X-Git-Url: https://git.p6c8.net/jirafeau_mojo42.git/blobdiff_plain/c32806657b3b9e1548d5cf6c84a9d1f96dea0617..76672f43452be5fb86ed140cc15b43c786cd75c2:/lib/functions.php?ds=sidebyside

diff --git a/lib/functions.php b/lib/functions.php
index d6f7cb0..ecd7be8 100644
--- a/lib/functions.php
+++ b/lib/functions.php
@@ -1385,6 +1385,31 @@ function jirafeau_challenge_upload($cfg, $ip, $password)
             (jirafeau_challenge_upload_password($cfg, $password) && jirafeau_challenge_upload_ip($cfg, $ip));
 }
 
+/**
+ * Check if Jirafeau has a restriction on the IP address for accessing the admin interface.
+ * @return true if admin interface is IP restricted, false otherwise.
+ */
+function jirafeau_admin_has_ip_restriction($cfg)
+{
+    return count($cfg['admin_ip']) > 0;
+}
+
+/**
+ * Test if visitor's IP is authorized to access the admin interface.
+ *
+ * @param $cfg configuration
+ * @param $challengedIp IP to be challenged
+ * @return true if IP is authorized, false otherwise.
+ */
+function jirafeau_challenge_admin_ip($cfg, $challengedIp)
+{
+    // If no IP address have been listed, allow upload from any IP
+    if (!jirafeau_admin_has_ip_restriction($cfg)) {
+        return true;
+    }
+    return jirafeau_challenge_ip($cfg['admin_ip'], $challengedIp);
+}
+
 /** Tell if we have some HTTP headers generated by a proxy */
 function has_http_forwarded()
 {
@@ -1613,7 +1638,8 @@ function jirafeau_add_ending_slash($path)
 
 function jirafeau_default_web_root()
 {
-    return $_SERVER['HTTP_HOST'] . str_replace('install.php', '', $_SERVER['REQUEST_URI']);
+    $url_scheme = (isset($_SERVER['HTTPS'])) ? 'https://' : 'http://';
+    return $url_scheme . $_SERVER['HTTP_HOST'] . str_replace('install.php', '', $_SERVER['REQUEST_URI']);
 }
 
 function jirafeau_get_download_stats($hash)