issue 160, Modify checking manager ip on genaral config

git-svn-id: http://xe-core.googlecode.com/svn/branches/1.5.0@9367 201d5d3c-b55e-5fd7-737f-ddc643e51545
2026-05-07 11:02:17 +09:00 · 2011-09-27 09:30:16 +00:00 · 2011-09-27 09:30:16 +00:00 · 3dc8f5161e
commit 3dc8f5161e
parent 4cb4047975
8 changed files with 83 additions and 48 deletions
--- a/classes/module/ModuleHandler.class.php
+++ b/classes/module/ModuleHandler.class.php
@ -206,19 +206,15 @@
            if(!$kind && $this->module == 'admin') $kind = 'admin';
 			if($this->module_info->use_mobile != "Y") Mobile::setMobile(false);

+			// Admin ip
 			$logged_info = Context::get('logged_info');
-
-			if($kind == 'admin' && $logged_info->is_admin == 'Y'){
-				$oModuleAdminModel = &getAdminModel('module');
-				if(!$oModuleAdminModel->getModuleAdminIPCheck()) {
-					$this->error = "msg_not_permitted_act";
-					$oMessageObject = &ModuleHandler::getModuleInstance('message',$type);
-					$oMessageObject->setError(-1);
-					$oMessageObject->setMessage($this->error);
-					$oMessageObject->dispMessage();
-					return $oMessageObject;
-				}
-
+			if($kind == 'admin' && $_SESSION['denied_admin'] == 'Y'){
+				$this->error = "msg_not_permitted_act";
+				$oMessageObject = &ModuleHandler::getModuleInstance('message',$type);
+				$oMessageObject->setError(-1);
+				$oMessageObject->setMessage($this->error);
+				$oMessageObject->dispMessage();
+				return $oMessageObject;
 			}
 			
 			// if(type == view, and case for using mobilephone)
--- a/modules/admin/admin.admin.view.php
+++ b/modules/admin/admin.admin.view.php
@ -362,7 +362,8 @@

            Context::set('lang_selected', Context::loadLangSelected());

-            Context::set('admin_ip', $db_info->admin_ip);
+			$admin_ip_list = preg_replace("/[,]+/","\r\n",$db_info->admin_ip_list);
+            Context::set('admin_ip_list', $admin_ip_list);

 			$oAdminModel = &getAdminModel('admin');
 			$favicon_url = $oAdminModel->getFaviconUrl();
@ -375,14 +376,17 @@

 			$oDocumentModel = &getModel('document');
 			$config = $oDocumentModel->getDocumentConfig();
-        		Context::set('thumbnail_type',$config->thumbnail_type);
+       		Context::set('thumbnail_type',$config->thumbnail_type);
+			
+			$oModuleAdminModel = &getAdminModel('module');
+			$IP = $oModuleAdminModel->getModuleAdminCurrentIP();
+			Context::set('IP',$IP);
 			
 			$oModuleModel = &getModel('module');
 			$config = $oModuleModel->getModuleConfig('module');
-        		Context::set('htmlFooter',$config->htmlFooter);
+       		Context::set('htmlFooter',$config->htmlFooter);


-			$oModuleModel = &getModel('module');
 			$columnList = array('modules.mid', 'modules.browser_title', 'sites.index_module_srl');
 			$start_module = $oModuleModel->getSiteInfo(0, $columnList);
            Context::set('start_module', $start_module);
@ -392,6 +396,7 @@

 			$security = new Security();
 			$security->encodeHTML('news..', 'released_version', 'download_link', 'selected_lang', 'module_list..', 'module_list..author..', 'addon_list..', 'addon_list..author..', 'start_module.');
+
        }

 		/**
--- a/modules/admin/lang/lang.xml
+++ b/modules/admin/lang/lang.xml
@ -841,6 +841,14 @@ Lütfen son sürümü için indirme linkine tıklayınız.]]></value>
 		<value xml:lang="ko"><![CDATA[썸네일 생성 방식을 선택하세요.]]></value>
 		<value xml:lang="en"><![CDATA[Select thumbnail type.]]></value>
 	</item>
+	<item name="input_footer_script">
+		<value xml:lang="ko"><![CDATA[풋터 스크립트 삽입]]></value>
+		<value xml:lang="en"><![CDATA[Input footer script]]></value>
+	</item>
+	<item name="detail_input_footer_script">
+		<value xml:lang="ko"><![CDATA[최하단에 코드를 삽입합니다. <br />관리자 페이지에서는 수행되지 않습니다.]]></value>
+		<value xml:lang="en"><![CDATA[The script is inserted into the bottom of body. <br /> Manager page does not work.]]></value>
+	</item>
 	<item name="corp">
 		<value xml:lang="ko"><![CDATA[Crop(잘라내기)]]></value>
 		<value xml:lang="en"><![CDATA[Crop(Cut)]]></value>
@ -857,13 +865,13 @@ Lütfen son sürümü için indirme linkine tıklayınız.]]></value>
 		<value xml:lang="ko"><![CDATA[관리자 페이지로 접근가능한 IP대역을 지정합니다.]]></value>
 		<value xml:lang="en"><![CDATA[Sepcify IP address band that can access the admin page.]]></value>
 	</item>
-	<item name="about_admin_ip_limit">
-		<value xml:lang="ko"><![CDATA[관리자 페이지로 접근가능한 IP대역을 지정합니다]]></value>
-		<value xml:lang="en"><![CDATA[Sepcify IP address band that can access the admin page.]]></value>
+	<item name="local_ip_address">
+		<value xml:lang="ko"><![CDATA[로컬 IP 주소]]></value>
+		<value xml:lang="en"><![CDATA[Local IP address]]></value>
 	</item>
 	<item name="detail_about_admin_ip_limit">
-		<value xml:lang="ko"><![CDATA[해당 IP에 대해서만 관리자 페이지로 접근이 가능하므로 주의해주시기 바랍니다.<br /> IP대역 정보는 /files/config/db.config.php 파일에 저장됩니다.<br /> 예1) 123.45.67.* 예2) 123.76.54.32 ]]></value>
-		<value xml:lang="en"><![CDATA[Please note that only the specified IP addresses can access the admin page.<br /> The information on IP address band is stored in  /files/config/db.config.php.<br /> e.g.)123.45.67.* or 123.76.54.32]]></value>
+		<value xml:lang="ko"><![CDATA[해당 IP에 대해서만 관리자 페이지로 접근이 가능하므로 주의해주시기 바랍니다.<br /> IP대역 정보는 /files/config/db.config.php 파일에 저장됩니다.<br />여러개의 항목은 줄을 바꾸어 입력하세요.]]></value>
+		<value xml:lang="en"><![CDATA[Please note that only the specified IP addresses can access the admin page.<br /> The information on IP address band is stored in  /files/config/db.config.php.<br />Change the line to enter multiple IP. ]]></value>
 	</item>
 	<item name="detail_about_ftp_info">
 		<value xml:lang="ko"><![CDATA[
--- a/modules/admin/tpl/config.html
+++ b/modules/admin/tpl/config.html
@ -89,13 +89,18 @@ jQuery(function($){
 				</p>
 			</li>
 			<li>
-				<p class="q">{$lang->input_footer_script}<p>
-				<p class="a"><textarea name="htmlFooter" id="htmlFooter" rows="4" cols="42">{$htmlFooter}</textarea></p>
+				<p class="q"><label for="htmlFooter">{$lang->input_footer_script}</label>[<a href="#helpFooter" class="tgAnchor">?</a>]<p>
+				<div class="tgContent layer" id="helpFooter">
+					<p>{$lang->detail_input_footer_script}</p>
+				</div>	
+				<p class="a">
+					<textarea name="htmlFooter" id="htmlFooter" rows="4" cols="42">{$htmlFooter}</textarea>
+				</p>
 			</li>
 			<li>
 				<p class="q"><label for="ftp_host">{$lang->ftp_host}</label> [<a href="#helpFTP" class="tgAnchor">?</a>]</p>
 				<div class="tgContent layer" id="helpFTP">
-					<p>{$lang->detail_about_ftp_info}
+					<p>{$lang->detail_about_ftp_info}</p>
 				</div>
 				<p class="a"><input type="text" name="ftp_host" id="ftp_host" value="{$ftp_info->ftp_host}" /></p>
 			</li>
@ -163,7 +168,9 @@ jQuery(function($){
 				<div class="tgContent layer" id="helpAdminip">
 					<p>{$lang->detail_about_admin_ip_limit}</p>
 				</div>
-				<p class="a"><input type="text" name="admin_ip" id="admin_ip" value="{$admin_ip}" /></p>
+				<p class="a">
+					<textarea name="admin_ip_list" id="admin_ip_list" rows="4" cols="42">{$admin_ip_list}</textarea>
+					{$lang->local_ip_address} : {$IP}</p>
 			</li>
 			<li>
 				<p class="q"><label for="default_url">{$lang->default_url}</label></p>
--- a/modules/install/install.admin.controller.php
+++ b/modules/install/install.admin.controller.php
@ -75,9 +75,12 @@
 			$use_mobile_view = Context::get('use_mobile_view');
 			if($use_mobile_view!='Y') $use_mobile_view = 'N';

-			$admin_ip = Context::get('admin_ip');
+			$admin_ip_list = Context::get('admin_ip_list');

-            $db_info = Context::getDBInfo();
+			$admin_ip_list = preg_replace("/[\r|\n|\r\n]+/",",",$admin_ip_list);
+			$admin_ip_list = preg_replace("/\s+/","",$admin_ip_list);
+
+			$db_info = Context::getDBInfo();
            $db_info->default_url = Context::get('default_url');
            if($db_info->default_url && !preg_match('/^(http|https):\/\//i', $db_info->default_url)) $db_info->default_url = 'http://'.$db_info->default_url;
            $db_info->time_zone = $time_zone;
@ -89,7 +92,7 @@
 			$db_info->use_cdn = $use_cdn;
 			$db_info->use_html5 = $use_html5;
 			$db_info->use_mobile_view = $use_mobile_view;
-			$db_info->admin_ip = $admin_ip;
+			$db_info->admin_ip_list = $admin_ip_list;

 			if($http_port) $db_info->http_port = (int) $http_port;
            else if($db_info->http_port) unset($db_info->http_port);
--- a/modules/member/member.controller.php
+++ b/modules/member/member.controller.php
@ -1477,6 +1477,12 @@
                $autologin_output = executeQuery('member.insertAutologin', $autologin_args);
                if($autologin_output->toBool()) setCookie('xeak',$autologin_args->autologin_key, time()+60*60*24*365, '/');
            }
+			if($this->memberInfo->is_admin == 'Y') {
+				 $oModuleAdminModel = &getAdminModel('module');
+				if(!$oModuleAdminModel->getModuleAdminIPCheck()) {
+		            $_SESSION['denied_admin'] = 'Y';
+				}
+			}

            $this->setSessionInfo();

@ -1509,8 +1515,8 @@
            $_SESSION['is_logged'] = true;
            $_SESSION['ipaddress'] = $_SERVER['REMOTE_ADDR'];
            $_SESSION['member_srl'] = $this->memberInfo->member_srl;
-            $_SESSION['is_admin'] = '';
-            // Do not save your password in the session jiwojum;;
+			$_SESSION['is_admin'] = '';
+			// Do not save your password in the session jiwojum;;
            //unset($this->memberInfo->password);
            // User Group Settings
            /*
--- a/modules/module/conf/module.xml
+++ b/modules/module/conf/module.xml
@ -26,6 +26,7 @@
        <action name="procModuleFileBoxAdd" type="controller" standalone="true" />
        <action name="procModuleFileBoxDelete" type="controller" standalone="true" />

+		<action name="getModuleAdminCurrentIP" type="model" standalone="true" />
        <action name="getModuleAdminModuleList" type="model" standalone="true" />
        <action name="getModuleAdminLangCode" type="model" standalone="true" />
        <action name="getModuleAdminLangListByName" type="model" standalone="true" />
--- a/modules/module/module.admin.model.php
+++ b/modules/module/module.admin.model.php
@ -260,29 +260,38 @@
 		function getModuleAdminIPCheck() {
 		
 			$db_info = Context::getDBInfo();
-			$admin_ip = $db_info->admin_ip;
-			
-			if(preg_match('/^(\d{1,3}(?:.(\d{1,3}|\*)){3})$/', $admin_ip, $matches)) {				
-				if(!empty($_SERVER['HTTP_CLIENT_IP']) && getenv('HTTP_CLIENT_IP')){  
-					$ip = $_SERVER['HTTP_CLIENT_IP'];  
-				} 
-				else if(!empty($_SERVER['HTTP_X_FORWARDED_FOR']) && getenv('HTTP_X_FORWARDED_FOR')){  
-					$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];  
-				} 
-				else if(!empty($_SERVER['REMOTE_HOST']) && getenv('REMOTE_HOST')){  
-					$ip =  $_SERVER['REMOTE_HOST'];  
-				} 
-				else if(!empty($_SERVER['REMOTE_ADDR']) && getenv('REMOTE_ADDR')){  
-					$ip =  $_SERVER['REMOTE_ADDR'];  
-				}
-				if($ip) {
+			$admin_ip_list = $db_info->admin_ip_list;
+			$admin_ip_list = explode(",",$admin_ip_list);
+			$ip = $this->getModuleAdminCurrentIP();
+			$falg = false;
+			foreach($admin_ip_list as $admin_ip_list_key => $admin_ip_value) {
+				if(preg_match('/^\d{1,3}(?:.(\d{1,3}|\*)){3}\s*$/', $admin_ip_value, $matches) && $ip) {
+					$admin_ip = $matches[0];
 					$admin_ip = str_replace('*','',$admin_ip);
 					$admin_ip_patterns[] = preg_quote($admin_ip);				
 					$admin_ip_pattern = '/^('.implode($admin_ip_patterns,'|').')/';				
-					if(!preg_match($admin_ip_pattern, $ip, $matches)) return false;
+					if(preg_match($admin_ip_pattern, $ip, $matches)) return true;
+					$flag = true;
 				} 
+
 			}
-			return true;
+			if(!$flag) return true;
+			return false;
+		}
+		function getModuleAdminCurrentIP(){
+			if(!empty($_SERVER['HTTP_CLIENT_IP']) && getenv('HTTP_CLIENT_IP')){  
+				$ip = $_SERVER['HTTP_CLIENT_IP'];  
+			} 
+			else if(!empty($_SERVER['HTTP_X_FORWARDED_FOR']) && getenv('HTTP_X_FORWARDED_FOR')){  
+				$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];  
+			} 
+			else if(!empty($_SERVER['REMOTE_HOST']) && getenv('REMOTE_HOST')){  
+				$ip =  $_SERVER['REMOTE_HOST'];  
+			} 
+			else if(!empty($_SERVER['REMOTE_ADDR']) && getenv('REMOTE_ADDR')){  
+				$ip =  $_SERVER['REMOTE_ADDR'];  
+			}
+			return $ip;
 		}
    }
 ?>