kienan
/
AlternC
mirror of https://github.com/kienanstewart/AlternC.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Fix #1307

This commit is contained in:
Alan Garcia 2012-10-15 16:06:12 +00:00
parent 228fd364c8
commit 03e012dd46
7 changed files with 22 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
bureau/admin/adm_authip_whitelist.php
View File

@ -41,7 +41,7 @@ $list_ip = $authip->list_ip_whitelist();
<p>
<fieldset>
<legend><?php __("Add an IP");?> - <a href="javascript:edit_ip('','<?php echo htmlentities($_SERVER['REMOTE_ADDR'])."','Home IP'";?>);" ><?php echo __("Add my current IP"); ?></a></legend>
<legend><?php __("Add an IP");?> - <a href="javascript:edit_ip('','<?php echo htmlentities(get_remote_ip())."','Home IP'";?>);" ><?php echo __("Add my current IP"); ?></a></legend>
<span id="form_add_ip">
<form method="post" action="adm_authip_whitelist.php" name="main" id="main">
<p id="reset_edit_ip" style="display:none;"><a href="javascript:reset_edit_ip();"><?php __("Cancel edit")?></a></p>

2
bureau/admin/ip_main.php
View File

@ -162,7 +162,7 @@ $lac = $authip->list_affected();
</td>
<td valign=top width=40%>
<fieldset>
<legend><?php __("Add an IP");?> - <a href="javascript:edit_ip('','<?php echo htmlentities($_SERVER['REMOTE_ADDR'])."','Home IP'";?>);" ><?php echo __("Add my current IP"); ?></a></legend>
<legend><?php __("Add an IP");?> - <a href="javascript:edit_ip('','<?php echo htmlentities(get_remote_ip())."','Home IP'";?>);" ><?php echo __("Add my current IP"); ?></a></legend>
<span id="form_add_ip">
<form method="post" action="ip_main.php" name="main" id="main">
<p id="reset_edit_ip" style="display:none;"><a href="javascript:reset_edit_ip();"><?php __("Cancel edit")?></a></p>

7
bureau/class/config.php
View File

@ -37,14 +37,13 @@
et mettez votre ip dans le IF pour que seule votre ip puisse accéder au bureau :
*/
/*
if (getenv("REMOTE_ADDR")!="81.56.98.108") {
/* * /
if (getenv("REMOTE_ADDR")!="127.0.0.1") {
echo "Le bureau AlternC est en vacances jusqu'a minuit pour maintenance.<br>
Merci de revenir plus tard.";
exit();
}
*/
ini_set('display_errors', true);
/* */
// FIXME: Some constant, we put them here so that we can change them later ;) LFS
define('ALTERNC_MAIL', "/var/alternc/mail");

6
bureau/class/config_real.php
View File

@ -32,13 +32,13 @@
s'assurer que personne ne pourra accéder à 2 pages du bureau en même temps.
*/
/*
if (getenv("REMOTE_ADDR")!="81.56.98.108") {
/* * /
if (getenv("REMOTE_ADDR")!="127.0.0.1") {
echo "Le bureau AlternC est en vacances jusqu'a minuit pour maintenance.<br>
Merci de revenir plus tard.";
exit();
}
*/
/* */
// 1. Get a semaphore id for the alternc magic number (18577)
$alternc_sem = sem_get ( 18577 );

6
bureau/class/functions.php
View File

@ -101,6 +101,12 @@ function checkhostallow_nodns($domain) {
return 0;
}
function get_remote_ip() {
// Return the remote IP.
// If you are behind a proxy, use X_FORWARDED_FOR instead of REMOTE_ADDR
return getenv('REMOTE_ADDR');
}
/* Check that $url is a correct url (http:// or https:// or ftp://) */
function checkurl($url) {
// TODO : add a path/file check

3
bureau/class/m_err.php
View File

@ -142,8 +142,7 @@ class m_err {
global $mem,$cuid;
$f=@fopen($this->logfile,"ab");
if ($f) {
if (!isset($_SERVER['REMOTE_ADDR'])) $_SERVER['REMOTE_ADDR']="::1";
fputs($f,date("d/m/Y H:i:s")." - " . $_SERVER['REMOTE_ADDR'] . " - CALL - ");
fputs($f,date("d/m/Y H:i:s")." - " .get_remote_ip(). " - CALL - ");
fputs($f,$mem->user["login"]." - ");
fputs($f,$clsid." - ".$function." - ".$param."\n");
fclose($f);

14
bureau/class/m_mem.php
View File

@ -104,18 +104,18 @@ class m_mem {
$aga = $authip->get_allowed('panel');
foreach ($aga as $k=>$v ) {
if ( $authip->is_in_subnet(getenv("REMOTE_ADDR"), $v['ip'], $v['subnet']) ) $allowed=true ;
if ( $authip->is_in_subnet(get_remote_ip(), $v['ip'], $v['subnet']) ) $allowed=true ;
}
// Error if there is rules, the IP is not allowed and it's not in the whitelisted IP
if ( sizeof($aga)>1 && !$allowed_ip && !$authip->is_wl(getenv("REMOTE_ADDR")) ) {
if ( sizeof($aga)>1 && !$allowed_ip && !$authip->is_wl(get_remote_ip()) ) {
$err->raise("mem",_("Your IP isn't allowed to connect"));
return false;
}
// End AuthIP
if ($restrictip) {
$ip="'".getenv("REMOTE_ADDR")."'";
$ip="'".get_remote_ip()."'";
} else $ip="''";
/* Close sessions that are more than 2 days old. */
$db->query("DELETE FROM sessions WHERE DATE_ADD(ts,INTERVAL 2 DAY)<NOW();");
@ -154,7 +154,7 @@ class m_mem {
$db->next_record();
$this->user=$db->Record;
$cuid=$db->f("uid");
$ip=getenv("REMOTE_ADDR");
$ip=get_remote_ip();
$sess=md5(uniqid(mt_rand()));
$_REQUEST["session"]=$sess;
$db->query("insert into sessions (sid,ip,uid) values ('$sess','$ip','$cuid');");
@ -175,7 +175,7 @@ class m_mem {
function resetlast() {
global $db,$cuid;
$ip=addslashes(getenv("REMOTE_HOST"));
if (!$ip) $ip=addslashes(getenv("REMOTE_ADDR"));
if (!$ip) $ip=addslashes(get_remote_ip());
$db->query("UPDATE membres SET lastlogin=NOW(), lastfail=0, lastip='$ip' WHERE uid='$cuid';");
}
@ -227,7 +227,7 @@ class m_mem {
$err->raise("mem",_("Cookie incorrect, please accept the session cookie"));
return false;
}
$ip=getenv("REMOTE_ADDR");
$ip=get_remote_ip();
$db->query("select uid,'$ip' as me,ip from sessions where sid='".$_COOKIE["session"]."'");
if ($db->num_rows()==0) {
$err->raise("mem",_("Session unknown, contact the administrator"));
@ -306,7 +306,7 @@ class m_mem {
$err->raise("mem",_("Cookie incorrect, please accept the session cookie"));
return false;
}
$ip=getenv("REMOTE_ADDR");
$ip=get_remote_ip();
$db->query("select uid,'$ip' as me,ip from sessions where sid='".$_COOKIE["session"]."'");
if ($db->num_rows()==0) {
$err->raise("mem",_("Session unknown, contact the administrator"));