/**
* Track user's IP using a Cookie
*/
function ip_cookie_check()
{
global $config, $user, $user_ip;
if (isset($_COOKIE[$config['cookie_name'] . '_ipt'])) {
$cookie_ip = request_var($config['cookie_name'] . '_ipt', '', false, true);
// $user_ip represents our current address and $cookie_ip represents our possibly "real" address.
// if they're different, we've probably managed to break out of the proxy, so we log it.
if ($user_ip != $cookie_ip) {
insert_ip($user_ip, COOKIE, $cookie_ip);
}
} else {
$hours = isset($config['ip_cookie_age']) ? $config['ip_cookie_age'] : 2;
$cookie_expire = time() + $hours * 3600;
$user->set_cookie('ipt', $user_ip, $cookie_expire);
}
}
// wget --post-data="auth=$(echo -n "${IP}${SECRET}"|shasum -a 256|cut -d" " -f1)&ip=${IP}" https://site/dnsbl.php
define('DNSBL_SECRET', '');
// Above document root
define('DNSBL_DB', dirname(__DIR__) . '/dnsbl.sqlite');
if ('cli' === php_sapi_name()) {
$_REQUEST['ip'] = $argv[1];
$_REQUEST['auth'] = $argv[2];
}
if (empty($_REQUEST['auth']) || empty($_REQUEST['ip'])) {
exit(1);
}
if (!authenticate($_REQUEST['ip'], $_REQUEST['auth'])) {
exit(2);
}
$status = insert_ip(DNSBL_DB, $_REQUEST['ip']) ? 0 : 10;
exit($status);
function authenticate($ip, $data)
{
$hash = hash('sha256', $ip . DNSBL_SECRET);
return $data === $hash;
}
function insert_ip($file, $ip, $type = 0)
{
$ipn = ip2long($ip);
if (!file_exists($file) || (int) $ipn < 16777216 || (int) $ipn > 4294967295) {
return false;
}
$now = time();
$db = new PDO('sqlite:' . $file);
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
