Some old PHP code I wrote to have PHP force EZProxy into being more secure.

ezproxy_redirect.php

<?php
/**
 * ezproxy_redirect
 *
 * EZProxy requires that the username and password be passed via GET.
 * This is just about as insecure as possible.
 *
 * So, we trick ezproxy into security by opening a socket connection
 * to the server; acting as a browser to initiate the connection; then
 * writing out its response to the actual browser.
 *
 * @param string $url 
 * @param string $loguser 
 * @return void
 * @author Stephen Ball
 */
function ezproxy_redirect($url, $loguser) {
    $user = "********";
    $password = "********";
    $loguser = urlencode($loguser);
    $ezp = fsockopen("********.lib.unc.edu", 80);
    fwrite($ezp, "GET /login?user=$user&pass=$password&loguser=$loguser"
                 . "&url=$url HTTP/1.0\n\n");
    fgets($ezp, 4096);
    $headers = True;
    while (!feof($ezp)) {
        $buffer = fgets($ezp, 4096);
        if ($buffer == "\r\n") {
            $headers = False;
        }
        if ($headers) {
            header($buffer);
        } else {
            echo($buffer);
        }
    }
}
?>