From 0d20da4410fef97011de4e3902e8fe8e15b6f643 Mon Sep 17 00:00:00 2001 From: Mark Crane Date: Mon, 23 Dec 2013 21:28:04 +0000 Subject: [PATCH] Provision, Check to see if the IP Address is in the CIDR range. category: provision, subcategory: cidr, type: text, enbaled: true, value: could be a single ip address or a range. Example: 10.8.0.1/32 (single ip) 10.8.0.0/24 (allow all the IP addresses from 10.8.0.0-255 in the 10.8.0 subnet. 0.0.0.0/0 (allow all ip addresses) --- app/provision/index.php | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/app/provision/index.php b/app/provision/index.php index 3fb50c6cb5..e55d0034e9 100644 --- a/app/provision/index.php +++ b/app/provision/index.php @@ -308,6 +308,16 @@ include "resources/classes/template.php"; } unset ($prep_statement); +//check to see if the IP address is in the CIDR range + function check_cidr ($cidr,$ip_address) { + list ($subnet, $mask) = explode ('/', $cidr); + return ( ip2long ($ip_address) & ~((1 << (32 - $mask)) - 1) ) == ip2long ($subnet); + } + if (!check_cidr($provision["cidr"], $_SERVER['REMOTE_ADDR'])) { + echo "access denied"; + exit; + } + //if the domain name directory exists then only use templates from it if (is_dir($_SERVER["DOCUMENT_ROOT"].PROJECT_PATH.'/resources/templates/provision/'.$_SESSION['domain_name'])) { $device_template = $_SESSION['domain_name'].'/'.$device_template;