X-Git-Url: https://git.p6c8.net/jirafeau_mojo42.git/blobdiff_plain/96707e02b8b24054e0827eaf169cc88504a1e78c..cd09b476cbbfa8f90f0f86e67da5414d21c8ad10:/lib/functions.php?ds=sidebyside diff --git a/lib/functions.php b/lib/functions.php index 4d698c2..bac444b 100644 --- a/lib/functions.php +++ b/lib/functions.php @@ -594,7 +594,7 @@ function jirafeau_admin_list($name, $file_hash, $link_hash) /* Print link informations. */ echo ''; echo '' . - '' . htmlspecialchars($l['file_name']) . ''; echo ''; echo '' . $l['mime_type'] . ''; @@ -611,17 +611,17 @@ function jirafeau_admin_list($name, $file_hash, $link_hash) echo '' . strftime('%c', $l['upload_date']) . ''; echo '' . $l['ip'] . ''; echo '' . - '
' . + '' . '' . '' . '' . '
' . - '
' . + '' . '' . '' . '' . '
' . - '
' . + '' . '' . '' . '' . @@ -1079,6 +1079,45 @@ function jirafeau_challenge_upload_ip($cfg, $ip) return false; } +/** + * Test if visitor's IP is authorized or password is supplied and authorized + * @param $ip IP to be challenged + * @param $password password to be challenged + * @return true if access is valid, false otherwise. + */ +function jirafeau_challenge_upload ($cfg, $ip, $password) +{ + // Allow if no ip restrictaion and no password restriction + if ((count ($cfg['upload_ip']) == 0) and (count ($cfg['upload_password']) == 0)) { + return true; + } + + // Allow if ip is in array + foreach ($cfg['upload_ip'] as $i) { + if ($i == $ip) { + return true; + } + // CIDR test for IPv4 only. + if (strpos ($i, '/') !== false) + { + list ($subnet, $mask) = explode('/', $i); + if ((ip2long ($ip) & ~((1 << (32 - $mask)) - 1) ) == ip2long ($subnet)) { + return true; + } + } + } + if (!jirafeau_has_upload_password($cfg)) { + return false; + } + + foreach ($cfg['upload_password'] as $p) { + if ($password == $p) { + return true; + } + } + return false; +} + /** Tell if we have some HTTP headers generated by a proxy */ function has_http_forwarded() {