<?

// Create base URL
$base_root = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') ? 'https' : 'http';
// As $_SERVER['HTTP_HOST'] is user input, ensure it only contains
// characters allowed in hostnames.
$base_url = $base_root .= '://'. preg_replace('/[^a-z0-9-:._]/i', '', $_SERVER['HTTP_HOST']);
// $_SERVER['SCRIPT_NAME'] can, in contrast to $_SERVER['PHP_SELF'], not
// be modified by a visitor.
if ($dir = trim(dirname($_SERVER['SCRIPT_NAME']), '\,/')) {
  $base_path = "/$dir";
  $base_url .= $base_path;
  $base_path .= '/';
}

// determine destination url
$urls = array(
  0 => $base_url."/index.php",
  1 => 'https://secure.eff.org/site/Donation2?df_id=1480&1480.donation=form1'
);
$r = rand(0,1);
$url = $urls[$r];


// port the query string
foreach ($_GET as $var=>$val){
  if ($var != "q"){
    $queries[] = urlencode($var)."=".urlencode($val);
  }
}
if ($queries){
  $urldata = parse_url($url);
  // var_dump($urldata);
  if (empty($urldata['query'])){
    $url .= "?".implode("&",$queries);
  } else {
    $url  = $urldata['scheme']."://".$urldata['host'].$urldata['path'];
    $url .= "?".$urldata['query']."&".implode("&",$queries);
  }
}

// redirect
header("Location:".$url,true,301);


?>