PHP Xerxes_Framework_Restrict::isIpAddrInRanges Beispiele

Beispiel #1

Datei: Helper.php Projekt: laiello/xerxes-portal

 /**
  * Determines if the database is searchable by user
  *
  * @param Xerxes_Data_Database $db
  * @param Xerxes_Framework_Request $objRequest	Xerxes request object
  * @param Xerxes_Framework_Registry $objRegistry Xerxes registry object
  * @return unknown
  */
 public static function dbSearchableForUser(Xerxes_Data_Database $db, $objRequest, $objRegistry)
 {
     $allowed = "";
     if ($db->searchable != 1) {
         //nobody can search it!
         $allowed = false;
     } elseif ($db->guest_access != "") {
         //anyone can search it!
         $allowed = true;
     } elseif (count($db->group_restrictions) > 0) {
         // they have to be authenticated, and in a group that is included
         // in the restrictions, or in an ip address associated with a
         // restricted group.
         $allowed = Xerxes_Framework_Restrict::isAuthenticatedUser($objRequest) && array_intersect($_SESSION["user_groups"], $db->group_restrictions);
         if (!$allowed) {
             // not by virtue of a login, but now check for ip address
             $ranges = array();
             foreach ($db->get("group_restrictions") as $group) {
                 $ranges[] = $objRegistry->getGroupLocalIpRanges($group);
             }
             $allowed = Xerxes_Framework_Restrict::isIpAddrInRanges($objRequest->getServer('REMOTE_ADDR'), implode(",", $ranges));
         }
     } else {
         // ordinary generally restricted resource.  they need to be
         // an authenticated user, or in the local ip range.
         if (Xerxes_Framework_Restrict::isAuthenticatedUser($objRequest) || Xerxes_Framework_Restrict::isIpAddrInRanges($objRequest->getServer('REMOTE_ADDR'), $objRegistry->getConfig("LOCAL_IP_RANGE"))) {
             $allowed = true;
         }
     }
     return $allowed;
 }

Beispiel #2

Datei: Request.php Projekt: fresnostate-library/xerxes

 /**
  * Retrieve master XML and all request paramaters
  * 
  * @param bool $bolHideServer	[optional]	true will exclude the server variables from the response, default false
  *
  * @return DOMDocument
  */
 public function toXML($bolHideServer = false)
 {
     $objRegistry = Xerxes_Framework_Registry::getInstance();
     // add the url parameters and session and server global arrays
     // to the master xml document
     $objXml = new DOMDocument();
     $objXml->loadXML("<request />");
     // session and server global arrays will have parent elements
     // but querystring and cookie params will be at the root of request
     $this->addElement($objXml, $objXml->documentElement, $this->arrParams);
     // add the session global array
     $objSession = $objXml->createElement("session");
     $objXml->documentElement->appendChild($objSession);
     $this->addElement($objXml, $objSession, $_SESSION);
     // we might add some calculated thigns to xml that aren't actually
     // stored in session.
     // okay, yeah, we already have group memberships listed from the session,
     // but it doesn't have all the data we need, plus we need to stick
     // group memberships by virtue of IP address.
     $objAuth = $objXml->createElement("authorization_info");
     $objXml->documentElement->appendChild($objAuth);
     // are they an affiliated user at all, meaning either logged in or
     // ip recognized?
     $authUser = Xerxes_Framework_Restrict::isAuthenticatedUser($this);
     $authIP = Xerxes_Framework_Restrict::isIpAddrInRanges($this->getServer('REMOTE_ADDR'), $objRegistry->getConfig("local_ip_range"));
     $objElement = $objXml->createElement("affiliated", $authUser || $authIP ? "true" : "false");
     $objElement->setAttribute("user_account", $authUser ? "true" : "false");
     $objElement->setAttribute("ip_addr", $authIP ? "true" : "false");
     $objAuth->appendChild($objElement);
     // now each group
     $arrGroups = $objRegistry->userGroups();
     if ($arrGroups != null) {
         foreach ($objRegistry->userGroups() as $group) {
             $authUser = array_key_exists("user_groups", $_SESSION) && is_array($_SESSION["user_groups"]) && in_array($group, $_SESSION["user_groups"]);
             $authIP = Xerxes_Framework_Restrict::isIpAddrInRanges($this->getServer('REMOTE_ADDR'), $objRegistry->getGroupLocalIpRanges($group));
             $objElement = $objXml->createElement("group", $authUser || $authIP ? "true" : "false");
             $objElement->setAttribute("id", $group);
             $objElement->setAttribute("display_name", $objRegistry->getGroupDisplayName($group));
             $objElement->setAttribute("user_account", $authUser ? "true" : "false");
             $objElement->setAttribute("ip_addr", $authIP ? "true" : "false");
             $objAuth->appendChild($objElement);
         }
     }
     // add the server global array, but only if the request
     // asks for it, for security purposes
     if ($bolHideServer == true) {
         $objServer = $objXml->createElement("server");
         $objXml->documentElement->appendChild($objServer);
         $this->addElement($objXml, $objServer, $_SERVER);
     }
     // add to the master xml document
     $this->addDocument($objXml);
     // once added, now return the master xml document
     return $this->xml;
 }