diff --git a/engine/classes/DealProxy.php b/engine/classes/DealProxy.php index 19ec8dc..98c18d7 100644 --- a/engine/classes/DealProxy.php +++ b/engine/classes/DealProxy.php @@ -124,6 +124,31 @@ class DealProxy echo $response; } + private function buildMultipartBody() + { + $boundary = '----FormBoundary' . uniqid(); + $body = ''; + + foreach ($_POST as $key => $value) { + $body .= "--{$boundary}\r\n"; + $body .= "Content-Disposition: form-data; name=\"{$key}\"\r\n\r\n"; + $body .= "{$value}\r\n"; + } + + foreach ($_FILES as $key => $file) { + if ($file['error'] === UPLOAD_ERR_OK) { + $body .= "--{$boundary}\r\n"; + $body .= "Content-Disposition: form-data; name=\"{$key}\"; filename=\"{$file['name']}\"\r\n"; + $body .= "Content-Type: {$file['type']}\r\n\r\n"; + $body .= file_get_contents($file['tmp_name']) . "\r\n"; + } + } + + $body .= "--{$boundary}--\r\n"; + + return ['body' => $body, 'boundary' => $boundary]; + } + public function handle() { $this->logMessage('=== PROXY REQUEST START ==='); @@ -132,6 +157,8 @@ class DealProxy $this->logMessage('HTTP_X_SESSION_ID: ' . (isset($_SERVER['HTTP_X_SESSION_ID']) ? $_SERVER['HTTP_X_SESSION_ID'] : 'NOT SET')); $this->logMessage('HTTP_COOKIE: ' . (isset($_SERVER['HTTP_COOKIE']) ? $_SERVER['HTTP_COOKIE'] : 'NOT SET')); $this->logMessage('Raw input: ' . file_get_contents('php://input')); + $this->logMessage('FILES: ' . print_r($_FILES, true)); + $this->logMessage('POST: ' . print_r($_POST, true)); // CORS headers header('Access-Control-Allow-Origin: *'); @@ -146,7 +173,21 @@ class DealProxy $targetUrl = $this->buildTargetUrl(); $headers = $this->buildHeaders(); $method = $_SERVER['REQUEST_METHOD']; - $body = file_get_contents('php://input'); + + $originalContentType = isset($_SERVER['CONTENT_TYPE']) ? $_SERVER['CONTENT_TYPE'] : ''; + + if (strpos($originalContentType, 'multipart/form-data') !== false && !empty($_FILES)) { + $multipart = $this->buildMultipartBody(); + $body = $multipart['body']; + $headers = array_filter($headers, function($h) { + return strpos($h, 'Content-Type:') === false; + }); + $headers[] = 'Content-Type: multipart/form-data; boundary=' . $multipart['boundary']; + $this->logMessage('Rebuilt multipart body from $_POST/$_FILES'); + } else { + $body = file_get_contents('php://input'); + } + $this->logMessage('Forwarding request to ' . $targetUrl); $this->forwardRequest($targetUrl, $headers, $method, $body); }