Blame | Letzte Änderung | Log anzeigen | RSS feed
<?//$Id: loginTest.php 1450 2009-08-10 15:25:35Z tiefland $function getAllowedHosts( $site, $user ){/* global $localhost_dbh;global $dbh;$query = "SELECTwebs.remoteHosts,Access.ignoreRemoteHostsFROMcontent_management.webs,content_management.Accesswheredomain='$site'andAccess.user='$user'";if ( $localhost_dbh ){$result = mysql_query( $query, $localhost_dbh ) or die( mysql_errno() . ": " . mysql_error() . $query );}else{$result = mysql_query( $query ) or die( mysql_errno() . ": " .mysql_error() . $query );}if ( $webs = mysql_fetch_array($result) ){if ( $webs["remoteHosts"] == "" || $webs["ignoreRemoteHosts"] == 1 ){return array();}return explode( "\n", $webs["remoteHosts"] );}else{*/return array();//}}function checkLocation( $locations, $remoteLocation ){if ( !is_array($locations) ){return false;}if ( count($locations) == 0 ){return true;}foreach ( $locations as $location ){if ( gethostbyname($location) == $remoteLocation ){return true;break;}}return false;}session_start();extract( $_REQUEST );//$_SESSION["loginTest"]=true;if ( !$_SESSION["loginTest"] ){if ( !checkLocation(getAllowedHosts($site, $PHP_AUTH_USER), $_SERVER['REMOTE_ADDR']) ){echo "Der Zugriff für den User <i>" . $PHP_AUTH_USER ."</i> von der IP-Adresse <i>" . $_SERVER['REMOTE_ADDR'] ."</i> ist nicht gestattet!";exit;}else{$_SESSION["loginTest"] = true;}}?>