X-Git-Url: https://git.p6c8.net/jirafeau_mojo42.git/blobdiff_plain/a00401257a73daf0449386e57ee9a811e2a4f408..f950bd1463ad57d9b27b6f1fbdadecb775ea2513:/lib/functions.php diff --git a/lib/functions.php b/lib/functions.php index bff319f..b590e2b 100644 --- a/lib/functions.php +++ b/lib/functions.php @@ -1141,50 +1141,9 @@ function jirafeau_challenge_upload_ip_without_password($cfg, $challengedIp) */ function jirafeau_challenge_upload ($cfg, $ip, $password) { - // Allow if no ip restrictaion and no password restriction - if ((count ($cfg['upload_ip']) == 0) and (count ($cfg['upload_password']) == 0)) { - return true; - } - - // Allow if ip is in array (no password) - foreach ($cfg['upload_ip_nopassword'] as $i) { - if ($i == $ip) { - return true; - } - // CIDR test for IPv4 only. - if (strpos ($i, '/') !== false) - { - list ($subnet, $mask) = explode('/', $i); - if ((ip2long ($ip) & ~((1 << (32 - $mask)) - 1) ) == ip2long ($subnet)) { - return true; - } - } - } - - // Allow if ip is in array - foreach ($cfg['upload_ip'] as $i) { - if ($i == $ip) { - return true; - } - // CIDR test for IPv4 only. - if (strpos ($i, '/') !== false) - { - list ($subnet, $mask) = explode('/', $i); - if ((ip2long ($ip) & ~((1 << (32 - $mask)) - 1) ) == ip2long ($subnet)) { - return true; - } - } - } - if (!jirafeau_has_upload_password($cfg)) { - return false; - } - - foreach ($cfg['upload_password'] as $p) { - if ($password == $p) { - return true; - } - } - return false; + return jirafeau_challenge_upload_ip_without_password($cfg, $ip) || + (!jirafeau_has_upload_password($cfg) && !jirafeau_upload_has_ip_restriction($cfg)) || + (jirafeau_challenge_upload_password($cfg, $password) && jirafeau_challenge_upload_ip($cfg, $ip)); } /** Tell if we have some HTTP headers generated by a proxy */