Allow optional config file and handle target HTTP method override

Author: Simeon Bartley

.gitignore

@@ -2,3 +2,4 @@
 .vscode/
 
 vendor/
+config.php

Proxy.php

@@ -96,6 +96,12 @@ class Proxy
      */
     public static $HEADER_HTTP_PROXY_TARGET_URL = 'HTTP_PROXY_TARGET_URL';
 
+    /**
+     * Name of the target HTTP method override header
+     * @var string
+     */
+    public static $HEADER_HTTP_PROXY_TARGET_HTTP_METHOD = 'HTTP_PROXY_TARGET_HTTP_METHOD';
+
     /**
      * Line break for debug purposes
      * @var string
@@ -111,6 +117,7 @@ protected static function getSkippedHeaders()
             static::$HEADER_HTTP_PROXY_TARGET_URL,
             static::$HEADER_HTTP_PROXY_AUTH,
             static::$HEADER_HTTP_PROXY_DEBUG,
+            static::$HEADER_HTTP_PROXY_TARGET_HTTP_METHOD,
             'HTTP_HOST',
             'HTTP_ACCEPT_ENCODING'
         ];
@@ -227,6 +234,16 @@ public static function isResponseCodeOk($responseCode)
         return preg_match('/^[23]\d\d$/', $responseCode) === 1;
     }
 
+    /**
+     * @return void
+     */
+    public static function loadConfig()
+    {
+        if (file_exists('config.php')) {
+            include 'config.php';
+        }
+    }
+
     /**
      * @return string
      */
@@ -293,6 +310,24 @@ protected static function getIncomingRequestHeaders($skippedHeaders = [])
         return $results;
     }
 
+     /**
+      * Merge pull request https://github.com/zounar/php-proxy/pull/17/files
+      * https://gist.github.com/yisraeldov/ec29d520062575c204be7ab71d3ecd2f
+      */
+    protected static function build_post_fields($data, $existingKeys = '', &$returnArray = [])
+    {
+        if(($data instanceof CURLFile) or !(is_array($data) or is_object($data))) {
+            $returnArray[$existingKeys]=$data;
+            return $returnArray;
+        }
+        else {
+            foreach ($data as $key => $item) {
+                static::build_post_fields($item,$existingKeys?$existingKeys."[$key]":$key,$returnArray);
+            }
+            return $returnArray;
+        }
+    }
+
     /**
      * @param string $targetURL
      * @return false|resource
@@ -302,10 +337,11 @@ protected static function createRequest($targetURL)
         $request = curl_init($targetURL);
 
         // Set input data
-        $requestMethod = strtoupper(static::ri($_SERVER['REQUEST_METHOD']));
-        if ($requestMethod === "PUT" || $requestMethod === "PATCH") {
+        $incomingRequestMethod = strtoupper(static::ri($_SERVER['REQUEST_METHOD']));
+
+        if ($incomingRequestMethod === 'PUT' || $incomingRequestMethod === 'PATCH') {
             curl_setopt($request, CURLOPT_POSTFIELDS, file_get_contents('php://input'));
-        } elseif ($requestMethod === "POST") {
+        } elseif ($incomingRequestMethod === 'POST') {
             $data = array();
 
             if (!empty($_FILES)) {
@@ -324,18 +360,27 @@ protected static function createRequest($targetURL)
                 }
             }
 
-            curl_setopt($request, CURLOPT_POSTFIELDS, $data + $_POST);
+            curl_setopt($request, CURLOPT_POSTFIELDS, static::build_post_fields($data + $_POST));
         }
 
         $headers = static::getIncomingRequestHeaders(static::getSkippedHeaders());
-
-        curl_setopt_array($request, [
+        $curlSettings = [
             CURLOPT_FOLLOWLOCATION => true,
             CURLOPT_HEADER => static::$CURLOPT_HEADER,
             CURLOPT_RETURNTRANSFER => static::$CURLOPT_RETURNTRANSFER,
             CURLINFO_HEADER_OUT => true,
             CURLOPT_HTTPHEADER => $headers
-        ]);
+        ];
+
+        if ($incomingRequestMethod === 'POST') {
+            // Check if target request should use a different HTTP method:
+            $targetRequestMethod = strtoupper(static::ri($_SERVER[static::$HEADER_HTTP_PROXY_TARGET_HTTP_METHOD], $incomingRequestMethod));
+            if ($targetRequestMethod !== $incomingRequestMethod) {
+                $curlSettings[CURLOPT_CUSTOMREQUEST] = $targetRequestMethod;
+            }
+        }
+
+        curl_setopt_array($request, $curlSettings);
 
         return $request;
     }
@@ -460,6 +505,7 @@ public static function run()
 if (!Proxy::isInstalledWithComposer()) {
     Proxy::checkCompatibility();
     Proxy::registerErrorHandlers();
+    Proxy::loadConfig();
     $responseCode = Proxy::run();
 
     if (Proxy::isResponseCodeOk($responseCode)) {

README.md

@@ -1,11 +1,12 @@
 # Simple PHP Proxy
 
-This proxy script allows you to forward all HTTP/HTTPS requests to another server. Works for all common request types 
-including GET, POST requests with files, PATCH and PUT requests. It has minimal set of requirements 
-(PHP >=5.6, libcurl, gzip) which are available even on the smallest free hostings and has its own simple authorization 
+This proxy script allows you to forward all HTTP/HTTPS requests to another server. Works for all common request types
+including GET, POST requests with files, PATCH and PUT requests. It has minimal set of requirements
+(PHP >=5.6, libcurl, gzip) which are available even on the smallest free hostings and has its own simple authorization
 and cookie support.
 
 ## How to use
+
 * Copy the [Proxy.php](Proxy.php) script to publicly-accessible folder of a PHP web server (the script is standalone and has no PHP dependencies)
 * Make a cURL request targeting this script
 * Add **Proxy-Auth** header with auth key [found here](https://github.com/zounar/php-proxy/blob/master/Proxy.php#L40)
@@ -15,14 +16,16 @@ and cookie support.
 In order to protect using proxy by unauthorized users, consider changing `Proxy-Auth` token in [proxy source file](https://github.com/zounar/php-proxy/blob/master/Proxy.php#L40) and in all your requests.
 
 ## How to use (via composer)
-This might be useful when you want to redirect requests coming into your app. 
+
+This might be useful when you want to redirect requests coming into your app.
 
 * Run `composer require zounar/php-proxy`
 * Add `Proxy::run();` line to where you want to execute it (usually into a controller action)
   * In this example, the script is in `AppController` - `actionProxy`:
+
     ```
     use Zounar\PHPProxy\Proxy;
-    
+
     class AppController extends Controller {
 
         public function actionProxy() {
@@ -34,6 +37,7 @@ This might be useful when you want to redirect requests coming into your app.
         }
     }
     ```
+
 * Make a cURL request to your web
   * In the example, it would be `http://your-web.com/app/proxy`
 * Add **Proxy-Auth** header with auth key [found here](https://github.com/zounar/php-proxy/blob/master/Proxy.php#L40)
@@ -44,7 +48,8 @@ In order to protect using proxy by unauthorized users, consider changing `Proxy-
 `Proxy::$AUTH_KEY = '<your-new-key>';` before `Proxy::run()`. Then change the token in all your requests.
 
 ## Usage example
-Following example shows how to execute GET request to https://www.github.com. Proxy script is at http://www.foo.bar/Proxy.php. All proxy settings are kept default, the response is automatically echoed.
+
+Following example shows how to execute GET request to <https://www.github.com>. Proxy script is at <http://www.foo.bar/Proxy.php>. All proxy settings are kept default, the response is automatically echoed.
 
 ```php
 $request = curl_init('http://www.foo.bar/Proxy.php');
@@ -57,7 +62,29 @@ curl_setopt($request, CURLOPT_HTTPHEADER, array(
 curl_exec($request);
 ```
 
+## Overriding the Incoming HTTP Method
+
+To override POST with a different HTTP method to the target, use the Proxy-Target-HTTP-Method header.
+
+E.g. for PATCH:
+
+```php
+$request = curl_init('http://www.foo.bar/Proxy.php');
+
+curl_setopt($curl, CURLOPT_POST, true);
+curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query(['key1' => 'value1']));
+
+curl_setopt($request, CURLOPT_HTTPHEADER, array(
+    'Proxy-Auth: Bj5pnZEX6DkcG6Nz6AjDUT1bvcGRVhRaXDuKDX9CjsEs2',
+    'Proxy-Target-URL: https://www.github.com',
+    'Proxy-Target-HTTP-Method: PATCH'
+));
+
+curl_exec($request);
+```
+
 ## Debugging
+
 In order to show some debug info from the proxy, add `Proxy-Debug: 1` header into the request. This will show debug info in plain-text containing request headers, response headers and response body.
 
 ```php
@@ -73,6 +100,7 @@ curl_exec($request);
 ```
 
 ## Specifying User-Agent
+
 Some sites may return different content for different user agents. In such case add `User-Agent` header to cURL request, it will be automatically passed to the request for target site. In this case it's Firefox 70 for Ubuntu.
 
 ```php
@@ -88,6 +116,7 @@ curl_exec($request);
 ```
 
 ## Error 301 Moved permanently
+
 It might occur that there's a redirection when calling the proxy (not the target site), eg. during `http -> https` redirection. You can either modify/fix the proxy URL (which is recommended), or add `CURLOPT_FOLLOWLOCATION` option before `curl_exec`.
 
 ```php
@@ -103,6 +132,7 @@ curl_exec($request);
 ```
 
 ## Save response into variable
+
 The default cURL behavior is to echo the response of `curl_exec`. In order to save response into variable, all you have to do is to add `CURLOPT_RETURNTRANSFER` cURL option.
 
 ```php

config-sample.php

@@ -0,0 +1,8 @@
+<?php
+
+static::$AUTH_KEY = 'Bj5pnZEX6DkcG6Nz6AjDUT1bvcGRVhRaXDuKDX9CjsEs2';
+static::$ENABLE_AUTH = true;
+static::$DEBUG = false;
+static::$TARGET_URL = '';
+
+?>