public function test_cleanremoteaddr() { // IPv4. $this->assertNull(cleanremoteaddr('1023.121.234.1')); $this->assertSame('123.121.234.1', cleanremoteaddr('123.121.234.01 ')); // IPv6. $this->assertNull(cleanremoteaddr('0:0:0:0:0:0:0:0:0')); $this->assertNull(cleanremoteaddr('0:0:0:0:0:0:0:abh')); $this->assertNull(cleanremoteaddr('0:0:0:::0:0:1')); $this->assertSame('::', cleanremoteaddr('0:0:0:0:0:0:0:0', true)); $this->assertSame('::1:1', cleanremoteaddr('0:0:0:0:0:0:1:1', true)); $this->assertSame('abcd:ef::', cleanremoteaddr('abcd:00ef:0:0:0:0:0:0', true)); $this->assertSame('1::1', cleanremoteaddr('1:0:0:0:0:0:0:1', true)); $this->assertSame('0:0:0:0:0:0:10:1', cleanremoteaddr('::10:1', false)); $this->assertSame('1:1:0:0:0:0:0:0', cleanremoteaddr('01:1::', false)); $this->assertSame('10:0:0:0:0:0:0:10', cleanremoteaddr('10::10', false)); $this->assertSame('::ffff:c0a8:11', cleanremoteaddr('::ffff:192.168.1.1', true)); }
function test_cleanremoteaddr() { //IPv4 $this->assertEqual(cleanremoteaddr('1023.121.234.1'), null); $this->assertEqual(cleanremoteaddr('123.121.234.01 '), '123.121.234.1'); //IPv6 $this->assertEqual(cleanremoteaddr('0:0:0:0:0:0:0:0:0'), null); $this->assertEqual(cleanremoteaddr('0:0:0:0:0:0:0:abh'), null); $this->assertEqual(cleanremoteaddr('0:0:0:::0:0:1'), null); $this->assertEqual(cleanremoteaddr('0:0:0:0:0:0:0:0', true), '::'); $this->assertEqual(cleanremoteaddr('0:0:0:0:0:0:1:1', true), '::1:1'); $this->assertEqual(cleanremoteaddr('abcd:00ef:0:0:0:0:0:0', true), 'abcd:ef::'); $this->assertEqual(cleanremoteaddr('1:0:0:0:0:0:0:1', true), '1::1'); $this->assertEqual(cleanremoteaddr('::10:1', false), '0:0:0:0:0:0:10:1'); $this->assertEqual(cleanremoteaddr('01:1::', false), '1:1:0:0:0:0:0:0'); $this->assertEqual(cleanremoteaddr('10::10', false), '10:0:0:0:0:0:0:10'); $this->assertEqual(cleanremoteaddr('::ffff:192.168.1.1', true), '::ffff:c0a8:11'); }
/** * Cleans an ip address. Internal addresses are now allowed. * (Originally local addresses were not allowed.) * * @param string $addr IPv4 or IPv6 address * @param bool $compress use IPv6 address compression * @return string normalised ip address string, null if error */ function cleanremoteaddr($addr, $compress = false) { $addr = trim($addr); if (strpos($addr, ':') !== false) { // Can be only IPv6. $parts = explode(':', $addr); $count = count($parts); if (strpos($parts[$count - 1], '.') !== false) { // Legacy ipv4 notation. $last = array_pop($parts); $ipv4 = cleanremoteaddr($last, true); if ($ipv4 === null) { return null; } $bits = explode('.', $ipv4); $parts[] = dechex($bits[0]) . dechex($bits[1]); $parts[] = dechex($bits[2]) . dechex($bits[3]); $count = count($parts); $addr = implode(':', $parts); } if ($count < 3 or $count > 8) { return null; // Severly malformed. } if ($count != 8) { if (strpos($addr, '::') === false) { return null; // Malformed. } // Uncompress. $insertat = array_search('', $parts, true); $missing = array_fill(0, 1 + 8 - $count, '0'); array_splice($parts, $insertat, 1, $missing); foreach ($parts as $key => $part) { if ($part === '') { $parts[$key] = '0'; } } } $adr = implode(':', $parts); if (!preg_match('/^([0-9a-f]{1,4})(:[0-9a-f]{1,4})*$/i', $adr)) { return null; // Incorrect format - sorry. } // Normalise 0s and case. $parts = array_map('hexdec', $parts); $parts = array_map('dechex', $parts); $result = implode(':', $parts); if (!$compress) { return $result; } if ($result === '0:0:0:0:0:0:0:0') { return '::'; // All addresses. } $compressed = preg_replace('/(:0)+:0$/', '::', $result, 1); if ($compressed !== $result) { return $compressed; } $compressed = preg_replace('/^(0:){2,7}/', '::', $result, 1); if ($compressed !== $result) { return $compressed; } $compressed = preg_replace('/(:0){2,6}:/', '::', $result, 1); if ($compressed !== $result) { return $compressed; } return $result; } // First get all things that look like IPv4 addresses. $parts = array(); if (!preg_match('/^(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})$/', $addr, $parts)) { return null; } unset($parts[0]); foreach ($parts as $key => $match) { if ($match > 255) { return null; } $parts[$key] = (int) $match; // Normalise 0s. } return implode('.', $parts); }
function getremoteaddr() { global $CFG; if (empty($CFG->getremoteaddrconf)) { // This will happen, for example, before just after the upgrade, as the // user is redirected to the admin screen. $variablestoskip = 0; } else { $variablestoskip = $CFG->getremoteaddrconf; } if (!($variablestoskip & GETREMOTEADDR_SKIP_HTTP_CLIENT_IP)) { if (!empty($_SERVER['HTTP_CLIENT_IP'])) { return cleanremoteaddr($_SERVER['HTTP_CLIENT_IP']); } } if (!($variablestoskip & GETREMOTEADDR_SKIP_HTTP_X_FORWARDED_FOR)) { if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) { return cleanremoteaddr($_SERVER['HTTP_X_FORWARDED_FOR']); } } if (!empty($_SERVER['REMOTE_ADDR'])) { return cleanremoteaddr($_SERVER['REMOTE_ADDR']); } else { return null; } }
/** * Returns most reliable client address * * @return string The remote IP address */ function getremoteaddr() { if (!empty($_SERVER['HTTP_CLIENT_IP'])) { return cleanremoteaddr($_SERVER['HTTP_CLIENT_IP']); } if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) { return cleanremoteaddr($_SERVER['HTTP_X_FORWARDED_FOR']); } if (!empty($_SERVER['REMOTE_ADDR'])) { return cleanremoteaddr($_SERVER['REMOTE_ADDR']); } return ''; }
if (isguestuser()) { // Guest users cannot perform lookups. throw new require_login_exception('Guests are not allowed here.'); } $ip = optional_param('ip', getremoteaddr(), PARAM_RAW); $user = optional_param('user', 0, PARAM_INT); if (isset($CFG->iplookup)) { // Clean up of old settings. set_config('iplookup', NULL); } $PAGE->set_url('/iplookup/index.php', array('id' => $ip, 'user' => $user)); $PAGE->set_pagelayout('popup'); $PAGE->set_context(context_system::instance()); $info = array($ip); $note = array(); if (cleanremoteaddr($ip) === false) { print_error('invalidipformat', 'error'); } if (!ip_is_public($ip)) { print_error('iplookupprivate', 'error'); } $info = iplookup_find_location($ip); if ($info['error']) { // Can not display. notice($info['error']); } if ($user) { if ($user = $DB->get_record('user', array('id' => $user, 'deleted' => 0))) { // note: better not show full names to everybody if (has_capability('moodle/user:viewdetails', context_user::instance($user->id))) { array_unshift($info['title'], fullname($user));