function getip($dots = 4)
{
$ips = array();
$indices = array('REMOTE_ADDR', 'HTTP_X_FORWARDED_FOR', 'HTTP_CLIENT_IP');
foreach ($indices as $index) {
// $_SERVER is sometimes for a windows server which can't handle getenv()
$tip = @getenv($index);
if (!empty($tip)) {
$ips[] = $tip;
}
if (!empty($_SERVER[$index])) {
$ips[] = $_SERVER[$index];
}
}
$ips = array_unique($ips);
foreach ($ips as $ip) {
$found = !check_ip($ip);
if ($found == false) {
return ext_iptrim(trim($ip), $dots);
}
}
$b = _EnvValToInt('HTTP_USER_AGENT');
$c = _EnvValToInt('HTTP_ACCEPT');
$d = _EnvValToInt('HTTP_ACCEPT_LANGUAGE');
$ip = "0.{$b}.{$c}.{$d}";
return ext_iptrim($ip, $dots);
}
/**
* Loads an existing session.
*
* @return object Data of the user who is calling this script
*/
function sid_load() {
global $config, $db, $gpc;
if ($config['session_checkip'] > 0) {
$short_ip = ext_iptrim($this->ip, $config['session_checkip']);
if ($config['session_checkip'] != 4) {
$sqliplike = "LIKE '{$short_ip}%'";
}
else {
$sqliplike = "= '{$short_ip}'";
}
$sid_checkip = "(s.sid = '{$this->sid}' AND s.ip {$sqliplike})";
}
else {
$sid_checkip = "s.sid = '{$this->sid}'";
}
if (!array_empty($this->cookiedata) && count($this->cookiedata) == 2) {
$sql = 'u.id = "'.$this->cookiedata[0].'" AND u.pw = "'.$this->cookiedata[1].'"';
}
elseif ($this->get_robot_type() == 'b') {
$sql = 's.ip = "'.$this->ip.'" AND s.mid = "0"';
}
else {
$sql = $sid_checkip;
}
$result = $db->query('
SELECT u.*, f.*, s.lastvisit as clv, s.ip, s.mark, s.pwfaccess, s.sid, s.settings, s.is_bot
FROM '.$db->pre.'session AS s
LEFT JOIN '.$db->pre.'user as u ON s.mid = u.id
LEFT JOIN '.$db->pre.'userfields as f ON f.ufid = u.id
WHERE '.$sql.'
LIMIT 1
');
if ($db->num_rows($result) == 1) {
$my = $this->cleanUserData($db->fetch_object($result));
if ($my->id > 0 && $my->confirm == '11') {
$my->vlogin = TRUE;
}
else {
$my->vlogin = FALSE;
}
}
else {
$this->sidload = true;
$my = $this->sid_new();
}
return $my;
}
function getip($dots = 4)
{
$ips = array();
$indices = array('REMOTE_ADDR', 'HTTP_X_FORWARDED_FOR', 'HTTP_CLIENT_IP');
foreach ($indices as $index) {
// $_SERVER is sometimes for a windows server which can't handle getenv()
$tip = @getenv($index);
if (!empty($tip)) {
$ips[] = $tip;
}
if (!empty($_SERVER[$index])) {
$ips[] = $_SERVER[$index];
}
}
$private_ips = array("/^0\\..+\$/", "/^127\\.0\\.0\\..+\$/", "/^192\\.168\\..+\$/", "/^172\\.16\\..+\$/", "/^10..+\$/", "/^224..+\$/", "/^240..+\$/", "/[^\\d\\.]+/");
$ips = array_unique($ips);
foreach ($ips as $ip) {
$found = false;
if (!preg_match("/[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}/", $ip)) {
$found = true;
}
foreach ($private_ips as $pip) {
if (preg_match($pip, trim($ip))) {
$found = true;
}
}
if ($found == false) {
return ext_iptrim(trim($ip), $dots);
}
}
$b = _EnvValToInt('HTTP_USER_AGENT');
$c = _EnvValToInt('HTTP_ACCEPT');
$d = _EnvValToInt('HTTP_ACCEPT_LANGUAGE');
$ip = "0.{$b}.{$c}.{$d}";
return ext_iptrim($ip, $dots);
}
function sid_load($fromnew = FALSE)
{
global $config, $db, $gpc;
if ($config['session_checkip']) {
$short_ip = ext_iptrim($this->ip, 3);
$sid_checkip = '(s.sid = "' . $this->sid . '" AND s.ip LIKE "' . $short_ip . '%")';
} else {
$sid_checkip = 's.sid = "' . $this->sid . '"';
}
if (!empty($this->cookiedata[0]) && !empty($this->cookiedata[1])) {
$sql = 'u.id = "' . $this->cookiedata[0] . '" AND u.pw = "' . $this->cookiedata[1] . '"';
} elseif ($this->bi[0] != FALSE) {
$sql = 's.ip = "' . $this->ip . '" AND s.mid = "0"';
} else {
$sql = $sid_checkip;
}
$result = $db->query('
SELECT u.*, s.lastvisit as clv, s.ip, s.mark, s.pwfaccess, s.sid, s.settings
FROM ' . $db->pre . 'session AS s LEFT JOIN ' . $db->pre . 'user as u ON s.mid = u.id
WHERE ' . $sql . '
LIMIT 1
', __LINE__, __FILE__);
if ($db->num_rows($result) == 1) {
$my = $gpc->prepare($db->fetch_object($result));
if ($my->id > 0 && $my->confirm == '11') {
$my->vlogin = TRUE;
} else {
$my->vlogin = FALSE;
}
} else {
$my = $this->sid_new(TRUE);
}
return $my;
}
function getip($dots = 4)
{
$ips = array();
// $_SERVER is sometimes for a windows server which can't handle getenv()
if (@getenv("REMOTE_ADDR")) {
$ips[] = @getenv("REMOTE_ADDR");
}
if (isset($_SERVER["REMOTE_ADDR"])) {
$ips[] = $_SERVER["REMOTE_ADDR"];
}
if (@getenv("HTTP_X_FORWARDED_FOR")) {
$ips[] = getenv("HTTP_X_FORWARDED_FOR");
}
if (isset($_SERVER["HTTP_X_FORWARDED_FOR"])) {
$ips[] = $_SERVER["HTTP_X_FORWARDED_FOR"];
}
if (@getenv("HTTP_CLIENT_IP")) {
$ips[] = getenv("HTTP_CLIENT_IP");
}
if (isset($_SERVER["HTTP_CLIENT_IP"])) {
$ips[] = $_SERVER["HTTP_CLIENT_IP"];
}
$private_ips = array("/^0\\..+\$/", "/^127\\.0\\.0\\..+\$/", "/^192\\.168\\..+\$/", "/^172\\.16\\..+\$/", "/^10..+\$/", "/^224..+\$/", "/^240..+\$/", "/[^\\d\\.]+/");
$ips = array_unique($ips);
foreach ($ips as $ip) {
$found = false;
foreach ($private_ips as $pip) {
if (preg_match($pip, trim($ip)) == 1) {
$found = true;
}
}
if ($found == false) {
return ext_iptrim(trim($ip), $dots);
}
}
$b = _EnvValToInt('HTTP_USER_AGENT');
$c = _EnvValToInt('HTTP_ACCEPT');
$d = _EnvValToInt('HTTP_ACCEPT_LANGUAGE');
$ip = "0.{$b}.{$c}.{$d}";
return ext_iptrim($ip, $dots);
}
