define( 'RE_IPV6_PREFIX', '(12[0-8]|1[01][0-9]|[1-9]?\d)');
// An IPv6 IP is made up of 8 octets. However abbreviations like "::" can be used. This is lax!
define( 'RE_IPV6_ADD', RE_IPV6_WORD . '(:{1,2}' . RE_IPV6_WORD . '|::$){1,7}' );
+define( 'RE_IPV6_BLOCK', RE_IPV6_ADD . '\/' . RE_IPV6_PREFIX );
// This might be useful for regexps used elsewhere, matches any IPv6 or IPv6 address or network
define( 'IP_ADDRESS_STRING', RE_IP_ADD . '(\/' . RE_IP_PREFIX . '|)|' . RE_IPV6_ADD . '(\/' . RE_IPV6_PREFIX . '|)');
return preg_match( '/^' . IP_ADDRESS_STRING . '$/', $ip);
}
+ public function isIPv6( $ip ) {
+ return preg_match( '/^' . RE_IPV6_ADD . '(\/' . RE_IPV6_PREFIX . '|)$/', $ip);
+ }
+
+ public function isIPv4( $ip ) {
+ return preg_match( '/^' . RE_IP_ADD . '(\/' . RE_IP_PREFIX . '|)$/', $ip);
+ }
+
/**
* Given an IP address in dotted-quad notation, returns an IPv6 octet.
* See http://www.answers.com/topic/ipv4-compatible-address
public function IPv4toIPv6( $ip ) {
if ( !$ip ) return null;
// Convert only if needed
- if ( strpos($ip,':') !==false ) return $ip;
+ if ( self::isIPv6( $ip ) ) return $ip;
// IPv4 CIDRs
if ( strpos( $ip, '/' ) !== false ) {
$parts = explode( '/', $ip, 2 );
if ( count( $parts ) != 2 ) {
return false;
}
- $network = IP::toUnsigned( $parts[0] );
+ $network = self::toUnsigned( $parts[0] );
$bits = $parts[1] + 96;
if ( $network !== false && is_numeric( $parts[1] ) && $parts[1] >= 0 && $parts[1] <= 32 ) {
- return IP::toOctet( $network ) . "/$bits";
+ return self::toOctet( $network ) . "/$bits";
} else {
return false;
}
}
- return IP::toOctet( IP::toUnsigned( $ip ) );
+ return self::toOctet( self::toUnsigned( $ip ) );
}
/**
*/
public function toUnsigned6( $ip ) {
if ( !$ip ) return null;
- $ip = explode(':', IP::expandIP( $ip ) );
+ $ip = explode(':', self::expandIP( $ip ) );
$r_ip = '';
foreach ($ip as $v) {
$r_ip .= wfBaseConvert( $v, 16, 2, 16);
public function expandIP( $ip ) {
if ( !$ip ) return null;
// Only IPv6 addresses can be expanded
- if ( strpos($ip,':') === false ) return $ip;
+ if ( !self::isIPv6( $ip ) ) return $ip;
// Expand zero abbreviations
if ( substr_count($ip, '::') ) {
$ip = str_replace('::', str_repeat(':0000', 8 - substr_count($ip, ':')) . ':', $ip);
if ( count( $parts ) != 2 ) {
return array( false, false );
}
- $network = IP::toUnsigned6( $parts[0] );
+ $network = self::toUnsigned6( $parts[0] );
if ( $network !== false && is_numeric( $parts[1] ) && $parts[1] >= 0 && $parts[1] <= 128 ) {
$bits = $parts[1];
if ( $bits == 0 ) {
public static function parseRange6( $range ) {
if ( strpos( $range, '/' ) !== false ) {
# CIDR
- list( $network, $bits ) = IP::parseCIDR6( $range );
+ list( $network, $bits ) = self::parseCIDR6( $range );
if ( $network === false ) {
$start = $end = false;
} else {
} elseif ( strpos( $range, '-' ) !== false ) {
# Explicit range
list( $start, $end ) = array_map( 'trim', explode( '-', $range, 2 ) );
- $start = IP::toUnsigned6( $start ); $end = IP::toUnsigned6( $end );
+ $start = self::toUnsigned6( $start ); $end = self::toUnsigned6( $end );
if ( $start > $end ) {
$start = $end = false;
} else {
}
} else {
# Single IP
- $start = $end = IP::toHex6( $range );
+ $start = $end = self::toHex( $range );
}
if ( $start === false || $end === false ) {
return array( false, false );
* Comes from ProxyTools.php
*/
public static function isPublic( $ip ) {
- $n = IP::toUnsigned( $ip );
+ $n = self::toUnsigned( $ip );
if ( !$n ) {
return false;
}
}
foreach ( $privateRanges as $r ) {
- $start = IP::toUnsigned( $r[0] );
- $end = IP::toUnsigned( $r[1] );
+ $start = self::toUnsigned( $r[0] );
+ $end = self::toUnsigned( $r[1] );
if ( $n >= $start && $n <= $end ) {
return false;
}
* @return hexidecimal
*/
public static function toHex( $ip ) {
- $n = self::toUnsigned( $ip );
- if ( $n !== false ) {
- $n = sprintf( '%08X', $n );
- }
- return $n;
- }
-
- // For IPv6
- public static function toHex6( $ip ) {
- $n = self::toUnsigned6( $ip );
+ // Use IPv6 function if we have an that sort of IP
+ $n = ( self::isIPv6($ip) ) ? self::toUnsigned6( $ip ) : self::toUnsigned( $ip );
if ( $n !== false ) {
$n = sprintf( '%08X', $n );
}
* @return integer
*/
public static function toUnsigned( $ip ) {
+ // Use IPv6 function if we have an that sort of IP
+ if ( self::isIPv6( $ip ) ) {
+ return toUnsigned6( $ip );
+ }
if ( $ip == '255.255.255.255' ) {
$n = -1;
} else {
if ( count( $parts ) != 2 ) {
return array( false, false );
}
- $network = IP::toSigned( $parts[0] );
+ $network = self::toSigned( $parts[0] );
if ( $network !== false && is_numeric( $parts[1] ) && $parts[1] >= 0 && $parts[1] <= 32 ) {
$bits = $parts[1];
if ( $bits == 0 ) {
* @return array(string, int)
*/
public static function parseRange( $range ) {
+ // Use IPv6 function if we have an that sort of IP
+ if ( self::isIPv6( $ip ) ) {
+ return self::parseRange6( $range );
+ }
if ( strpos( $range, '/' ) !== false ) {
# CIDR
- list( $network, $bits ) = IP::parseCIDR( $range );
+ list( $network, $bits ) = self::parseCIDR( $range );
if ( $network === false ) {
$start = $end = false;
} else {
} elseif ( strpos( $range, '-' ) !== false ) {
# Explicit range
list( $start, $end ) = array_map( 'trim', explode( '-', $range, 2 ) );
- $start = IP::toUnsigned( $start ); $end = IP::toUnsigned( $end );
+ $start = self::toUnsigned( $start ); $end = self::toUnsigned( $end );
if ( $start > $end ) {
$start = $end = false;
} else {
}
} else {
# Single IP
- $start = $end = IP::toHex( $range );
+ $start = $end = self::toHex( $range );
}
if ( $start === false || $end === false ) {
return array( false, false );
*/
public static function isInRange( $addr, $range ) {
// Convert to IPv6 if needed
- $unsignedIP = IP::toUnsigned6( IP::IPv4toIPv6($addr) );
- list( $start, $end ) = IP::parseRange6( IP::IPv4toIPv6($range) );
+ $unsignedIP = self::toUnsigned6( self::IPv4toIPv6($addr) );
+ list( $start, $end ) = self::parseRange6( self::IPv4toIPv6($range) );
return (($unsignedIP >= $start) && ($unsignedIP <= $end));
}
* @return valid dotted quad IPv4 address or null
*/
public static function canonicalize( $addr ) {
- if ( IP::isValid( $addr ) )
+ if ( self::isValid( $addr ) )
return $addr;
// IPv6 loopback address
$userId = 0;
$this->BlockAddress = trim( $this->BlockAddress );
- $rxIP = '\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}';
-
+ # Expand valid IPv6 addresses
+ if ( IP::isIPAddress( $this->BlockAddress ) ) {
+ $this->BlockAddress = IP::expandIP( $this->BlockAddress );
+ }
+ # The above validation is good enough that those below will suffice from here
+ $rxIP4 = '\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}';
+ $rxIP6 = '\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}:\w{1,4}';
+ $rxIP = "($rxIP4|$rxIP6)";
+
# Check for invalid specifications
- if ( ! preg_match( "/^$rxIP$/", $this->BlockAddress ) ) {
+ if ( !preg_match( "/^$rxIP$/", $this->BlockAddress ) ) {
$matches = array();
- if ( preg_match( "/^($rxIP)\\/(\\d{1,2})$/", $this->BlockAddress, $matches ) ) {
+ if ( preg_match( "/^($rxIP4)\\/(\\d{1,2})$/", $this->BlockAddress, $matches ) ) {
+ # IPv4
if ( $wgSysopRangeBans ) {
- if ( $matches[2] > 31 || $matches[2] < 16 ) {
+ if ( !IP::isIPv4( $this->BlockAddress ) || $matches[2] > 31 || $matches[2] < 16 ) {
$this->showForm( wfMsg( 'ip_range_invalid' ) );
return;
}
$this->showForm( wfMsg( 'range_block_disabled' ) );
return;
}
+ } else if ( preg_match( "/^($rxIP6)\\/(\\d{1,3})$/", $this->BlockAddress, $matches ) ) {
+ # IPv6
+ if ( $wgSysopRangeBans ) {
+ if ( !IP::isIPv6( $this->BlockAddress ) || $matches[2] > 127 || $matches[2] < 64 ) {
+ $this->showForm( wfMsg( 'ip_range_invalid' ) );
+ return;
+ }
+ $this->BlockAddress = Block::normaliseRange6( $this->BlockAddress );
+ } else {
+ # Range block illegal
+ $this->showForm( wfMsg( 'range_block_disabled' ) );
+ return;
+ }
} else {
# Username block
if ( $wgSysopUserBans ) {