function fn_validate_domain_name($name, $show_error = false) { if (empty($name)) { return false; } if (preg_match('/^([?*-a-z0-9]+\\.)+([*?a-z]{2,4}|[*]+)$/i', $name) || fn_validate_ip($name)) { return true; } elseif ($show_error) { fn_set_notification('E', __('error'), __('text_not_valid_domain', array('[domain]' => $name))); } return false; }
function fn_update_access_restriction_rule($rule_data, $rule_id = 0, $lang_code = DESCR_SL) { if ($rule_data['section'] == 'ip' || $rule_data['section'] == 'admin_panel') { $visitor_ip = fn_get_ip(true); if (!empty($rule_data['range_from']) || !empty($rule_data['range_to'])) { $range_from = empty($rule_data['range_from']) ? $rule_data['range_to'] : $rule_data['range_from']; $range_to = empty($rule_data['range_to']) ? $rule_data['range_from'] : $rule_data['range_to']; if (fn_validate_ip($range_from, true) && fn_validate_ip($range_to, true)) { $type_s = $rule_data['section'] == 'ip' ? 'ip' : 'aa'; $_data = array('ip_from' => sprintf("%u", ip2long($range_from)), 'ip_to' => sprintf("%u", ip2long($range_to)), 'timestamp' => TIME, 'status' => $rule_data['status'], 'type' => $range_from == $range_to ? $type_s . 's' : $type_s . 'r'); if ($rule_data['section'] == 'admin_panel' && Registry::get('addons.access_restrictions.admin_reverse_ip_access') != 'Y' && $_data['ip_from'] <= $visitor_ip['host'] && $_data['ip_to'] >= $visitor_ip['host']) { fn_set_notification('W', __('warning', '', $lang_code), __('warning_of_ip_adding', array('[entered_ip]' => long2ip($_data['ip_from']) . ($_data['ip_from'] == $_data['ip_to'] ? '' : '-' . long2ip($_data['ip_to'])), '[your_ip]' => long2ip($visitor_ip['host'])), $lang_code)); } else { $rule_id = $_data['item_id'] = db_query("INSERT INTO ?:access_restriction ?e", $_data); $_data['reason'] = $rule_data['reason']; foreach (fn_get_translation_languages() as $_data['lang_code'] => $v) { db_query("INSERT INTO ?:access_restriction_reason_descriptions ?e", $_data); } } } } // Add domains } elseif ($rule_data['section'] == 'domain') { if (fn_validate_domain_name($rule_data['value'], true)) { $rule_data['type'] = 'd'; // Domain $rule_data['timestamp'] = TIME; $rule_id = $rule_data['item_id'] = db_query("INSERT INTO ?:access_restriction ?e", $rule_data); foreach (fn_get_translation_languages() as $rule_data['lang_code'] => $v) { db_query("INSERT INTO ?:access_restriction_reason_descriptions ?e", $rule_data); } } // Add emails } elseif ($rule_data['section'] == 'email') { if (strstr($rule_data['value'], '@') && strpos($rule_data['value'], '*@') !== 0) { if (fn_validate_email($rule_data['value'], true) && fn_validate_domain_name(substr($rule_data['value'], strpos($rule_data['value'], '@')), true)) { $rule_data['type'] = 'es'; // specific E-Mail $rule_data['timestamp'] = TIME; $rule_id = $rule_data['item_id'] = db_query("INSERT INTO ?:access_restriction ?e", $rule_data); foreach (fn_get_translation_languages() as $rule_data['lang_code'] => $v) { db_query("INSERT INTO ?:access_restriction_reason_descriptions ?e", $rule_data); } } } else { $_domain = strpos($rule_data['value'], '*@') === 0 ? substr($rule_data['value'], 2) : $rule_data['value']; if (fn_validate_domain_name($_domain, true)) { $rule_data['type'] = 'ed'; // E-Mail domain $rule_data['timestamp'] = TIME; $rule_id = $rule_data['item_id'] = db_query("INSERT INTO ?:access_restriction ?e", $rule_data); foreach (fn_get_translation_languages() as $rule_data['lang_code'] => $v) { db_query("INSERT INTO ?:access_restriction_reason_descriptions ?e", $rule_data); } } } // Add credit cards } elseif ($rule_data['section'] == 'credit_card') { if (fn_validate_cc_number($rule_data['value'], true)) { $rule_data['type'] = 'cc'; // specific Credit Card Number $rule_data['timestamp'] = TIME; $rule_id = $rule_data['item_id'] = db_query("INSERT INTO ?:access_restriction ?e", $rule_data); foreach (fn_get_translation_languages() as $rule_data['lang_code'] => $v) { db_query("INSERT INTO ?:access_restriction_reason_descriptions ?e", $rule_data); } } } return $rule_id; }
// if (!defined('AREA')) { die('Access denied'); } if ($_SERVER['REQUEST_METHOD'] == 'POST') { if ($mode == 'add') { // Add IPs to the Customer and admin area if ($_REQUEST['selected_section'] == 'ip' || $_REQUEST['selected_section'] == 'admin_panel') { $ip = $_REQUEST['selected_section'] == 'ip' ? $_REQUEST['ip'] : $_REQUEST['admin_panel']; $visitor_ip = fn_get_ip(true); foreach ($ip as $k => $v) { $_data = array(); if (!empty($v['range_from']) || !empty($v['range_to'])) { $range_from = empty($v['range_from']) ? $v['range_to'] : $v['range_from']; $range_to = empty($v['range_to']) ? $v['range_from'] : $v['range_to']; if (fn_validate_ip($range_from, true) && fn_validate_ip($range_to, true)) { $_data['ip_from'] = sprintf("%u", ip2long($range_from)); $_data['ip_to'] = sprintf("%u", ip2long($range_to)); $type_s = $_REQUEST['selected_section'] == 'ip' ? 'ip' : 'aa'; $_data['type'] = $range_from == $range_to ? $type_s . 's' : $type_s . 'r'; // IP range or specific $_data['timestamp'] = TIME; $_data['status'] = $v['status']; if ($_REQUEST['selected_section'] == 'admin_panel' && Registry::get('addons.access_restrictions.admin_reverse_ip_access') != 'Y' && $_data['ip_from'] <= $visitor_ip['host'] && $_data['ip_to'] >= $visitor_ip['host']) { $msg = fn_get_lang_var('warning_of_ip_adding', DESCR_SL); $msg = str_replace('[entered_ip]', long2ip($_data['ip_from']) . ($_data['ip_from'] == $_data['ip_to'] ? '' : '-' . long2ip($_data['ip_to'])), $msg); $msg = str_replace('[your_ip]', long2ip($visitor_ip['host']), $msg); fn_set_notification('W', fn_get_lang_var('warning', DESCR_SL), $msg); } else { $_data['item_id'] = db_query("INSERT INTO ?:access_restriction ?e", $_data); $_data['reason'] = $v['reason'];