X-Git-Url: https://git.p6c8.net/jirafeau.git/blobdiff_plain/c32806657b3b9e1548d5cf6c84a9d1f96dea0617..76672f43452be5fb86ed140cc15b43c786cd75c2:/lib/functions.php?ds=sidebyside diff --git a/lib/functions.php b/lib/functions.php index d6f7cb0..ecd7be8 100644 --- a/lib/functions.php +++ b/lib/functions.php @@ -1385,6 +1385,31 @@ function jirafeau_challenge_upload($cfg, $ip, $password) (jirafeau_challenge_upload_password($cfg, $password) && jirafeau_challenge_upload_ip($cfg, $ip)); } +/** + * Check if Jirafeau has a restriction on the IP address for accessing the admin interface. + * @return true if admin interface is IP restricted, false otherwise. + */ +function jirafeau_admin_has_ip_restriction($cfg) +{ + return count($cfg['admin_ip']) > 0; +} + +/** + * Test if visitor's IP is authorized to access the admin interface. + * + * @param $cfg configuration + * @param $challengedIp IP to be challenged + * @return true if IP is authorized, false otherwise. + */ +function jirafeau_challenge_admin_ip($cfg, $challengedIp) +{ + // If no IP address have been listed, allow upload from any IP + if (!jirafeau_admin_has_ip_restriction($cfg)) { + return true; + } + return jirafeau_challenge_ip($cfg['admin_ip'], $challengedIp); +} + /** Tell if we have some HTTP headers generated by a proxy */ function has_http_forwarded() { @@ -1613,7 +1638,8 @@ function jirafeau_add_ending_slash($path) function jirafeau_default_web_root() { - return $_SERVER['HTTP_HOST'] . str_replace('install.php', '', $_SERVER['REQUEST_URI']); + $url_scheme = (isset($_SERVER['HTTPS'])) ? 'https://' : 'http://'; + return $url_scheme . $_SERVER['HTTP_HOST'] . str_replace('install.php', '', $_SERVER['REQUEST_URI']); } function jirafeau_get_download_stats($hash)