/**
* Learn about an IP address
*
* @return @e void [Outputs to screen]
*/
protected function _learnIP()
{
if ($this->request['ip'] == "") {
$this->_toolsIndex($this->lang->words['t_noip']);
return false;
}
$ip = trim($this->request['ip']);
$resolved = $this->lang->words['t_partip'];
$exact = 0;
if (substr_count($ip, '.') == 3) {
$exact = 1;
}
if (strstr($ip, '*')) {
$exact = 0;
$ip = str_replace("*", "", $ip);
}
//-----------------------------------------
// Warning...ipv6 doesn't tend to resolve properly on
// some Windows machines - this seems to be an OS limitation
//-----------------------------------------
if (IPSLib::validateIPv6($ip) == true) {
$exact = 1;
}
if ($exact == 1) {
$resolved = @gethostbyaddr($ip);
$query = "='" . $ip . "'";
} else {
$query = " LIKE '" . $ip . "%'";
}
$results = IPSLib::findIPAddresses($query);
//-----------------------------------------
// INIT
//-----------------------------------------
$registered = array();
$posted = array();
$voted = array();
$emailed = array();
$validating = array();
//-----------------------------------------
// Find registered members
//-----------------------------------------
if (count($results['members'])) {
foreach ($results['members'] as $m) {
$m['_joined'] = ipsRegistry::getClass('class_localization')->getDate($m['joined'], 'SHORT');
$registered[] = $m;
}
unset($results['members']);
}
//-----------------------------------------
// Find Names POSTED under
//-----------------------------------------
if (count($results['posts'])) {
foreach ($results['posts'] as $m) {
$m['members_display_name'] = $m['members_display_name'] ? $m['members_display_name'] : $this->lang->words['t_guest'];
$m['email'] = $m['email'] ? $m['email'] : $this->lang->words['t_notavail'];
$m['_post_date'] = ipsRegistry::getClass('class_localization')->getDate($m['date'], 'SHORT');
$posted[] = $m;
}
unset($results['posts']);
}
//-----------------------------------------
// Find Names VOTED under
//-----------------------------------------
if (count($results['voters'])) {
foreach ($results['voters'] as $m) {
$m['members_display_name'] = $m['members_display_name'] ? $m['members_display_name'] : $this->lang->words['t_guest'];
$m['email'] = $m['email'] ? $m['email'] : $this->lang->words['t_notavail'];
$m['_vote_date'] = ipsRegistry::getClass('class_localization')->getDate($m['date'], 'SHORT');
$voted[] = $m;
}
unset($results['voters']);
}
//-----------------------------------------
// Find Names VALIDATING under
//-----------------------------------------
if (count($results['validating'])) {
foreach ($results['validating'] as $m) {
$m['members_display_name'] = $m['members_display_name'] ? $m['members_display_name'] : $this->lang->words['t_guest'];
$m['email'] = $m['email'] ? $m['email'] : $this->lang->words['t_notavail'];
$m['_entry_date'] = ipsRegistry::getClass('class_localization')->getDate($m['date'], 'SHORT');
$validating[] = $m;
}
unset($results['validating']);
}
//-----------------------------------------
// And output
//-----------------------------------------
$this->registry->output->html .= $this->html->learnIPResults($resolved, $registered, $posted, $voted, $emailed, $validating, $results);
}
/**
* Authorize
*
* @access public
* @return @e void
*/
public function __construct()
{
/* Make object */
$this->registry = ipsRegistry::instance();
$this->DB = $this->registry->DB();
$this->settings =& $this->registry->fetchSettings();
$this->request =& $this->registry->fetchRequest();
//--------------------------------------------
// Got a cookie wookey?
//--------------------------------------------
$_adsess = ipsRegistry::$request['adsess'];
$_time_out_mins = defined('IPB_ACP_SESSION_TIME_OUT') ? IPB_ACP_SESSION_TIME_OUT : 60;
//-----------------------------------------
// If the cookie doesn't match URL... use URL?
//-----------------------------------------
if ($_adsess) {
$this->session_type = 'url';
ipsRegistry::$request['adsess'] = $_adsess;
}
//--------------------------------------------
// Continue...
//--------------------------------------------
if (!ipsRegistry::$request['adsess']) {
//--------------------------------------------
// No URL adsess found, lets log in.
//--------------------------------------------
return $this->_response(0, '');
} else {
//--------------------------------------------
// We have a URL adsess, lets verify...
//--------------------------------------------
$this->DB->build(array('select' => '*', 'from' => 'core_sys_cp_sessions', 'where' => "session_id='" . IPSText::md5clean(ipsRegistry::$request['adsess']) . "'"));
$this->DB->execute();
$session_data = $this->DB->fetch();
$_tab_data = unserialize($session_data['session_app_data']);
$_tab_data = is_array($_tab_data) ? $_tab_data : array();
if ($session_data['session_id'] == "") {
//--------------------------------------------
// Fail-safe, no DB record found, lets log in..
//--------------------------------------------
return $this->_response(0, '');
} else {
if ($session_data['session_member_id'] == "") {
//--------------------------------------------
// No member ID is stored, log in!
//--------------------------------------------
return $this->_response(0, 'session_nomemberid');
} else {
//--------------------------------------------
// Key is good, check the member details
//--------------------------------------------
$this->DB->build(array('select' => 'm.*', 'from' => array('members' => 'm'), 'where' => "member_id=" . intval($session_data['session_member_id']), 'add_join' => array(0 => array('select' => 'g.*', 'from' => array('groups' => 'g'), 'where' => 'm.member_group_id=g.g_id', 'type' => 'left'), 1 => array('select' => 's.*', 'from' => array('core_sys_login' => 's'), 'where' => 's.sys_login_id = m.member_id', 'type' => 'left'))));
$this->DB->execute();
self::$data_store = $this->DB->fetch();
self::$data_store = self::instance()->setUpSecondaryGroups(self::$data_store);
//--------------------------------------------
// Get perms
//--------------------------------------------
if (self::$data_store['member_id'] == "") {
//--------------------------------------------
// Ut-oh, no such member, log in!
//--------------------------------------------
return $this->_response(0, 'session_invalidmid');
} else {
//--------------------------------------------
// Member found, check passy
//--------------------------------------------
//if ( $session_data['session_member_login_key'] != self::$data_store['member_login_key'] )
//{
// //--------------------------------------------
// // Passys don't match..
// //--------------------------------------------
//
// return $this->_response( 0, 'Session member password mismatch' );
//}
//else
//{
//--------------------------------------------
// Do we have admin access?
//--------------------------------------------
if (self::$data_store['g_access_cp'] != 1) {
return $this->_response(0, 'session_noaccess');
} else {
$this->_validated = TRUE;
}
//}
}
}
}
}
//--------------------------------------------
// If we're here, we're valid...
//--------------------------------------------
if ($this->_validated === TRUE) {
if ($session_data['session_running_time'] < time() - $_time_out_mins * 60) {
self::$data_store = array();
self::setMember(0);
$this->_validated = FALSE;
return $this->_response(0, 'session_timeout');
} else {
if (IPB_ACP_IP_MATCH) {
if ($session_data['session_ip_address'] != self::instance()->ip_address or !IPSLib::validateIPv4($session_data['session_ip_address']) and !IPSLib::validateIPv6($session_data['session_ip_address']) or !IPSLib::validateIPv4(self::instance()->ip_address) and !IPSLib::validateIPv6(self::instance()->ip_address)) {
self::$data_store = array();
self::setMember(0);
$this->_validated = FALSE;
return $this->_response(0, 'session_mismatchip');
}
}
}
self::setMember(self::$data_store['member_id']);
//-----------------------------------------
// Fix up secondary groups
//-----------------------------------------
if (self::$data_store['mgroup_others']) {
$groups_id = explode(',', self::$data_store['mgroup_others']);
$masks = array();
$cache = ipsRegistry::cache()->getCache('group_cache');
if (count($groups_id)) {
foreach ($groups_id as $pid) {
if (empty($cache[$pid]['g_id'])) {
continue;
}
//-----------------------------------------
// Got masks?
//-----------------------------------------
if ($cache[$pid]['g_perm_id']) {
self::$data_store['g_perm_id'] .= ',' . $cache[$pid]['g_perm_id'];
}
}
}
}
//-----------------------------------------
// Current Location, used for online list
//-----------------------------------------
$module = ipsRegistry::$request['module'] != 'ajax' ? ipsRegistry::$request['module'] : $session_data['session_location'];
$location = $session_data['session_url'];
if (IPS_APP_COMPONENT && ipsRegistry::$request['module'] != 'ajax') {
$location = str_ireplace("login=yes", "", ipsRegistry::$settings['query_string_safe']);
$location = ltrim($location, '?');
$location = preg_replace("!adsess=(\\w){32}!", "", $location);
$location = preg_replace("!&mshow=(.+?)*!i", "", $location);
$location = preg_replace("!&st=(.+?)*!i", "", $location);
$location = preg_replace("!&messageinabottleacp=(.+?)*!i", "", $location);
}
/* Compare user-agent stuff */
$session_data['_session_app_data'] = unserialize($session_data['session_app_data']);
if (is_array($session_data['_session_app_data']) and $session_data['_session_app_data']['uagent_key']) {
if ($session_data['_session_app_data']['uagent_raw'] != self::instance()->user_agent) {
$session_data['_session_app_data'] = self::_processUserAgent();
$session_data['_session_app_data']['uagent_raw'] = self::instance()->user_agent;
}
} else {
$session_data['_session_app_data'] = self::_processUserAgent();
$session_data['_session_app_data']['uagent_raw'] = self::instance()->user_agent;
}
//-----------------------------------------
// Done...
//-----------------------------------------
$this->DB->update('core_sys_cp_sessions', array('session_running_time' => time(), 'session_location' => $module, 'session_url' => $location, 'session_app_data' => serialize($session_data['_session_app_data']), 'session_member_name' => self::$data_store['members_display_name']), 'session_member_id=' . intval(self::$data_store['member_id']) . " and session_id='" . ipsRegistry::$request['adsess'] . "'");
return $this->_response(1, '', $session_data['_session_app_data']);
}
}
/**
* Singleton init method
*
* @return @e void
*/
protected static function init()
{
if (self::$initiated !== TRUE) {
//-----------------------------------------
// IP Address
//-----------------------------------------
if (ipsRegistry::$settings['xforward_matching']) {
//foreach( array_reverse( explode( ',', my_getenv('HTTP_X_FORWARDED_FOR') ) ) as $x_f ) // See http://community.invisionpower.com/resources/bugs.html/_/ip-board/multiple-ips-in-x-forwarded-for-r37844
foreach (explode(',', my_getenv('HTTP_X_FORWARDED_FOR')) as $x_f) {
$addrs[] = trim($x_f);
}
$addrs[] = my_getenv('HTTP_CLIENT_IP');
$addrs[] = my_getenv('HTTP_X_CLUSTER_CLIENT_IP');
$addrs[] = my_getenv('HTTP_PROXY_USER');
}
$addrs[] = my_getenv('REMOTE_ADDR');
//-----------------------------------------
// Do we have one yet?
//-----------------------------------------
foreach ($addrs as $ip) {
//-----------------------------------------
// IP v4
//-----------------------------------------
if (IPSLib::validateIPv4($ip)) {
self::instance()->ip_address = $ip;
break;
} else {
if (IPSLib::validateIPv6($ip)) {
self::instance()->ip_address = $ip;
break;
}
}
}
//-----------------------------------------
// Make sure we take a valid IP address
//-----------------------------------------
if (!self::instance()->ip_address and !isset($_SERVER['SHELL']) and $_SERVER['SESSIONNAME'] != 'Console') {
if (!defined('IPS_IS_SHELL') or !IPS_IS_SHELL) {
print "Could not determine your IP address";
exit;
}
}
//-----------------------------------------
// Get user-agent, browser and OS
//-----------------------------------------
self::instance()->user_agent = IPSText::parseCleanValue(my_getenv('HTTP_USER_AGENT'));
self::instance()->operating_system = self::_fetch_os();
if (IPS_AREA == 'admin') {
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/session/adminSessions.php', 'adminSessions');
/**
* Support for extending the session class
*/
if (is_file(IPS_ROOT_PATH . "sources/classes/session/ssoAdminSessions.php")) {
$classToLoadA = IPSLib::loadLibrary(IPS_ROOT_PATH . "sources/classes/session/ssoAdminSessions.php", 'ssoAdminSessions');
/**
* Does the ssoAdminSessions class exist?
*/
if (class_exists($classToLoadA)) {
$parent = get_parent_class($classToLoadA);
/**
* Is it a child of adminSessions
*/
if ($parent == $classToLoad) {
self::$session_class = new $classToLoadA();
} else {
self::$session_class = new $classToLoad();
}
}
} else {
self::$session_class = new $classToLoad();
}
} else {
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . 'sources/classes/session/publicSessions.php', 'publicSessions');
/**
* Support for extending the session class
*/
if (is_file(IPS_ROOT_PATH . "sources/classes/session/ssoPublicSessions.php")) {
$classToLoadA = IPSLib::loadLibrary(IPS_ROOT_PATH . "sources/classes/session/ssoPublicSessions.php", 'ssoPublicSessions');
/**
* Does the ssoPublicSessions class exist?
*/
if (class_exists($classToLoadA)) {
$parent = get_parent_class($classToLoadA);
/**
* Is it a child of publicSessions
*/
if ($parent == $classToLoad) {
self::$session_class = new $classToLoadA();
} else {
self::$session_class = new $classToLoad();
}
}
} else {
self::$session_class = new $classToLoad();
}
//-----------------------------------------
// Set other
//-----------------------------------------
self::$data_store['publicSessionID'] = self::$session_class->session_data['id'];
}
//-----------------------------------------
// Set user agent
//-----------------------------------------
$_cookie = IPSCookie::get("uagent_bypass");
self::$data_store['userAgentKey'] = isset(self::$session_class->session_data['uagent_key']) ? self::$session_class->session_data['uagent_key'] : '';
self::$data_store['userAgentType'] = isset(self::$data_store['uagent_type']) ? self::$data_store['uagent_type'] : self::$session_class->session_data['uagent_type'];
self::$data_store['userAgentVersion'] = isset(self::$session_class->session_data['uagent_version']) ? self::$session_class->session_data['uagent_version'] : '';
self::$data_store['userAgentBypass'] = $_cookie ? true : (isset(self::$session_class->session_data['uagent_bypass']) ? self::$session_class->session_data['uagent_bypass'] : '');
self::$data_store['forumsModeratorData'] = array();
/* Some mobile app set up */
if (self::$data_store['userAgentType'] == 'mobileApp') {
/* This converts non UTF-8 POST/GET data in __construct */
$classToLoad = IPSLib::loadLibrary(IPS_ROOT_PATH . '/sources/base/ipsMobileApp.php', 'ipsMobileApp');
ipsRegistry::setClass('isMobileApp', new $classToLoad());
}
}
}
/**
* Our singleton INIT function
*
* @access protected
* @return @e void
*/
protected static function init()
{
if (self::$initiated !== TRUE) {
//-----------------------------------------
// IP Address
//-----------------------------------------
if (ipsRegistry::$settings['xforward_matching']) {
foreach (array_reverse(explode(',', my_getenv('HTTP_X_FORWARDED_FOR'))) as $x_f) {
$addrs[] = trim($x_f);
}
$addrs[] = my_getenv('HTTP_CLIENT_IP');
$addrs[] = my_getenv('HTTP_X_CLUSTER_CLIENT_IP');
$addrs[] = my_getenv('HTTP_PROXY_USER');
}
$addrs[] = my_getenv('REMOTE_ADDR');
//-----------------------------------------
// Do we have one yet?
//-----------------------------------------
foreach ($addrs as $ip) {
//-----------------------------------------
// IP v4
//-----------------------------------------
if (IPSLib::validateIPv4($ip)) {
self::instance()->ip_address = $ip;
break;
} else {
if (IPSLib::validateIPv6($ip)) {
self::instance()->ip_address = $ip;
break;
}
}
}
//-----------------------------------------
// Make sure we take a valid IP address
//-----------------------------------------
if (!self::instance()->ip_address and !isset($_SERVER['SHELL']) and $_SERVER['SESSIONNAME'] != 'Console') {
print "Could not determine your IP address";
exit;
}
if (IPS_IS_UPGRADER) {
require_once IPS_ROOT_PATH . "setup/sources/classes/session/sessions.php";
/*noLibHook*/
self::$session_class = new sessions();
} else {
self::setMember(0);
}
}
}
