X-Git-Url: https://git.p6c8.net/jirafeau_mojo42.git/blobdiff_plain/6f8b5fe4757b151a042ea83adbce2eb6c218d104..refs/merge-requests/34/head:/lib/functions.php?ds=sidebyside
diff --git a/lib/functions.php b/lib/functions.php
index d844e50..0bb51db 100644
--- a/lib/functions.php
+++ b/lib/functions.php
@@ -609,7 +609,7 @@ function jirafeau_admin_list($name, $file_hash, $link_hash)
/* Print link informations. */
echo '
';
echo '' .
- '' . htmlspecialchars($l['file_name']) . '';
echo ' | ';
echo '' . $l['mime_type'] . ' | ';
@@ -1070,22 +1070,26 @@ function jirafeau_challenge_upload_password($cfg, $password)
/**
* Test if visitor's IP is authorized to upload.
- * @param $ip IP to be challenged
+ *
+ * @param $allowedIpList array of allowed IPs
+ * @param $challengedIp IP to be challenged
* @return true if IP is authorized, false otherwise.
*/
-function jirafeau_challenge_upload_ip($cfg, $ip)
+function jirafeau_challenge_upload_ip($allowedIpList, $challengedIp)
{
- if (count($cfg['upload_ip']) == 0) {
+ // skip if list is empty = all IPs allowed
+ if (count($allowedIpList) == 0) {
return true;
}
- foreach ($cfg['upload_ip'] as $i) {
- if ($i == $ip) {
+ // test given IP against each allowed IP
+ foreach ($allowedIpList as $i) {
+ if ($i == $challengedIp) {
return true;
}
// CIDR test for IPv4 only.
if (strpos($i, '/') !== false) {
list($subnet, $mask) = explode('/', $i);
- if ((ip2long($ip) & ~((1 << (32 - $mask)) - 1)) == ip2long($subnet)) {
+ if ((ip2long($challengedIp) & ~((1 << (32 - $mask)) - 1)) == ip2long($subnet)) {
return true;
}
}