The server settings for InterTiki do not allow user to specify an IP range of known IP's.
It'd be great if this could be added in the future in situations where the client does not have a static IP.
A quick fix is presented below for someone who really needs it-but I hope we can have a more permanent solution eventually. It allows the user to specify either an IP or an IP range in the server settings and validates the IP of the client accordingly. The IP range should be specified as:
xxx.xxx.xxx.xxx-yyy.yyy.yyy.yyy
In the file remote.php in the main tiki directory on the server machine, change the function validate to the following:
function validate($params) {
global $tikilib,$userlib,$prefs,$logslib;
$key = $params->getParam(0); $key = $key->scalarval();
$login = $params->getParam(1); $login = $login->scalarval();
$pass = $params->getParam(2); $pass = $pass->scalarval();
$slave = $params->getParam(3); $slave = $slave->scalarval();
$hashkey = $params->getParam(4); $hashkey = $hashkey->scalarval();
//Verify IP address
//Handle IP range
if ($pos = strpos($prefs'known_hosts'$key'ip', '-')){
$length=strlen($prefs'known_hosts'$key'ip');
$ipstart = ip2long'known_hosts'$key'ip',0, $pos" class="wiki wikinew text-danger tips substr">$prefs'known_hosts'$key'ip',0, $pos;
if ($ipstart < 0) $ipstart += pow(2,32);
$ipend = ip2long'known_hosts'$key'ip',$pos+1,$length-$pos" class="wiki wikinew text-danger tips substr">$prefs'known_hosts'$key'ip',$pos+1,$length-$pos;
if ($ipend < 0) $ipend += pow(2,32);
$ipserver = ip2long($_SERVER'REMOTE_ADDR');
if ($ipserver < 0) $ipserver += pow(2,32);
if($ipstart < $ipserver && $ipend > $ipserver ) { //check if REMOTE IP is within the range
$verified_ip = true;
}
} else {
//Handle single IP address
if ($prefs'known_hosts'$key'ip' == $_SERVER'REMOTE_ADDR') $verified_ip = true; //check known host IP with REMOTE IP
}
if (!isset($prefs'known_hosts'$key) or $verified_ip!=true ) { // changed if statement to look for verified_ip - last change by zorp
$msg = tra('Invalid server key').$_SERVER'REMOTE_ADDR';
if ($prefs'intertiki_errfile') logit($prefs'intertiki_errfile',$msg,$key,INTERTIKI_BADKEY,$prefs'known_hosts'$key'name');
$logslib->add_log('intertiki',$msg.' from '.$prefs'known_hosts'$key'name',$login);
return new XML_RPC_Response(0, 101, $msg);
}
list($isvalid, $dummy, $error) = $userlib->validate_user($login,$pass,,);
if(!$isvalid) {
$msg = tra('Invalid username or password');
if ($prefs'intertiki_errfile') logit($prefs'intertiki_errfile',$msg,$login,INTERTIKI_BADUSER,$prefs'known_hosts'$key'name');
$logslib->add_log('intertiki',$msg.' from '.$prefs'known_hosts'$key'name',$login);
if (!$userlib->user_exists($login)) {
// slave client is supposed to disguise 102 code as 101 not to show
// crackers that user does not exists. 102 is required for telling slave
// to delete user there
return new XML_RPC_Response(0, 102, $msg);
} else {
return new XML_RPC_Response(0, 101, $msg);
}
}
if ($prefs'intertiki_logfile') logit($prefs'intertiki_logfile',"logged",$login,INTERTIKI_OK,$prefs'known_hosts'$key'name');
$userlib->create_user_cookie($login,$hashkey);
if ($slave) {
$logslib->add_log('intertiki','auth granted from '.$prefs'known_hosts'$key'name',$login);
global $userlib;
$user_details = $userlib->get_user_details($login);
$user_info = $userlib->get_user_info($login);
$ret'avatarData' = new XML_RPC_Value($user_info'avatarData', "base64");
$ret'user_details' = new XML_RPC_Value(serialize($user_details), "string");
//$fp=fopen('temp/toto', 'w+');fwrite($fp, var_export($ret, true));fclose($fp);
return new XML_RPC_Response(new XML_RPC_Value($ret, "struct"));
} else {
$logslib->add_log('intertiki','auth granted from '.$prefs'known_hosts'$key'name',$login);
return new XML_RPC_Response(new XML_RPC_Value(1, "boolean"));
}
}
Unable to connect to show2.tiki.org. Please let us know of the problem so that we can do something about it. Thanks.
Unable to connect to show.tikiwiki.org. Please let us know of the problem so that we can do something about it. Thanks.
filename | created | hits | comment | version | filetype | ||
---|---|---|---|---|---|---|---|
No attachments for this item |