function test_getIPAddressType() { $ips = array('0.0.0.0' => 'external', '10.0.0.1' => 'internal', '127.0.0.1' => 'loopback', '172.16.0.1' => 'internal', '192.168.0.1' => 'internal', '255.0.0.1' => 'external'); foreach ($ips as $ip => $expected) { $rv = fbHTTP::getIPAddressType($ip); $this->assertEquals($expected, $rv); } }
<?php // $CVSHeader: _freebeer/www/tests/index.php,v 1.3 2004/03/07 17:51:36 ross Exp $ // Copyright (c) 2002-2004, Ross Smith. All rights reserved. // Licensed under the BSD or LGPL License. See license.txt for details. error_reporting(2047); @set_time_limit(0); defined('FREEBEER_BASE') || define('FREEBEER_BASE', getenv('FREEBEER_BASE') ? getenv('FREEBEER_BASE') : dirname(dirname(dirname(__FILE__)))); require_once FREEBEER_BASE . '/lib/Pear/Pear.php'; require_once FREEBEER_BASE . '/lib/HTTP.php'; fbHTTP::sendLastModified(); require_once 'PHPUnit.php'; require_once 'PHPUnit/GUI/HTML.php'; require_once 'PHPUnit/GUI/SetupDecorator.php'; /// \todo rewrite to fbTestSuite class // called via: // fbTestSuite(array(['dir1', 'dir2', .... ])); $gui =& new PHPUnit_GUI_SetupDecorator(new PHPUnit_GUI_HTML()); chdir(FREEBEER_BASE . '/tests') || trigger_error(sprintf('Can\'t change directory to \'%s\'', FREEBEER_BASE . '/tests'), E_USER_ERROR); $gui->getSuitesFromDir('.', '^Test.*\\.php$'); error_reporting(0); $gui->show(); ?>
<?php // $CVSHeader: _freebeer/www/lib/tests/_header.php,v 1.3 2004/03/08 04:29:18 ross Exp $ // Copyright (c) 2002-2004, Ross Smith. All rights reserved. // Licensed under the BSD or LGPL License. See license.txt for details. defined('FREEBEER_BASE') || define('FREEBEER_BASE', getenv('FREEBEER_BASE') ? getenv('FREEBEER_BASE') : dirname(dirname(dirname(dirname(__FILE__))))); require_once FREEBEER_BASE . '/lib/HTTP.php'; require_once FREEBEER_BASE . '/www/fbWeb.php'; $www_root = fbWeb::getWebRoot(); $doc_root = fbWeb::getDocRoot(); //$root_dir = $doc_root . $www_root; if (isset($test_name)) { $test_name = $www_root . $test_name; } fbHTTP::sendNoCacheHeaders(); ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <!-- $CVSHeader: _freebeer/www/lib/tests/_header.php,v 1.3 2004/03/08 04:29:18 ross Exp $ Copyright (c) 2001-2003, Ross Smith. All rights reserved. Licensed under the BSD or LGPL License. See doc/license.txt for details. --> <head> <title><?php echo $test_name; ?> Test Suite</title>
<?php // $CVSHeader: _freebeer/www/demo/hmac_login/server_adodb.php,v 1.3 2004/03/07 17:51:34 ross Exp $ // Copyright (c) 2002-2004, Ross Smith. All rights reserved. // Licensed under the BSD or LGPL License. See license.txt for details. require_once '../_demo.php'; $title = 'fbHMAC_Login_ADOdb Class (Secure Challenge/Response Login)'; require_once FREEBEER_BASE . '/lib/HMAC_Login/ADOdb.php'; $html_header = html_header_demo($title, null, null, false); require_once FREEBEER_BASE . '/lib/HTTP.php'; $client_url = dirname(dirname($_SERVER['PHP_SELF'])) . '/Hmac_Login.ADOdb.php'; if (!isset($_REQUEST['challenge'])) { fbHTTP::redirect($client_url); exit; } echo $html_header; $hmac_login =& new fbHMAC_Login_ADOdb(); $hmac_login->setTimeout(10); if (!$hmac_login->connect('localhost', 'root', '', 'hmac_login', 'mysql')) { echo $hmac_login->getLastError(); exit; } // $hmac_login->_dbh->debug = true; $hmac_login->validate(@$_REQUEST['challenge'], @$_REQUEST['response'], @$_REQUEST['login'], @$_REQUEST['password']); echo $hmac_login->getLastError(); ?> <p> <a href="<?php echo $client_url; ?>
function html_header($hash, $included_files = null, $path = null, $no_cache = true) { $www_root = fbWeb::getWebRoot(); if (preg_match('/wget/i', $_SERVER['HTTP_USER_AGENT'])) { @ini_set('html_errors', false); } @ini_set('html_errors', false); include_once FREEBEER_BASE . '/lib/HTTP.php'; // required for Opera 7.x fbHTTP::sendNoCacheHeaders(); @ini_set('implicit_flush', true); @ini_set('max_execution_time', 60); $path2 = ''; /* if ($path == null) { $path = ''; } if (!strpos($path, '://')) { $path2 = $path; $home_url = $path . '..'; $demo_url = $path; } else { $path2 = ''; $home_url = $path; $demo_url = $path; } */ $page_title = ''; $header = ''; foreach ($hash as $label => $url) { if ($page_title) { $page_title .= ' > '; $header .= ' > '; } $page_title .= $label; $header .= $url ? sprintf("<a href='%s'>%s</a>", $url, $label) : $label; } $files = get_included_files(); # $files[] = $_SERVER['SCRIPT_NAME']; if (!is_array($included_files)) { $included_files = array($included_files); } static $skip_files = array('HTTP.php', 'System.php', 'fbWeb.php', '_demo.php', '_header.php'); $script_dir = dirname($_SERVER['SCRIPT_FILENAME']); $hfiles = ''; foreach ($files as $file) { $bfile = basename($file); if (in_array($bfile, $skip_files)) { continue; } if (substr($file, 0, 1) != '/') { $file = $script_dir . '/' . $file; } $rfile = realpath($file); if (!$rfile) { $bfile = "<blink><i>{$bfile}</i></blink>"; } $encfile = urlencode($rfile); $hfiles .= sprintf("\n \n<a target='%s' href='%s/_source.php?file=%s'>%s</a>", $file, fbWeb::getWebRoot(), $encfile, $bfile); } foreach ($included_files as $file) { $bfile = basename($file); if (substr($file, 0, 1) != '/') { $file = $script_dir . '/' . $file; } $rfile = realpath($file); if (!$rfile) { $bfile = "<blink><i>{$bfile}</i></blink>"; } $encfile = urlencode($rfile); $hfiles .= sprintf("\n \n<a target='%s' href='%s/%s_source.php?file=%s'>%s</a>", $file, fbWeb::getWebRoot(), $path2, $encfile, $bfile); } if (preg_match('/wget/i', $_SERVER['HTTP_USER_AGENT'])) { $header = ''; $hfiles = ''; } $html = <<<EOD <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <!-- Copyright (c) 2001-2003, Ross Smith. All rights reserved. Licensed under the BSD or LGPL License. See doc/license.txt for details. --> <html lang='en-US' xmlns='http://www.w3.org/1999/xhtml'> <head> <title>{$page_title}</title> <!-- meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1' / --> <meta name="MSSmartTagsPreventParsing" content="TRUE" /><!-- ! --> <!-- <meta name="robots" content="noindex, nofollow" /> <meta name="googlebot" content="noarchive" /> <link rel='stylesheet' href='example.css' type='text/css' /> <style type='text/css'> @import 'example.css'; </style> <link rel='icon' href='favicon.png' type='image/png' /> --> <script language='JavaScript' type='text/javascript'> <!-- // <![CDATA[ // JavaScript code goes here // ]]> --> </script> <link rel='stylesheet' href='{$www_root}/main.css' type='text/css' /> </head> <body> <table width='100%' border='0'> <tr> <td align='left'> \t{$header} </td> <td align='right'> {$hfiles} </td> </tr> </table> <hr /> EOD; return $html; }
$driver = fbHTTP::getRequestVar('driver', $driver); if (isset($defaults[$driver])) { extract($defaults[$driver]); } $clob = fbHTTP::getRequestVar('clob', $clob); $data_field_name = fbHTTP::getRequestVar('data_field_name', $data_field_name); $database = fbHTTP::getRequestVar('database', $database); $debug = (int) fbHTTP::getRequestVar('debug', $debug); $expire_notify = (int) fbHTTP::getRequestVar('expire_notify', $expire_notify); $host = fbHTTP::getRequestVar('host', $host); $lifetime = (int) fbHTTP::getRequestVar('lifetime', $lifetime); $optimize = (int) fbHTTP::getRequestVar('optimize', $optimize); $password = fbHTTP::getRequestVar('password', $password); $sync_seconds = (int) fbHTTP::getRequestVar('sync_seconds', $sync_seconds); $table = fbHTTP::getRequestVar('table', $table); $user = fbHTTP::getRequestVar('user', $user); if (!empty($_REQUEST['submit'])) { switch ($_REQUEST['submit']) { case 'Change Driver': if (isset($defaults[$driver])) { extract($defaults[$driver]); } } } // to test the original code $ADODB_SESSION_CONNECT = $host; $ADODB_SESSION_DB = $database; $ADODB_SESSION_DRIVER = $driver; $ADODB_SESSION_PWD = $password; $ADODB_SESSION_TBL = $table; $ADODB_SESSION_USER = $user;
function httpMe($url = false) { if (!$this->_enabled) { return true; } if ($this->isHttps()) { fbHTTP::redirect($this->httpUrl($url)); exit; } return false; }
function getChallenge() { global $_SERVER; // < 4.1.0 $this->_last_errno = FB_HMAC_LOGIN_ERROR_OK; $this->_last_error = ''; if (!$this->_dbh && !$this->connect()) { $this->_setError(FB_HMAC_LOGIN_ERROR_NOT_CONNECTED); return false; } $user_agent = mysql_escape_string(isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : ''); $remote_addr = mysql_escape_string(fbHTTP::getRemoteAddress()); $referer = mysql_escape_string(isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : ''); $attempts = $this->_max_attempts; while ($attempts--) { $sql = "\n\t\t\t\tSELECT\n\t\t\t\t\tMAX(id) AS id\n\t\t\t\tFROM\n\t\t\t\t\t{$this->_challenge_table}\n\t\t\t"; $rs = @mysql_query($sql, $this->_dbh); if (!$rs) { $this->_setDbError(); return false; } if (mysql_num_rows($rs)) { $max_id = @mysql_result($rs, 0, 0); } else { $max_id = 1; } $challenge = $this->_getChallenge($max_id, $attempts); $qchallenge = mysql_escape_string($challenge); $sql = "\n\t\t\t\tINSERT INTO\n\t\t\t\t\t{$this->_challenge_table}\n\t\t\t\t(\n\t\t\t\t\tid,\n\t\t\t\t\tchallenge,\n\t\t\t\t\tused,\n\t\t\t\t\tip_address,\n\t\t\t\t\tuser_agent,\n\t\t\t\t\treferer,\n\t\t\t\t\tcreated,\n\t\t\t\t\tmodified\n\t\t\t\t) VALUES (\n\t\t\t\t\tNULL,\n\t\t\t\t\t'{$qchallenge}',\n\t\t\t\t\t'N',\n\t\t\t\t\t'{$remote_addr}',\n\t\t\t\t\t'{$user_agent}',\n\t\t\t\t\t'{$referer}',\n\t\t\t\t\tNOW(),\n\t\t\t\t\tNOW()\n\t\t\t\t)\n\t\t\t"; $rs = @mysql_query($sql, $this->_dbh); if (!$rs) { if (@mysql_errno($this->_dbh) == 1062) { // duplicate key // \todo log this key violation, // so admin can purge some records at some point continue; } $this->_setDbError(); return false; } if (!mysql_affected_rows($this->_dbh)) { continue; } return $challenge; } $this->_setError(FB_HMAC_LOGIN_ERROR_NO_CHALLENGE); // No challenge return $challenge; }
function getRemoteAddress() { global $_SERVER; // < 4.1.0 static $rv = null; while (is_null($rv)) { if (isset($_SERVER['HTTP_CLIENT_IP'])) { $ip = trim($_SERVER['HTTP_CLIENT_IP']); if (strcasecmp($ip, 'unknown')) { $ip2 = explode('.', $ip); $rv = $ip2[3] . '.' . $ip2[2] . '.' . $ip2[1] . '.' . $ip2[0]; if (fbHTTP::getIPAddressType($rv) == 'external') { break; } } } if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) { $ips = trim($_SERVER['HTTP_X_FORWARDED_FOR']); while (preg_match('/([^, ]+)[, ]+(.*)/', $ips, $matches)) { $rv = trim($matches[1]); if (strcasecmp($ip, 'unknown')) { if (fbHTTP::getIPAddressType($rv) == 'external') { break 2; } } $ips = @$matches[2]; } } if (isset($_SERVER['HTTP_FORWARDED'])) { $ips = trim($_SERVER['HTTP_FORWARDED']); while (preg_match('/([^, ]+)[, ]+(.*)/', $ips, $matches)) { $rv = trim($matches[1]); if (strcasecmp($ip, 'unknown')) { if (fbHTTP::getIPAddressType($rv) == 'external') { break 2; } } $ips = @$matches[2]; } } if (isset($_SERVER['REMOTE_ADDR'])) { $rv = trim($_SERVER['REMOTE_ADDR']); break; } $rv = false; break; } return $rv; }
function getChallenge() { global $_SERVER; // < 4.1.0 $this->_last_errno = FB_HMAC_LOGIN_ERROR_OK; $this->_last_error = ''; if (!$this->_dbh && !$this->connect()) { $this->_setError(FB_HMAC_LOGIN_ERROR_NOT_CONNECTED); return false; } $dbh = $this->_dbh; $user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : ''; $remote_addr = fbHTTP::getRemoteAddress(); $referer = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : ''; $attempts = $this->_max_attempts; while ($attempts--) { $sql = "\n\t\t\t\tSELECT\n\t\t\t\t\tMAX(id) AS id\n\t\t\t\tFROM\n\t\t\t\t\t{$this->_challenge_table}\n\t\t\t"; $rs = $dbh->Execute($sql); if (!$rs) { $this->_setDbError(); return false; } if ($rs->RecordCount()) { $row = $rs->FetchRow(); $max_id = $row[0]; } else { $max_id = 1; } $challenge = $this->_getChallenge($max_id, $attempts); $sql = "\n\t\t\t\tINSERT INTO\n\t\t\t\t\t{$this->_challenge_table}\n\t\t\t\t(\n\t\t\t\t\tchallenge,\n\t\t\t\t\tused,\n\t\t\t\t\tip_address,\n\t\t\t\t\tuser_agent,\n\t\t\t\t\treferer,\n\t\t\t\t\tcreated,\n\t\t\t\t\tmodified\n\t\t\t\t) VALUES (\n\t\t\t\t\t?,\n\t\t\t\t\t?,\n\t\t\t\t\t?,\n\t\t\t\t\t?,\n\t\t\t\t\t?,\n\t\t\t\t\t{$dbh->sysTimeStamp},\n\t\t\t\t\t{$dbh->sysTimeStamp}\n\t\t\t\t)\n\t\t\t"; $values = array($challenge, 'N', $remote_addr, $user_agent, $referer); $rs = $dbh->Execute($sql, $values); if (!$rs) { if ($dbh->ErrorNo() == DB_ERROR_ALREADY_EXISTS) { // duplicate key // \todo log this key violation, // so admin can purge some records at some point continue; } $this->_setDbError(); return false; } if (!$dbh->Affected_Rows()) { continue; } return $challenge; } $this->_setError(FB_HMAC_LOGIN_ERROR_NO_CHALLENGE); // No challenge return $challenge; }