function afi_secure_print($afi_data) { print afi_flatten_data($afi_data); }
function afi_get_client_profile_name() { #!do not fix input ! filter input #$afi_client_profile_name = filter_input(INPUT_GET, 'afi_client_profile_name', FILTER_SANITIZE_URL); #or manually process $_GET if (isset($_GET['afi_client_profile_name'])) { if ($_GET['afi_client_profile_name'] == "") { return FALSE; } #don't fix input #$afi_client_profile_name = filter_var($_GET['afi_client_profile_name'], FILTER_SANITIZE_STRING); $afi_client_profile_name = $_GET['afi_client_profile_name']; afi_debug_var("afi_client_profile_name gotten from _GET ", $afi_client_profile_name, 5); } else { #get raw host IP if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) { $afi_host_ip = $_SERVER['HTTP_X_FORWARDED_FOR']; } else { $afi_host_ip = $_SERVER['REMOTE_ADDR']; } #or #$afi_host_ip = (getenv ( "HTTP_X_FORWARDED_FOR" )) ? getenv ( "HTTP_X_FORWARDED_FOR" ) : getenv ( "REMOTE_ADDR" ); afi_debug_var("afi_host_ip before flattening ", $afi_host_ip, 5); $afi_host_ip = afi_flatten_data($afi_host_ip); afi_debug_var("afi_host_ip after flattening ", $afi_host_ip, 5); # validate if afi_host_ip is a valid IP if (!filter_var($afi_host_ip, FILTER_VALIDATE_IP)) { afi_debug_var("afi_host_ip not valid IP ", $afi_host_ip, 5); return FALSE; } #broken #if ( ! checkdnsrr($afi_host_ip, 'PTR') ) { # afi_debug_var("afi_host_ip not resolveable to PTR", $afi_host_ip ,5); # return FALSE ; #} $afi_client_profile_name = gethostbyaddr($afi_host_ip); } afi_debug_var("afi_client_profile_name before flattening ", $afi_client_profile_name, 5); $afi_client_profile_name = afi_flatten_data($afi_client_profile_name); afi_debug_var("afi_client_profile_name after flattening ", $afi_client_profile_name, 5); # validate if afi_client_profile_name is a valid hostname if (!filter_var('http://' . $afi_client_profile_name, FILTER_VALIDATE_URL) || !afi_is_valid_domain_name($afi_client_profile_name)) { afi_debug_var("afi_client_profile_name is not a valid url or not a valid hostname ", $afi_client_profile_name, 5); return FALSE; } return $afi_client_profile_name; }