You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
anonnews2/public_html/include/include.ip.php

139 lines
3.4 KiB
PHTML

13 years ago
<?php
if(!isset($_ANONNEWS)) { die(); } // Protect against direct access.
/* This include contains functions related to IP addresses. */
function ip_in_range($ip, $range)
{
/* Thanks to Ian B (http://www.php.net/manual/en/function.ip2long.php#71939) */
$ip = str_replace("::ffff:", "", $ip);
list($base, $bits) = explode('/', $range);
list($a, $b, $c, $d) = explode('.', $base);
$i = ($a << 24) + ($b << 16) + ($c << 8) + $d;
$mask = $bits == 0 ? 0 : (~0 << (32 - $bits));
$low = $i & $mask;
$high = $i | (~$mask & 0xFFFFFFFF);
list($a, $b, $c, $d) = explode('.', $ip);
$check = ($a << 24) + ($b << 16) + ($c << 8) + $d;
if ($check >= $low && $check <= $high)
{
return true;
}
else
{
return false;
}
}
function is_reverse_proxied()
{
$reverseProxied = false;
// TODO multiple ips!
if(!empty($_SERVER['HTTP_X_FORWARDED_FOR']) || !empty($_SERVER['HTTP_FORWARDED_FOR']) || !empty($_SERVER['HTTP_CLIENT_IP']) || !empty($_SERVER['HTTP_X_CLUSTER_CLIENT_IP']))
{
$ip = $_SERVER['REMOTE_ADDR'];
// First check for requests that originate from localhost
$reverseProxied = $reverseProxied || ip_in_range($ip, "10.0.0.0/8");
$reverseProxied = $reverseProxied || ip_in_range($ip, "127.0.0.1/8");
$reverseProxied = $reverseProxied || ip_in_range($ip, "172.16.0.0/12");
$reverseProxied = $reverseProxied || ip_in_range($ip, "192.168.0.0/16");
// Then check for CloudFlare
$reverseProxied = $reverseProxied || ip_in_range($ip, "204.93.240.0/24");
$reverseProxied = $reverseProxied || ip_in_range($ip, "204.93.177.0/24");
$reverseProxied = $reverseProxied || ip_in_range($ip, "199.27.128.0/21");
$reverseProxied = $reverseProxied || ip_in_range($ip, "173.245.48.0/20");
$reverseProxied = $reverseProxied || ip_in_range($ip, "103.22.200.0/22");
$reverseProxied = $reverseProxied || ip_in_range($ip, "141.101.64.0/18");
if(!empty($proxy_ranges))
{
foreach($proxy_ranges as $proxy_range)
{
$reverseProxied = $reverseProxied || ip_in_range($ip, $proxy_range);
}
}
}
return $reverseProxied;
}
function get_ip()
{
if(is_reverse_proxied())
{
if(!empty($_SERVER['HTTP_X_FORWARDED_FOR']))
{
$result = $_SERVER['HTTP_X_FORWARDED_FOR'];
}
elseif(!empty($_SERVER['HTTP_FORWARDED_FOR']))
{
$result = $_SERVER['HTTP_FORWARDED_FOR'];
}
elseif(!empty($_SERVER['HTTP_CLIENT_IP']))
{
$result = $_SERVER['HTTP_CLIENT_IP'];
}
elseif(!empty($_SERVER['HTTP_X_CLUSTER_CLIENT_IP']))
{
$result = $_SERVER['HTTP_X_CLUSTER_CLIENT_IP'];
}
else
{
$result = $_SERVER['REMOTE_ADDR'];
}
}
else
{
$result = $_SERVER['REMOTE_ADDR'];
}
return $result;
}
function check_banlist()
{
global $bannedIps;
$ipList = explode(",", get_ip());
foreach($ipList as $ip)
{
if(isset($bannedIps[trim($ip)]))
{
return true; // Banned.
}
}
return false; // Not banned.
}
function check_blacklisted($ip = null)
{
/* Thanks to Rene Moser (http://www.renemoser.net/) */
if($ip == null)
{
$ip = get_ip();
}
$dns_black_lists = file('dnsbl/dnsbl.txt', FILE_IGNORE_NEW_LINES);
$rev_ip = implode(array_reverse(explode('.', $ip)), '.');
$response = array();
foreach ($dns_black_lists as $dns_black_list)
{
$response = (gethostbynamel($rev_ip . '.' . $dns_black_list));
if (!empty($response))
{
return true;
}
}
return false;
}
function ip_hash($ip)
{
$ip = str_replace("::ffff:", "", $ip);
list($a, $b, $c, $d) = explode(".", $ip);
$e = ($d < 128) ? 0 : 128;
return sha1("{$a}.{$b}.{$c}.{$e}");
}
?>