Business
/
NickelBox
Watch 1
Star 0
Fork 0
Code Issues 7 Pull Requests 0 Releases 0 Wiki Activity
An easy point of sale system with automatic inventory tracking. https://netsyms.biz/apps/nickelbox/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
181 Commits
1 Branch
Tree: d8613f0baa
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'd8613f0baa'
${ noResults }
NickelBox/lib/IPUtils.lib.php

IPUtils.lib.php 4.4KB
Raw Normal View History

Rewrite to use classes, aligning with AccountHub 2.0
1 year ago
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135 
  1. <?php

  2. 

  3. /* This Source Code Form is subject to the terms of the Mozilla Public

  4.  * License, v. 2.0. If a copy of the MPL was not distributed with this

  5.  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

  6. 

  7. class IPUtils {

  8. 

  9.     /**

  10.      * Check if a given ipv4 address is in a given cidr

  11.      * @param  string $ip    IP to check in IPV4 format eg. 127.0.0.1

  12.      * @param  string $range IP/CIDR netmask eg. 127.0.0.0/24, also 127.0.0.1 is accepted and /32 assumed

  13.      * @return boolean true if the ip is in this range / false if not.

  14.      * @author Thorsten Ott <https://gist.github.com/tott/7684443>

  15.      */

  16.     public static function ip4_in_cidr($ip, $cidr) {

  17.         if (strpos($cidr, '/') == false) {

  18.             $cidr .= '/32';

  19.         }

  20.         // $range is in IP/CIDR format eg 127.0.0.1/24

  21.         list( $cidr, $netmask ) = explode('/', $cidr, 2);

  22.         $range_decimal = ip2long($cidr);

  23.         $ip_decimal = ip2long($ip);

  24.         $wildcard_decimal = pow(2, ( 32 - $netmask)) - 1;

  25.         $netmask_decimal = ~ $wildcard_decimal;

  26.         return ( ( $ip_decimal & $netmask_decimal ) == ( $range_decimal & $netmask_decimal ) );

  27.     }

  28. 

  29.     /**

  30.      * Check if a given ipv6 address is in a given cidr

  31.      * @param string $ip IP to check in IPV6 format

  32.      * @param string $cidr CIDR netmask

  33.      * @return boolean true if the IP is in this range, false otherwise.

  34.      * @author MW. <https://stackoverflow.com/a/7952169>

  35.      */

  36.     public static function ip6_in_cidr($ip, $cidr) {

  37.         $address = inet_pton($ip);

  38.         $subnetAddress = inet_pton(explode("/", $cidr)[0]);

  39.         $subnetMask = explode("/", $cidr)[1];

  40. 

  41.         $addr = str_repeat("f", $subnetMask / 4);

  42.         switch ($subnetMask % 4) {

  43.             case 0:

  44.                 break;

  45.             case 1:

  46.                 $addr .= "8";

  47.                 break;

  48.             case 2:

  49.                 $addr .= "c";

  50.                 break;

  51.             case 3:

  52.                 $addr .= "e";

  53.                 break;

  54.         }

  55.         $addr = str_pad($addr, 32, '0');

  56.         $addr = pack("H*", $addr);

  57. 

  58.         $binMask = $addr;

  59.         return ($address & $binMask) == $subnetAddress;

  60.     }

  61. 

  62.     /**

  63.      * Check if the REMOTE_ADDR is on Cloudflare's network.

  64.      * @return boolean true if it is, otherwise false

  65.      */

  66.     public static function validateCloudflare() {

  67.         if (filter_var($_SERVER["REMOTE_ADDR"], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {

  68.             // Using IPv6

  69.             $cloudflare_ips_v6 = [

  70.                 "2400:cb00::/32",

  71.                 "2405:8100::/32",

  72.                 "2405:b500::/32",

  73.                 "2606:4700::/32",

  74.                 "2803:f800::/32",

  75.                 "2c0f:f248::/32",

  76.                 "2a06:98c0::/29"

  77.             ];

  78.             $valid = false;

  79.             foreach ($cloudflare_ips_v6 as $cidr) {

  80.                 if (ip6_in_cidr($_SERVER["REMOTE_ADDR"], $cidr)) {

  81.                     $valid = true;

  82.                     break;

  83.                 }

  84.             }

  85.         } else {

  86.             // Using IPv4

  87.             $cloudflare_ips_v4 = [

  88.                 "103.21.244.0/22",

  89.                 "103.22.200.0/22",

  90.                 "103.31.4.0/22",

  91.                 "104.16.0.0/12",

  92.                 "108.162.192.0/18",

  93.                 "131.0.72.0/22",

  94.                 "141.101.64.0/18",

  95.                 "162.158.0.0/15",

  96.                 "172.64.0.0/13",

  97.                 "173.245.48.0/20",

  98.                 "188.114.96.0/20",

  99.                 "190.93.240.0/20",

  100.                 "197.234.240.0/22",

  101.                 "198.41.128.0/17"

  102.             ];

  103.             $valid = false;

  104.             foreach ($cloudflare_ips_v4 as $cidr) {

  105.                 if (ip4_in_cidr($_SERVER["REMOTE_ADDR"], $cidr)) {

  106.                     $valid = true;

  107.                     break;

  108.                 }

  109.             }

  110.         }

  111.         return $valid;

  112.     }

  113. 

  114.     /**

  115.      * Makes a good guess at the client's real IP address.

  116.      *

  117.      * @return string Client IP or `0.0.0.0` if we can't find anything

  118.      */

  119.     public static function getClientIP() {

  120.         // If CloudFlare is in the mix, we should use it.

  121.         // Check if the request is actually from CloudFlare before trusting it.

  122.         if (isset($_SERVER["HTTP_CF_CONNECTING_IP"])) {

  123.             if (validateCloudflare()) {

  124.                 return $_SERVER["HTTP_CF_CONNECTING_IP"];

  125.             }

  126.         }

  127. 

  128.         if (isset($_SERVER["REMOTE_ADDR"])) {

  129.             return $_SERVER["REMOTE_ADDR"];

  130.         }

  131. 

  132.         return "0.0.0.0"; // This will not happen unless we aren't a web server

  133.     }

  134. 

  135. }