You are here

Home » API reference » Restrict IP 8 » RestrictIpService.php » RestrictIpService

private function RestrictIpService::testWhitelistedIp in Restrict IP 8

Same name and namespace in other branches
  1. 8.2 src/Service/RestrictIpService.php \Drupal\restrict_ip\Service\RestrictIpService::testWhitelistedIp()
  2. 3.x src/Service/RestrictIpService.php \Drupal\restrict_ip\Service\RestrictIpService::testWhitelistedIp()

* Test an ip address to see if the current user should be whitelisted based on * that address. * *

Parameters

$whitelisted_address: * The address to check * * @return bool * TRUE if the user should be allowed access based on the current IP * FALSE if they should not be allowed access based on the current IP

1 call to RestrictIpService::testWhitelistedIp()
RestrictIpService::allowAccessWhitelistedIp in src/Service/RestrictIpService.php
* Test to see if the current user has a whitelisted IP address

File

src/Service/RestrictIpService.php, line 383

Class

RestrictIpService

Namespace

Drupal\restrict_ip\Service

Code

private function testWhitelistedIp($whitelisted_ip) {

  // Check if the given IP address matches the current user
  if ($whitelisted_ip == $this
    ->getCurrentUserIp()) {
    return TRUE;
  }
  $pieces = explode('-', $whitelisted_ip);

  // We only need to continue checking this IP address
  // if it is a range of addresses
  if (count($pieces) == 2) {
    $start_ip = $pieces[0];
    $end_ip = $pieces[1];
    $start_pieces = explode('.', $start_ip);

    // If there are not 4 sections to the IP then its an invalid
    // IPv4 address, and we don't need to continue checking
    if (count($start_pieces) === 4) {
      $user_pieces = explode('.', $this->currentUserIp);

      // We compare the first three chunks of the first IP address
      // With the first three chunks of the user's IP address
      // If they are not the same, then the IP address is not within
      // the range of IPs
      for ($i = 0; $i < 3; $i++) {
        if ((int) $user_pieces[$i] !== (int) $start_pieces[$i]) {

          // One of the chunks has failed, so we can stop
          // checking this range
          return FALSE;
        }
      }

      // The first three chunks have past testing, so now we check the
      // range given to see if the final chunk is in this range
      // First we get the start of the range
      $start_final_chunk = (int) array_pop($start_pieces);
      $end_pieces = explode('.', $end_ip);

      // Then we get the end of the range. This will work
      // whether the user has entered XXX.XXX.XXX.XXX - XXX.XXX.XXX.XXX
      // or XXX.XXX.XXX.XXX-XXX
      $end_final_chunk = (int) array_pop($end_pieces);

      // Now we get the user's final chunk
      $user_final_chunk = (int) array_pop($user_pieces);

      // And finally we check to see if the user's chunk lies in that range
      if ($user_final_chunk >= $start_final_chunk && $user_final_chunk <= $end_final_chunk) {

        // The user's IP lies in the range, so we don't grant access
        return TRUE;
      }
    }
  }
  return FALSE;
}