projects / timetracker.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Introduced IP based access control for groups.
[timetracker.git] / WEB-INF / lib / common.lib.php
diff --git a/WEB-INF/lib/common.lib.php b/WEB-INF/lib/common.lib.php
index 7086fe2..210ec41 100644 (file)
--- a/WEB-INF/lib/common.lib.php
+++ b/WEB-INF/lib/common.lib.php
@@ -339,6 +339,21 @@ function ttAccessAllowed($required_right)
     exit();
   }
 
+  // Check IP restriction, if set.
+  if ($user->allow_ip && !$user->can('override_allow_ip')) {
+    $access_allowed = false;
+    $user_ip = $_SERVER['REMOTE_ADDR'];
+    $allowed_ip_array = explode(',', $user->allow_ip);
+    foreach ($allowed_ip_array as $allowed_ip) {
+      $len = strlen($allowed_ip);
+      if (substr($user_ip, 0, $len) === $allowed_ip) {
+         $access_allowed = true;
+         break;
+      }
+    }
+    if (!$access_allowed) return false;
+  }
+
   // Check if user has the right.
   if (in_array($required_right, $user->rights)) {
     import('ttUserHelper');
Unnamed repository; edit this file 'description' to name the repository.