Merge branch 'feature/admin_ip_whitelist' into 'develop'

Added admin IP whitelist feature See merge request !1544

Merge branch 'feature/admin_ip_whitelist' into 'develop'
9954d8f5 · Marius Burkard · b99d5de7 · 20a60922 · 9954d8f5 · 9954d8f5
Commit 9954d8f5 authored 3 years ago by Marius Burkard
--- a/interface/lib/config.inc.php
+++ b/interface/lib/config.inc.php
@@ -159,4 +159,7 @@ define('LOGLEVEL_DEBUG', 0);
 define('LOGLEVEL_WARN', 1);
 define('LOGLEVEL_ERROR', 2);
+//** Admin IP whitelist file
+$conf['admin_ip_whitelist_file'] = '/usr/local/ispconfig/security/admin_ip.whitelist';
 ?>
--- a/interface/web/capp.php
+++ b/interface/web/capp.php
@@ -31,45 +31,37 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 require_once '../lib/config.inc.php';
 require_once '../lib/app.inc.php';
+include_once 'common.php';
 //* Import module variable
 $mod = $_REQUEST["mod"];
 //* If we click on a search result, load that one instead of the module's start page
 $redirect = (isset($_REQUEST["redirect"]) ? $_REQUEST["redirect"] : '');
 //* Check if user is logged in
-if($_SESSION["s"]["user"]['active'] != 1) {
+if ($_SESSION["s"]["user"]['active'] != 1) {
 	die("URL_REDIRECT: /index.php");
 	//die();
 }
-if(!preg_match("/^[a-z]{2,20}$/i", $mod)) die('module name contains unallowed chars.');
+if (!preg_match("/^[a-z]{2,20}$/i", $mod)) die('module name contains unallowed chars.');
-if($redirect != '' && !preg_match("/^[a-z0-9]+\/[a-z0-9_\.\-]+\?id=[0-9]{1,9}(\&type=[a-z0-9_\.\-]+)?$/i", $redirect)) die('redirect contains unallowed chars.');
+if ($redirect != '' && !preg_match("/^[a-z0-9]+\/[a-z0-9_\.\-]+\?id=[0-9]{1,9}(\&type=[a-z0-9_\.\-]+)?$/i", $redirect)) die('redirect contains unallowed chars.');
 //* Check if user may use the module.
 $user_modules = explode(",", $_SESSION["s"]["user"]["modules"]);
-if(!in_array($mod, $user_modules)) $app->error($app->lng(301));
+if (!in_array($mod, $user_modules)) $app->error($app->lng(301));
 //* Load module configuration into the session.
-if(is_file($mod."/lib/module.conf.php")) {
+if (is_file($mod."/lib/module.conf.php")) {
 	include_once $mod."/lib/module.conf.php";
-	$menu_dir = ISPC_WEB_PATH.'/' . $mod . '/lib/menu.d';
+	$menu_dir = ISPC_WEB_PATH.'/'.$mod.'/lib/menu.d';
+	include_menu_dir_files($menu_dir);
-	if (is_dir($menu_dir)) {
-		if ($dh = opendir($menu_dir)) {
-			//** Go through all files in the menu dir
-			while (($file = readdir($dh)) !== false) {
-				if ($file != '.' && $file != '..' && substr($file, -9, 9) == '.menu.php' && $file != 'dns_resync.menu.php') {
-					include_once $menu_dir . '/' . $file;
-				}
-			}
-		}
-	}
 	$_SESSION["s"]["module"] = $module;
 	session_write_close();
-	if($redirect == ''){
+	if ($redirect == '') {
 		echo "HEADER_REDIRECT:".$_SESSION["s"]["module"]["startpage"];
 	} else {
 		//* If we click on a search result, load that one instead of the module's start page

--- a/interface/web/common.php
+++ b/interface/web/common.php
+<?php
+/*
+Copyright (c) 2007, Till Brehm, projektfarm Gmbh
+All rights reserved.
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:
+    * Redistributions of source code must retain the above copyright notice,
+      this list of conditions and the following disclaimer.
+    * Redistributions in binary form must reproduce the above copyright notice,
+      this list of conditions and the following disclaimer in the documentation
+      and/or other materials provided with the distribution.
+    * Neither the name of ISPConfig nor the names of its contributors
+      may be used to endorse or promote products derived from this software without
+      specific prior written permission.
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+*/
+/*
+  Some common helper functions which can be reused throughout the project.
+*/
+/**
+ * Includes all the menu files from the menu dir.
+ * @param string $menu_dir Path to the menu dir
+ * @return void
+ */
+function include_menu_dir_files($menu_dir)
+{
+	if (is_dir($menu_dir)) {
+		if ($dh = opendir($menu_dir)) {
+			//** Go through all files in the menu dir
+			while (($file = readdir($dh)) !== false) {
+				if ($file != '.' && $file != '..' && substr($file, -9, 9) == '.menu.php' && $file != 'dns_resync.menu.php') {
+					include_once $menu_dir.'/'.$file;
+				}
+			}
+		}
+	}
+}
--- a/interface/web/login/index.php
+++ b/interface/web/login/index.php