public static function get()
{
if (self::$_ip === null) {
try {
self::$_ip = (string) infraRequestUtils::getRemoteAddress();
} catch (Exception $ex) {
self::$_ip = '';
}
}
return self::$_ip;
}
protected static function getIp()
{
if (is_null(self::$_ip)) {
require_once dirname(__FILE__) . '/../../alpha/apps/kaltura/lib/myIPGeocoder.class.php';
self::$_ip = infraRequestUtils::getRemoteAddress();
}
return self::$_ip;
}
protected function getFieldValues($extraField)
{
switch (self::getExtraFieldType($extraField)) {
case self::ECF_REFERRER:
$values = array();
// a request can theoritically have more than one referrer, in case of several baseEntry.getContextData calls in a single multirequest
foreach ($this->_referrers as $referrer) {
$values[] = $referrer;
}
return $values;
case self::ECF_USER_AGENT:
if (isset($_SERVER['HTTP_USER_AGENT'])) {
return array($_SERVER['HTTP_USER_AGENT']);
}
break;
case self::ECF_COUNTRY:
return array(self::getCountry());
case self::ECF_COORDINATES:
return array(self::getCoordinates());
case self::ECF_IP:
if (is_array($extraField)) {
return array(infraRequestUtils::getIpFromHttpHeader($extraField[self::ECFD_IP_HTTP_HEADER], $extraField[self::ECFD_IP_ACCEPT_INTERNAL_IPS], true));
}
return array(infraRequestUtils::getRemoteAddress());
}
return array();
}
protected static function getStickySessionKey()
{
$ksObject = kCurrentContext::$ks_object;
if ($ksObject && $ksObject->hasPrivilege(kSessionBase::PRIVILEGE_SESSION_KEY)) {
return self::STICKY_SESSION_PREFIX . kCurrentContext::getCurrentPartnerId() . "_" . $ksObject->getPrivilegeValue(kSessionBase::PRIVILEGE_SESSION_KEY);
}
return self::STICKY_SESSION_PREFIX . infraRequestUtils::getRemoteAddress();
}
public function __toString()
{
if (self::$_ip === null) {
self::$_ip = (string) infraRequestUtils::getRemoteAddress();
}
return self::$_ip;
}
public static function isInternalIp($ipAddress = null)
{
if (!$ipAddress) {
$ipAddress = infraRequestUtils::getRemoteAddress();
}
if (isset(self::$isInternalIp[$ipAddress])) {
return self::$isInternalIp[$ipAddress];
}
if (kConf::hasParam('internal_ip_range')) {
$range = kConf::get('internal_ip_range');
if (self::isIpInRanges($ipAddress, $range)) {
self::$isInternalIp[$ipAddress] = true;
return true;
}
}
self::$isInternalIp[$ipAddress] = false;
return false;
}
public function isValidBase()
{
if (!$this->real_str || !$this->hash) {
return self::INVALID_STR;
}
// KS parsing failed
if ($this->valid_until <= time()) {
return self::EXPIRED;
}
// KS is expired
if (array_key_exists(self::PRIVILEGE_IP_RESTRICTION, $this->parsedPrivileges) && !in_array(infraRequestUtils::getRemoteAddress(), $this->parsedPrivileges[self::PRIVILEGE_IP_RESTRICTION])) {
return self::EXCEEDED_RESTRICTED_IP;
}
if (array_key_exists(self::PRIVILEGE_URI_RESTRICTION, $this->parsedPrivileges)) {
$value = implode(self::PRIVILEGES_DELIMITER, $this->parsedPrivileges[self::PRIVILEGE_URI_RESTRICTION]);
if ($_SERVER["REQUEST_URI"] != $value && (substr($value, -1) != '*' || substr($_SERVER["REQUEST_URI"], 0, strlen($value) - 1) != substr($value, 0, -1))) {
return self::EXCEEDED_RESTRICTED_URI;
}
}
return self::OK;
}
public function isUserIPAllowed()
{
$allowedIPRestriction = $this->isSetIPRestriction();
if ($allowedIPRestriction && $allowedIPRestriction != infraRequestUtils::getRemoteAddress()) {
KalturaLog::err("IP Restriction; allowed IP: [{$allowedIPRestriction}], user ip [" . infraRequestUtils::getRemoteAddress() . "] is not in range");
return false;
}
return true;
}
public static function initApiMonitor($cached, $action, $partnerId, $clientTag = null)
{
if (is_null(self::$stream)) {
self::init();
}
if (!self::$stream) {
return;
}
self::$apiStartTime = microtime(true);
self::$basicEventInfo = array(self::FIELD_SERVER => infraRequestUtils::getHostname(), self::FIELD_IP_ADDRESS => infraRequestUtils::getRemoteAddress(), self::FIELD_PARTNER_ID => $partnerId, self::FIELD_ACTION => $action, self::FIELD_CLIENT_TAG => $clientTag);
if (!$cached) {
require_once __DIR__ . '/../../../../../infra/log/UniqueId.php';
self::$basicEventInfo[self::FIELD_UNIQUE_ID] = UniqueId::get();
}
}
public function tryToValidateKS()
{
if (!$this->real_str || !$this->hash) {
return false;
}
// KS parsing failed
if ($this->valid_until <= time()) {
return false;
}
// KS is expired
if ($this->partner_id == -1 || $this->isWidgetSession()) {
// Since anyone can create a widget session, no need to check for invalidation
return true;
}
$allPrivileges = explode(',', $this->privileges);
foreach ($allPrivileges as $priv) {
$exPrivileges = explode(':', $priv);
if (count($exPrivileges) == 2 && $exPrivileges[0] == self::PRIVILEGE_IP_RESTRICTION && $exPrivileges[1] != infraRequestUtils::getRemoteAddress()) {
return false;
}
}
$isInvalidated = $this->isKSInvalidated();
if ($isInvalidated === null || $isInvalidated) {
return false;
}
// KS is invalidated, or failed to check
return true;
}
