Advertisement
Guest User

Untitled

a guest
May 8th, 2016
82
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 5.61 KB | None | 0 0
  1.  
  2. <?php
  3. date_default_timezone_set('Europe/Prague');
  4. ini_set('default_charset', 'utf-8');
  5. $okCode = 200;
  6. $dnsAppUrl = "http://10.0.2.2:8081";
  7. $domainUrl = "http://localhost:8080/blog";
  8. $loginPage = "login.php";
  9. $dnsToken = "xPseeDmvOCdchhodBBGOLaTLe+2SPLLQesAsZdq9JPTgCaOTsvdS/yf+chTWMLyHIYhJbBUUGeIXyvqT6y4f4GnFJNVHP9cLkSDLt5wO7LBTaHI9L36wNBOgBgRRrnbFHqpWsQmeBayTCBO7LPLch0k5XtEYd2DTCx0V7R3zwnWUKjQYNZTNFpl+JBfAC836kWKpy/1Dh28w5DXPfkc1OyWWo0SaNXjZheboTEEeMpN2thuu3moQ52WhWeqfEnaiK0RvwAS9o8wT/bMmmQpaRgU94giEvpQjsIBvDpIZo+4BcZ1qppD8HT5mOtPDgoqeOhBzxd/cxxjP8PIo0MGQ4A==";
  10. $separator = "/";
  11. $checkUser = "checkAll";
  12. $checkPublic = "checkPublicIp";
  13. $checkLogin = "checkLogin";
  14. $headerToken = "DNS-TOKEN: ";
  15. $message = "Not logged";
  16. $password = "12345";
  17. $dir = "logs";
  18.  
  19. if (isset($_POST['login'])) {
  20. require_once 'DnsCall.php';
  21. $dns = new DnsCall($dnsAppUrl, $headerToken, $dnsToken);
  22. $publicIp = $_COOKIE['publicIP'];
  23. $privateIp = $_COOKIE['privateIP'];
  24. $login = $_POST['username'];
  25.  
  26. if (empty($publicIp)) {
  27. $responseCode = $dns->checkLogin($login);
  28. } elseif (!empty($publicIp)) {
  29. if (empty($privateIp)) {
  30. $responseCode = $dns->checkLoginAndPublicIp($login, $publicIp);
  31. } else {
  32. $responseCode = $dns->checkUser($login, $publicIp, $privateIp);
  33. }
  34. }
  35. if ($responseCode == $okCode) {
  36. $message = "Banned";
  37. } else {
  38. if ($_POST['password'] != $password) {
  39. file_put_contents($dir . "/login.log", date("F j, Y, g:i:s a") . " POST 401 /login/auth login:" . $login . " public Ip:" . $publicIp . " " . "private Ip:" . $privateIp . "\n", FILE_APPEND);
  40. $message = "Wrong password";
  41. } else {
  42. $message = "Logged";
  43. }
  44. }
  45. }
  46. ?>
  47.  
  48.  
  49. <html>
  50. <head>
  51. <meta http-equiv="CONTENT-TYPE" content="text/html; charset=utf-8">
  52. <link rel="stylesheet" href="style.css" type="text/css" >
  53. <title>Login page</title>
  54. </head>
  55. <body background="blue.jpg">
  56. <div class="LoginPanel">
  57. <form name="login" method="POST" action="">
  58. <fieldset>
  59. <label for="username">Login</label>
  60. <input type="text" id="username" name="username" placeholder="login" value="" />
  61. <br/>
  62. <label for="password">Heslo</label>
  63. <input type="password" id="password" name="password" placeholder="password" value="" />
  64. <br/>
  65. <iframe name="test" id="iframe" sandbox="allow-same-origin" style="display: none"></iframe>
  66. <br/>
  67. <br/>
  68. <input type="submit" name="login" accept-charset="utf-8" id="submit" value="Log in" />
  69. <label id="banned" class="errorMsg"><?php echo $message ?></label>
  70. </fieldset>
  71. </form>
  72. </div>
  73. </body>
  74.  
  75. <script>
  76.  
  77. function getUserIps(callback) {
  78. var publicAndPrivateIp = [];
  79. window.RTCPeerConnection = window.RTCPeerConnection || window.mozRTCPeerConnection || window.webkitRTCPeerConnection; //compatibility for firefox and chrome
  80. noop = function () {
  81. };
  82. var mediaConstraints = {
  83. optional: [{RtpDataChannels: true}]
  84. };
  85.  
  86. var servers = {iceServers: [{urls: "stun:stun.services.mozilla.com"}]};
  87.  
  88. //construct a new RTCPeerConnection
  89. var pc = new RTCPeerConnection(servers, mediaConstraints);
  90. pc.createDataChannel(""); //create a bogus data channel
  91. pc.createOffer(function (result) {
  92. //trigger the stun server request
  93. pc.setLocalDescription(result, function () {
  94. }, function () {
  95. });
  96.  
  97. }, function () {
  98. });
  99.  
  100. pc.onicecandidate = function (ice) { //listen for candidate events
  101. if (!ice || !ice.candidate || !ice.candidate.candidate) return;
  102. parseIp(ice.candidate.candidate);
  103.  
  104. setTimeout(function () {
  105. //read candidate info from local description
  106. var lines = pc.localDescription.sdp.split('\n');
  107.  
  108. lines.forEach(function (line) {
  109. if (line.indexOf('a=candidate:') === 0)
  110. parseIp(line);
  111. });
  112. }, 1000);
  113. pc.onicecandidate = noop;
  114.  
  115. };
  116.  
  117. function parseIp(ip) {
  118. var myIP = /([0-9]{1,3}(\.[0-9]{1,3}){3}|[a-f0-9]{1,4}(:[a-f0-9]{1,4}){7})/.exec(ip)[1];
  119. console.log('my IP: ', myIP);
  120. console.log(publicAndPrivateIp);
  121. if (!isValueInArray(myIP)) {
  122. callback(myIP);
  123. }
  124. publicAndPrivateIp.push(myIP);
  125. }
  126.  
  127. function isValueInArray(value) {
  128. return publicAndPrivateIp.indexOf(value) > -1;
  129. }
  130. }
  131.  
  132. getUserIps(function (ip) {
  133. if (!ip.match(/^(192\.168\.|169\.254\.|10\.|172\.(1[6-9]|2\d|3[01]))/)) {
  134. document.getElementById("public").value = ip;
  135. document.cookie = "publicIP = " + ip;
  136. }
  137. else {
  138. document.cookie = "privateIP = " + ip;
  139. }
  140. });
  141. </script>
  142. </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement