Warning: Touches on some moderately advanced web development, definately some very cool stuff though.
This code turns a request for askapache.com/sess.gif to serve the file /cgi-bin/session-cookie.php - further disguising this "image".
RewriteEngine On RewriteBase / RewriteRule ^(.*)session.gif$ /cgi-bin/session-cookie.php [NC,L,QSA]
You can either put a basic img tag somewhere and it will capture this info, or if you want a dynamic way to call this image, you can do it with javascript very easily.
This code loads a new image as soon as this code is executed.. so you could quite easily add this code to be executed upon a certain button click, anything.
var t=new Image(); t.src='https://www.askapache.com/sess.gif';
This file has some cool stuff in it, check it out. First we check to see if a session has been initialized and if not we start a session. Then we initialize an output buffer to hold all the output including the headers until we are ready to send output, the only output we will be sending is a 43 byte 1x1 white image. The code also sends HTTP headers that prevent the clients browser from caching the image, so a new request is made for the image each time a browser encounters it.
The data we will be saving in the users session file using the session variable called IMAGETEST are the entire $_GET, $_COOKIE, $_POST, and $_SERVER global variable arrays builtin to php.
$G,'SERVER'=>$S))));
$_SESSION['IMAGETEST']=$g;
$imagedata=base64_decode('R0lGODlhAQABAIAAAP///wAAACH5BAAAAAAALAAAAAABAAEAAAICRAEAOw==');
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0");
header("Pragma: no-cache");
header('Content-Length: 43');
header('Content-Type: image/gif');
echo $imagedata;
$r=ob_get_clean();
echo $r;
exit;
?>
The result from requesting the php file is a session variable is created called IMAGETEST that contains a base64 encoded and gzip compressed and php serialized string representing the $_REQUEST and $_SERVER variables for that specific request.
[IMAGETEST] => eJy1Vm1vo0YQ/ivIUqu7Orws78ZCKrKxg842LuBE1y9ogSVBscEFnERX33/vsIDj5NK75NQqcoDd2Zln3p5ZbIjG35UhGYO5HQzG2ED9d5KVg
So to see the values of IMAGETEST if you used my method to compress and save the data as a string, is basically to run the string through the same process backwards.
'; $p=unserialize(gzuncompress(base64_decode($_SESSION['IMAGETEST']))); print_r($p); ?>
This results in displaying all the variables and data you saved.
Array ( [REQUEST] => Array ( [ASKAPACHE] => 6a81995f0c4b73b4d [MP3] => off [subscribe_checkbox_0460e1098afa8bf8b] => unchecked [wordpresspass_5510982bf8b] => 6555555 [wordpressuser_0559828bf8b] => youdliketoknow [wordpress_test_cookie] => WP Cookie check ) [SERVER] => Array ( [PATH] => /usr/local/bin:/usr/bin:/bin [REDIRECT_STATUS] => 200 [SCRIPT_URL] => /sess.gif [SCRIPT_URI] => https://www.askapache.com/sess.gif [TZ] => America/Las_Vegas [SERVER_ADMIN] => webmaster[at]askapache.com [HTTP_HOST] => www.askapache.com [HTTP_USER_AGENT] => Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.13) Gecko/20080311 Firefox/2.0.0.13 [HTTP_ACCEPT] => image/png,*/*;q=0.5 [HTTP_ACCEPT_LANGUAGE] => en-us,en;q=0.5 [HTTP_ACCEPT_ENCODING] => gzip,deflate [HTTP_ACCEPT_CHARSET] => ISO-8859-1,utf-8;q=0.7,*;q=0.7 [HTTP_KEEP_ALIVE] => 300 [HTTP_CONNECTION] => keep-alive [HTTP_REFERER] => https://www.askapache.com/online-tools/htpasswd-generator/ [HTTP_COOKIE] => 405485 [SERVER_SIGNATURE] => [SERVER_SOFTWARE] => Apache/2.0.61 (Unix) PHP/4.4.7 mod_ssl/2.0.61 OpenSSL/0.9.7e mod_fastcgi/2.4.2 DAV/2 SVN/1.4.2 [SERVER_NAME] => www.askapache.com [SERVER_ADDR] => 208.113.183.103 [SERVER_PORT] => 80 [REMOTE_ADDR] => 2.12.64.105 [DOCUMENT_ROOT] => /web/domain.com/public_html [SCRIPT_FILENAME] => /web/domain.com/public_html/cgi-bin/session-cookie.php [REMOTE_PORT] => 1857 [REDIRECT_QUERY_STRING] => dir= [REDIRECT_URL] => /cgi-bin/session-cookie.php [GATEWAY_INTERFACE] => CGI/1.1 [SERVER_PROTOCOL] => HTTP/1.1 [REQUEST_METHOD] => GET [QUERY_STRING] => dir= [REQUEST_URI] => /sess.gif [SCRIPT_NAME] => /cgi-bin/session-cookie.php [ORIG_PATH_INFO] => /cgi-bin/session-cookie.php [ORIG_PATH_TRANSLATED] => /web/domain.com/public_html/cgi-bin/session-cookie.php [PHP_SELF] => /cgi-bin/session-cookie.php [REQUEST_TIME] => 1206697334 ) )