Etusivu Tutki Apua
Kirjaudu sisään
CSE-Invent
/
CMS-CSE
peilaus alkaen https://git.cse-invent.com/product/cms.events.git
2
0
Fork 0
Tiedostot Ongelmat 0 Wiki
Puu: bdcbbb5f7d
Haarat Tagit
CMS-CSE
/
access.inc.php

access.inc.php 2.3 KB
Historia Raaka

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475 
  1. <?php
    2. 

  2.     
    3. 

  3.     define("WHITE_ACCESS", array(
    4. 

  4.             "user",
    5. 

  5.             "unknow",
    6. 

  6.             "login",
    7. 

  7.             "login-salarie",
    8. 

  8.             "login-control",
    9. 

  9.             "spash-screen",
    10. 

  10.             "maintenance",
    11. 

  11.             "authenticator",
    12. 

  12.             "logout",
    13. 

  13.             "test",
    14. 

  14.     ));
    15. 

  15. 

  16.     define("OFF_LINE", array(
    17. 

  17.         "authenticator",
    18. 

  18.         "login",
    19. 

  19.         "cron",
    20. 

  20.     ));
    21. 

  21. 

  22.     // Filtre les IP authorisés à accéder au site
    23. 

  23. 

  24.     function getUserIP() {
    25. 

  25.         $ip = 'Inconnu';
    26. 

  26.     
    27. 

  27.         if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
    28. 

  28.             // IP partagée par un proxy
    29. 

  29.             $ip = $_SERVER['HTTP_CLIENT_IP'];
    30. 

  30.         } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
    31. 

  31.             // IP du client derrière un proxy
    32. 

  32.             $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
    33. 

  33.         } else {
    34. 

  34.             // IP du client directement connectée au serveur
    35. 

  35.             $ip = $_SERVER['REMOTE_ADDR'];
    36. 

  36.         }
    37. 

  37.     
    38. 

  38.         // Nettoyage des IPs multiples dans le cas de 'HTTP_X_FORWARDED_FOR'
    39. 

  39.         if (strpos($ip, ',') !== false) {
    40. 

  40.             $ip = explode(',', $ip)[0];
    41. 

  41.         }
    42. 

  42.     
    43. 

  43.         return $ip;
    44. 

  44.     }
    45. 

  45. 

  46.     if(!is_null(WHITE_IP)){
    47. 

  47.         if(!in_array(htmlspecialchars(getUserIP()), WHITE_IP)){
    48. 

  48.             header('HTTP/1.0 401 Unauthorized');
    49. 

  49.             header('Content-Type: text/html; charset=utf-8');
    50. 

  50.             echo '  <!DOCTYPE html>
    51. 

  51.                     <html lang="fr">
    52. 

  52.                     <head>
    53. 

  53.                         <meta charset="UTF-8">
    54. 

  54.                         <meta name="viewport" content="width=device-width, initial-scale=1.0">
    55. 

  55.                         <title>403 Accès Interdit</title>
    56. 

  56.                         <style>
    57. 

  57.                             body {
    58. 

  58.                                 font-family: Arial, sans-serif;
    59. 

  59.                                 background-color: #f8d7da;
    60. 

  60.                                 color: #721c24;
    61. 

  61.                                 text-align: center;
    62. 

  62.                                 padding: 50px;
    63. 

  63.                             }
    64. 

  64.                             h1 {
    65. 

  65.                                 font-size: 2em;
    66. 

  66.                             }
    67. 

  67.                         </style>
    68. 

  68.                     </head>
    69. 

  69.                     <body>
    70. 

  70.                         <h1>403 Accès Interdit</h1>
    71. 

  71.                     </body>
    72. 

  72.                     </html>';
    73. 

  73.             exit();
    74. 

  74.         }
    75. 

  75.     }
    76.