mirror of
https://github.com/fusionpbx/fusionpbx.git
synced 2025-12-30 00:53:50 +00:00
Add user setting CIDR support
This commit is contained in:
FusionPBX
@@ -17,7 +17,7 @@
|
||||
|
||||
The Initial Developer of the Original Code is
|
||||
Mark J Crane <markjcrane@fusionpbx.com>
|
||||
Portions created by the Initial Developer are Copyright (C) 2008-2019
|
||||
Portions created by the Initial Developer are Copyright (C) 2008-2021
|
||||
the Initial Developer. All Rights Reserved.
|
||||
|
||||
Contributor(s):
|
||||
@@ -72,6 +72,52 @@
|
||||
$auth->debug = false;
|
||||
$result = $auth->validate();
|
||||
if ($result["authorized"] === "true") {
|
||||
|
||||
//get the user settings
|
||||
$sql = "select * from v_user_settings ";
|
||||
$sql .= "where domain_uuid = :domain_uuid ";
|
||||
$sql .= "and user_uuid = :user_uuid ";
|
||||
$sql .= "and user_setting_enabled = 'true' ";
|
||||
$parameters['domain_uuid'] = $result["domain_uuid"];
|
||||
$parameters['user_uuid'] = $result["user_uuid"];
|
||||
$database = new database;
|
||||
$user_settings = $database->select($sql, $parameters, 'all');
|
||||
unset($sql, $parameters);
|
||||
|
||||
//build the user cidr array
|
||||
if (is_array($user_settings) && @sizeof($user_settings) != 0) {
|
||||
foreach ($user_settings as $row) {
|
||||
if ($row['user_setting_category'] == "domain" && $row['user_setting_subcategory'] == "cidr" && $row['user_setting_name'] == "array") {
|
||||
$cidr_array[] = $row['user_setting_value'];
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
//check to see if user address is in the cidr array
|
||||
if (isset($cidr_array) && !defined('STDIN')) {
|
||||
$found = false;
|
||||
foreach($cidr_array as $cidr) {
|
||||
if (check_cidr($cidr, $_SERVER['REMOTE_ADDR'])) {
|
||||
$found = true;
|
||||
break;
|
||||
}
|
||||
}
|
||||
if (!$found) {
|
||||
//destroy session
|
||||
session_unset();
|
||||
session_destroy();
|
||||
|
||||
//send http 403
|
||||
header('HTTP/1.0 403 Forbidden', true, 403);
|
||||
|
||||
//redirect to the root of the website
|
||||
header("Location: ".PROJECT_PATH."/login.php");
|
||||
|
||||
//exit the code
|
||||
exit();
|
||||
}
|
||||
}
|
||||
|
||||
//set the session variables
|
||||
$_SESSION["domain_uuid"] = $result["domain_uuid"];
|
||||
//$_SESSION["domain_name"] = $result["domain_name"];
|
||||
@@ -166,16 +212,8 @@
|
||||
}
|
||||
|
||||
//get the user settings
|
||||
$sql = "select * from v_user_settings ";
|
||||
$sql .= "where domain_uuid = :domain_uuid ";
|
||||
$sql .= "and user_uuid = :user_uuid ";
|
||||
$sql .= "and user_setting_enabled = 'true' ";
|
||||
$parameters['domain_uuid'] = $_SESSION["domain_uuid"];
|
||||
$parameters['user_uuid'] = $_SESSION["user_uuid"];
|
||||
$database = new database;
|
||||
$result = $database->select($sql, $parameters, 'all');
|
||||
if (is_array($result) && @sizeof($result) != 0) {
|
||||
foreach ($result as $row) {
|
||||
if (is_array($user_settings) && @sizeof($user_settings) != 0) {
|
||||
foreach ($user_settings as $row) {
|
||||
$name = $row['user_setting_name'];
|
||||
$category = $row['user_setting_category'];
|
||||
$subcategory = $row['user_setting_subcategory'];
|
||||
@@ -201,7 +239,7 @@
|
||||
}
|
||||
}
|
||||
}
|
||||
unset($sql, $parameters, $result, $row);
|
||||
unset($user_settings);
|
||||
|
||||
//get the extensions that are assigned to this user
|
||||
if (file_exists($_SERVER["PROJECT_ROOT"]."/app/extensions/app_config.php")) {
|
||||
|
||||
Reference in New Issue
Block a user