Gecko [ 167.86.127.34 ]

Name	Size	Permission
bfShapeFiles	[ DIR ]	drwxr-xr-x
config	[ DIR ]	drwxr-xr-x
controllers	[ DIR ]	drwxr-xr-x
dbi	[ DIR ]	drwxr-xr-x
di	[ DIR ]	drwxr-xr-x
engines	[ DIR ]	drwxr-xr-x
gis	[ DIR ]	drwxr-xr-x
navigation	[ DIR ]	drwxr-xr-x
plugins	[ DIR ]	drwxr-xr-x
properties	[ DIR ]	drwxr-xr-x
rte	[ DIR ]	drwxr-xr-x
sql-parser	[ DIR ]	drwxr-xr-x
Advisor.php	15.13 KB	-rw-r--r--
Config.php	54.7 KB	-rw-r--r--
Console.php	14.82 KB	-rw-r--r--
DatabaseInterface.php	95.6 KB	-rw-r--r--
DbList.php	1.9 KB	-rw-r--r--
DbQbe.php	68.87 KB	-rw-r--r--
DbSearch.php	17.21 KB	-rw-r--r--
DisplayResults.php	206 KB	-rw-r--r--
Error.php	12.7 KB	-rw-r--r--
ErrorHandler.php	16.48 KB	-rw-r--r--
File.php	18.82 KB	-rw-r--r--
Font.php	4.24 KB	-rw-r--r--
Footer.php	10.52 KB	-rw-r--r--
Header.php	25.34 KB	-rw-r--r--
Index.php	23.79 KB	-rw-r--r--
IndexColumn.php	4.46 KB	-rw-r--r--
Language.php	4.27 KB	-rw-r--r--
LanguageManager.php	20.75 KB	-rw-r--r--
Linter.php	5.02 KB	-rw-r--r--
ListAbstract.php	3.15 KB	-rw-r--r--
ListDatabase.php	4.62 KB	-rw-r--r--
Menu.php	21.14 KB	-rw-r--r--
Message.php	18.67 KB	-rw-r--r--
OutputBuffering.php	3.59 KB	-rw-r--r--
PDF.php	3.94 KB	-rw-r--r--
Partition.php	7.26 KB	-rw-r--r--
Psr4Autoloader.php	4.85 KB	-rw-r--r--
RecentFavoriteTable.php	11.78 KB	-rw-r--r--
Response.php	12.61 KB	-rw-r--r--
SavedSearches.php	11.67 KB	-rw-r--r--
Scripts.php	7.38 KB	-rw-r--r--
ServerStatusData.php	15.72 KB	-rw-r--r--
StorageEngine.php	13.61 KB	-rw-r--r--
SubPartition.php	3.52 KB	-rw-r--r--
SysInfo.php	799 B	-rw-r--r--
SysInfoLinux.php	1.92 KB	-rw-r--r--
SysInfoSunOS.php	1.86 KB	-rw-r--r--
SysInfoWINNT.php	3.08 KB	-rw-r--r--
SystemDatabase.php	3.66 KB	-rw-r--r--
Table.php	88.12 KB	-rw-r--r--
Template.php	4.45 KB	-rw-r--r--
Theme.php	11.34 KB	-rw-r--r--
ThemeManager.php	12.91 KB	-rw-r--r--
Tracker.php	30.35 KB	-rw-r--r--
Types.php	6.08 KB	-rw-r--r--
TypesMySQL.php	17.26 KB	-rw-r--r--
Util.php	172.46 KB	-rw-r--r--
VersionInformation.php	7.87 KB	-rw-r--r--
ZipFile.php	6.63 KB	-rw-r--r--
advisor.lib.php	1.6 KB	-rw-r--r--
advisory_rules.txt	25.94 KB	-rw-r--r--
autoloader.php	450 B	-rw-r--r--
bookmark.lib.php	8.5 KB	-rw-r--r--
browse_foreigners.lib.php	9.83 KB	-rw-r--r--
central_columns.lib.php	49.38 KB	-rw-r--r--
charset_conversion.lib.php	3.54 KB	-rw-r--r--
check_user_privileges.lib.php	10.65 KB	-rw-r--r--
cleanup.lib.php	1.29 KB	-rw-r--r--
common.inc.php	34.38 KB	-rw-r--r--
config.default.php	66.5 KB	-rw-r--r--
config.values.php	10.17 KB	-rw-r--r--
core.lib.php	29.94 KB	-rw-r--r--
create_addfield.lib.php	15.68 KB	-rw-r--r--
database_interface.inc.php	2.63 KB	-rw-r--r--
db_common.inc.php	3.12 KB	-rw-r--r--
db_designer.lib.php	10.4 KB	-rw-r--r--
db_table_exists.lib.php	3.21 KB	-rw-r--r--
display_change_password.lib.ph...	5.45 KB	-rw-r--r--
display_create_table.lib.php	1.53 KB	-rw-r--r--
display_export.lib.php	38.11 KB	-rw-r--r--
display_git_revision.lib.php	3.04 KB	-rw-r--r--
display_import.lib.php	24.34 KB	-rw-r--r--
display_import_ajax.lib.php	3.13 KB	-rw-r--r--
display_select_lang.lib.php	2.36 KB	-rw-r--r--
error.inc.php	1.21 KB	-rw-r--r--
error_report.lib.php	10.25 KB	-rw-r--r--
export.lib.php	35.16 KB	-rw-r--r--
file_listing.lib.php	2.37 KB	-rw-r--r--
iconv_wrapper.lib.php	3.88 KB	-rw-r--r--
import.lib.php	50.64 KB	-rw-r--r--
index.lib.php	1.37 KB	-rw-r--r--
information_schema_relations.l...	10.95 KB	-rw-r--r--
insert_edit.lib.php	112.79 KB	-rw-r--r--
ip_allow_deny.lib.php	9.35 KB	-rw-r--r--
js_escape.lib.php	4.43 KB	-rw-r--r--
kanji-encoding.lib.php	4.46 KB	-rw-r--r--
language_stats.inc.php	1.45 KB	-rw-r--r--
logging.lib.php	521 B	-rw-r--r--
mime.lib.php	704 B	-rw-r--r--
mult_submits.inc.php	10.64 KB	-rw-r--r--
mult_submits.lib.php	20.44 KB	-rw-r--r--
mysql_charsets.inc.php	4.09 KB	-rw-r--r--
mysql_charsets.lib.php	10.47 KB	-rw-r--r--
mysql_relations.lib.php	5.12 KB	-rw-r--r--
normalization.lib.php	33.98 KB	-rw-r--r--
opendocument.lib.php	7.94 KB	-rw-r--r--
operations.lib.php	73.64 KB	-rw-r--r--
parse_analyze.lib.php	2.12 KB	-rw-r--r--
plugin_interface.lib.php	19.69 KB	-rw-r--r--
pmd_common.php	24.2 KB	-rw-r--r--
relation.lib.php	68.41 KB	-rw-r--r--
relation_cleanup.lib.php	13.84 KB	-rw-r--r--
replication.inc.php	8.82 KB	-rw-r--r--
replication_gui.lib.php	37.45 KB	-rw-r--r--
sanitizing.lib.php	6.3 KB	-rw-r--r--
select_server.lib.php	3.4 KB	-rw-r--r--
server_common.inc.php	1.22 KB	-rw-r--r--
server_common.lib.php	1.92 KB	-rw-r--r--
server_privileges.lib.php	179.22 KB	-rw-r--r--
server_status.lib.php	9.92 KB	-rw-r--r--
server_status_advisor.lib.php	1.89 KB	-rw-r--r--
server_status_monitor.lib.php	26.22 KB	-rw-r--r--
server_status_processes.lib.ph...	9.57 KB	-rw-r--r--
server_status_queries.lib.php	4.86 KB	-rw-r--r--
server_status_variables.lib.ph...	28.95 KB	-rw-r--r--
server_user_groups.lib.php	12.8 KB	-rw-r--r--
server_users.lib.php	1.35 KB	-rw-r--r--
session.inc.php	5.22 KB	-rw-r--r--
session.lib.php	735 B	-rw-r--r--
special_schema_links.lib.php	17.51 KB	-rw-r--r--
sql.lib.php	77.51 KB	-rw-r--r--
sql_query_form.lib.php	15.71 KB	-rw-r--r--
string.lib.php	800 B	-rw-r--r--
stringMb.lib.php	1.86 KB	-rw-r--r--
stringNative.lib.php	6.82 KB	-rw-r--r--
sysinfo.lib.php	1.34 KB	-rw-r--r--
tbl_columns_definition_form.in...	13.55 KB	-rw-r--r--
tbl_common.inc.php	1.3 KB	-rw-r--r--
tbl_info.inc.php	3.54 KB	-rw-r--r--
tbl_partition_definition.inc.p...	5.55 KB	-rw-r--r--
tracking.lib.php	54.93 KB	-rw-r--r--
transformations.lib.php	14.63 KB	-rw-r--r--
url_generating.lib.php	6.77 KB	-rw-r--r--
user_preferences.inc.php	2.38 KB	-rw-r--r--
user_preferences.lib.php	8.17 KB	-rw-r--r--
util.lib.php	749 B	-rw-r--r--
vendor_config.php	2.49 KB	-rw-r--r--
zip_extension.lib.php	5.38 KB	-rw-r--r--

Code Editor : ip_allow_deny.lib.php

<?php
/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
 * This library is used with the server IP allow/deny host authentication
 * feature
 *
 * @package PhpMyAdmin
 */

/**
 * Gets the "true" IP address of the current user
 *
 * @return string   the ip of the user
 *
 * @access  private
 */
function PMA_getIp()
{
    /* Get the address of user */
    if (empty($_SERVER['REMOTE_ADDR'])) {
        /* We do not know remote IP */
        return false;
    }

$direct_ip = $_SERVER['REMOTE_ADDR'];

/* Do we trust this IP as a proxy? If yes we will use it's header. */
    if (!isset($GLOBALS['cfg']['TrustedProxies'][$direct_ip])) {
        /* Return true IP */
        return $direct_ip;
    }

/**
     * Parse header in form:
     * X-Forwarded-For: client, proxy1, proxy2
     */
    // Get header content
    $value = PMA_getenv($GLOBALS['cfg']['TrustedProxies'][$direct_ip]);
    // Grab first element what is client adddress
    $value = explode(',', $value)[0];
    // Extract IP address
    // the $ checks that the header contains only one IP address,
    // ?: makes sure the () don't capture
    $matches = array();
    $is_ip = preg_match(
        '|^(?:[0-9]{1,3}\.){3,3}[0-9]{1,3}$|',
        $value, $matches
    );

if ($is_ip && (count($matches) == 1)) {
        // True IP behind a proxy
        return $matches[0];
    }

// We could not parse header
    return false;
} // end of the 'PMA_getIp()' function

/**
 * Matches for IPv4 or IPv6 addresses
 *
 * @param string $testRange string of IP range to match
 * @param string $ipToTest  string of IP to test against range
 *
 * @return boolean    whether the IP mask matches
 *
 * @access  public
 */
function PMA_ipMaskTest($testRange, $ipToTest)
{
    if (mb_strpos($testRange, ':') > -1
        || mb_strpos($ipToTest, ':') > -1
    ) {
        // assume IPv6
        $result = PMA_ipv6MaskTest($testRange, $ipToTest);
    } else {
        $result = PMA_ipv4MaskTest($testRange, $ipToTest);
    }

return $result;
} // end of the "PMA_ipMaskTest()" function

/**
 * Based on IP Pattern Matcher
 * Originally by J.Adams <jna@retina.net>
 * Found on <https://www.php.net/manual/en/function.ip2long.php>
 * Modified for phpMyAdmin
 *
 * Matches:
 * xxx.xxx.xxx.xxx        (exact)
 * xxx.xxx.xxx.[yyy-zzz]  (range)
 * xxx.xxx.xxx.xxx/nn     (CIDR)
 *
 * Does not match:
 * xxx.xxx.xxx.xx[yyy-zzz]  (range, partial octets not supported)
 *
 * @param string $testRange string of IP range to match
 * @param string $ipToTest  string of IP to test against range
 *
 * @return boolean    whether the IP mask matches
 *
 * @access  public
 */
function PMA_ipv4MaskTest($testRange, $ipToTest)
{
    $result = true;
    $match = preg_match(
        '|([0-9]+)\.([0-9]+)\.([0-9]+)\.([0-9]+)/([0-9]+)|',
        $testRange,
        $regs
    );
    if ($match) {
        // performs a mask match
        $ipl    = ip2long($ipToTest);
        $rangel = ip2long(
            $regs[1] . '.' . $regs[2] . '.' . $regs[3] . '.' . $regs[4]
        );

$maskl  = 0;

for ($i = 0; $i < 31; $i++) {
            if ($i < $regs[5] - 1) {
                $maskl = $maskl + PMA\libraries\Util::pow(2, (30 - $i));
            } // end if
        } // end for

if (($maskl & $rangel) == ($maskl & $ipl)) {
            return true;
        }

return false;
    }

// range based
    $maskocts = explode('.', $testRange);
    $ipocts   = explode('.', $ipToTest);

// perform a range match
    for ($i = 0; $i < 4; $i++) {
        if (preg_match('|\[([0-9]+)\-([0-9]+)\]|', $maskocts[$i], $regs)) {
            if (($ipocts[$i] > $regs[2]) || ($ipocts[$i] < $regs[1])) {
                $result = false;
            } // end if
        } else {
            if ($maskocts[$i] <> $ipocts[$i]) {
                $result = false;
            } // end if
        } // end if/else
    } //end for

return $result;
} // end of the "PMA_ipv4MaskTest()" function

/**
 * IPv6 matcher
 * CIDR section taken from https://stackoverflow.com/a/10086404
 * Modified for phpMyAdmin
 *
 * Matches:
 * xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx
 * (exact)
 * xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:[yyyy-zzzz]
 * (range, only at end of IP - no subnets)
 * xxxx:xxxx:xxxx:xxxx/nn
 * (CIDR)
 *
 * Does not match:
 * xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xx[yyy-zzz]
 * (range, partial octets not supported)
 *
 * @param string $test_range string of IP range to match
 * @param string $ip_to_test string of IP to test against range
 *
 * @return boolean    whether the IP mask matches
 *
 * @access  public
 */
function PMA_ipv6MaskTest($test_range, $ip_to_test)
{
    $result = true;

// convert to lowercase for easier comparison
    $test_range = mb_strtolower($test_range);
    $ip_to_test = mb_strtolower($ip_to_test);

$is_cidr = mb_strpos($test_range, '/') > -1;
    $is_range = mb_strpos($test_range, '[') > -1;
    $is_single = ! $is_cidr && ! $is_range;

$ip_hex = bin2hex(inet_pton($ip_to_test));

if ($is_single) {
        $range_hex = bin2hex(inet_pton($test_range));
        $result = hash_equals($ip_hex, $range_hex);
        return $result;
    }

if ($is_range) {
        // what range do we operate on?
        $range_match = array();
        $match = preg_match(
            '/\[([0-9a-f]+)\-([0-9a-f]+)\]/', $test_range, $range_match
        );
        if ($match) {
            $range_start = $range_match[1];
            $range_end   = $range_match[2];

// get the first and last allowed IPs
            $first_ip  = str_replace($range_match[0], $range_start, $test_range);
            $first_hex = bin2hex(inet_pton($first_ip));
            $last_ip   = str_replace($range_match[0], $range_end, $test_range);
            $last_hex  = bin2hex(inet_pton($last_ip));

// check if the IP to test is within the range
            $result = ($ip_hex >= $first_hex && $ip_hex <= $last_hex);
        }
        return $result;
    }

if ($is_cidr) {
        // Split in address and prefix length
        list($first_ip, $subnet) = explode('/', $test_range);

// Parse the address into a binary string
        $first_bin = inet_pton($first_ip);
        $first_hex = bin2hex($first_bin);

$flexbits = 128 - $subnet;

// Build the hexadecimal string of the last address
        $last_hex = $first_hex;

$pos = 31;
        while ($flexbits > 0) {
            // Get the character at this position
            $orig = mb_substr($last_hex, $pos, 1);

// Convert it to an integer
            $origval = hexdec($orig);

// OR it with (2^flexbits)-1, with flexbits limited to 4 at a time
            $newval = $origval | (pow(2, min(4, $flexbits)) - 1);

// Convert it back to a hexadecimal character
            $new = dechex($newval);

// And put that character back in the string
            $last_hex = substr_replace($last_hex, $new, $pos, 1);

// We processed one nibble, move to previous position
            $flexbits -= 4;
            --$pos;
        }

// check if the IP to test is within the range
        $result = ($ip_hex >= $first_hex && $ip_hex <= $last_hex);
    }

return $result;
} // end of the "PMA_ipv6MaskTest()" function

/**
 * Runs through IP Allow/Deny rules the use of it below for more information
 *
 * @param string $type 'allow' | 'deny' type of rule to match
 *
 * @return bool   Matched a rule ?
 *
 * @access  public
 *
 * @see     PMA_getIp()
 */
function PMA_allowDeny($type)
{
    global $cfg;

// Grabs true IP of the user and returns if it can't be found
    $remote_ip = PMA_getIp();
    if (empty($remote_ip)) {
        return false;
    }

// copy username
    $username  = $cfg['Server']['user'];

// copy rule database
    if (isset($cfg['Server']['AllowDeny']['rules'])) {
        $rules     = $cfg['Server']['AllowDeny']['rules'];
        if (! is_array($rules)) {
            $rules = array();
        }
    } else {
        $rules = array();
    }

// lookup table for some name shortcuts
    $shortcuts = array(
        'all'       => '0.0.0.0/0',
        'localhost' => '127.0.0.1/8'
    );

// Provide some useful shortcuts if server gives us address:
    if (PMA_getenv('SERVER_ADDR')) {
        $shortcuts['localnetA'] = PMA_getenv('SERVER_ADDR') . '/8';
        $shortcuts['localnetB'] = PMA_getenv('SERVER_ADDR') . '/16';
        $shortcuts['localnetC'] = PMA_getenv('SERVER_ADDR') . '/24';
    }

foreach ($rules as $rule) {
        // extract rule data
        $rule_data = explode(' ', $rule);

// check for rule type
        if ($rule_data[0] != $type) {
            continue;
        }

// check for username
        if (($rule_data[1] != '%') //wildcarded first
            && (! hash_equals($rule_data[1], $username))
        ) {
            continue;
        }

// check if the config file has the full string with an extra
        // 'from' in it and if it does, just discard it
        if ($rule_data[2] == 'from') {
            $rule_data[2] = $rule_data[3];
        }

// Handle shortcuts with above array
        if (isset($shortcuts[$rule_data[2]])) {
            $rule_data[2] = $shortcuts[$rule_data[2]];
        }

// Add code for host lookups here
        // Excluded for the moment

// Do the actual matching now
        if (PMA_ipMaskTest($rule_data[2], $remote_ip)) {
            return true;
        }
    } // end while

return false;
} // end of the "PMA_AllowDeny()" function

${this.title}

Code Editor : ip_allow_deny.lib.php