File: /var/www/virtual/spades/httpdocs/App_Access_Control/allowed_list.php
<?php
//Globals
$API_KEY = "8E6375533B878";
function parse_input($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
function getUserIP()
{
// Get real visitor IP behind CloudFlare network
if (isset($_SERVER["HTTP_CF_CONNECTING_IP"]))
{
$_SERVER['REMOTE_ADDR'] = $_SERVER["HTTP_CF_CONNECTING_IP"];
$_SERVER['HTTP_CLIENT_IP'] = $_SERVER["HTTP_CF_CONNECTING_IP"];
}
$client = @$_SERVER['HTTP_CLIENT_IP'];
$forward = @$_SERVER['HTTP_X_FORWARDED_FOR'];
$remote = $_SERVER['REMOTE_ADDR'];
if(filter_var($client, FILTER_VALIDATE_IP))
{
$ip = $client;
}
elseif(filter_var($forward, FILTER_VALIDATE_IP))
{
$ip = $forward;
}
else
{
$ip = $remote;
}
return $ip;
}
function WriteToLog($Client_Auth_Success)
{
//Get Date And Time
$CurrentDateTime = date('h:i a d/m/Y');
//Open File
$myfile = fopen(__DIR__."/client.log", "a+") or die("Unable to open file!");
//Get Data Ready that is to be written into file
$dataToWriteInFile = $CurrentDateTime; //TimeStamp
$dataToWriteInFile .= " - IP: '" . getUserIP(); //Remote IP
$dataToWriteInFile .= "', Auth: '" . (int)$Client_Auth_Success . "'"; //Auth Status
$dataToWriteInFile .= "\n";
//Write To File
fwrite($myfile, $dataToWriteInFile);
//Save File
fclose($myfile);
}
function handle_AUTH_POST($CORRECT_API_KEY)
{
//if GET Request recieved
if ($_SERVER["REQUEST_METHOD"] == "POST")
{
//Verify Client
$Received_API_Key = parse_input($_POST["AK"]);
if (strcmp($Received_API_Key, $CORRECT_API_KEY) == 0)
{
return true;
}
}
return false;
}
function send_AllowedList_to_Client()
{
echo "1,2,3,4,5";
}
function send_Invalid_APIKEY_Msg_to_Client()
{
echo "Invalid API Key!";
}
function main()
{
global $API_KEY;
$Client_Authenticated = handle_AUTH_POST($API_KEY);
WriteToLog($Client_Authenticated);
if ($Client_Authenticated)
{
send_AllowedList_to_Client();
}
else
{
send_Invalid_APIKEY_Msg_to_Client();
}
}
main();
?>