diff --git a/admin/php/admin.php b/admin/php/admin.php
index c70a6e2..460c273 100755
--- a/admin/php/admin.php
+++ b/admin/php/admin.php
@@ -33,10 +33,8 @@ Arquivo:
i3geo/admin/php/admin.php
*/
-if(!isset($locaplic) || !isset($dir_tmp)){
- $locaplic = "";
- include(dirname(__FILE__)."/../../ms_configura.php");
-}
+include(dirname(__FILE__)."/../../ms_configura.php");
+
if(!file_exists($dir_tmp)){
@mkdir ($dir_tmp,0744);
chmod($dir_tmp,0744);
diff --git a/admin/php/criabanco.php b/admin/php/criabanco.php
index b298597..6dab344 100755
--- a/admin/php/criabanco.php
+++ b/admin/php/criabanco.php
@@ -50,6 +50,15 @@
//echo dirname(__FILE__);
$esquemaadmin = "";
include("admin.php");
+ //verifica se o login pode ser realizado
+ if(isset($i3geoPermiteLogin) && $i3geoPermiteLogin == false){
+ header ( "HTTP/1.1 403 Login desativado" );
+ exit ();
+ }
+ //$i3geoPermiteLoginIp vem de ms_configura.php
+ if(isset($i3geoPermiteLoginIp)){
+ checaLoginIp($i3geoPermiteLoginIp);
+ }
error_reporting(0);
$tabelas = array(
//tabelas gerais do sistema de administracao
diff --git a/admin/php/incluiMAP.php b/admin/php/incluiMAP.php
index 7e4bc5e..5e1e19c 100755
--- a/admin/php/incluiMAP.php
+++ b/admin/php/incluiMAP.php
@@ -36,6 +36,15 @@ i3geo/admin/php/incluiMAP.php
$funcao = "";
$locaplic = dirname(__FILE__)."/../..";
include_once("admin.php");
+//verifica se o login pode ser realizado
+if(isset($i3geoPermiteLogin) && $i3geoPermiteLogin == false){
+ header ( "HTTP/1.1 403 Login desativado" );
+ exit ();
+}
+//$i3geoPermiteLoginIp vem de ms_configura.php
+if(isset($i3geoPermiteLoginIp)){
+ checaLoginIp($i3geoPermiteLoginIp);
+}
include_once("conexao.php");
if(empty($_POST["senha"]) || empty($_POST["usuario"])){
formularioLoginMaster("incluiMAP.php");
diff --git a/admin/php/login.php b/admin/php/login.php
index c5c3053..fc249ad 100755
--- a/admin/php/login.php
+++ b/admin/php/login.php
@@ -64,6 +64,17 @@ error_reporting(0);
//
include_once(dirname(__FILE__)."/../safe.php");
include_once(dirname(__FILE__)."/admin.php");
+
+//verifica se o login pode ser realizado
+if(isset($i3geoPermiteLogin) && $i3geoPermiteLogin == false){
+ header ( "HTTP/1.1 403 Login desativado" );
+ exit ();
+}
+//$i3geoPermiteLoginIp vem de ms_configura.php
+if(isset($i3geoPermiteLoginIp)){
+ checaLoginIp($i3geoPermiteLoginIp);
+}
+
error_reporting(0);
session_write_close();
session_name("i3GeoLogin");
diff --git a/admin/php/upgradebanco44_45.php b/admin/php/upgradebanco44_45.php
index 65a61f8..8609cc1 100755
--- a/admin/php/upgradebanco44_45.php
+++ b/admin/php/upgradebanco44_45.php
@@ -48,6 +48,16 @@ i3geo/admin/php/criabanco.php
*/
$funcao = "";
include_once("admin.php");
+//verifica se o login pode ser realizado
+if(isset($i3geoPermiteLogin) && $i3geoPermiteLogin == false){
+ header ( "HTTP/1.1 403 Login desativado" );
+ exit ();
+}
+//$i3geoPermiteLoginIp vem de ms_configura.php
+if(isset($i3geoPermiteLoginIp)){
+ checaLoginIp($i3geoPermiteLoginIp);
+}
+
include_once("conexao.php");
if(empty($_POST["senha"]) || empty($_POST["usuario"])){
@@ -75,7 +85,7 @@ if($conexaoadmin == "")
}
else
{
- include($conexaoadmin);
+ include($conexaoadmin);
}
*/
foreach($tabelas as $tabela)
diff --git a/admin/php/upgradebanco46_47.php b/admin/php/upgradebanco46_47.php
index 08f56ec..7eaa79c 100755
--- a/admin/php/upgradebanco46_47.php
+++ b/admin/php/upgradebanco46_47.php
@@ -51,6 +51,16 @@ i3geo/admin/php/criabanco.php
$funcao = "";
$locaplic = dirname(__FILE__)."/../..";
include_once("admin.php");
+//verifica se o login pode ser realizado
+if(isset($i3geoPermiteLogin) && $i3geoPermiteLogin == false){
+ header ( "HTTP/1.1 403 Login desativado" );
+ exit ();
+}
+//$i3geoPermiteLoginIp vem de ms_configura.php
+if(isset($i3geoPermiteLoginIp)){
+ checaLoginIp($i3geoPermiteLoginIp);
+}
+
include_once("conexao.php");
if(!empty($esquemaadmin)){
$esquemaadmin = str_replace(".","",$esquemaadmin).".";
diff --git a/classesjs/compactajs.php b/classesjs/compactajs.php
index bc7174f..c2bf618 100755
--- a/classesjs/compactajs.php
+++ b/classesjs/compactajs.php
@@ -44,6 +44,16 @@ i3geo/classesjs/compactajs.php
$locaplic = dirname(__FILE__)."/..";
include_once(dirname(__FILE__)."/../admin/php/admin.php");
+//verifica se o login pode ser realizado
+if(isset($i3geoPermiteLogin) && $i3geoPermiteLogin == false){
+ header ( "HTTP/1.1 403 Login desativado" );
+ exit ();
+}
+//$i3geoPermiteLoginIp vem de ms_configura.php
+if(isset($i3geoPermiteLoginIp)){
+ checaLoginIp($i3geoPermiteLoginIp);
+}
+
include_once(dirname(__FILE__)."/../admin/php/conexao.php");
if(empty($_POST["senha"]) || empty($_POST["usuario"])){
formularioLoginMaster("compactajs.php");
diff --git a/classesphp/funcoes_gerais.php b/classesphp/funcoes_gerais.php
index 20df1d7..7258ed5 100755
--- a/classesphp/funcoes_gerais.php
+++ b/classesphp/funcoes_gerais.php
@@ -2095,15 +2095,24 @@ Retorno:
{string}
*/
-function pegaIPcliente()
-{
- $ip = "UNKNOWN";
- if (getenv("HTTP_CLIENT_IP")) $ip = getenv("HTTP_CLIENT_IP");
- else if(getenv("HTTP_X_FORWARDED_FOR")) $ip = getenv("HTTP_X_FORWARDED_FOR");
- else if(getenv("REMOTE_ADDR")) $ip = getenv("REMOTE_ADDR");
- else $ip = "UNKNOWN";
- //$ip = "200.252.111.1";//teste
- return $ip;
+function pegaIPcliente(){
+ $ipaddress = '';
+ if (getenv('HTTP_CLIENT_IP'))
+ $ipaddress = getenv('HTTP_CLIENT_IP');
+ else if(getenv('HTTP_X_FORWARDED_FOR'))
+ $ipaddress = getenv('HTTP_X_FORWARDED_FOR');
+ else if(getenv('HTTP_X_FORWARDED'))
+ $ipaddress = getenv('HTTP_X_FORWARDED');
+ else if(getenv('HTTP_FORWARDED_FOR'))
+ $ipaddress = getenv('HTTP_FORWARDED_FOR');
+ else if(getenv('HTTP_FORWARDED'))
+ $ipaddress = getenv('HTTP_FORWARDED');
+ else if(getenv('REMOTE_ADDR'))
+ $ipaddress = getenv('REMOTE_ADDR');
+ else
+ $ipaddress = 'UNKNOWN';
+
+ return $ipaddress;
}
/*
Function: pegaIPcliente2
@@ -3051,4 +3060,28 @@ function i3GeoLog($txt,$dir_tmp=""){
"-------------------------".PHP_EOL;
file_put_contents($dir_tmp.'/.log_i3geo_'.date("j.n.Y"), $log, FILE_APPEND);
}
+/**
+ * valida o IP do usuario em uma lista branca
+ */
+function validaIpUsuario($lista){
+ if($lista == ""){
+ return true;
+ }
+ $ip = pegaIPcliente();
+ if(in_array($ip,$lista)){
+ return true;
+ } else {
+ return false;
+ }
+}
+function checaLoginIp($lista){
+ if(empty($lista)){
+ return;
+ }
+ $r = validaIpUsuario($lista);
+ if($r == false){
+ header ( "HTTP/1.1 403 Login nao permitido" );
+ exit ();
+ }
+}
?>
diff --git a/ferramentas/loginusuario/dependencias.php b/ferramentas/loginusuario/dependencias.php
index 7e7f030..ae32eff 100755
--- a/ferramentas/loginusuario/dependencias.php
+++ b/ferramentas/loginusuario/dependencias.php
@@ -6,6 +6,15 @@
* javascript i3GEOF.loginusuario.MUSTACHE
* O template e substituido pelos valores definidos em index.js no momento da inicializacao da ferramenta
*/
+
+//verifica se o login pode ser realizado
+include(dirname(__FILE__)."/../../ms_configura.php");
+if(isset($i3geoPermiteLogin) && $i3geoPermiteLogin == false){
+ echo "alert('ferramenta de login desativada');";
+ //header ( "HTTP/1.1 403 Login desativado" );
+ exit ();
+}
+
if(extension_loaded('zlib')){
ob_start('ob_gzhandler');
}
diff --git a/geraminiatura.php b/geraminiatura.php
index 1631ecd..b2aaac4 100755
--- a/geraminiatura.php
+++ b/geraminiatura.php
@@ -82,14 +82,18 @@ if (!function_exists('ms_GetVersion'))
else
{dl('php_mapscript.so');}
}
-/*
-include($locaplic."/ms_configura.php");
-if(!function_exists("versao"))
-{include($locaplic."/classesphp/funcoes_gerais.php");}
-require_once($locaplic."/classesphp/pega_variaveis.php");
-include_once ($locaplic."/classesphp/carrega_ext.php");
-*/
+
include_once (dirname(__FILE__)."/admin/php/admin.php");
+//verifica se o login pode ser realizado
+if(isset($i3geoPermiteLogin) && $i3geoPermiteLogin == false){
+ header ( "HTTP/1.1 403 Login desativado" );
+ exit ();
+}
+//$i3geoPermiteLoginIp vem de ms_configura.php
+if(isset($i3geoPermiteLoginIp)){
+ checaLoginIp($i3geoPermiteLoginIp);
+}
+
$versao = versao();
$versao = $versao["principal"];
//
@@ -134,7 +138,7 @@ if($tipo == "mini" || $tipo == "todos" || $tipo == "grande" || $tipo == "")
{
$arq = str_replace(" ","xxxx",$arq);
$temp = explode(".",$arq);
-
+
if(file_exists($locaplic.'/temas/'.$arq) && $temp[(count($temp) - 1)] == "map" && !(strpos($temp[0],"_") === 0) )
{
echo "$arq
";
@@ -253,7 +257,7 @@ function verificaMiniatura($map,$tipo,$admin=false)
}
}
}
-
+
zoomTemaMiniatura($pegarext,$mapa);
}
if($extensao == ".gvp"){
diff --git a/ms_configura.php b/ms_configura.php
index 07fe087..fb4eaf4 100755
--- a/ms_configura.php
+++ b/ms_configura.php
@@ -63,6 +63,29 @@ $i3geomaster = array(
array("usuario"=>"admin", "senha"=>"admin")
);
/*
+Variable: $i3geoPermiteLogin
+
+Permite ou impede que sejam executadas as funcionalidades que exigem login
+
+Tipo:
+{boolean}
+*/
+$i3geoPermiteLogin = true;
+/*
+Variable: $i3geoPermiteLoginIp
+
+Lista de IPs que podem fazer login. Valido apenas se $i3geoPermiteLogin for true
+
+A lista e um array, permitindo a inclusao de varios IPs
+
+Para nao fazer a verificacao, ou seja, permitir que qualquer IP faca login, deixe essa variavel em branco
+
+Exemplo de uso:
+
+$i3geoPermiteLoginIp = array("127.0.0.1","200.200.200.200");
+*/
+$i3geoPermiteLoginIp = array();
+/*
Variable: $logTransacoes
Define se as transacoes no banco de dados de administracao serao mantidas em uma tabela de logs
diff --git a/testainstal/index.php b/testainstal/index.php
index 8e992f1..b53af1a 100755
--- a/testainstal/index.php
+++ b/testainstal/index.php
@@ -32,7 +32,7 @@ include "../init/head.php";