WMDE
/
LDAPAccountManager
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

check if client IP is empty

This commit is contained in:
Roland Gruber 2015-06-26 18:06:22 +00:00
parent 8bd5b0fe9c
commit 77a6a0d0c9
1 changed files with 13 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
lam/lib/security.inc
View File

@ -41,7 +41,7 @@ checkClientIP();
/** /**
* Starts a session and checks the environment. * Starts a session and checks the environment.
* The script is stopped if one of the checks fail (timeout redirection may be overriden). * The script is stopped if one of the checks fail (timeout redirection may be overriden).
* *
* @param boolean $redirectToLogin redirect user to login page (default: true) * @param boolean $redirectToLogin redirect user to login page (default: true)
* @param boolean $initSecureData init verification data like session ID and client IP (default: false) * @param boolean $initSecureData init verification data like session ID and client IP (default: false)
* @return boolean true if all ok, false if session expired * @return boolean true if all ok, false if session expired
@ -278,7 +278,7 @@ function checkIfPasswordChangeIsAllowed() {
/** /**
* Checks if it is allowed to create new LDAP entries of the given type. * Checks if it is allowed to create new LDAP entries of the given type.
* This also checks if general write access is enabled. * This also checks if general write access is enabled.
* *
* @param String $scope account type (e.g. 'user') * @param String $scope account type (e.g. 'user')
* @return boolean true, if new entries are allowed * @return boolean true, if new entries are allowed
*/ */
@ -298,7 +298,7 @@ function checkIfNewEntriesAreAllowed($scope) {
/** /**
* Checks if it is allowed to delete LDAP entries of the given type. * Checks if it is allowed to delete LDAP entries of the given type.
* *
* @param String $scope account type (e.g. 'user') * @param String $scope account type (e.g. 'user')
* @return boolean true, if entries may be deleted * @return boolean true, if entries may be deleted
*/ */
@ -318,10 +318,10 @@ function checkIfDeleteEntriesIsAllowed($scope) {
/** /**
* Checks if the password fulfills the password policies. * Checks if the password fulfills the password policies.
* *
* @param String $password password * @param String $password password
* @param String $userName user name * @param String $userName user name
* @param array $otherUserAttrs user's first/last name * @param array $otherUserAttrs user's first/last name
* @return mixed true if ok, string with error message if not valid * @return mixed true if ok, string with error message if not valid
*/ */
function checkPasswordStrength($password, $userName, $otherUserAttrs) { function checkPasswordStrength($password, $userName, $otherUserAttrs) {
@ -460,7 +460,7 @@ function checkPasswordStrength($password, $userName, $otherUserAttrs) {
/** /**
* Checks if the given tool is active. * Checks if the given tool is active.
* Otherwise, an error message is logged and the execution is stopped (die()). * Otherwise, an error message is logged and the execution is stopped (die()).
* *
* @param String $tool tool class name (e.g. toolFileUpload) * @param String $tool tool class name (e.g. toolFileUpload)
*/ */
function checkIfToolIsActive($tool) { function checkIfToolIsActive($tool) {
@ -474,7 +474,7 @@ function checkIfToolIsActive($tool) {
/** /**
* Returns if the user is logged in. * Returns if the user is logged in.
* *
* @return boolean is logged in * @return boolean is logged in
*/ */
function isLoggedIn() { function isLoggedIn() {
@ -483,11 +483,11 @@ function isLoggedIn() {
/** /**
* Returns the client IP and comma separated proxy IPs if any (HTTP_X_FORWARDED_FOR, HTTP_X_REAL_IP). * Returns the client IP and comma separated proxy IPs if any (HTTP_X_FORWARDED_FOR, HTTP_X_REAL_IP).
* *
* @return String client IP (e.g. 10.10.10.10,11.11.11.11) * @return String client IP (e.g. 10.10.10.10,11.11.11.11)
*/ */
function getClientIPForLogging() { function getClientIPForLogging() {
$ip = $_SERVER['REMOTE_ADDR']; $ip = empty($_SERVER['REMOTE_ADDR']) ? '' : $_SERVER['REMOTE_ADDR'];
if (!empty($_SERVER['HTTP_X_FORWARDED_FOR']) && (strlen($_SERVER['HTTP_X_FORWARDED_FOR']) < 100)) { if (!empty($_SERVER['HTTP_X_FORWARDED_FOR']) && (strlen($_SERVER['HTTP_X_FORWARDED_FOR']) < 100)) {
$ip .= ',' . $_SERVER['HTTP_X_FORWARDED_FOR']; $ip .= ',' . $_SERVER['HTTP_X_FORWARDED_FOR'];
} }
@ -506,7 +506,7 @@ function addSecurityTokenToSession() {
/** /**
* Checks if the security token from SESSION matches POST data. * Checks if the security token from SESSION matches POST data.
* *
* @param $post use POST, set to false for GET (default: true) * @param $post use POST, set to false for GET (default: true)
*/ */
function validateSecurityToken($post = true) { function validateSecurityToken($post = true) {
@ -523,7 +523,7 @@ function validateSecurityToken($post = true) {
/** /**
* Adds a hidden input field to the given meta HTML table. * Adds a hidden input field to the given meta HTML table.
* Should be used to add token at the end of table. * Should be used to add token at the end of table.
* *
* @param htmlTable $container table * @param htmlTable $container table
*/ */
function addSecurityTokenToMetaHTML(&$container) { function addSecurityTokenToMetaHTML(&$container) {
@ -532,7 +532,7 @@ function addSecurityTokenToMetaHTML(&$container) {
/** /**
* Returns the name of the security token parameter. * Returns the name of the security token parameter.
* *
* @return String name * @return String name
*/ */
function getSecurityTokenName() { function getSecurityTokenName() {
@ -541,7 +541,7 @@ function getSecurityTokenName() {
/** /**
* Returns the value of the security token parameter. * Returns the value of the security token parameter.
* *
* @return String value * @return String value
*/ */
function getSecurityTokenValue() { function getSecurityTokenValue() {