+/**
+ * Test if visitor's IP is authorized to upload.
+ *
+ * @param $allowedIpList array of allowed IPs
+ * @param $challengedIp IP to be challenged
+ * @return true if IP is authorized, false otherwise.
+ */
+function jirafeau_challenge_upload_ip($allowedIpList, $challengedIp)
+{
+ // skip if list is empty = all IPs allowed
+ if (count($allowedIpList) == 0) {
+ return true;
+ }
+ // test given IP against each allowed IP
+ foreach ($allowedIpList as $i) {
+ if ($i == $challengedIp) {
+ return true;
+ }
+ // CIDR test for IPv4 only.
+ if (strpos($i, '/') !== false) {
+ list($subnet, $mask) = explode('/', $i);
+ if ((ip2long($challengedIp) & ~((1 << (32 - $mask)) - 1)) == ip2long($subnet)) {
+ return true;
+ }
+ }
+ }
+ return false;
+}
+
+/**
+ * Test if visitor's IP is authorized or password is supplied and authorized
+ * @param $ip IP to be challenged
+ * @param $password password to be challenged
+ * @return true if access is valid, false otherwise.
+ */
+function jirafeau_challenge_upload ($cfg, $ip, $password)
+{
+ // Allow if no ip restrictaion and no password restriction
+ if ((count ($cfg['upload_ip']) == 0) and (count ($cfg['upload_password']) == 0)) {
+ return true;