X-Git-Url: https://git.p6c8.net/jirafeau.git/blobdiff_plain/e32a48c6f4c05505465ed7fe3ca70cb703868d42..9dd7c6e4445ed2b0fedcbd018cc9e54868649a3d:/lib/functions.php

diff --git a/lib/functions.php b/lib/functions.php
index 2546497..27e4fc3 100644
--- a/lib/functions.php
+++ b/lib/functions.php
@@ -98,6 +98,9 @@ function is_ssl() {
             return true;
     } elseif ( isset($_SERVER['SERVER_PORT']) && ( '443' == $_SERVER['SERVER_PORT'] ) ) {
         return true;
+    } elseif (isset($_SERVER['HTTP_X_FORWARDED_PROTO'])) {
+        if ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')
+            return true;
     }
     return false;
 }
@@ -1081,3 +1084,27 @@ function jirafeau_challenge_upload_password ($cfg, $password)
     return false;
 }
 
+/**
+ * Test if visitor's IP is authorized to upload.
+ * @param $ip IP to be challenged
+ * @return true if IP is authorized, false otherwise.
+ */
+function jirafeau_challenge_upload_ip ($cfg, $ip)
+{
+    if (count ($cfg['upload_ip']) == 0)
+        return true;
+    forEach ($cfg['upload_ip'] as $i)
+    {
+        if ($i == $ip)
+            return true;
+        // CIDR test for IPv4 only.
+        if (strpos ($i, '/') !== false)
+        {
+            list ($subnet, $mask) = explode('/', $i);
+            if ((ip2long ($ip) & ~((1 << (32 - $mask)) - 1) ) == ip2long ($subnet))
+                return true;
+        }
+    }
+    return false;
+}
+