34 if (!$mem->checkRight())
return false;
40 'title' => _(
"Access security"),
41 'ico' =>
'images/ip.png',
42 'link' =>
'ip_main.php',
57 if ($whitelist && $mem->checkRight() ) {
64 $db->query(
"SELECT * FROM authorised_ip WHERE uid='$cuid' order by ip,subnet;");
65 while ($db->next_record()) {
66 $r[$db->f(
'id')]=$db->Record;
67 if ( (
checkip($db->f(
'ip')) && $db->f(
'subnet') == 32) ||
68 (
checkipv6($db->f(
'ip')) && $db->f(
'subnet') == 128) ) {
69 $r[$db->f(
'id')][
'ip_human']=$db->f(
'ip');
71 $r[$db->f(
'id')][
'ip_human']=$db->f(
'ip').
"/".$db->f(
'subnet');
91 $db->query(
"SELECT id FROM authorised_ip_affected where authorised_ip_id ='$id';");
92 while ($db->next_record()) {
95 if (! $db->query(
"delete from authorised_ip where id='$id' and ( uid='$cuid' or uid=0) limit 1;") ) {
96 echo
"query failed: ".$db->Error;
111 if (! $db->query(
"select ai.ip, ai.subnet, ai.infos, aia.parameters from authorised_ip ai, authorised_ip_affected aia where aia.protocol='$s' and aia.authorised_ip_id = ai.id and ai.uid='$cuid';") ) {
112 echo
"query failed: ".$db->Error;
116 while ($db->next_record()) {
117 $r[]=Array(
"ip"=>$db->f(
"ip"),
"subnet"=>$db->f(
"subnet"),
"infos"=>$db->f(
"infos"),
"parameters"=>$db->f(
"parameters"));
124 if (! $db->query(
"select ai.ip, ai.subnet from authorised_ip ai where ai.uid='0';") ) {
125 echo
"query failed: ".$db->Error;
128 while ($db->next_record()) {
129 if ( $this->
is_in_subnet($ip, $db->f(
'ip'), $db->f(
'subnet') ) )
return true;
140 $ip = inet_pton($ip);
143 if ( $o >= $ip && $o <= ($ip+
$sub) )
return true;
160 if (!$mem->checkRight())
return false;
180 if (
$uid === 0 && $mem->checkRight() ) {
190 $tmp=explode(
'/',$ipsub);
195 echo
"Failed : not an IP address";
200 if (
isset($tmp[1])) {
201 $subnet=intval($tmp[1]);
203 if (
checkip($ip) ) $subnet=32;
208 if (
checkip($ip) && $subnet > 32 ) $subnet=32;
212 foreach($list_affected as $k => $v) {
215 if (! $db->query(
"update authorised_ip set ip='$ip', subnet='$subnet', infos='$infos' where id='$id' and uid='$cuid' ;") ) {
216 echo
"query failed: ".$db->Error;
219 foreach($list_affected as $k => $v) {
223 if (! $db->query(
"insert into authorised_ip (uid, ip, subnet, infos) values ('$cuid', '$ip', '$subnet', '$infos' );") ) {
224 echo
"query failed: ".$db->Error;
238 $db->query(
"SELECT id FROM authorised_ip WHERE uid ='$cuid';");
239 while ($db->next_record()) {
255 $authclass = $hooks->invoke(
'authip_class');
259 foreach ($authclass as $k => $v) {
260 $authclass[$k][
'class']=$k;
279 $authorised_ip_id=intval($authorised_ip_id);
280 $protocol=mysql_real_escape_string($protocol);
286 if (! $db->query(
"update authorised_ip_affected set authorised_ip_id='$authorised_ip_id', protocol='$protocol', parameters='$parameters' where id ='$id' limit 1;") ) {
287 echo
"query failed: ".$db->Error;
292 if (! $db->query(
"insert into authorised_ip_affected (authorised_ip_id, protocol, parameters) values ('$authorised_ip_id', '$protocol', '$parameters');") ) {
293 echo
"query failed: ".$db->Error;
296 $this->
call_hooks(
"authip_on_create", mysql_insert_id() );
316 if (! $db->query(
"delete from authorised_ip_affected where id='$id' limit 1;") ) {
317 echo
"query failed: ".$db->Error;
337 if (!
isset(
$d[$affectation_id] )) {
338 $err->raise(
'authip', _(
"Object not available"));
342 $affectation =
$d[$affectation_id];
346 if (!
isset($e[$affectation[
'protocol']])) {
347 $err->raise(
'authip', sprintf(_(
"Can't identified class for the protocole %s"), $affectation[
'protocol']));
350 $c = $e[$affectation[
'protocol']][
'class'];
353 $hooks->invoke($function, Array($affectation), Array(
$c) );
367 if ( is_null($ip_id) ) {
368 $db->query(
"select aia.* from authorised_ip_affected aia, authorised_ip ai where ai.uid='$cuid' and aia.authorised_ip_id = ai.id order by protocol, parameters;");
370 $db->query(
"select aia.* from authorised_ip_affected aia, authorised_ip ai where ai.uid='$cuid' and aia.authorised_ip_id = '".intval($ip_id).
"' order by protocol, parameters;");
372 while ($db->next_record()) {
373 $r[$db->f(
'id')]=$db->Record;