function matchCIDR2($addr, $cidr) { // $addr should be an ip address in the format '0.0.0.0' // $cidr should be a string in the format '100/8' // or an array where each element is in the above format $output = false; if ( is_array($cidr) ) { foreach ( $cidr as $cidrlet ) { if ( matchCIDR( $addr, $cidrlet) ) { $output = true; } } } else { list($ip, $mask) = explode('/', $cidr); $mask = 0xffffffff << (32 - $mask); $output = ((ip2long($addr) & $mask) == (ip2long($ip) & $mask)); } return $output; }
function getREMOTE_ADDR() { if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) { $tmp = preg_split('/[ ,]+/', $_SERVER['HTTP_X_FORWARDED_FOR']); return !strncmp($tmp[0], '10.', 3) || !strncmp($tmp[0], '192.168.', 8) || matchCIDR($tmp[0], '172.16.0.0/12') ? $_SERVER['REMOTE_ADDR'] : $tmp[0]; } return $_SERVER['REMOTE_ADDR']; }
/** * 若來源是 CloudFlare IP, 從 CF-Connecting-IP 取得 client IP * CloudFlare IP 來源: https://www.cloudflare.com/ips */ function getRemoteAddrCloudFlare() { $addr = $_SERVER['REMOTE_ADDR']; $cloudflare_v4 = array('199.27.128.0/21', '173.245.48.0/20', '103.21.244.0/22', '103.22.200.0/22', '103.31.4.0/22', '141.101.64.0/18', '108.162.192.0/18', '190.93.240.0/20', '188.114.96.0/20', '197.234.240.0/22', '198.41.128.0/17', '162.158.0.0/15', '104.16.0.0/12'); $cloudflare_v6 = array('2400:cb00::/32', '2606:4700::/32', '2803:f800::/32', '2405:b500::/32', '2405:8100::/32'); if (filter_var($addr, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) { //v4 address foreach ($cloudflare_v4 as &$cidr) { if (matchCIDR($addr, $cidr)) { return $_SERVER['HTTP_CF_CONNECTING_IP']; } } } else { // v6 address foreach ($cloudflare_v6 as &$cidr) { if (matchCIDRv6($addr, $cidr)) { return $_SERVER['HTTP_CF_CONNECTING_IP']; } } } return ''; }
function autoHookRegistBegin(&$name, &$email, &$sub, &$com, $upfileInfo, $accessInfo, $isReply) { global $BANPATTERN, $BAD_FILEMD5, $postInfo; $setfail = true; $postInfo = array($isReply, str_replace("\r\n", '<br>', $com), $sub, $name, $email, $upfileInfo['name'], isset($_POST['loid']) ? $_POST['loid'] : '', $_SERVER['HTTP_USER_AGENT']); // extract fail cookie if (isset($_COOKIE[$this->cookiename])) { $this->failcookie = explode(':', $this->_mybase64_decode($_COOKIE[$this->cookiename])); } if ($this->postlogfile) { $plname = strstr($this->postlogfile, '%s') ? sprintf($this->postlogfile, date('Ymd')) : $this->postlogfile; $pfp = fopen($plname, 'ab'); $outstr = '/ip=' . $accessInfo['ip'] . "\ttime=" . date('Ymd-His'); $pInames = array('re', 'com', 'sub', 'name', 'email', 'upfile', 'loid', 'ua'); $pIcnt = count($postInfo); for ($i = 0; $i < $pIcnt; $i++) { $outstr .= "\t" . (isset($pInames[$i]) ? $pInames[$i] . '=' : '') . $postInfo[$i]; } if (isset($_COOKIE[$this->cookiename])) { $outstr .= "\tfc=" . implode(':', $this->failcookie); } fwrite($pfp, $outstr . "\t/end\n"); fclose($pfp); } // 載入封鎖黑名單定義檔 if (is_file($this->ipfile)) { $BANPATTERN = array_merge($BANPATTERN, array_map('rtrim', $this->_parseBlackListFile($this->ipfile, true))); } if (is_file($this->imgfile)) { $BAD_FILEMD5 = array_merge($BAD_FILEMD5, array_map('rtrim', $this->_parseBlackListFile($this->imgfile, true))); } // IP/Hostname Check $accessInfo['host'] = strtolower($accessInfo['host']); $checkTwice = $accessInfo['ip'] != $accessInfo['host']; // 是否需檢查第二次 $IsBanned = false; if (!isset($_POST['js']) || $_POST['js'] !== 'js') { error('Please enable Javascript'); } // Quick hack 3 /*if(strpos($_SERVER['HTTP_USER_AGENT'],'NT 6.1; rv:12.0')!==false) { $this->_nglog_append($accessInfo['ip'],'badip','High possibility of Seiyuu Chuu detected'.'#postinf='.implode('|',$postInfo)); $IsBanned = true; $setfail = false; }*/ // Quick hack 3 end // Quick hack if (!$IsBanned && (strpos($_SERVER['HTTP_USER_AGENT'], 'VPNGate') !== false || strpos($_SERVER['HTTP_USER_AGENT'], 'FreeSafeIP.com') !== false)) { $this->_nglog_append($accessInfo['ip'], 'badip', 'VPNGate detected' . '#postinf=' . implode('|', $postInfo)); $IsBanned = true; $setfail = false; } // Quick hack end // Quick hack 2 if (!$IsBanned) { $lsval = ''; $lastslash = strrpos($_SERVER['HTTP_USER_AGENT'], '/'); if ($lastslash !== false) { $lsval = substr($_SERVER['HTTP_USER_AGENT'], $lastslash + 1); } $lastspace = strrpos($lsval, ' '); if ($lastspace !== false) { $lsval = substr($lsval, $lastspace + 1); } $lastbmark = strrpos($lsval, ')'); if ($lastbmark !== false) { $lsval = substr($lsval, 0, $lastbmark); } if (strlen($lsval) > 1 && preg_match('/^[0-9A-F]+$/i', $lsval)) { $this->_nglog_append($accessInfo['ip'], 'badip', 'strange user agent detected' . '#postinf=' . implode('|', $postInfo)); $IsBanned = true; $setfail = false; } } // Quick hack 2 end // UA checks if (is_file($this->baduafile)) { $baduas = array_map('rtrim', $this->_parseBlackListFile($this->baduafile, true)); } if (@$baduas[0]) { foreach ($baduas as $badua) { if (preg_match('`' . $badua . '`', $_SERVER['HTTP_USER_AGENT'])) { $this->_nglog_append($accessInfo['ip'], 'badip', 'Bad user agent#postinf=' . implode('|', $postInfo)); $IsBanned = true; $setfail = false; } } } if (!$IsBanned) { foreach ($BANPATTERN as $pattern) { $slash = substr_count($pattern, '/'); if ($slash == 2) { // RegExp $pattern .= 'i'; } elseif ($slash == 1) { // CIDR Notation if (matchCIDR($accessInfo['ip'], $pattern)) { $this->_nglog_append($accessInfo['ip'], 'badip', $pattern . '#postinf=' . implode('|', $postInfo)); $IsBanned = true; break; } continue; } elseif (strpos($pattern, '*') !== false || strpos($pattern, '?') !== false) { // Wildcard $pattern = '/^' . str_replace(array('.', '*', '?'), array('\\.', '.*', '.?'), $pattern) . '$/i'; } else { // Full-text if ($accessInfo['ip'] == $pattern || $checkTwice && $accessInfo['host'] == strtolower($pattern)) { $this->_nglog_append($accessInfo['ip'], 'badip', $pattern . '#postinf=' . implode('|', $postInfo)); $IsBanned = true; break; } continue; } if (preg_match($pattern, $accessInfo['host']) || $checkTwice && preg_match($pattern, $accessInfo['ip'])) { $this->_nglog_append($accessInfo['ip'], 'badip', $pattern . '#postinf=' . implode('|', $postInfo)); $IsBanned = true; break; } } } if (!$IsBanned) { if ($this->_checkProxiesList($accessInfo['ip'])) { $this->_nglog_append($accessInfo['ip'], 'badip', 'OpenProxy Listed' . '#postinf=' . implode('|', $postInfo)); $IsBanned = true; } } if ($IsBanned) { if ($setfail) { $this->_setfailcookie(); } error(_T('ip_banned')); } // process fail cookie if (isset($_COOKIE[$this->cookiename])) { /*if(RENZOKU && ($time - $this->failcookie[0] < RENZOKU*2)){ error(_T('regist_successivepost')); }*/ if (isset($this->failcookie[1]) && $this->failcookie[1] > 5) { $this->_nglog_append($accessInfo['ip'], 'ckban', implode(':', $this->failcookie) . '#postinf=' . implode('|', $postInfo)); $this->_arrangeRecord($this->ipfile, null, $accessInfo['ip'] . "\t" . 'cookie autoban ' . date('Ymd') . "\t" . time() . "\t" . $this->bandays . "\n"); // 同步進行刪除及更新 error(_T('ip_banned')); } } if ($this->_nglog_process($accessInfo['ip'])) { $this->_nglog_append($accessInfo['ip'], 'lgban', (isset($_COOKIE[$this->cookiename]) ? implode('.', $this->failcookie) : 'no-cookie') . '#postinf=' . implode('|', $postInfo)); $this->_arrangeRecord($this->ipfile, null, $accessInfo['ip'] . "\t" . 'nglog autoban ' . date('Ymd') . "\t" . time() . "\t" . $this->bandays . "\n"); // 同步進行刪除及更新 $this->_setfailcookie('ban'); error(_T('ip_banned')); } // Cleanup $BANPATTERN as it passed in upper test $BANPATTERN = array(); if (is_file($this->badstrfile)) { $badstrs = array_map('rtrim', $this->_parseBlackListFile($this->badstrfile, true)); } if (@$badstrs[0]) { foreach ($badstrs as $badstr) { if (preg_match('`' . $badstr . '`', $name) || preg_match('`' . $badstr . '`', $email) || preg_match('`' . $badstr . '`', $sub) || preg_match('`' . $badstr . '`', str_replace("\r\n", '', $com))) { $this->_nglog_append($accessInfo['ip'], 'ngstr', $badstr, implode('|', $postInfo)); $this->_setfailcookie(); error(_T('regist_wordfiltered')); } } } if ($this->use_imghash && file_exists($this->imghash_lib)) { include $this->imghash_lib; if (is_dir(realpath($this->imghash_imgdir))) { $pfolder = opendir($this->imghash_imgdir); //Folder $pnamebase = array(); while ($file = readdir($pfolder)) { if (is_file($this->imghash_imgdir . $file)) { $pnamebase[] = $file; } } closedir($pfolder); for ($i = 0; $i < sizeof($pnamebase); $i++) { if (trim($this->imghash_hashdir) && is_dir($this->imghash_hashdir) && file_exists($this->imghash_hashdir . $pnamebase[$i] . '.imghash')) { list($pw, $ph, $apHash) = explode("\t", file_get_contents($this->imghash_hashdir . $pnamebase[$i] . '.imghash')); $pbase_size = array($pw, $ph); } else { $pbase_size = getimagesize($this->imghash_imgdir . $pnamebase[$i]); $apHash = ImageHash::hashImageFile($this->imghash_imgdir . $pnamebase[$i]); if (trim($this->imghash_hashdir) && is_dir($this->imghash_hashdir)) { file_put_contents($this->imghash_hashdir . $pnamebase[$i] . '.imghash', $pbase_size[0] . "\t" . $pbase_size[1] . "\t" . $apHash); } } $dpHash = ImageHash::hashImageFileCropped($upfileInfo['file'], $pbase_size[0], $pbase_size[1]); if (ImageHash::isHashSimilar($apHash, $dpHash) || ImageHash::isImageSimilarWithHash($dest, $apHash)) { $this->_nglog_append($accessInfo['ip'], 'phash', $pnamebase[$i], '' . '#postinf=' . implode('|', $postInfo)); $this->_setfailcookie(); error(_T('regist_upload_blocked')); //拒絶画像 } } } } }
if ($_REQUEST[client]) { $client = $_REQUEST[client]; } if ($_REQUEST[od_sob]) { $od_sob = $_REQUEST[od_sob]; } include 'g_common.inc'; $plink = mylink(); //======取出商家檢查碼 $client = mysql_real_escape_string($client); $str = "SELECT chma,webip_bk,ipcheck_bk FROM o_user WHERE client={$client} limit 1 "; $qq = mysql_query($str, $plink); list($chma, $webip_bk, $ipcheck_bk) = @mysql_fetch_row($qq); if ($webIP_Check_sw && $client != 3) { $sssip = $_SERVER["REMOTE_ADDR"]; if ($sssip != '211.23.128.211' && $sssip != '175.99.72.120' && !matchCIDR($sssip, "60.199.179.0/24")) { //這是對 ecbank ip 作放行的動作, 不比對 if (!$webip_bk || !$ipcheck_bk) { echo 'error_無設定主機IP,無法取得驗證碼! ' . "目前抓到的主機IP: {$sssip}"; exit; } $v = substr_count($webip_bk, $sssip); if (!$v) { echo 'error_非法主機IP,無法取得驗證碼! ' . "目前抓到的主機IP: {$sssip}"; exit; } } } $od_sob = time() . '***' . $od_sob; $od_sob = fnEncrypt($od_sob, $chma, $ap_IV); //壓碼
<? if($_GET['ip']) $ip = $_GET['ip']; else $ip = $_SERVER['REMOTE_ADDR']; $cidr = file("/www/torrent.is/www/bann-listi.txt"); if(matchCIDR($ip, $cidr)) $allow = 0; echo $ip.'<br />'; echo $allow; ?>
<?php function matchCIDR($addr, $cidr) { list($ip, $mask) = explode('/', $cidr); if ($mask == NULL) { $mask = 32; } return ip2long($addr) >> 32 - $mask == ip2long($ip) >> 32 - $mask; } $addr = "172.168.41.90"; $cidrs = array("192.168.190.0/16", "172.16.0.0"); foreach ($cidrs as $cidr) { $ret = matchCIDR($addr, $cidr); if ($ret == 1) { echo "addr in the cidrs"; break; } } if ($ret == NULL) { echo "the add not in the subnet"; }
<?php //source from http://note.tc.edu.tw/196.html function matchCIDR($addr, $cidr) { list($ip, $mask) = explode('/', $cidr); return ip2long($addr) >> 32 - $mask == ip2long($ip) >> 32 - $mask; } $schcidr = "163.17.210.129/25"; $sfs3Board = "http://163.17.39.135/modules/board/"; $agent = "http://web.dayes.tc.edu.tw/jsonBoard/#/page"; $ip = $_SERVER["REMOTE_ADDR"]; if (matchCIDR($ip, $schcidr)) { header("Location: {$sfs3Board}"); } else { header("Location: {$agent}"); }
function hostblock() { global $no_host; if (is_array($no_host)) { $HOST = strtolower(gethostbyaddr($IP = getenv("REMOTE_ADDR"))); $checkTwice = $IP != $HOST; $IsBanned = false; foreach ($no_host as $pattern) { $slash = substr_count($pattern, '/'); if ($slash == 2) { // RegExp $pattern .= 'i'; } elseif ($slash == 1) { // CIDR Notation if (matchCIDR($IP, $pattern)) { $IsBanned = true; break; } continue; } elseif (strpos($pattern, '*') !== false || strpos($pattern, '?') !== false) { // Wildcard $pattern = '/^' . str_replace(array('.', '*', '?'), array('\\.', '.*', '.?'), $pattern) . '$/i'; } else { // Full-text if ($IP == $pattern || $checkTwice && $HOST == strtolower($pattern)) { $IsBanned = true; break; } continue; } if (preg_match($pattern, $HOST) || $checkTwice && preg_match($pattern, $IP)) { $IsBanned = true; break; } } if ($IsBanned || externalIPQuery($IP)) { die("403"); } } }
function getREMOTE_ADDR() { // 同時有 VIA 和 FORWARDED_FOR 較可能為 Proxy if (isset($_SERVER['HTTP_VIA']) && isset($_SERVER['HTTP_X_FORWARDED_FOR'])) { $tmp = preg_split('/[ ,]+/', $_SERVER['HTTP_X_FORWARDED_FOR']); // 防止 Squid "unknown" 問題,此種情況直接使用 REMOTE_ADDR return $tmp[0] != 'unknown' && !matchCIDR($tmp[0], '10.0.0.0/8') && !matchCIDR($tmp[0], '172.16.0.0/12') && !matchCIDR($tmp[0], '192.168.0.0/16') && !matchCIDR($tmp[0], '127.0.0.1/8') ? $tmp[0] : $_SERVER['REMOTE_ADDR']; } return $_SERVER['REMOTE_ADDR']; }
function BanIPHostCheck($IP, $HOST, $list) { // IP/Hostname Check $HOST = strtolower($HOST); $checkTwice = $IP != $HOST; // 是否需檢查第二次 $IsBanned = false; foreach ($list as $pattern) { $slash = substr_count($pattern, '/'); if ($slash == 2) { // RegExp $pattern .= 'i'; } elseif ($slash == 1) { // CIDR Notation if (matchCIDR($IP, $pattern)) { $IsBanned = true; break; } continue; } elseif (strpos($pattern, '*') !== false || strpos($pattern, '?') !== false) { // Wildcard $pattern = '/^' . str_replace(array('.', '*', '?'), array('\\.', '.*', '.?'), $pattern) . '$/i'; } else { // Full-text if ($IP == $pattern || $checkTwice && $HOST == strtolower($pattern)) { $IsBanned = true; break; } continue; } if (preg_match($pattern, $HOST) || $checkTwice && preg_match($pattern, $IP)) { $IsBanned = true; break; } } if ($IsBanned) { $baninfo = 'ip banned'; return true; } return false; }
<?php define('NO_CSRF', 1); $allow_fp = 1; $rpath = "../"; require_once $_SERVER['DOCUMENT_ROOT'] . "/classes/stdf.php"; require_once $_SERVER['DOCUMENT_ROOT'] . "/classes/osmppay.php"; require_once $_SERVER['DOCUMENT_ROOT'] . "/classes/log.php"; if (!matchCIDR($_SERVER['HTTP_X_FORWARDED_FOR'], "79.142.16.0/20") && !in_array($_SERVER['HTTP_X_FORWARDED_FOR'], array('91.142.84.91', '91.142.84.102', '91.142.84.103'))) { header("HTTP/1.1 404 Not Found"); exit; } $account = new osmppay(); $op_id = 0; $result = 0; if ($_GET['command'] === "check") { if ($_GET['account'] && $_GET['txn_id'] && $_GET['sum']) { $error = $account->prepare($result, $_GET['account'], $_GET['txn_id'], $_GET['sum']); } else { $result = 300; $error = "Неполный запрос"; } $comment = $error ? $error : "Аккаунт найден"; } elseif ($_GET['command'] === "pay") { $sum = $_GET['sum']; if ($sum && $_GET['account'] && $_GET['txn_id'] && $_GET['txn_date']) { $error = $account->checkdeposit($op_id, $result, $sum, $_GET['account'], $_GET['txn_id'], $_GET['txn_date']); if ($error) { $result = 300; $error = "Неполный запрос"; }