/** * Test for PMA_ipMaskTest * * @return void */ public function testPMA_ipMaskTest() { //IPV4 testing $testRange = "255.255.0.0/8"; $ipToTest = "10.0.0.0"; $this->assertEquals(false, PMA_ipMaskTest($testRange, $ipToTest)); $testRange = "255.255.0.0/4"; $ipToTest = "255.3.0.0"; $this->assertEquals(true, PMA_ipMaskTest($testRange, $ipToTest)); $testRange = "255.255.0.[0-10]"; $ipToTest = "255.3.0.3"; $this->assertEquals(false, PMA_ipMaskTest($testRange, $ipToTest)); $ipToTest = "255.3.0.12"; $this->assertEquals(false, PMA_ipMaskTest($testRange, $ipToTest)); //IPV6 testing //not range $ipToTest = "2001:4998:c:a0d:0000:0000:4998:1020"; $testRange = "2001:4998:c:a0d:0000:0000:4998:1020"; $this->assertEquals(true, PMA_ipMaskTest($testRange, $ipToTest)); $ipToTest = "2001:4998:c:a0d:0000:0000:4998:1020"; $testRange = "2001:4998:c:a0d:0000:0000:4998:2020"; $this->assertEquals(false, PMA_ipMaskTest($testRange, $ipToTest)); //range $ipToTest = "2001:4998:c:a0d:0000:0000:4998:1020"; $testRange = "2001:4998:c:a0d:0000:0000:4998:[1001-2010]"; $this->assertEquals(true, PMA_ipMaskTest($testRange, $ipToTest)); $ipToTest = "2001:4998:c:a0d:0000:0000:4998:3020"; $testRange = "2001:4998:c:a0d:0000:0000:4998:[1001-2010]"; $this->assertEquals(false, PMA_ipMaskTest($testRange, $ipToTest)); //CDIR $ipToTest = "2001:4998:c:a0d:0000:0000:4998:1020"; $testRange = "2001:4998:c:a0d:0000:0000:4998:[1001-2010]"; $this->assertEquals(true, PMA_ipMaskTest($testRange, $ipToTest)); $ipToTest = "2001:4998:c:a0d:0000:0000:4998:1000"; $testRange = "2001:4998:c:a0d:0000:0000:4998:3020/24"; $this->assertEquals(false, PMA_ipMaskTest($testRange, $ipToTest)); }
/** * Runs through IP Allow/Deny rules the use of it below for more information * * @param string $type 'allow' | 'deny' type of rule to match * * @return bool Matched a rule ? * * @access public * * @see PMA_getIp() */ function PMA_allowDeny($type) { global $cfg; // Grabs true IP of the user and returns if it can't be found $remote_ip = PMA_getIp(); if (empty($remote_ip)) { return false; } // copy username $username = $cfg['Server']['user']; // copy rule database $rules = $cfg['Server']['AllowDeny']['rules']; // lookup table for some name shortcuts $shortcuts = array('all' => '0.0.0.0/0', 'localhost' => '127.0.0.1/8'); // Provide some useful shortcuts if server gives us address: if (PMA_getenv('SERVER_ADDR')) { $shortcuts['localnetA'] = PMA_getenv('SERVER_ADDR') . '/8'; $shortcuts['localnetB'] = PMA_getenv('SERVER_ADDR') . '/16'; $shortcuts['localnetC'] = PMA_getenv('SERVER_ADDR') . '/24'; } foreach ($rules as $rule) { // extract rule data $rule_data = explode(' ', $rule); // check for rule type if ($rule_data[0] != $type) { continue; } // check for username if ($rule_data[1] != '%' && $rule_data[1] != $username) { continue; } // check if the config file has the full string with an extra // 'from' in it and if it does, just discard it if ($rule_data[2] == 'from') { $rule_data[2] = $rule_data[3]; } // Handle shortcuts with above array if (isset($shortcuts[$rule_data[2]])) { $rule_data[2] = $shortcuts[$rule_data[2]]; } // Add code for host lookups here // Excluded for the moment // Do the actual matching now if (PMA_ipMaskTest($rule_data[2], $remote_ip)) { return true; } } // end while return false; }
/** * Runs through IP Allow/Deny rules the use of it below for more information * * @param string 'allow' | 'deny' type of rule to match * * @return bool Matched a rule ? * * @access public * * @see PMA_getIp() */ function PMA_allowDeny($type) { global $cfg; // Grabs true IP of the user and returns if it can't be found $remote_ip = PMA_getIp(); if (empty($remote_ip)) { return FALSE; } // copy username $username = $cfg['Server']['user']; // copy rule database $rules = $cfg['Server']['AllowDeny']['rules']; // lookup table for some name shortcuts $shortcuts = array('all' => '0.0.0.0/0', 'localhost' => '127.0.0.1/8'); foreach ($rules as $rule) { // extract rule data $rule_data = explode(' ', $rule); // check for rule type if ($rule_data[0] != $type) { continue; } // check for username if ($rule_data[1] != '%' && $rule_data[1] != $username) { continue; } // check if the config file has the full string with an extra // 'from' in it and if it does, just discard it if ($rule_data[2] == 'from') { $rule_data[2] = $rule_data[3]; } // Handle shortcuts with above array // DON'T use "array_key_exists" as it's only PHP 4.1 and newer. if (isset($shortcuts[$rule_data[2]])) { $rule_data[2] = $shortcuts[$rule_data[2]]; } // Add code for host lookups here // Excluded for the moment // Do the actual matching now if (PMA_ipMaskTest($rule_data[2], $remote_ip)) { return TRUE; } } // end while return FALSE; }