mirror of
https://github.com/Lastorder-DC/rhymix.git
synced 2026-01-19 11:19:56 +09:00
Merge branch 'feature/ipfilter' into develop
This commit is contained in:
khongchi
commit
8a7e5a8794
11 changed files with 165 additions and 53 deletions
|
|
@ -490,11 +490,31 @@ class adminAdminController extends admin
|
|||
$db_info->use_sitelock = ($vars->use_sitelock) ? $vars->use_sitelock : 'N';
|
||||
$db_info->sitelock_title = $vars->sitelock_title;
|
||||
$db_info->sitelock_message = $vars->sitelock_message;
|
||||
$db_info->sitelock_whitelist = $vars->sitelock_whitelist;
|
||||
if(!$db_info->sitelock_whitelist) $db_info->sitelock_whitelist = '127.0.0.1';
|
||||
|
||||
$whitelist = $vars->sitelock_whitelist;
|
||||
$whitelist = preg_replace("/[\r|\n|\r\n]+/",",",$whitelist);
|
||||
$whitelist = preg_replace("/\s+/","",$whitelist);
|
||||
if(preg_match('/(<\?|<\?php|\?>)/xsm', $whitelist))
|
||||
{
|
||||
$whitelist = '';
|
||||
}
|
||||
$whitelist .= ',127.0.0.1';
|
||||
$whitelist = explode(',',trim($whitelist, ','));
|
||||
$whitelist = array_unique($whitelist);
|
||||
|
||||
FileHandler::writeFile(Context::getConfigFile(), $oInstallController->_getDBConfigFileContents($db_info));
|
||||
if(!IpFilter::validate($whitelist)) {
|
||||
return new Object(-1, 'msg_invalid_ip');
|
||||
}
|
||||
|
||||
$db_info->sitelock_whitelist = $whitelist;
|
||||
|
||||
$oInstallController = &getController('install');
|
||||
if(!$oInstallController->makeConfigFile())
|
||||
{
|
||||
return new Object(-1, 'msg_invalid_request');
|
||||
}
|
||||
|
||||
|
||||
if(!in_array(Context::getRequestMethod(), array('XMLRPC','JSON')))
|
||||
{
|
||||
$returnUrl = Context::get('success_return_url');
|
||||
|
|
@ -502,6 +522,12 @@ class adminAdminController extends admin
|
|||
header('location:' . $returnUrl);
|
||||
return;
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -419,13 +419,15 @@ class adminAdminView extends admin
|
|||
Context::set('use_sitelock', $db_info->use_sitelock);
|
||||
Context::set('sitelock_title', $db_info->sitelock_title);
|
||||
Context::set('sitelock_message', htmlspecialchars($db_info->sitelock_message, ENT_COMPAT | ENT_HTML401, 'UTF-8', false));
|
||||
Context::set('sitelock_whitelist', implode(PHP_EOL, $db_info->sitelock_whitelist));
|
||||
|
||||
$whitelist = implode("\r\n", $db_info->sitelock_whitelist);
|
||||
Context::set('sitelock_whitelist', $whitelist);
|
||||
|
||||
$admin_ip_list = implode("\r\n", $db_info->admin_ip_list);
|
||||
Context::set('admin_ip_list', $admin_ip_list);
|
||||
|
||||
Context::set('lang_selected', Context::loadLangSelected());
|
||||
|
||||
$admin_ip_list = preg_replace("/[,]+/", "\r\n", $db_info->admin_ip_list);
|
||||
Context::set('admin_ip_list', $admin_ip_list);
|
||||
|
||||
$oAdminModel = getAdminModel('admin');
|
||||
$favicon_url = $oAdminModel->getFaviconUrl();
|
||||
$mobicon_url = $oAdminModel->getMobileIconUrl();
|
||||
|
|
|
|||
|
|
@ -140,7 +140,8 @@
|
|||
<div class="x_control-group">
|
||||
<label class="x_control-label" for="admin_ip_list">{$lang->admin_ip_limit} <a class="x_icon-question-sign" href="./admin/help/index.html#UMAN_config_general_admin_iplist" target="_blank">{$lang->help}</a></label>
|
||||
<div class="x_controls">
|
||||
<textarea name="admin_ip_list" id="admin_ip_list" rows="4" cols="42" placeholder="{$IP}({$lang->local_ip_address})" style="float:left;margin-right:10px">{$admin_ip_list}</textarea>
|
||||
<textarea name="admin_ip_list" id="admin_ip_list" rows="4" cols="42" placeholder="{$IP}({$lang->local_ip_address})" style="margin-right:10px">{$admin_ip_list}</textarea>
|
||||
<p class="x_help-block">{$lang->about_ipaddress_input}</p>
|
||||
</div>
|
||||
</div>
|
||||
<div class="x_control-group">
|
||||
|
|
@ -222,6 +223,8 @@
|
|||
<textarea name="sitelock_whitelist" id="sitelock_whitelist" rows="4" cols="42" placeholder="{$IP}({$lang->local_ip_address})" style="margin-right:10px">{$sitelock_whitelist}</textarea>
|
||||
<span class="x_help-block">{$lang->sitelock_warning_whitelist}</span>
|
||||
<span class="x_help-block">{$lang->your_ip} : {$remote_addr}</span>
|
||||
<br />
|
||||
<p class="x_help-block">{$lang->about_ipaddress_input}</p>
|
||||
</div>
|
||||
</div>
|
||||
<div class="x_control-group">
|
||||
|
|
|
|||
|
|
@ -49,15 +49,25 @@ class installAdminController extends install
|
|||
*/
|
||||
function procInstallAdminSaveTimeZone()
|
||||
{
|
||||
$db_info = Context::getDBInfo();
|
||||
|
||||
$admin_ip_list = Context::get('admin_ip_list');
|
||||
|
||||
$admin_ip_list = preg_replace("/[\r|\n|\r\n]+/",",",$admin_ip_list);
|
||||
$admin_ip_list = preg_replace("/\s+/","",$admin_ip_list);
|
||||
if(preg_match('/(<\?|<\?php|\?>)/xsm', $admin_ip_list))
|
||||
if($admin_ip_list)
|
||||
{
|
||||
$admin_ip_list = '';
|
||||
$admin_ip_list = preg_replace("/[\r|\n|\r\n]+/",",",$admin_ip_list);
|
||||
$admin_ip_list = preg_replace("/\s+/","",$admin_ip_list);
|
||||
if(preg_match('/(<\?|<\?php|\?>)/xsm', $admin_ip_list))
|
||||
{
|
||||
$admin_ip_list = '';
|
||||
}
|
||||
$admin_ip_list = explode(',',trim($admin_ip_list, ','));
|
||||
$admin_ip_list = array_unique($admin_ip_list);
|
||||
if(!IpFilter::validate($admin_ip_list)) {
|
||||
return new Object(-1, 'msg_invalid_ip');
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
$default_url = Context::get('default_url');
|
||||
if($default_url && strncasecmp('http://', $default_url, 7) !== 0 && strncasecmp('https://', $default_url, 8) !== 0) $default_url = 'http://'.$default_url;
|
||||
|
||||
|
|
@ -82,7 +92,6 @@ class installAdminController extends install
|
|||
$use_html5 = Context::get('use_html5');
|
||||
if(!$use_html5) $use_html5 = 'N';
|
||||
|
||||
$db_info = Context::getDBInfo();
|
||||
$db_info->default_url = $default_url;
|
||||
$db_info->qmail_compatibility = $qmail_compatibility;
|
||||
$db_info->use_db_session = $use_db_session;
|
||||
|
|
|
|||
|
|
@ -553,10 +553,8 @@ class installController extends install
|
|||
{
|
||||
$tmpValue = $this->_getDbConnText($key, $val, true);
|
||||
}
|
||||
else if($key == 'sitelock_whitelist')
|
||||
else if($key == 'sitelock_whitelist' || $key == 'admin_ip_list')
|
||||
{
|
||||
if(!is_array($val)) $val = preg_split("/[\r\n|\r|\n]+/", $val);
|
||||
$val = array_unique($val);
|
||||
$tmpValue = sprintf('$db_info->%s = array(\'%s\');' . PHP_EOL, $key, implode('\', \'', $val));
|
||||
}
|
||||
else
|
||||
|
|
@ -578,7 +576,6 @@ class installController extends install
|
|||
|
||||
$buff[] = $tmpValue;
|
||||
}
|
||||
$buff[] = "?>";
|
||||
|
||||
return implode(PHP_EOL, $buff);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -294,24 +294,9 @@ class memberAdminModel extends member
|
|||
{
|
||||
$db_info = Context::getDBInfo();
|
||||
$admin_ip_list = $db_info->admin_ip_list;
|
||||
$admin_ip_list = explode(",",$admin_ip_list);
|
||||
$oMemberModel = &getModel('member');
|
||||
$ip = $_SERVER['REMOTE_ADDR'];
|
||||
$falg = false;
|
||||
foreach($admin_ip_list as $admin_ip_list_key => $admin_ip_value)
|
||||
{
|
||||
if(preg_match('/^\d{1,3}(?:.(\d{1,3}|\*)){3}\s*$/', $admin_ip_value, $matches) && $ip)
|
||||
{
|
||||
$admin_ip = $matches[0];
|
||||
$admin_ip = str_replace('*','',$admin_ip);
|
||||
$admin_ip_patterns[] = preg_quote($admin_ip);
|
||||
$admin_ip_pattern = '/^('.implode($admin_ip_patterns,'|').')/';
|
||||
if(preg_match($admin_ip_pattern, $ip, $matches)) return true;
|
||||
$flag = true;
|
||||
}
|
||||
}
|
||||
if(!$flag) return true;
|
||||
return false;
|
||||
if(!is_array($admin_ip_list)) $admin_ip_list = explode(',',$admin_ip_list);
|
||||
if(!count($admin_ip_list) || IpFilter::filter($admin_ip_list)) return true;
|
||||
else return false;
|
||||
}
|
||||
}
|
||||
/* End of file member.admin.model.php */
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue