public function testMultipleSubnetInMaskAdvance()
{
$expected = true;
$filter = new IpFilter(array('10.22.0.0 255.255.0.0', '10.24.0.0 255.255.0.0', '10.26.0.0 255.255.0.0', '10.28.0.0 255.255.0.0'));
$actual = $filter->check('10.28.255.1');
$this->assertEquals($expected, $actual);
}
public function hookCheckForBlockedHost()
{
if (!Cgi::getMode()) {
$ipFilter = new IpFilter();
if ($ipFilter->isBlocked()) {
throw new IPBlockedException("This host is blocked!");
}
}
}
/**
* Initialization, it sets DB information, request arguments and so on.
*
* @see This function should be called only once
* @return void
*/
public function init()
{
// fix missing HTTP_RAW_POST_DATA in PHP 5.6 and above
if (!isset($GLOBALS['HTTP_RAW_POST_DATA']) && version_compare(PHP_VERSION, '5.6.0', '>=') === TRUE) {
$GLOBALS['HTTP_RAW_POST_DATA'] = file_get_contents("php://input");
// If content is not XML or JSON, unset
if (!preg_match('/^[\\<\\{\\[]/', $GLOBALS['HTTP_RAW_POST_DATA'])) {
unset($GLOBALS['HTTP_RAW_POST_DATA']);
}
}
// set context variables in $GLOBALS (backward compatibility)
$GLOBALS['__Context__'] = $this;
$GLOBALS['lang'] =& $this->lang;
$this->_COOKIE = $_COOKIE;
// 20140429 editor/image_link
$this->_checkGlobalVars();
$this->setRequestMethod('');
$this->_setXmlRpcArgument();
$this->_setJSONRequestArgument();
$this->_setRequestArgument();
$this->_setUploadedArgument();
$this->loadDBInfo();
if ($this->db_info->use_sitelock == 'Y') {
if (is_array($this->db_info->sitelock_whitelist)) {
$whitelist = $this->db_info->sitelock_whitelist;
}
if (!IpFilter::filter($whitelist)) {
$title = $this->db_info->sitelock_title ? $this->db_info->sitelock_title : 'Maintenance in progress...';
$message = $this->db_info->sitelock_message;
define('_XE_SITELOCK_', TRUE);
define('_XE_SITELOCK_TITLE_', $title);
define('_XE_SITELOCK_MESSAGE_', $message);
header("HTTP/1.1 403 Forbidden");
if (FileHandler::exists(_XE_PATH_ . 'common/tpl/sitelock.user.html')) {
include _XE_PATH_ . 'common/tpl/sitelock.user.html';
} else {
include _XE_PATH_ . 'common/tpl/sitelock.html';
}
exit;
}
}
// If XE is installed, get virtual site information
if (self::isInstalled()) {
$oModuleModel = getModel('module');
$site_module_info = $oModuleModel->getDefaultMid();
if (!isset($site_module_info)) {
$site_module_info = new stdClass();
}
// if site_srl of site_module_info is 0 (default site), compare the domain to default_url of db_config
if ($site_module_info->site_srl == 0 && $site_module_info->domain != $this->db_info->default_url) {
$site_module_info->domain = $this->db_info->default_url;
}
self::set('site_module_info', $site_module_info);
if ($site_module_info->site_srl && isSiteID($site_module_info->domain)) {
self::set('vid', $site_module_info->domain, TRUE);
}
if (!isset($this->db_info)) {
$this->db_info = new stdClass();
}
$this->db_info->lang_type = $site_module_info->default_language;
if (!$this->db_info->lang_type) {
$this->db_info->lang_type = 'ko';
}
if (!$this->db_info->use_db_session) {
$this->db_info->use_db_session = 'N';
}
}
// Load Language File
$lang_supported = self::loadLangSelected();
// Retrieve language type set in user's cookie
if ($this->lang_type = self::get('l')) {
if ($_COOKIE['lang_type'] != $this->lang_type) {
setcookie('lang_type', $this->lang_type, $_SERVER['REQUEST_TIME'] + 3600 * 24 * 1000, '/');
}
} elseif ($_COOKIE['lang_type']) {
$this->lang_type = $_COOKIE['lang_type'];
}
// If it's not exists, follow default language type set in db_info
if (!$this->lang_type) {
$this->lang_type = $this->db_info->lang_type;
}
// if still lang_type has not been set or has not-supported type , set as Korean.
if (!$this->lang_type) {
$this->lang_type = 'ko';
}
if (is_array($lang_supported) && !isset($lang_supported[$this->lang_type])) {
$this->lang_type = 'ko';
}
self::set('lang_supported', $lang_supported);
self::setLangType($this->lang_type);
// Load languages
$this->lang = Rhymix\Framework\Lang::getInstance($this->lang_type);
$this->lang->loadDirectory(RX_BASEDIR . 'common/lang', 'common');
$this->lang->loadDirectory(RX_BASEDIR . 'modules/module/lang', 'module');
// set session handler
if (self::isInstalled() && $this->db_info->use_db_session == 'Y') {
$oSessionModel = getModel('session');
$oSessionController = getController('session');
session_set_save_handler(array(&$oSessionController, 'open'), array(&$oSessionController, 'close'), array(&$oSessionModel, 'read'), array(&$oSessionController, 'write'), array(&$oSessionController, 'destroy'), array(&$oSessionController, 'gc'));
}
// start session if it was previously started
$session_name = session_name();
$session_id = NULL;
if ($session_id = $_POST[$session_name]) {
session_id($session_id);
} else {
$session_id = $_COOKIE[$session_name];
}
if ($session_id !== NULL || $this->db_info->delay_session != 'Y') {
$this->setCacheControl(0, false);
session_start();
} else {
ob_start();
$this->setCacheControl(-1, true);
register_shutdown_function(array($this, 'checkSessionStatus'));
$_SESSION = array();
}
// set authentication information in Context and session
if (self::isInstalled()) {
$oModuleModel = getModel('module');
$oModuleModel->loadModuleExtends();
$oMemberModel = getModel('member');
$oMemberController = getController('member');
if ($oMemberController && $oMemberModel) {
// if signed in, validate it.
if ($oMemberModel->isLogged()) {
$oMemberController->setSessionInfo();
} elseif ($_COOKIE['xeak']) {
$oMemberController->doAutologin();
}
self::set('is_logged', $oMemberModel->isLogged());
if ($oMemberModel->isLogged()) {
self::set('logged_info', $oMemberModel->getLoggedInfo());
}
}
}
// check if using rewrite module
$this->allow_rewrite = $this->db_info->use_rewrite == 'Y' ? TRUE : FALSE;
// set locations for javascript use
$url = array();
$current_url = self::getRequestUri();
if ($_SERVER['REQUEST_METHOD'] == 'GET') {
if ($this->get_vars) {
$url = array();
foreach ($this->get_vars as $key => $val) {
if (is_array($val) && count($val) > 0) {
foreach ($val as $k => $v) {
$url[] = $key . '[' . $k . ']=' . urlencode($v);
}
} elseif ($val) {
$url[] = $key . '=' . urlencode($val);
}
}
$current_url = self::getRequestUri();
if ($url) {
$current_url .= '?' . join('&', $url);
}
} else {
$current_url = self::getUrl();
}
} else {
$current_url = self::getRequestUri();
}
self::set('current_url', $current_url);
self::set('request_uri', self::getRequestUri());
if (strpos($current_url, 'xn--') !== FALSE) {
self::set('current_url', self::decodeIdna($current_url));
}
if (strpos(self::getRequestUri(), 'xn--') !== FALSE) {
self::set('request_uri', self::decodeIdna(self::getRequestUri()));
}
}
/**
* Get is current user crawler
*
* @param string $agent if set, use this value instead HTTP_USER_AGENT
* @return bool
*/
function isCrawler($agent = NULL)
{
if (!$agent) {
$agent = $_SERVER['HTTP_USER_AGENT'];
}
$check_agent = array('bot', 'spider', 'spyder', 'crawl', 'http://', 'google', 'yahoo', 'slurp', 'yeti', 'daum', 'teoma', 'fish', 'hanrss', 'facebook', 'yandex', 'infoseek', 'askjeeves', 'stackrambler');
$check_ip = array();
foreach ($check_agent as $str) {
if (stristr($agent, $str) != FALSE) {
return TRUE;
}
}
return IpFilter::filter($check_ip);
}
/**
* check allowed target ip address when login for admin.
*
* @return boolean (true : allowed, false : refuse)
*/
function getMemberAdminIPCheck()
{
$db_info = Context::getDBInfo();
$admin_ip_list = $db_info->admin_ip_list;
if (!$admin_ip_list) {
return true;
}
if (!is_array($admin_ip_list)) {
$admin_ip_list = explode(',', $admin_ip_list);
}
if (!count($admin_ip_list) || IpFilter::filter($admin_ip_list)) {
return true;
} else {
return false;
}
}
function procAdminUpdateSitelock()
{
$vars = Context::getRequestVars();
$oInstallController = getController('install');
$db_info = Context::getDbInfo();
$db_info->use_sitelock = $vars->use_sitelock ? $vars->use_sitelock : 'N';
$db_info->sitelock_title = $vars->sitelock_title;
$db_info->sitelock_message = $vars->sitelock_message;
$whitelist = $vars->sitelock_whitelist;
$whitelist = preg_replace("/[\r|\n|\r\n]+/", ",", $whitelist);
$whitelist = preg_replace("/\\s+/", "", $whitelist);
if (preg_match('/(<\\?|<\\?php|\\?>)/xsm', $whitelist)) {
$whitelist = '';
}
$whitelist .= ',127.0.0.1,' . $_SERVER['REMOTE_ADDR'];
$whitelist = explode(',', trim($whitelist, ','));
$whitelist = array_unique($whitelist);
if (!IpFilter::validate($whitelist)) {
return new Object(-1, 'msg_invalid_ip');
}
$db_info->sitelock_whitelist = $whitelist;
$oInstallController = getController('install');
if (!$oInstallController->makeConfigFile()) {
return new Object(-1, 'msg_invalid_request');
}
if (!in_array(Context::getRequestMethod(), array('XMLRPC', 'JSON'))) {
$returnUrl = Context::get('success_return_url');
if (!$returnUrl) {
$returnUrl = getNotEncodedUrl('', 'act', 'dispAdminConfigGeneral');
}
header('location:' . $returnUrl);
return;
}
}
/**
* Initialization, it sets DB information, request arguments and so on.
*
* @see This function should be called only once
* @return void
*/
function init()
{
// set context variables in $GLOBALS (to use in display handler)
$this->context =& $GLOBALS['__Context__'];
$this->context->lang =& $GLOBALS['lang'];
$this->context->_COOKIE = $_COOKIE;
// 20140429 editor/image_link
$this->_checkGlobalVars();
$this->setRequestMethod('');
$this->_setXmlRpcArgument();
$this->_setJSONRequestArgument();
$this->_setRequestArgument();
$this->_setUploadedArgument();
$this->loadDBInfo();
if ($this->db_info->use_sitelock == 'Y') {
if (is_array($this->db_info->sitelock_whitelist)) {
$whitelist = $this->db_info->sitelock_whitelist;
}
if (!IpFilter::filter($whitelist)) {
$title = $this->db_info->sitelock_title ? $this->db_info->sitelock_title : 'Maintenance in progress...';
$message = $this->db_info->sitelock_message;
define('_XE_SITELOCK_', TRUE);
define('_XE_SITELOCK_TITLE_', $title);
define('_XE_SITELOCK_MESSAGE_', $message);
header("HTTP/1.1 403 Forbidden");
include _XE_PATH_ . 'common/tpl/sitelock.html';
exit;
}
}
// If XE is installed, get virtual site information
if (self::isInstalled()) {
$oModuleModel = getModel('module');
$site_module_info = $oModuleModel->getDefaultMid();
if (!isset($site_module_info)) {
$site_module_info = new stdClass();
}
// if site_srl of site_module_info is 0 (default site), compare the domain to default_url of db_config
if ($site_module_info->site_srl == 0 && $site_module_info->domain != $this->db_info->default_url) {
$site_module_info->domain = $this->db_info->default_url;
}
$this->set('site_module_info', $site_module_info);
if ($site_module_info->site_srl && isSiteID($site_module_info->domain)) {
$this->set('vid', $site_module_info->domain, TRUE);
}
if (!isset($this->db_info)) {
$this->db_info = new stdClass();
}
$this->db_info->lang_type = $site_module_info->default_language;
if (!$this->db_info->lang_type) {
$this->db_info->lang_type = 'en';
}
if (!$this->db_info->use_db_session) {
$this->db_info->use_db_session = 'N';
}
}
// Load Language File
$lang_supported = $this->loadLangSelected();
// Retrieve language type set in user's cookie
if ($this->lang_type = $this->get('l')) {
if ($_COOKIE['lang_type'] != $this->lang_type) {
setcookie('lang_type', $this->lang_type, $_SERVER['REQUEST_TIME'] + 3600 * 24 * 1000, '/');
}
} elseif ($_COOKIE['lang_type']) {
$this->lang_type = $_COOKIE['lang_type'];
}
// If it's not exists, follow default language type set in db_info
if (!$this->lang_type) {
$this->lang_type = $this->db_info->lang_type;
}
// if still lang_type has not been set or has not-supported type , set as English.
if (!$this->lang_type) {
$this->lang_type = 'en';
}
if (is_array($lang_supported) && !isset($lang_supported[$this->lang_type])) {
$this->lang_type = 'en';
}
$this->set('lang_supported', $lang_supported);
$this->setLangType($this->lang_type);
// load module module's language file according to language setting
$this->loadLang(_XE_PATH_ . 'modules/module/lang');
// set session handler
if (self::isInstalled() && $this->db_info->use_db_session == 'Y') {
$oSessionModel = getModel('session');
$oSessionController = getController('session');
session_set_save_handler(array(&$oSessionController, 'open'), array(&$oSessionController, 'close'), array(&$oSessionModel, 'read'), array(&$oSessionController, 'write'), array(&$oSessionController, 'destroy'), array(&$oSessionController, 'gc'));
}
session_start();
if ($sess = $_POST[session_name()]) {
session_id($sess);
}
// set authentication information in Context and session
if (self::isInstalled()) {
$oModuleModel = getModel('module');
$oModuleModel->loadModuleExtends();
$oMemberModel = getModel('member');
$oMemberController = getController('member');
if ($oMemberController && $oMemberModel) {
// if signed in, validate it.
if ($oMemberModel->isLogged()) {
$oMemberController->setSessionInfo();
} elseif ($_COOKIE['xeak']) {
$oMemberController->doAutologin();
}
$this->set('is_logged', $oMemberModel->isLogged());
$this->set('logged_info', $oMemberModel->getLoggedInfo());
}
}
// load common language file
$this->lang =& $GLOBALS['lang'];
$this->loadLang(_XE_PATH_ . 'common/lang/');
// check if using rewrite module
$this->allow_rewrite = $this->db_info->use_rewrite == 'Y' ? TRUE : FALSE;
// set locations for javascript use
if ($_SERVER['REQUEST_METHOD'] == 'GET') {
if ($this->get_vars) {
$url = array();
foreach ($this->get_vars as $key => $val) {
if (is_array($val) && count($val) > 0) {
foreach ($val as $k => $v) {
$url[] = $key . '[' . $k . ']=' . urlencode($v);
}
} elseif ($val) {
$url[] = $key . '=' . urlencode($val);
}
}
$this->set('current_url', self::getRequestUri() . '?' . join('&', $url));
} else {
$this->set('current_url', $this->getUrl());
}
} else {
$this->set('current_url', self::getRequestUri());
}
$this->set('request_uri', self::getRequestUri());
}
/**
* @brief Change settings
*/
function procInstallAdminSaveTimeZone()
{
$db_info = Context::getDBInfo();
$admin_ip_list = Context::get('admin_ip_list');
if ($admin_ip_list) {
$admin_ip_list = preg_replace("/[\r|\n|\r\n]+/", ",", $admin_ip_list);
$admin_ip_list = preg_replace("/\\s+/", "", $admin_ip_list);
if (preg_match('/(<\\?|<\\?php|\\?>)/xsm', $admin_ip_list)) {
$admin_ip_list = '';
}
$admin_ip_list .= ',127.0.0.1,' . $_SERVER['REMOTE_ADDR'];
$admin_ip_list = explode(',', trim($admin_ip_list, ','));
$admin_ip_list = array_unique($admin_ip_list);
if (!IpFilter::validate($admin_ip_list)) {
return new Object(-1, 'msg_invalid_ip');
}
}
$default_url = Context::get('default_url');
if ($default_url && strncasecmp('http://', $default_url, 7) !== 0 && strncasecmp('https://', $default_url, 8) !== 0) {
$default_url = 'http://' . $default_url;
}
$use_ssl = Context::get('use_ssl');
if (!$use_ssl) {
$use_ssl = 'none';
}
$http_port = Context::get('http_port');
$https_port = Context::get('https_port');
$use_rewrite = Context::get('use_rewrite');
if ($use_rewrite != 'Y') {
$use_rewrite = 'N';
}
$use_sso = Context::get('use_sso');
if ($use_sso != 'Y') {
$use_sso = 'N';
}
$use_db_session = Context::get('use_db_session');
if ($use_db_session != 'Y') {
$use_db_session = 'N';
}
$qmail_compatibility = Context::get('qmail_compatibility');
if ($qmail_compatibility != 'Y') {
$qmail_compatibility = 'N';
}
$use_html5 = Context::get('use_html5');
if (!$use_html5) {
$use_html5 = 'N';
}
$db_info->default_url = $default_url;
$db_info->qmail_compatibility = $qmail_compatibility;
$db_info->use_db_session = $use_db_session;
$db_info->use_rewrite = $use_rewrite;
$db_info->use_sso = $use_sso;
$db_info->use_ssl = $use_ssl;
$db_info->use_html5 = $use_html5;
$db_info->admin_ip_list = $admin_ip_list;
if ($http_port) {
$db_info->http_port = (int) $http_port;
} else {
if ($db_info->http_port) {
unset($db_info->http_port);
}
}
if ($https_port) {
$db_info->https_port = (int) $https_port;
} else {
if ($db_info->https_port) {
unset($db_info->https_port);
}
}
unset($db_info->lang_type);
$oInstallController = getController('install');
if (!$oInstallController->makeConfigFile()) {
return new Object(-1, 'msg_invalid_request');
} else {
Context::setDBInfo($db_info);
if ($default_url) {
$site_args = new stdClass();
$site_args->site_srl = 0;
$site_args->domain = $default_url;
$oModuleController = getController('module');
$oModuleController->updateSite($site_args);
}
$this->setRedirectUrl(Context::get('error_return_url'));
}
}
/**
* Update sitelock configuration.
*/
function procAdminUpdateSitelock()
{
$vars = Context::gets('sitelock_locked', 'sitelock_allowed_ip', 'sitelock_title', 'sitelock_message');
$allowed_ip = array_map('trim', preg_split('/[\\r\\n]/', $vars->sitelock_allowed_ip));
$allowed_ip = array_unique(array_filter($allowed_ip, function ($item) {
return $item !== '';
}));
if ($vars->sitelock_locked === 'Y') {
$allowed_localhost = false;
$allowed_current = false;
foreach ($allowed_ip as $range) {
if (Rhymix\Framework\IpFilter::inRange('127.0.0.1', $range)) {
$allowed_localhost = true;
}
if (Rhymix\Framework\IpFilter::inRange(RX_CLIENT_IP, $range)) {
$allowed_current = true;
}
}
if (!$allowed_localhost) {
array_unshift($allowed_ip, '127.0.0.1');
}
if (!$allowed_current) {
array_unshift($allowed_ip, RX_CLIENT_IP);
}
}
if (!IpFilter::validate($whitelist)) {
return new Object(-1, 'msg_invalid_ip');
}
Rhymix\Framework\Config::set('lock.locked', $vars->sitelock_locked === 'Y');
Rhymix\Framework\Config::set('lock.title', trim($vars->sitelock_title));
Rhymix\Framework\Config::set('lock.message', trim($vars->sitelock_message));
Rhymix\Framework\Config::set('lock.allow', array_values($allowed_ip));
Rhymix\Framework\Config::save();
$this->setMessage('success_updated');
$this->setRedirectUrl(Context::get('success_return_url') ?: getNotEncodedUrl('', 'act', 'dispAdminConfigSitelock'));
}
/**
* Get is current user crawler
*
* @param string $agent if set, use this value instead HTTP_USER_AGENT
* @return bool
*/
function isCrawler($agent = NULL)
{
if (!$agent) {
$agent = $_SERVER['HTTP_USER_AGENT'];
}
$check_agent = array('bot', 'spider', 'google', 'yahoo', 'daum', 'teoma', 'fish', 'hanrss', 'facebook');
$check_ip = array('211.245.21.110-211.245.21.119');
foreach ($check_agent as $str) {
if (stristr($agent, $str) != FALSE) {
return TRUE;
}
}
return IpFilter::filter($check_ip);
}
