PHP IPv6 and IPv4 Addresses specific access to webpage

0
votes

I want to restrict access to users who are not connected to one of the WIFI's of a specific company. So for instance, we have a company and this company has 2 different WIFI networks to connect. I want to only give access to a page if the client is connected by one of these WIFI's.

  • The IPv4 of one of the WIFI's is for instance: 123.45.65.101
  • The IPv6 of the other WIFI is for instance: 2000:980:ce5:1:4dd9:47ad:ff9b:4454

The following PHP script worked perfectly in time there was only a IPv4 address:

if(!in_array($_SERVER['REMOTE_ADDR'], $ip_adres_allow) && !in_array($_SERVER["HTTP_X_FORWARDED_FOR"], $ip_adres_allow)) {

    die("You can't access this webpage, please try again by your employee.");

    exit();
}

Where $ip_adres_allow -> array of values stored in database

My questions are:

  • I know IPv4 addresses are the same per WIFI, they wont change. But is a IPv6 address the same? I've tracked some IPv6 addresses from the company and they like to seem to start with 2000:980:ce5:1:XXXX:XXXX:XXXX:XXXX. (whereas the X's are not the same) Does this mean a WIFI has a range of IPv6?

    • Is 2000:980:ce5:1:4dd9:47ad:ff9b:4454 the same WIFI as 2000:980:ce5:1:55de:de7d:df6e:ea62 for instance? Or is this DEFINITELY SURE that it is another WIFI network?

  • Is there a way to modify the PHP script above to check if a client is connected to one of the WIFI's? Or should this script still work? Because the database is hardcoded with IPv6 and IPv4 addresses. And if IPv6 is one address, there might be someone that is connected to the WIFI but can't access the page because it is not an exact match of the value in the database.

Please correct me if im wrong.

Thanks for reading.

1
phpipv6ipv4
Not sure, but could FILTER_VALIDATE_IP and FILTER_FLAG_IPV6 be useful for you? AND this might be useful: (inet_pton) php.net/manual/en/function.inet-pton.phpRonnie Oosting
The main thing I need to know is if IPv6 address from ONE WIFI network is always the same just like the IPv4 from a WIFI. Because it seems like the IPv6 is not always the same based on the data I collected. But how can I detect if the IPv6 address is attached to the specific WIFI?Stan van der Avoird
So you want to have a static ipv6 given from your wifi?Ronnie Oosting
I think so, I have to install the system in a company that has 2 or more WIFI network. For each WIFI network I collect the IPv4 or IPv6 address and I add them to the Database. So the system knows when a client is on one of their WIFIs. But it seems like the IPv6 address is not always the same for ONE wifi, or am I wrong?Stan van der Avoird
You could also make a check just on the first part which is always the same: 2000:980:ce5:1:XXXX:XXXX:XXXX:XXXX, so if IP starts with 2000:980:ce5:1, you can do your code. Would that be a solution? ip's can change unless its static. So, this means also for ipv6. Just wondering if that beginning is always the same. If that is the case, I would have done like I explained. Would that solve your issue?Ronnie Oosting

1 Answers

-1
votes

As we discussed in our chat, below is a sample code to give you an idea on how to perform your checks.:

$checkip  = $_SERVER['Something with IP'];
$validate = '';

if($checkip == $_SERVER['Some IPv4'])
{
    $ip = the IPv4 address
    $validate = 4; 
}
else
{
    $ip = the ipv6 IP 
    $validate = 6; 
}

if($validate == 4)
{
    $ip = echo substr($ip, 0, ???); // IPv4 address
}
else
{
    $ip = substr($ip, 0, 15); // 2000:950:ac2:3 
}

Again: this is just to give you an idea. You need to create your own function to use this correctly. I suggest to make this a function at the login, and give variables to your function. So you do not have to modify your script for other companies, only the variables your are sending. (function could simply return true or false;

Good luck man!