Verify explicitly that the request IP is a valid IPv4 address
This commit is contained in:
parent
56cdaf96d6
commit
17e418caf0
@ -61,11 +61,14 @@ class IpUtils
|
|||||||
*/
|
*/
|
||||||
public static function checkIp4($requestIp, $ip)
|
public static function checkIp4($requestIp, $ip)
|
||||||
{
|
{
|
||||||
|
if (!filter_var($requestIp, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
if (false !== strpos($ip, '/')) {
|
if (false !== strpos($ip, '/')) {
|
||||||
list($address, $netmask) = explode('/', $ip, 2);
|
list($address, $netmask) = explode('/', $ip, 2);
|
||||||
|
|
||||||
if ($netmask === '0') {
|
if ($netmask === '0') {
|
||||||
// Ensure IP is valid - using ip2long below implicitly validates, but we need to do it manually here
|
|
||||||
return filter_var($address, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4);
|
return filter_var($address, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -37,6 +37,7 @@ class IpUtilsTest extends \PHPUnit_Framework_TestCase
|
|||||||
array(true, '1.2.3.4', '0.0.0.0/0'),
|
array(true, '1.2.3.4', '0.0.0.0/0'),
|
||||||
array(true, '1.2.3.4', '192.168.1.0/0'),
|
array(true, '1.2.3.4', '192.168.1.0/0'),
|
||||||
array(false, '1.2.3.4', '256.256.256/0'), // invalid CIDR notation
|
array(false, '1.2.3.4', '256.256.256/0'), // invalid CIDR notation
|
||||||
|
array(false, 'an_invalid_ip', '192.168.1.0/24'),
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Reference in New Issue
Block a user