Gecko [ edgpens.lpkmn.gov.my ]

Name	Size	Permission
Charsets	[ DIR ]	drwxrwxrwx
Config	[ DIR ]	drwxrwxrwx
Controllers	[ DIR ]	drwxrwxrwx
Database	[ DIR ]	drwxrwxrwx
Dbi	[ DIR ]	drwxrwxrwx
Di	[ DIR ]	drwxrwxrwx
Display	[ DIR ]	drwxrwxrwx
Engines	[ DIR ]	drwxrwxrwx
Gis	[ DIR ]	drwxrwxrwx
Navigation	[ DIR ]	drwxrwxrwx
Plugins	[ DIR ]	drwxrwxrwx
Properties	[ DIR ]	drwxrwxrwx
Rte	[ DIR ]	drwxrwxrwx
Server	[ DIR ]	drwxrwxrwx
Setup	[ DIR ]	drwxrwxrwx
Twig	[ DIR ]	drwxrwxrwx
Utils	[ DIR ]	drwxrwxrwx
Advisor.php	19.56 KB	-rw-rw-rw-
Bookmark.php	10.74 KB	-rw-rw-rw-
BrowseForeigners.php	11.15 KB	-rw-rw-rw-
CentralColumns.php	44.19 KB	-rw-rw-rw-
Charsets.php	6.14 KB	-rw-rw-rw-
CheckUserPrivileges.php	12.59 KB	-rw-rw-rw-
Config.php	57.38 KB	-rw-rw-rw-
Console.php	3.69 KB	-rw-rw-rw-
Core.php	38.31 KB	-rw-rw-rw-
CreateAddField.php	17.91 KB	-rw-rw-rw-
DatabaseInterface.php	104.47 KB	-rw-rw-rw-
Encoding.php	8.68 KB	-rw-rw-rw-
Error.php	13.34 KB	-rw-rw-rw-
ErrorHandler.php	17.17 KB	-rw-rw-rw-
ErrorReport.php	8.92 KB	-rw-rw-rw-
Export.php	42.76 KB	-rw-rw-rw-
File.php	21.29 KB	-rw-rw-rw-
FileListing.php	2.83 KB	-rw-rw-rw-
Font.php	5.54 KB	-rw-rw-rw-
Footer.php	10.6 KB	-rw-rw-rw-
Header.php	21.87 KB	-rw-rw-rw-
Import.php	56.56 KB	-rw-rw-rw-
Index.php	24.5 KB	-rw-rw-rw-
IndexColumn.php	4.44 KB	-rw-rw-rw-
InsertEdit.php	129.31 KB	-rw-rw-rw-
InternalRelations.php	17.42 KB	-rw-rw-rw-
IpAllowDeny.php	9.57 KB	-rw-rw-rw-
Language.php	4.31 KB	-rw-rw-rw-
LanguageManager.php	23.71 KB	-rw-rw-rw-
Linter.php	5.21 KB	-rw-rw-rw-
ListAbstract.php	2.51 KB	-rw-rw-rw-
ListDatabase.php	4.34 KB	-rw-rw-rw-
Logging.php	2.6 KB	-rw-rw-rw-
Menu.php	22.36 KB	-rw-rw-rw-
Message.php	19.32 KB	-rw-rw-rw-
Mime.php	916 B	-rw-rw-rw-
MultSubmits.php	23.64 KB	-rw-rw-rw-
Normalization.php	40.41 KB	-rw-rw-rw-
OpenDocument.php	8.52 KB	-rw-rw-rw-
Operations.php	81.25 KB	-rw-rw-rw-
OutputBuffering.php	3.71 KB	-rw-rw-rw-
ParseAnalyze.php	2.55 KB	-rw-rw-rw-
Partition.php	7.27 KB	-rw-rw-rw-
Pdf.php	4.37 KB	-rw-rw-rw-
Plugins.php	22.95 KB	-rw-rw-rw-
RecentFavoriteTable.php	12.04 KB	-rw-rw-rw-
Relation.php	79.64 KB	-rw-rw-rw-
RelationCleanup.php	15 KB	-rw-rw-rw-
Replication.php	5.75 KB	-rw-rw-rw-
ReplicationGui.php	21.23 KB	-rw-rw-rw-
Response.php	16.14 KB	-rw-rw-rw-
Sanitize.php	14.51 KB	-rw-rw-rw-
SavedSearches.php	11.94 KB	-rw-rw-rw-
Scripts.php	3.65 KB	-rw-rw-rw-
Session.php	7.62 KB	-rw-rw-rw-
Sql.php	82.09 KB	-rw-rw-rw-
SqlQueryForm.php	17.63 KB	-rw-rw-rw-
StorageEngine.php	13.75 KB	-rw-rw-rw-
SubPartition.php	3.55 KB	-rw-rw-rw-
SysInfo.php	1.61 KB	-rw-rw-rw-
SysInfoBase.php	822 B	-rw-rw-rw-
SysInfoLinux.php	2.16 KB	-rw-rw-rw-
SysInfoSunOS.php	1.89 KB	-rw-rw-rw-
SysInfoWINNT.php	3.27 KB	-rw-rw-rw-
SystemDatabase.php	3.97 KB	-rw-rw-rw-
Table.php	94.87 KB	-rw-rw-rw-
TablePartitionDefinition.php	6.64 KB	-rw-rw-rw-
Template.php	4.02 KB	-rw-rw-rw-
Theme.php	8.62 KB	-rw-rw-rw-
ThemeManager.php	10.42 KB	-rw-rw-rw-
Tracker.php	30.13 KB	-rw-rw-rw-
Tracking.php	40.26 KB	-rw-rw-rw-
Transformations.php	16.27 KB	-rw-rw-rw-
TwoFactor.php	7.14 KB	-rw-rw-rw-
Types.php	24.93 KB	-rw-rw-rw-
Url.php	8.32 KB	-rw-rw-rw-
UserPassword.php	9 KB	-rw-rw-rw-
UserPreferences.php	8.62 KB	-rw-rw-rw-
UserPreferencesHeader.php	4.13 KB	-rw-rw-rw-
Util.php	168.02 KB	-rw-rw-rw-
VersionInformation.php	6.92 KB	-rw-rw-rw-
ZipExtension.php	10.25 KB	-rw-rw-rw-

Code Editor : IpAllowDeny.php

<?php
/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
 * This library is used with the server IP allow/deny host authentication
 * feature
 *
 * @package PhpMyAdmin
 */
declare(strict_types=1);

namespace PhpMyAdmin;

use PhpMyAdmin\Core;

/**
 * PhpMyAdmin\IpAllowDeny class
 *
 * @package PhpMyAdmin
 */
class IpAllowDeny
{
    /**
     * Matches for IPv4 or IPv6 addresses
     *
     * @param string $testRange string of IP range to match
     * @param string $ipToTest  string of IP to test against range
     *
     * @return boolean    whether the IP mask matches
     *
     * @access  public
     */
    public function ipMaskTest($testRange, $ipToTest)
    {
        if (mb_strpos($testRange, ':') > -1
            || mb_strpos($ipToTest, ':') > -1
        ) {
            // assume IPv6
            $result = $this->ipv6MaskTest($testRange, $ipToTest);
        } else {
            $result = $this->ipv4MaskTest($testRange, $ipToTest);
        }

return $result;
    }

/**
     * Based on IP Pattern Matcher
     * Originally by J.Adams <jna@retina.net>
     * Found on <https://www.php.net/manual/en/function.ip2long.php>
     * Modified for phpMyAdmin
     *
     * Matches:
     * xxx.xxx.xxx.xxx        (exact)
     * xxx.xxx.xxx.[yyy-zzz]  (range)
     * xxx.xxx.xxx.xxx/nn     (CIDR)
     *
     * Does not match:
     * xxx.xxx.xxx.xx[yyy-zzz]  (range, partial octets not supported)
     *
     * @param string $testRange string of IP range to match
     * @param string $ipToTest  string of IP to test against range
     *
     * @return boolean    whether the IP mask matches
     *
     * @access  public
     */
    public function ipv4MaskTest($testRange, $ipToTest)
    {
        $result = true;
        $match = preg_match(
            '|([0-9]+)\.([0-9]+)\.([0-9]+)\.([0-9]+)/([0-9]+)|',
            $testRange,
            $regs
        );
        if ($match) {
            // performs a mask match
            $ipl    = ip2long($ipToTest);
            $rangel = ip2long(
                $regs[1] . '.' . $regs[2] . '.' . $regs[3] . '.' . $regs[4]
            );

$maskl  = 0;

for ($i = 0; $i < 31; $i++) {
                if ($i < $regs[5] - 1) {
                    $maskl += pow(2, 30 - $i);
                } // end if
            } // end for

return ($maskl & $rangel) == ($maskl & $ipl);
        }

// range based
        $maskocts = explode('.', $testRange);
        $ipocts   = explode('.', $ipToTest);

// perform a range match
        for ($i = 0; $i < 4; $i++) {
            if (preg_match('|\[([0-9]+)\-([0-9]+)\]|', $maskocts[$i], $regs)) {
                if (($ipocts[$i] > $regs[2]) || ($ipocts[$i] < $regs[1])) {
                    $result = false;
                } // end if
            } else {
                if ($maskocts[$i] <> $ipocts[$i]) {
                    $result = false;
                } // end if
            } // end if/else
        } //end for

return $result;
    }

/**
     * IPv6 matcher
     * CIDR section taken from https://stackoverflow.com/a/10086404
     * Modified for phpMyAdmin
     *
     * Matches:
     * xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx
     * (exact)
     * xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:[yyyy-zzzz]
     * (range, only at end of IP - no subnets)
     * xxxx:xxxx:xxxx:xxxx/nn
     * (CIDR)
     *
     * Does not match:
     * xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xx[yyy-zzz]
     * (range, partial octets not supported)
     *
     * @param string $test_range string of IP range to match
     * @param string $ip_to_test string of IP to test against range
     *
     * @return boolean    whether the IP mask matches
     *
     * @access  public
     */
    public function ipv6MaskTest($test_range, $ip_to_test)
    {
        $result = true;

// convert to lowercase for easier comparison
        $test_range = mb_strtolower($test_range);
        $ip_to_test = mb_strtolower($ip_to_test);

$is_cidr = mb_strpos($test_range, '/') > -1;
        $is_range = mb_strpos($test_range, '[') > -1;
        $is_single = ! $is_cidr && ! $is_range;

$ip_hex = bin2hex(inet_pton($ip_to_test));

if ($is_single) {
            $range_hex = bin2hex(inet_pton($test_range));
            $result = hash_equals($ip_hex, $range_hex);
            return $result;
        }

if ($is_range) {
            // what range do we operate on?
            $range_match = [];
            $match = preg_match(
                '/\[([0-9a-f]+)\-([0-9a-f]+)\]/',
                $test_range,
                $range_match
            );
            if ($match) {
                $range_start = $range_match[1];
                $range_end   = $range_match[2];

// get the first and last allowed IPs
                $first_ip  = str_replace($range_match[0], $range_start, $test_range);
                $first_hex = bin2hex(inet_pton($first_ip));
                $last_ip   = str_replace($range_match[0], $range_end, $test_range);
                $last_hex  = bin2hex(inet_pton($last_ip));

// check if the IP to test is within the range
                $result = ($ip_hex >= $first_hex && $ip_hex <= $last_hex);
            }
            return $result;
        }

if ($is_cidr) {
            // Split in address and prefix length
            list($first_ip, $subnet) = explode('/', $test_range);

// Parse the address into a binary string
            $first_bin = inet_pton($first_ip);
            $first_hex = bin2hex($first_bin);

$flexbits = 128 - (int) $subnet;

// Build the hexadecimal string of the last address
            $last_hex = $first_hex;

$pos = 31;
            while ($flexbits > 0) {
                // Get the character at this position
                $orig = mb_substr($last_hex, $pos, 1);

// Convert it to an integer
                $origval = hexdec($orig);

// OR it with (2^flexbits)-1, with flexbits limited to 4 at a time
                $newval = $origval | (pow(2, min(4, $flexbits)) - 1);

// Convert it back to a hexadecimal character
                $new = dechex($newval);

// And put that character back in the string
                $last_hex = substr_replace($last_hex, $new, $pos, 1);

// We processed one nibble, move to previous position
                $flexbits -= 4;
                --$pos;
            }

// check if the IP to test is within the range
            $result = ($ip_hex >= $first_hex && $ip_hex <= $last_hex);
        }

return $result;
    }

/**
     * Runs through IP Allow rules the use of it below for more information
     *
     * @return bool Whether rule has matched
     *
     * @access  public
     *
     * @see     Core::getIp()
     */
    public function allow()
    {
        return $this->allowDeny("allow");
    }

/**
     * Runs through IP Deny rules the use of it below for more information
     *
     * @return bool Whether rule has matched
     *
     * @access  public
     *
     * @see     Core::getIp()
     */
    public function deny()
    {
        return $this->allowDeny("deny");
    }

/**
     * Runs through IP Allow/Deny rules the use of it below for more information
     *
     * @param string $type 'allow' | 'deny' type of rule to match
     *
     * @return bool   Whether rule has matched
     *
     * @access  public
     *
     * @see     Core::getIp()
     */
    private function allowDeny($type)
    {
        global $cfg;

// Grabs true IP of the user and returns if it can't be found
        $remote_ip = Core::getIp();
        if (empty($remote_ip)) {
            return false;
        }

// copy username
        $username  = $cfg['Server']['user'];

// copy rule database
        if (isset($cfg['Server']['AllowDeny']['rules'])) {
            $rules     = $cfg['Server']['AllowDeny']['rules'];
            if (! is_array($rules)) {
                $rules = [];
            }
        } else {
            $rules = [];
        }

// lookup table for some name shortcuts
        $shortcuts = [
            'all'       => '0.0.0.0/0',
            'localhost' => '127.0.0.1/8',
        ];

// Provide some useful shortcuts if server gives us address:
        if (Core::getenv('SERVER_ADDR')) {
            $shortcuts['localnetA'] = Core::getenv('SERVER_ADDR') . '/8';
            $shortcuts['localnetB'] = Core::getenv('SERVER_ADDR') . '/16';
            $shortcuts['localnetC'] = Core::getenv('SERVER_ADDR') . '/24';
        }

foreach ($rules as $rule) {
            // extract rule data
            $rule_data = explode(' ', $rule);

// check for rule type
            if ($rule_data[0] != $type) {
                continue;
            }

// check for username
            if (($rule_data[1] != '%') //wildcarded first
                && (! hash_equals($rule_data[1], $username))
            ) {
                continue;
            }

// check if the config file has the full string with an extra
            // 'from' in it and if it does, just discard it
            if ($rule_data[2] == 'from') {
                $rule_data[2] = $rule_data[3];
            }

// Handle shortcuts with above array
            if (isset($shortcuts[$rule_data[2]])) {
                $rule_data[2] = $shortcuts[$rule_data[2]];
            }

// Add code for host lookups here
            // Excluded for the moment

// Do the actual matching now
            if ($this->ipMaskTest($rule_data[2], $remote_ip)) {
                return true;
            }
        } // end while

return false;
    }
}

${this.title}

Code Editor : IpAllowDeny.php