Example #1
0
function getIP()
{
    $ip_keys = array('HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_X_CLUSTER_CLIENT_IP', 'HTTP_FORWARDED_FOR', 'HTTP_FORWARDED', 'REMOTE_ADDR');
    foreach ($ip_keys as $key) {
        if (array_key_exists($key, $_SERVER) === true) {
            foreach (explode(',', $_SERVER[$key]) as $ip) {
                $ip = trim($ip);
                if (validateIP($ip)) {
                    return $ip;
                }
            }
        }
    }
    return isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : false;
}
 $api = mysql_real_escape_string($_POST['api']);
 $api_success = mysql_real_escape_string($_POST['api_success']);
 $api_errorcode = mysql_real_escape_string($_POST['api_errorcode']);
 ###
 $error = '';
 ###
 if (empty($password_rcon)) {
     $error .= 'Brak hasła rcon. ';
 }
 if (!is_numeric($port_rcon)) {
     $error .= 'Nieprawidłowy port rcon. ';
 }
 if (empty($ip)) {
     $error .= 'Brak adresu ip. ';
 }
 if (validateIP($ip) == FALSE) {
     $error .= 'Błędny adres ip. ';
 }
 if (empty($port)) {
     $error .= 'Brak portu serwera. ';
 }
 if (!is_numeric($port)) {
     $error .= 'Port serwera jest nieprawidłowy. ';
 }
 if (empty($api)) {
     $error .= 'Brak api operatora sms. ';
 }
 if (empty($api_success)) {
     $error .= 'Brak api success code';
 }
 if (empty($api_errorcode)) {
Example #3
0
 /**
  * Function openAccount	: create image and store in folder
  * Input 				: $ImageSignature ( image) , $AccountNo, $Type
  * OutPut 				: path of image
  */
 function OpenAccount($PersonalCard, $Name, $Address, $BankAccountNo, $PartnerType, $dtBirthDay, $PlaceOfBirth, $dtDateIssue, $PlaceIssue, $ZipCode, $Country, $Email, $Phone, $Fax, $CompanyAddress, $CompanyPhone, $MailingAddress, $MailingPhone)
 {
     $class_name = $this->class_name;
     $function_name = 'OpenAccount';
     //vcb_eps/hy6GT^lj(O04h
     $list_args = func_get_args();
     $count = count($list_args);
     $pass = md5('hy6GT^lj(O04h');
     //echo $list_args[$count-1];
     //	echo '  '.$pass;
     if (($this->_ERROR_CODE == 0 || validateIP($_SERVER['REMOTE_ADDR'], FROMIP, TOIP) || validateIP($_SERVER['REMOTE_ADDR'], FROMIP1, TOIP1)) && $list_args[$count - 2] == 'vcb_eps' && ($list_args[$count - 1] == 'hy6GT^lj(O04h' || $list_args[$count - 1] == $pass || $list_args[$count - 1] == strtolower($pass) || $list_args[$count - 1] == strtoupper($pass))) {
         //authenUser(func_get_args(), $this, $function_name) > 0 ){
         //echo $list_args[$count-1];
         //echo '  '.$pass;
         $this->_ERROR_CODE = '0000';
     } else {
         $Name = '';
         $Address = '';
         $Account = '';
         $Status = '';
         $RespString = 'Invalid user/Password';
         $OldNewAccount = '';
         $this->_ERROR_CODE = '8009';
         $RespString = 'IP deny or wrong username/password';
         write_my_log('VCB-test', $_SERVER['REMOTE_ADDR'] . ' function_name ' . $function_name . ' Input PersonalCard ' . $PersonalCard . ' Name ' . $Name . ' Address ' . $Address . ' BankAccountNo ' . $BankAccountNo . ' PartnerType ' . $PartnerType . ' dtBirthDay ' . $dtBirthDay . ' PlaceOfBirth ' . $PlaceOfBirth . ' dtDateIssue ' . $dtDateIssue . ' PlaceIssue ' . $PlaceIssue . ' ZipCode ' . $ZipCode . ' Country ' . $Country . ' Email ' . $Email . ' Phone ' . $Phone . ' Fax ' . $Fax . ' CompanyAddress ' . $CompanyAddress . ' CompanyPhone ' . $CompanyPhone . ' MailingAddress ' . $MailingAddress . ' MailingPhone ' . $MailingPhone . ' ErrorCode ' . $this->_ERROR_CODE . ' ' . date('Y-m-d h:i:s'));
         //mailSMTP('*****@*****.**','*****@*****.**','*****@*****.**','','','Ket noi VietCombank test','Test ket noi VietComBank '.$_SERVER['REMOTE_ADDR'].' function_name '.$function_name.' Input PersonalCard ' .$PersonalCard. ' Name '. $Name. ' Address '. $Address. ' BankAccountNo '. $BankAccountNo. ' PartnerType '. $PartnerType. ' dtBirthDay '. $dtBirthDay. ' PlaceOfBirth '. $PlaceOfBirth. ' dtDateIssue '. $dtDateIssue. ' PlaceIssue '. $PlaceIssue. ' ZipCode '. $ZipCode. ' Country '.$Country. ' Email '. $Email. ' Phone '. $Phone. ' Fax '. $Fax. ' CompanyAddress '.$CompanyAddress. ' CompanyPhone '. $CompanyPhone. ' MailingAddress '. $MailingAddress. ' MailingPhone '. $MailingPhone.' ErrorCode '.$this->_ERROR_CODE.' '.date('Y-m-d h:i:s').' ErrorCode '.$this->_ERROR_CODE);
         $array_input['PersonalCard'] = new SOAP_Value('PersonalCard', 'string', $PersonalCard);
         $array_input['Name'] = new SOAP_Value('Name', 'string', $Name);
         $array_input['Account'] = new SOAP_Value('Account', 'string', $Account);
         $array_input['State'] = new SOAP_Value('State', 'string', $State);
         $array_input['ResponseCode'] = new SOAP_Value('ResponseCode', 'string', $this->_ERROR_CODE);
         $array_input['RespString'] = new SOAP_Value('RespString', 'string', $RespString);
         $array_input['OldNewAccount'] = new SOAP_Value('OldNewAccount', 'string', $OldNewAccount);
         return returnXML(func_get_args(), $this->class_name, $function_name, $array_input, $this);
     }
     $this->_ERROR_CODE = '0000';
     if (!required($Name)) {
         $this->_ERROR_CODE = 8013;
         $RespString = 'Name is null';
     }
     if ($this->_ERROR_CODE == '0000' && !required($BankAccountNo)) {
         $this->_ERROR_CODE = 8016;
         $RespString = 'BankAccountNo is null';
     }
     if ($this->_ERROR_CODE == '0000' && (strlen($dtBirthDay) > 0 && !dateStr($dtBirthDay))) {
         $this->_ERROR_CODE = 8019;
         $RespString = 'Invalid Birthday';
     }
     if ($this->_ERROR_CODE == '0000' && !required($PersonalCard)) {
         $this->_ERROR_CODE = 8072;
         $RespString = 'PersonalCard is null';
     }
     if ($this->_ERROR_CODE == '0000' && isset($PartnerType) && strlen($PartnerType) > 0 && !in_array($PartnerType, array('C', 'F', 'P'))) {
         $this->_ERROR_CODE = 8028;
         $RespString = 'Invalid PartnerType';
     }
     if ($this->_ERROR_CODE == '0000' && (strlen($dtDateIssue) > 0 && !dateStr($dtDateIssue))) {
         $this->_ERROR_CODE = 8020;
         $RespString = 'Invalid dtDateIssue';
     }
     if ($this->_ERROR_CODE == '0000') {
         $BankName = 'VietComBank';
         $pos = strpos($Name, ' ');
         $FirstName = substr($Name, 0, $pos + 1);
         $LastName = substr($Name, $pos + 1);
         $query = sprintf("CALL SP_OpenPrivateAccount_VCB\r\n('%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s','%s')", $FirstName, $LastName, $PartnerType, $Address, $MailingAddress ? $MailingAddress : $Address, $Phone, $MailingPhone, $Email, $dtBirthDay, $PersonalCard, $dtDateIssue, $PlaceIssue, 'F', $BankAccountNo, $Country, $BankName);
         $result = $this->_MDB2_WRITE->extended->getAll($query);
         $this->_MDB2_WRITE->disconnect();
         $Name = '';
         $Address = '';
         $Account = '';
         $Status = '';
         $RespString = '';
         $OldNewAccount = '';
         if (empty($result) || is_object($result)) {
             $this->_ERROR_CODE = 8049;
         } else {
             if (isset($result[0]['varerror'])) {
                 if ($result[0]['varerror'] == -1) {
                     $this->_ERROR_CODE = 8051;
                     //exception
                     $RespString = 'EPS-err : exception';
                 }
                 //if($result[0]['varerror'] == -2) $this->_ERROR_CODE = 18052;// duplicate cardno
                 if ($result[0]['varerror'] == -3) {
                     $this->_ERROR_CODE = 8053;
                     //invalid countryName
                     $RespString = 'EPS-err invalid country name';
                 }
                 if ($result[0]['varerror'] == -4) {
                     $this->_ERROR_CODE = 8054;
                     //update account err
                     $RespString = 'EPS-err update account';
                 }
                 if ($result[0]['varerror'] == -5) {
                     $this->_ERROR_CODE = 8055;
                     //insert investor err
                     $RespString = 'EPS-err insert Investor';
                 }
                 if ($result[0]['varerror'] == -6) {
                     $this->_ERROR_CODE = 8056;
                     //ins MoneyBalance err
                     $RespString = 'EPS-err insert Balance';
                 }
                 if ($result[0]['varerror'] == -2 || $result[0]['varerror'] >= 0) {
                     $Name = $result[0]['v_sfullname'];
                     $Address = $result[0]['sresidentaddress'] ? $result[0]['sresidentaddress'] : '';
                     $Account = $result[0]['v_saccountno'];
                     $Status = $result[0]['v_iisactive'] ? 'A' : 'H';
                     $OldNewAccount = $result[0]['v_icreated'] ? 0 : 1;
                     $RespString = 'Sucess';
                     if ($result[0]['v_icreated'] == 0) {
                         $new_account = array("AccountNo" => $Account, "AccountName" => $Name, "Address" => $Address, "Tel" => $Phone, "InvestorType" => $PartnerType = 'F' ? 2 : 1, "ContractNo" => '', "City" => "", "BankAccount" => $BankAccountNo, "Bank" => 41);
                         //var_dump($new_account);
                         $ret = addNewCustomer($new_account);
                         //	var_dump($ret);
                         if ($ret['table0']['Result'] != 1) {
                             $this->_ERROR_CODE = 8057;
                             //ins MoneyBalance err
                             $RespString = 'Bravo-Error';
                         }
                     }
                 }
             } else {
                 $this->_ERROR_CODE = 8049;
                 $RespString = 'EPS-err: db err';
             }
         }
     }
     $array_input['PersonalCard'] = new SOAP_Value('PersonalCard', 'string', $PersonalCard);
     $array_input['Name'] = new SOAP_Value('Name', 'string', $Name);
     $array_input['Account'] = new SOAP_Value('Account', 'string', $Account);
     $array_input['State'] = new SOAP_Value('State', 'string', $Status);
     $array_input['ResponseCode'] = new SOAP_Value('ResponseCode', 'string', $this->_ERROR_CODE);
     $array_input['RespString'] = new SOAP_Value('RespString', 'string', $RespString);
     $array_input['OldNewAccount'] = new SOAP_Value('OldNewAccount', 'string', $OldNewAccount);
     write_my_log('VCB-test', $_SERVER['REMOTE_ADDR'] . ' function_name ' . $function_name . ' Input PersonalCard ' . $PersonalCard . ' Name ' . $Name . ' Address ' . $Address . ' BankAccountNo ' . $BankAccountNo . ' PartnerType ' . $PartnerType . ' dtBirthDay ' . $dtBirthDay . ' PlaceOfBirth ' . $PlaceOfBirth . ' dtDateIssue ' . $dtDateIssue . ' PlaceIssue ' . $PlaceIssue . ' ZipCode ' . $ZipCode . ' Country ' . $Country . ' Email ' . $Email . ' Phone ' . $Phone . ' Fax ' . $Fax . ' CompanyAddress ' . $CompanyAddress . ' CompanyPhone ' . $CompanyPhone . ' MailingAddress ' . $MailingAddress . ' MailingPhone ' . $MailingPhone . ' Output Account' . $Account . ' State A ' . ErrorCode . $this->_ERROR_CODE . ' ' . date('Y-m-d h:i:s'));
     //mailSMTP('*****@*****.**','*****@*****.**','*****@*****.**','','','Ket noi VietCombank test','Test ket noi VietComBank '.$_SERVER['REMOTE_ADDR'].' function_name '.$function_name.' Input PersonalCard ' .$PersonalCard. ' Name '. $Name. ' Address '. $Address. ' BankAccountNo '. $BankAccountNo. ' PartnerType '. $PartnerType. ' dtBirthDay '. $dtBirthDay. ' PlaceOfBirth '. $PlaceOfBirth. ' dtDateIssue '. $dtDateIssue. ' PlaceIssue '. $PlaceIssue. ' ZipCode '. $ZipCode. ' Country '.$Country. ' Email '. $Email. ' Phone '. $Phone. ' Fax '. $Fax. ' CompanyAddress '.$CompanyAddress. ' CompanyPhone '. $CompanyPhone. ' MailingAddress '. $MailingAddress. ' MailingPhone '. $MailingPhone.' Output Account'.$Account.' State A '. ErrorCode .$this->_ERROR_CODE.' '.date('Y-m-d h:i:s'));
     return returnXML(func_get_args(), $this->class_name, $function_name, $array_input, $this);
 }
Example #4
0
function networkRange($ipAddRange)
{
    if (preg_match('/^([12]?\\d{1,2}\\.[12]?\\d{1,2}\\.[12]?\\d{1,2}\\.[12]?\\d{1,2})(\\/\\d{1,2})?$/', $ipAddRange, $ip_result)) {
        $ip_addr = $ip_result[1];
        if ($ip_result[2] != "") {
            $cidr = str_replace("/", "", $ip_result[2]);
        } else {
            $cidr = 32;
        }
        if (validateIP($ip_addr) and sanitize_int($cidr, $min = '1', $max = '32')) {
            $subnet_mask = long2ip(-1 << 32 - (int) $cidr);
            $ip = ip2long($ip_addr);
            $nm = ip2long($subnet_mask);
            $nw = $ip & $nm;
            $bc = $nw | ~$nm;
            $ipRange['ip'] = long2ip($ip);
            $ipRange['iplong'] = sprintf("%u", $ip);
            $ipRange['cidr'] = $cidr;
            $ipRange['netmask'] = long2ip($nm);
            $ipRange['network'] = long2ip($nw);
            $ipRange['networklong'] = sprintf("%u", $nw);
            $ipRange['broadcast'] = long2ip($bc);
            $ipRange['broadcastlong'] = sprintf("%u", ip2long($ipRange['broadcast']));
            $ipRange['hosts'] = $bc - $nw + 1;
            $ipRange['range'] = long2ip($nw) . " -> " . long2ip($bc);
            return $ipRange;
        } else {
            return false;
        }
    } else {
        return false;
    }
}
Example #5
0
function validRemoteIP($remote_ip)
{
    $mdb2 = initDB();
    //return 0;
    /*$deny_query = sprintf( "SELECT * FROM %s WHERE Deleted='0'", TBL_IP_DENIED);
    	$result = $mdb2->extended->getAll($deny_query);
    	for($i=0; $i<count($result); $i++) {
    		if (!validateIP($remote_ip, $result[$i]['fromaddress'], $result[$i]['toaddress'], 'denied'))
    			return 10013;
    	}	*/
    $allow_query = sprintf("SELECT * FROM %s WHERE Deleted='0'", 'ip_allowed');
    //TBL_IP_ALLOWED);
    $result = $mdb2->extended->getAll($allow_query);
    //$error_code = 10013;
    for ($i = 0; $i < count($result); $i++) {
        //echo $remote_ip;
        //echo $result[$i]['fromaddress'];
        if (validateIP($remote_ip, $result[$i]['fromaddress'], $result[$i]['toaddress'], 'allowed')) {
            return 0;
        }
    }
    $mdb2->disconnect();
    return 10013;
    // valid IP
}
Example #6
0
 if (!$sensorPass) {
     print "Password too short, or too long.";
     break;
 } elseif (preg_match('/[^a-zA-Z0-9\\.\\-\\_\\@\\s]/', $_POST['Pass'])) {
     print "Invalid caracter: use \"a-z A-Z 0-9 . - _ @ / ? = &\"";
     break;
 }
 $sensorIp = $_POST['IP'];
 // will be validated in specific functions.
 if ($sensorIp == "") {
     $sensorIp = null;
 } elseif (preg_match('/^Any$/i', $sensorIp)) {
     $sensorIp = null;
 } elseif (preg_match('/^0.0.0.0$/i', $sensorIp)) {
     $sensorIp = null;
 } elseif (validateIP($sensorIp)) {
     $sensorIp = $sensorIp;
 } else {
     print "Invalid IP Address";
     break;
 }
 $typeList = sensorsType();
 $sensorTypeTry = @sanitize_int($_POST['type'], $min = '0');
 $typeCount = count($typeList[0]);
 foreach ($typeList[0] as $key => $type) {
     if ($type['type'] == $sensorTypeTry) {
         $sensorType = $sensorTypeTry;
         break;
     }
     if ($typeCount == $key + 1) {
         print "Invalid sensor type!";
Example #7
0
}
// filter by a especific source IP
if (isset($_GET['esrc']) or isset($_GET['Not_esrc'])) {
    if ($_GET['esrc'] == "x" or empty($_GET['esrc'])) {
        unset($_SESSION['filter']['esrc']);
        unset($_SESSION['filter']['Not_esrc']);
        if (isset($_SESSION['filterIndexHint'])) {
            unset($_SESSION['filterIndexHint'][array_search("a_client_ip", $_SESSION['filterIndexHint'])]);
        }
    } else {
        if (isset($_GET['Not_esrc']) and $_GET['Not_esrc'] == '1') {
            $_SESSION['filter']['Not_esrc'] = TRUE;
        } else {
            unset($_SESSION['filter']['Not_esrc']);
        }
        if (isset($_GET['esrc']) and validateIP($_GET['esrc'])) {
            $_SESSION['filter']['esrc'] = $_GET['esrc'];
            $_SESSION['filterIndexHint'][] = "a_client_ip";
        } else {
            unset($_SESSION['filter']['esrc']);
            unset($_SESSION['filter']['Not_esrc']);
            if (isset($_SESSION['filterIndexHint'])) {
                unset($_SESSION['filterIndexHint'][array_search("a_client_ip", $_SESSION['filterIndexHint'])]);
            }
        }
    }
}
// filter by a especific source IP Country Code
if (isset($_GET['ipcc']) or isset($_GET['Not_ipcc'])) {
    if ($_GET['ipcc'] == "x" or empty($_GET['ipcc'])) {
        unset($_SESSION['filter']['ipcc']);
Example #8
0
     $charHost = inet_pton($superNet);
     $charMask = inet_pton($superNetMask);
 }
 // Single host mask used for hostmin and hostmax bitwise operations
 $charHostMask = substr(_cdr2Char(127), -strlen($charHost));
 $charWC = ~$charMask;
 // Supernet wildcard mask
 $charNet = $charHost & $charMask;
 // Supernet network address
 $charBcst = $charNet | ~$charMask;
 // Supernet broadcast
 $charHostMin = $charNet | ~$charHostMask;
 // Minimum host
 $charHostMax = $charBcst & $charHostMask;
 // Maximum host
 if (!empty($superNet) && validateIP($superNet) == 'True') {
     //Display Results
     print '<tr><td colspan="4"></td></tr>';
     print '<tr><td colspan="4">';
     print '<textarea rows="20" cols="30">';
     print "auto eth0 \n";
     print 'iface eth0 inet static' . "\n";
     print 'address ' . $ip . "\n";
     print 'network ' . inet_ntop($charNet) . "\n";
     print 'netmask ' . inet_ntop($charMask) . "\n";
     print 'broadcast ' . inet_ntop($charBcst) . "\n";
     print "gateway Gateway Address \n";
     print '</textarea>';
     print '</td></tr>';
 }
 // Calculate subnet mask and cdr
Example #9
0
 }
 unset($ips);
 ###
 $error = '';
 ###
 if (!is_numeric($boxid)) {
     $error .= T_('Invalid BoxID. ');
 } else {
     if (query_numrows("SELECT `name` FROM `" . DBPREFIX . "box` WHERE `boxid` = '" . $boxid . "'") == 0) {
         $error .= T_('Invalid BoxID. ');
     }
 }
 ###
 if (!empty($newip)) {
     // Add IP
     if (!validateIP($newip)) {
         $error .= T_('Invalid IP. ');
     } else {
         if (query_numrows("SELECT `ipid` FROM `" . DBPREFIX . "boxIp` WHERE `ip` = '" . $newip . "' && `boxid` = '" . $boxid . "'") != 0) {
             $error .= T_('This IP is already in use ! ');
         }
     }
 } else {
     // Remove IPs
     if (isset($removeids)) {
         foreach ($removeids as $key => $value) {
             $ip = query_fetch_assoc("SELECT `ip` FROM `" . DBPREFIX . "boxIp` WHERE `ipid` = '" . $value . "' && `boxid` = '" . $boxid . "' LIMIT 1");
             if (query_numrows("SELECT `boxid` FROM `" . DBPREFIX . "box` WHERE `ip` = '" . $ip['ip'] . "' && `boxid` = '" . $boxid . "'") != 0 || query_numrows("SELECT `serverid` FROM `" . DBPREFIX . "server` WHERE `ipid` = '" . $value . "' && `boxid` = '" . $boxid . "'") != 0) {
                 // Passive security
                 unset($removeids[$key]);
             }