Anons79 Mini Shell

<?php
// Error reporting for debugging (disable in production)
error_reporting(E_ALL);
ini_set('display_errors', 1);

// Allow CORS (modify as needed)
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: GET, POST, PUT, DELETE, PATCH, OPTIONS');
header('Access-Control-Allow-Headers: Content-Type, Authorization, X-Requested-With');

// Handle preflight OPTIONS request
if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') {
    header('HTTP/1.1 200 OK');
    exit();
}

class ApiProxy {
    private $targetUrl;
    
    public function __construct() {
        // Get target URL from GET parameter
        if (!isset($_GET['endpoint'])) {
            throw new Exception('Target URL is required');
        }
        
        $url = filter_var($_GET['endpoint'], FILTER_SANITIZE_URL);
        if (!filter_var($url, FILTER_VALIDATE_URL)) {
            throw new Exception('Invalid URL format');
        }
        
        $this->targetUrl = $url;
    }
    
    public function handleRequest() {
        // Remove 'url' from query parameters
        $queryParams = $_GET;
        unset($queryParams['endpoint']);
        
        // Construct target URL with remaining parameters
        $url = $this->targetUrl;
        if (!empty($queryParams)) {
            $url .= (parse_url($url, PHP_URL_QUERY) ? '&' : '?') . http_build_query($queryParams);
        }
        
        // Initialize cURL
        $curl = curl_init();
        
        // Get request headers
        $headers = $this->getRequestHeaders();
        
        // Set cURL options
        $options = [
            CURLOPT_URL => $url,
            CURLOPT_RETURNTRANSFER => true,
            CURLOPT_FOLLOWLOCATION => true,
            CURLOPT_HTTPHEADER => $headers,
            CURLOPT_CUSTOMREQUEST => $_SERVER['REQUEST_METHOD'],
            CURLOPT_SSL_VERIFYPEER => false,
            CURLOPT_SSL_VERIFYHOST => false,
            CURLOPT_TIMEOUT => 30,
        ];
        
        // Handle request body for POST, PUT, PATCH
        if (in_array($_SERVER['REQUEST_METHOD'], ['POST', 'PUT', 'PATCH'])) {
            $inputData = file_get_contents('php://input');
            if ($inputData) {
                $options[CURLOPT_POSTFIELDS] = $inputData;
            }
        }
        
        curl_setopt_array($curl, $options);
        
        // Execute request
        $response = curl_exec($curl);
        $httpCode = curl_getinfo($curl, CURLINFO_HTTP_CODE);
        $contentType = curl_getinfo($curl, CURLINFO_CONTENT_TYPE);
        $error = curl_error($curl);
        
        // Close cURL
        curl_close($curl);
        
        // Handle errors
        if ($error) {
            http_response_code(500);
            return json_encode([
                'error' => 'Proxy Error',
                'message' => $error
            ]);
        }
        
        // Set response headers
        http_response_code($httpCode);
        if ($contentType) {
            header("Content-Type: $contentType");
        }
        
        return $response;
    }
    
    private function getRequestHeaders() {
        $headers = [];
        $copyHeaders = [
            'Content-Type',
            'Authorization',
            'User-Agent',
            'Accept'
        ];
        
        foreach ($_SERVER as $key => $value) {
            if (strpos($key, 'HTTP_') === 0) {
                $header = str_replace(' ', '-', ucwords(str_replace('_', ' ', strtolower(substr($key, 5)))));
                if (in_array($header, $copyHeaders)) {
                    $headers[] = "$header: $value";
                }
            }
        }
        
        return $headers;
    }
}

// Run the proxy
try {
    $proxy = new ApiProxy();
    echo $proxy->handleRequest();
} catch (Exception $e) {
    http_response_code(400);
    echo json_encode([
        'error' => 'Configuration Error',
        'message' => $e->getMessage()
    ]);
}
?>