feat: add isPrivateIP helper, fix getUserIP and addToLog

src/helpers.php

@@ -11,25 +11,39 @@ function renderTemplate($templatename,$variables=[],$basepath=ROOT.'/src')
         include($basepath . DS . 'templates' . DS . $templatename);
     $rendered = ob_get_contents();
     ob_end_clean();
-
     return $rendered;
 }
 
-function addToLog($data)
+function addToLog(string $data): void
 {
+    $data = str_replace(["\n", "\r", "\t"], ' ', $data);
     $fp = fopen(ROOT . DS . 'logs' . DS . 'app.log', 'a');
     fwrite($fp, date("d.m.y H:i") . "\t" . $data . "\n");
     fclose($fp);
 }
 
-function getUserIP()
+function getUserIP(): string
 {
-    if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
-        $ip = $_SERVER['HTTP_CLIENT_IP'];
-    } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
-        $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
-    } else {
-        $ip = $_SERVER['REMOTE_ADDR'];
+    if (!empty($_SERVER['HTTP_X_FORWARDED_FOR']))
+        return trim(explode(',', $_SERVER['HTTP_X_FORWARDED_FOR'])[0]);
+    return $_SERVER['REMOTE_ADDR'];
 }
-    return $ip;
+
+function isPrivateIP(string $ip): bool
+{
+    if (filter_var($ip, FILTER_VALIDATE_IP) === false) return true;
+
+    $long = ip2long($ip);
+    if ($long === false) return true;
+
+    foreach ([
+        [ip2long('127.0.0.0'),   0xFF000000], // 127.0.0.0/8  loopback
+        [ip2long('10.0.0.0'),    0xFF000000], // 10.0.0.0/8   RFC1918
+        [ip2long('172.16.0.0'),  0xFFF00000], // 172.16.0.0/12 RFC1918
+        [ip2long('192.168.0.0'), 0xFFFF0000], // 192.168.0.0/16 RFC1918
+        [ip2long('169.254.0.0'), 0xFFFF0000], // 169.254.0.0/16 link-local/metadata
+    ] as [$base, $mask]) {
+        if (($long & $mask) === ($base & $mask)) return true;
+    }
+    return false;
 }