X-Git-Url: https://git.p6c8.net/jirafeau_mojo42.git/blobdiff_plain/6f8b5fe4757b151a042ea83adbce2eb6c218d104..916e56f40bde5bf4985a73773db6136fcc41ddb3:/lib/functions.php

diff --git a/lib/functions.php b/lib/functions.php
index d844e50..7d15e1b 100644
--- a/lib/functions.php
+++ b/lib/functions.php
@@ -1070,22 +1070,26 @@ function jirafeau_challenge_upload_password($cfg, $password)
 
 /**
  * Test if visitor's IP is authorized to upload.
- * @param $ip IP to be challenged
+ *
+ * @param $allowedIpList array of allowed IPs
+ * @param $challengedIp IP to be challenged
  * @return true if IP is authorized, false otherwise.
  */
-function jirafeau_challenge_upload_ip($cfg, $ip)
+function jirafeau_challenge_upload_ip($allowedIpList, $challengedIp)
 {
-    if (count($cfg['upload_ip']) == 0) {
+    // skip if list is empty = all IPs allowed
+    if (count($allowedIpList) == 0) {
         return true;
     }
-    foreach ($cfg['upload_ip'] as $i) {
-        if ($i == $ip) {
+    // test given IP against each allowed IP
+    foreach ($allowedIpList as $i) {
+        if ($i == $challengedIp) {
             return true;
         }
         // CIDR test for IPv4 only.
         if (strpos($i, '/') !== false) {
             list($subnet, $mask) = explode('/', $i);
-            if ((ip2long($ip) & ~((1 << (32 - $mask)) - 1)) == ip2long($subnet)) {
+            if ((ip2long($challengedIp) & ~((1 << (32 - $mask)) - 1)) == ip2long($subnet)) {
                 return true;
             }
         }