From 69296b3c8c492b3f19c38196bf59184c58855999 Mon Sep 17 00:00:00 2001
From: Kijin Sung <kijin@kijinsung.com>
Date: Mon, 8 Feb 2016 23:02:11 +0900
Subject: [PATCH] Refine site lock IP range handling

---
 modules/admin/admin.admin.controller.php | 31 +++++++++++++++++++++---
 1 file changed, 28 insertions(+), 3 deletions(-)

diff --git a/modules/admin/admin.admin.controller.php b/modules/admin/admin.admin.controller.php
index 00d8ca392..b6289fec1 100644
--- a/modules/admin/admin.admin.controller.php
+++ b/modules/admin/admin.admin.controller.php
@@ -662,9 +662,34 @@ class adminAdminController extends admin
 		$allowed_ip = array_unique(array_filter($allowed_ip, function($item) {
 			return $item !== '';
 		}));
-		if (!in_array(RX_CLIENT_IP, $allowed_ip)) array_unshift($allowed_ip, RX_CLIENT_IP);
-		if (!in_array('127.0.0.1', $allowed_ip)) array_unshift($allowed_ip, '127.0.0.1');
-		if (!IpFilter::validate($whitelist)) {
+		
+		if ($vars->sitelock_locked === 'Y')
+		{
+			$allowed_localhost = false;
+			$allowed_current = false;
+			foreach ($allowed_ip as $range)
+			{
+				if (Rhymix\Framework\IpFilter::inRange('127.0.0.1', $range))
+				{
+					$allowed_localhost = true;
+				}
+				if (Rhymix\Framework\IpFilter::inRange(RX_CLIENT_IP, $range))
+				{
+					$allowed_current = true;
+				}
+			}
+			if (!$allowed_localhost)
+			{
+				array_unshift($allowed_ip, '127.0.0.1');
+			}
+			if (!$allowed_current)
+			{
+				array_unshift($allowed_ip, RX_CLIENT_IP);
+			}
+		}
+		
+		if (!IpFilter::validate($whitelist))
+		{
 			return new Object(-1, 'msg_invalid_ip');
 		}