Ejemplo n.º 1
0
function isCIDR6($ip)
{
    $ip = explode("/", $ip);
    if (count($ip) == 2) {
        return isIPv6($ip[0]) && is_numeric($ip[1]) && $ip[1] >= 0 && $ip[1] <= 128;
    } else {
        return false;
    }
}
Ejemplo n.º 2
0
function checkDNSBL($use_ip = false)
{
    global $config;
    if (!$use_ip && !isset($_SERVER['REMOTE_ADDR'])) {
        return;
    }
    // Fix your web server configuration
    $ip = $use_ip ? $use_ip : $_SERVER['REMOTE_ADDR'];
    if ($ip == '127.0.0.2') {
        return true;
    }
    if (isIPv6($ip)) {
        return;
    }
    // No IPv6 support yet.
    if (in_array($ip, $config['dnsbl_exceptions'])) {
        return;
    }
    $ipaddr = ReverseIPOctets($ip);
    foreach ($config['dnsbl'] as $blacklist) {
        if (!is_array($blacklist)) {
            $blacklist = array($blacklist);
        }
        if (($lookup = str_replace('%', $ipaddr, $blacklist[0])) == $blacklist[0]) {
            $lookup = $ipaddr . '.' . $blacklist[0];
        }
        if (!($ip = DNS($lookup))) {
            continue;
        }
        // not in list
        $blacklist_name = isset($blacklist[2]) ? $blacklist[2] : $blacklist[0];
        if (!isset($blacklist[1])) {
            // If you're listed at all, you're blocked.
            if ($use_ip) {
                return true;
            } else {
                error(sprintf($config['error']['dnsbl'], $blacklist_name));
            }
        } elseif (is_array($blacklist[1])) {
            foreach ($blacklist[1] as $octet) {
                if ($ip == $octet || $ip == '127.0.0.' . $octet) {
                    return true;
                }
            }
        } elseif (is_callable($blacklist[1])) {
            if ($blacklist[1]($ip)) {
                return true;
            }
        } else {
            if ($ip == $blacklist[1] || $ip == '127.0.0.' . $blacklist[1]) {
                return true;
            }
        }
    }
}
Ejemplo n.º 3
0
 public static function validateToken($token)
 {
     if (is_string($token)) {
         if (trim($token) === "") {
             return null;
         }
         $tokens = new Default_Model_AccessTokens();
         $tokens->filter->token->equals($token);
         if (count($tokens->items) === 0) {
             return false;
         }
         $token = $tokens->items[0];
     } else {
         if ($token instanceof Default_Model_AccessToken) {
             //nothing to do
         } else {
             return false;
         }
     }
     $valid = false;
     $ip = $_SERVER['REMOTE_ADDR'];
     $netfilters = $token->getNetfilters();
     if (count($netfilters) === 0) {
         return true;
     }
     foreach ($netfilters as $netfilter) {
         if ($netfilter == '') {
             // NULL netfilter
             $valid = true;
             break;
         } elseif (isCIDR($netfilter)) {
             if (ipCIDRCheck($ip, $netfilter)) {
                 $valid = true;
                 break;
             }
         } elseif (isCIDR6($netfilter)) {
             if (ipCIDRCheck6($ip, $netfilter)) {
                 $valid = true;
                 break;
             }
         } elseif (isIPv4($netfilter) || isIPv6($netfilter)) {
             if ($ip == $netfilter) {
                 $valid = true;
                 break;
             }
         } else {
             // domain name based netfilter
             $hostname = gethostbyaddr($ip);
             $netfilter = str_replace('\\', '', $netfilter);
             // do not permit escaping
             if (preg_match('/\\.' . str_replace('.', '\\.', $netfilter) . '$/', $hostname) || preg_match('/^' . str_replace('.', '\\.', $netfilter) . '$/', $hostname)) {
                 $valid = true;
                 break;
             }
         }
     }
     if (!$valid) {
         debug_log('[AccessTokens::validateToken]: Invalid API key ' . $token->getToken());
     }
     return $valid;
 }
Ejemplo n.º 4
0
function match_ip_to_ip_or_cidr($ip, $ips_or_cidr_array)
{
    if (isIPv4($ip)) {
        foreach ($ips_or_cidr_array as $ip_or_cidr) {
            if (isIPv4cidr($ip_or_cidr)) {
                if (ip_v4_cidr_match($ip, $ip_or_cidr)) {
                    return true;
                }
            } elseif (isIPv4($ip_or_cidr)) {
                if ($ip == $ip_or_cidr) {
                    return true;
                }
            }
        }
    } else {
        foreach ($ips_or_cidr_array as $ip_or_cidr) {
            if (isIPv6cidr($ip_or_cidr)) {
                if (ip_v6_cidr_match($ip, $ip_or_cidr)) {
                    return true;
                }
            } elseif (isIPv6($ip_or_cidr)) {
                if ($ip == $ip_or_cidr) {
                    return true;
                }
            }
        }
    }
    return false;
}
Ejemplo n.º 5
0
                                    AND user.id", $course_id);
        }
        echo json_encode($data);
        exit;
    }
}
load_js('tools.js');
// the exercise form has been submitted
if (isset($_POST['submitExercise'])) {
    $v = new Valitron\Validator($_POST);
    $v->addRule('ipORcidr', function($field, $value, array $params) {
        //explode here and run a loop
        $IPs = explode(',', $value);
        //matches IPv4/6 and IPv4/6 CIDR ranges
        foreach ($IPs as $ip){
            $valid = isIPv4($ip) || isIPv4cidr($ip) || isIPv6($ip) || isIPv6cidr($ip);
            if (!$valid) return false;
        }
        return true;
    }, $langIPInvalid);      
    $v->rule('required', array('exerciseTitle'));
    $v->rule('numeric', array('exerciseTimeConstraint', 'exerciseAttemptsAllowed'));
    $v->rule('date', array('exerciseEndDate', 'exerciseStartDate'));
    $v->rule('ipORcidr', array('exerciseIPLock')); 
    $v->labels(array(
        'exerciseTitle' => "$langTheField $langExerciseName",
        'exerciseTimeConstraint' => "$langTheField $langExerciseConstrain",
        'exerciseAttemptsAllowed' => "$langTheField $langExerciseAttemptsAllowed",
        'exerciseEndDate' => "$langTheField $langEnd",
        'exerciseStartDate' => "$langTheField $langStart",
        'exerciseIPLock' => "$langTheField IPs"
Ejemplo n.º 6
0
 private function isValidNetFilter($ip)
 {
     $res = isIPv4($ip) > 0 || isIPv6($ip) > 0 || isCIDR($ip) > 0 || isCIDR6($ip) > 0;
     if ($res == false) {
         $res = preg_match('/^(([a-zA-Z]|[a-zA-Z][a-zA-Z0-9\\-]*[a-zA-Z0-9])\\.)*([A-Za-z]|[A-Za-z][A-Za-z0-9\\-]*[A-Za-z0-9])$/', $ip) > 0;
     }
     return $res;
 }
Ejemplo n.º 7
0
 /**
  * check that the apikey is valid for the IP that made the request
  *
  * @key string the API key
  * @netfilter string the netfilter for which the key is valid
  *
  * @return boolean
  * @access private
  */
 private function _validateAPIKey($key)
 {
     $valid = false;
     if ($this->getParam("remoteaddr") != "") {
         $ip = base64_decode($this->getParam("remoteaddr"));
     } else {
         $ip = $_SERVER['REMOTE_ADDR'];
     }
     if (count($key->netfilters) == 0) {
         $valid = true;
     }
     foreach ($key->netfilters as $netfilter) {
         if ($netfilter == '') {
             // NULL netfilter
             $valid = true;
             break;
         } elseif (isCIDR($netfilter)) {
             if (ipCIDRCheck($ip, $netfilter)) {
                 $valid = true;
                 break;
             }
         } elseif (isCIDR6($netfilter)) {
             if (ipCIDRCheck6($ip, $netfilter)) {
                 $valid = true;
                 break;
             }
         } elseif (isIPv4($netfilter) || isIPv6($netfilter)) {
             if ($ip == $netfilter) {
                 $valid = true;
                 break;
             }
         } else {
             // domain name based netfilter
             $hostname = gethostbyaddr($ip);
             $netfilter = str_replace('\\', '', $netfilter);
             // do not permit escaping
             if (preg_match('/\\.' . str_replace('.', '\\.', $netfilter) . '$/', $hostname) || preg_match('/^' . str_replace('.', '\\.', $netfilter) . '$/', $hostname)) {
                 $valid = true;
                 break;
             }
         }
     }
     if (!$valid) {
         error_log('Invalid API key ' . $key->key . "(ip = {$ip})");
     }
     return $valid;
 }
Ejemplo n.º 8
0
    if (intval($extPort) > 0) {
        $webAccessPort = $extPort;
    } else {
        $webAccessPort = exec('/sbin/getcfg System "Web Access Port" -d 8080');
    }
} else {
    $webAccessPort = exec('/sbin/getcfg System "Web Access Port" -d 8080');
}
$webAccessIP = $_SERVER['SERVER_NAME'];
if ($_SERVER['HTTPS'] && exec('/sbin/getcfg Stunnel Enable -d 1') == '1') {
    $protocol = 'https';
    $webAccessPort = exec('/sbin/getcfg Stunnel Port -d 443');
} else {
    $protocol = 'http';
}
if (isIPv6($webAccessIP)) {
    $webAccessUrl = $protocol . '://[' . $webAccessIP . ']:' . $webAccessPort . '/';
} else {
    $webAccessUrl = $protocol . '://' . $webAccessIP . ':' . $webAccessPort . '/';
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
	<head>
<meta http-equiv="expires" content="0">
<script type='text/javascript'>
	location.href = '<?php 
echo $webAccessUrl;
?>
';
</script>
Ejemplo n.º 9
0
function checkDNSBL()
{
    global $config;
    if (isIPv6()) {
        return;
    }
    // No IPv6 support yet.
    if (!isset($_SERVER['REMOTE_ADDR'])) {
        return;
    }
    // Fix your web server configuration
    if (in_array($_SERVER['REMOTE_ADDR'], $config['dnsbl_exceptions'])) {
        return;
    }
    $ip = ReverseIPOctets($_SERVER['REMOTE_ADDR']);
    foreach ($config['dnsbl'] as &$blacklist) {
        $lookup = $ip . '.' . $blacklist;
        $host = gethostbyname($lookup);
        if ($host != $lookup) {
            // On NXDOMAIN (meaning it's not in the blacklist), gethostbyname() returns the host unchanged.
            if (preg_match('/^127\\.0\\.0\\./', $host) && $host != '127.0.0.10') {
                error(sprintf($config['error']['dnsbl'], $blacklist));
            }
        }
    }
}