Jump to content
Latest News: (loading..)

Recommended Posts

Hey, all... anyone ever figure out a way to validate ipv6 ip addresses?

Currently this function won't do it... and with the DRAMATIC increase in mobile carriers using ipv6.... many/most ip addresses are failing validation

From admin/includes/functions/general.php in 2.3.4 CE

  function tep_validate_ip_address($ip_address) {
    if (function_exists('filter_var') && defined('FILTER_VALIDATE_IP')) {
      return filter_var($ip_address, FILTER_VALIDATE_IP, array('flags' => FILTER_FLAG_IPV4));
    }
    if (preg_match('/^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$/', $ip_address)) {
      $parts = explode('.', $ip_address);
      foreach ($parts as $ip_parts) {
        if ( ((int)($ip_parts) > 255) || ((int)($ip_parts) < 0) ) {
          return false; // number is not within 0-255
        }
      }
      return true;
    }
    return false;
  }

 

Share this post


Link to post
Share on other sites

should be enough:
 

    function tep_validate_ip_address($ip_address) {
        if (function_exists('filter_var') && defined('FILTER_VALIDATE_IP')) {
          return filter_var($ip_address, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE);
        }
        return false;
    }

 

Share this post


Link to post
Share on other sites
1 minute ago, wHiTeHaT said:

should be enough:
 


    function tep_validate_ip_address($ip_address) {
        if (function_exists('filter_var') && defined('FILTER_VALIDATE_IP')) {
          return filter_var($ip_address, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE);
        }
        return false;
    }

 

I'll test and report back....

Currently I had but the IP was cut off at 25 characters

  function tep_validate_ip_address($ip_address) {
    if (function_exists('filter_var') && defined('FILTER_VALIDATE_IP')) {
      return filter_var($ip_address, FILTER_VALIDATE_IP);
    }

    return false;
  }

 

Share this post


Link to post
Share on other sites

Share this post


Link to post
Share on other sites

@wHiTeHaT you mean the note about e_warning on failure? Ya, that wouldn’t be good I suppose... 

At the end of the day this is a 10 year old (at least) function that only works 50% of the time.

Probably needs some thought. 

Share this post


Link to post
Share on other sites
1 hour ago, greasemonkey said:

function tep_validate_ip_address($ip_address) { if (function_exists('filter_var') && defined('FILTER_VALIDATE_IP')) { return filter_var($ip_address, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE); } return false; }

This works Henry - in the sense they now show in who's online (so I presume they have passed validation).

However, on to the next problem.....  the IP's, it would seem, most of the time cannot be used for geolocation.

Maybe they are being compressed maybe with tep_get_ip_address?

Example this ip/bot keep hitting my site and can be geolocated:

2a01:4f8:13b:12e0:0:0:0:2 - works perfect

2607:fea8:695f:ffb1:7d67: - cannot be geolocated via any DB (I tried several)

 

 

Share this post


Link to post
Share on other sites
Posted (edited)

You may need to increase the database limit for the ip_address in whos_online table. 

Maybe to varchar(256), that should be more than enough.

https://stackoverflow.com/questions/1076714/max-length-for-client-ip-address

I think your second example is not the full ipv6 ip - it is cut off at X (25?) characters, hence why you cannot find it in any ip database.

Edited by burt

This is a signature that appears on all my posts.  
IF YOU MAKE A POST REQUESTING HELP...please state the exact version
of osCommerce that you are using. THANKS

 
Get the latest current code (community-supported responsive 2.3.4.1BS Edge) here

 

Share this post


Link to post
Share on other sites

In addition to the above, I learned something new today - IP addresses get shortened automatically, eg 127.0.0.1 is actually 127.000.000.001

So your first example

2a01:4f8:13b:12e0:0:0:0:2

gets shortened, less than your 25 limit, all good, can be found in the geolocate DB, is actually:

2a01:4f8:13b:12e0:0000:0000:0000:0002

The second example

2607:fea8:695f:ffb1:7d67:

nothing there can be shortened, so is cut off at your 25 limit...


This is a signature that appears on all my posts.  
IF YOU MAKE A POST REQUESTING HELP...please state the exact version
of osCommerce that you are using. THANKS

 
Get the latest current code (community-supported responsive 2.3.4.1BS Edge) here

 

Share this post


Link to post
Share on other sites
Posted (edited)
49 minutes ago, burt said:

In addition to the above, I learned something new today - IP addresses get shortened automatically, eg 127.0.0.1 is actually 127.000.000.001

So your first example

2a01:4f8:13b:12e0:0:0:0:2

gets shortened, less than your 25 limit, all good, can be found in the geolocate DB, is actually:

2a01:4f8:13b:12e0:0000:0000:0000:0002

The second example

2607:fea8:695f:ffb1:7d67:

nothing there can be shortened, so is cut off at your 25 limit...

Perfect.... that is making sense.

It seems the max character length for ipv6 is 39 - so I'm testing at varchar(128) and it seems to be working perfectly on all ipv6 IP's.

https://stackoverflow.com/questions/1076714/max-length-for-client-ip-address

 

Edited by greasemonkey

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×