An example Prefix WhoIs client in PHP
<?php
/**
*
* Prefix WhoIs Bulk Query Interface
*
* -- a native interface to Prefix WhoIs implemented in PHP*
*
* * requires PHP >= 5
*
* Simply call doPWLookupBulk(array $queryArray) and it will
* return an associative array of AS numbers (and other data
* indexed by the IP addresses passed to it in the $queryArray
* argument.
* -- by Victor Oppleman (2005)
*/
function doPWLookupBulk($queryarray) {
$pwserver = 'whois.pwhois.org'; // Prefix WhoIswhois Server (public)
$pwport = 43; // Port to which Prefix WhoIswhois listens
$socket_timeout = 20; // Timeout for socket connection operations
$socket_delay = 5; // Timeout for socket read/write operations
$buffer = '';
// Mostly generic code beyond this point
$pwserver = gethostbyname($pwserver);
// Optimize query array and renumber
$queryarray = array_unique($queryarray);
$i = 0;
foreach ($queryarray as $a) {
$qarray[$i] = $a;
$i++;
}
// Create a new socket
$sock = stream_socket_client("tcp://".$pwserver.":".$pwport,
$errno, $errstr, $socket_timeout);
if (!$sock) {
// echo "$errstr ($errno)<br />\n";
return 0;
} else {
stream_set_blocking($sock,0); // Set stream to non-blocking
stream_set_timeout($sock, $socket_delay); // Set stream delay timeout
// Build, then submit bulk query
$request = "begin\n";
foreach ($qarray as $addr) {
$request .= $addr . "\n";
}
$request .= "end\n";
fwrite($sock, $request);
// Keep looking for more responses until EOF or timeout
$before_query = date('U');
while(!feof($sock)){
if($buf=fgets($sock,128)){
$buffer .= $buf;
if (date('U') > ($before_query + $socket_timeout)) break;
}
}
fclose($sock);
$response = array();
$resp = explode("\n",$buffer);
$entity_id = 0; $found = 0;
foreach ($resp as $r) {
$matcher = '';
if (stristr($r,'origin-as')) {
if ($found > 0) { $entity_id++; $found = 0; }
$matcher = explode(":",$r);
$response[$qarray[$entity_id]][strtolower($matcher[0])] = ltrim($matcher[1]);
$found++;
} else if (stristr($r,'prefix')) {
$matcher = explode(":",$r);
$response[$qarray[$entity_id]][strtolower($matcher[0])] = ltrim($matcher[1]);
} else if (stristr($r,'as-path')) {
$matcher = explode(":",$r);
$response[$qarray[$entity_id]][strtolower($matcher[0])] = ltrim($matcher[1]);
} else if (stristr($r,'org-name')) {
$matcher = explode(":",$r);
$response[$qarray[$entity_id]][strtolower($matcher[0])] = ltrim($matcher[1]);
} else if (stristr($r,'net-name')) {
$matcher = explode(":",$r);
$response[$qarray[$entity_id]][strtolower($matcher[0])] = ltrim($matcher[1]);
} else if (stristr($r,'cache-date')) {
$matcher = explode(":",$r);
$response[$qarray[$entity_id]][strtolower($matcher[0])] = ltrim($matcher[1]);
}
if ($entity_id >= array_count_values($qarray)) break;
}
return $response;
}
}
// An example of calling the function... and the results it returns:
$test_array = array('4.2.2.1','12.0.0.0');
if (!($pwresp = doPWLookupBulk($test_array))) {
print "<h2>Your query wasn't answered.</h2>\n";
exit();
}
print "<pre>";
foreach ($pwresp as $ip => $resp) {
print "IP: " . $ip . "<br />";
print_r($resp);
print "<br />";
}
print "</pre>";
?>
This produces the following output:
IP: 4.2.2.1
Array ( [origin-as] => 3356 [prefix] => 4.0.0.0/9 [as-path] => 3292 3356 [as-org-name] => Level 3 Communications, LLC [org-name] => Level 3 Communications, Inc. [net-name] => LVLT-ORG-4-8 [cache-date] => 1219270951 )
IP: 12.0.0.0
Array ( [origin-as] => 7018 [prefix] => 12.0.0.0/9 [as-path] => 10026 7018 [as-org-name] => AT&T WorldNet Services [org-name] => ATT LINCROFT ORT [net-name] => ATT-LIN850-0 [cache-date] => 1219270951 )