From 58f874b1f3831732cc4c901f14dc9bd2c54a9bb0 Mon Sep 17 00:00:00 2001 From: edmarmoretti Date: Fri, 19 Aug 2016 15:18:59 -0300 Subject: [PATCH] Novas variáveis de configuração disponíveis em ms_configura.php para controle das opções de login --- admin/php/admin.php | 6 ++---- admin/php/criabanco.php | 9 +++++++++ admin/php/incluiMAP.php | 9 +++++++++ admin/php/login.php | 11 +++++++++++ admin/php/upgradebanco44_45.php | 12 +++++++++++- admin/php/upgradebanco46_47.php | 10 ++++++++++ classesjs/compactajs.php | 10 ++++++++++ classesphp/funcoes_gerais.php | 51 ++++++++++++++++++++++++++++++++++++++++++--------- ferramentas/loginusuario/dependencias.php | 9 +++++++++ geraminiatura.php | 22 +++++++++++++--------- ms_configura.php | 23 +++++++++++++++++++++++ testainstal/index.php | 27 +++++++++++++++++---------- testamapfile.php | 23 +++++++++++++++++++---- 13 files changed, 185 insertions(+), 37 deletions(-) diff --git a/admin/php/admin.php b/admin/php/admin.php index c70a6e2..460c273 100755 --- a/admin/php/admin.php +++ b/admin/php/admin.php @@ -33,10 +33,8 @@ Arquivo: i3geo/admin/php/admin.php */ -if(!isset($locaplic) || !isset($dir_tmp)){ - $locaplic = ""; - include(dirname(__FILE__)."/../../ms_configura.php"); -} +include(dirname(__FILE__)."/../../ms_configura.php"); + if(!file_exists($dir_tmp)){ @mkdir ($dir_tmp,0744); chmod($dir_tmp,0744); diff --git a/admin/php/criabanco.php b/admin/php/criabanco.php index b298597..6dab344 100755 --- a/admin/php/criabanco.php +++ b/admin/php/criabanco.php @@ -50,6 +50,15 @@ //echo dirname(__FILE__); $esquemaadmin = ""; include("admin.php"); + //verifica se o login pode ser realizado + if(isset($i3geoPermiteLogin) && $i3geoPermiteLogin == false){ + header ( "HTTP/1.1 403 Login desativado" ); + exit (); + } + //$i3geoPermiteLoginIp vem de ms_configura.php + if(isset($i3geoPermiteLoginIp)){ + checaLoginIp($i3geoPermiteLoginIp); + } error_reporting(0); $tabelas = array( //tabelas gerais do sistema de administracao diff --git a/admin/php/incluiMAP.php b/admin/php/incluiMAP.php index 7e4bc5e..5e1e19c 100755 --- a/admin/php/incluiMAP.php +++ b/admin/php/incluiMAP.php @@ -36,6 +36,15 @@ i3geo/admin/php/incluiMAP.php $funcao = ""; $locaplic = dirname(__FILE__)."/../.."; include_once("admin.php"); +//verifica se o login pode ser realizado +if(isset($i3geoPermiteLogin) && $i3geoPermiteLogin == false){ + header ( "HTTP/1.1 403 Login desativado" ); + exit (); +} +//$i3geoPermiteLoginIp vem de ms_configura.php +if(isset($i3geoPermiteLoginIp)){ + checaLoginIp($i3geoPermiteLoginIp); +} include_once("conexao.php"); if(empty($_POST["senha"]) || empty($_POST["usuario"])){ formularioLoginMaster("incluiMAP.php"); diff --git a/admin/php/login.php b/admin/php/login.php index c5c3053..fc249ad 100755 --- a/admin/php/login.php +++ b/admin/php/login.php @@ -64,6 +64,17 @@ error_reporting(0); // include_once(dirname(__FILE__)."/../safe.php"); include_once(dirname(__FILE__)."/admin.php"); + +//verifica se o login pode ser realizado +if(isset($i3geoPermiteLogin) && $i3geoPermiteLogin == false){ + header ( "HTTP/1.1 403 Login desativado" ); + exit (); +} +//$i3geoPermiteLoginIp vem de ms_configura.php +if(isset($i3geoPermiteLoginIp)){ + checaLoginIp($i3geoPermiteLoginIp); +} + error_reporting(0); session_write_close(); session_name("i3GeoLogin"); diff --git a/admin/php/upgradebanco44_45.php b/admin/php/upgradebanco44_45.php index 65a61f8..8609cc1 100755 --- a/admin/php/upgradebanco44_45.php +++ b/admin/php/upgradebanco44_45.php @@ -48,6 +48,16 @@ i3geo/admin/php/criabanco.php */ $funcao = ""; include_once("admin.php"); +//verifica se o login pode ser realizado +if(isset($i3geoPermiteLogin) && $i3geoPermiteLogin == false){ + header ( "HTTP/1.1 403 Login desativado" ); + exit (); +} +//$i3geoPermiteLoginIp vem de ms_configura.php +if(isset($i3geoPermiteLoginIp)){ + checaLoginIp($i3geoPermiteLoginIp); +} + include_once("conexao.php"); if(empty($_POST["senha"]) || empty($_POST["usuario"])){ @@ -75,7 +85,7 @@ if($conexaoadmin == "") } else { - include($conexaoadmin); + include($conexaoadmin); } */ foreach($tabelas as $tabela) diff --git a/admin/php/upgradebanco46_47.php b/admin/php/upgradebanco46_47.php index 08f56ec..7eaa79c 100755 --- a/admin/php/upgradebanco46_47.php +++ b/admin/php/upgradebanco46_47.php @@ -51,6 +51,16 @@ i3geo/admin/php/criabanco.php $funcao = ""; $locaplic = dirname(__FILE__)."/../.."; include_once("admin.php"); +//verifica se o login pode ser realizado +if(isset($i3geoPermiteLogin) && $i3geoPermiteLogin == false){ + header ( "HTTP/1.1 403 Login desativado" ); + exit (); +} +//$i3geoPermiteLoginIp vem de ms_configura.php +if(isset($i3geoPermiteLoginIp)){ + checaLoginIp($i3geoPermiteLoginIp); +} + include_once("conexao.php"); if(!empty($esquemaadmin)){ $esquemaadmin = str_replace(".","",$esquemaadmin)."."; diff --git a/classesjs/compactajs.php b/classesjs/compactajs.php index bc7174f..c2bf618 100755 --- a/classesjs/compactajs.php +++ b/classesjs/compactajs.php @@ -44,6 +44,16 @@ i3geo/classesjs/compactajs.php $locaplic = dirname(__FILE__)."/.."; include_once(dirname(__FILE__)."/../admin/php/admin.php"); +//verifica se o login pode ser realizado +if(isset($i3geoPermiteLogin) && $i3geoPermiteLogin == false){ + header ( "HTTP/1.1 403 Login desativado" ); + exit (); +} +//$i3geoPermiteLoginIp vem de ms_configura.php +if(isset($i3geoPermiteLoginIp)){ + checaLoginIp($i3geoPermiteLoginIp); +} + include_once(dirname(__FILE__)."/../admin/php/conexao.php"); if(empty($_POST["senha"]) || empty($_POST["usuario"])){ formularioLoginMaster("compactajs.php"); diff --git a/classesphp/funcoes_gerais.php b/classesphp/funcoes_gerais.php index 20df1d7..7258ed5 100755 --- a/classesphp/funcoes_gerais.php +++ b/classesphp/funcoes_gerais.php @@ -2095,15 +2095,24 @@ Retorno: {string} */ -function pegaIPcliente() -{ - $ip = "UNKNOWN"; - if (getenv("HTTP_CLIENT_IP")) $ip = getenv("HTTP_CLIENT_IP"); - else if(getenv("HTTP_X_FORWARDED_FOR")) $ip = getenv("HTTP_X_FORWARDED_FOR"); - else if(getenv("REMOTE_ADDR")) $ip = getenv("REMOTE_ADDR"); - else $ip = "UNKNOWN"; - //$ip = "200.252.111.1";//teste - return $ip; +function pegaIPcliente(){ + $ipaddress = ''; + if (getenv('HTTP_CLIENT_IP')) + $ipaddress = getenv('HTTP_CLIENT_IP'); + else if(getenv('HTTP_X_FORWARDED_FOR')) + $ipaddress = getenv('HTTP_X_FORWARDED_FOR'); + else if(getenv('HTTP_X_FORWARDED')) + $ipaddress = getenv('HTTP_X_FORWARDED'); + else if(getenv('HTTP_FORWARDED_FOR')) + $ipaddress = getenv('HTTP_FORWARDED_FOR'); + else if(getenv('HTTP_FORWARDED')) + $ipaddress = getenv('HTTP_FORWARDED'); + else if(getenv('REMOTE_ADDR')) + $ipaddress = getenv('REMOTE_ADDR'); + else + $ipaddress = 'UNKNOWN'; + + return $ipaddress; } /* Function: pegaIPcliente2 @@ -3051,4 +3060,28 @@ function i3GeoLog($txt,$dir_tmp=""){ "-------------------------".PHP_EOL; file_put_contents($dir_tmp.'/.log_i3geo_'.date("j.n.Y"), $log, FILE_APPEND); } +/** + * valida o IP do usuario em uma lista branca + */ +function validaIpUsuario($lista){ + if($lista == ""){ + return true; + } + $ip = pegaIPcliente(); + if(in_array($ip,$lista)){ + return true; + } else { + return false; + } +} +function checaLoginIp($lista){ + if(empty($lista)){ + return; + } + $r = validaIpUsuario($lista); + if($r == false){ + header ( "HTTP/1.1 403 Login nao permitido" ); + exit (); + } +} ?> diff --git a/ferramentas/loginusuario/dependencias.php b/ferramentas/loginusuario/dependencias.php index 7e7f030..ae32eff 100755 --- a/ferramentas/loginusuario/dependencias.php +++ b/ferramentas/loginusuario/dependencias.php @@ -6,6 +6,15 @@ * javascript i3GEOF.loginusuario.MUSTACHE * O template e substituido pelos valores definidos em index.js no momento da inicializacao da ferramenta */ + +//verifica se o login pode ser realizado +include(dirname(__FILE__)."/../../ms_configura.php"); +if(isset($i3geoPermiteLogin) && $i3geoPermiteLogin == false){ + echo "alert('ferramenta de login desativada');"; + //header ( "HTTP/1.1 403 Login desativado" ); + exit (); +} + if(extension_loaded('zlib')){ ob_start('ob_gzhandler'); } diff --git a/geraminiatura.php b/geraminiatura.php index 1631ecd..b2aaac4 100755 --- a/geraminiatura.php +++ b/geraminiatura.php @@ -82,14 +82,18 @@ if (!function_exists('ms_GetVersion')) else {dl('php_mapscript.so');} } -/* -include($locaplic."/ms_configura.php"); -if(!function_exists("versao")) -{include($locaplic."/classesphp/funcoes_gerais.php");} -require_once($locaplic."/classesphp/pega_variaveis.php"); -include_once ($locaplic."/classesphp/carrega_ext.php"); -*/ + include_once (dirname(__FILE__)."/admin/php/admin.php"); +//verifica se o login pode ser realizado +if(isset($i3geoPermiteLogin) && $i3geoPermiteLogin == false){ + header ( "HTTP/1.1 403 Login desativado" ); + exit (); +} +//$i3geoPermiteLoginIp vem de ms_configura.php +if(isset($i3geoPermiteLoginIp)){ + checaLoginIp($i3geoPermiteLoginIp); +} + $versao = versao(); $versao = $versao["principal"]; // @@ -134,7 +138,7 @@ if($tipo == "mini" || $tipo == "todos" || $tipo == "grande" || $tipo == "") { $arq = str_replace(" ","xxxx",$arq); $temp = explode(".",$arq); - + if(file_exists($locaplic.'/temas/'.$arq) && $temp[(count($temp) - 1)] == "map" && !(strpos($temp[0],"_") === 0) ) { echo "$arq
"; @@ -253,7 +257,7 @@ function verificaMiniatura($map,$tipo,$admin=false) } } } - + zoomTemaMiniatura($pegarext,$mapa); } if($extensao == ".gvp"){ diff --git a/ms_configura.php b/ms_configura.php index 07fe087..fb4eaf4 100755 --- a/ms_configura.php +++ b/ms_configura.php @@ -63,6 +63,29 @@ $i3geomaster = array( array("usuario"=>"admin", "senha"=>"admin") ); /* +Variable: $i3geoPermiteLogin + +Permite ou impede que sejam executadas as funcionalidades que exigem login + +Tipo: +{boolean} +*/ +$i3geoPermiteLogin = true; +/* +Variable: $i3geoPermiteLoginIp + +Lista de IPs que podem fazer login. Valido apenas se $i3geoPermiteLogin for true + +A lista e um array, permitindo a inclusao de varios IPs + +Para nao fazer a verificacao, ou seja, permitir que qualquer IP faca login, deixe essa variavel em branco + +Exemplo de uso: + +$i3geoPermiteLoginIp = array("127.0.0.1","200.200.200.200"); +*/ +$i3geoPermiteLoginIp = array(); +/* Variable: $logTransacoes Define se as transacoes no banco de dados de administracao serao mantidas em uma tabela de logs diff --git a/testainstal/index.php b/testainstal/index.php index 8e992f1..b53af1a 100755 --- a/testainstal/index.php +++ b/testainstal/index.php @@ -32,7 +32,7 @@ include "../init/head.php";
@@ -74,8 +74,15 @@ include "../init/head.php"; */ $locaplic = dirname(dirname(__FILE__)); include_once("../admin/php/admin.php"); - include_once("../ms_configura.php"); - + //verifica se o login pode ser realizado + if(isset($i3geoPermiteLogin) && $i3geoPermiteLogin == false){ + header ( "HTTP/1.1 403 Login desativado" ); + exit (); + } + //$i3geoPermiteLoginIp vem de ms_configura.php + if(isset($i3geoPermiteLoginIp)){ + checaLoginIp($i3geoPermiteLoginIp); + } ?> @@ -221,10 +228,10 @@ HTML; if(!empty($_POST["criaPastaMstmp"]) && $_POST["criaPastaMstmp"] == "on"){ echo "Criando a pasta $dir_tmp"; if(!file_exists($dir_tmp)){ - @mkdir ($dir_tmp,0777); + @mkdir ($dir_tmp,0744); } else{ - chmod($dir_tmp,0777); + chmod($dir_tmp,0744); } if(!file_exists($dir_tmp)){ echo "Arquivo $dir_tmp não pode ser criado"; @@ -243,7 +250,7 @@ HTML; @symlink($dir_tmp,$d); } else{ - chmod($d,0777); + chmod($d,0744); } if(!file_exists($d)){ echo "Link $d não pode ser criado\n"; @@ -258,10 +265,10 @@ HTML; if(!empty($_POST["criaPastaMstmp"]) && $_POST["permPastaI3geo"] == "on"){ echo "Alterando permissões i3geo i3geo/temas i3geo/admin i3geo/admin/admin.db\n"; if(file_exists($locaplic)){ - chmod($locaplic,0777); - chmod($locaplic."/temas",0777); - chmod($locaplic."/admin",0777); - chmod($locaplic."/admin/admin.db",0777); + chmod($locaplic,0744); + chmod($locaplic."/temas",0744); + chmod($locaplic."/admin",0744); + chmod($locaplic."/admin/admin.db",0744); echo "...OK\n"; } } diff --git a/testamapfile.php b/testamapfile.php index e928b80..443e45f 100755 --- a/testamapfile.php +++ b/testamapfile.php @@ -55,9 +55,21 @@ tabela - (opcional) testa a tabela de atributos set_time_limit(300); ini_set('max_execution_time', 300); +include_once (dirname(__FILE__)."/classesphp/sani_request.php"); +$_GET = array_merge($_GET,$_POST); include("ms_configura.php"); +//verifica se o login pode ser realizado +if(isset($i3geoPermiteLogin) && $i3geoPermiteLogin == false){ + header ( "HTTP/1.1 403 Login desativado" ); + exit (); +} include("classesphp/funcoes_gerais.php"); -require_once("classesphp/pega_variaveis.php"); + +//$i3geoPermiteLoginIp vem de ms_configura.php +if(isset($i3geoPermiteLoginIp)){ + checaLoginIp($i3geoPermiteLoginIp); +} + include_once ("classesphp/carrega_ext.php"); // //carrega o phpmapscript @@ -114,9 +126,14 @@ if ($tipo == "") echo $combo."
"; echo '
'; } + +$solegenda = $_GET["solegenda"]; +$iniciar = $_GET["iniciar"]; +$map = $_GET["map"]; + if (isset($map) && $map != "") { - if(!isset($solegenda)){$solegenda = "nao";} + if(!isset($solegenda) || $solegenda == ""){$solegenda = "nao";} if ($map == "todos"){ $tipo = "todos"; $conta = 0; @@ -187,8 +204,6 @@ function verifica($map,$solegenda,$tabela,$cache="sim"){ {$tema = 'temas/'.$map;} if (file_exists('temas/'.$map.'.map')) {$tema = 'temas/'.$map.".map";} - if (file_exists('temas/'.$map.'.php')) - {$tema = 'temas/'.$map.".php";} if (file_exists('temas/'.$map.'.gvp')) {$tema = 'temas/'.$map.".gvp";} } -- libgit2 0.21.2