public static function validateToken($token)
{
if (is_string($token)) {
if (trim($token) === "") {
return null;
}
$tokens = new Default_Model_AccessTokens();
$tokens->filter->token->equals($token);
if (count($tokens->items) === 0) {
return false;
}
$token = $tokens->items[0];
} else {
if ($token instanceof Default_Model_AccessToken) {
//nothing to do
} else {
return false;
}
}
$valid = false;
$ip = $_SERVER['REMOTE_ADDR'];
$netfilters = $token->getNetfilters();
if (count($netfilters) === 0) {
return true;
}
foreach ($netfilters as $netfilter) {
if ($netfilter == '') {
// NULL netfilter
$valid = true;
break;
} elseif (isCIDR($netfilter)) {
if (ipCIDRCheck($ip, $netfilter)) {
$valid = true;
break;
}
} elseif (isCIDR6($netfilter)) {
if (ipCIDRCheck6($ip, $netfilter)) {
$valid = true;
break;
}
} elseif (isIPv4($netfilter) || isIPv6($netfilter)) {
if ($ip == $netfilter) {
$valid = true;
break;
}
} else {
// domain name based netfilter
$hostname = gethostbyaddr($ip);
$netfilter = str_replace('\\', '', $netfilter);
// do not permit escaping
if (preg_match('/\\.' . str_replace('.', '\\.', $netfilter) . '$/', $hostname) || preg_match('/^' . str_replace('.', '\\.', $netfilter) . '$/', $hostname)) {
$valid = true;
break;
}
}
}
if (!$valid) {
debug_log('[AccessTokens::validateToken]: Invalid API key ' . $token->getToken());
}
return $valid;
}
/**
* check that the apikey is valid for the IP that made the request
*
* @key string the API key
* @netfilter string the netfilter for which the key is valid
*
* @return boolean
* @access private
*/
private function _validateAPIKey($key)
{
$valid = false;
if ($this->getParam("remoteaddr") != "") {
$ip = base64_decode($this->getParam("remoteaddr"));
} else {
$ip = $_SERVER['REMOTE_ADDR'];
}
if (count($key->netfilters) == 0) {
$valid = true;
}
foreach ($key->netfilters as $netfilter) {
if ($netfilter == '') {
// NULL netfilter
$valid = true;
break;
} elseif (isCIDR($netfilter)) {
if (ipCIDRCheck($ip, $netfilter)) {
$valid = true;
break;
}
} elseif (isCIDR6($netfilter)) {
if (ipCIDRCheck6($ip, $netfilter)) {
$valid = true;
break;
}
} elseif (isIPv4($netfilter) || isIPv6($netfilter)) {
if ($ip == $netfilter) {
$valid = true;
break;
}
} else {
// domain name based netfilter
$hostname = gethostbyaddr($ip);
$netfilter = str_replace('\\', '', $netfilter);
// do not permit escaping
if (preg_match('/\\.' . str_replace('.', '\\.', $netfilter) . '$/', $hostname) || preg_match('/^' . str_replace('.', '\\.', $netfilter) . '$/', $hostname)) {
$valid = true;
break;
}
}
}
if (!$valid) {
error_log('Invalid API key ' . $key->key . "(ip = {$ip})");
}
return $valid;
}
require_once __DIR__ . '/../config.php';
require_once __DIR__ . '/core.php';
/**
* Check with the GitHub API if the source IP matches one from GitHub.
*/
$match = false;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://api.github.com/meta');
curl_setopt($ch, CURLOPT_USERAGENT, 'betacie/githooks');
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$data = curl_exec($ch);
curl_close($ch);
$metaJSON = json_decode($data);
foreach ($metaJSON->hooks as $cidr) {
if (ipCIDRCheck($_SERVER['REMOTE_ADDR'], $cidr)) {
$match = true;
break;
}
}
if (!$match || !isset($_POST['payload'])) {
die;
}
/**
* Decode the JSON Payload.
*/
$json = json_decode($_POST['payload']);
$refs = explode('/', $json->ref);
$branch = $refs[count($refs) - 1];
$name = $json->repository->owner->name . '/' . $json->repository->name . '/' . $branch;
/**
}
fclose($unzipped);
}
}
// loop over the geoip file
// find a matching network
$row = 0;
if (($handle = fopen($dirname . $fileIP, 'r')) !== FALSE) {
while (($data = fgetcsv($handle, 1000, ',')) !== FALSE) {
$num = count($data);
$row++;
if ($row > 1) {
// get network
$range = $data[0];
// check if user's IP matches network
if (ipCIDRCheck($ip, $range)) {
$geo_id = $data[1];
$loc['postal'] = $data[6];
$loc['lat'] = $data[7];
$loc['lng'] = $data[8];
break;
}
}
}
}
// if a geo_id match is found then
// loop over the locations file to find
// country, province, city
if ($geo_id != null) {
$row = 0;
if (($handle = fopen($dirname . $fileLOC, 'r')) !== FALSE) {
