--- /dev/null
+<?php
+/**
+ * Proxy Detector v0.1
+ * copyrights by: Daantje Eeltink (me@daantje.nl)
+ * http://www.daantje.nl
+ *
+ * first build: Mon Sep 18 21:43:48 CEST 2006
+ * last build: Tue Sep 19 10:37:12 CEST 2006
+ *
+ * Description:
+ * This class can detect if a visitor uses a proxy server by scanning the
+ * headers returned by the user client. When the user uses a proxy server,
+ * most of the proxy servers alter the header. The header is returned to
+ * PHP in the array $_SERVER.
+ *
+ * License:
+ * GPL v2 licence. (http://www.gnu.org/copyleft/gpl.txt)
+ *
+ * Support:
+ * If you like this class and find it usefull, please donate one or two
+ * coins to my PayPal account me@daantje.nl
+ *
+ * Todo:
+ * Add open proxy black list scan.
+ */
+
+class proxy_detector {
+
+ /**
+ * CONSTRUCTOR
+ * Set defaults...
+ */
+ function proxy_detector(){
+ $this->config = array();
+ $this->lastLog = "";
+
+ //set default headers
+ $this->scan_headers = array(
+ 'HTTP_VIA',
+ 'HTTP_X_FORWARDED_FOR',
+ 'HTTP_FORWARDED_FOR',
+ 'HTTP_X_FORWARDED',
+ 'HTTP_FORWARDED',
+ 'HTTP_CLIENT_IP',
+ 'HTTP_FORWARDED_FOR_IP',
+ 'VIA',
+ 'X_FORWARDED_FOR',
+ 'FORWARDED_FOR',
+ 'X_FORWARDED',
+ 'FORWARDED',
+ 'CLIENT_IP',
+ 'FORWARDED_FOR_IP',
+ 'HTTP_PROXY_CONNECTION'
+ );
+ }
+
+ function exists_in_rbl($remote) {
+ $rbls = array('http.dnsbl.sorbs.net', 'misc.dnsbl.sorbs.net');
+ // $remote = $_SERVER['REMOTE_ADDR'];
+ // $remote = '213.134.170.206';
+ // $remote = '64.34.166.71';
+
+ if (preg_match("/([0-9]+)\.([0-9]+)\.([0-9]+)\.([0-9]+)/",
+ $remote, $matches)) {
+ foreach ($rbls as $rbl) {
+ $rblhost = $matches[4] . "." . $matches[3] . "." .
+ $matches[2] . "." . $matches[1] . "." . $rbl;
+
+ $resolved = gethostbyname($rblhost);
+ // echo "RBL ".$rblhost."<br>";
+ if ($resolved != $rblhost) {
+ return TRUE;
+ }
+ }
+ }
+ return FALSE;
+ }
+
+ /**
+ * VOID setHeader( STRING $trigger )
+ * Set new header trigger...
+ */
+ function setHeader($trigger){
+ $this->scan_headers[] = $trigger;
+ }
+
+
+ /**
+ * ARRAY $triggers = getHeaders( VOID )
+ * Get all triggers in one array
+ */
+ function getHeaders(){
+ return $this->scan_headers;
+ }
+
+
+ /**
+ * VOID setConfig( STRING $key, STRING $value)
+ * Set config line...
+ */
+ function setConfig($key,$value){
+ $this->config[$key] = $value;
+ }
+
+
+ /**
+ * MIXED $config = getConfig( [STRING $key] )
+ * Get all config in one array, or only one config value as a string.
+ */
+ function getConfig($key=''){
+ if($key)
+ return $this->config[$key];
+ else
+ return $this->config;
+ }
+
+
+ /**
+ * STRING $log = getLog( VOID )
+ * Get last logged information. Only works AFTER calling detect()!
+ */
+ function getLog(){
+ return $this->lastLog;
+ }
+
+
+ /**
+ * BOOL $proxy = detect( VOID )
+ * Start detection and return TRUE if a proxy server is detected...
+ */
+ function detect(){
+ GLOBAL $G_proxy_white_list;
+ $log = "";
+
+ foreach($G_proxy_white_list as $authproxy) {
+ if ($_SERVER['REMOTE_ADDR'] == $authproxy)
+ return (FALSE);
+ }
+
+ if ($this->exists_in_rbl($_SERVER['REMOTE_ADDR']) == TRUE)
+ return (TRUE);
+
+// //scan all headers
+// foreach($this->scan_headers as $i){
+// //proxy detected? lets log...
+// if($_SERVER[$i])
+// $log.= "trigger $i: ".$_SERVER[$i]."\n";
+// }
+
+ //let's do something...
+ if($log){
+ $log = $this->lastLog = date("Y-m-d H:i:s")."\nDetected proxy server: ".gethostbyaddr($_SERVER['REMOTE_ADDR'])." ({$_SERVER['REMOTE_ADDR']})\n".$log;
+
+ //mail message
+ if($this->getConfig('MAIL_ALERT_TO'))
+ mail($this->getConfig('MAIL_ALERT_TO'),"Proxy detected at {$_SERVER['REQUEST_URI']}",$log);
+
+ //write to file
+ $f = $this->getConfig('LOG_FILE');
+ if($f){
+ if(is_writable($f)){
+ $fp = fopen($f,'a');
+ fwrite($fp,"$log\n");
+ fclose($fp);
+ }else{
+ die("<strong>Fatal Error:</strong> Couldn't write to file: '<strong>$f</strong>'<br>Please check if the path exists and is writable for the webserver or php...");
+ }
+ }
+
+ //done
+ return TRUE;
+ }
+
+ //nope, no proxy was logged...
+ return FALSE;
+ }
+}
+
+//init class
+function is_proxy()
+{
+ $proxy = new proxy_detector();
+
+ //start detect
+ if($proxy->detect()) {
+ //returned TRUE, lets die...
+ echo "<br><br><div style=\"text-align:center;\"><h1>Accesso attaverso proxy non consentito.</h1><br><br>";
+ echo "Se state utilizzando un proxy privato e volete che sia autorizzato mandate il suo indirizzo IP (".$_SERVER['REMOTE_ADDR'].") e il suo proprietario all'indirizzo di posta elettronica <a href=\"mailto:brisk@alternativeoutput.it\">brisk@alternativeoutput.it</a><br><br></div>";
+
+ //parse logged info
+ echo nl2br($proxy->getLog());
+
+ //some credits...
+ // echo "<hr><strong>proxy detector v0.1</strong> - ©2006 <a href=\"http://www.daantje.nl\" target=\"_blank\">daantje.nl</a>";
+
+ //and do nothing anymore! (but not in my example)
+ return (TRUE);
+ }
+ else
+ return (FALSE);
+}
+
+?>
\ No newline at end of file
projects / brisk.git / blobdiff