Author: rhari
Date: Wed May 30 12:40:41 2007
New Revision: 465
URL: http://svn.gna.org/viewcvs/phplinker?rev=465&view=rev
Log:
#221
Fonctions de control des ips qui pevent utiliser les APIs
Added:
trunk/www/lib/ips_control.php
Modified:
trunk/www/admin/api/fetch_categories.php
trunk/www/includes/start.php
Modified: trunk/www/admin/api/fetch_categories.php
URL:
http://svn.gna.org/viewcvs/phplinker/trunk/www/admin/api/fetch_categories.php?rev=465&r1=464&r2=465&view=diff
==============================================================================
--- trunk/www/admin/api/fetch_categories.php (original)
+++ trunk/www/admin/api/fetch_categories.php Wed May 30 12:40:41 2007
@@ -25,6 +25,9 @@
<?php
require($_SERVER['DOCUMENT_ROOT']."/includes/start.php");
+if (!is_allowed_ip ($_SERVER['REMOTE_ADDR']))
+ die ('Désolé, votre adresse IP n\'est pas autorisée à utiliser
l\'API!!!');
+
$root=0;
$all_categs = linker_get_categories_tree_array();
$all_categs_simple = linker_get_categories_tree_array(-1,true);
Modified: trunk/www/includes/start.php
URL:
http://svn.gna.org/viewcvs/phplinker/trunk/www/includes/start.php?rev=465&r1=464&r2=465&view=diff
==============================================================================
--- trunk/www/includes/start.php (original)
+++ trunk/www/includes/start.php Wed May 30 12:40:41 2007
@@ -41,6 +41,7 @@
require(dirname(__FILE__)."/../lib/sql_config.php");
require(dirname(__FILE__)."/../lib/xajax/xajax.inc.php");
require(dirname(__FILE__)."/../lib/tag_xajax.php");
+require(dirname(__FILE__)."/../lib/ips_control.php");
$linker_config=array();
$req_config=sql_query('die',__FILE__,__LINE__,__FUNCTION__,"SELECT name, value
FROM config");
Added: trunk/www/lib/ips_control.php
URL:
http://svn.gna.org/viewcvs/phplinker/trunk/www/lib/ips_control.php?rev=465&view=auto
==============================================================================
--- trunk/www/lib/ips_control.php (added)
+++ trunk/www/lib/ips_control.php Wed May 30 12:40:41 2007
@@ -1,0 +1,34 @@
+<?php
+/*
+ This file is part of PHPLinker.
+
+ PHPLinker is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ PHPLinker is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with PHPLinker; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+?>
+<?php
+require('IPv4.php');
+function is_allowed_ip ($ip){
+ $qry = "SELECT value FROM config WHERE name = 'linker_api_allowed_ips'";
+ $qry = sql_query('die', __FILE__, __LINE__, __FUNCTION__, $qry);
+ if (list($value) = mysql_fetch_array($qry)){
+ $ips_list = explode(" ", $value);
+ foreach ($ips_list as $allowed_ip){
+ if (Net_IPv4::ipInNetwork($ip, $allowed_ip) || $ip == $allowed_ip)
+ return true;
+ }
+ }
+ return false;
+}
+?>
_______________________________________________
PHPLinker-commits mailing list
[email protected]
https://mail.gna.org/listinfo/phplinker-commits
