function is_admin($ip) { global $_CONFIG, $system; return $system->auth->getAuth(); foreach ($_CONFIG['adminip'] as $aip => $access) { if (Net_CheckIP::check_ip($aip)) { if ($aip == $ip) { return true; } } else { $ad = gethostbyname($aip); if ($ad == $ip) { return true; } } } return false; }
/** * Get host to lookup. Lookup a host if neccessary and get the * complete FQDN to lookup. * * @param string Host OR IP to use for building the lookup. * @param string Blacklist to use for building the lookup. * @access protected * @return string Ready to use host to lookup */ function getHostForLookup($host, $blacklist) { // Currently only works for v4 addresses. if (!Net_CheckIP::check_ip($host)) { $ip = gethostbyname($host); } else { $ip = $host; } return $this->buildLookUpHost($ip, $blacklist); }
/** * Get Hostname to ask for. * * Performs the following steps: * * (1) Extract the hostname from the given URI * (2) Check if the "hostname" is an ip * (3a) IS_IP Reverse the IP (1.2.3.4 -> 4.3.2.1) * (3b) IS_FQDN Check if is in "CC-2-level-TLD" * (3b1) IS_IN_2LEVEL: we want the last three names * (3b2) IS_NOT_2LEVEL: we want the last two names * (4) return the FQDN to query. * * @param string URL to check. * @access protected * @return string Host to lookup */ function getHostForLookup($uri, $blacklist) { $host = ''; // (1) Extract the hostname from the given URI $parsed_uri = parse_url($uri); $host = $parsed_uri['host']; // (2) Check if the "hostname" is an ip if (Net_CheckIP::check_ip($host)) { // (3a) IS_IP Reverse the IP (1.2.3.4 -> 4.3.2.1) $host = $this->reverseIp($host); } else { $host_elements = explode('.', $host); while (count($host_elements) > 3) { array_shift($host_elements); } // while $host_3_elements = implode('.', $host_elements); $host_elements = explode('.', $host); while (count($host_elements) > 2) { array_shift($host_elements); } // while $host_2_elements = implode('.', $host_elements); // (3b) IS_FQDN Check if is in "CC-2-level-TLD" if ($this->isDoubleCcTld($host_2_elements)) { // (3b1) IS_IN_2LEVEL: we want the last three names $host = $host_3_elements; } else { // (3b2) IS_NOT_2LEVEL: we want the last two names $host = $host_2_elements; } // if } // if // (4) return the FQDN to query $host .= '.' . $blacklist; return $host; }
/** * Get host to lookup. Lookup a host if neccessary and get the * complete FQDN to lookup. * * @param string Host OR IP to use for building the lookup. * @param string Blacklist to use for building the lookup. * @access protected * @return string Ready to use host to lookup */ function getHostForLookup($host, $blacklist) { // Currently only works for v4 addresses. if (!Net_CheckIP::check_ip($host)) { $resolver = new Net_DNS_Resolver(); $response = $resolver->query($host); $ip = $response->answer[0]->address; } else { $ip = $host; } return $this->buildLookUpHost($ip, $blacklist); }
function get_mx($dnsname) { $resolver = new Net_DNS_Resolver(); $response = $resolver->query($dnsname, 'MX'); global $res_array; if ($response) { foreach ($response->answer as $rr) { $ipaddr = ""; $ip_type = ""; $ipaddr = get_ip_for_a($rr->exchange); if (Net_CheckIP::check_ip($ipaddr)) { $ip_type = "ipv4"; } if (Net_IPv6::checkIPv6($ipaddr)) { $ip_type = "ipv6"; } array_push($res_array, array('prio' => $rr->preference, 'dnsname' => $rr->exchange, 'ipaddr' => $ipaddr, 'iptype' => $ip_type)); } asort($res_array); return true; } else { return false; } }
function getdata(&$tpl) { global $system, $_CONFIG, $count_acc, $count_gm, $is_admin; $FormReg_CAPTCHA = "sess_" . md5(session_id()) . '.png'; $tpl->setParam("FormReg_msg", ""); if ($_SERVER['REQUEST_METHOD'] != 'POST') { if (!$this->make_CAPTCHA($tpl)) { return; } $tpl->setParam('FormReg_user', ""); $tpl->setParam('FormReg_password', ""); $tpl->setParam('FormReg_email', ""); $tpl->setParam('FormReg_CAPTCHA', "./Cache/" . $FormReg_CAPTCHA . "?" . time()); } else { $login_link = $system->mysql_login(); $ip = getenv('REMOTE_ADDR'); $isLastIP = mysql_result(mysql_query("SELECT count(`lastip`) FROM `accounts` WHERE `lastip`='{$ip}'", $login_link), 0); if (!eregi($system->valid_str, @$_POST['reg_password']) or !eregi($system->valid_str, @$_POST['reg_name']) or $isLastIP >= $_CONFIG['max_acc_per_ip'] and !$is_admin or (strlen(@$_POST['reg_password']) < 6 or strlen(@$_POST['reg_password']) > 32) or (strlen(@$_POST['reg_name']) < 4 or strlen(@$_POST['reg_name']) > 16) or !Net_CheckIP::check_ip($ip) or !string_isEmail(@$_POST['reg_email']) or @$_POST['phrase'] != @$_SESSION['phrase']) { $body = "<center>Error:</center><br />"; if (!eregi($system->valid_str, @$_POST['reg_name'])) { $body .= "- Login must contain <b>ONLY</b> low or upper letters<br />"; } if (!eregi($system->valid_str, @$_POST['reg_password'])) { $body .= "- Password must contain <b>ONLY</b> low or upper letters<br />"; } if (strlen(@$_POST['reg_password']) < 6 or strlen(@$_POST['reg_password']) > 17) { $body .= "- Password must be 6 letters minimum<br />"; } if (strlen(@$_POST['reg_name']) < 4 or strlen(@$_POST['reg_name']) > 16) { $body .= "- Login must contain from 4 to 16 letters<br />"; } if ($isLastIP >= $_CONFIG['max_acc_per_ip'] and !$is_admin) { $body .= "- There is only " . $_CONFIG['max_acc_per_ip'] . " account per one ip address ({$isLastIP})<br />"; } if (!Net_CheckIP::check_ip($ip)) { $body .= "- you have invalid ip<br />"; } if (@$_POST['phrase'] != @$_SESSION['phrase']) { $body .= "- text of the image invalid<br />"; } if (!string_isEmail(@$_POST['reg_email'])) { $body .= "- you have invalid email<br />"; } $tpl->setParam("FormReg_msg", $body); $tpl->setParam('FormReg_user', @$_POST['reg_name']); $tpl->setParam('FormReg_password', ""); $tpl->setParam('FormReg_email', @$_POST['reg_email']); if (!$this->make_CAPTCHA($tpl)) { return; } $tpl->setParam('FormReg_CAPTCHA', "./Cache/" . $FormReg_CAPTCHA . "?" . time()); } else { $ts = CheckPassword($_POST['reg_name'], $_POST['reg_password']); if (!$ts[0]) { $tpl->setParam("FormReg_msg", "<center>Error:</center><br />" . $ts[1]); $tpl->setParam('FormReg_user', $_POST['reg_name']); $tpl->setParam('FormReg_password', ""); $tpl->setParam('FormReg_email', $_POST['reg_email']); if (!$this->make_CAPTCHA($tpl)) { return; } $tpl->setParam('FormReg_CAPTCHA', "./Cache/" . $FormReg_CAPTCHA . "?" . time()); } else { $username = mysql_escape_string(trim($_POST['reg_name'])); $passw = trim($_POST['reg_password']); $email = mysql_escape_string(trim($_POST['reg_email'])); if (!$this->make_CAPTCHA($tpl)) { return; } if (@mysql_query("INSERT INTO `accounts` (`login`,`password`,`encrypted_password`,`lastip`,`email`,`flags`) VALUES ('{$username}','{$passw}','" . SHA1(strtoupper($username) . ':' . strtoupper($passw)) . "','{$ip}','{$email}','8')", $login_link)) { $system->cache->open("./Cache/ch_pass_lock", NULL); $system->cache->destroy($_POST['reg_name']); $system->cache->open("./Cache/MySQL", NULL); $system->cache->destroy('account'); extract($system->cache->c_get("MySQL", "account", array('_CONFIG' => $_CONFIG, 'login_link' => $login_link)), EXTR_OVERWRITE); $tpl->setParam("FormReg_msg", "Account '{$username}' Created<br />\n Account active after " . $_CONFIG['reg_acc_active'] . "min"); $tpl->setParam('FormReg_user', ""); $tpl->setParam('FormReg_password', ""); $tpl->setParam('FormReg_email', ""); $tpl->setParam('FormReg_CAPTCHA', "./Cache/" . $FormReg_CAPTCHA . "?" . time()); } else { $tpl->setParam("FormReg_msg", "Account '{$username}' Failed"); $tpl->setParam('FormReg_user', @$_POST['reg_name']); $tpl->setParam('FormReg_password', ""); $tpl->setParam('FormReg_email', @$_POST['reg_email']); $tpl->setParam('FormReg_CAPTCHA', "./Cache/" . $FormReg_CAPTCHA . "?" . time()); } } } mysql_close($login_link); } }
function getdata(&$tpl) { global $_CONFIG, $_POST, $_GET, $system; require_once './inc/base.inc.php'; if ($_SERVER["REQUEST_METHOD"] == "POST" and isset($_POST) and isset($_POST['c_user']) or isset($_GET['char'])) { if (isset($_GET['char'])) { $_POST['c_user'] = $_GET['char']; } $tpl->setParam('c_user', $_POST['c_user']); if (strlen($_POST['c_user']) < 2) { $tpl->setParam('c_msg', '<center>Error:</center><br />' . 'Account name... INVALID!'); return; } $c_sql_user = mysql_escape_string($_POST['c_user']); $login_link = $system->mysql_login(); $char_link = $system->mysql_connect(); $sq2 = array(); if (Net_CheckIP::check_ip($_POST['c_user'])) { $dr1 = array(); $dr1[2] = $_POST['c_user']; $sq2[] = mysql_query("SELECT `accounts`.`acct`, `accounts`.`login`, `accounts`.`lastip` FROM `accounts` WHERE `accounts`.`lastip` = '{$dr1[2]}'", $login_link); } elseif ($_POST['c_user'] == "/_online") { $acc = array(); $sq1 = NULL; $sq = mysql_query("SELECT `characters`.`acct`, `characters`.`guid`, `characters`.`name` FROM `characters` WHERE `characters`.`online` = 1;", $char_link); while ($dr1 = @mysql_fetch_array($sq)) { $sq2[] = mysql_query("SELECT `accounts`.`acct`, `accounts`.`login`, `accounts`.`lastip` FROM `accounts` WHERE `accounts`.`acct`={$dr1[0]}", $login_link); } } elseif (substr($_POST['c_user'], 0, 1) == "/") { $acc = substr($_POST['c_user'], 1, strlen($_POST['c_user']) - 1); $sq = mysql_query("SELECT `accounts`.`acct`, `accounts`.`login`, `accounts`.`lastip` FROM `accounts` WHERE `accounts`.`login` = '" . mysql_escape_string($acc) . "'", $login_link); if (mysql_num_rows($sq) == 0) { $tpl->setParam('c_msg', "<center>Error:</center><br />" . "account not exist"); mysql_close($login_link); mysql_close($char_link); return; } $dr = mysql_fetch_array($sq); $sq2[] = mysql_query("SELECT `accounts`.`acct`, `accounts`.`login`, `accounts`.`lastip` FROM `accounts` WHERE `accounts`.`lastip` = '{$dr[2]}'", $login_link); } else { $sq = mysql_query("SELECT `characters`.`acct`, `characters`.`guid`, `characters`.`name` FROM `characters` WHERE `characters`.`name` = '{$c_sql_user}'", $char_link); if (mysql_num_rows($sq) == 0) { $tpl->setParam('c_msg', "<center>Error:</center><br />" . "Char not exist"); mysql_close($login_link); return; } elseif (mysql_num_rows($sq) == 1) { $dr = mysql_fetch_array($sq); $sq1 = mysql_query("SELECT `accounts`.`acct`, `accounts`.`login`, `accounts`.`lastip` FROM `accounts` WHERE `accounts`.`acct` = {$dr[0]}", $login_link); $dr1 = mysql_fetch_array($sq1); $sq2[] = mysql_query("SELECT `accounts`.`acct`, `accounts`.`login`, `accounts`.`lastip` FROM `accounts` WHERE `accounts`.`lastip` = '{$dr1[2]}'", $login_link); } elseif (mysql_num_rows($sq) > 1) { while ($dr = @mysql_fetch_array($sq)) { $sq1 = mysql_query("SELECT `accounts`.`acct`, `accounts`.`login`, `accounts`.`lastip` FROM `accounts` WHERE `accounts`.`acct` = {$dr[0]}", $login_link); $dr1 = mysql_fetch_array($sq1); $sq2[] = mysql_query("SELECT `accounts`.`acct`, `accounts`.`login`, `accounts`.`lastip` FROM `accounts` WHERE `accounts`.`lastip` = '{$dr1[2]}'", $login_link); } } } $data = array(); foreach ($sq2 as $sql) { while ($dr2 = @mysql_fetch_array($sql)) { $data["{$dr2['login']} ({$dr2['acct']})"] = array(); $sq3 = mysql_query("SELECT `characters`.`name`, `characters`.`level`, `characters`.`race`, `characters`.`class`, `characters`.`gender`, `characters`.`auras` FROM `characters` WHERE `characters`.`acct` = '{$dr2[0]}' ORDER BY `characters`.`level` DESC", $char_link); while ($dr3 = @mysql_fetch_array($sq3)) { $dr3['isonline'] = $system->is_online($dr3['name']); $data["{$dr2['login']} ({$dr2['acct']})"][] = $dr3; } @mysql_free_result($sq3); } } foreach ($sq2 as $sql) { @mysql_free_result($sql); } @mysql_free_result($sq1); @mysql_free_result($sq); mysql_close($login_link); mysql_close($char_link); if (Net_CheckIP::check_ip($_POST['c_user'])) { $msg = "Done! for ip {$_POST['c_user']}<br/>\n "; } elseif ($_POST['c_user'] == "/_online") { $msg = "Done!<br/>\n"; } elseif (substr($_POST['c_user'], 0, 1) == "/") { $msg = "Done! for ip {$dr[2]} owner (acc {$acc})<br/>\n "; } else { $msg = "Done! for ip {$dr1[2]} owner {$_POST['c_user']} (acc {$dr1[1]})<br/>\n "; } foreach ($data as $acc => $chars) { $msg .= "<hr/><h2>Account: {$acc}</h2>\n"; foreach ($chars as $char) { $msg .= "<img src=\"icon/class/{$char['class']}.gif\" alt=\"{$base_class[$char['class']]}\" /> <img src=\"icon/race/{$char['race']}-{$char['gender']}.gif\" alt=\"{$base_race[$char['race']]}\" /> {$char['name']} ({$char['level']}) "; if ($char['isonline']) { $msg .= "Online"; } else { $msg .= "Offline"; } if (strlen($char['auras']) > 0) { $msg .= "<br/>"; $au = explode(",", $char['auras']); $ii = count($au) - 2; $i = 0; while ($i <= $ii) { switch ($au[$i]) { case 32727: $msg .= "[color=red]ARENA_PREPARATION({$au[$i]})[/color] "; break; case 32725: case 35775: $msg .= "[color=red]ARENA_FLAG_GREEN({$au[$i]})[/color] "; break; case 35774: case 32724: $msg .= "[color=red]ARENA_FLAG_GOLD({$au[$i]})[/color] "; break; default: $msg .= "{$au[$i]} "; } $i = $i + 2; } } $msg .= "<br/><br/>\n"; } } $options =& PEAR::getStaticProperty('HTML_BBCodeParser', '_options'); $options['filters'] = "Basic,Extended,Images,Links,Lists,Email"; unset($options); $tpl->setParam('c_msg', HTML_BBCodeParser::staticQparse($msg)); } else { $tpl->setParam('c_msg', ''); $tpl->setParam('c_user', ''); } }
/** * Sets the IP address for this item. * * Makes sure the $ip passed in is a valid IPv4 or IPv6 address. Uses the * PEAR Net_CheckIP package to validate IPv4 addresses and the Net_IPv6 package * to validate IPv6 addresses. * * @return boolean TRUE on success and pear error on failure. * @access public */ function setIp() { if (isset($_SERVER['REMOTE_ADDR'])) { if (class_exists('Net_CheckIP')) { if (Net_CheckIP::check_ip($_SERVER['REMOTE_ADDR'])) { $this->_ip = $_SERVER['REMOTE_ADDR']; } else { $this->_ip = NULL; $error = 'The remote address provided was not valid in PHPWS_Item::setIp().'; return PEAR::raiseError($error); } } else { $this->_ip = $_SERVER['REMOTE_ADDR']; } } else { $this->_ip = NULL; $error = 'No remote address was available to set the ip in PHPWS_Item::setIp.'; return PEAR::raiseError($error); } }