not tested)
#  - this is a ugly empirical hack, so it may contain bugs. For
#    example, maybe there is another $FUCKEDVARIABLE['REMOTE_ADDR']
#    which contains the IP address of the user viewing the page, or of
#    his proxy.  If this is the case, please fix or post a bug-report at
#    the wiki page mentioned above ("Location:").  See the phpinfo()
#    output for example, the "Apache Environment" section, REMOTE_ADDR
#    variable.
#  - perhaps there is a better way to do cleanly what this scripts is
#    meant to do, but I do not know php/zope enought for this.
#  - it is still true that if the web pages inline images from other
#    web servers, and the surfer not configured his browser to not
#    dowload them, then his privacy is compomised.
# So, you can use this module as a way to help your users to not log
# IP addresses, but do not trust it as a way to prevent them doing so.

awk 'BEGIN { RS = "\n--- ed script ---\n"; }
     // { if (FNR == 2) print $0 }' \
    < $0 \
 | ed -s > /dev/null
exit $?

--- ed script ---
f Makefile
CFLAGS=-Wall -D_GNU_SOURCE $(shell php-config --includes)
libdir=$(shell php-config --extension-dir)

.PHONY: all clean install

all: anonphp.so

	-rm anonphp.so

install: anonphp.so
	cp anonphp.so $(libdir)/anonphp.so

anonphp.so: anonphp.c
	$(CC) $(CFLAGS) -shared -o $@ $<
f anonphp.c
#include <string.h>
#include <stdio.h>
#include <php.h>


zend_module_entry anonphp_module_entry =


  zval *retval;

  /* Fake REMOTE_ADDR. */
  zend_eval_string ("$HTTP_SERVER_VARS['REMOTE_ADDR']='';",
                    retval, "wtf");
  zend_eval_string ("$_SERVER['REMOTE_ADDR']='';", retval, "wtf");
  /* This is not needed, but if it will become needed... we're ready. */
  zend_eval_string ("$GLOBALS['REMOTE_ADDR']='';", retval, "wtf");

     * Please note that REMOTE_ADDR was not included because it is
     * required (so it will not be removed but was faked).
    char *enemies[] = {"REMOTE_HOST", "HTTP_X_FORWARDED_FOR",
    char *commands[] = {"unset ($HTTP_SERVER_VARS['%s']);",
			"unset ($_SERVER['%s']);",
			 * This is not needed, but if it will become
			 * needed... we're ready.
		       "unset ($GLOBALS['%s']);",
    char *enemy = enemies[0];
    char *command = commands[0];
    char *command_for_enemy = NULL;
    int enemy_counter;
    int command_counter;
    for (enemy_counter = 0; enemy; enemy = enemies [++enemy_counter])
	for (command_counter = 0; command; 
	     command = commands [++command_counter])
	    asprintf (&command_for_enemy, command, enemy);
	    zend_eval_string (command_for_enemy, retval, "wtf");
	    free (command_for_enemy);
	    command_for_enemy = NULL;
  return SUCCESS;
  anonphp.txt · Ultima modifica: 27.04.2005 17:21 by
RSS: Modifiche Recenti Contenuti: Licenza Creative Commons Valid XHTML 1.0 Valid CSS Sito fatto con: DokuWiki Sito ospitato da: Inventati.org