Commit ebcb7402 authored by Erik Lundin's avatar Erik Lundin

Avoid code duplication when authorizing upload

parent a0040125
Pipeline #96046524 passed with stage
in 1 minute
...@@ -1141,50 +1141,9 @@ function jirafeau_challenge_upload_ip_without_password($cfg, $challengedIp) ...@@ -1141,50 +1141,9 @@ function jirafeau_challenge_upload_ip_without_password($cfg, $challengedIp)
*/ */
function jirafeau_challenge_upload ($cfg, $ip, $password) function jirafeau_challenge_upload ($cfg, $ip, $password)
{ {
// Allow if no ip restrictaion and no password restriction return jirafeau_challenge_upload_ip_without_password($cfg, $ip) ||
if ((count ($cfg['upload_ip']) == 0) and (count ($cfg['upload_password']) == 0)) { (!jirafeau_has_upload_password($cfg) && !jirafeau_upload_has_ip_restriction($cfg)) ||
return true; (jirafeau_challenge_upload_password($cfg, $password) && jirafeau_challenge_upload_ip($cfg, $ip));
}
// Allow if ip is in array (no password)
foreach ($cfg['upload_ip_nopassword'] as $i) {
if ($i == $ip) {
return true;
}
// CIDR test for IPv4 only.
if (strpos ($i, '/') !== false)
{
list ($subnet, $mask) = explode('/', $i);
if ((ip2long ($ip) & ~((1 << (32 - $mask)) - 1) ) == ip2long ($subnet)) {
return true;
}
}
}
// Allow if ip is in array
foreach ($cfg['upload_ip'] as $i) {
if ($i == $ip) {
return true;
}
// CIDR test for IPv4 only.
if (strpos ($i, '/') !== false)
{
list ($subnet, $mask) = explode('/', $i);
if ((ip2long ($ip) & ~((1 << (32 - $mask)) - 1) ) == ip2long ($subnet)) {
return true;
}
}
}
if (!jirafeau_has_upload_password($cfg)) {
return false;
}
foreach ($cfg['upload_password'] as $p) {
if ($password == $p) {
return true;
}
}
return false;
} }
/** Tell if we have some HTTP headers generated by a proxy */ /** Tell if we have some HTTP headers generated by a proxy */
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment