/** * Learn about an IP address * * @return @e void [Outputs to screen] */ protected function _learnIP() { if ($this->request['ip'] == "") { $this->_toolsIndex($this->lang->words['t_noip']); return false; } $ip = trim($this->request['ip']); $resolved = $this->lang->words['t_partip']; $exact = 0; if (substr_count($ip, '.') == 3) { $exact = 1; } if (strstr($ip, '*')) { $exact = 0; $ip = str_replace("*", "", $ip); } //----------------------------------------- // Warning...ipv6 doesn't tend to resolve properly on // some Windows machines - this seems to be an OS limitation //----------------------------------------- if (IPSLib::validateIPv6($ip) == true) { $exact = 1; } if ($exact == 1) { $resolved = @gethostbyaddr($ip); $query = "='" . $ip . "'"; } else { $query = " LIKE '" . $ip . "%'"; } $results = IPSLib::findIPAddresses($query); //----------------------------------------- // INIT //----------------------------------------- $registered = array(); $posted = array(); $voted = array(); $emailed = array(); $validating = array(); //----------------------------------------- // Find registered members //----------------------------------------- if (count($results['members'])) { foreach ($results['members'] as $m) { $m['_joined'] = ipsRegistry::getClass('class_localization')->getDate($m['joined'], 'SHORT'); $registered[] = $m; } unset($results['members']); } //----------------------------------------- // Find Names POSTED under //----------------------------------------- if (count($results['posts'])) { foreach ($results['posts'] as $m) { $m['members_display_name'] = $m['members_display_name'] ? $m['members_display_name'] : $this->lang->words['t_guest']; $m['email'] = $m['email'] ? $m['email'] : $this->lang->words['t_notavail']; $m['_post_date'] = ipsRegistry::getClass('class_localization')->getDate($m['date'], 'SHORT'); $posted[] = $m; } unset($results['posts']); } //----------------------------------------- // Find Names VOTED under //----------------------------------------- if (count($results['voters'])) { foreach ($results['voters'] as $m) { $m['members_display_name'] = $m['members_display_name'] ? $m['members_display_name'] : $this->lang->words['t_guest']; $m['email'] = $m['email'] ? $m['email'] : $this->lang->words['t_notavail']; $m['_vote_date'] = ipsRegistry::getClass('class_localization')->getDate($m['date'], 'SHORT'); $voted[] = $m; } unset($results['voters']); } //----------------------------------------- // Find Names VALIDATING under //----------------------------------------- if (count($results['validating'])) { foreach ($results['validating'] as $m) { $m['members_display_name'] = $m['members_display_name'] ? $m['members_display_name'] : $this->lang->words['t_guest']; $m['email'] = $m['email'] ? $m['email'] : $this->lang->words['t_notavail']; $m['_entry_date'] = ipsRegistry::getClass('class_localization')->getDate($m['date'], 'SHORT'); $validating[] = $m; } unset($results['validating']); } //----------------------------------------- // And output //----------------------------------------- $this->registry->output->html .= $this->html->learnIPResults($resolved, $registered, $posted, $voted, $emailed, $validating, $results); }
/** * Authorize * * @access public * @return @e void */ public function __construct() { /* Make object */ $this->registry = ipsRegistry::instance(); $this->DB = $this->registry->DB(); $this->settings =& $this->registry->fetchSettings(); $this->request =& $this->registry->fetchRequest(); //-------------------------------------------- // Got a cookie wookey? //-------------------------------------------- $_adsess = ipsRegistry::$request['adsess']; $_time_out_mins = defined('IPB_ACP_SESSION_TIME_OUT') ? IPB_ACP_SESSION_TIME_OUT : 60; //----------------------------------------- // If the cookie doesn't match URL... use URL? //----------------------------------------- if ($_adsess) { $this->session_type = 'url'; ipsRegistry::$request['adsess'] = $_adsess; } //-------------------------------------------- // Continue... //-------------------------------------------- if (!ipsRegistry::$request['adsess']) { //-------------------------------------------- // No URL adsess found, lets log in. //-------------------------------------------- return $this->_response(0, ''); } else { //-------------------------------------------- // We have a URL adsess, lets verify... //-------------------------------------------- $this->DB->build(array('select' => '*', 'from' => 'core_sys_cp_sessions', 'where' => "session_id='" . IPSText::md5clean(ipsRegistry::$request['adsess']) . "'")); $this->DB->execute(); $session_data = $this->DB->fetch(); $_tab_data = unserialize($session_data['session_app_data']); $_tab_data = is_array($_tab_data) ? $_tab_data : array(); if ($session_data['session_id'] == "") { //-------------------------------------------- // Fail-safe, no DB record found, lets log in.. //-------------------------------------------- return $this->_response(0, ''); } else { if ($session_data['session_member_id'] == "") { //-------------------------------------------- // No member ID is stored, log in! //-------------------------------------------- return $this->_response(0, 'session_nomemberid'); } else { //-------------------------------------------- // Key is good, check the member details //-------------------------------------------- $this->DB->build(array('select' => 'm.*', 'from' => array('members' => 'm'), 'where' => "member_id=" . intval($session_data['session_member_id']), 'add_join' => array(0 => array('select' => 'g.*', 'from' => array('groups' => 'g'), 'where' => 'm.member_group_id=g.g_id', 'type' => 'left'), 1 => array('select' => 's.*', 'from' => array('core_sys_login' => 's'), 'where' => 's.sys_login_id = m.member_id', 'type' => 'left')))); $this->DB->execute(); self::$data_store = $this->DB->fetch(); self::$data_store = self::instance()->setUpSecondaryGroups(self::$data_store); //-------------------------------------------- // Get perms //-------------------------------------------- if (self::$data_store['member_id'] == "") { //-------------------------------------------- // Ut-oh, no such member, log in! //-------------------------------------------- return $this->_response(0, 'session_invalidmid'); } else { //-------------------------------------------- // Member found, check passy //-------------------------------------------- //if ( $session_data['session_member_login_key'] != self::$data_store['member_login_key'] ) //{ // //-------------------------------------------- // // Passys don't match.. // //-------------------------------------------- // // return $this->_response( 0, 'Session member password mismatch' ); //} //else //{ //-------------------------------------------- // Do we have admin access? //-------------------------------------------- if (self::$data_store['g_access_cp'] != 1) { return $this->_response(0, 'session_noaccess'); } else { $this->_validated = TRUE; } //} } } } } //-------------------------------------------- // If we're here, we're valid... //-------------------------------------------- if ($this->_validated === TRUE) { if ($session_data['session_running_time'] < time() - $_time_out_mins * 60) { self::$data_store = array(); self::setMember(0); $this->_validated = FALSE; return $this->_response(0, 'session_timeout'); } else { if (IPB_ACP_IP_MATCH) { if ($session_data['session_ip_address'] != self::instance()->ip_address or !IPSLib::validateIPv4($session_data['session_ip_address']) and !IPSLib::validateIPv6($session_data['session_ip_address']) or !IPSLib::validateIPv4(self::instance()->ip_address) and !IPSLib::validateIPv6(self::instance()->ip_address)) { self::$data_store = array(); self::setMember(0); $this->_validated = FALSE; return $this->_response(0, 'session_mismatchip'); } } } self::setMember(self::$data_store['member_id']); //----------------------------------------- // Fix up secondary groups //----------------------------------------- if (self::$data_store['mgroup_others']) { $groups_id = explode(',', self::$data_store['mgroup_others']); $masks = array(); $cache = ipsRegistry::cache()->getCache('group_cache'); if (count($groups_id)) { foreach ($groups_id as $pid) { if (empty($cache[$pid]['g_id'])) { continue; } //----------------------------------------- // Got masks? //----------------------------------------- if ($cache[$pid]['g_perm_id']) { self::$data_store['g_perm_id'] .= ',' . $cache[$pid]['g_perm_id']; } } } } //----------------------------------------- // Current Location, used for online list //----------------------------------------- $module = ipsRegistry::$request['module'] != 'ajax' ? ipsRegistry::$request['module'] : $session_data['session_location']; $location = $session_data['session_url']; if (IPS_APP_COMPONENT && ipsRegistry::$request['module'] != 'ajax') { $location = str_ireplace("login=yes", "", ipsRegistry::$settings['query_string_safe']); $location = ltrim($location, '?'); $location = preg_replace("!adsess=(\\w){32}!", "", $location); $location = preg_replace("!&mshow=(.+?)*!i", "", $location); $location = preg_replace("!&st=(.+?)*!i", "", $location); $location = preg_replace("!&messageinabottleacp=(.+?)*!i", "", $location); } /* Compare user-agent stuff */ $session_data['_session_app_data'] = unserialize($session_data['session_app_data']); if (is_array($session_data['_session_app_data']) and $session_data['_session_app_data']['uagent_key']) { if ($session_data['_session_app_data']['uagent_raw'] != self::instance()->user_agent) { $session_data['_session_app_data'] = self::_processUserAgent(); $session_data['_session_app_data']['uagent_raw'] = self::instance()->user_agent; } } else { $session_data['_session_app_data'] = self::_processUserAgent(); $session_data['_session_app_data']['uagent_raw'] = self::instance()->user_agent; } //----------------------------------------- // Done... //----------------------------------------- $this->DB->update('core_sys_cp_sessions', array('session_running_time' => time(), 'session_location' => $module, 'session_url' => $location, 'session_app_data' => serialize($session_data['_session_app_data']), 'session_member_name' => self::$data_store['members_display_name']), 'session_member_id=' . intval(self::$data_store['member_id']) . " and session_id='" . ipsRegistry::$request['adsess'] . "'"); return $this->_response(1, '', $session_data['_session_app_data']); } }
/** * Singleton init method * * @return @e void */ protected static function init() { if (self::$initiated !== TRUE) { //----------------------------------------- // IP Address //----------------------------------------- if (ipsRegistry::$settings['xforward_matching']) { //foreach( array_reverse( explode( ',', my_getenv('HTTP_X_FORWARDED_FOR') ) ) as $x_f ) // See http://community.invisionpower.com/resources/bugs.html/_/ip-board/multiple-ips-in-x-forwarded-for-r37844 foreach (explode(',', my_getenv('HTTP_X_FORWARDED_FOR')) as $x_f) { $addrs[] = trim($x_f); } $addrs[] = my_getenv('HTTP_CLIENT_IP'); $addrs[] = my_getenv('HTTP_X_CLUSTER_CLIENT_IP'); $addrs[] = my_getenv('HTTP_PROXY_USER'); } $addrs[] = my_getenv('REMOTE_ADDR'); //----------------------------------------- // Do we have one yet? //----------------------------------------- foreach ($addrs as $ip) { //----------------------------------------- // IP v4 //----------------------------------------- if (IPSLib::validateIPv4($ip)) { self::instance()->ip_address = $ip; break; } else { if (IPSLib::validateIPv6($ip)) { self::instance()->ip_address = $ip; break; } } } //----------------------------------------- // Make sure we take a valid IP address //----------------------------------------- if (!self::instance()->ip_address and !isset($_SERVER['SHELL']) and $_SERVER['SESSIONNAME'] != 'Console') { if (!defined('IPS_IS_SHELL') or !IPS_IS_SHELL) { print "Could not determine your IP address"; exit; } } //----------------------------------------- // Get user-agent, browser and OS //----------------------------------------- self::instance()->user_agent = IPSText::parseCleanValue(my_getenv('HTTP_USER_AGENT')); self::instance()->operating_system = self::_fetch_os(); if (IPS_AREA == 'admin') { $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/session/adminSessions.php', 'adminSessions'); /** * Support for extending the session class */ if (is_file(IPS_ROOT_PATH . "sources/classes/session/ssoAdminSessions.php")) { $classToLoadA = IPSLib::loadLibrary(IPS_ROOT_PATH . "sources/classes/session/ssoAdminSessions.php", 'ssoAdminSessions'); /** * Does the ssoAdminSessions class exist? */ if (class_exists($classToLoadA)) { $parent = get_parent_class($classToLoadA); /** * Is it a child of adminSessions */ if ($parent == $classToLoad) { self::$session_class = new $classToLoadA(); } else { self::$session_class = new $classToLoad(); } } } else { self::$session_class = new $classToLoad(); } } else { $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/session/publicSessions.php', 'publicSessions'); /** * Support for extending the session class */ if (is_file(IPS_ROOT_PATH . "sources/classes/session/ssoPublicSessions.php")) { $classToLoadA = IPSLib::loadLibrary(IPS_ROOT_PATH . "sources/classes/session/ssoPublicSessions.php", 'ssoPublicSessions'); /** * Does the ssoPublicSessions class exist? */ if (class_exists($classToLoadA)) { $parent = get_parent_class($classToLoadA); /** * Is it a child of publicSessions */ if ($parent == $classToLoad) { self::$session_class = new $classToLoadA(); } else { self::$session_class = new $classToLoad(); } } } else { self::$session_class = new $classToLoad(); } //----------------------------------------- // Set other //----------------------------------------- self::$data_store['publicSessionID'] = self::$session_class->session_data['id']; } //----------------------------------------- // Set user agent //----------------------------------------- $_cookie = IPSCookie::get("uagent_bypass"); self::$data_store['userAgentKey'] = isset(self::$session_class->session_data['uagent_key']) ? self::$session_class->session_data['uagent_key'] : ''; self::$data_store['userAgentType'] = isset(self::$data_store['uagent_type']) ? self::$data_store['uagent_type'] : self::$session_class->session_data['uagent_type']; self::$data_store['userAgentVersion'] = isset(self::$session_class->session_data['uagent_version']) ? self::$session_class->session_data['uagent_version'] : ''; self::$data_store['userAgentBypass'] = $_cookie ? true : (isset(self::$session_class->session_data['uagent_bypass']) ? self::$session_class->session_data['uagent_bypass'] : ''); self::$data_store['forumsModeratorData'] = array(); /* Some mobile app set up */ if (self::$data_store['userAgentType'] == 'mobileApp') { /* This converts non UTF-8 POST/GET data in __construct */ $classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . '/sources/base/ipsMobileApp.php', 'ipsMobileApp'); ipsRegistry::setClass('isMobileApp', new $classToLoad()); } } }
/** * Our singleton INIT function * * @access protected * @return @e void */ protected static function init() { if (self::$initiated !== TRUE) { //----------------------------------------- // IP Address //----------------------------------------- if (ipsRegistry::$settings['xforward_matching']) { foreach (array_reverse(explode(',', my_getenv('HTTP_X_FORWARDED_FOR'))) as $x_f) { $addrs[] = trim($x_f); } $addrs[] = my_getenv('HTTP_CLIENT_IP'); $addrs[] = my_getenv('HTTP_X_CLUSTER_CLIENT_IP'); $addrs[] = my_getenv('HTTP_PROXY_USER'); } $addrs[] = my_getenv('REMOTE_ADDR'); //----------------------------------------- // Do we have one yet? //----------------------------------------- foreach ($addrs as $ip) { //----------------------------------------- // IP v4 //----------------------------------------- if (IPSLib::validateIPv4($ip)) { self::instance()->ip_address = $ip; break; } else { if (IPSLib::validateIPv6($ip)) { self::instance()->ip_address = $ip; break; } } } //----------------------------------------- // Make sure we take a valid IP address //----------------------------------------- if (!self::instance()->ip_address and !isset($_SERVER['SHELL']) and $_SERVER['SESSIONNAME'] != 'Console') { print "Could not determine your IP address"; exit; } if (IPS_IS_UPGRADER) { require_once IPS_ROOT_PATH . "setup/sources/classes/session/sessions.php"; /*noLibHook*/ self::$session_class = new sessions(); } else { self::setMember(0); } } }