* * For the full copyright and license information, please view the LICENSE * file that was distributed with this source code. */ namespace Symfony\Component\HttpFoundation; /** * RequestMatcher compares a pre-defined set of checks against a Request instance. * * @author Fabien Potencier * * @api */ class RequestMatcher implements RequestMatcherInterface { /** * @var string */ private $path; /** * @var string */ private $host; /** * @var string */ private $methods; /** * @var string */ private $ip; /** * Attributes. * * @var array */ private $attributes; public function __construct($path = null, $host = null, $methods = null, $ip = null, array $attributes = array()) { $this->path = $path; $this->host = $host; $this->methods = $methods; $this->ip = $ip; $this->attributes = $attributes; } /** * Adds a check for the URL host name. * * @param string $regexp A Regexp */ public function matchHost($regexp) { $this->host = $regexp; } /** * Adds a check for the URL path info. * * @param string $regexp A Regexp */ public function matchPath($regexp) { $this->path = $regexp; } /** * Adds a check for the client IP. * * @param string $ip A specific IP address or a range specified using IP/netmask like 192.168.1.0/24 */ public function matchIp($ip) { $this->ip = $ip; } /** * Adds a check for the HTTP method. * * @param string|array $method An HTTP method or an array of HTTP methods */ public function matchMethod($method) { $this->methods = array_map('strtoupper', is_array($method) ? $method : array($method)); } /** * Adds a check for request attribute. * * @param string $key The request attribute name * @param string $regexp A Regexp */ public function matchAttribute($key, $regexp) { $this->attributes[$key] = $regexp; } /** * {@inheritdoc} * * @api */ public function matches(Request $request) { if (null !== $this->methods && !in_array($request->getMethod(), $this->methods)) { return false; } foreach ($this->attributes as $key => $pattern) { if (!preg_match('#'.str_replace('#', '\\#', $pattern).'#', $request->attributes->get($key))) { return false; } } if (null !== $this->path) { $path = str_replace('#', '\\#', $this->path); if (!preg_match('#'.$path.'#', $request->getPathInfo())) { return false; } } if (null !== $this->host && !preg_match('#'.str_replace('#', '\\#', $this->host).'#', $request->getHost())) { return false; } if (null !== $this->ip && !$this->checkIp($request->getClientIp(), $this->ip)) { return false; } return true; } /** * Validates an IP address. * * @param string $requestIp * @param string $ip * * @return boolean True valid, false if not. */ protected function checkIp($requestIp, $ip) { // IPv6 address if (false !== strpos($requestIp, ':')) { return $this->checkIp6($requestIp, $ip); } else { return $this->checkIp4($requestIp, $ip); } } /** * Validates an IPv4 address. * * @param string $requestIp * @param string $ip * * @return boolean True valid, false if not. */ protected function checkIp4($requestIp, $ip) { if (false !== strpos($ip, '/')) { list($address, $netmask) = explode('/', $ip, 2); if ($netmask < 1 || $netmask > 32) { return false; } } else { $address = $ip; $netmask = 32; } return 0 === substr_compare(sprintf('%032b', ip2long($requestIp)), sprintf('%032b', ip2long($address)), 0, $netmask); } /** * Validates an IPv6 address. * * @author David Soria Parra * @see https://github.com/dsp/v6tools * * @param string $requestIp * @param string $ip * * @return boolean True valid, false if not. */ protected function checkIp6($requestIp, $ip) { if (!defined('AF_INET6')) { throw new \RuntimeException('Unable to check Ipv6. Check that PHP was not compiled with option "disable-ipv6".'); } list($address, $netmask) = explode('/', $ip, 2); $bytesAddr = unpack("n*", inet_pton($address)); $bytesTest = unpack("n*", inet_pton($requestIp)); for ($i = 1, $ceil = ceil($netmask / 16); $i <= $ceil; $i++) { $left = $netmask - 16 * ($i-1); $left = ($left <= 16) ? $left : 16; $mask = ~(0xffff >> $left) & 0xffff; if (($bytesAddr[$i] & $mask) != ($bytesTest[$i] & $mask)) { return false; } } return true; } }