added support for limiting the access to setup on certain IP's, IP-ranges or hostnames

2024-11-07 08:34:42 +01:00 · 2004-05-04 09:08:28 +00:00 · 2004-05-04 09:08:28 +00:00 · 257b69a6fb
commit 257b69a6fb
parent 2981120ef4
3 changed files with 12 additions and 6 deletions
--- a/header.inc.php.template
+++ b/header.inc.php.template
@ -22,6 +22,7 @@
 	define('PHPGW_INCLUDE_ROOT','{INCLUDE_ROOT}');
 	$GLOBALS['phpgw_info']['server']['header_admin_user'] = '{HEADER_ADMIN_USER}';
 	$GLOBALS['phpgw_info']['server']['header_admin_password'] = '{HEADER_ADMIN_PASSWORD}';
+	$GLOBALS['phpgw_info']['server']['setup_acl'] = '{SETUP_ACL}';

 	/* eGroupWare domain-specific db settings */{domains}
 	/*
--- a/phpgwapi/inc/class.setup.inc.php
+++ b/phpgwapi/inc/class.setup.inc.php
@ -114,8 +114,6 @@
 		function auth($auth_type='Config')
 		{
 			#phpinfo();
-			#$remoteip   = $_SERVER['REMOTE_ADDR'];
-
 			$FormLogout = get_var('FormLogout',  array('GET','POST'));
 			if(!$FormLogout)
 			{
@ -145,7 +143,8 @@
 				}
 			}

-			/* if(!empty($remoteip) && !$this->checkip($remoteip)) { return False; } */
+			$remoteip   = $_SERVER['REMOTE_ADDR'];
+			if(!empty($remoteip) && !$this->checkip($remoteip)) { return False; }

 			/* If FormLogout is set, simply invalidate the cookies (LOGOUT) */
 			switch(strtolower($FormLogout))
@ -285,11 +284,15 @@
 		function checkip($remoteip='')
 		{
 			$allowed_ips = split(',',$GLOBALS['phpgw_info']['server']['setup_acl']);
-			if(is_array($allowed_ips))
+			if(!empty($GLOBALS['phpgw_info']['server']['setup_acl']) && is_array($allowed_ips) && count($allowed_ips) > 0)
 			{
 				$foundip = False;
-				while(list(,$value) = @each($allowed_ips))
+				foreach($allowed_ips as $value)
 				{
+					if (!preg_match('/^[0-9.]$/',$value))
+					{
+						$value = gethostbyname($value);		// resolve domain-name, eg. a dyndns account
+					}
 					$test = split("\.",$value);
 					if(count($test) < 3)
 					{
--- a/setup/templates/default/manageheader.tpl
+++ b/setup/templates/default/manageheader.tpl
@ -40,7 +40,9 @@
  <tr>
    <td colspan="2"><b>{lang_adminpass}</b><br><input type="password" name="setting[HEADER_ADMIN_PASSWORD]" size="30" value="{header_admin_password}"><input type="hidden" name="setting[HEADER_ADMIN_PASS]" value="{header_admin_pass}"></td>
  </tr>
-  <br><br>
+  <tr>
+    <td colspan="2"><b>{lang_setup_acl}</b><br><input type="text" name="setting[setup_acl]" size="30" value="{setup_acl}"></td>
+  </tr>
  <tr>
    <td><b>{lang_persist}</b><br>
      <select type="checkbox" name="setting[db_persistent]">