XIP Class - Proxy Detection and IP Functions class for PHP - File Name: class.XIP.php
Copyright (C) 2004-2006 Volkan Küçükçakar. All Rights Reserved.
You are requested to retain this copyright notice in order to use
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
Name : XIP Class
Version : 0.3.00
Date : 2006.08.21
File : class.XIP.php
Author : Volkan Küçükçakar
EMail : firstname.lastname@example.org
Home Page : http://www.developera.com
Description : XIP Class
***** Proxy Detection and IP Functions class for PHP
-Very easy to integrate and use
-Enhanced smart "Proxy" and "Client IP" detection using header analysis
-Detects Proxy by looking for more than 40 standard and non-standard headers and hostname
-Retrieves the real Client IP address !!!
-IP BLACKLIST, WHITELIST check !!!
-IP[/Mask] format (IP range) compatible
-IP public/private check
-Expandable proxy detection structure by using arrays and regular expressions
-Guess for unknown headers using regular expressions
v0.1.0 (2004) : Foundation. "Proxy","Client IP","Proxy Type" detection.
v0.2.0 (2005) : -Enhanced smart Header analysis techniques
-Expandable structure by using arrays
-Regular expression compatible
-IP Validation Function added
-Added function to check if IP is local
-Invalid and Local IP adresses are ignored if reported as client ip
v0.2.1 (2005) : -search REMOTE_HOST (for words "proxy", "cache")
v0.2.23(2006.02.16) : First and public release
v0.2.24(2006.03.12) : -Fixed some notice level error reporting
-Fixed Normal Private IP List
-Added some comments
v0.2.30(2006.04.25) : -Fixed a bug in NetCheck() function relevant to a undefined variable
-NetCheck() function is deprecated, parameter order changed in new CheckNet() function
-More easily blacklist check with new CheckNet() function
($ip parameter became optional and refers to client IP by default)
-Fixed a potential bug (Added IP Validation check) in isPublic() function
-Changed some comments and explanations
v0.2.40(2006.07.05) : -Fixed IP octet pattern
-Fixed Normal Private IP List
-Added some security advice
-Added/Changed some comments and explanations
v0.2.41(2006.07.07) : -Added/Changed some comments and explanations
v0.3.00(2006.08.21) : -Bug Fixed in IP octet pattern
-Added Example 3: Blacklist (Local) - Another local blacklist example using an external flat text file
-Added Example 4: IP Log - IP Log example using a flat text file (with exclusive file lock support via flock and semaphore files)
-Added Example 5: Blacklist (Check RBL) - Checking the existance of visitor's IP in RBL (Real-Time Blackhole List) using 3rd party services
class.XIP.php : Main project file, Proxy Detection and IP Functions class for PHP
License.txt : License, GNU General Public License (GPL)
Readme.txt : This file
Examples/index.php : File simply calls Example 1
Examples/proxydetect.php : Example 1 - Proxy type, proxy info, client IP detection
Examples/ipfunctions.php : Example 2 - IP Functions, IP validate, public/private IP check, network check, local blacklist
Examples/blacklist_local.php : Example 3 - Blacklist (Local) - Another local blacklist example using an external flat text file
Examples/blacklist.txt : File needed by blacklist_local.php
Examples/iplog.php : Example 4 - IP Log - IP Log example using a flat text file (with exclusive file lock support via flock and semaphore files)
Examples/log/iplog.txt : File needed by iplog.php
Examples/log/iplog.txt.lck : File needed by iplog.php
Examples/CheckRBL.php : Example 5 - Blacklist (Check RBL) - Checking the existance of visitor's IP in RBL (Real-Time Blackhole List) using 3rd party services
There is an Extended Private IP List (BOGON IP list) in variable $Private_IP_Extended
You can always download the latest version of list into a file from http://www.cymru.com/Documents/bogon-bn-nonagg.txt
Usage of this list may be disabled by default, see comments in file.
Thanks to "Team Cymru Web Site"
Examples of most common usage
will always write the reported client IP if available or will write Proxy IP if client IP not available.
You can usually use $XIP->IP['client'] instead of $_SERVER['REMOTE_ADDR'] or $REMOTE_ADDR in your project however;
* Do not forget that client IP is always reported by gateway (or client unfortinately)
By the way, this is a property of http proxy connection; not a weakness of XIP Class.
* You can separately use/save $_SERVER['REMOTE_ADDR'] (or $XIP->IP['proxy']) in your logs for security. (See EXAMPLE 4 - iplog.php)
* To increase security, you can use $XIP->IP['client'] in conjunction with $XIP->IP['proxy'] (equals to $_SERVER['REMOTE_ADDR']),
or you can do something with $XIP->IP['all']
if ($XIP->isValid('127.0.0.1')) echo "ip is valid"; //will output "ip is valid"
if ($XIP->isPrivate('172.25.66.7')) echo "ip belongs to local netwok"; //will output "ip belongs to local netwok"
if ($XIP->CheckNet('127.0.0.0/255.255.255.0','127.0.0.5')) echo "IP belongs to given network"; //will output "ip belongs to given network"
* IP Range Check examples *:
//If you want to check if IP is in range of 192.168.2.0 to 192.168.2.255
if ($XIP->CheckNet('192.168.2.0/255.255.255.0')) echo "YES IN RANGE"; //check the client IP
if ($XIP->CheckNet('192.168.2.0/255.255.255.0',$ip)) echo "YES IN RANGE"; //check the given IP
//If you want to check if IP is in range of 192.168.0.0 to 192.168.255.255
if ($XIP->CheckNet('192.168.2.0/255.255.0.0')) echo "YES IN RANGE"; //check the client IP
if ($XIP->CheckNet('192.168.2.0/255.255.0.0',$ip)) echo "YES IN RANGE"; //check the given IP
* IP BLACKLIST, WHITELIST examples *:
$blacklist="10.0.5.0, 10.0.5.1, 10.0.5.2, 10.0.4.0/24, 10.0.3.0/255.255.255.0";
if ($XIP->CheckNet($blacklist)) echo "IP is in BLACKLIST"; //check the client IP