|
1
|
|
|
<?php |
|
2
|
|
|
/** |
|
3
|
|
|
* |
|
4
|
|
|
* NOTICE OF LICENSE |
|
5
|
|
|
* |
|
6
|
|
|
* This source file is subject to the GNU General Public License (GPL 3) |
|
7
|
|
|
* that is bundled with this package in the file LICENSE.txt |
|
8
|
|
|
* |
|
9
|
|
|
* DISCLAIMER |
|
10
|
|
|
* |
|
11
|
|
|
* Do not edit or add to this file if you wish to upgrade Payone to newer |
|
12
|
|
|
* versions in the future. If you wish to customize Payone for your |
|
13
|
|
|
* needs please refer to http://www.payone.de for more information. |
|
14
|
|
|
* |
|
15
|
|
|
* @category Payone |
|
16
|
|
|
* @package Payone_SessionStatus |
|
17
|
|
|
* @subpackage Validator |
|
18
|
|
|
* @copyright Copyright (c) 2012 <[email protected]> - www.noovias.com |
|
19
|
|
|
* @author Matthias Walter <[email protected]> |
|
20
|
|
|
* @license <http://www.gnu.org/licenses/> GNU General Public License (GPL 3) |
|
21
|
|
|
* @link http://www.noovias.com |
|
22
|
|
|
*/ |
|
23
|
|
|
|
|
24
|
|
|
/** |
|
25
|
|
|
* |
|
26
|
|
|
* @category Payone |
|
27
|
|
|
* @package Payone_SessionStatus |
|
28
|
|
|
* @subpackage Validator |
|
29
|
|
|
* @copyright Copyright (c) 2012 <[email protected]> - www.noovias.com |
|
30
|
|
|
* @license <http://www.gnu.org/licenses/> GNU General Public License (GPL 3) |
|
31
|
|
|
* @link http://www.noovias.com |
|
32
|
|
|
*/ |
|
33
|
|
View Code Duplication |
class Payone_SessionStatus_Validator_Ip |
|
|
|
|
|
|
34
|
|
|
extends Payone_SessionStatus_Validator_Abstract |
|
35
|
|
|
{ |
|
36
|
|
|
/** @var array */ |
|
37
|
|
|
protected $validIps = array(); |
|
38
|
|
|
|
|
39
|
|
|
/** @var Payone_SessionStatus_Config */ |
|
40
|
|
|
protected $config = null; |
|
41
|
|
|
|
|
42
|
|
|
/** |
|
43
|
|
|
* @param Payone_SessionStatus_Request_Interface $request |
|
44
|
|
|
* @throws Payone_SessionStatus_Exception_Validation |
|
45
|
|
|
* @return bool |
|
46
|
|
|
*/ |
|
47
|
|
|
public function validateRequest(Payone_SessionStatus_Request_Interface $request) |
|
48
|
|
|
{ |
|
49
|
|
|
$remoteAddress = $this->getRemoteAddress(); |
|
50
|
|
|
$validIps = $this->getValidIps(); |
|
51
|
|
|
|
|
52
|
|
|
if (in_array($remoteAddress, $validIps)) { |
|
53
|
|
|
// this is for exact matches |
|
54
|
|
|
return true; |
|
55
|
|
|
} |
|
56
|
|
|
|
|
57
|
|
|
foreach ($validIps as $ip) { |
|
58
|
|
|
$ip = $this->checkForDelimiter($ip); |
|
59
|
|
|
if (preg_match($ip, $remoteAddress)) { |
|
60
|
|
|
return true; |
|
61
|
|
|
} |
|
62
|
|
|
} |
|
63
|
|
|
|
|
64
|
|
|
throw new Payone_SessionStatus_Exception_Validation(); |
|
65
|
|
|
} |
|
66
|
|
|
|
|
67
|
|
|
/** |
|
68
|
|
|
* Check if IP-String has delimiter, because preg_match needs string-delimiter |
|
69
|
|
|
* @param $ip |
|
70
|
|
|
* @return string |
|
71
|
|
|
*/ |
|
72
|
|
|
protected function checkForDelimiter($ip) |
|
73
|
|
|
{ |
|
74
|
|
|
if (substr($ip, 0, 1) !== '/') { |
|
75
|
|
|
$ip = '/' . $ip; |
|
76
|
|
|
} |
|
77
|
|
|
|
|
78
|
|
|
if (substr($ip, -1, 1) !== '/') { |
|
79
|
|
|
$ip = $ip . '/'; |
|
80
|
|
|
} |
|
81
|
|
|
|
|
82
|
|
|
return $ip; |
|
83
|
|
|
} |
|
84
|
|
|
|
|
85
|
|
|
/** |
|
86
|
|
|
* @param array $validIps |
|
87
|
|
|
*/ |
|
88
|
|
|
public function setValidIps(array $validIps) |
|
89
|
|
|
{ |
|
90
|
|
|
$this->validIps = $validIps; |
|
91
|
|
|
} |
|
92
|
|
|
|
|
93
|
|
|
/** |
|
94
|
|
|
* @return array |
|
95
|
|
|
*/ |
|
96
|
|
|
public function getValidIps() |
|
97
|
|
|
{ |
|
98
|
|
|
return $this->validIps; |
|
99
|
|
|
} |
|
100
|
|
|
|
|
101
|
|
|
/** |
|
102
|
|
|
* Checks if ProxyCheck should be used. Returns the Remote-IP |
|
103
|
|
|
* |
|
104
|
|
|
* @return string |
|
105
|
|
|
*/ |
|
106
|
|
|
public function getRemoteAddress() |
|
107
|
|
|
{ |
|
108
|
|
|
$remoteAddr = filter_input(INPUT_SERVER, 'REMOTE_ADDR', FILTER_SANITIZE_STRING); |
|
109
|
|
|
if ($this->getProxyCheckEnabled() == 1) { |
|
110
|
|
|
$proxy = filter_input(INPUT_SERVER, 'HTTP_X_FORWARDED_FOR', FILTER_SANITIZE_STRING); |
|
111
|
|
|
if(!empty($proxy)) { |
|
112
|
|
|
$proxyIps = explode(',', $proxy); |
|
113
|
|
|
$relevantIp = array_shift($proxyIps); |
|
114
|
|
|
$relevantIp = trim($relevantIp); |
|
115
|
|
|
if (!empty($relevantIp)) { |
|
116
|
|
|
return $relevantIp; |
|
117
|
|
|
} |
|
118
|
|
|
} |
|
119
|
|
|
} |
|
120
|
|
|
|
|
121
|
|
|
return $remoteAddr; |
|
122
|
|
|
|
|
123
|
|
|
} |
|
124
|
|
|
|
|
125
|
|
|
/** |
|
126
|
|
|
* @return boolean |
|
127
|
|
|
*/ |
|
128
|
|
|
public function getProxyCheckEnabled() |
|
129
|
|
|
{ |
|
130
|
|
|
return $this->getConfig()->getValue('validator/proxy/enabled'); |
|
131
|
|
|
} |
|
132
|
|
|
|
|
133
|
|
|
/** |
|
134
|
|
|
* @param Payone_SessionStatus_Config $config |
|
135
|
|
|
*/ |
|
136
|
|
|
public function setConfig($config) |
|
137
|
|
|
{ |
|
138
|
|
|
$this->config = $config; |
|
139
|
|
|
} |
|
140
|
|
|
|
|
141
|
|
|
/** |
|
142
|
|
|
* @return Payone_SessionStatus_Config |
|
143
|
|
|
*/ |
|
144
|
|
|
public function getConfig() |
|
145
|
|
|
{ |
|
146
|
|
|
return $this->config; |
|
147
|
|
|
} |
|
148
|
|
|
|
|
149
|
|
|
} |
fjbender /
magento-1
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.
You can also find more detailed suggestions in the “Code” section of your repository.