mirror/php-tinyfilemanager
1
0
Fork 0
mirror of https://github.com/prasathmani/tinyfilemanager.git synced 2025-08-04 15:58:14 +02:00
Code Issues Releases Wiki Activity

Basic IP white- and blacklisting (#178)

Browse Source
This commit is contained in:
Kevin @ Navigram
2019-05-19 07:40:20 +02:00
committed by Prasath Mani
parent 4b4b48242e
commit 498804f8a5
2 changed files with 68 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
.editorconfig Normal file
View File

@@ -0,0 +1,13 @@
# Editor configuration, see https://editorconfig.org
root = true
[*]
charset = utf-8
indent_style = space
indent_size = 4
insert_final_newline = true
trim_trailing_whitespace = true
[*.md]
max_line_length = off
trim_trailing_whitespace = false

55
tinyfilemanager.php
View File

@@ -15,6 +15,7 @@ define('VERSION', '2.3.5');
define('APP_TITLE', 'Tiny File Manager'); define('APP_TITLE', 'Tiny File Manager');
// Auth with login/password (set true/false to enable/disable it) // Auth with login/password (set true/false to enable/disable it)
// Is independent from IP white- and blacklisting
$use_auth = true; $use_auth = true;
// Users: array('Username' => 'Password', 'Username2' => 'Password2', ...) // Users: array('Username' => 'Password', 'Username2' => 'Password2', ...)
@@ -29,6 +30,27 @@ $readonly_users = array(
'user' 'user'
); );
// Possible rules are 'OFF', 'AND' or 'OR'
// OFF => Don't check connection IP, defaults to OFF
// AND => Connection must be on the whitelist, and not on the blacklist
// OR => Connection must be on the whitelist, or not on the blacklist
$ip_ruleset = 'OFF';
// Should users be notified of their block?
$ip_silent = true;
// IP-addresses, both ipv4 and ipv6
$ip_whitelist = array(
'127.0.0.1', // local ipv4
'::1' // local ipv6
);
// IP-addresses, both ipv4 and ipv6
$ip_blacklist = array(
'0.0.0.0', // non-routable meta ipv4
'::' // non-routable meta ipv6
);
// user specific directories // user specific directories
// array('Username' => 'Directory path', 'Username2' => 'Directory path', ...) // array('Username' => 'Directory path', 'Username2' => 'Directory path', ...)
$directories_users = array(); $directories_users = array();
@@ -167,6 +189,39 @@ if (isset($_GET['img'])) {
fm_show_image($_GET['img']); fm_show_image($_GET['img']);
} }
// Validate connection IP
if($ip_ruleset != 'OFF'){
$clientIp = $_SERVER['REMOTE_ADDR'];
$proceed = false;
$whitelisted = in_array($clientIp, $ip_whitelist);
$blacklisted = in_array($clientIp, $ip_blacklist);
if($ip_ruleset == 'AND'){
if($whitelisted == true && $blacklisted == false){
$proceed = true;
}
} else
if($ip_ruleset == 'OR'){
if($whitelisted == true || $blacklisted == false){
$proceed = true;
}
}
if($proceed == false){
trigger_error('User connection denied from: ' . $clientIp, E_USER_WARNING);
if($ip_silent == false){
fm_set_msg('Access denied. IP restriction applicable', 'error');
fm_show_header_login();
fm_show_message();
}
exit();
}
}
// Auth // Auth
if ($use_auth) { if ($use_auth) {
if (isset($_SESSION[FM_SESSION_ID]['logged'], $auth_users[$_SESSION[FM_SESSION_ID]['logged']])) { if (isset($_SESSION[FM_SESSION_ID]['logged'], $auth_users[$_SESSION[FM_SESSION_ID]['logged']])) {