mirror of
https://github.com/vrana/adminer.git
synced 2026-02-25 16:11:26 +01:00
2ee325183b
This uses syntax from https://phpstan.org/writing-php-code/phpdoc-types#general-arrays. int[] means an array of ints with arbitrary keys (usually strings) list<string> means an array of strings with sequential integer keys starting at 0 list<string>[] means an arbitrary array of string lists list<string[]> means list of arbitrary string arrays string[][] means two dimensional array with arbitrary keys in both dimensions array was left in the comments for https://phpstan.org/writing-php-code/phpdoc-types#array-shapes
39 lines
1.2 KiB
PHP
39 lines
1.2 KiB
PHP
<?php
|
|
|
|
/** Check IP address and allow empty password
|
|
* @link https://www.adminer.org/plugins/#use
|
|
* @author Jakub Vrana, https://www.vrana.cz/
|
|
* @license https://www.apache.org/licenses/LICENSE-2.0 Apache License, Version 2.0
|
|
* @license https://www.gnu.org/licenses/gpl-2.0.html GNU General Public License, version 2 (one or other)
|
|
*/
|
|
class AdminerLoginIp {
|
|
protected $ips, $forwarded_for;
|
|
|
|
/** Set allowed IP addresses
|
|
* @param list<string> IP address prefixes
|
|
* @param list<string> X-Forwarded-For prefixes if IP address matches, empty array means anything
|
|
*/
|
|
function __construct($ips, $forwarded_for = array()) {
|
|
$this->ips = $ips;
|
|
$this->forwarded_for= $forwarded_for;
|
|
}
|
|
|
|
function login($login, $password) {
|
|
foreach ($this->ips as $ip) {
|
|
if (strncasecmp($_SERVER["REMOTE_ADDR"], $ip, strlen($ip)) == 0) {
|
|
if (!$this->forwarded_for) {
|
|
return true;
|
|
}
|
|
if ($_SERVER["HTTP_X_FORWARDED_FOR"]) {
|
|
foreach ($this->forwarded_for as $forwarded_for) {
|
|
if (strncasecmp(preg_replace('~.*, *~', '', $_SERVER["HTTP_X_FORWARDED_FOR"]), $forwarded_for, strlen($forwarded_for)) == 0) {
|
|
return true;
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
return false;
|
|
}
|
|
}
|