You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
139 lines
3.4 KiB
PHTML
139 lines
3.4 KiB
PHTML
13 years ago
|
<?php
|
||
|
if(!isset($_ANONNEWS)) { die(); } // Protect against direct access.
|
||
|
/* This include contains functions related to IP addresses. */
|
||
|
|
||
|
function ip_in_range($ip, $range)
|
||
|
{
|
||
|
/* Thanks to Ian B (http://www.php.net/manual/en/function.ip2long.php#71939) */
|
||
|
|
||
|
$ip = str_replace("::ffff:", "", $ip);
|
||
|
|
||
|
list($base, $bits) = explode('/', $range);
|
||
|
list($a, $b, $c, $d) = explode('.', $base);
|
||
|
$i = ($a << 24) + ($b << 16) + ($c << 8) + $d;
|
||
|
$mask = $bits == 0 ? 0 : (~0 << (32 - $bits));
|
||
|
$low = $i & $mask;
|
||
|
$high = $i | (~$mask & 0xFFFFFFFF);
|
||
|
list($a, $b, $c, $d) = explode('.', $ip);
|
||
|
$check = ($a << 24) + ($b << 16) + ($c << 8) + $d;
|
||
|
if ($check >= $low && $check <= $high)
|
||
|
{
|
||
|
return true;
|
||
|
}
|
||
|
else
|
||
|
{
|
||
|
return false;
|
||
|
}
|
||
|
}
|
||
|
|
||
|
function is_reverse_proxied()
|
||
|
{
|
||
|
$reverseProxied = false;
|
||
|
// TODO multiple ips!
|
||
|
if(!empty($_SERVER['HTTP_X_FORWARDED_FOR']) || !empty($_SERVER['HTTP_FORWARDED_FOR']) || !empty($_SERVER['HTTP_CLIENT_IP']) || !empty($_SERVER['HTTP_X_CLUSTER_CLIENT_IP']))
|
||
|
{
|
||
|
$ip = $_SERVER['REMOTE_ADDR'];
|
||
|
// First check for requests that originate from localhost
|
||
|
$reverseProxied = $reverseProxied || ip_in_range($ip, "10.0.0.0/8");
|
||
|
$reverseProxied = $reverseProxied || ip_in_range($ip, "127.0.0.1/8");
|
||
|
$reverseProxied = $reverseProxied || ip_in_range($ip, "172.16.0.0/12");
|
||
|
$reverseProxied = $reverseProxied || ip_in_range($ip, "192.168.0.0/16");
|
||
|
|
||
|
// Then check for CloudFlare
|
||
|
$reverseProxied = $reverseProxied || ip_in_range($ip, "204.93.240.0/24");
|
||
|
$reverseProxied = $reverseProxied || ip_in_range($ip, "204.93.177.0/24");
|
||
|
$reverseProxied = $reverseProxied || ip_in_range($ip, "199.27.128.0/21");
|
||
|
$reverseProxied = $reverseProxied || ip_in_range($ip, "173.245.48.0/20");
|
||
|
$reverseProxied = $reverseProxied || ip_in_range($ip, "103.22.200.0/22");
|
||
|
$reverseProxied = $reverseProxied || ip_in_range($ip, "141.101.64.0/18");
|
||
|
|
||
|
if(!empty($proxy_ranges))
|
||
|
{
|
||
|
foreach($proxy_ranges as $proxy_range)
|
||
|
{
|
||
|
$reverseProxied = $reverseProxied || ip_in_range($ip, $proxy_range);
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
|
||
|
return $reverseProxied;
|
||
|
}
|
||
|
|
||
|
function get_ip()
|
||
|
{
|
||
|
if(is_reverse_proxied())
|
||
|
{
|
||
|
if(!empty($_SERVER['HTTP_X_FORWARDED_FOR']))
|
||
|
{
|
||
|
$result = $_SERVER['HTTP_X_FORWARDED_FOR'];
|
||
|
}
|
||
|
elseif(!empty($_SERVER['HTTP_FORWARDED_FOR']))
|
||
|
{
|
||
|
$result = $_SERVER['HTTP_FORWARDED_FOR'];
|
||
|
}
|
||
|
elseif(!empty($_SERVER['HTTP_CLIENT_IP']))
|
||
|
{
|
||
|
$result = $_SERVER['HTTP_CLIENT_IP'];
|
||
|
}
|
||
|
elseif(!empty($_SERVER['HTTP_X_CLUSTER_CLIENT_IP']))
|
||
|
{
|
||
|
$result = $_SERVER['HTTP_X_CLUSTER_CLIENT_IP'];
|
||
|
}
|
||
|
else
|
||
|
{
|
||
|
$result = $_SERVER['REMOTE_ADDR'];
|
||
|
}
|
||
|
}
|
||
|
else
|
||
|
{
|
||
|
$result = $_SERVER['REMOTE_ADDR'];
|
||
|
}
|
||
|
|
||
|
return $result;
|
||
|
}
|
||
|
|
||
|
function check_banlist()
|
||
|
{
|
||
|
global $bannedIps;
|
||
|
$ipList = explode(",", get_ip());
|
||
|
foreach($ipList as $ip)
|
||
|
{
|
||
|
if(isset($bannedIps[trim($ip)]))
|
||
|
{
|
||
|
return true; // Banned.
|
||
|
}
|
||
|
}
|
||
|
return false; // Not banned.
|
||
|
}
|
||
|
|
||
|
function check_blacklisted($ip = null)
|
||
|
{
|
||
|
/* Thanks to Rene Moser (http://www.renemoser.net/) */
|
||
|
if($ip == null)
|
||
|
{
|
||
|
$ip = get_ip();
|
||
|
}
|
||
|
|
||
|
$dns_black_lists = file('dnsbl/dnsbl.txt', FILE_IGNORE_NEW_LINES);
|
||
|
$rev_ip = implode(array_reverse(explode('.', $ip)), '.');
|
||
|
$response = array();
|
||
|
foreach ($dns_black_lists as $dns_black_list)
|
||
|
{
|
||
|
$response = (gethostbynamel($rev_ip . '.' . $dns_black_list));
|
||
|
if (!empty($response))
|
||
|
{
|
||
|
return true;
|
||
|
}
|
||
|
}
|
||
|
return false;
|
||
|
}
|
||
|
|
||
|
function ip_hash($ip)
|
||
|
{
|
||
|
$ip = str_replace("::ffff:", "", $ip);
|
||
|
list($a, $b, $c, $d) = explode(".", $ip);
|
||
|
$e = ($d < 128) ? 0 : 128;
|
||
|
return sha1("{$a}.{$b}.{$c}.{$e}");
|
||
|
}
|
||
|
?>
|