Subversion-Projekte lars-tiefland.content-management

Revision

Details | Letzte Änderung | Log anzeigen | RSS feed

Revision Autor Zeilennr. Zeile
1 lars 1 
<?
2 
    //$Id: loginTest.php 1450 2009-08-10 15:25:35Z tiefland $
3 
 
4 
    function getAllowedHosts( $site, $user )
5 
    {
6 
/*        global $localhost_dbh;
7 
        global $dbh;
8 
 
9 
        $query = "
10 
			SELECT
11 
				webs.remoteHosts,
12 
				Access.ignoreRemoteHosts
13 
			FROM
14 
				content_management.webs,
15 
				content_management.Access
16 
			where
17 
				domain='$site'
18 
			and
19 
				Access.user='$user'
20 
			";
21 
 
22 
        if ( $localhost_dbh )
23 
        {
24 
            $result = mysql_query( $query, $localhost_dbh ) or die( mysql_errno
25 
                () . ": " . mysql_error() . $query );
26 
        }
27 
        else
28 
        {
29 
            $result = mysql_query( $query ) or die( mysql_errno() . ": " .
30 
                mysql_error() . $query );
31 
        }
32 
 
33 
        if ( $webs = mysql_fetch_array($result) )
34 
        {
35 
            if ( $webs["remoteHosts"] == "" || $webs["ignoreRemoteHosts"] == 1 )
36 
            {
37 
                return array();
38 
            }
39 
            return explode( "\n", $webs["remoteHosts"] );
40 
        }
41 
        else
42 
        {*/
43 
            return array();
44 
        //}
45 
    }
46 
 
47 
    function checkLocation( $locations, $remoteLocation )
48 
    {
49 
        if ( !is_array($locations) )
50 
        {
51 
            return false;
52 
        }
53 
        if ( count($locations) == 0 )
54 
        {
55 
            return true;
56 
        }
57 
 
58 
        foreach ( $locations as $location )
59 
        {
60 
            if ( gethostbyname($location) == $remoteLocation )
61 
            {
62 
                return true;
63 
                break;
64 
            }
65 
        }
66 
        return false;
67 
    }
68 
 
69 
 
70 
    session_start();
71 
    extract( $_REQUEST );
72 
    //$_SESSION["loginTest"]=true;
73 
    if ( !$_SESSION["loginTest"] )
74 
    {
75 
        if ( !checkLocation(getAllowedHosts($site, $PHP_AUTH_USER), $_SERVER['REMOTE_ADDR']) )
76 
        {
77 
            echo "Der Zugriff für den User <i>" . $PHP_AUTH_USER .
78 
                "</i> von der IP-Adresse <i>" . $_SERVER['REMOTE_ADDR'] .
79 
                "</i> ist nicht gestattet!";
80 
            exit;
81 
        }
82 
        else
83 
        {
84 
            $_SESSION["loginTest"] = true;
85 
        }
86 
    }
87 
?>