greasemonkey Posted July 31, 2018 Share Posted July 31, 2018 Hey, all... anyone ever figure out a way to validate ipv6 ip addresses? Currently this function won't do it... and with the DRAMATIC increase in mobile carriers using ipv6.... many/most ip addresses are failing validation From admin/includes/functions/general.php in 2.3.4 CE function tep_validate_ip_address($ip_address) { if (function_exists('filter_var') && defined('FILTER_VALIDATE_IP')) { return filter_var($ip_address, FILTER_VALIDATE_IP, array('flags' => FILTER_FLAG_IPV4)); } if (preg_match('/^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/', $ip_address)) { $parts = explode('.', $ip_address); foreach ($parts as $ip_parts) { if ( ((int)($ip_parts) > 255) || ((int)($ip_parts) < 0) ) { return false; // number is not within 0-255 } } return true; } return false; } Link to comment Share on other sites More sharing options...
oscMarket Posted July 31, 2018 Share Posted July 31, 2018 Can try to make it work with:https://www.w3schools.com/php/filter_validate_ip.asp Link to comment Share on other sites More sharing options...
oscMarket Posted July 31, 2018 Share Posted July 31, 2018 should be enough: function tep_validate_ip_address($ip_address) { if (function_exists('filter_var') && defined('FILTER_VALIDATE_IP')) { return filter_var($ip_address, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE); } return false; } Link to comment Share on other sites More sharing options...
greasemonkey Posted July 31, 2018 Author Share Posted July 31, 2018 1 minute ago, wHiTeHaT said: should be enough: function tep_validate_ip_address($ip_address) { if (function_exists('filter_var') && defined('FILTER_VALIDATE_IP')) { return filter_var($ip_address, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE); } return false; } I'll test and report back.... Currently I had but the IP was cut off at 25 characters function tep_validate_ip_address($ip_address) { if (function_exists('filter_var') && defined('FILTER_VALIDATE_IP')) { return filter_var($ip_address, FILTER_VALIDATE_IP); } return false; } Link to comment Share on other sites More sharing options...
greasemonkey Posted July 31, 2018 Author Share Posted July 31, 2018 @wHiTeHaT what about? function tep_validate_ip_address($ip_address) { return inet_pton($ip) !== false; } http://php.net/manual/en/function.inet-pton.php Link to comment Share on other sites More sharing options...
oscMarket Posted July 31, 2018 Share Posted July 31, 2018 @greasemonkey , read the first comment and that page from the manual link. And read:https://stackoverflow.com/questions/9608001/php-function-to-validate-ipv4-and-ipv6-using-regex There is not so much options. Link to comment Share on other sites More sharing options...
greasemonkey Posted July 31, 2018 Author Share Posted July 31, 2018 @wHiTeHaT you mean the note about e_warning on failure? Ya, that wouldn’t be good I suppose... At the end of the day this is a 10 year old (at least) function that only works 50% of the time. Probably needs some thought. Link to comment Share on other sites More sharing options...
oscMarket Posted July 31, 2018 Share Posted July 31, 2018 You still need to report the result of my suggestion. Link to comment Share on other sites More sharing options...
greasemonkey Posted July 31, 2018 Author Share Posted July 31, 2018 1 hour ago, greasemonkey said: function tep_validate_ip_address($ip_address) { if (function_exists('filter_var') && defined('FILTER_VALIDATE_IP')) { return filter_var($ip_address, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE); } return false; } This works Henry - in the sense they now show in who's online (so I presume they have passed validation). However, on to the next problem..... the IP's, it would seem, most of the time cannot be used for geolocation. Maybe they are being compressed maybe with tep_get_ip_address? Example this ip/bot keep hitting my site and can be geolocated: 2a01:4f8:13b:12e0:0:0:0:2 - works perfect 2607:fea8:695f:ffb1:7d67: - cannot be geolocated via any DB (I tried several) Link to comment Share on other sites More sharing options...
burt Posted August 1, 2018 Share Posted August 1, 2018 You may need to increase the database limit for the ip_address in whos_online table. Maybe to varchar(256), that should be more than enough. https://stackoverflow.com/questions/1076714/max-length-for-client-ip-address I think your second example is not the full ipv6 ip - it is cut off at X (25?) characters, hence why you cannot find it in any ip database. Link to comment Share on other sites More sharing options...
burt Posted August 1, 2018 Share Posted August 1, 2018 In addition to the above, I learned something new today - IP addresses get shortened automatically, eg 127.0.0.1 is actually 127.000.000.001 So your first example 2a01:4f8:13b:12e0:0:0:0:2 gets shortened, less than your 25 limit, all good, can be found in the geolocate DB, is actually: 2a01:4f8:13b:12e0:0000:0000:0000:0002 The second example 2607:fea8:695f:ffb1:7d67: nothing there can be shortened, so is cut off at your 25 limit... Link to comment Share on other sites More sharing options...
greasemonkey Posted August 1, 2018 Author Share Posted August 1, 2018 49 minutes ago, burt said: In addition to the above, I learned something new today - IP addresses get shortened automatically, eg 127.0.0.1 is actually 127.000.000.001 So your first example 2a01:4f8:13b:12e0:0:0:0:2 gets shortened, less than your 25 limit, all good, can be found in the geolocate DB, is actually: 2a01:4f8:13b:12e0:0000:0000:0000:0002 The second example 2607:fea8:695f:ffb1:7d67: nothing there can be shortened, so is cut off at your 25 limit... Perfect.... that is making sense. It seems the max character length for ipv6 is 39 - so I'm testing at varchar(128) and it seems to be working perfectly on all ipv6 IP's. https://stackoverflow.com/questions/1076714/max-length-for-client-ip-address Link to comment Share on other sites More sharing options...
dr_lucas Posted August 22, 2018 Share Posted August 22, 2018 I have been using this self-modified function for a long time, works well: function tep_validate_ip_address($ip_address) { if (function_exists('filter_var') && defined('FILTER_VALIDATE_IP')) { return filter_var($ip_address, FILTER_VALIDATE_IP, array('flags' => FILTER_FLAG_IPV4 || FILTER_FLAG_IPV6)); } if (preg_match('/^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/', $ip_address)) { $parts = explode('.', $ip_address); foreach ($parts as $ip_parts) { if ( (intval($ip_parts) > 255) || (intval($ip_parts) < 0) ) { return false; // number is not within 0-255 } } return true; } return false; } Did I help you? Click "Like" or "Thanks"! It's free of charge. :)My contributions:Total Configuration (newly updated 07/2018, for both osC 2.2 and 2.3.4.1 BS Frozen CE)User Tracking with Admin 1.0 (newly updated 07/2018)FedEx - Web Services v9, FAQ System , Who's Online Enhancement, Order Editor, MoneyBookers IPN, Ship in Cart (MS2), Admin Products Paging, Margin Report v1.00, 2Checkout INS / IPN (Instant Notification System) for MS2.2, Visitor Web Stats, Time Zone Offset - Adjust to match your location, Category Meta Tags Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.