mirror/moodle-auth_ip
1
0
Fork 0
mirror of https://github.com/SREd-URV/moodle-auth_ip.git synced 2026-05-16 21:41:30 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #3 from robertboloc/patch-1

Browse Source 
Filter $_SERVER input
This commit is contained in:
jpahullo
2014-03-27 17:31:02 +01:00
parent 1db6929429 f15b1c6ce5
commit e9e6b9cb3b
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
auth.php
View File

@@ -59,7 +59,8 @@ class auth_plugin_ip extends auth_plugin_base {
if (($user = $DB->get_record('user', array('username'=>$username, 'mnethostid'=>$CFG->mnet_localhost_id)))) {
$valid_ips = explode(',', $this->config->valid_ips);
//check if IP is one of the restricted ones.
if (isset($_SERVER['REMOTE_ADDR']) && in_array($_SERVER['REMOTE_ADDR'], $valid_ips)) {
$remote_addr = filter_input(INPUT_SERVER, 'REMOTE_ADDR');
if (isset($remote_addr) && in_array($remote_addr, $valid_ips)) {
return validate_internal_user_password($user, $password);
} else {
return false;