API
1 month ago
Access
3 months ago
Application
1 month ago
Archive
1 month ago
ArchiveProcessor
1 month ago
Archiver
2 years ago
AssetManager
1 month ago
Auth
6 months ago
Category
6 months ago
Changes
1 month ago
CliMulti
1 year ago
Columns
1 month ago
Concurrency
1 month ago
Config
1 month ago
Container
1 month ago
CronArchive
3 months ago
DataAccess
1 month ago
DataFiles
2 years ago
DataTable
2 weeks ago
Db
2 weeks ago
DeviceDetector
1 year ago
Email
2 years ago
Exception
4 months ago
Http
4 months ago
Intl
3 months ago
Log
2 years ago
Mail
1 year ago
Measurable
6 months ago
Menu
1 month ago
Metrics
3 months ago
Notification
6 months ago
Period
1 month ago
Plugin
2 weeks ago
Policy
1 month ago
ProfessionalServices
1 year ago
Report
1 year ago
ReportRenderer
3 months ago
Request
3 months ago
Scheduler
1 month ago
Segment
1 month ago
Session
2 weeks ago
Settings
1 month ago
Tracker
2 weeks ago
Translation
1 month ago
Twig
1 year ago
UpdateCheck
3 months ago
Updater
1 month ago
Updates
3 days ago
Validators
1 year ago
View
1 month ago
ViewDataTable
2 weeks ago
Visualization
1 year ago
Widget
1 month ago
.htaccess
2 years ago
Access.php
1 month ago
Archive.php
1 month ago
ArchiveProcessor.php
1 month ago
AssetManager.php
1 month ago
Auth.php
6 months ago
AuthResult.php
6 months ago
BaseFactory.php
2 years ago
Cache.php
2 years ago
CacheId.php
4 months ago
CliMulti.php
1 month ago
Common.php
2 weeks ago
Config.php
1 month ago
Console.php
3 months ago
Context.php
2 years ago
Cookie.php
1 year ago
CronArchive.php
1 month ago
DI.php
3 months ago
DataArray.php
1 month ago
DataTable.php
1 month ago
Date.php
1 month ago
Db.php
1 month ago
DbHelper.php
1 month ago
Development.php
1 year ago
ErrorHandler.php
6 months ago
EventDispatcher.php
1 month ago
ExceptionHandler.php
4 months ago
FileIntegrity.php
1 month ago
Filechecks.php
1 year ago
Filesystem.php
1 month ago
FrontController.php
4 months ago
Http.php
1 month ago
IP.php
1 year ago
Log.php
3 months ago
LogDeleter.php
1 year ago
Mail.php
1 year ago
Metrics.php
1 month ago
NoAccessException.php
2 years ago
Nonce.php
6 months ago
Notification.php
1 month ago
NumberFormatter.php
5 months ago
Option.php
5 months ago
Period.php
1 month ago
Piwik.php
1 month ago
Plugin.php
1 month ago
Process.php
1 month ago
Profiler.php
6 months ago
ProxyHeaders.php
4 months ago
ProxyHttp.php
5 months ago
QuickForm2.php
3 months ago
RankingQuery.php
1 month ago
ReportRenderer.php
1 month ago
Request.php
1 month ago
Segment.php
1 month ago
Sequence.php
6 months ago
Session.php
2 weeks ago
SettingsPiwik.php
1 month ago
SettingsServer.php
1 year ago
Singleton.php
2 years ago
Site.php
1 month ago
SiteContentDetector.php
1 month ago
SupportedBrowser.php
2 years ago
TCPDF.php
1 year ago
Theme.php
1 year ago
Timer.php
1 month ago
Tracker.php
1 month ago
Twig.php
1 month ago
Unzip.php
1 year ago
UpdateCheck.php
1 month ago
Updater.php
1 month ago
UpdaterErrorException.php
2 years ago
Updates.php
3 months ago
Url.php
3 months ago
UrlHelper.php
1 month ago
Version.php
3 days ago
View.php
1 month ago
bootstrap.php
1 year ago
dispatch.php
2 years ago
testMinimumPhpVersion.php
6 months ago
IP.php
139 lines
| 1 | <?php |
| 2 | |
| 3 | /** |
| 4 | * Matomo - free/libre analytics platform |
| 5 | * |
| 6 | * @link https://matomo.org |
| 7 | * @license https://www.gnu.org/licenses/gpl-3.0.html GPL v3 or later |
| 8 | */ |
| 9 | namespace Piwik; |
| 10 | |
| 11 | use Matomo\Network\IPUtils; |
| 12 | /** |
| 13 | * Contains IP address helper functions (for both IPv4 and IPv6). |
| 14 | * |
| 15 | * As of Piwik 2.9, most methods in this class are deprecated. You are |
| 16 | * encouraged to use classes from the Piwik "Network" component: |
| 17 | * |
| 18 | * @see \Matomo\Network\IP |
| 19 | * @see \Matomo\Network\IPUtils |
| 20 | * @link https://github.com/matomo-org/component-network |
| 21 | * |
| 22 | * As of Piwik 1.3, IP addresses are stored in the DB has VARBINARY(16), |
| 23 | * and passed around in network address format which has the advantage of |
| 24 | * being in big-endian byte order. This allows for binary-safe string |
| 25 | * comparison of addresses (of the same length), even on Intel x86. |
| 26 | * |
| 27 | * As a matter of naming convention, we use `$ip` for the network address format |
| 28 | * and `$ipString` for the presentation format (i.e., human-readable form). |
| 29 | * |
| 30 | * We're not using the network address format (in_addr) for socket functions, |
| 31 | * so we don't have to worry about incompatibility with Windows UNICODE |
| 32 | * and inetPtonW(). |
| 33 | * |
| 34 | * @api |
| 35 | */ |
| 36 | class IP |
| 37 | { |
| 38 | /** |
| 39 | * Returns the most accurate IP address available for the current user, in |
| 40 | * IPv4 format. This could be the proxy client's IP address. |
| 41 | * |
| 42 | * @return string IP address in presentation format. |
| 43 | */ |
| 44 | public static function getIpFromHeader() |
| 45 | { |
| 46 | $general = \Piwik\Config::getInstance()->General; |
| 47 | $clientHeaders = @$general['proxy_client_headers']; |
| 48 | if (!is_array($clientHeaders)) { |
| 49 | $clientHeaders = array(); |
| 50 | } |
| 51 | $default = '0.0.0.0'; |
| 52 | if (isset($_SERVER['REMOTE_ADDR'])) { |
| 53 | $default = $_SERVER['REMOTE_ADDR']; |
| 54 | } |
| 55 | $ipString = self::getNonProxyIpFromHeader($default, $clientHeaders); |
| 56 | return IPUtils::sanitizeIp($ipString); |
| 57 | } |
| 58 | /** |
| 59 | * Returns a non-proxy IP address from header. |
| 60 | * |
| 61 | * @param string $default Default value to return if there no matching proxy header. |
| 62 | * @param array $proxyHeaders List of proxy headers. |
| 63 | * @return string |
| 64 | */ |
| 65 | public static function getNonProxyIpFromHeader($default, $proxyHeaders) |
| 66 | { |
| 67 | $proxyIps = array(); |
| 68 | $config = \Piwik\Config::getInstance()->General; |
| 69 | if (isset($config['proxy_ips'])) { |
| 70 | $proxyIps = $config['proxy_ips']; |
| 71 | } |
| 72 | if (!is_array($proxyIps)) { |
| 73 | $proxyIps = array(); |
| 74 | } |
| 75 | $shouldReadLastProxyIp = \Piwik\Config::getInstance()->General['proxy_ip_read_last_in_list'] == 1; |
| 76 | if (!$shouldReadLastProxyIp) { |
| 77 | $proxyIps[] = $default; |
| 78 | } |
| 79 | // examine proxy headers |
| 80 | foreach ($proxyHeaders as $proxyHeader) { |
| 81 | if (!empty($_SERVER[$proxyHeader])) { |
| 82 | // this may be buggy if someone has proxy IPs and proxy host headers configured as |
| 83 | // `$_SERVER[$proxyHeader]` could be eg $_SERVER['HTTP_X_FORWARDED_HOST'] and |
| 84 | // include an actual host name, not an IP |
| 85 | if ($shouldReadLastProxyIp) { |
| 86 | $proxyIp = self::getLastIpFromList($_SERVER[$proxyHeader], $proxyIps); |
| 87 | } else { |
| 88 | $proxyIp = self::getFirstIpFromList($_SERVER[$proxyHeader], $proxyIps); |
| 89 | } |
| 90 | if (strlen($proxyIp) && stripos($proxyIp, 'unknown') === \false) { |
| 91 | return $proxyIp; |
| 92 | } |
| 93 | } |
| 94 | } |
| 95 | return $default; |
| 96 | } |
| 97 | /** |
| 98 | * Returns the last IP address in a comma separated list, subject to an optional exclusion list. |
| 99 | * |
| 100 | * @param string $csv Comma separated list of elements. |
| 101 | * @param array $excludedIps Optional list of excluded IP addresses (or IP address ranges). |
| 102 | * @return string Last (non-excluded) IP address in the list or an empty string if all given IPs are excluded. |
| 103 | */ |
| 104 | public static function getFirstIpFromList($csv, $excludedIps = null) |
| 105 | { |
| 106 | $p = strrpos($csv, ','); |
| 107 | if ($p !== \false) { |
| 108 | $elements = self::getIpsFromList($csv, $excludedIps); |
| 109 | return reset($elements) ?: ''; |
| 110 | } |
| 111 | return trim(\Piwik\Common::sanitizeInputValue($csv)); |
| 112 | } |
| 113 | public static function getLastIpFromList($csv, $excludedIps = null) |
| 114 | { |
| 115 | $p = strrpos($csv, ','); |
| 116 | if ($p !== \false) { |
| 117 | $elements = self::getIpsFromList($csv, $excludedIps); |
| 118 | return end($elements) ?: ''; |
| 119 | } |
| 120 | return trim(\Piwik\Common::sanitizeInputValue($csv)); |
| 121 | } |
| 122 | private static function getIpsFromList(string $csv, ?array $excludedIps) |
| 123 | { |
| 124 | $result = []; |
| 125 | $elements = explode(',', $csv); |
| 126 | foreach ($elements as $ipString) { |
| 127 | $element = trim(\Piwik\Common::sanitizeInputValue($ipString)); |
| 128 | if (empty($element)) { |
| 129 | continue; |
| 130 | } |
| 131 | $ip = \Matomo\Network\IP::fromStringIP(IPUtils::sanitizeIp($element)); |
| 132 | if (empty($excludedIps) || !in_array($element, $excludedIps) && !$ip->isInRanges($excludedIps)) { |
| 133 | $result[] = $element; |
| 134 | } |
| 135 | } |
| 136 | return $result; |
| 137 | } |
| 138 | } |
| 139 |