axyr /
silverstripe-adminlogin
@@ -69,6 +69,9 @@ discard block |
||
| 69 | 69 | return strstr(self::getBackUrl(), '/admin/'); |
| 70 | 70 | } |
| 71 | 71 | |
| 72 | + /** |
|
| 73 | + * @return string |
|
| 74 | + */ |
|
| 72 | 75 | public static function getBackUrl() { |
| 73 | 76 | if(isset($_REQUEST['BackURL'])) { |
| 74 | 77 | return $_REQUEST['BackURL']; |
@@ -84,6 +87,7 @@ discard block |
||
| 84 | 87 | /** |
| 85 | 88 | * @see Security::getPasswordResetLink() |
| 86 | 89 | * We overload this, so we can add the BackURL to the password resetlink |
| 90 | + * @param DataObject $member |
|
| 87 | 91 | */ |
| 88 | 92 | public static function getPasswordResetLink($member, $autologinToken) { |
| 89 | 93 | $autologinToken = urldecode($autologinToken); |
@@ -8,8 +8,8 @@ discard block |
||
| 8 | 8 | |
| 9 | 9 | // redirect to AdminSecurity, when we are coming from /admin/* |
| 10 | 10 | function onBeforeSecurityLogin() { |
| 11 | - if(isset($_GET['BackURL']) && strstr($_GET['BackURL'], '/admin/')) { |
|
| 12 | - if(Controller::curr()->class != 'AdminSecurity') { |
|
| 11 | + if (isset($_GET['BackURL']) && strstr($_GET['BackURL'], '/admin/')) { |
|
| 12 | + if (Controller::curr()->class != 'AdminSecurity') { |
|
| 13 | 13 | $link = 'AdminSecurity/login' . '?BackURL=' . urlencode($_GET['BackURL']); |
| 14 | 14 | return $this->owner->redirect($link); |
| 15 | 15 | } |
@@ -41,24 +41,24 @@ discard block |
||
| 41 | 41 | public function init() { |
| 42 | 42 | parent::init(); |
| 43 | 43 | |
| 44 | - if(Config::inst()->get('IpAccess', 'enabled')) { |
|
| 44 | + if (Config::inst()->get('IpAccess', 'enabled')) { |
|
| 45 | 45 | $ipAccess = new IpAccess($this->owner->getRequest()->getIP(), Config::inst()->get('IpAccess', 'allowed_ips')); |
| 46 | - if(!$ipAccess->hasAccess()) { |
|
| 46 | + if (!$ipAccess->hasAccess()) { |
|
| 47 | 47 | $reponse = ''; |
| 48 | - if(class_exists('ErrorPage', true)) { |
|
| 48 | + if (class_exists('ErrorPage', true)) { |
|
| 49 | 49 | $response = ErrorPage::response_for(404); |
| 50 | 50 | } |
| 51 | 51 | return $this->owner->httpError(404, $response ? $response : 'The requested page could not be found.'); |
| 52 | 52 | } |
| 53 | 53 | } |
| 54 | 54 | |
| 55 | - if(Config::inst()->get('AdminLogin', 'UseTheme') !== true) { |
|
| 55 | + if (Config::inst()->get('AdminLogin', 'UseTheme') !== true) { |
|
| 56 | 56 | // this prevents loading frontend css and javscript files |
| 57 | - Object::useCustomClass('Page_Controller','AdminLoginPage_Controller'); |
|
| 57 | + Object::useCustomClass('Page_Controller', 'AdminLoginPage_Controller'); |
|
| 58 | 58 | Requirements::css('adminlogin/css/style.css'); |
| 59 | 59 | } |
| 60 | 60 | |
| 61 | - Object::useCustomClass('MemberLoginForm','AdminLoginForm'); |
|
| 61 | + Object::useCustomClass('MemberLoginForm', 'AdminLoginForm'); |
|
| 62 | 62 | } |
| 63 | 63 | |
| 64 | 64 | public function Link($action = null) { |
@@ -70,9 +70,9 @@ discard block |
||
| 70 | 70 | } |
| 71 | 71 | |
| 72 | 72 | public static function getBackUrl() { |
| 73 | - if(isset($_REQUEST['BackURL'])) { |
|
| 73 | + if (isset($_REQUEST['BackURL'])) { |
|
| 74 | 74 | return $_REQUEST['BackURL']; |
| 75 | - }elseif(isset($_SESSION['BackURL'])) { |
|
| 75 | + }elseif (isset($_SESSION['BackURL'])) { |
|
| 76 | 76 | return $_SESSION['BackURL']; |
| 77 | 77 | } |
| 78 | 78 | } |
@@ -72,7 +72,7 @@ |
||
| 72 | 72 | public static function getBackUrl() { |
| 73 | 73 | if(isset($_REQUEST['BackURL'])) { |
| 74 | 74 | return $_REQUEST['BackURL']; |
| 75 | - }elseif(isset($_SESSION['BackURL'])) { |
|
| 75 | + } elseif(isset($_SESSION['BackURL'])) { |
|
| 76 | 76 | return $_SESSION['BackURL']; |
| 77 | 77 | } |
| 78 | 78 | } |
@@ -13,35 +13,35 @@ discard block |
||
| 13 | 13 | */ |
| 14 | 14 | class IpAccess { |
| 15 | 15 | |
| 16 | - public $allowedIps = array(); |
|
| 16 | + public $allowedIps = array(); |
|
| 17 | 17 | |
| 18 | - private $ip = ''; |
|
| 18 | + private $ip = ''; |
|
| 19 | 19 | |
| 20 | 20 | public function __construct($ip = '', $allowedIps = array()) { |
| 21 | - $this->ip = $ip; |
|
| 22 | - $this->allowedIps = $allowedIps; |
|
| 21 | + $this->ip = $ip; |
|
| 22 | + $this->allowedIps = $allowedIps; |
|
| 23 | 23 | } |
| 24 | 24 | |
| 25 | 25 | public function setIp($ip) { |
| 26 | - $this->ip = $ip; |
|
| 26 | + $this->ip = $ip; |
|
| 27 | 27 | } |
| 28 | 28 | |
| 29 | 29 | public function hasAccess() { |
| 30 | - if(!$this->allowedIps) { |
|
| 30 | + if (!$this->allowedIps) { |
|
| 31 | 31 | return 'allowed'; |
| 32 | - }elseif($match = $this->matchExact()){ |
|
| 32 | + }elseif ($match = $this->matchExact()) { |
|
| 33 | 33 | return $match; |
| 34 | - }elseif($match = $this->matchRange()){ |
|
| 34 | + }elseif ($match = $this->matchRange()) { |
|
| 35 | 35 | return $match; |
| 36 | - }elseif($match = $this->matchCIDR()){ |
|
| 36 | + }elseif ($match = $this->matchCIDR()) { |
|
| 37 | 37 | return $match; |
| 38 | - }elseif($match = $this->matchWildCard()){ |
|
| 38 | + }elseif ($match = $this->matchWildCard()) { |
|
| 39 | 39 | return $match; |
| 40 | 40 | } |
| 41 | 41 | } |
| 42 | 42 | |
| 43 | 43 | public function matchExact() { |
| 44 | - if(in_array($this->ip, $this->allowedIps)) { |
|
| 44 | + if (in_array($this->ip, $this->allowedIps)) { |
|
| 45 | 45 | return $this->ip; |
| 46 | 46 | } |
| 47 | 47 | } |
@@ -51,13 +51,13 @@ discard block |
||
| 51 | 51 | * Example : 192.168.1.50-100 |
| 52 | 52 | */ |
| 53 | 53 | public function matchRange() { |
| 54 | - if($ranges = array_filter($this->allowedIps, function($ip) { return strstr($ip, '-'); })) { |
|
| 55 | - foreach($ranges as $range) { |
|
| 56 | - $first = substr($range, 0, strrpos($range ,'.') + 1); |
|
| 57 | - $last = substr(strrchr($range,'.'), 1); |
|
| 58 | - list ($start, $end) = explode('-',$last); |
|
| 59 | - for($i = $start; $i <= $end; $i++) { |
|
| 60 | - if($this->ip === $first . $i) { |
|
| 54 | + if ($ranges = array_filter($this->allowedIps, function($ip) { return strstr($ip, '-'); })) { |
|
| 55 | + foreach ($ranges as $range) { |
|
| 56 | + $first = substr($range, 0, strrpos($range, '.') + 1); |
|
| 57 | + $last = substr(strrchr($range, '.'), 1); |
|
| 58 | + list ($start, $end) = explode('-', $last); |
|
| 59 | + for ($i = $start; $i <= $end; $i++) { |
|
| 60 | + if ($this->ip === $first . $i) { |
|
| 61 | 61 | return $range; |
| 62 | 62 | } |
| 63 | 63 | } |
@@ -70,10 +70,10 @@ discard block |
||
| 70 | 70 | * Example : 192.168.1.0/24 |
| 71 | 71 | */ |
| 72 | 72 | public function matchCIDR() { |
| 73 | - if($ranges = array_filter($this->allowedIps, function($ip) { return strstr($ip, '/'); })) { |
|
| 74 | - foreach($ranges as $cidr) { |
|
| 75 | - list ($net, $mask) = explode ('/', $cidr); |
|
| 76 | - if(( ip2long ($this->ip) & ~((1 << (32 - $mask)) - 1) ) == ip2long ($net)) { |
|
| 73 | + if ($ranges = array_filter($this->allowedIps, function($ip) { return strstr($ip, '/'); })) { |
|
| 74 | + foreach ($ranges as $cidr) { |
|
| 75 | + list ($net, $mask) = explode('/', $cidr); |
|
| 76 | + if ((ip2long($this->ip) & ~((1 << (32 - $mask)) - 1)) == ip2long($net)) { |
|
| 77 | 77 | return $cidr; |
| 78 | 78 | } |
| 79 | 79 | } |
@@ -86,9 +86,9 @@ discard block |
||
| 86 | 86 | * Example : 192.168.* |
| 87 | 87 | */ |
| 88 | 88 | public function matchWildCard() { |
| 89 | - if($ranges = array_filter($this->allowedIps, function($ip) { return substr($ip, -1) === '*'; })) { |
|
| 90 | - foreach($ranges as $range) { |
|
| 91 | - if(substr($this->ip, 0, strlen(substr($range, 0, -1))) === substr($range, 0, -1)) { |
|
| 89 | + if ($ranges = array_filter($this->allowedIps, function($ip) { return substr($ip, -1) === '*'; })) { |
|
| 90 | + foreach ($ranges as $range) { |
|
| 91 | + if (substr($this->ip, 0, strlen(substr($range, 0, -1))) === substr($range, 0, -1)) { |
|
| 92 | 92 | return $range; |
| 93 | 93 | } |
| 94 | 94 | } |
@@ -29,13 +29,13 @@ |
||
| 29 | 29 | public function hasAccess() { |
| 30 | 30 | if(!$this->allowedIps) { |
| 31 | 31 | return 'allowed'; |
| 32 | - }elseif($match = $this->matchExact()){ |
|
| 32 | + } elseif($match = $this->matchExact()){ |
|
| 33 | 33 | return $match; |
| 34 | - }elseif($match = $this->matchRange()){ |
|
| 34 | + } elseif($match = $this->matchRange()){ |
|
| 35 | 35 | return $match; |
| 36 | - }elseif($match = $this->matchCIDR()){ |
|
| 36 | + } elseif($match = $this->matchCIDR()){ |
|
| 37 | 37 | return $match; |
| 38 | - }elseif($match = $this->matchWildCard()){ |
|
| 38 | + } elseif($match = $this->matchWildCard()){ |
|
| 39 | 39 | return $match; |
| 40 | 40 | } |
| 41 | 41 | } |
@@ -8,7 +8,7 @@ discard block |
||
| 8 | 8 | parent::__construct($controller, $name, $fields, $actions, $checkCurrentUser); |
| 9 | 9 | |
| 10 | 10 | |
| 11 | - if($field = $this->Actions()->fieldByName('forgotPassword')) { |
|
| 11 | + if ($field = $this->Actions()->fieldByName('forgotPassword')) { |
|
| 12 | 12 | // replaceField won't work, since it's a dataless field |
| 13 | 13 | $this->Actions()->removeByName('forgotPassword'); |
| 14 | 14 | $this->Actions()->push(new LiteralField( |
@@ -36,11 +36,11 @@ discard block |
||
| 36 | 36 | $member = DataObject::get_one('Member', "\"Email\" = '{$SQL_email}'"); |
| 37 | 37 | |
| 38 | 38 | $backUrlString = ''; |
| 39 | - if(isset($data['BackURL']) && $backURL = $data['BackURL']) { |
|
| 39 | + if (isset($data['BackURL']) && $backURL = $data['BackURL']) { |
|
| 40 | 40 | $backUrlString = '?BackURL=' . $backURL; |
| 41 | 41 | } |
| 42 | 42 | |
| 43 | - if($member) { |
|
| 43 | + if ($member) { |
|
| 44 | 44 | $token = $member->generateAutologinTokenAndStoreHash(); |
| 45 | 45 | |
| 46 | 46 | $e = Member_ForgotPasswordEmail::create(); |
@@ -52,7 +52,7 @@ discard block |
||
| 52 | 52 | $e->send(); |
| 53 | 53 | |
| 54 | 54 | $this->controller->redirect('AdminSecurity/passwordsent/' . urlencode($data['Email'])); |
| 55 | - } elseif($data['Email']) { |
|
| 55 | + } elseif ($data['Email']) { |
|
| 56 | 56 | // Avoid information disclosure by displaying the same status, |
| 57 | 57 | // regardless wether the email address actually exists |
| 58 | 58 | $this->controller->redirect('AdminSecurity/passwordsent/' . urlencode($data['Email'])); |
@@ -3,11 +3,11 @@ |
||
| 3 | 3 | class LimitAdminAccessExtension extends Extension { |
| 4 | 4 | |
| 5 | 5 | function onBeforeInit() { |
| 6 | - if(Config::inst()->get('IpAccess', 'enabled')) { |
|
| 6 | + if (Config::inst()->get('IpAccess', 'enabled')) { |
|
| 7 | 7 | $ipAccess = new IpAccess($this->owner->getRequest()->getIP(), Config::inst()->get('IpAccess', 'allowed_ips')); |
| 8 | 8 | |
| 9 | - if(!$ipAccess->hasAccess()) { |
|
| 10 | - if(class_exists('ErrorPage', true)) { |
|
| 9 | + if (!$ipAccess->hasAccess()) { |
|
| 10 | + if (class_exists('ErrorPage', true)) { |
|
| 11 | 11 | $response = ErrorPage::response_for(403); |
| 12 | 12 | } |
| 13 | 13 | |
