From b2d49204b8c7e46040a3d9ef3b247e3010c68d0f Mon Sep 17 00:00:00 2001 From: chenfeiCF Date: Mon, 14 Mar 2016 11:31:02 +0800 Subject: [PATCH] * move checkIP method to common model from user model. --- config/config.php | 3 +-- module/common/lang/en.php | 1 + module/common/lang/zh-cn.php | 1 + module/common/model.php | 42 ++++++++++++++++++++++++++++++++++++ module/user/control.php | 3 --- module/user/model.php | 40 ---------------------------------- 6 files changed, 45 insertions(+), 45 deletions(-) diff --git a/config/config.php b/config/config.php index 739901b4d9..93c376b005 100644 --- a/config/config.php +++ b/config/config.php @@ -82,8 +82,7 @@ $config->file->dangers = 'php,php3,php4,phtml,php5,jsp,py,rb,asp,asa,cer,cdx,asp $config->file->maxSize = 1024 * 1024; // Max size. /* IP white list settings.*/ -$config->ip = new stdclass(); -$config->ip->whiteList = '*'; +$config->ipWhiteList = '*'; /* View type settings. */ $config->devicePrefix['mhtml'] = 'm.'; diff --git a/module/common/lang/en.php b/module/common/lang/en.php index a7ab3ca876..a50fc7d2db 100644 --- a/module/common/lang/en.php +++ b/module/common/lang/en.php @@ -59,6 +59,7 @@ $lang->uploadImages = 'Upload images '; $lang->timeout = 'Timed out, please check the network, or retry!'; $lang->repairTable = 'The table may be damaged, please repair by phpmyadmin or myisamchk!'; $lang->duplicate = '%s has the same title'; +$lang->ipLimited = "Sorry, current IP is limited by Administrator. Please contact the Administrator to lift the restrictions."; $lang->unfold = '+'; $lang->fold = '-'; diff --git a/module/common/lang/zh-cn.php b/module/common/lang/zh-cn.php index cc9fc079a3..5aa36fa321 100644 --- a/module/common/lang/zh-cn.php +++ b/module/common/lang/zh-cn.php @@ -59,6 +59,7 @@ $lang->uploadImages = '多图上传 '; $lang->timeout = '连接超时,请检查网络环境,或重试!'; $lang->repairTable = '数据库表可能损坏,请用phpmyadmin或myisamchk检查修复。'; $lang->duplicate = '已有相同标题的%s'; +$lang->ipLimited = "抱歉,管理员限制当前IP登录,请联系管理员解除限制。"; $lang->unfold = '+'; $lang->fold = '-'; diff --git a/module/common/model.php b/module/common/model.php index 2cb27344a6..f0c4acbda7 100644 --- a/module/common/model.php +++ b/module/common/model.php @@ -28,6 +28,7 @@ class commonModel extends model $this->setUser(); $this->loadConfigFromDB(); $this->loadCustomFromDB(); + if(!$this->checkIP()) die($this->lang->ipLimited); if($this->app->getViewType() == 'mhtml') $this->setMobileMenu(); $this->app->loadLang('company'); define('FIRST_RUN', true); @@ -1186,6 +1187,47 @@ class commonModel extends model return false; } + /** + * Check whether IP in white list. + * + * @access public + * @return bool + */ + public function checkIP() + { + $ip = $this->server->remote_addr; + + $ipWhiteList = $this->config->ipWhiteList; + + /* If the ip white list is '*'. */ + if($ipWhiteList == '*') return true; + + /* The ip is same as ip in white list. */ + if($ip == $ipWhiteList) return true; + + /* If the ip in white list is like 192.168.1.1-192.168.1.10. */ + if(strpos($ipWhiteList, '-') !== false) + { + list($min, $max) = explode('-', $ipWhiteList); + $min = ip2long(trim($min)); + $max = ip2long(trim($max)); + $ip = ip2long(trim($ip)); + + return $ip >= $min and $ip <= $max; + } + + /* If the ip in white list is in IP/CIDR format eg 127.0.0.1/24. Thanks to zcat. */ + if(strpos($ipWhiteList, '/') == false) $ipWhiteList .= '/32'; + list($ipWhiteList, $netmask) = explode('/', $ipWhiteList, 2); + + $ip = ip2long($ip); + $ipWhiteList = ip2long($ipWhiteList); + $wildcard = pow(2, (32 - $netmask)) - 1; + $netmask = ~ $wildcard; + + return (($ip & $netmask) == ($ipWhiteList & $netmask)); + } + /** * Replace the %s of one key of a menu by $params. * diff --git a/module/user/control.php b/module/user/control.php index e1fe0a3f6e..674d5e1c8a 100644 --- a/module/user/control.php +++ b/module/user/control.php @@ -659,9 +659,6 @@ class user extends control die(js::error($failReason)); } - /* Check the login ip is in white list or not. */ - if(!$this->user->checkIP($this->server->remote_addr)) die(js::error($this->lang->user->ipLimited)); - $user = $this->user->identify($account, $password); if($user) diff --git a/module/user/model.php b/module/user/model.php index 7c052a2720..0ce4a3f881 100644 --- a/module/user/model.php +++ b/module/user/model.php @@ -530,46 +530,6 @@ class userModel extends model } return !dao::isError(); } - - /** - * Check if the ip is in white list. - * - * @access public - * @param string $ip - * @return bool - */ - public function checkIP($ip) - { - $allowIPs = $this->config->ip->whiteList; - - /* If the ip white list is '*'. */ - if($allowIPs == '*') return true; - - /* The ip is same as ip in white list. */ - if($ip == $allowIPs) return true; - - /* If the ip in white list is like 192.168.1.1-192.168.1.10. */ - if(strpos($allowIPs, '-') !== false) - { - list($min, $max) = explode('-', $allowIPs); - $min = ip2long(trim($min)); - $max = ip2long(trim($max)); - $ip = ip2long(trim($ip)); - - return $ip >= $min and $ip <= $max; - } - - /* If the ip in white list is in IP/CIDR format eg 127.0.0.1/24. Thanks to zcat. */ - if(strpos($allowIPs, '/') == false) $allowIPs .= '/32'; - list($allowIPs, $netmask) = explode('/', $allowIPs, 2); - - $allowIPs = ip2long($allowIPs); - $ip = ip2long($ip); - $wildcard = pow(2, (32 - $netmask)) - 1; - $netmask = ~ $wildcard; - - return (($ip & $netmask) == ($allowIPs & $netmask)); - } /** * Identify a user.