Example #1
0
 public function filter($ip_list, $ip = NULL)
 {
     if (!$ip) {
         $ip = $_SERVER['REMOTE_ADDR'];
     }
     foreach ($ip_list as $filter) {
         if (Rhymix\Framework\IpFilter::inRange($ip, $filter)) {
             return true;
         }
     }
     return false;
 }
Example #2
0
 /**
  * check allowed target ip address when  login for admin. 
  *
  * @return boolean (true : allowed, false : refuse)
  */
 function getMemberAdminIPCheck($allow_list = null, $deny_list = null)
 {
     if ($allow_list = $allow_list === null ? config('admin.allow') : $allow_list) {
         foreach ($allow_list as $range) {
             if (Rhymix\Framework\IpFilter::inRange(RX_CLIENT_IP, $range)) {
                 return true;
             }
         }
         return false;
     }
     if ($deny_list = $deny_list === null ? config('admin.deny') : $deny_list) {
         foreach ($deny_list as $range) {
             if (Rhymix\Framework\IpFilter::inRange(RX_CLIENT_IP, $range)) {
                 return false;
             }
         }
         return true;
     }
     return true;
 }
Example #3
0
 /**
  * Update sitelock configuration.
  */
 function procAdminUpdateSitelock()
 {
     $vars = Context::gets('sitelock_locked', 'sitelock_allowed_ip', 'sitelock_title', 'sitelock_message');
     $allowed_ip = array_map('trim', preg_split('/[\\r\\n]/', $vars->sitelock_allowed_ip));
     $allowed_ip = array_unique(array_filter($allowed_ip, function ($item) {
         return $item !== '';
     }));
     if ($vars->sitelock_locked === 'Y') {
         $allowed_localhost = false;
         $allowed_current = false;
         foreach ($allowed_ip as $range) {
             if (Rhymix\Framework\IpFilter::inRange('127.0.0.1', $range)) {
                 $allowed_localhost = true;
             }
             if (Rhymix\Framework\IpFilter::inRange(RX_CLIENT_IP, $range)) {
                 $allowed_current = true;
             }
         }
         if (!$allowed_localhost) {
             array_unshift($allowed_ip, '127.0.0.1');
         }
         if (!$allowed_current) {
             array_unshift($allowed_ip, RX_CLIENT_IP);
         }
     }
     if (!IpFilter::validate($whitelist)) {
         return new Object(-1, 'msg_invalid_ip');
     }
     Rhymix\Framework\Config::set('lock.locked', $vars->sitelock_locked === 'Y');
     Rhymix\Framework\Config::set('lock.title', trim($vars->sitelock_title));
     Rhymix\Framework\Config::set('lock.message', trim($vars->sitelock_message));
     Rhymix\Framework\Config::set('lock.allow', array_values($allowed_ip));
     Rhymix\Framework\Config::save();
     $this->setMessage('success_updated');
     $this->setRedirectUrl(Context::get('success_return_url') ?: getNotEncodedUrl('', 'act', 'dispAdminConfigSitelock'));
 }
Example #4
0
 /**
  * Display Sitelock Settings page
  * @return void
  */
 function dispAdminConfigSitelock()
 {
     Context::set('sitelock_locked', Rhymix\Framework\Config::get('lock.locked'));
     Context::set('sitelock_title', escape(Rhymix\Framework\Config::get('lock.title')));
     Context::set('sitelock_message', escape(Rhymix\Framework\Config::get('lock.message')));
     $allowed_ip = Rhymix\Framework\Config::get('lock.allow') ?: array();
     $allowed_localhost = false;
     $allowed_current = false;
     foreach ($allowed_ip as $range) {
         if (Rhymix\Framework\IpFilter::inRange('127.0.0.1', $range)) {
             $allowed_localhost = true;
         }
         if (Rhymix\Framework\IpFilter::inRange(RX_CLIENT_IP, $range)) {
             $allowed_current = true;
         }
     }
     if (!$allowed_localhost) {
         array_unshift($allowed_ip, '127.0.0.1');
     }
     if (!$allowed_current) {
         array_unshift($allowed_ip, RX_CLIENT_IP);
     }
     Context::set('sitelock_allowed_ip', implode(PHP_EOL, $allowed_ip));
     Context::set('remote_addr', RX_CLIENT_IP);
     $this->setTemplateFile('config_sitelock');
 }
Example #5
0
 /**
  * Enforce site lock.
  */
 private static function enforceSiteLock()
 {
     // Allow if the current user is logged in as administrator, or trying to log in.
     $logged_info = self::get('logged_info');
     if ($logged_info && $logged_info->is_admin === 'Y') {
         return;
     } elseif (in_array(self::get('act'), array('procMemberLogin', 'dispMemberLogout'))) {
         return;
     }
     // Allow if the current user is in the list of allowed IPs.
     $allowed_list = config('lock.allow');
     foreach ($allowed_list as $allowed_ip) {
         if (Rhymix\Framework\IpFilter::inRange(RX_CLIENT_IP, $allowed_ip)) {
             return;
         }
     }
     // Set headers and constants for backward compatibility.
     header('HTTP/1.1 503 Service Unavailable');
     define('_XE_SITELOCK_', TRUE);
     define('_XE_SITELOCK_TITLE_', config('lock.title') ?: self::getLang('admin.sitelock_in_use'));
     define('_XE_SITELOCK_MESSAGE_', config('lock.message'));
     unset($_SESSION['XE_VALIDATOR_RETURN_URL']);
     // Load the sitelock template.
     if (FileHandler::exists(RX_BASEDIR . 'common/tpl/sitelock.user.html')) {
         include RX_BASEDIR . 'common/tpl/sitelock.user.html';
     } else {
         self::setBrowserTitle(self::getSiteTitle());
         $oMessageObject = getView('message');
         $oMessageObject->setHttpStatusCode(503);
         $oMessageObject->setError(-1);
         $oMessageObject->setMessage(_XE_SITELOCK_TITLE_);
         $oMessageObject->dispMessage();
         $oModuleHandler = new ModuleHandler();
         $oModuleHandler->displayContent($oMessageObject);
     }
     exit;
 }