Skip to content

Commit

Permalink
Fix getIp for X-forwarded-for
Browse files Browse the repository at this point in the history
  • Loading branch information
@dfridrich
dfridrich authored Jul 11, 2021
1 parent 2a9eb98 commit e613d41
Showing 1 changed file with 91 additions and 7 deletions.
98 changes: 91 additions & 7 deletions src/Lib.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,14 +52,98 @@ public static function getInstance()
* Vrati IP adresu.
*
* @return string
* @see https://stackoverflow.com/a/28217316/993470
*/
public static function getIp()
{
if (isset($_SERVER['HTTP_X_FORWARDED_FOR']) && '' !== $_SERVER['HTTP_X_FORWARDED_FOR']) {
return $_SERVER['HTTP_X_FORWARDED_FOR'];
// Check for shared Internet/ISP IP
if (!empty($_SERVER['HTTP_CLIENT_IP']) && self::validateIp($_SERVER['HTTP_CLIENT_IP'])) {
return $_SERVER['HTTP_CLIENT_IP'];
}

return @$_SERVER['REMOTE_ADDR'];
// Check for IP addresses passing through proxies
if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {

// Check if multiple IP addresses exist in var
if (strpos($_SERVER['HTTP_X_FORWARDED_FOR'], ',') !== false) {
$iplist = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']);
foreach ($iplist as $ip) {
if (validate_ip($ip)) {
return $ip;
}
}
} else {
if (validate_ip($_SERVER['HTTP_X_FORWARDED_FOR'])) {
return $_SERVER['HTTP_X_FORWARDED_FOR'];
}
}
}
if (!empty($_SERVER['HTTP_X_FORWARDED']) && self::validateIp($_SERVER['HTTP_X_FORWARDED'])) {
return $_SERVER['HTTP_X_FORWARDED'];
}
if (!empty($_SERVER['HTTP_X_CLUSTER_CLIENT_IP']) && self::validateIp($_SERVER['HTTP_X_CLUSTER_CLIENT_IP'])) {
return $_SERVER['HTTP_X_CLUSTER_CLIENT_IP'];
}
if (!empty($_SERVER['HTTP_FORWARDED_FOR']) && self::validateIp($_SERVER['HTTP_FORWARDED_FOR'])) {
return $_SERVER['HTTP_FORWARDED_FOR'];
}
if (!empty($_SERVER['HTTP_FORWARDED']) && self::validateIp($_SERVER['HTTP_FORWARDED'])) {
return $_SERVER['HTTP_FORWARDED'];
}

// Return unreliable IP address since all else failed
return $_SERVER['REMOTE_ADDR'];
}

/**
* Ensures an IP address is both a valid IP address and does not fall within
* a private network range.
*/
public static function validateIp($ip)
{

if (strtolower($ip) === 'unknown') {
return false;
}

// Generate IPv4 network address
$ip = ip2long($ip);

// If the IP address is set and not equivalent to 255.255.255.255
if ($ip !== false && $ip !== -1) {
// Make sure to get unsigned long representation of IP address
// due to discrepancies between 32 and 64 bit OSes and
// signed numbers (ints default to signed in PHP)
$ip = sprintf('%u', $ip);

// Do private network range checking
if ($ip >= 0 && $ip <= 50331647) {
return false;
}
if ($ip >= 167772160 && $ip <= 184549375) {
return false;
}
if ($ip >= 2130706432 && $ip <= 2147483647) {
return false;
}
if ($ip >= 2851995648 && $ip <= 2852061183) {
return false;
}
if ($ip >= 2886729728 && $ip <= 2887778303) {
return false;
}
if ($ip >= 3221225984 && $ip <= 3221226239) {
return false;
}
if ($ip >= 3232235520 && $ip <= 3232301055) {
return false;
}
if ($ip >= 4294967040) {
return false;
}
}

return true;
}

/**
Expand Down Expand Up @@ -1237,8 +1321,8 @@ public static function parseStringForSearch($string)
}

return $conditions;
}
}

/**
* @param string $input
* @param int $rowLength
Expand All @@ -1249,7 +1333,7 @@ public static function wrapPlainText($input, $rowLength = 50)
$words = explode(' ', $input);
$rows = [];
$row = '';

foreach ($words as $word) {
if (strlen($row . ' ' . $word) > $rowLength) {
$rows[] = trim($row);
Expand All @@ -1258,7 +1342,7 @@ public static function wrapPlainText($input, $rowLength = 50)
$row .= ' ' . $word;
}
$rows[] = trim($row);

return implode("\n", $rows);
}

Expand Down

0 comments on commit e613d41

Please sign in to comment.