0

我想扩展我的 ~$_SERVER['REMOTE_ADDR'~ 检查的 IP 范围。以下内容有效且仅允许 10.0.4.* 子网访问该站点:

$chk = "10.0.4.";
if( substr($_SERVER['REMOTE_ADDR'],0,strlen($chk)) !== $chk)
    $wgGroupPermissions['*']['read'] = false;

当我修改$chk字符串以将站点打开到我的整个本地网络时,我最终将站点打开到整个世界。

$chk = "10.0.";
if( substr($_SERVER['REMOTE_ADDR'],0,strlen($chk)) !== $chk)
    $wgGroupPermissions['*']['read'] = false;

我只希望我的本地子网 10.0.. 具有对该站点的读取权限。我该怎么做呢?

4

3 回答 3

1

使用掩码是比拆分字符串更好的方法:

function testSubnet($ip, $subnet, $mask) {
    $ip = ip2long($ip);
    $subnet = ip2long($subnet);
    $mask = ip2long($mask);
    return ($ip & $mask) == ($subnet & $mask);
}

var_dump(testSubnet('10.0.0.1', '10.0.0.0', '255.255.255.0'));
var_dump(testSubnet('10.0.0.2', '10.0.0.0', '255.255.255.0'));
var_dump(testSubnet('10.0.1.1', '10.0.0.0', '255.255.255.0'));
var_dump(testSubnet('10.0.1.1', '10.0.0.0', '255.255.0.0'));

在这种情况下:

if(testSubnet($_SERVER['REMOTE_ADDR'], '10.0.4.0', '255.255.255.0')) {
    // Anything, blablabla...
}
于 2012-09-12T01:50:47.300 回答
0

为什么你不能这样做:

$z = $_SERVER['REMOTE_ADDR'];

function check($ip, $octet = 2) {
    $allow = explode(".", "10.0.0.1");
    $ipa = explode(".", $ip);

    for($i = 0; $i < $octet; $i++) {
        $ch .= $ipa[$i];
        $ah .= $allow[$i];
    }

   return $ch == $ah;
 }

echo check($z);

其中 $octet 是您要匹配的八位字节数。默认值为 2。

于 2012-09-12T01:22:56.057 回答
0

你能用这个header()功能吗?尝试这个。

$allowed_ip = "10.0.4";
if (!strstr($_SERVER['REMOTE_ADDR'],$allowed_ip))
   header("Location: login.php");
   // include("login.php");

/* The user will be redirected to another page or you could
always include your login.php page and just continue from there. */
于 2012-09-12T01:27:15.820 回答