* * @param string an IP in Internet standard format * * @return string its IPv4 Internet network address * * @access private */ function ip2long($dotted) { $dotted = split('\.', $dotted); $ip = (double)0; $y = 0x1000000; for ($i = 0; $i < 4; $i++) { $ip += ($dotted[$i] * $y); $y = ($y >> 8); } // end for return $ip; } // end of the "ip2long" function } // end if /** * Gets the "true" IP address of the current user * * @return string the ip of the user * * @access private */ function PMA_getIp() { global $REMOTE_ADDR; global $HTTP_X_FORWARDED_FOR, $HTTP_X_FORWARDED, $HTTP_FORWARDED_FOR, $HTTP_FORWARDED; global $HTTP_VIA, $HTTP_X_COMING_FROM, $HTTP_COMING_FROM; global $HTTP_SERVER_VARS, $HTTP_ENV_VARS; // Get some server/environment variables values if (empty($REMOTE_ADDR)) { if (!empty($_SERVER) && isset($_SERVER['REMOTE_ADDR'])) { $REMOTE_ADDR = $_SERVER['REMOTE_ADDR']; } else if (!empty($_ENV) && isset($_ENV['REMOTE_ADDR'])) { $REMOTE_ADDR = $_ENV['REMOTE_ADDR']; } else if (!empty($HTTP_SERVER_VARS) && isset($HTTP_SERVER_VARS['REMOTE_ADDR'])) { $REMOTE_ADDR = $HTTP_SERVER_VARS['REMOTE_ADDR']; } else if (!empty($HTTP_ENV_VARS) && isset($HTTP_ENV_VARS['REMOTE_ADDR'])) { $REMOTE_ADDR = $HTTP_ENV_VARS['REMOTE_ADDR']; } else if (@getenv('REMOTE_ADDR')) { $REMOTE_ADDR = getenv('REMOTE_ADDR'); } } // end if if (empty($HTTP_X_FORWARDED_FOR)) { if (!empty($_SERVER) && isset($_SERVER['HTTP_X_FORWARDED_FOR'])) { $HTTP_X_FORWARDED_FOR = $_SERVER['HTTP_X_FORWARDED_FOR']; } else if (!empty($_ENV) && isset($_ENV['HTTP_X_FORWARDED_FOR'])) { $HTTP_X_FORWARDED_FOR = $_ENV['HTTP_X_FORWARDED_FOR']; } else if (!empty($HTTP_SERVER_VARS) && isset($HTTP_SERVER_VARS['HTTP_X_FORWARDED_FOR'])) { $HTTP_X_FORWARDED_FOR = $HTTP_SERVER_VARS['HTTP_X_FORWARDED_FOR']; } else if (!empty($HTTP_ENV_VARS) && isset($HTTP_ENV_VARS['HTTP_X_FORWARDED_FOR'])) { $HTTP_X_FORWARDED_FOR = $HTTP_ENV_VARS['HTTP_X_FORWARDED_FOR']; } else if (@getenv('HTTP_X_FORWARDED_FOR')) { $HTTP_X_FORWARDED_FOR = getenv('HTTP_X_FORWARDED_FOR'); } } // end if if (empty($HTTP_X_FORWARDED)) { if (!empty($_SERVER) && isset($_SERVER['HTTP_X_FORWARDED'])) { $HTTP_X_FORWARDED = $_SERVER['HTTP_X_FORWARDED']; } else if (!empty($_ENV) && isset($_ENV['HTTP_X_FORWARDED'])) { $HTTP_X_FORWARDED = $_ENV['HTTP_X_FORWARDED']; } else if (!empty($HTTP_SERVER_VARS) && isset($HTTP_SERVER_VARS['HTTP_X_FORWARDED'])) { $HTTP_X_FORWARDED = $HTTP_SERVER_VARS['HTTP_X_FORWARDED']; } else if (!empty($HTTP_ENV_VARS) && isset($HTTP_ENV_VARS['HTTP_X_FORWARDED'])) { $HTTP_X_FORWARDED = $HTTP_ENV_VARS['HTTP_X_FORWARDED']; } else if (@getenv('HTTP_X_FORWARDED')) { $HTTP_X_FORWARDED = getenv('HTTP_X_FORWARDED'); } } // end if if (empty($HTTP_FORWARDED_FOR)) { if (!empty($_SERVER) && isset($_SERVER['HTTP_FORWARDED_FOR'])) { $HTTP_FORWARDED_FOR = $_SERVER['HTTP_FORWARDED_FOR']; } else if (!empty($_ENV) && isset($_ENV['HTTP_FORWARDED_FOR'])) { $HTTP_FORWARDED_FOR = $_ENV['HTTP_FORWARDED_FOR']; } else if (!empty($HTTP_SERVER_VARS) && isset($HTTP_SERVER_VARS['HTTP_FORWARDED_FOR'])) { $HTTP_FORWARDED_FOR = $HTTP_SERVER_VARS['HTTP_FORWARDED_FOR']; } else if (!empty($HTTP_ENV_VARS) && isset($HTTP_ENV_VARS['HTTP_FORWARDED_FOR'])) { $HTTP_FORWARDED_FOR = $HTTP_ENV_VARS['HTTP_FORWARDED_FOR']; } else if (@getenv('HTTP_FORWARDED_FOR')) { $HTTP_FORWARDED_FOR = getenv('HTTP_FORWARDED_FOR'); } } // end if if (empty($HTTP_FORWARDED)) { if (!empty($_SERVER) && isset($_SERVER['HTTP_FORWARDED'])) { $HTTP_FORWARDED = $_SERVER['HTTP_FORWARDED']; } else if (!empty($_ENV) && isset($_ENV['HTTP_FORWARDED'])) { $HTTP_FORWARDED = $_ENV['HTTP_FORWARDED']; } else if (!empty($HTTP_SERVER_VARS) && isset($HTTP_SERVER_VARS['HTTP_FORWARDED'])) { $HTTP_FORWARDED = $HTTP_SERVER_VARS['HTTP_FORWARDED']; } else if (!empty($HTTP_ENV_VARS) && isset($HTTP_ENV_VARS['HTTP_FORWARDED'])) { $HTTP_FORWARDED = $HTTP_ENV_VARS['HTTP_FORWARDED']; } else if (@getenv('HTTP_FORWARDED')) { $HTTP_FORWARDED = getenv('HTTP_FORWARDED'); } } // end if if (empty($HTTP_VIA)) { if (!empty($_SERVER) && isset($_SERVER['HTTP_VIA'])) { $HTTP_VIA = $_SERVER['HTTP_VIA']; } else if (!empty($_ENV) && isset($_ENV['HTTP_VIA'])) { $HTTP_VIA = $_ENV['HTTP_VIA']; } else if (!empty($HTTP_SERVER_VARS) && isset($HTTP_SERVER_VARS['HTTP_VIA'])) { $HTTP_VIA = $HTTP_SERVER_VARS['HTTP_VIA']; } else if (!empty($HTTP_ENV_VARS) && isset($HTTP_ENV_VARS['HTTP_VIA'])) { $HTTP_VIA = $HTTP_ENV_VARS['HTTP_VIA']; } else if (@getenv('HTTP_VIA')) { $HTTP_VIA = getenv('HTTP_VIA'); } } // end if if (empty($HTTP_X_COMING_FROM)) { if (!empty($_SERVER) && isset($_SERVER['HTTP_X_COMING_FROM'])) { $HTTP_X_COMING_FROM = $_SERVER['HTTP_X_COMING_FROM']; } else if (!empty($_ENV) && isset($_ENV['HTTP_X_COMING_FROM'])) { $HTTP_X_COMING_FROM = $_ENV['HTTP_X_COMING_FROM']; } else if (!empty($HTTP_SERVER_VARS) && isset($HTTP_SERVER_VARS['HTTP_X_COMING_FROM'])) { $HTTP_X_COMING_FROM = $HTTP_SERVER_VARS['HTTP_X_COMING_FROM']; } else if (!empty($HTTP_ENV_VARS) && isset($HTTP_ENV_VARS['HTTP_X_COMING_FROM'])) { $HTTP_X_COMING_FROM = $HTTP_ENV_VARS['HTTP_X_COMING_FROM']; } else if (@getenv('HTTP_X_COMING_FROM')) { $HTTP_X_COMING_FROM = getenv('HTTP_X_COMING_FROM'); } } // end if if (empty($HTTP_COMING_FROM)) { if (!empty($_SERVER) && isset($_SERVER['HTTP_COMING_FROM'])) { $HTTP_COMING_FROM = $_SERVER['HTTP_COMING_FROM']; } else if (!empty($_ENV) && isset($_ENV['HTTP_COMING_FROM'])) { $HTTP_COMING_FROM = $_ENV['HTTP_COMING_FROM']; } else if (!empty($HTTP_COMING_FROM) && isset($HTTP_SERVER_VARS['HTTP_COMING_FROM'])) { $HTTP_COMING_FROM = $HTTP_SERVER_VARS['HTTP_COMING_FROM']; } else if (!empty($HTTP_ENV_VARS) && isset($HTTP_ENV_VARS['HTTP_COMING_FROM'])) { $HTTP_COMING_FROM = $HTTP_ENV_VARS['HTTP_COMING_FROM']; } else if (@getenv('HTTP_COMING_FROM')) { $HTTP_COMING_FROM = getenv('HTTP_COMING_FROM'); } } // end if // Gets the default ip sent by the user if (!empty($REMOTE_ADDR)) { $direct_ip = $REMOTE_ADDR; } // Gets the proxy ip sent by the user $proxy_ip = ''; if (!empty($HTTP_X_FORWARDED_FOR)) { $proxy_ip = $HTTP_X_FORWARDED_FOR; } else if (!empty($HTTP_X_FORWARDED)) { $proxy_ip = $HTTP_X_FORWARDED; } else if (!empty($HTTP_FORWARDED_FOR)) { $proxy_ip = $HTTP_FORWARDED_FOR; } else if (!empty($HTTP_FORWARDED)) { $proxy_ip = $HTTP_FORWARDED; } else if (!empty($HTTP_VIA)) { $proxy_ip = $HTTP_VIA; } else if (!empty($HTTP_X_COMING_FROM)) { $proxy_ip = $HTTP_X_COMING_FROM; } else if (!empty($HTTP_COMING_FROM)) { $proxy_ip = $HTTP_COMING_FROM; } // end if... else if... // Returns the true IP if it has been found, else FALSE if (empty($proxy_ip)) { // True IP without proxy return $direct_ip; } else { $is_ip = ereg('^([0-9]{1,3}\.){3,3}[0-9]{1,3}', $proxy_ip, $regs); if ($is_ip && (count($regs) > 0)) { // True IP behind a proxy return $regs[0]; } else { // Can't define IP: there is a proxy but we don't have // information about the true IP return FALSE; } } // end if... else... } // end of the 'PMA_getIp()' function /** * Based on IP Pattern Matcher * Originally by J.Adams * Found on * Modified by Robbat2 * * Matches: * xxx.xxx.xxx.xxx (exact) * xxx.xxx.xxx.[yyy-zzz] (range) * xxx.xxx.xxx.xxx/nn (CIDR) * * Does not match: * xxx.xxx.xxx.xx[yyy-zzz] (range, partial octets not supported) * * @param string string of IP range to match * @param string string of IP to test against range * * @return boolean always true * * @access public */ function PMA_ipMaskTest($testRange, $ipToTest) { $result = TRUE; if (ereg('([0-9]+)\.([0-9]+)\.([0-9]+)\.([0-9]+)/([0-9]+)', $testRange, $regs)) { // performs a mask match $ipl = ip2long($ipToTest); $rangel = ip2long($regs[1] . '.' . $regs[2] . '.' . $regs[3] . '.' . $regs[4]); $maskl = 0; for ($i = 0; $i < 31; $i++) { if ($i < $regs[5] - 1) { $maskl = $maskl + pow(2, (30 - $i)); } // end if } // end for if (($maskl & $rangel) == ($maskl & $ipl)) { return TRUE; } else { return FALSE; } } else { // range based $maskocts = split('\.', $testRange); $ipocts = split('\.', $ipToTest); // perform a range match for ($i = 0; $i < 4; $i++) { if (ereg('\[([0-9]+)\-([0-9]+)\]', $maskocts[$i], $regs)) { if (($ipocts[$i] > $regs[2]) || ($ipocts[$i] < $regs[1])) { $result = FALSE; } // end if } else { if ($maskocts[$i] <> $ipocts[$i]) { $result = FALSE; } // end if } // end if/else } //end for } //end if/else return $result; } // end of the "PMA_IPMaskTest()" function /** * Runs through IP Allow/Deny rules the use of it below for more information * * @param string 'allow' | 'deny' type of rule to match * * @return bool Matched a rule ? * * @access public * * @see PMA_getIp() */ function PMA_allowDeny($type) { global $cfg; // Grabs true IP of the user and returns if it can't be found $remote_ip = PMA_getIp(); if (empty($remote_ip)) { return FALSE; } // copy username $username = $cfg['Server']['user']; // copy rule database $rules = $cfg['Server']['AllowDeny']['rules']; // lookup table for some name shortcuts $shortcuts = array( 'all' => '0.0.0.0/0', 'localhost' => '127.0.0.1/8' ); reset($rules); // used instead of a foreach look for PHP3 support while (list(, $rule) = each($rules)) { // extract rule data $rule_data = explode(' ', $rule); // check for rule type if ($rule_data[0] != $type) { continue; } // check for username if (($rule_data[1] != '%') //wildcarded first && ($rule_data[1] != $username)) { continue; } // check if the config file has the full string with an extra // 'from' in it and if it does, just discard it if ($rule_data[2] == 'from') { $rule_data[2] = $rule_data[3]; } // Handle shortcuts with above array // DON'T use "array_key_exists" as it's only PHP 4.1 and newer. if (isset($shortcuts[$rule_data[2]])) { $rule_data[2] = $shortcuts[$rule_data[2]]; } // Add code for host lookups here // Excluded for the moment // Do the actual matching now if (PMA_ipMaskTest($rule_data[2], $remote_ip)) { return TRUE; } } // end while return FALSE; } // end of the "PMA_AllowDeny()" function } // $__PMA_ALLOW_DENY_LIB__ ?>