/** * Validate token * * @param string $token * Token * @return string User ID when validated or boolean FALSE when validation failed */ function auth_validate_token($token) { $token = trim($token); if (_APP_ == 'main' || _APP_ == 'menu') { _log('login attempt token:' . $token . ' ip:' . $_SERVER['REMOTE_ADDR'], 3, 'auth_validate_token'); } if ($token) { $db_query = "SELECT uid,username,enable_webservices,webservices_ip FROM " . _DB_PREF_ . "_tblUser WHERE flag_deleted='0' AND token='{$token}'"; $db_result = dba_query($db_query); $db_row = dba_fetch_array($db_result); $username = trim($db_row['username']); // check blacklist if (blacklist_ifipexists($username, $_SERVER['REMOTE_ADDR'])) { _log('IP blacklisted u:' . $username . ' uid:' . $uid . ' ip:' . $_SERVER['REMOTE_ADDR'], 2, 'auth_validate_login'); return FALSE; } if (($uid = trim($db_row['uid'])) && $username && $db_row['enable_webservices']) { $ip = explode(',', $db_row['webservices_ip']); if (is_array($ip)) { foreach ($ip as $key => $net) { if (core_net_match($net, $_SERVER['REMOTE_ADDR'])) { if (user_banned_get($uid)) { _log('user banned u:' . $username . ' uid:' . $uid . ' ip:' . $_SERVER['REMOTE_ADDR'], 2, 'auth_validate_token'); return FALSE; } if (_APP_ == 'main' || _APP_ == 'menu') { _log('valid login u:' . $username . ' uid:' . $uid . ' ip:' . $_SERVER['REMOTE_ADDR'], 2, 'auth_validate_token'); } // remove IP on successful login blacklist_clearip($username, $_SERVER['REMOTE_ADDR']); return $uid; } } } } } // check blacklist blacklist_checkip($username, $_SERVER['REMOTE_ADDR']); _log('invalid login t:' . $token . ' ip:' . $_SERVER['REMOTE_ADDR'], 2, 'auth_validate_token'); return FALSE; }
/** * Add IP address to blacklist * * @param string $label * single label, can be $username or $uid, its up to the implementator * @param string $ip * single IP address * @return boolean TRUE on added */ function firewall_hook_blacklist_addip($label, $ip) { $ret = FALSE; $uid = user_username2uid($label); $db_query = "\n\t\t\tINSERT INTO " . _DB_PREF_ . "_featureFirewall (uid, ip_address)\n\t\t\tVALUES ('{$uid}', '{$ip}')"; if (!blacklist_ifipexists($label, $ip)) { $new_ip = @dba_insert_id($db_query); if ($new_ip) { _log('add IP to blacklist ip:' . $new_ip . ' uid:' . $uid, 2, 'firewall_hook_blacklist_addip'); $ret = TRUE; } } return $ret; }