|
1
|
|
|
<?php |
|
2
|
|
|
/** |
|
3
|
|
|
* |
|
4
|
|
|
* NOTICE OF LICENSE |
|
5
|
|
|
* |
|
6
|
|
|
* This source file is subject to the GNU General Public License (GPL 3) |
|
7
|
|
|
* that is bundled with this package in the file LICENSE.txt |
|
8
|
|
|
* |
|
9
|
|
|
* DISCLAIMER |
|
10
|
|
|
* |
|
11
|
|
|
* Do not edit or add to this file if you wish to upgrade Payone to newer |
|
12
|
|
|
* versions in the future. If you wish to customize Payone for your |
|
13
|
|
|
* needs please refer to http://www.payone.de for more information. |
|
14
|
|
|
* |
|
15
|
|
|
* @category Payone |
|
16
|
|
|
* @package Payone_TransactionStatus |
|
17
|
|
|
* @subpackage Validator |
|
18
|
|
|
* @copyright Copyright (c) 2012 <[email protected]> - www.noovias.com |
|
19
|
|
|
* @author Matthias Walter <[email protected]> |
|
20
|
|
|
* @license <http://www.gnu.org/licenses/> GNU General Public License (GPL 3) |
|
21
|
|
|
* @link http://www.noovias.com |
|
22
|
|
|
*/ |
|
23
|
|
|
|
|
24
|
|
|
/** |
|
25
|
|
|
* |
|
26
|
|
|
* @category Payone |
|
27
|
|
|
* @package Payone_TransactionStatus |
|
28
|
|
|
* @subpackage Validator |
|
29
|
|
|
* @copyright Copyright (c) 2012 <[email protected]> - www.noovias.com |
|
30
|
|
|
* @license <http://www.gnu.org/licenses/> GNU General Public License (GPL 3) |
|
31
|
|
|
* @link http://www.noovias.com |
|
32
|
|
|
*/ |
|
33
|
|
View Code Duplication |
class Payone_TransactionStatus_Validator_Ip |
|
|
|
|
|
|
34
|
|
|
extends Payone_TransactionStatus_Validator_Abstract |
|
35
|
|
|
{ |
|
36
|
|
|
/** @var array */ |
|
37
|
|
|
protected $validIps = array(); |
|
38
|
|
|
|
|
39
|
|
|
/** @var Payone_TransactionStatus_Config */ |
|
40
|
|
|
protected $config = null; |
|
41
|
|
|
|
|
42
|
|
|
/** |
|
43
|
|
|
* @param Payone_TransactionStatus_Request_Interface $request |
|
44
|
|
|
* @throws Payone_TransactionStatus_Exception_Validation |
|
45
|
|
|
* @return bool |
|
46
|
|
|
*/ |
|
47
|
|
|
public function validateRequest(Payone_TransactionStatus_Request_Interface $request) |
|
48
|
|
|
{ |
|
49
|
|
|
$remoteAddress = $this->getRemoteAddress(); |
|
50
|
|
|
$validIps = $this->getValidIps(); |
|
51
|
|
|
|
|
52
|
|
|
if (in_array($remoteAddress, $validIps)) { |
|
53
|
|
|
// this is for exact matches |
|
54
|
|
|
return true; |
|
55
|
|
|
} |
|
56
|
|
|
|
|
57
|
|
|
foreach ($validIps as $ip) { |
|
58
|
|
|
$ip = $this->checkForDelimiter($ip); |
|
59
|
|
|
if (preg_match($ip, $remoteAddress)) { |
|
60
|
|
|
return true; |
|
61
|
|
|
} |
|
62
|
|
|
} |
|
63
|
|
|
|
|
64
|
|
|
throw new Payone_TransactionStatus_Exception_Validation(); |
|
65
|
|
|
} |
|
66
|
|
|
|
|
67
|
|
|
/** |
|
68
|
|
|
* Check if IP-String has delimiter, because preg_match needs string-delimiter |
|
69
|
|
|
* @param $ip |
|
70
|
|
|
* @return string |
|
71
|
|
|
*/ |
|
72
|
|
|
protected function checkForDelimiter($ip) |
|
73
|
|
|
{ |
|
74
|
|
|
if (substr($ip, 0, 1) !== '/') { |
|
75
|
|
|
$ip = '/' . $ip; |
|
76
|
|
|
} |
|
77
|
|
|
|
|
78
|
|
|
if (substr($ip, -1, 1) !== '/') { |
|
79
|
|
|
$ip = $ip . '/'; |
|
80
|
|
|
} |
|
81
|
|
|
|
|
82
|
|
|
return $ip; |
|
83
|
|
|
} |
|
84
|
|
|
|
|
85
|
|
|
/** |
|
86
|
|
|
* @param array $validIps |
|
87
|
|
|
*/ |
|
88
|
|
|
public function setValidIps(array $validIps) |
|
89
|
|
|
{ |
|
90
|
|
|
$this->validIps = $validIps; |
|
91
|
|
|
} |
|
92
|
|
|
|
|
93
|
|
|
/** |
|
94
|
|
|
* @return array |
|
95
|
|
|
*/ |
|
96
|
|
|
public function getValidIps() |
|
97
|
|
|
{ |
|
98
|
|
|
return $this->validIps; |
|
99
|
|
|
} |
|
100
|
|
|
|
|
101
|
|
|
/** |
|
102
|
|
|
* Checks if ProxyCheck should be used. Returns the Remote-IP |
|
103
|
|
|
* |
|
104
|
|
|
* @return string |
|
105
|
|
|
*/ |
|
106
|
|
|
public function getRemoteAddress() |
|
107
|
|
|
{ |
|
108
|
|
|
$remoteAddr = filter_input(INPUT_SERVER, 'REMOTE_ADDR', FILTER_SANITIZE_STRING); |
|
109
|
|
|
if ($this->getProxyCheckEnabled() == 1) { |
|
110
|
|
|
$proxy = filter_input(INPUT_SERVER, 'HTTP_X_FORWARDED_FOR', FILTER_SANITIZE_STRING); |
|
111
|
|
|
if(!empty($proxy)) { |
|
112
|
|
|
$proxyIps = explode(',', $proxy); |
|
113
|
|
|
$relevantIp = array_shift($proxyIps); |
|
114
|
|
|
$relevantIp = trim($relevantIp); |
|
115
|
|
|
if (!empty($relevantIp)) { |
|
116
|
|
|
return $relevantIp; |
|
117
|
|
|
} |
|
118
|
|
|
} |
|
119
|
|
|
} |
|
120
|
|
|
|
|
121
|
|
|
return $remoteAddr; |
|
122
|
|
|
|
|
123
|
|
|
} |
|
124
|
|
|
|
|
125
|
|
|
/** |
|
126
|
|
|
* @return boolean |
|
127
|
|
|
*/ |
|
128
|
|
|
public function getProxyCheckEnabled() |
|
129
|
|
|
{ |
|
130
|
|
|
return $this->getConfig()->getValue('validator/proxy/enabled'); |
|
131
|
|
|
} |
|
132
|
|
|
|
|
133
|
|
|
/** |
|
134
|
|
|
* @param Payone_TransactionStatus_Config $config |
|
135
|
|
|
*/ |
|
136
|
|
|
public function setConfig($config) |
|
137
|
|
|
{ |
|
138
|
|
|
$this->config = $config; |
|
139
|
|
|
} |
|
140
|
|
|
|
|
141
|
|
|
/** |
|
142
|
|
|
* @return Payone_TransactionStatus_Config |
|
143
|
|
|
*/ |
|
144
|
|
|
public function getConfig() |
|
145
|
|
|
{ |
|
146
|
|
|
return $this->config; |
|
147
|
|
|
} |
|
148
|
|
|
|
|
149
|
|
|
} |
fjbender /
magento-1
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.
You can also find more detailed suggestions in the “Code” section of your repository.