I want to have all ip(s) belonged to a domain, e.g. google.com, I recently have a look at this, https://github.com/ip2location/ip2location-cakephp. So, what I am going to do is likes this:
<?php
// clientIp() will iterate from 1.1.1.1 to 255.255.255.255
App::uses('IP2LocationCore', 'IP2Location.Model');
$IP2Location = new IP2LocationCore();
$record = $IP2Location->get($this->request->clientIp());
if(strcmp($record->domainName, 'google.com')) {
// log the ip to a text file
}
?>
My question is: is this solution feasible?, and anyway better than this?
I'm not much of a PHP person, so consider that in my reply!
It seems that what ip2location does is to take an IP address, and gives you its location. It does this (I imagine) by compiling information from assorted data sources.
However you need to start with an IP Address and it will give you the reverse domain that is associated with that. This could well be different than the forward look up address.
For instance I have a hostname vm.example.com that I use to point to a remote desktop session on Azure. If you did a reverse lookup on that address you would not get any information on my domain, you would get the Azure domain, because that's where the reverse is registered.
and as far as I'm aware, unless zone transfers are enabled, there is no way to get all of the hostnames in a domain. At least not without incrementing through the entire domain.
Is there a specific reason you want to do this?
Try using the PHP function gethostbynamel.
<?php
$hosts = gethostbynamel('google.com');
print_r($hosts);
?>
This will for example return:
Array
(
[0] => 173.194.113.35
[1] => 173.194.113.41
[2] => 173.194.113.46
[3] => 173.194.113.34
[4] => 173.194.113.40
[5] => 173.194.113.39
[6] => 173.194.113.33
[7] => 173.194.113.37
[8] => 173.194.113.32
[9] => 173.194.113.38
[10] => 173.194.113.36
)
Related
When I'm using dns_get_record for a domain that exists like google.com, everything works fine but if I use it on a domain that doesn't exist, the function gets info from a subdomain on our domain for example test.example.com, how can I prevent that?
// Test with working domain
var_dump( dns_get_record('google.com', DNS_A) );
/* works, returns
Array
(
[host] => google.com
[class] => IN
[ttl] => 299
[type] => A
[ip] => 172.217.12.142
)
*/
// Test with invalid domain on our website (example.com)
var_dump( dns_get_record('invalidtestingname.com', DNS_A) );
/* Doesn't work, pretend it's a subdomain
Array
(
[host] => invalidtestingname.com.example.com
[class] => IN
[ttl] => 299
[type] => A
[ip] => xxx.xxx.xxx.xxx
)
*/
If anyone has that problem, add a "dot" at the end of the domain name, for example, instead of
dns_get_record('invalidtestingname.com', DNS_A);
Do this:
dns_get_record('invalidtestingname.com.', DNS_A);
Then PHP won't try to check for a subdomain of your own domain and it will search correctly. Not sure how come nobody had that problem before, there aren't even any comments about this on php.net
I want to get the IP address of the server sending request via HTML FORM.
I made a test like this:
HTML FORM (form.html in server 1):
<form action="URL_OF_SERVER2/rec.php" method="post">
<input type="submit" value="submit">
</form>
PHP FILE: (rec.php)
<?php
echo $_SERVER['HTTP_REFERER'].'<br><br>'; // To get referal URL
echo $_SERVER['REMOTE_ADDR']; // To get IP Address
?>
But when i tested, i get my own IP Address and not the one of the server.
Second try:
<?php
echo $_SERVER['HTTP_REFERER'].'<br><br>'; // To get referal URL
$result = parse_url($_SERVER['HTTP_REFERER']);
echo gethostbyname($result['host']); // To get IP Address
?>
But this not get real IP but the one of cloudflare for example, i want make same system as perfectmoney, you put your real IP on your dashboard to accept only request coming from, even if you are behind cloudflare, perfectmoney detect the real IP.
On my dashboard i can put IPs by range: 127.0.0.1/24 , 127.0.0.* ... to accept only requests coming from and even if the domain name is behind cloudflare or another similar services.
$_SERVER['SERVER_ADDR']; is the server that executes the script's address. $_SERVER['REMOTE_ADDR']; is the client address (the one that sent the request to the server from the server's point of view.
See the $_SERVER array documentation for more info.
address of the server sending request
The server doesn't send a request. The browser sends a request, and the server sends a response.
If you want the IP of the browser sending a request, use $_SERVER['REMOTE_ADDR'].
If you want the IP of the server sending a response, use $_SERVER['SERVER_ADDR'].
Note: $_SERVER['REMOTE_ADDR'] may not actually represent the browser's IP if there are any proxies in the way.
Update: If you want the IP address of the REFERER server, you will have to do your own DNS lookup.
$data = parse_url( $_SERVER['HTTP_REFERER']);
print_r(dns_get_record($data['host']));
This will give you:
Array
(
[0] => Array
(
[host] => www.google.com
[class] => IN
[ttl] => 270
[type] => A
[ip] => 172.217.9.68
)
[1] => Array
(
[host] => www.google.com
[class] => IN
[ttl] => 14
[type] => AAAA
[ipv6] => 2607:f8b0:4009:816::2004
)
)
Note however that this is unreliable, as $_SERVER['HTTP_REFERER'] can easily be faked.
I am currently attempting to check the validity of an email address by first checking if an MX record exists, using getmxrr() or dns_get_record() with PHP 7 on a DigitalOcean droplet.
In my example (which returns the incorrect response), I am attempting to check an email address on the domain “nuwatches.com”. Using dns_get_record(”nuwatches.com”, DNS_ALL), I’m returned an array that DOES include an MX record, even though I know this does not exist in reality:
[5] => Array (
[host] => nuwatches.com.com
[class] => IN
[ttl] => 27
[type] => MX
[pri] => 1
[target] => mail.user-mail.net
)
However, if I use nslookup directly from the console on the DigitalOcean droplet, I’m correctly told that no MX record exists.
In addition, if I run the dns_get_record() function on a different droplet, or using an online PHP code runner, I’m also given the correct answer (which is that no MX record exists).
I’ve spoken to DigitalOcean support and they suggest there’s something strange happening with PHP on that particular droplet, perhaps with caching issues, but I can’t at all figure out what might be causing the discrepancy, especially as I'm not caching anything myself.
As it stands, my only option to get the correct response on this droplet is to run nslookup and then parse the result, but I would like to use dns_get_record() if possible.
I’d appreciate any suggestions. Thanks!
I am having similar problems with dns_get_record() when calling it with the default value for record type DNS_ANY or when calling it with DNS_ALL.
php dns_get_records( host, type ) is returning false with type=DNS_ALL but returns DNS records with DNS_TXT or DNS_A
A solution that worked for me was to use:
dns_get_record( ”nuwatches.com”, DNS_MX )
I am still investigating the reason behind this behaviour.
You can try to use a 3rd party PHP library for that.
I've just tested it and it worked for me.
bluelibraries/dns
sample
use BlueLibraries\Dns\Facade\DNS;
use BlueLibraries\Dns\Records\RecordTypes;
$records = DNS::getRecords('nuwatches.com', RecordTypes::MX);
print_r($records);
result
Array
(
[0] => BlueLibraries\Dns\Records\Types\MX Object
(
[data:protected] => Array
(
[host] => nuwatches.com
[ttl] => 3600
[class] => IN
[type] => MX
[pri] => 1
[target] => localhost
)
)
)
I've been trying to find out how to detect what parent nameserver is associated with a domain name. For example, when you search for a domain name using intoDNS, it displays results for both the 'normal' and parent nameservers. They mention what the parent nameserver is, like this:
k.gtld-servers.net was kind enough to give us that information.
But how did they know they had to query this specific nameserver? A few examples of what the parent nameserver is:
stackoverflow.com k.gtld-servers.net
google.com c.gtld-servers.net
ycombinator.com a.gtld-servers.net
asp.net g.gtld-servers.net
google.nl sns-pb.isc.org
google.de z.nic.de
It seems all generic TLDs can be queried at a certain subdomain of gtld-servers.net.
Right now, I find the 'normal' nameservers in PHP like this:
$nameservers = dns_get_record($domain_name, DNS_NS);
So, I'd like to know, how can I find out what the parent nameserver is for a specific domain and how can I query this using PHP?
Update
I've found out that UNIX' nslookup tool accepts a server parameter. If it's left empty, it returns the same results as PHPs dns_get_record, but if it one of the root servers for that top-level domain as specified on http://www.iana.org/domains/root/db, it will return the same results as intoDNS lists as the results of the parent server.
The only problem left is how to query this specific server, as I'd greatly prefer not to use exec() to call nslookup directly. Does anyone know of an alternative to dns_get_record which does allow you to specify the server?
I've found out how to do it. I had to use NET_DNS2 PEAR package for this, because it allows you to specificy which DNS server to use. If I specify one of the servers listed in the file nickc mentioned:
http://www.iana.org/domains/root/db
(you have to use one of the servers for the top-level domain you're querying, it doesn't matter which one)
require 'Net/DNS2.php';
$server = gethostbyname('j.gtld-servers.net'); // 192.48.79.30
$r = new Net_DNS2_Resolver(array('nameservers' => array($server)));
$result = $r->query('stackoverflow.com', 'NS');
print_r ($result);
This will print:
...
[authority] => Array
(
[0] => Net_DNS2_RR_NS Object
(
[nsdname] => ns1.webfaction.com
[name] => webassay.com
[type] => NS
[class] => IN
[ttl] => 172800
[rdlength] => 17
[rdata] => ns1webfaction�
)
[1] => Net_DNS2_RR_NS Object
(
[nsdname] => ns2.webfaction.com
[name] => webassay.com
[type] => NS
[class] => IN
[ttl] => 172800
[rdlength] => 6
[rdata] => ns2�.
)
[2] => Net_DNS2_RR_NS Object
(
[nsdname] => ns3.webfaction.com
[name] => webassay.com
[type] => NS
[class] => IN
[ttl] => 172800
[rdlength] => 6
[rdata] => ns3�.
)
)
...
This matches the nameservers listed as returned by the parent server at intoDNS: http://www.intodns.com/stackoverflow.com
The name-servers for a particular domain are those that are designated in the zone file as a "NS" record. The hosts/servers you list are global/root servers that maintain information for the particular TLD of the domain in question.
If you want to find out what those are, you could look here: http://www.iana.org/domains/root/db
Merged with OpenID check_authentication not working.
I'm trying to write my own provider in PHP (JanRain libraries are confusing as all hell, and even phpMyID doesn't document exactly what is happening). I've got authentication working, but when the relying party tries to do check_authentication, it says my server denied it.
This is debugging information I captured during a check_authentication request.
$_GET:
Array
(
[mode] => profile
[username] => jrhodes
[domain] => roket-enterprises.com
)
$_POST:
Array
(
[openid_assoc_handle] => {HMAC-SHA1}{4abdf2f1}{olw8ag==}
[openid_identity] => http://www.roket-enterprises.com/openaccount/openid:jrhodes
[openid_mode] => check_authentication
[openid_response_nonce] => 2009-09-26T10:54:41ZLg0kfQ
[openid_return_to] => http://www.wasab.dk/morten/2007/11/openid/?janrain_nonce=2009-09-26T10%3A54%3A37Z9rZCkP&openid1_claimed_id=http%3A%2F%2Fwww.roket-enterprises.com%2Fopenaccount%2Fopenid%3Ajrhodes
[openid_sig] => Xl94j3IJtfSEQ4oKfova68I8edc=
[openid_signed] => assoc_handle,identity,mode,response_nonce,return_to,signed,sreg.email,sreg.fullname,sreg.nickname
[openid_sreg_email] => jrhodes#roket-enterprises.com
[openid_sreg_fullname] => James Rhodes
[openid_sreg_nickname] => jrhodes
)
Using Specific Mode Endpoint Handler...
Answering check_authentication
Headers:
Content-Type: text/plain;
openid.mode: id_res;
openid_mode: id_res;
sreg.fullname: James Rhodes;
sreg.nickname: jrhodes;
sreg.email: jrhodes#roket-enterprises.com;
is_valid: true;
The GET and POST data is the data that my script is receiving. Everything after "Headers:" are the headers that my script is returning. According to the specifications, I can't see anything wrong with this.
I've been asking on #openid for the last 4 hours and haven't got a response (note to self: post on StackOverflow, then ask IRC). Can anyone help?