// special case locations
$use_closest = false;
if ($test['location'] == 'closest' && is_file('./settings/closest.ini')) {
$use_closest = true;
}
// populate the IP address of the user who submitted it
if (!array_key_exists('ip', $test) || !strlen($test['ip'])) {
$test['ip'] = $_SERVER['REMOTE_ADDR'];
if ($test['ip'] == '127.0.0.1') {
$test['ip'] = @getenv("HTTP_X_FORWARDED_FOR");
}
}
// Make sure we aren't blocking the tester
// TODO: remove the allowance for high-priority after API keys are implemented
ValidateKey($test, $error);
if (!strlen($error) && CheckIp($test) && CheckUrl($test['url'])) {
if (!$error && !$test['batch']) {
ValidateParameters($test, $locations, $error);
}
if (!strlen($error) && !array_key_exists('id', $test)) {
// see if we are doing a SPOF test (if so, we need to build the 2 tests and
// redirect to the comparison page
if (isset($req_spof) && strlen(trim($req_spof))) {
$spofTests = array();
$test['video'] = 1;
$test['label'] = 'Original';
$id = CreateTest($test, $test['url']);
if (isset($id)) {
$spofTests[] = $id;
$test['label'] = 'SPOF';
$script = '';
if (extension_loaded('newrelic')) {
newrelic_add_custom_tracer('ApcCheckIp');
newrelic_add_custom_tracer('CheckIp');
}
include 'common_lib.inc';
error_reporting(E_ERROR | E_PARSE);
$has_apc = function_exists('apc_fetch') && function_exists('apc_store');
$ok = false;
if (isset($_REQUEST['installer']) && isset($_SERVER['REMOTE_ADDR'])) {
$installer = $_REQUEST['installer'];
$installer_postfix = GetSetting('installerPostfix');
if ($installer_postfix) {
$installer .= $installer_postfix;
$ok = true;
} elseif (preg_match('/^(software|browsers\\/[-_a-zA-Z0-9]+)\\.dat$/', $installer)) {
$ok = $has_apc ? ApcCheckIp($installer) : CheckIp($installer);
}
}
if ($ok) {
$file = __DIR__ . '/installers/' . $installer;
$data = $has_apc ? apc_fetch("installer-{$installer}") : null;
if (!$data && is_file($file)) {
$data = file_get_contents($file);
if ($has_apc) {
apc_store("installer-{$installer}", str_pad($data, 1000), 600);
}
}
if (isset($data) && strlen($data)) {
header("Content-type: text/plain");
header("Cache-Control: no-cache, must-revalidate");
header("Expires: Sat, 26 Jul 1997 05:00:00 GMT");
// some myBB integration to get the requesting user
if (is_dir('./forums') && isset($_COOKIE['mybbuser'])) {
$dir = getcwd();
try {
define("IN_MYBB", 1);
chdir('forums');
// path to MyBB
include './global.php';
$test['uid'] = $mybb->user['uid'];
$test['user'] = $mybb->user['username'];
} catch (Exception $e) {
}
chdir($dir);
}
// check to make sure the referrer is the same as the host
if (CheckReferrer() && CheckIp() && CheckUrl($test['url'])) {
// load the location information
$locations = parse_ini_file('./settings/locations.ini', true);
$error = NULL;
ValidateParameters($test, $locations, $error);
if (!$error) {
if ($test['remoteUrl']) {
// send the test request to the remote system (only allow this for POST requests for now)
SendRemoteTest($test, $_POST, $error);
} else {
// generate the test ID
include_once 'unique.inc';
$id = null;
if ($test['private']) {
$id = md5(uniqid(rand(), true));
} else {
function IsValidIp($ip, $installer)
{
global $has_apc;
$ok = true;
// Make sure it isn't on our banned IP list
$filename = __DIR__ . '/settings/block_installer_ip.txt';
if (is_file($filename)) {
$blocked_addresses = file($filename, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
if (in_array($ip, $blocked_addresses)) {
$ok = false;
}
}
if ($ok) {
$ok = $has_apc ? ApcCheckIp($ip, $installer) : CheckIp($ip, $installer);
if (!$ok) {
logMsg("BLOCKED - {$ip} : {$_REQUEST['installer']}", "log/software.log", true);
}
}
return $ok;
}