Skip to content

Commit

Permalink
Prevent login by someone from barred IP who has stolen user credentials.
Browse files Browse the repository at this point in the history
  • Loading branch information
@turnermm
turnermm committed Dec 3, 2017
1 parent f4628bb commit 345e848
Showing 1 changed file with 7 additions and 0 deletions.
7 changes: 7 additions & 0 deletions action.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,13 @@ function dw_start(&$event, $param)
header("HTTP/1.0 403 Forbidden");
exit("<div style='text-align:center; padding-top:2em;'><h1>403: Login Forbidden</h1></div>");
}


if( empty($u) && empty($p) && empty($_REQUEST['http_credentials']) && !empty($USERINFO) && !$this->is_allowed($allowed, $ip)){
header("HTTP/1.0 403 Forbidden");
exit("<div style='text-align:center; padding-top:2em;'><h1>403: Login Required</h1></div>");
}

if($test && isset($USERINFO) && in_array('admin', $USERINFO['grps'])) {
$tests = explode(',',$test);
foreach ($tests as $test) {
Expand Down

0 comments on commit 345e848

Please sign in to comment.