search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Added the zend framework 2 library, the path is specified in line no.26 in zend_modul...
[openemr.git] / interface / modules / zend_modules / library / Zend / Session / Validator / RemoteAddr.php
blob2a4622ceb977f37c9b343921fe649012e71b739d
1 <?php
2 /**
3 * Zend Framework (http://framework.zend.com/)
4 *
5 * @link http://github.com/zendframework/zf2 for the canonical source repository
6 * @copyright Copyright (c) 2005-2013 Zend Technologies USA Inc. (http://www.zend.com)
7 * @license http://framework.zend.com/license/new-bsd New BSD License
8 */
9
10 namespace Zend\Session\Validator;
11
12 use Zend\Http\PhpEnvironment\RemoteAddress;
13 use Zend\Session\Validator\ValidatorInterface as SessionValidator;
14
15 class RemoteAddr implements SessionValidator
16 {
17 /**
18 * Internal data.
19 *
20 * @var string
21 */
22 protected $data;
23
24 /**
25 * Whether to use proxy addresses or not.
26 *
27 * As default this setting is disabled - IP address is mostly needed to increase
28 * security. HTTP_* are not reliable since can easily be spoofed. It can be enabled
29 * just for more flexibility, but if user uses proxy to connect to trusted services
30 * it's his/her own risk, only reliable field for IP address is $_SERVER['REMOTE_ADDR'].
31 *
32 * @var bool
33 */
34 protected static $useProxy = false;
35
36 /**
37 * List of trusted proxy IP addresses
38 *
39 * @var array
40 */
41 protected static $trustedProxies = array();
42
43 /**
44 * HTTP header to introspect for proxies
45 *
46 * @var string
47 */
48 protected static $proxyHeader = 'HTTP_X_FORWARDED_FOR';
49
50 /**
51 * Constructor
52 * get the current user IP and store it in the session as 'valid data'
53 */
54 public function __construct($data = null)
55 {
56 if (empty($data)) {
57 $data = $this->getIpAddress();
58 }
59 $this->data = $data;
60 }
61
62 /**
63 * isValid() - this method will determine if the current user IP matches the
64 * IP we stored when we initialized this variable.
65 *
66 * @return bool
67 */
68 public function isValid()
69 {
70 return ($this->getIpAddress() === $this->getData());
71 }
72
73 /**
74 * Changes proxy handling setting.
75 *
76 * This must be static method, since validators are recovered automatically
77 * at session read, so this is the only way to switch setting.
78 *
79 * @param bool $useProxy Whether to check also proxied IP addresses.
80 * @return void
81 */
82 public static function setUseProxy($useProxy = true)
83 {
84 static::$useProxy = $useProxy;
85 }
86
87 /**
88 * Checks proxy handling setting.
89 *
90 * @return bool Current setting value.
91 */
92 public static function getUseProxy()
93 {
94 return static::$useProxy;
95 }
96
97 /**
98 * Set list of trusted proxy addresses
99 *
100 * @param array $trustedProxies
101 * @return void
102 */
103 public static function setTrustedProxies(array $trustedProxies)
104 {
105 static::$trustedProxies = $trustedProxies;
106 }
107
108 /**
109 * Set the header to introspect for proxy IPs
110 *
111 * @param string $header
112 * @return void
113 */
114 public static function setProxyHeader($header = 'X-Forwarded-For')
115 {
116 static::$proxyHeader = $header;
117 }
118
119 /**
120 * Returns client IP address.
121 *
122 * @return string IP address.
123 */
124 protected function getIpAddress()
125 {
126 $remoteAddress = new RemoteAddress();
127 $remoteAddress->setUseProxy(static::$useProxy);
128 $remoteAddress->setTrustedProxies(static::$trustedProxies);
129 $remoteAddress->setProxyHeader(static::$proxyHeader);
130 return $remoteAddress->getIpAddress();
131 }
132
133 /**
134 * Retrieve token for validating call
135 *
136 * @return string
137 */
138 public function getData()
139 {
140 return $this->data;
141 }
142
143 /**
144 * Return validator name
145 *
146 * @return string
147 */
148 public function getName()
149 {
150 return __CLASS__;
151 }
152 }
Mirror of official OpenEMR Sourceforge repository