Need to allow users entry Frontend only with right IP Addres

alessandro · Beitrag von **alessandro** » Mi 11. Feb 2004, 08:56

Hi All,

I found in front_content.php this code, how can I use it?
Is it the right way to allow users entering Frontoffice dependig their IP address?

Thanks
Alessandro

(....)

if ($public == 0 && $auth->auth["uid"] == "nobody") {

$sql = "SELECT user_id, value FROM " .$cfg["tab"]["user_prop"]." WHERE type='frontend' and name='allowed_ip'";
$db->query($sql);

while ($db->next_record())
{
$user_id = $db->f("user_id");

$range = $db->f("value");
$slash = strpos($range, "/");

if ($slash == false)
{
$netmask = "255.255.255.255";
$network = $range;
} else {
$network = substr($range, 0, $slash);
$netmask = substr($range, $slash+1, strlen($range)-$slash-1);
}

if (IP_match($network,$netmask,$_SERVER["REMOTE_ADDR"]))
{
$sql = "SELECT idright
FROM ". $cfg["tab"]["rights"]. " AS A,
". $cfg["tab"]["actions"] . " AS B,
". $cfg["tab"]["area"] ." AS C
WHERE B.name = 'front_allow' AND C.name = 'str' AND A.user_id = '".$user_id."' AND A.idcat = '$idcat'
AND A.idarea = C.idarea AND B.idaction = A.idaction";

$db2 = new DB_Contenido;
$db2->query($sql);

if ($db2->num_rows() > 0)
{
$auth->auth["uid"] = $user_id;
$validated = 1;

}
}
}

if ($validated != 1)
{
(....)
[/code]

Beitrag von **emergence** » Mi 11. Feb 2004, 10:17

Administration - Users - (Select user) - look at User-defined properties
add new value (it might work when you use following syntax) :
frontend | allowed_ip | 127.0.0.1

Is it the right way to allow users entering Frontoffice dependig their IP address?

no idea...

alessandro · Beitrag von **alessandro** » Mi 11. Feb 2004, 10:54

Ciao emergence,
thanks for this info but...

If I set this info for a specific user... how can it work for all user visiting the frontend site?

My need is that:
1) somebody go to www.somesite.ch
2) if the user is in some IP range he can enter the site else
3) ... else he receive a login mask
4) if login OK he can enter the site like point 2)

Can I use what you propose me for that?

Ciao
Alessandro

Beitrag von **emergence** » Mi 11. Feb 2004, 11:05

alessandro hat geschrieben:Can I use what you propose me for that?

i don't have the finest idea, if it could work... never tried...
it also might be, that it is unused code... maybe timo knows something about it

Beitrag von **emergence** » Mi 11. Feb 2004, 11:20

alessandro hat geschrieben:1) somebody go to www.somesite.ch
2) if the user is in some IP range he can enter the site else
3) ... else he receive a login mask
4) if login OK he can enter the site like point 2)

i have just tested the behavior on my localhost

it should work this way... but you must give the user the right Frontend access in categories...
it does not work when you only set the right in areas... (might be a bug $idcat = 0 is ignored)

it should be possible to define the range with
127.0.0.1/128.0.0.1
if only entered 127.0.0.1 (without slash) -> the range is 127.0.0.1/255.255.255.255

Beitrag von **emergence** » Mi 11. Feb 2004, 12:06

it seems that there is a little bug in front_content.php

you'll find there

Code: Alles auswählen

$range = $db->f("value");

but it should be written as

Code: Alles auswählen

$range = urldecode($db->f("value"));

then it works as i descriped it...

alessandro · Beitrag von **alessandro** » Mi 11. Feb 2004, 17:38

Hi emergence,
something I do not understand...
How to allow this?

10.168.21.9

Bye
Alessandro

Beitrag von **emergence** » Mi 11. Feb 2004, 18:03

alessandro hat geschrieben:10.168.21.9

maybe with
10.168.21.9/10.168.21.9
just try it...