Edit File by line

Deprecated: str_replace(): Passing null to parameter #2 ($replace) of type array|string is deprecated in /home/sportsfever/public_html/filemanger/function.php on line 93
/home/sportsfe.../httpdocs/clone/wp-conte.../plugins/wordfenc.../waf
File: wfWAFUserIPRange.php
<?php
[0] Fix | Delete
if (!defined('WFWAF_RUN_COMPLETE')) {
[1] Fix | Delete
[2] Fix | Delete
/**
[3] Fix | Delete
*
[4] Fix | Delete
*/
[5] Fix | Delete
class wfWAFUserIPRange {
[6] Fix | Delete
[7] Fix | Delete
/**
[8] Fix | Delete
* @var string|null
[9] Fix | Delete
*/
[10] Fix | Delete
private $ip_string;
[11] Fix | Delete
[12] Fix | Delete
/**
[13] Fix | Delete
* @param string|null $ip_string
[14] Fix | Delete
*/
[15] Fix | Delete
public function __construct($ip_string = null) {
[16] Fix | Delete
$this->setIPString($ip_string);
[17] Fix | Delete
}
[18] Fix | Delete
[19] Fix | Delete
public function isIPInRange($ip) {
[20] Fix | Delete
$ip_string = $this->getIPString();
[21] Fix | Delete
[22] Fix | Delete
if (strpos($ip_string, '/') !== false) { //CIDR range -- 127.0.0.1/24
[23] Fix | Delete
return wfWAFUtils::subnetContainsIP($ip_string, $ip);
[24] Fix | Delete
}
[25] Fix | Delete
else if (strpos($ip_string, '[') !== false) //Bracketed range -- 127.0.0.[1-100]
[26] Fix | Delete
{
[27] Fix | Delete
// IPv4 range
[28] Fix | Delete
if (strpos($ip_string, '.') !== false && strpos($ip, '.') !== false) {
[29] Fix | Delete
// IPv4-mapped-IPv6
[30] Fix | Delete
if (preg_match('/:ffff:([^:]+)$/i', $ip_string, $matches)) {
[31] Fix | Delete
$ip_string = $matches[1];
[32] Fix | Delete
}
[33] Fix | Delete
if (preg_match('/:ffff:([^:]+)$/i', $ip, $matches)) {
[34] Fix | Delete
$ip = $matches[1];
[35] Fix | Delete
}
[36] Fix | Delete
[37] Fix | Delete
// Range check
[38] Fix | Delete
if (preg_match('/\[\d+\-\d+\]/', $ip_string)) {
[39] Fix | Delete
$IPparts = explode('.', $ip);
[40] Fix | Delete
$whiteParts = explode('.', $ip_string);
[41] Fix | Delete
$mismatch = false;
[42] Fix | Delete
if (count($whiteParts) != 4 || count($IPparts) != 4) {
[43] Fix | Delete
return false;
[44] Fix | Delete
}
[45] Fix | Delete
[46] Fix | Delete
for ($i = 0; $i <= 3; $i++) {
[47] Fix | Delete
if (preg_match('/^\[(\d+)\-(\d+)\]$/', $whiteParts[$i], $m)) {
[48] Fix | Delete
if ($IPparts[$i] < $m[1] || $IPparts[$i] > $m[2]) {
[49] Fix | Delete
$mismatch = true;
[50] Fix | Delete
}
[51] Fix | Delete
}
[52] Fix | Delete
else if ($whiteParts[$i] != $IPparts[$i]) {
[53] Fix | Delete
$mismatch = true;
[54] Fix | Delete
}
[55] Fix | Delete
}
[56] Fix | Delete
if ($mismatch === false) {
[57] Fix | Delete
return true; // Is whitelisted because we did not get a mismatch
[58] Fix | Delete
}
[59] Fix | Delete
}
[60] Fix | Delete
else if ($ip_string == $ip) {
[61] Fix | Delete
return true;
[62] Fix | Delete
}
[63] Fix | Delete
[64] Fix | Delete
// IPv6 range
[65] Fix | Delete
}
[66] Fix | Delete
else if (strpos($ip_string, ':') !== false && strpos($ip, ':') !== false) {
[67] Fix | Delete
$ip = strtolower(wfWAFUtils::expandIPv6Address($ip));
[68] Fix | Delete
$ip_string = strtolower(self::expandIPv6Range($ip_string));
[69] Fix | Delete
if (preg_match('/\[[a-f0-9]+\-[a-f0-9]+\]/i', $ip_string)) {
[70] Fix | Delete
$IPparts = explode(':', $ip);
[71] Fix | Delete
$whiteParts = explode(':', $ip_string);
[72] Fix | Delete
$mismatch = false;
[73] Fix | Delete
if (count($whiteParts) != 8 || count($IPparts) != 8) {
[74] Fix | Delete
return false;
[75] Fix | Delete
}
[76] Fix | Delete
[77] Fix | Delete
for ($i = 0; $i <= 7; $i++) {
[78] Fix | Delete
if (preg_match('/^\[([a-f0-9]+)\-([a-f0-9]+)\]$/i', $whiteParts[$i], $m)) {
[79] Fix | Delete
$ip_group = hexdec($IPparts[$i]);
[80] Fix | Delete
$range_group_from = hexdec($m[1]);
[81] Fix | Delete
$range_group_to = hexdec($m[2]);
[82] Fix | Delete
if ($ip_group < $range_group_from || $ip_group > $range_group_to) {
[83] Fix | Delete
$mismatch = true;
[84] Fix | Delete
break;
[85] Fix | Delete
}
[86] Fix | Delete
}
[87] Fix | Delete
else if ($whiteParts[$i] != $IPparts[$i]) {
[88] Fix | Delete
$mismatch = true;
[89] Fix | Delete
break;
[90] Fix | Delete
}
[91] Fix | Delete
}
[92] Fix | Delete
if ($mismatch === false) {
[93] Fix | Delete
return true; // Is whitelisted because we did not get a mismatch
[94] Fix | Delete
}
[95] Fix | Delete
}
[96] Fix | Delete
else if ($ip_string == $ip) {
[97] Fix | Delete
return true;
[98] Fix | Delete
}
[99] Fix | Delete
}
[100] Fix | Delete
}
[101] Fix | Delete
else if (strpos($ip_string, '-') !== false) { //Linear range -- 127.0.0.1 - 127.0.1.100
[102] Fix | Delete
list($ip1, $ip2) = explode('-', $ip_string);
[103] Fix | Delete
$ip1N = wfWAFUtils::inet_pton($ip1);
[104] Fix | Delete
$ip2N = wfWAFUtils::inet_pton($ip2);
[105] Fix | Delete
$ipN = wfWAFUtils::inet_pton($ip);
[106] Fix | Delete
return (strcmp($ip1N, $ipN) <= 0 && strcmp($ip2N, $ipN) >= 0);
[107] Fix | Delete
}
[108] Fix | Delete
else { //Treat as a literal IP
[109] Fix | Delete
$ip1 = @wfWAFUtils::inet_pton($ip_string);
[110] Fix | Delete
$ip2 = @wfWAFUtils::inet_pton($ip);
[111] Fix | Delete
if ($ip1 !== false && $ip1 == $ip2) {
[112] Fix | Delete
return true;
[113] Fix | Delete
}
[114] Fix | Delete
}
[115] Fix | Delete
[116] Fix | Delete
return false;
[117] Fix | Delete
}
[118] Fix | Delete
[119] Fix | Delete
private static function repeatString($string, $count) {
[120] Fix | Delete
if ($count <= 0)
[121] Fix | Delete
return '';
[122] Fix | Delete
return str_repeat($string, $count);
[123] Fix | Delete
}
[124] Fix | Delete
[125] Fix | Delete
/**
[126] Fix | Delete
* Expand a compressed printable range representation of an IPv6 address.
[127] Fix | Delete
*
[128] Fix | Delete
* @todo Hook up exceptions for better error handling.
[129] Fix | Delete
* @todo Allow IPv4 mapped IPv6 addresses (::ffff:192.168.1.1).
[130] Fix | Delete
* @param string $ip_range
[131] Fix | Delete
* @return string
[132] Fix | Delete
*/
[133] Fix | Delete
public static function expandIPv6Range($ip_range) {
[134] Fix | Delete
$colon_count = substr_count($ip_range, ':');
[135] Fix | Delete
$dbl_colon_count = substr_count($ip_range, '::');
[136] Fix | Delete
if ($dbl_colon_count > 1) {
[137] Fix | Delete
return false;
[138] Fix | Delete
}
[139] Fix | Delete
$dbl_colon_pos = strpos($ip_range, '::');
[140] Fix | Delete
if ($dbl_colon_pos !== false) {
[141] Fix | Delete
$ip_range = str_replace('::', self::repeatString(':0000',
[142] Fix | Delete
(($dbl_colon_pos === 0 || $dbl_colon_pos === strlen($ip_range) - 2) ? 9 : 8) - $colon_count) . ':', $ip_range);
[143] Fix | Delete
$ip_range = trim($ip_range, ':');
[144] Fix | Delete
}
[145] Fix | Delete
$colon_count = substr_count($ip_range, ':');
[146] Fix | Delete
if ($colon_count != 7) {
[147] Fix | Delete
return false;
[148] Fix | Delete
}
[149] Fix | Delete
[150] Fix | Delete
$groups = explode(':', $ip_range);
[151] Fix | Delete
$expanded = '';
[152] Fix | Delete
foreach ($groups as $group) {
[153] Fix | Delete
if (preg_match('/\[([a-f0-9]{1,4})\-([a-f0-9]{1,4})\]/i', $group, $matches)) {
[154] Fix | Delete
$expanded .= sprintf('[%s-%s]', str_pad(strtolower($matches[1]), 4, '0', STR_PAD_LEFT), str_pad(strtolower($matches[2]), 4, '0', STR_PAD_LEFT)) . ':';
[155] Fix | Delete
} else if (preg_match('/[a-f0-9]{1,4}/i', $group)) {
[156] Fix | Delete
$expanded .= str_pad(strtolower($group), 4, '0', STR_PAD_LEFT) . ':';
[157] Fix | Delete
} else {
[158] Fix | Delete
return false;
[159] Fix | Delete
}
[160] Fix | Delete
}
[161] Fix | Delete
return trim($expanded, ':');
[162] Fix | Delete
}
[163] Fix | Delete
[164] Fix | Delete
/**
[165] Fix | Delete
* @return bool
[166] Fix | Delete
*/
[167] Fix | Delete
public function isValidRange() {
[168] Fix | Delete
return $this->isValidCIDRRange() || $this->isValidBracketedRange() || $this->isValidLinearRange() || filter_var($this->getIPString(), FILTER_VALIDATE_IP) !== false;
[169] Fix | Delete
}
[170] Fix | Delete
[171] Fix | Delete
public function isValidCIDRRange() { //e.g., 192.0.2.1/24
[172] Fix | Delete
$ip_string = $this->getIPString();
[173] Fix | Delete
if (preg_match('/[^0-9a-f:\/\.]/i', $ip_string)) { return false; }
[174] Fix | Delete
$components = explode('/', $ip_string);
[175] Fix | Delete
if (count($components) != 2) { return false; }
[176] Fix | Delete
[177] Fix | Delete
list($ip, $prefix) = $components;
[178] Fix | Delete
if (filter_var($ip, FILTER_VALIDATE_IP) === false) { return false; }
[179] Fix | Delete
[180] Fix | Delete
if (!preg_match('/^\d+$/', $prefix)) { return false; }
[181] Fix | Delete
[182] Fix | Delete
if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) {
[183] Fix | Delete
if ($prefix < 0 || $prefix > 32) { return false; }
[184] Fix | Delete
}
[185] Fix | Delete
else {
[186] Fix | Delete
if ($prefix < 1 || $prefix > 128) { return false; }
[187] Fix | Delete
}
[188] Fix | Delete
[189] Fix | Delete
return true;
[190] Fix | Delete
}
[191] Fix | Delete
[192] Fix | Delete
public function isValidBracketedRange() { //e.g., 192.0.2.[1-10]
[193] Fix | Delete
$ip_string = $this->getIPString();
[194] Fix | Delete
if (preg_match('/[^0-9a-f:\.\[\]\-]/i', $ip_string)) { return false; }
[195] Fix | Delete
if (strpos($ip_string, '.') !== false) { //IPv4
[196] Fix | Delete
if (preg_match_all('/(\d+)/', $ip_string, $matches) > 0) {
[197] Fix | Delete
foreach ($matches[1] as $match) {
[198] Fix | Delete
$group = (int) $match;
[199] Fix | Delete
if ($group > 255 || $group < 0) {
[200] Fix | Delete
return false;
[201] Fix | Delete
}
[202] Fix | Delete
}
[203] Fix | Delete
}
[204] Fix | Delete
[205] Fix | Delete
$group_regex = '([0-9]{1,3}|\[[0-9]{1,3}\-[0-9]{1,3}\])';
[206] Fix | Delete
return preg_match('/^' . str_repeat("{$group_regex}\\.", 3) . $group_regex . '$/i', $ip_string) > 0;
[207] Fix | Delete
}
[208] Fix | Delete
[209] Fix | Delete
//IPv6
[210] Fix | Delete
if (strpos($ip_string, '::') !== false) {
[211] Fix | Delete
$ip_string = self::expandIPv6Range($ip_string);
[212] Fix | Delete
}
[213] Fix | Delete
if (!$ip_string) {
[214] Fix | Delete
return false;
[215] Fix | Delete
}
[216] Fix | Delete
$group_regex = '([a-f0-9]{1,4}|\[[a-f0-9]{1,4}\-[a-f0-9]{1,4}\])';
[217] Fix | Delete
return preg_match('/^' . str_repeat("$group_regex:", 7) . $group_regex . '$/i', $ip_string) > 0;
[218] Fix | Delete
}
[219] Fix | Delete
[220] Fix | Delete
public function isValidLinearRange() { //e.g., 192.0.2.1-192.0.2.100
[221] Fix | Delete
$ip_string = $this->getIPString();
[222] Fix | Delete
if (preg_match('/[^0-9a-f:\.\-]/i', $ip_string)) { return false; }
[223] Fix | Delete
list($ip1, $ip2) = explode("-", $ip_string);
[224] Fix | Delete
$ip1N = @wfWAFUtils::inet_pton($ip1);
[225] Fix | Delete
$ip2N = @wfWAFUtils::inet_pton($ip2);
[226] Fix | Delete
[227] Fix | Delete
if ($ip1N === false || filter_var($ip1, FILTER_VALIDATE_IP) === false || $ip2N === false || filter_var($ip2, FILTER_VALIDATE_IP) === false) {
[228] Fix | Delete
return false;
[229] Fix | Delete
}
[230] Fix | Delete
[231] Fix | Delete
return strcmp($ip1N, $ip2N) <= 0;
[232] Fix | Delete
}
[233] Fix | Delete
[234] Fix | Delete
protected function _sanitizeIPRange($ip_string) {
[235] Fix | Delete
$ip_string = preg_replace('/\s/', '', $ip_string); //Strip whitespace
[236] Fix | Delete
$ip_string = preg_replace('/[\\x{2013}-\\x{2015}]/u', '-', $ip_string); //Non-hyphen dashes to hyphen
[237] Fix | Delete
$ip_string = strtolower($ip_string);
[238] Fix | Delete
[239] Fix | Delete
if (preg_match('/^\d+-\d+$/', $ip_string)) { //v5 32 bit int style format
[240] Fix | Delete
list($start, $end) = explode('-', $ip_string);
[241] Fix | Delete
$start = long2ip($start);
[242] Fix | Delete
$end = long2ip($end);
[243] Fix | Delete
$ip_string = "{$start}-{$end}";
[244] Fix | Delete
}
[245] Fix | Delete
[246] Fix | Delete
return $ip_string;
[247] Fix | Delete
}
[248] Fix | Delete
[249] Fix | Delete
[250] Fix | Delete
/**
[251] Fix | Delete
* @return string|null
[252] Fix | Delete
*/
[253] Fix | Delete
public function getIPString() {
[254] Fix | Delete
return $this->ip_string;
[255] Fix | Delete
}
[256] Fix | Delete
[257] Fix | Delete
/**
[258] Fix | Delete
* @param string|null $ip_string
[259] Fix | Delete
*/
[260] Fix | Delete
public function setIPString($ip_string) {
[261] Fix | Delete
$this->ip_string = $this->_sanitizeIPRange($ip_string);
[262] Fix | Delete
}
[263] Fix | Delete
}
[264] Fix | Delete
}
[265] Fix | Delete
It is recommended that you Edit text format, this type of Fix handles quite a lot in one request
Function