= $low && $check <= $high) { return true; } else { return false; } } function is_reverse_proxied() { $reverseProxied = false; // TODO multiple ips! if(!empty($_SERVER['HTTP_X_FORWARDED_FOR']) || !empty($_SERVER['HTTP_FORWARDED_FOR']) || !empty($_SERVER['HTTP_CLIENT_IP']) || !empty($_SERVER['HTTP_X_CLUSTER_CLIENT_IP'])) { $ip = $_SERVER['REMOTE_ADDR']; // First check for requests that originate from localhost $reverseProxied = $reverseProxied || ip_in_range($ip, "10.0.0.0/8"); $reverseProxied = $reverseProxied || ip_in_range($ip, "127.0.0.1/8"); $reverseProxied = $reverseProxied || ip_in_range($ip, "172.16.0.0/12"); $reverseProxied = $reverseProxied || ip_in_range($ip, "192.168.0.0/16"); // Then check for CloudFlare $reverseProxied = $reverseProxied || ip_in_range($ip, "204.93.240.0/24"); $reverseProxied = $reverseProxied || ip_in_range($ip, "204.93.177.0/24"); $reverseProxied = $reverseProxied || ip_in_range($ip, "199.27.128.0/21"); $reverseProxied = $reverseProxied || ip_in_range($ip, "173.245.48.0/20"); $reverseProxied = $reverseProxied || ip_in_range($ip, "103.22.200.0/22"); $reverseProxied = $reverseProxied || ip_in_range($ip, "141.101.64.0/18"); if(!empty($proxy_ranges)) { foreach($proxy_ranges as $proxy_range) { $reverseProxied = $reverseProxied || ip_in_range($ip, $proxy_range); } } } return $reverseProxied; } function get_ip() { if(is_reverse_proxied()) { if(!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) { $result = $_SERVER['HTTP_X_FORWARDED_FOR']; } elseif(!empty($_SERVER['HTTP_FORWARDED_FOR'])) { $result = $_SERVER['HTTP_FORWARDED_FOR']; } elseif(!empty($_SERVER['HTTP_CLIENT_IP'])) { $result = $_SERVER['HTTP_CLIENT_IP']; } elseif(!empty($_SERVER['HTTP_X_CLUSTER_CLIENT_IP'])) { $result = $_SERVER['HTTP_X_CLUSTER_CLIENT_IP']; } else { $result = $_SERVER['REMOTE_ADDR']; } } else { $result = $_SERVER['REMOTE_ADDR']; } return $result; } function check_banlist() { global $bannedIps; $ipList = explode(",", get_ip()); foreach($ipList as $ip) { if(isset($bannedIps[trim($ip)])) { return true; // Banned. } } return false; // Not banned. } function check_blacklisted($ip = null) { /* Thanks to Rene Moser (http://www.renemoser.net/) */ if($ip == null) { $ip = get_ip(); } $dns_black_lists = file('dnsbl/dnsbl.txt', FILE_IGNORE_NEW_LINES); $rev_ip = implode(array_reverse(explode('.', $ip)), '.'); $response = array(); foreach ($dns_black_lists as $dns_black_list) { $response = (gethostbynamel($rev_ip . '.' . $dns_black_list)); if (!empty($response)) { return true; } } return false; } function ip_hash($ip) { $ip = str_replace("::ffff:", "", $ip); list($a, $b, $c, $d) = explode(".", $ip); $e = ($d < 128) ? 0 : 128; return sha1("{$a}.{$b}.{$c}.{$e}"); } ?>