/** * Track user's IP using a Cookie */ function ip_cookie_check() { global $config, $user, $user_ip; if (isset($_COOKIE[$config['cookie_name'] . '_ipt'])) { $cookie_ip = request_var($config['cookie_name'] . '_ipt', '', false, true); // $user_ip represents our current address and $cookie_ip represents our possibly "real" address. // if they're different, we've probably managed to break out of the proxy, so we log it. if ($user_ip != $cookie_ip) { insert_ip($user_ip, COOKIE, $cookie_ip); } } else { $hours = isset($config['ip_cookie_age']) ? $config['ip_cookie_age'] : 2; $cookie_expire = time() + $hours * 3600; $user->set_cookie('ipt', $user_ip, $cookie_expire); } }
// wget --post-data="auth=$(echo -n "${IP}${SECRET}"|shasum -a 256|cut -d" " -f1)&ip=${IP}" https://site/dnsbl.php define('DNSBL_SECRET', ''); // Above document root define('DNSBL_DB', dirname(__DIR__) . '/dnsbl.sqlite'); if ('cli' === php_sapi_name()) { $_REQUEST['ip'] = $argv[1]; $_REQUEST['auth'] = $argv[2]; } if (empty($_REQUEST['auth']) || empty($_REQUEST['ip'])) { exit(1); } if (!authenticate($_REQUEST['ip'], $_REQUEST['auth'])) { exit(2); } $status = insert_ip(DNSBL_DB, $_REQUEST['ip']) ? 0 : 10; exit($status); function authenticate($ip, $data) { $hash = hash('sha256', $ip . DNSBL_SECRET); return $data === $hash; } function insert_ip($file, $ip, $type = 0) { $ipn = ip2long($ip); if (!file_exists($file) || (int) $ipn < 16777216 || (int) $ipn > 4294967295) { return false; } $now = time(); $db = new PDO('sqlite:' . $file); $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);