From 4e63912156059aa1e2d4ca4779ea1025d6e39cbc Mon Sep 17 00:00:00 2001 From: dongsheng Date: Wed, 16 Jul 2008 02:16:42 +0000 Subject: [PATCH] MDL-15244, add ability to block ip addresses. --- admin/ipblocker.php | 44 ---------------------- admin/settings/server.php | 9 ++++- lang/en_utf8/admin.php | 7 +++- lib/adminlib.php | 79 ++++++++++++++++++++++++++------------- lib/setup.php | 30 ++++++++++++--- 5 files changed, 90 insertions(+), 79 deletions(-) delete mode 100644 admin/ipblocker.php diff --git a/admin/ipblocker.php b/admin/ipblocker.php deleted file mode 100644 index d676ec9555..0000000000 --- a/admin/ipblocker.php +++ /dev/null @@ -1,44 +0,0 @@ -libdir.'/adminlib.php'); - $iplist = optional_param('list', '', PARAM_CLEAN); - admin_externalpage_setup('ipblocker'); - - if ($form = data_submitted()) { - if (confirm_sesskey()) { - $ips = explode("\n", $iplist); - $result = array(); - foreach($ips as $ip) { - if(preg_match('#^(\d{1,3})(\.\d{1,3}){0,3}$#', $ip, $match) || - preg_match('#^(\d{1,3})(\.\d{1,3}){0,3}(\/\d{1,2})$#', $ip, $match) || - preg_match('#^(\d{1,3})(\.\d{1,3}){3}(-\d{1,3})$#', $ip, $match)) { - $result[] = $ip; - } - } - set_config('blockedip', serialize($result)); - } - } - - admin_externalpage_print_header(); - $iplist = unserialize(get_config(null, 'blockedip')); - if(empty($iplist)) { - $iplist = array(); - } - $str = ''; - foreach($iplist as $ip){ - $str .= $ip."\n"; - } - - echo '
'; - echo '
'; - echo '

'.get_string('blockediplist', 'admin').'

'; - print_textarea(false, 20, 50, 600, 400, "list", $str); - echo '

'; - echo ''; - echo helpbutton('blockip', 'Help'); - echo '

'; - echo '
'; - echo '
'; - - admin_externalpage_print_footer(); -?> diff --git a/admin/settings/server.php b/admin/settings/server.php index edabdcd491..657bef2c6d 100644 --- a/admin/settings/server.php +++ b/admin/settings/server.php @@ -161,8 +161,13 @@ $ADMIN->add('server', $temp); $ADMIN->add('server', new admin_externalpage('maintenancemode', get_string('sitemaintenancemode', 'admin'), "$CFG->wwwroot/$CFG->admin/maintenance.php")); -$ADMIN->add('server', new admin_externalpage('ipblocker', get_string('ipblocker', 'admin'), "$CFG->wwwroot/$CFG->admin/ipblocker.php")); - +$temp = new admin_settingpage('ipblocker', get_string('ipblocker', 'admin')); +$temp->add(new admin_setting_configcheckbox('enableallowedip', get_string('enableallowedip', 'admin'), get_string('enableallowedipdesc', 'admin'), 0)); +$temp->add(new admin_setting_configiplist('allowedip', get_string('allowediplist', 'admin'), + '', '')); +$temp->add(new admin_setting_configiplist('blockedip', get_string('blockediplist', 'admin'), + '', '')); +$ADMIN->add('server', $temp); $temp = new admin_settingpage('cleanup', get_string('cleanup', 'admin')); $temp->add(new admin_setting_configselect('longtimenosee', get_string('longtimenosee', 'admin'), get_string('configlongtimenosee', 'admin'), 120, array(0 => get_string('never'), diff --git a/lang/en_utf8/admin.php b/lang/en_utf8/admin.php index 59177d84e3..1ad1eeaa51 100644 --- a/lang/en_utf8/admin.php +++ b/lang/en_utf8/admin.php @@ -7,6 +7,7 @@ $string['adminseesownevents'] = 'Administrators are just like other users'; $string['allowcategorythemes'] = 'Allow category themes'; $string['allowcoursethemes'] = 'Allow course themes'; $string['allowdeletes'] = 'Allow deletes'; +$string['allowediplist'] = 'Allowed IP list'; $string['allowemailaddresses'] = 'Allowed email domains'; $string['allowobjectembed'] = 'Allow EMBED and OBJECT tags'; $string['allowrenames'] = 'Allow renames'; @@ -27,7 +28,7 @@ $string['backups'] = 'Backups'; $string['badwordsconfig'] = 'Enter your list of bad words separated by commas.'; $string['badwordsdefault'] = 'If the custom list is empty, a default list from the language pack will be used.'; $string['badwordslist'] = 'Custom bad words list'; -$string['blockediplist'] = 'Blocked IP Address List'; +$string['blockediplist'] = 'Blocked IP List'; $string['blockinstances'] = 'Instances'; $string['blockmultiple'] = 'Multiple'; $string['blocksettings'] = 'Manage blocks'; @@ -334,6 +335,8 @@ $string['enablerecordcache'] = 'Enable Record Cache'; $string['enablerssfeeds'] = 'Enable RSS feeds'; $string['enablestats'] = 'Enable statistics'; $string['enabletrusttext'] = 'Enable Trusted Content'; +$string['enableallowedip'] = 'Allow clients from these IPs'; +$string['enableallowedipdesc'] = 'If this option enabled, only IPs entered in allowed list are permitted, IPs are in blocked list are blocked at the same time.'; $string['encoding'] = 'Encoding'; $string['enrolmultipleusers'] = 'Enrol the users'; $string['environment'] = 'Environment'; @@ -415,6 +418,8 @@ $string['intcachemax'] = 'Int. cache max'; $string['invalidsection'] = 'Invalid section.'; $string['invaliduserchangeme'] = 'Username \"changeme\" is reserved -- you cannot create an account with it.'; $string['ipblocker'] = 'IP Blocker'; +$string['ipinblockedlist'] = 'This site is not available currently.'; +$string['ipoutallowedlist'] = 'This site is not available currently.'; $string['iplookup'] = 'IP address lookup'; $string['iplookupinfo'] = ' By default Moodle uses the free online NetGeo (The Internet Geographic Database) server to lookup location of IP addresses, unfortunately this database is not maintained anymore and may return wildly incorrect data. diff --git a/lib/adminlib.php b/lib/adminlib.php index 09ce9825be..e5b5f49c34 100644 --- a/lib/adminlib.php +++ b/lib/adminlib.php @@ -201,7 +201,7 @@ function get_db_directories() { $dbdirs[] = $CFG->dirroot.'/'.$CFG->admin.'/report/'.$plugin.'/db'; } } - + /// Now quiz report plugins (mod/quiz/report/xxx/db) if ($plugins = get_list_of_plugins('mod/quiz/report', 'db')) { foreach ($plugins as $plugin) { @@ -1883,7 +1883,7 @@ class admin_setting_configtext extends admin_setting { $data = 0; } // $data is a string - $validated = $this->validate($data); + $validated = $this->validate($data); if ($validated !== true) { return $validated; } @@ -1944,7 +1944,7 @@ class admin_setting_configtextarea extends admin_setting_configtext { $defaultinfo = $default; if (!is_null($default) and $default !== '') { $defaultinfo = "\n".$default; - } + } return format_admin_setting($this, $this->visiblename, '
', @@ -2258,7 +2258,7 @@ class admin_setting_configmulticheckbox extends admin_setting { $return .= ''; return format_admin_setting($this, $this->visiblename, $return, $this->description, false, '', $defaultinfo, $query); - + } } @@ -2353,7 +2353,7 @@ class admin_setting_configselect extends admin_setting { if (strpos($textlib->strtolower($value), $query) !== false) { return true; } - } + } return false; } @@ -2585,6 +2585,33 @@ class admin_setting_configtime extends admin_setting { } +class admin_setting_configiplist extends admin_setting_configtextarea { + function validate($data) { + if(!empty($data)) { + $ips = explode("\n", $data); + } else { + return true; + } + $result = true; + foreach($ips as $ip) { + $ip = trim($ip); + if(preg_match('#^(\d{1,3})(\.\d{1,3}){0,3}$#', $ip, $match) || + preg_match('#^(\d{1,3})(\.\d{1,3}){0,3}(\/\d{1,2})$#', $ip, $match) || + preg_match('#^(\d{1,3})(\.\d{1,3}){3}(-\d{1,3})$#', $ip, $match)) { + $result = true; + } else { + $result = false; + break; + } + } + if($result){ + return true; + } else { + return get_string('validateerror', 'admin'); + } + } +} + /** * Special checkbox for calendar - resets SESSION vars. */ @@ -2773,7 +2800,7 @@ class admin_setting_sitesettext extends admin_setting_configtext { function write_setting($data) { global $DB; $data = trim($data); - $validated = $this->validate($data); + $validated = $this->validate($data); if ($validated !== true) { return $validated; } @@ -3417,7 +3444,7 @@ class admin_setting_regradingcheckbox extends admin_setting_configcheckbox { } return $return; - } + } } /** @@ -3562,7 +3589,7 @@ class admin_setting_gradecat_combo extends admin_setting { $defaultinfo[] = get_string('advanced'); } $defaultinfo = implode(', ', $defaultinfo); - + } else { $defaultinfo = NULL; } @@ -4714,7 +4741,7 @@ function db_replace($search, $replace) { /** * Prints tables of detected plugins, one table per plugin type, - * and prints whether they are part of the standard Moodle + * and prints whether they are part of the standard Moodle * distribution or not. */ function print_plugin_tables() { @@ -4735,7 +4762,7 @@ function print_plugin_tables() { 'scorm', 'survey', 'wiki'); - + $plugins_standard['blocks'] = array('activity_modules', 'admin', 'admin_bookmarks', @@ -4767,7 +4794,7 @@ function print_plugin_tables() { 'tag_flickr', 'tag_youtube', 'tags'); - + $plugins_standard['filter'] = array('activitynames', 'algebra', 'censor', @@ -4794,14 +4821,14 @@ function print_plugin_tables() { $plugins_ondisk['mod'] = get_list_of_plugins('mod', 'db'); $plugins_ondisk['blocks'] = get_list_of_plugins('blocks', 'db'); $plugins_ondisk['filter'] = get_list_of_plugins('filter', 'db'); - + $strstandard = get_string('standard'); $strnonstandard = get_string('nonstandard'); $strmissingfromdisk = '(' . get_string('missingfromdisk') . ')'; $strabouttobeinstalled = '(' . get_string('abouttobeinstalled') . ')'; $html = ''; - + $html .= ''; foreach ($plugins_ondisk as $cat => $list_ondisk) { @@ -4817,8 +4844,8 @@ function print_plugin_tables() { $html .= '\n" . '\n" . '\n\n"; - - $row = 1; + + $row = 1; foreach ($list_ondisk as $k => $plugin) { $status = 'ok'; @@ -4828,15 +4855,15 @@ function print_plugin_tables() { if (!in_array($plugin, $plugins_standard[$cat])) { $standard = 'nonstandard'; $status = 'warning'; - } - + } + // Get real name and full path of plugin $plugin_name = "[[$plugin]]"; - + $plugin_path = "$cat/$plugin"; - + $plugin_name = get_plugin_name($plugin, $cat); - + // Determine if the plugin is about to be installed if ($cat != 'filter' && !in_array($plugin, $plugins_installed[$cat])) { $note = $strabouttobeinstalled; @@ -4852,11 +4879,11 @@ function print_plugin_tables() { // If the plugin was both on disk and in the db, unset the value from the installed plugins list if ($key = array_search($plugin, $plugins_installed[$cat])) { unset($plugins_installed[$cat][$key]); - } - } + } + } // If there are plugins left in the plugins_installed list, it means they are missing from disk - foreach ($plugins_installed[$cat] as $k => $missing_plugin) { + foreach ($plugins_installed[$cat] as $k => $missing_plugin) { // Make sure the plugin really is missing from disk if (!in_array($missing_plugin, $plugins_ondisk[$cat])) { $standard = 'standard'; @@ -4871,15 +4898,15 @@ function print_plugin_tables() { . "\n" . "\n" . "\n\n"; - $row++; + $row++; } } $html .= '
' . get_string('directory') . "' . get_string('name') . "' . get_string('status') . "
?$plugin_name" . ${'str' . $standard} . " $strmissingfromdisk
'; } - + $html .= '
'; - + echo $html; } diff --git a/lib/setup.php b/lib/setup.php index 96c694df04..3e2d769130 100644 --- a/lib/setup.php +++ b/lib/setup.php @@ -527,15 +527,33 @@ global $HTTPSPAGEREQUIRED; } } - $iplist = unserialize(get_config(null, 'blockedip')); - if(!empty($iplist)) { - foreach($iplist as $ip) { + $allowediponly = get_config(null, 'enableallowedip'); + if(!empty($allowediponly)){ + $allowediplist = get_config(null, 'allowedip'); + $blockediplist = get_config(null, 'blockedip'); + } else { + $blockediplist = get_config(null, 'blockedip'); + } + if(!empty($blockediplist)) { + $blockediplist = explode("\n", $blockediplist); + foreach($blockediplist as $ip) { + $ip = trim($ip); if(address_in_subnet(getremoteaddr(), $ip)){ // Telling the banned user the site is not // available currently. - echo get_string('sitemaintenance', 'admin'); - die; - } + die(get_string('ipinblockedlist', 'admin')); + } + } + } + if(!empty($allowediplist)) { + $allowediplist = explode("\n", $allowediplist); + foreach($allowediplist as $ip) { + $ip = trim($ip); + if(!address_in_subnet(getremoteaddr(), $ip)){ + // Telling users only specfied users are + // allowed accessing this site. + die(get_string('ipoutallowedlist', 'admin')); + } } } -- 2.39.5