41 function getURLContent($url, $postorget =
'GET', $param =
'', $followlocation = 1, $addheaders = array(), $allowedschemes = array(
'http',
'https'), $localurl = 0, $ssl_verifypeer = -1)
45 $USE_PROXY = empty($conf->global->MAIN_PROXY_USE) ? 0 : $conf->global->MAIN_PROXY_USE;
46 $PROXY_HOST = empty($conf->global->MAIN_PROXY_HOST) ? 0 : $conf->global->MAIN_PROXY_HOST;
47 $PROXY_PORT = empty($conf->global->MAIN_PROXY_PORT) ? 0 : $conf->global->MAIN_PROXY_PORT;
48 $PROXY_USER = empty($conf->global->MAIN_PROXY_USER) ? 0 : $conf->global->MAIN_PROXY_USER;
49 $PROXY_PASS = empty($conf->global->MAIN_PROXY_PASS) ? 0 : $conf->global->MAIN_PROXY_PASS;
51 dol_syslog(
"getURLContent postorget=".$postorget.
" URL=".$url.
" param=".$param);
60 curl_setopt($ch, CURLOPT_VERBOSE, 1);
61 curl_setopt($ch, CURLOPT_USERAGENT,
'Dolibarr geturl function');
65 @curl_setopt($ch, CURLOPT_FOLLOWLOCATION,
false);
67 if (is_array($addheaders) && count($addheaders)) {
68 curl_setopt($ch, CURLOPT_HTTPHEADER, $addheaders);
70 curl_setopt($ch, CURLINFO_HEADER_OUT,
true);
74 if (!empty($conf->global->MAIN_CURL_SSLVERSION)) {
75 curl_setopt($ch, CURLOPT_SSLVERSION, $conf->global->MAIN_CURL_SSLVERSION);
80 if ($ssl_verifypeer < 0) {
81 global $dolibarr_main_prod;
82 $ssl_verifypeer = ($dolibarr_main_prod ? true :
false);
84 if (!empty($conf->global->MAIN_CURL_DISABLE_VERIFYPEER)) {
89 curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, ($ssl_verifypeer ?
true :
false));
90 curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, ($ssl_verifypeer ?
true :
false));
94 if (is_array($allowedschemes)) {
95 foreach ($allowedschemes as $allowedscheme) {
96 if ($allowedscheme ==
'http') {
97 $protocols |= CURLPROTO_HTTP;
99 if ($allowedscheme ==
'https') {
100 $protocols |= CURLPROTO_HTTPS;
103 curl_setopt($ch, CURLOPT_PROTOCOLS, $protocols);
104 curl_setopt($ch, CURLOPT_REDIR_PROTOCOLS, $protocols);
107 curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, empty($conf->global->MAIN_USE_CONNECT_TIMEOUT) ? 5 : $conf->global->MAIN_USE_CONNECT_TIMEOUT);
108 curl_setopt($ch, CURLOPT_TIMEOUT, empty($conf->global->MAIN_USE_RESPONSE_TIMEOUT) ? 30 : $conf->global->MAIN_USE_RESPONSE_TIMEOUT);
112 if ($maxsize && defined(
'CURLOPT_MAXFILESIZE_LARGE')) {
113 curl_setopt($ch, CURLOPT_MAXFILESIZE_LARGE, $maxsize);
115 if ($maxsize && defined(
'CURLOPT_MAXFILESIZE')) {
116 curl_setopt($ch, CURLOPT_MAXFILESIZE, $maxsize);
120 curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
121 if ($postorget ==
'POST') {
122 curl_setopt($ch, CURLOPT_POST, 1);
123 curl_setopt($ch, CURLOPT_POSTFIELDS, $param);
124 } elseif ($postorget ==
'POSTALREADYFORMATED') {
125 curl_setopt($ch, CURLOPT_CUSTOMREQUEST,
'POST');
126 curl_setopt($ch, CURLOPT_POSTFIELDS, $param);
127 } elseif ($postorget ==
'PUT') {
129 curl_setopt($ch, CURLOPT_CUSTOMREQUEST,
'PUT');
130 if (!is_array($param)) {
131 parse_str($param, $array_param);
133 dol_syslog(
"parameter param must be a string", LOG_WARNING);
134 $array_param = $param;
136 curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($array_param));
137 } elseif ($postorget ==
'PUTALREADYFORMATED') {
138 curl_setopt($ch, CURLOPT_CUSTOMREQUEST,
'PUT');
139 curl_setopt($ch, CURLOPT_POSTFIELDS, $param);
140 } elseif ($postorget ==
'HEAD') {
141 curl_setopt($ch, CURLOPT_CUSTOMREQUEST,
'HEAD');
142 curl_setopt($ch, CURLOPT_NOBODY,
true);
143 } elseif ($postorget ==
'DELETE') {
144 curl_setopt($ch, CURLOPT_CUSTOMREQUEST,
'DELETE');
146 curl_setopt($ch, CURLOPT_POST, 0);
151 dol_syslog(
"getURLContent set proxy to ".$PROXY_HOST.
":".$PROXY_PORT.
" - ".$PROXY_USER.
":".$PROXY_PASS);
153 curl_setopt($ch, CURLOPT_PROXY, $PROXY_HOST.
":".$PROXY_PORT);
155 curl_setopt($ch, CURLOPT_PROXYUSERPWD, $PROXY_USER.
":".$PROXY_PASS);
165 if ($maxRedirection < 1) {
169 curl_setopt($ch, CURLOPT_URL, $newUrl);
172 $newUrlArray = parse_url($newUrl);
173 $hosttocheck = $newUrlArray[
'host'];
174 $hosttocheck = str_replace(array(
'[',
']'),
'', $hosttocheck);
177 if (in_array($hosttocheck, array(
'metadata.google.internal'))) {
178 $info[
'http_code'] = 400;
179 $info[
'content'] =
'Error bad hostname '.$hosttocheck.
' (Used by Google metadata). This value for hostname is not allowed.';
184 if (in_array($hosttocheck, array(
'localhost',
'localhost.domain'))) {
185 $iptocheck =
'127.0.0.1';
186 } elseif (in_array($hosttocheck, array(
'ip6-localhost',
'ip6-loopback'))) {
190 if (function_exists(
'gethostbyname')) {
191 $iptocheck = gethostbyname($hosttocheck);
193 $iptocheck = $hosttocheck;
199 if (!filter_var($iptocheck, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 | FILTER_FLAG_IPV6)) {
206 $info[
'http_code'] = 400;
207 $info[
'content'] = $tmpresult;
214 if (defined(
'CURLOPT_CONNECT_TO')) {
215 $connect_to = array(sprintf(
"%s:%d:%s:%d", $newUrlArray[
'host'], empty($newUrlArray[
'port'])?
'':$newUrlArray[
'port'], $iptocheck, empty($newUrlArray[
'port'])?
'':$newUrlArray[
'port']));
218 curl_setopt($ch, CURLOPT_CONNECT_TO, $connect_to);
223 $response = curl_exec($ch);
225 $info = curl_getinfo($ch);
226 $http_code = $info[
'http_code'];
228 if ($followlocation && ($http_code == 301 || $http_code == 302 || $http_code == 303 || $http_code == 307)) {
229 $newUrl = $info[
'redirect_url'];
236 }
while ($http_code);
238 $request = curl_getinfo($ch, CURLINFO_HEADER_OUT);
240 dol_syslog(
"getURLContent request=".$request);
241 if (!empty($conf->global->MAIN_GETURLCONTENT_OUTPUT_RESPONSE)) {
243 dol_syslog(
"getURLContent response =".$response);
245 dol_syslog(
"getURLContent response size=".strlen($response));
248 if (curl_errno($ch)) {
250 $rep[
'content'] = $response;
253 $rep[
'curl_error_no'] = curl_errno($ch);
254 $rep[
'curl_error_msg'] = curl_error($ch);
256 dol_syslog(
"getURLContent response array is ".join(
',', $rep));
264 dol_syslog(
"getURLContent http_code=".$rep[
'http_code']);
268 $rep[
'content'] = $response;
270 $rep[
'curl_error_no'] =
'';
271 $rep[
'curl_error_msg'] =
'';
291 if ($localurl == 0) {
292 if (!filter_var($iptocheck, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE)) {
294 $errormsg =
'Error bad hostname IP (private or reserved range). Must be an external URL.';
297 if (!empty($_SERVER[
"SERVER_ADDR"]) && $iptocheck == $_SERVER[
"SERVER_ADDR"]) {
298 $errormsg =
'Error bad hostname IP (IP is a local IP). Must be an external URL.';
301 if (!empty($conf->global->MAIN_SECURITY_ANTI_SSRF_SERVER_IP) && in_array($iptocheck, explode(
',', $conf->global->MAIN_SECURITY_ANTI_SSRF_SERVER_IP))) {
302 $errormsg =
'Error bad hostname IP (IP is a local IP defined into MAIN_SECURITY_SERVER_IP). Must be an external URL.';
306 if ($localurl == 1) {
308 if (filter_var($iptocheck, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE)) {
309 $errormsg =
'Error bad hostname '.$iptocheck.
'. Must be a local URL.';
312 if (!empty($conf->global->MAIN_SECURITY_ANTI_SSRF_SERVER_IP) && !in_array($iptocheck, explode(
',', $conf->global->MAIN_SECURITY_ANTI_SSRF_SERVER_IP))) {
313 $errormsg =
'Error bad hostname IP (IP is not a local IP defined into list MAIN_SECURITY_SERVER_IP). Must be a local URL in allowed list.';
321 $arrayofmetadataserver = array(
322 '100.100.100.200' =>
'Alibaba',
323 '192.0.0.192' =>
'Oracle',
324 '192.80.8.124' =>
'Packet',
325 '100.88.222.5' =>
'Tencent cloud',
327 foreach ($arrayofmetadataserver as $ipofmetadataserver => $nameofmetadataserver) {
328 if ($iptocheck == $ipofmetadataserver) {
329 $errormsg =
'Error bad hostname IP (Used by '.$nameofmetadataserver.
' metadata server). This IP is forbidden.';
347 $tmpdomain = preg_replace(
'/^https?:\/\//i',
'', $url);
348 $tmpdomain = preg_replace(
'/\/.*$/i',
'', $tmpdomain);
350 $tmpdomain = preg_replace(
'/^.*\.([^\.]+)\.([^\.]+)\.([^\.]+)$/',
'\1.\2.\3', $tmpdomain);
352 $tmpdomain = preg_replace(
'/^.*\.([^\.]+)\.([^\.]+)$/',
'\1.\2', $tmpdomain);
355 $tmpdomain = preg_replace(
'/\.[^\.]+$/',
'', $tmpdomain);
374 if (preg_match(
'/^(https?:\/\/)/i', $tmpurl, $reg)) {
377 $tmpurl = preg_replace(
'/^https?:\/\//i',
'', $tmpurl);
378 $tmpurl = preg_replace(
'/\/.*$/i',
'', $tmpurl);
380 return $prefix.$tmpurl;
391 $content = preg_replace(
'/<!--[^\-]+-->/',
'', $content);