function bb2_httpbl($settings, $package) { // Can't use IPv6 addresses yet if (@is_ipv6($package['ip'])) { return false; } if (@(!$settings['httpbl_key'])) { return false; } // Workaround for "MySQL server has gone away" bb2_db_query("SET @@session.wait_timeout = 90"); $find = implode('.', array_reverse(explode('.', $package['ip']))); $result = gethostbynamel($settings['httpbl_key'] . ".{$find}.dnsbl.httpbl.org."); if (!empty($result)) { $ip = explode('.', $result[0]); // Check if threat if ($ip[0] == 127 && $ip[3] & 7 && $ip[2] >= $settings['httpbl_threat'] && $ip[1] <= $settings['httpbl_maxage']) { return '2b021b1f'; } // Check if search engine if ($ip[3] == 0) { return 1; } } return false; }
function bb2_baidu($package) { if (@is_ipv6($package['ip'])) { return false; } # TODO if (match_cidr($package['ip'], array("119.63.192.0/21", "123.125.71.0/24", "180.76.0.0/16", "220.181.0.0/16")) === FALSE) { return false; # Soft fail, must pass other screening } return 1; # Real Baidu bot; bypass all other checks }
function bb2_roundtripdns($ip, $domain) { if (@is_ipv6($ip)) { return $ip; } $host = gethostbyaddr($ip); $host_result = strpos(strrev($host), strrev($domain)); if ($host_result === false || $host_result > 0) { return false; } $addrs = gethostbynamel($host); if (in_array($ip, $addrs)) { return true; } return false; }
function is_ip($test) { return is_ipv4($test) or is_ipv6($test); }
function _fw_expand_ips($opt, $ipspec, $fam) { $res = array(); if (substr($ipspec, 0, 4) == 'net:') { _fw_add_ips($opt, $ipspec, $fam, $res); return $res; } if (($fam == 'ipv6' || $fam == 'any') && is_ipv6($ipspec)) { $res[] = ' option ' . $opt . ' ' . $addr . NL; return $res; } if (($fam == 'ipv4' || $fam == 'any') && is_ipv4($ipspec)) { $res[] = ' option ' . $opt . ' ' . $addr . NL; return $res; } $nic = NULL; $hn = $ipspec; if ($p = strrpos($ipspec, '-')) { if ($p) { $nic = substr($ipspec, $p + 1); $hn = substr($ipspec, 0, $p); } } foreach (lk_addr($hn, $nic) as $addr) { if (($fam == 'ipv4' || $fam == 'any') && isset($addr['ip4'])) { $res[] = ' option ' . $opt . ' ' . $addr['ip4'] . NL; } if (($fam == 'ipv6' || $fam == 'any') && isset($addr['ip6'])) { $res[] = ' option ' . $opt . ' ' . $addr['ip6'] . NL; } } if (!count($res)) { // trigger_error("Unable to lookup ipspec: $ipspec",E_USER_WARNING); $res[] = ' option ' . $opt . ' ' . $ipspec . NL; } return $res; }
function type($ip) { if (!$ip) { return false; } if (is_ipv4($ip)) { return "ipv4"; } if (is_ipv6($ip)) { return "ipv6"; } return "unknown"; }
/** * Determines whether the specified is a valid IP address * * @param string $string the string to validate as an IP * @return bool true if the specified string is a valid IP address; otherwise, false */ function is_ip($string) { return is_ipv4($string) || is_ipv6($string); }
// End forum Censored Words // IP Bans (TorrentialStorm) if ($action == "ipbans") { stdhead(T_("BANNED_IPS")); navmenu(); if ($do == "del") { if (!@count($_POST["delids"])) { show_error_msg(T_("ERROR"), T_("NONE_SELECTED"), 1); } $delids = array_map('intval', $_POST["delids"]); $delids = implode(', ', $delids); $res = SQL_Query_exec("SELECT * FROM bans WHERE id IN ({$delids})"); while ($row = mysql_fetch_assoc($res)) { SQL_Query_exec("DELETE FROM bans WHERE id={$row['id']}"); # Needs to be tested... if (is_ipv6($row["first"]) && is_ipv6($row["last"])) { $first = long2ip6($row["first"]); $last = long2ip6($row["last"]); } else { $first = long2ip($row["first"]); $last = long2ip($row["last"]); } write_log("IP Ban ({$first} - {$last}) was removed by {$CURUSER['id']} ({$CURUSER['username']})"); } show_error_msg(T_("SUCCESS"), "Ban(s) deleted.", 0); } if ($do == "add") { $first = trim($_POST["first"]); $last = trim($_POST["last"]); $comment = trim($_POST["comment"]); if ($first == "" || $last == "" || $comment == "") {
/** * @covers ::is_ipv6 */ function test_is_ipv6() { $this->assertFalse(is_ipv6("0.0.0.0")); $this->assertFalse(is_ipv6("")); $this->assertFalse(is_ipv6("1")); $this->assertFalse(is_ipv6("17.17")); $this->assertFalse(is_ipv6("17.17.17.17")); $this->assertTrue(is_ipv6("::1")); $this->assertFalse(is_ipv6("::fg")); $this->assertTrue(is_ipv6("::1")); //Advanced IPv6 tests curated by Stephen Ryan //Source: http://forums.dartware.com/viewtopic.php?t=452 $this->assertTrue(is_ipv6("fe80:0000:0000:0000:0204:61ff:fe9d:f156")); $this->assertFalse(is_ipv6("02001:0000:1234:0000:0000:C1C0:ABCD:0876"), "extra 0 not allowed"); $this->assertFalse(is_ipv6("2001:0000:1234:0000:00001:C1C0:ABCD:0876"), "extra 0 not allowed"); $this->assertFalse(is_ipv6("1.2.3.4:1111:2222:3333:4444::5555")); $this->assertTrue(is_ipv6("::ffff:192.0.2.128"), "can't validate IPv4 represented as dotted-quads"); }
function userlogin() { $ip = getip(); // If there's no IP a script is being ran from CLI. Any checks here will fail, skip all. if ($ip == "") { return; } global $CURUSER; unset($GLOBALS["CURUSER"]); //Check IP bans if (is_ipv6($ip)) { $nip = ip2long6($ip); } else { $nip = ip2long($ip); } $res = SQL_Query_exec("SELECT * FROM bans"); while ($row = mysql_fetch_assoc($res)) { $banned = false; if (is_ipv6($row["first"]) && is_ipv6($row["last"]) && is_ipv6($ip)) { $row["first"] = ip2long6($row["first"]); $row["last"] = ip2long6($row["last"]); $banned = bccomp($row["first"], $nip) != -1 && bccomp($row["last"], $nip) != -1; } else { $row["first"] = ip2long($row["first"]); $row["last"] = ip2long($row["last"]); $banned = $nip >= $row["first"] && $nip <= $row["last"]; } if ($banned) { header("HTTP/1.0 403 Forbidden"); echo "<html><head><title>Forbidden</title></head><body><h1>Forbidden</h1>Unauthorized IP address.<br />" . "Reason for banning: {$row['comment']}</body></html>"; die; } } //Check The Cookie and get CURUSER details if (strlen($_COOKIE["pass"]) != 40 || !is_numeric($_COOKIE["uid"])) { logoutcookie(); return; } //Get User Details And Permissions $res = SQL_Query_exec("SELECT * FROM users INNER JOIN groups ON users.class=groups.group_id WHERE id={$_COOKIE['uid']} AND users.enabled='yes' AND users.status = 'confirmed'"); $row = mysql_fetch_assoc($res); if (!$row || sha1($row["id"] . $row["secret"] . $row["password"] . $ip . $row["secret"]) != $_COOKIE["pass"]) { logoutcookie(); return; } $where = where($_SERVER["SCRIPT_FILENAME"], $row["id"], 0); SQL_Query_exec("UPDATE users SET last_access='" . get_date_time() . "', ip=" . sqlesc($ip) . ", page=" . sqlesc($where) . " WHERE id=" . $row["id"]); $GLOBALS["CURUSER"] = $row; unset($row); }
alt="Valid XHTML 1.0 Transitional" height="31" width="88" /></a> <p class="alignleft" style="font-size: 16px;margin-bottom: 0px;">③W3C-CSS3代码验证</p> <a href="http://jigsaw.w3.org/css-validator/check/referer"> <img style="border:0;width:88px;height:31px" src="http://jigsaw.w3.org/css-validator/images/vcss-blue" alt="Valid CSS!" /> </a> <p class="alignleft" style="font-size: 16px;margin-bottom: 0px;">④IPv6启用认证</p> <div id=ipv6_enabled_www_test_logo> <?php if (is_SSL()) { ?> <div id="ipv6_enabled_www_test_logo"><div style="background-image:url(http://www.ipv6forum.com/ipv6_enabled/public/images/dynamic_logo_background_right.png);padding:0px;background-position:right;background-repeat:no-repeat;width:240px;height:98px;margin:0px;text-align:left;font-size:9pt;line-height:100%;"><div style="color:#fff;font-size:9pt;height:98px;width:235px;repeat:repeat-y; background-image:url(http://www.ipv6forum.com/ipv6_enabled/public/images/dynamic_logo_backgroud_main.png);margin:0;padding:0"><div style="float:left;margin:0;padding:0"><img src="http://www.ipv6forum.com/ipv6_enabled/public/images/dynamic_logo_background_left.png"></div><div style="padding-right:0;padding-bottom:0;padding-top:5px;padding-left:80px;word-break:break-all;"><span style="font-weight:bold;font: arial,sans-serif;color:#3EC73C">Status:</span><span style="font-style:italic;font: arial,sans-serif;color:#fff;"><a href="http://www.ipv6forum.com/ipv6_enabled/approval_list.php" style="color:#fff;text-decoration: none;background:transparent"> IPv6 Enabled</a><br></span><span style="font-weight:bold;font: arial,sans-serif;color:#3EC73C">Last: </span><span style="font-style:italic;font: arial,sans-serif;color:#fff;"> 2015-03-20<br></span><span style="font-weight:bold;font: arial,sans-serif;color:#3EC73C">URL: </span><span style="font-style:italic;font: arial,sans-serif;color:#fff;">myauth.us<br></span> <?php if (!is_ipv6()) { ?> <span style="font-weight:bold;font: arial,sans-serif;color:#50001E"> ACCESSING VIA IPv4 NOW</span> <?php } ?> <span style="font-weight:bold;font: arial,sans-serif;color:#50001E"></span></div></div></div></div> <?php } ?> </div> <br> <h3 class="article-ci"> 版权所有 </h3> <p>战网安全令在线版 © <?php
$disabled['ipv6'][$ip] = $line; continue; } $comment_line[] = "# " . implode(" ", $line); continue; } $line = preg_split("/[\\s\t]+/", $line); $ip = array_shift($line); // preveri če ip obstaja, da ne prepiše if (is_ipv4($ip)) { foreach ($line as $l) { $entry['ipv4'][$ip][] = $l; } continue; } if (is_ipv6($ip)) { foreach ($line as $l) { $entry['ipv6'][$ip][] = $l; } continue; } $i++; } $output['disabled'] = $disabled; $output['comment'] = $comment_line; $output['entry'] = $entry; print_r($output); function is_ipv6($ip) { if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) { return true;
/** * Parse and lookup an IP address reference * * Given an ip in the form `net:`_netid_._hostid_, it will generate * IPv4 and/or IPv6 addresses for it. * * @param $ip string IP address reference * @param &$cf array_ref Configuration array, must have a `nets` element * @return array Array of strings containing IPv4/IPv6 addresses */ function lk_parse_ip($ip, &$cf) { list($netid, $hostid) = parse_ipnet($ip); $res = array(); if ($netid) { if (!isset($cf['nets'][$netid])) { trigger_error("Unknown network {$ip}", E_USER_WARNING); return $res; } $res['netid'] = $netid; $netdat =& $cf['nets'][$netid]; if (isset($netdat['vlan'])) { $res['vlan'] = $netdat['vlan']; } $res['hostid'] = $hostid; if (!$hostid) { return $res; } // Configured without IP... if (isset($netdat['ip6'])) { $res['ip6'] = $netdat['ip6'] . '::' . dechex($hostid); } if (isset($netdat['ip4'])) { $res['ip4'] = $netdat['ip4'] . '.' . $hostid; } } else { if (is_ipv6($ip)) { $res['ip6'] = $ip; } elseif (is_ipv4($ip)) { $res['ip4'] = $ip; } } return $res; }