zhengxifeng
/
zc10000
Прати 1
Волим 0
Креирај огранак 0
Код Дискусије 0 Захтеви за спајање 0 Издања 0 Вики Activity
Нема описа
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1 Commit
4 Гране
Грана: develop
Гране Ознаке
${ item.name }
Create branch ${ searchTerm }
from 'develop'
${ noResults }
zc10000/vendor/symfony/http-foundation/IpUtils.php

IpUtils.php 6.6KB
Пермалинк Историја Датотека

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216 
  1. <?php

  2. 

  3. /*

  4.  * This file is part of the Symfony package.

  5.  *

  6.  * (c) Fabien Potencier <fabien@symfony.com>

  7.  *

  8.  * For the full copyright and license information, please view the LICENSE

  9.  * file that was distributed with this source code.

  10.  */

  11. 

  12. namespace Symfony\Component\HttpFoundation;

  13. 

  14. /**

  15.  * Http utility functions.

  16.  *

  17.  * @author Fabien Potencier <fabien@symfony.com>

  18.  */

  19. class IpUtils

  20. {

  21.     private static $checkedIps = [];

  22. 

  23.     /**

  24.      * This class should not be instantiated.

  25.      */

  26.     private function __construct()

  27.     {

  28.     }

  29. 

  30.     /**

  31.      * Checks if an IPv4 or IPv6 address is contained in the list of given IPs or subnets.

  32.      *

  33.      * @param string|array $ips List of IPs or subnets (can be a string if only a single one)

  34.      *

  35.      * @return bool

  36.      */

  37.     public static function checkIp(?string $requestIp, $ips)

  38.     {

  39.         if (null === $requestIp) {

  40.             trigger_deprecation('symfony/http-foundation', '5.4', 'Passing null as $requestIp to "%s()" is deprecated, pass an empty string instead.', __METHOD__);

  41. 

  42.             return false;

  43.         }

  44. 

  45.         if (!\is_array($ips)) {

  46.             $ips = [$ips];

  47.         }

  48. 

  49.         $method = substr_count($requestIp, ':') > 1 ? 'checkIp6' : 'checkIp4';

  50. 

  51.         foreach ($ips as $ip) {

  52.             if (self::$method($requestIp, $ip)) {

  53.                 return true;

  54.             }

  55.         }

  56. 

  57.         return false;

  58.     }

  59. 

  60.     /**

  61.      * Compares two IPv4 addresses.

  62.      * In case a subnet is given, it checks if it contains the request IP.

  63.      *

  64.      * @param string $ip IPv4 address or subnet in CIDR notation

  65.      *

  66.      * @return bool Whether the request IP matches the IP, or whether the request IP is within the CIDR subnet

  67.      */

  68.     public static function checkIp4(?string $requestIp, string $ip)

  69.     {

  70.         if (null === $requestIp) {

  71.             trigger_deprecation('symfony/http-foundation', '5.4', 'Passing null as $requestIp to "%s()" is deprecated, pass an empty string instead.', __METHOD__);

  72. 

  73.             return false;

  74.         }

  75. 

  76.         $cacheKey = $requestIp.'-'.$ip.'-v4';

  77.         if (isset(self::$checkedIps[$cacheKey])) {

  78.             return self::$checkedIps[$cacheKey];

  79.         }

  80. 

  81.         if (!filter_var($requestIp, \FILTER_VALIDATE_IP, \FILTER_FLAG_IPV4)) {

  82.             return self::$checkedIps[$cacheKey] = false;

  83.         }

  84. 

  85.         if (str_contains($ip, '/')) {

  86.             [$address, $netmask] = explode('/', $ip, 2);

  87. 

  88.             if ('0' === $netmask) {

  89.                 return self::$checkedIps[$cacheKey] = false !== filter_var($address, \FILTER_VALIDATE_IP, \FILTER_FLAG_IPV4);

  90.             }

  91. 

  92.             if ($netmask < 0 || $netmask > 32) {

  93.                 return self::$checkedIps[$cacheKey] = false;

  94.             }

  95.         } else {

  96.             $address = $ip;

  97.             $netmask = 32;

  98.         }

  99. 

  100.         if (false === ip2long($address)) {

  101.             return self::$checkedIps[$cacheKey] = false;

  102.         }

  103. 

  104.         return self::$checkedIps[$cacheKey] = 0 === substr_compare(sprintf('%032b', ip2long($requestIp)), sprintf('%032b', ip2long($address)), 0, $netmask);

  105.     }

  106. 

  107.     /**

  108.      * Compares two IPv6 addresses.

  109.      * In case a subnet is given, it checks if it contains the request IP.

  110.      *

  111.      * @author David Soria Parra <dsp at php dot net>

  112.      *

  113.      * @see https://github.com/dsp/v6tools

  114.      *

  115.      * @param string $ip IPv6 address or subnet in CIDR notation

  116.      *

  117.      * @return bool

  118.      *

  119.      * @throws \RuntimeException When IPV6 support is not enabled

  120.      */

  121.     public static function checkIp6(?string $requestIp, string $ip)

  122.     {

  123.         if (null === $requestIp) {

  124.             trigger_deprecation('symfony/http-foundation', '5.4', 'Passing null as $requestIp to "%s()" is deprecated, pass an empty string instead.', __METHOD__);

  125. 

  126.             return false;

  127.         }

  128. 

  129.         $cacheKey = $requestIp.'-'.$ip.'-v6';

  130.         if (isset(self::$checkedIps[$cacheKey])) {

  131.             return self::$checkedIps[$cacheKey];

  132.         }

  133. 

  134.         if (!((\extension_loaded('sockets') && \defined('AF_INET6')) || @inet_pton('::1'))) {

  135.             throw new \RuntimeException('Unable to check Ipv6. Check that PHP was not compiled with option "disable-ipv6".');

  136.         }

  137. 

  138.         // Check to see if we were given a IP4 $requestIp or $ip by mistake

  139.         if (!filter_var($requestIp, \FILTER_VALIDATE_IP, \FILTER_FLAG_IPV6)) {

  140.             return self::$checkedIps[$cacheKey] = false;

  141.         }

  142. 

  143.         if (str_contains($ip, '/')) {

  144.             [$address, $netmask] = explode('/', $ip, 2);

  145. 

  146.             if (!filter_var($address, \FILTER_VALIDATE_IP, \FILTER_FLAG_IPV6)) {

  147.                 return self::$checkedIps[$cacheKey] = false;

  148.             }

  149. 

  150.             if ('0' === $netmask) {

  151.                 return (bool) unpack('n*', @inet_pton($address));

  152.             }

  153. 

  154.             if ($netmask < 1 || $netmask > 128) {

  155.                 return self::$checkedIps[$cacheKey] = false;

  156.             }

  157.         } else {

  158.             if (!filter_var($ip, \FILTER_VALIDATE_IP, \FILTER_FLAG_IPV6)) {

  159.                 return self::$checkedIps[$cacheKey] = false;

  160.             }

  161. 

  162.             $address = $ip;

  163.             $netmask = 128;

  164.         }

  165. 

  166.         $bytesAddr = unpack('n*', @inet_pton($address));

  167.         $bytesTest = unpack('n*', @inet_pton($requestIp));

  168. 

  169.         if (!$bytesAddr || !$bytesTest) {

  170.             return self::$checkedIps[$cacheKey] = false;

  171.         }

  172. 

  173.         for ($i = 1, $ceil = ceil($netmask / 16); $i <= $ceil; ++$i) {

  174.             $left = $netmask - 16 * ($i - 1);

  175.             $left = ($left <= 16) ? $left : 16;

  176.             $mask = ~(0xFFFF >> $left) & 0xFFFF;

  177.             if (($bytesAddr[$i] & $mask) != ($bytesTest[$i] & $mask)) {

  178.                 return self::$checkedIps[$cacheKey] = false;

  179.             }

  180.         }

  181. 

  182.         return self::$checkedIps[$cacheKey] = true;

  183.     }

  184. 

  185.     /**

  186.      * Anonymizes an IP/IPv6.

  187.      *

  188.      * Removes the last byte for v4 and the last 8 bytes for v6 IPs

  189.      */

  190.     public static function anonymize(string $ip): string

  191.     {

  192.         $wrappedIPv6 = false;

  193.         if ('[' === substr($ip, 0, 1) && ']' === substr($ip, -1, 1)) {

  194.             $wrappedIPv6 = true;

  195.             $ip = substr($ip, 1, -1);

  196.         }

  197. 

  198.         $packedAddress = inet_pton($ip);

  199.         if (4 === \strlen($packedAddress)) {

  200.             $mask = '255.255.255.0';

  201.         } elseif ($ip === inet_ntop($packedAddress & inet_pton('::ffff:ffff:ffff'))) {

  202.             $mask = '::ffff:ffff:ff00';

  203.         } elseif ($ip === inet_ntop($packedAddress & inet_pton('::ffff:ffff'))) {

  204.             $mask = '::ffff:ff00';

  205.         } else {

  206.             $mask = 'ffff:ffff:ffff:ffff:0000:0000:0000:0000';

  207.         }

  208.         $ip = inet_ntop($packedAddress & inet_pton($mask));

  209. 

  210.         if ($wrappedIPv6) {

  211.             $ip = '['.$ip.']';

  212.         }

  213. 

  214.         return $ip;

  215.     }

  216. }