1*f8369d7dSTobias Sarnowski<?php 2*f8369d7dSTobias Sarnowski 3*f8369d7dSTobias Sarnowskirequire_once DOKU_INC.'inc/init.php'; 4*f8369d7dSTobias Sarnowskirequire_once DOKU_INC.'inc/common.php'; 5*f8369d7dSTobias Sarnowski 6*f8369d7dSTobias Sarnowskiclass common_clientIP_test extends DokuWikiTest { 7*f8369d7dSTobias Sarnowski 8*f8369d7dSTobias Sarnowski function test_simple_all(){ 9*f8369d7dSTobias Sarnowski $_SERVER['REMOTE_ADDR'] = '123.123.123.123'; 10*f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_REAL_IP'] = ''; 11*f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_FORWARDED_FOR'] = ''; 12*f8369d7dSTobias Sarnowski $out = '123.123.123.123'; 13*f8369d7dSTobias Sarnowski $this->assertEquals(clientIP(),$out); 14*f8369d7dSTobias Sarnowski } 15*f8369d7dSTobias Sarnowski 16*f8369d7dSTobias Sarnowski function test_proxy1_all(){ 17*f8369d7dSTobias Sarnowski $_SERVER['REMOTE_ADDR'] = '123.123.123.123'; 18*f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_REAL_IP'] = '77.77.77.77'; 19*f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_FORWARDED_FOR'] = ''; 20*f8369d7dSTobias Sarnowski $out = '123.123.123.123,77.77.77.77'; 21*f8369d7dSTobias Sarnowski $this->assertEquals(clientIP(),$out); 22*f8369d7dSTobias Sarnowski } 23*f8369d7dSTobias Sarnowski 24*f8369d7dSTobias Sarnowski function test_proxy2_all(){ 25*f8369d7dSTobias Sarnowski $_SERVER['REMOTE_ADDR'] = '123.123.123.123'; 26*f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_REAL_IP'] = ''; 27*f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_FORWARDED_FOR'] = '77.77.77.77'; 28*f8369d7dSTobias Sarnowski $out = '123.123.123.123,77.77.77.77'; 29*f8369d7dSTobias Sarnowski $this->assertEquals(clientIP(),$out); 30*f8369d7dSTobias Sarnowski } 31*f8369d7dSTobias Sarnowski 32*f8369d7dSTobias Sarnowski function test_proxyhops_all(){ 33*f8369d7dSTobias Sarnowski $_SERVER['REMOTE_ADDR'] = '123.123.123.123'; 34*f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_REAL_IP'] = ''; 35*f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_FORWARDED_FOR'] = '77.77.77.77,66.66.66.66'; 36*f8369d7dSTobias Sarnowski $out = '123.123.123.123,77.77.77.77,66.66.66.66'; 37*f8369d7dSTobias Sarnowski $this->assertEquals(clientIP(),$out); 38*f8369d7dSTobias Sarnowski } 39*f8369d7dSTobias Sarnowski 40*f8369d7dSTobias Sarnowski function test_simple_single(){ 41*f8369d7dSTobias Sarnowski $_SERVER['REMOTE_ADDR'] = '123.123.123.123'; 42*f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_REAL_IP'] = ''; 43*f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_FORWARDED_FOR'] = ''; 44*f8369d7dSTobias Sarnowski $out = '123.123.123.123'; 45*f8369d7dSTobias Sarnowski $this->assertEquals(clientIP(true),$out); 46*f8369d7dSTobias Sarnowski } 47*f8369d7dSTobias Sarnowski 48*f8369d7dSTobias Sarnowski function test_proxy1_single(){ 49*f8369d7dSTobias Sarnowski $_SERVER['REMOTE_ADDR'] = '123.123.123.123'; 50*f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_REAL_IP'] = '77.77.77.77'; 51*f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_FORWARDED_FOR'] = ''; 52*f8369d7dSTobias Sarnowski $out = '77.77.77.77'; 53*f8369d7dSTobias Sarnowski $this->assertEquals(clientIP(true),$out); 54*f8369d7dSTobias Sarnowski } 55*f8369d7dSTobias Sarnowski 56*f8369d7dSTobias Sarnowski function test_proxy2_single(){ 57*f8369d7dSTobias Sarnowski $_SERVER['REMOTE_ADDR'] = '123.123.123.123'; 58*f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_REAL_IP'] = ''; 59*f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_FORWARDED_FOR'] = '77.77.77.77'; 60*f8369d7dSTobias Sarnowski $out = '77.77.77.77'; 61*f8369d7dSTobias Sarnowski $this->assertEquals(clientIP(true),$out); 62*f8369d7dSTobias Sarnowski } 63*f8369d7dSTobias Sarnowski 64*f8369d7dSTobias Sarnowski function test_proxyhops_single(){ 65*f8369d7dSTobias Sarnowski $_SERVER['REMOTE_ADDR'] = '123.123.123.123'; 66*f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_REAL_IP'] = ''; 67*f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_FORWARDED_FOR'] = '77.77.77.77,66.66.66.66'; 68*f8369d7dSTobias Sarnowski $out = '66.66.66.66'; 69*f8369d7dSTobias Sarnowski $this->assertEquals(clientIP(true),$out); 70*f8369d7dSTobias Sarnowski } 71*f8369d7dSTobias Sarnowski 72*f8369d7dSTobias Sarnowski function test_local_all(){ 73*f8369d7dSTobias Sarnowski $_SERVER['REMOTE_ADDR'] = '123.123.123.123'; 74*f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_REAL_IP'] = ''; 75*f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_FORWARDED_FOR'] = '127.0.0.1'; 76*f8369d7dSTobias Sarnowski $out = '123.123.123.123,127.0.0.1'; 77*f8369d7dSTobias Sarnowski $this->assertEquals(clientIP(),$out); 78*f8369d7dSTobias Sarnowski } 79*f8369d7dSTobias Sarnowski 80*f8369d7dSTobias Sarnowski function test_local1_single(){ 81*f8369d7dSTobias Sarnowski $_SERVER['REMOTE_ADDR'] = '123.123.123.123'; 82*f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_REAL_IP'] = ''; 83*f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_FORWARDED_FOR'] = '127.0.0.1'; 84*f8369d7dSTobias Sarnowski $out = '123.123.123.123'; 85*f8369d7dSTobias Sarnowski $this->assertEquals(clientIP(true),$out); 86*f8369d7dSTobias Sarnowski } 87*f8369d7dSTobias Sarnowski 88*f8369d7dSTobias Sarnowski function test_local2_single(){ 89*f8369d7dSTobias Sarnowski $_SERVER['REMOTE_ADDR'] = '127.0.0.1'; 90*f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_REAL_IP'] = ''; 91*f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_FORWARDED_FOR'] = '123.123.123.123'; 92*f8369d7dSTobias Sarnowski $out = '123.123.123.123'; 93*f8369d7dSTobias Sarnowski $this->assertEquals(clientIP(true),$out); 94*f8369d7dSTobias Sarnowski } 95*f8369d7dSTobias Sarnowski 96*f8369d7dSTobias Sarnowski function test_local3_single(){ 97*f8369d7dSTobias Sarnowski $_SERVER['REMOTE_ADDR'] = '123.123.123.123'; 98*f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_REAL_IP'] = ''; 99*f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_FORWARDED_FOR'] = '127.0.0.1,10.0.0.1,192.168.0.2,172.17.1.1,172.21.1.1,172.31.1.1'; 100*f8369d7dSTobias Sarnowski $out = '123.123.123.123'; 101*f8369d7dSTobias Sarnowski $this->assertEquals(clientIP(true),$out); 102*f8369d7dSTobias Sarnowski } 103*f8369d7dSTobias Sarnowski 104*f8369d7dSTobias Sarnowski function test_local4_single(){ 105*f8369d7dSTobias Sarnowski $_SERVER['REMOTE_ADDR'] = '127.0.0.1'; 106*f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_REAL_IP'] = ''; 107*f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_FORWARDED_FOR'] = '192.168.0.5'; 108*f8369d7dSTobias Sarnowski $out = '192.168.0.5'; 109*f8369d7dSTobias Sarnowski $this->assertEquals(clientIP(true),$out); 110*f8369d7dSTobias Sarnowski } 111*f8369d7dSTobias Sarnowski 112*f8369d7dSTobias Sarnowski function test_garbage_all(){ 113*f8369d7dSTobias Sarnowski $_SERVER['REMOTE_ADDR'] = '123.123.123.123'; 114*f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_REAL_IP'] = ''; 115*f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_FORWARDED_FOR'] = 'some garbage, or something, 222'; 116*f8369d7dSTobias Sarnowski $out = '123.123.123.123'; 117*f8369d7dSTobias Sarnowski $this->assertEquals(clientIP(),$out); 118*f8369d7dSTobias Sarnowski } 119*f8369d7dSTobias Sarnowski 120*f8369d7dSTobias Sarnowski function test_garbage_single(){ 121*f8369d7dSTobias Sarnowski $_SERVER['REMOTE_ADDR'] = '123.123.123.123'; 122*f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_REAL_IP'] = ''; 123*f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_FORWARDED_FOR'] = 'some garbage, or something, 222'; 124*f8369d7dSTobias Sarnowski $out = '123.123.123.123'; 125*f8369d7dSTobias Sarnowski $this->assertEquals(clientIP(true),$out); 126*f8369d7dSTobias Sarnowski } 127*f8369d7dSTobias Sarnowski 128*f8369d7dSTobias Sarnowski function test_garbageonly_all(){ 129*f8369d7dSTobias Sarnowski $_SERVER['REMOTE_ADDR'] = 'argh'; 130*f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_REAL_IP'] = ''; 131*f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_FORWARDED_FOR'] = 'some garbage, or something, 222'; 132*f8369d7dSTobias Sarnowski $out = '0.0.0.0'; 133*f8369d7dSTobias Sarnowski $this->assertEquals(clientIP(),$out); 134*f8369d7dSTobias Sarnowski } 135*f8369d7dSTobias Sarnowski 136*f8369d7dSTobias Sarnowski function test_garbageonly_single(){ 137*f8369d7dSTobias Sarnowski $_SERVER['REMOTE_ADDR'] = 'argh'; 138*f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_REAL_IP'] = ''; 139*f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_FORWARDED_FOR'] = 'some garbage, or something, 222'; 140*f8369d7dSTobias Sarnowski $out = '0.0.0.0'; 141*f8369d7dSTobias Sarnowski $this->assertEquals(clientIP(true),$out); 142*f8369d7dSTobias Sarnowski } 143*f8369d7dSTobias Sarnowski 144*f8369d7dSTobias Sarnowski function test_malicious(){ 145*f8369d7dSTobias Sarnowski $_SERVER['REMOTE_ADDR'] = ''; 146*f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_REAL_IP'] = ''; 147*f8369d7dSTobias Sarnowski $_SERVER['HTTP_X_FORWARDED_FOR'] = '<?php set_time_limit(0);echo \'my_delim\';passthru(123.123.123.123);die;?>'; 148*f8369d7dSTobias Sarnowski $out = '0.0.0.0'; 149*f8369d7dSTobias Sarnowski $this->assertEquals(clientIP(),$out); 150*f8369d7dSTobias Sarnowski } 151*f8369d7dSTobias Sarnowski 152*f8369d7dSTobias Sarnowski} 153*f8369d7dSTobias Sarnowski 154*f8369d7dSTobias Sarnowski//Setup VIM: ex: et ts=4 : 155