Documentation TYPO3 par Ameos

ip_allow_deny.lib.php

00001 <?php
00002 /* $Id: ip_allow_deny.lib.php,v 2.4 2005/08/14 21:34:01 lem9 Exp $ */
00003 // vim: expandtab sw=4 ts=4 sts=4:
00004 
00018 function PMA_getIp()
00019 {
00020     global $REMOTE_ADDR;
00021     global $HTTP_X_FORWARDED_FOR, $HTTP_X_FORWARDED, $HTTP_FORWARDED_FOR, $HTTP_FORWARDED;
00022     global $HTTP_VIA, $HTTP_X_COMING_FROM, $HTTP_COMING_FROM;
00023 
00024     // Get some server/environment variables values
00025     if (empty($REMOTE_ADDR)) {
00026         if (!empty($_SERVER) && isset($_SERVER['REMOTE_ADDR'])) {
00027             $REMOTE_ADDR = $_SERVER['REMOTE_ADDR'];
00028         }
00029         else if (!empty($_ENV) && isset($_ENV['REMOTE_ADDR'])) {
00030             $REMOTE_ADDR = $_ENV['REMOTE_ADDR'];
00031         }
00032         else if (@getenv('REMOTE_ADDR')) {
00033             $REMOTE_ADDR = getenv('REMOTE_ADDR');
00034         }
00035     } // end if
00036     if (empty($HTTP_X_FORWARDED_FOR)) {
00037         if (!empty($_SERVER) && isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
00038             $HTTP_X_FORWARDED_FOR = $_SERVER['HTTP_X_FORWARDED_FOR'];
00039         }
00040         else if (!empty($_ENV) && isset($_ENV['HTTP_X_FORWARDED_FOR'])) {
00041             $HTTP_X_FORWARDED_FOR = $_ENV['HTTP_X_FORWARDED_FOR'];
00042         }
00043         else if (@getenv('HTTP_X_FORWARDED_FOR')) {
00044             $HTTP_X_FORWARDED_FOR = getenv('HTTP_X_FORWARDED_FOR');
00045         }
00046     } // end if
00047     if (empty($HTTP_X_FORWARDED)) {
00048         if (!empty($_SERVER) && isset($_SERVER['HTTP_X_FORWARDED'])) {
00049             $HTTP_X_FORWARDED = $_SERVER['HTTP_X_FORWARDED'];
00050         }
00051         else if (!empty($_ENV) && isset($_ENV['HTTP_X_FORWARDED'])) {
00052             $HTTP_X_FORWARDED = $_ENV['HTTP_X_FORWARDED'];
00053         }
00054         else if (@getenv('HTTP_X_FORWARDED')) {
00055             $HTTP_X_FORWARDED = getenv('HTTP_X_FORWARDED');
00056         }
00057     } // end if
00058     if (empty($HTTP_FORWARDED_FOR)) {
00059         if (!empty($_SERVER) && isset($_SERVER['HTTP_FORWARDED_FOR'])) {
00060             $HTTP_FORWARDED_FOR = $_SERVER['HTTP_FORWARDED_FOR'];
00061         }
00062         else if (!empty($_ENV) && isset($_ENV['HTTP_FORWARDED_FOR'])) {
00063             $HTTP_FORWARDED_FOR = $_ENV['HTTP_FORWARDED_FOR'];
00064         }
00065         else if (@getenv('HTTP_FORWARDED_FOR')) {
00066             $HTTP_FORWARDED_FOR = getenv('HTTP_FORWARDED_FOR');
00067         }
00068     } // end if
00069     if (empty($HTTP_FORWARDED)) {
00070         if (!empty($_SERVER) && isset($_SERVER['HTTP_FORWARDED'])) {
00071             $HTTP_FORWARDED = $_SERVER['HTTP_FORWARDED'];
00072         }
00073         else if (!empty($_ENV) && isset($_ENV['HTTP_FORWARDED'])) {
00074             $HTTP_FORWARDED = $_ENV['HTTP_FORWARDED'];
00075         }
00076         else if (@getenv('HTTP_FORWARDED')) {
00077             $HTTP_FORWARDED = getenv('HTTP_FORWARDED');
00078         }
00079     } // end if
00080     if (empty($HTTP_VIA)) {
00081         if (!empty($_SERVER) && isset($_SERVER['HTTP_VIA'])) {
00082             $HTTP_VIA = $_SERVER['HTTP_VIA'];
00083         }
00084         else if (!empty($_ENV) && isset($_ENV['HTTP_VIA'])) {
00085             $HTTP_VIA = $_ENV['HTTP_VIA'];
00086         }
00087         else if (@getenv('HTTP_VIA')) {
00088             $HTTP_VIA = getenv('HTTP_VIA');
00089         }
00090     } // end if
00091     if (empty($HTTP_X_COMING_FROM)) {
00092         if (!empty($_SERVER) && isset($_SERVER['HTTP_X_COMING_FROM'])) {
00093             $HTTP_X_COMING_FROM = $_SERVER['HTTP_X_COMING_FROM'];
00094         }
00095         else if (!empty($_ENV) && isset($_ENV['HTTP_X_COMING_FROM'])) {
00096             $HTTP_X_COMING_FROM = $_ENV['HTTP_X_COMING_FROM'];
00097         }
00098         else if (@getenv('HTTP_X_COMING_FROM')) {
00099             $HTTP_X_COMING_FROM = getenv('HTTP_X_COMING_FROM');
00100         }
00101     } // end if
00102     if (empty($HTTP_COMING_FROM)) {
00103         if (!empty($_SERVER) && isset($_SERVER['HTTP_COMING_FROM'])) {
00104             $HTTP_COMING_FROM = $_SERVER['HTTP_COMING_FROM'];
00105         }
00106         else if (!empty($_ENV) && isset($_ENV['HTTP_COMING_FROM'])) {
00107             $HTTP_COMING_FROM = $_ENV['HTTP_COMING_FROM'];
00108         }
00109         else if (@getenv('HTTP_COMING_FROM')) {
00110             $HTTP_COMING_FROM = getenv('HTTP_COMING_FROM');
00111         }
00112     } // end if
00113 
00114     // Gets the default ip sent by the user
00115     if (!empty($REMOTE_ADDR)) {
00116         $direct_ip = $REMOTE_ADDR;
00117     }
00118 
00119     // Gets the proxy ip sent by the user
00120     $proxy_ip     = '';
00121     if (!empty($HTTP_X_FORWARDED_FOR)) {
00122         $proxy_ip = $HTTP_X_FORWARDED_FOR;
00123     } else if (!empty($HTTP_X_FORWARDED)) {
00124         $proxy_ip = $HTTP_X_FORWARDED;
00125     } else if (!empty($HTTP_FORWARDED_FOR)) {
00126         $proxy_ip = $HTTP_FORWARDED_FOR;
00127     } else if (!empty($HTTP_FORWARDED)) {
00128         $proxy_ip = $HTTP_FORWARDED;
00129     } else if (!empty($HTTP_VIA)) {
00130         $proxy_ip = $HTTP_VIA;
00131     } else if (!empty($HTTP_X_COMING_FROM)) {
00132         $proxy_ip = $HTTP_X_COMING_FROM;
00133     } else if (!empty($HTTP_COMING_FROM)) {
00134         $proxy_ip = $HTTP_COMING_FROM;
00135     } // end if... else if...
00136 
00137     // Returns the true IP if it has been found, else FALSE
00138     if (empty($proxy_ip)) {
00139         // True IP without proxy
00140         return $direct_ip;
00141     } else {
00142         $is_ip = preg_match('|^([0-9]{1,3}\.){3,3}[0-9]{1,3}|', $proxy_ip, $regs = array());
00143         if ($is_ip && (count($regs) > 0)) {
00144             // True IP behind a proxy
00145             return $regs[0];
00146         } else {
00147             // Can't define IP: there is a proxy but we don't have
00148             // information about the true IP
00149             return FALSE;
00150         }
00151     } // end if... else...
00152 } // end of the 'PMA_getIp()' function
00153 
00154 
00176 function PMA_ipMaskTest($testRange, $ipToTest)
00177 {
00178    $result = TRUE;
00179 
00180    if (preg_match('|([0-9]+)\.([0-9]+)\.([0-9]+)\.([0-9]+)/([0-9]+)|', $testRange, $regs = array())) {
00181        // performs a mask match
00182        $ipl    = ip2long($ipToTest);
00183        $rangel = ip2long($regs[1] . '.' . $regs[2] . '.' . $regs[3] . '.' . $regs[4]);
00184 
00185        $maskl  = 0;
00186 
00187        for ($i = 0; $i < 31; $i++) {
00188            if ($i < $regs[5] - 1) {
00189                $maskl = $maskl + pow(2, (30 - $i));
00190            } // end if
00191        } // end for
00192 
00193        if (($maskl & $rangel) == ($maskl & $ipl)) {
00194            return TRUE;
00195        } else {
00196            return FALSE;
00197        }
00198    } else {
00199        // range based
00200        $maskocts = explode('.', $testRange);
00201        $ipocts   = explode('.', $ipToTest);
00202 
00203        // perform a range match
00204        for ($i = 0; $i < 4; $i++) {
00205             if (preg_match('|\[([0-9]+)\-([0-9]+)\]|', $maskocts[$i], $regs)) {
00206                 if (($ipocts[$i] > $regs[2])
00207                     || ($ipocts[$i] < $regs[1])) {
00208                     $result = FALSE;
00209                 } // end if
00210             } else {
00211                 if ($maskocts[$i] <> $ipocts[$i]) {
00212                     $result = FALSE;
00213                 } // end if
00214             } // end if/else
00215        } //end for
00216    } //end if/else
00217 
00218    return $result;
00219 } // end of the "PMA_IPMaskTest()" function
00220 
00221 
00233 function PMA_allowDeny($type)
00234 {
00235     global $cfg;
00236 
00237     // Grabs true IP of the user and returns if it can't be found
00238     $remote_ip = PMA_getIp();
00239     if (empty($remote_ip)) {
00240         return FALSE;
00241     }
00242 
00243     // copy username
00244     $username  = $cfg['Server']['user'];
00245 
00246     // copy rule database
00247     $rules     = $cfg['Server']['AllowDeny']['rules'];
00248 
00249     // lookup table for some name shortcuts
00250     $shortcuts = array(
00251         'all'       => '0.0.0.0/0',
00252         'localhost' => '127.0.0.1/8'
00253     );
00254 
00255     foreach ($rules AS $rule) {
00256         // extract rule data
00257         $rule_data = explode(' ', $rule);
00258 
00259         // check for rule type
00260         if ($rule_data[0] != $type) {
00261             continue;
00262         }
00263 
00264         // check for username
00265         if (($rule_data[1] != '%') //wildcarded first
00266             && ($rule_data[1] != $username)) {
00267             continue;
00268         }
00269 
00270         // check if the config file has the full string with an extra
00271         // 'from' in it and if it does, just discard it
00272         if ($rule_data[2] == 'from') {
00273             $rule_data[2] = $rule_data[3];
00274         }
00275 
00276         // Handle shortcuts with above array
00277         // DON'T use "array_key_exists" as it's only PHP 4.1 and newer.
00278         if (isset($shortcuts[$rule_data[2]])) {
00279             $rule_data[2] = $shortcuts[$rule_data[2]];
00280         }
00281 
00282         // Add code for host lookups here
00283         // Excluded for the moment
00284 
00285         // Do the actual matching now
00286         if (PMA_ipMaskTest($rule_data[2], $remote_ip)) {
00287             return TRUE;
00288         }
00289     } // end while
00290 
00291     return FALSE;
00292 } // end of the "PMA_AllowDeny()" function
00293 
00294 ?>


Généré par Le spécialiste TYPO3 avec  doxygen 1.4.6