function SSO_IsIPAllowed($info)
{
global $sso_settings, $sso_ipaddr;
$allowed = false;
$patterns = explode("\n", str_replace("\r", "\n", $sso_settings[""]["iprestrict"]["patterns"]));
foreach ($patterns as $pattern) {
$pattern = trim($pattern);
if ($pattern != "" && IPAddr::IsMatch($pattern, $sso_ipaddr)) {
$allowed = true;
}
}
if (!$allowed) {
return false;
}
$allowed = false;
$patterns = explode("\n", str_replace("\r", "\n", $info["patterns"]));
foreach ($patterns as $pattern) {
$pattern = trim($pattern);
if ($pattern != "" && IPAddr::IsMatch($pattern, $sso_ipaddr)) {
$allowed = true;
}
}
return $allowed;
}
public static function MakeValidEmailAddress($email, $options = array())
{
$email = str_replace("\t", " ", $email);
$email = str_replace("\r", " ", $email);
$email = str_replace("\n", " ", $email);
$email = trim($email);
// Reverse parse out the initial domain/IP address part of the e-mail address.
$domain = "";
$state = "domend";
$cfwsdepth = 0;
while ($email != "" && $state != "") {
$prevchr = substr($email, -2, 1);
$lastchr = substr($email, -1);
switch ($state) {
case "domend":
if ($lastchr == ")") {
$laststate = "domain";
$state = "cfws";
} else {
if ($lastchr == "]" || $lastchr == "}") {
$domain .= "]";
$email = trim(substr($email, 0, -1));
$state = "ipaddr";
} else {
$state = "domain";
}
}
break;
case "cfws":
if ($prevchr == "\\") {
$email = trim(substr($email, 0, -2));
} else {
if ($lastchr == ")") {
$email = trim(substr($email, 0, -1));
$depth++;
} else {
if ($lastchr == "(") {
$email = trim(substr($email, 0, -1));
$depth--;
if (!$depth && substr($email, -1) != ")") {
$state = $laststate;
}
} else {
$email = trim(substr($email, 0, -1));
}
}
}
break;
case "ipaddr":
if ($lastchr == "[" || $lastchr == "{" || $lastchr == "@") {
$domain .= "[";
$state = "@";
if ($lastchr == "@") {
break;
}
} else {
if ($lastchr == "," || $lastchr == ".") {
$domain .= ".";
} else {
if ($lastchr == ";" || $lastchr == ":") {
$domain .= ":";
} else {
if (preg_match('/[A-Za-z0-9]/', $lastchr)) {
$domain .= $lastchr;
}
}
}
}
$email = trim(substr($email, 0, -1));
break;
case "domain":
if ($lastchr == "@") {
$state = "@";
break;
} else {
if ($lastchr == ")") {
$state = "cfws";
$laststate = "@";
break;
} else {
if ($lastchr == "," || $lastchr == ".") {
$domain .= ".";
} else {
if (preg_match('/[A-Za-z0-9-]/', $lastchr)) {
$domain .= $lastchr;
}
}
}
}
$email = trim(substr($email, 0, -1));
break;
case "@":
if ($lastchr == "@") {
$state = "";
}
$email = trim(substr($email, 0, -1));
break;
}
}
$domain = strrev($domain);
$parts = explode(".", $domain);
foreach ($parts as $num => $part) {
$parts[$num] = str_replace(" ", "-", trim(str_replace("-", " ", $part)));
}
$domain = implode(".", $parts);
// Forward parse out the local part of the e-mail address.
// Remove CFWS (comments, folding whitespace).
while (substr($email, 0, 1) == "(") {
while ($email != "") {
$currchr = substr($email, 0, 1);
if ($currchr == "\\") {
$email = trim(substr($email, 2));
} else {
if ($currchr == "(") {
$depth++;
$email = trim(substr($email, 1));
} else {
if ($currchr == ")") {
$email = trim(substr($email, 1));
$depth--;
if (!$depth && substr($email, 0, 1) != "(") {
break;
}
}
}
}
}
}
// Process quoted/unquoted string.
$local = "";
if (substr($email, 0, 1) == "\"") {
$email = substr($email, 1);
while ($email != "") {
$currchr = substr($email, 0, 1);
$nextchr = substr($email, 1, 1);
if ($currchr == "\\") {
if ($nextchr == "\\" || $nextchr == "\"") {
$local .= substr($email, 0, 2);
$email = substr($email, 2);
} else {
if (ord($nextchr) >= 33 && ord($nextchr) <= 126) {
$local .= substr($email, 1, 1);
$email = substr($email, 2);
}
}
} else {
if ($currchr == "\"") {
break;
} else {
if (ord($currchr) >= 33 && ord($nextchr) <= 126) {
$local .= substr($email, 0, 1);
$email = substr($email, 1);
} else {
$email = substr($email, 1);
}
}
}
}
if (substr($local, -1) != "\"") {
$local .= "\"";
}
} else {
while ($email != "") {
$currchr = substr($email, 0, 1);
if (preg_match("/[A-Za-z0-9]/", $currchr) || $currchr == "!" || $currchr == "#" || $currchr == "\$" || $currchr == "%" || $currchr == "&" || $currchr == "'" || $currchr == "*" || $currchr == "+" || $currchr == "-" || $currchr == "/" || $currchr == "=" || $currchr == "?" || $currchr == "^" || $currchr == "_" || $currchr == "`" || $currchr == "{" || $currchr == "|" || $currchr == "}" || $currchr == "~" || $currchr == ".") {
$local .= $currchr;
$email = substr($email, 1);
} else {
break;
}
}
$local = preg_replace('/[.]+/', ".", $local);
if (substr($local, 0, 1) == ".") {
$local = substr($local, 1);
}
if (substr($local, -1) == ".") {
$local = substr($local, 0, -1);
}
}
while (substr($local, -2) == "\\\"") {
$local = substr($local, 0, -2) . "\"";
}
if ($local == "\"" || $local == "\"\"") {
$local = "";
}
// Analyze the domain/IP part and fix any issues.
$domain = preg_replace('/[.]+/', ".", $domain);
if (substr($domain, -1) == "]") {
if (substr($domain, 0, 1) != "[") {
$domain = "[" . $domain;
}
// Process the IP address.
if (strtolower(substr($domain, 0, 6)) == "[ipv6:") {
$ipaddr = IPAddr::NormalizeIP(substr($domain, 6, -1));
} else {
$ipaddr = IPAddr::NormalizeIP(substr($domain, 1, -1));
}
if ($ipaddr["ipv4"] != "") {
$domain = "[" . $ipaddr["ipv4"] . "]";
} else {
$domain = "[IPv6:" . $ipaddr["ipv6"] . "]";
}
} else {
// Process the domain.
if (substr($domain, 0, 1) == ".") {
$domain = substr($domain, 1);
}
if (substr($domain, -1) == ".") {
$domain = substr($domain, 0, -1);
}
$domain = explode(".", $domain);
foreach ($domain as $num => $part) {
if (substr($part, 0, 1) == "-") {
$part = substr($part, 1);
}
if (substr($part, -1) == "-") {
$part = substr($part, 0, -1);
}
if (strlen($part) > 63) {
$part = substr($part, 0, 63);
}
$domain[$num] = $part;
}
$domain = implode(".", $domain);
}
// Validate the final lengths.
$y = strlen($local);
$y2 = strlen($domain);
$email = $local . "@" . $domain;
if (!$y) {
return array("success" => false, "error" => self::SMTP_Translate("Missing local part of e-mail address."), "errorcode" => "missing_local_part", "info" => $email);
}
if (!$y2) {
return array("success" => false, "error" => self::SMTP_Translate("Missing domain part of e-mail address."), "errorcode" => "missing_domain_part", "info" => $email);
}
if ($y > 64 || $y2 > 253 || $y + $y2 + 1 > 253) {
return array("success" => false, "error" => self::SMTP_Translate("E-mail address is too long."), "errorcode" => "email_too_long", "info" => $email);
}
// Process results.
if (substr($domain, 0, 1) == "[" && substr($domain, -1) == "]") {
$result = array("success" => true, "email" => $email, "lookup" => false, "type" => "IP");
} else {
if (isset($options["usedns"]) && $options["usedns"] === false) {
$result = array("success" => true, "email" => $email, "lookup" => false, "type" => "Domain");
} else {
if ((!isset($options["usednsttlcache"]) || $options["usednsttlcache"] === true) && isset(self::$dnsttlcache[$domain]) && self::$dnsttlcache[$domain] >= time()) {
$result = array("success" => true, "email" => $email, "lookup" => false, "type" => "CachedDNS");
} else {
// Check for a mail server based on a DNS lookup.
$result = self::GetDNSRecord($domain, array("MX", "A"), isset($options["nameservers"]) ? $options["nameservers"] : array("8.8.8.8", "8.8.4.4"), !isset($options["usednsttlcache"]) || $options["usednsttlcache"] === true);
if ($result["success"]) {
$result = array("success" => true, "email" => $email, "lookup" => true, "type" => $result["type"], "records" => $result["records"]);
}
}
}
}
return $result;
}
$spammer = true;
}
}
}
$rows[] = array(htmlspecialchars($ipaddr["ipv4"] != "" ? $ipaddr["ipv4"] : $ipaddr["shortipv6"]), htmlspecialchars(BB_Translate($spammer ? "Yes" : "No")), BB_FormatTimestamp("M j, Y @ g:i A", CSDB::ConvertFromDBTime($row->created)), "<a href=\"" . BB_GetRequestURLBase() . "?action=viewipaddr&id=" . $row->id . "&sec_t=" . BB_CreateSecurityToken("viewipaddr") . "\">" . htmlspecialchars(BB_Translate("View")) . "</a>");
}
}
$table = array("title" => "Search Results", "type" => "table", "cols" => array("IP Address", "Spammer?", "Created", "Options"), "rows" => $rows, "desc" => BB_Translate("The search results for the IP address pattern '%s'.", $pattern));
} else {
if (isset($_REQUEST["ipaddr"]) && $_REQUEST["ipaddr"] == "") {
BB_SetPageMessage("error", "Please specify an IP address or pattern.");
}
$ts = time();
$result = $sso_db->Query("SELECT", array("*", "FROM" => "?", "WHERE" => "created >= ?", "ORDER BY" => "created DESC"), $sso_db_ipcache, CSDB::ConvertToDBTime(time() - 2 * 24 * 60 * 60));
while ($row = $result->NextRow()) {
$ipaddr = IPAddr::NormalizeIP($row->ipaddr);
$info = unserialize($row->info);
$spammer = false;
if (isset($info["spaminfo"])) {
foreach ($sso_providers as $provider => &$instance) {
if (isset($info["spaminfo"][$provider]) && $info["spaminfo"][$provider]["spammer"]) {
$spammer = true;
}
}
}
$rows[] = array(htmlspecialchars($ipaddr["ipv4"] != "" ? $ipaddr["ipv4"] : $ipaddr["shortipv6"]), htmlspecialchars(BB_Translate($spammer ? "Yes" : "No")), BB_FormatTimestamp("M j, Y @ g:i A", CSDB::ConvertFromDBTime($row->created)), "<a href=\"" . BB_GetRequestURLBase() . "?action=viewipaddr&id=" . $row->id . "&sec_t=" . BB_CreateSecurityToken("viewipaddr") . "\">" . htmlspecialchars(BB_Translate("View")) . "</a>");
}
$table = array("title" => "Last 48 Hours", "type" => "table", "cols" => array("IP Address", "Spammer?", "Created", "Options"), "rows" => $rows, "desc" => "New IP addresses in the last 48 hours.");
}
$contentopts = array("desc" => "Manage the IP address cache.", "htmldesc" => $desc, "nonce" => "action", "hidden" => array("action" => "manageipcache"), "fields" => array($table, "split", array("title" => "Find IP Address", "type" => "text", "name" => "ipaddr", "value" => BB_GetValue("ipaddr", ""), "desc" => "Enter an IP address or IP address pattern to search for. (e.g. '10.0.0-15,17.*')")), "submit" => "Search", "focus" => false);
BB_GeneratePage("Manage IP Cache", $sso_menuopts, $contentopts);
