安全加强,dfsockopen 屏蔽局域网ip
This commit is contained in:
parent
f14b6f8bbe
commit
9103a22339
|
@ -11,11 +11,23 @@ if(!defined('IN_DISCUZ')) {
|
||||||
exit('Access Denied');
|
exit('Access Denied');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function _isLocalip($ip) {
|
||||||
|
$iplong = ip2long($ip);
|
||||||
|
return ($iplong >= 167772160 && $iplong <= 184549375) ||
|
||||||
|
($iplong >= 2886729728 && $iplong <= 2887778303) ||
|
||||||
|
($iplong >= 1681915904 && $iplong <= 1686110207) ||
|
||||||
|
($iplong >= 3232235520 && $iplong <= 3232301055) ||
|
||||||
|
($iplong >= 150994944 && $iplong <= 167772159);
|
||||||
|
}
|
||||||
|
|
||||||
function _dfsockopen($url, $limit = 0, $post = '', $cookie = '', $bysocket = FALSE, $ip = '', $timeout = 15, $block = TRUE, $encodetype = 'URLENCODE', $allowcurl = TRUE, $position = 0, $files = array()) {
|
function _dfsockopen($url, $limit = 0, $post = '', $cookie = '', $bysocket = FALSE, $ip = '', $timeout = 15, $block = TRUE, $encodetype = 'URLENCODE', $allowcurl = TRUE, $position = 0, $files = array()) {
|
||||||
$return = '';
|
$return = '';
|
||||||
$matches = parse_url($url);
|
$matches = parse_url($url);
|
||||||
$scheme = $matches['scheme'];
|
$scheme = $matches['scheme'];
|
||||||
$host = $matches['host'];
|
$host = $matches['host'];
|
||||||
|
if(filter_var($host, FILTER_VALIDATE_IP) && _isLocalip($host) || $ip && _isLocalip($ip)) {
|
||||||
|
return '';
|
||||||
|
}
|
||||||
$path = $matches['path'] ? $matches['path'].($matches['query'] ? '?'.$matches['query'] : '') : '/';
|
$path = $matches['path'] ? $matches['path'].($matches['query'] ? '?'.$matches['query'] : '') : '/';
|
||||||
$port = !empty($matches['port']) ? $matches['port'] : ($scheme == 'http' ? '80' : '');
|
$port = !empty($matches['port']) ? $matches['port'] : ($scheme == 'http' ? '80' : '');
|
||||||
$boundary = $encodetype == 'URLENCODE' ? '' : random(40);
|
$boundary = $encodetype == 'URLENCODE' ? '' : random(40);
|
||||||
|
|
Loading…
Reference in New Issue