Source for file SourceIPAddrAuthzEngine.php
Documentation is available at SourceIPAddrAuthzEngine.php
* @copyright Copyright 2005-2010 RedIRIS, http://www.rediris.es/
* This file is part of phpPoA2.
* phpPoA2 is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
* phpPoA2 is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
* You should have received a copy of the GNU General Public License
* along with phpPoA2. If not, see <http://www.gnu.org/licenses/>.
* @license http://www.gnu.org/licenses/gpl.html GNU General Public License
* @author Jaime Perez <jaime.perez@rediris.es>
* This hook is executed right after retrieving source address and
* the arrays of allowed and denied patterns that will be checked inmediately.
* It can be used to alter the source address, and also to configure the filters on runtime.
* The hook receives the source IP address, the allowed and the denied patterns.
* Functions for this hook must be defined like this:
* function ipBeforeFilterHook(&$ipaddr, &$allowed, &$denied);
* Please bear in mind that hooks must return TRUE or they'll keep other hooks from executing.
define("SOURCEADDR_BEFORE_FILTERS", "SOURCEADDR_BEFORE_FILTERS");
* Authorization engine that works by checking the source IP address of the request.
* @subpackage SourceIPAddrAuthorizationEngine
// setup filtering criteria
"(([0-9a-fA-F]{1,4})){1,7}\:",
"(\:([0-9a-fA-F]{1,4})){1,7}");
$src_addr = (isset ($_SERVER['HTTP_X_FORWARDED_FOR'])) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR'];
// check if there are IP filters
$allowed = $this->cfg->getAllowed();
$denied = $this->cfg->getDenied();
// run hook before checking patterns
$args = array($src_addr, $allowed, $denied);
// evaluate allowance filters
foreach ($allowed as $mask) {
trigger_error(msg('source-ip-allowed', array($src_addr, $mask)), E_USER_WARNING);
trigger_error(msg('source-ip-allowed', array($src_addr, $mask)), E_USER_WARNING);
foreach ($denied as $mask) {
trigger_error(msg('source-ip-denied', array($src_addr, $mask)), E_USER_WARNING);
trigger_error(msg('source-ip-denied', array($src_addr, $mask)), E_USER_WARNING);
return $this->cfg->getDefaultBehaviour();
$list = $this->cfg->getAllowed();
public function authorize($user, $attrs, $ref, $expires = 0) {
public function revoke($mail) {
|