API
6 years ago
Access
6 years ago
Application
6 years ago
Archive
6 years ago
ArchiveProcessor
6 years ago
Archiver
6 years ago
AssetManager
6 years ago
Auth
6 years ago
Category
6 years ago
CliMulti
6 years ago
Columns
6 years ago
Composer
6 years ago
Concurrency
6 years ago
Config
6 years ago
Container
6 years ago
CronArchive
6 years ago
DataAccess
5 years ago
DataFiles
6 years ago
DataTable
6 years ago
Db
6 years ago
DeviceDetector
5 years ago
Email
6 years ago
Exception
6 years ago
Http
6 years ago
Intl
6 years ago
Mail
6 years ago
Measurable
6 years ago
Menu
6 years ago
Metrics
6 years ago
Notification
6 years ago
Period
6 years ago
Plugin
6 years ago
ProfessionalServices
6 years ago
Report
6 years ago
ReportRenderer
6 years ago
Scheduler
6 years ago
Segment
6 years ago
Session
6 years ago
Settings
6 years ago
Tracker
5 years ago
Translation
6 years ago
UpdateCheck
6 years ago
Updater
6 years ago
Updates
6 years ago
Validators
6 years ago
View
6 years ago
ViewDataTable
6 years ago
Visualization
6 years ago
Widget
6 years ago
.htaccess
6 years ago
Access.php
6 years ago
Archive.php
6 years ago
ArchiveProcessor.php
6 years ago
AssetManager.php
6 years ago
Auth.php
6 years ago
BaseFactory.php
6 years ago
Cache.php
6 years ago
CacheId.php
6 years ago
CliMulti.php
6 years ago
Common.php
6 years ago
Config.php
6 years ago
Console.php
6 years ago
Context.php
6 years ago
Cookie.php
5 years ago
CronArchive.php
5 years ago
DataArray.php
6 years ago
DataTable.php
6 years ago
Date.php
6 years ago
Db.php
6 years ago
DbHelper.php
6 years ago
Development.php
6 years ago
DeviceDetectorFactory.php
6 years ago
ErrorHandler.php
6 years ago
EventDispatcher.php
6 years ago
ExceptionHandler.php
6 years ago
FileIntegrity.php
6 years ago
Filechecks.php
6 years ago
Filesystem.php
6 years ago
FrontController.php
6 years ago
Http.php
6 years ago
IP.php
6 years ago
Log.php
6 years ago
LogDeleter.php
6 years ago
Mail.php
6 years ago
Metrics.php
6 years ago
MetricsFormatter.php
6 years ago
Nonce.php
5 years ago
Notification.php
6 years ago
NumberFormatter.php
6 years ago
Option.php
5 years ago
Period.php
6 years ago
Piwik.php
6 years ago
Plugin.php
6 years ago
Profiler.php
6 years ago
ProxyHeaders.php
6 years ago
ProxyHttp.php
6 years ago
QuickForm2.php
6 years ago
RankingQuery.php
6 years ago
Registry.php
6 years ago
ReportRenderer.php
6 years ago
ScheduledTask.php
6 years ago
Segment.php
6 years ago
Sequence.php
6 years ago
Session.php
6 years ago
SettingsPiwik.php
6 years ago
SettingsServer.php
6 years ago
Singleton.php
6 years ago
Site.php
6 years ago
TCPDF.php
6 years ago
TaskScheduler.php
6 years ago
Theme.php
6 years ago
Timer.php
6 years ago
Tracker.php
6 years ago
Translate.php
6 years ago
Twig.php
6 years ago
Unzip.php
6 years ago
UpdateCheck.php
6 years ago
Updater.php
6 years ago
Updates.php
6 years ago
Url.php
6 years ago
UrlHelper.php
6 years ago
Version.php
5 years ago
View.php
6 years ago
bootstrap.php
6 years ago
dispatch.php
6 years ago
testMinimumPhpVersion.php
6 years ago
IP.php
127 lines
| 1 | <?php |
| 2 | /** |
| 3 | * Piwik - free/libre analytics platform |
| 4 | * |
| 5 | * @link https://matomo.org |
| 6 | * @license http://www.gnu.org/licenses/gpl-3.0.html GPL v3 or later |
| 7 | * |
| 8 | */ |
| 9 | |
| 10 | namespace Piwik; |
| 11 | |
| 12 | use Piwik\Network\IPUtils; |
| 13 | |
| 14 | /** |
| 15 | * Contains IP address helper functions (for both IPv4 and IPv6). |
| 16 | * |
| 17 | * As of Piwik 2.9, most methods in this class are deprecated. You are |
| 18 | * encouraged to use classes from the Piwik "Network" component: |
| 19 | * |
| 20 | * @see \Piwik\Network\IP |
| 21 | * @see \Piwik\Network\IPUtils |
| 22 | * @link https://github.com/piwik/component-network |
| 23 | * |
| 24 | * As of Piwik 1.3, IP addresses are stored in the DB has VARBINARY(16), |
| 25 | * and passed around in network address format which has the advantage of |
| 26 | * being in big-endian byte order. This allows for binary-safe string |
| 27 | * comparison of addresses (of the same length), even on Intel x86. |
| 28 | * |
| 29 | * As a matter of naming convention, we use `$ip` for the network address format |
| 30 | * and `$ipString` for the presentation format (i.e., human-readable form). |
| 31 | * |
| 32 | * We're not using the network address format (in_addr) for socket functions, |
| 33 | * so we don't have to worry about incompatibility with Windows UNICODE |
| 34 | * and inetPtonW(). |
| 35 | * |
| 36 | * @api |
| 37 | */ |
| 38 | class IP |
| 39 | { |
| 40 | /** |
| 41 | * Returns the most accurate IP address available for the current user, in |
| 42 | * IPv4 format. This could be the proxy client's IP address. |
| 43 | * |
| 44 | * @return string IP address in presentation format. |
| 45 | */ |
| 46 | public static function getIpFromHeader() |
| 47 | { |
| 48 | $general = Config::getInstance()->General; |
| 49 | $clientHeaders = @$general['proxy_client_headers']; |
| 50 | if (!is_array($clientHeaders)) { |
| 51 | $clientHeaders = array(); |
| 52 | } |
| 53 | |
| 54 | $default = '0.0.0.0'; |
| 55 | if (isset($_SERVER['REMOTE_ADDR'])) { |
| 56 | $default = $_SERVER['REMOTE_ADDR']; |
| 57 | } |
| 58 | |
| 59 | $ipString = self::getNonProxyIpFromHeader($default, $clientHeaders); |
| 60 | return IPUtils::sanitizeIp($ipString); |
| 61 | } |
| 62 | |
| 63 | /** |
| 64 | * Returns a non-proxy IP address from header. |
| 65 | * |
| 66 | * @param string $default Default value to return if there no matching proxy header. |
| 67 | * @param array $proxyHeaders List of proxy headers. |
| 68 | * @return string |
| 69 | */ |
| 70 | public static function getNonProxyIpFromHeader($default, $proxyHeaders) |
| 71 | { |
| 72 | $proxyIps = array(); |
| 73 | $config = Config::getInstance()->General; |
| 74 | if (isset($config['proxy_ips'])) { |
| 75 | $proxyIps = $config['proxy_ips']; |
| 76 | } |
| 77 | if (!is_array($proxyIps)) { |
| 78 | $proxyIps = array(); |
| 79 | } |
| 80 | |
| 81 | $proxyIps[] = $default; |
| 82 | |
| 83 | // examine proxy headers |
| 84 | foreach ($proxyHeaders as $proxyHeader) { |
| 85 | if (!empty($_SERVER[$proxyHeader])) { |
| 86 | // this may be buggy if someone has proxy IPs and proxy host headers configured as |
| 87 | // `$_SERVER[$proxyHeader]` could be eg $_SERVER['HTTP_X_FORWARDED_HOST'] and |
| 88 | // include an actual host name, not an IP |
| 89 | $proxyIp = self::getFirstIpFromList($_SERVER[$proxyHeader], $proxyIps); |
| 90 | if (strlen($proxyIp) && stripos($proxyIp, 'unknown') === false) { |
| 91 | return $proxyIp; |
| 92 | } |
| 93 | } |
| 94 | } |
| 95 | |
| 96 | return $default; |
| 97 | } |
| 98 | |
| 99 | /** |
| 100 | * Returns the last IP address in a comma separated list, subject to an optional exclusion list. |
| 101 | * |
| 102 | * @param string $csv Comma separated list of elements. |
| 103 | * @param array $excludedIps Optional list of excluded IP addresses (or IP address ranges). |
| 104 | * @return string Last (non-excluded) IP address in the list or an empty string if all given IPs are excluded. |
| 105 | */ |
| 106 | public static function getFirstIpFromList($csv, $excludedIps = null) |
| 107 | { |
| 108 | $p = strrpos($csv, ','); |
| 109 | if ($p !== false) { |
| 110 | $elements = explode(',', $csv); |
| 111 | foreach ($elements as $ipString) { |
| 112 | $element = trim(Common::sanitizeInputValue($ipString)); |
| 113 | if(empty($element)) { |
| 114 | continue; |
| 115 | } |
| 116 | $ip = \Piwik\Network\IP::fromStringIP(IPUtils::sanitizeIp($element)); |
| 117 | if (empty($excludedIps) || (!in_array($element, $excludedIps) && !$ip->isInRanges($excludedIps))) { |
| 118 | return $element; |
| 119 | } |
| 120 | } |
| 121 | |
| 122 | return ''; |
| 123 | } |
| 124 | return trim(Common::sanitizeInputValue($csv)); |
| 125 | } |
| 126 | } |
| 127 |