webinno/filesharing
1
0
Fork 0
mirror of https://github.com/axeloz/filesharing.git synced 2025-05-06 18:13:55 +02:00
Code Issues Projects Releases Wiki Activity

Adding IP filtering

Browse source
This commit is contained in:
Axel 2017-07-20 16:03:58 +02:00
parent e148598f8c
commit 983166742f
7 changed files with 142 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

89
app/Helpers/Upload.php
View file

@ -47,7 +47,6 @@ class Upload {
} }
} }
public static function fileMaxSize($human = false) { public static function fileMaxSize($human = false) {
$values = [ $values = [
'post' => ini_get('post_max_size'), 'post' => ini_get('post_max_size'),
@ -71,4 +70,92 @@ class Upload {
} }
return $min; return $min;
} }
public static function canUpload($current_ip) {
// Getting the IP limit configuration
$ips = config('sharing.upload_ip_limit');
// If set and not empty, checking client's IP
if (! empty($ips) && count($ips) > 0) {
$valid = false;
foreach ($ips as $ip) {
// Client's IP appears in the whitelist
if (self::isValidIp($current_ip, $ip)) {
$valid = true;
break;
}
}
// Client's IP is not allowed
if ($valid === false) {
return false;
}
}
return true;
}
public static function isValidIp($ip, $range) {
// Range is in CIDR format
if (strpos($range, '/') !== false) {
list($range, $netmask) = explode('/', $range, 2);
// Netmask is a 255.255.0.0 format
if (strpos($netmask, '.') !== false) {
$netmask = str_replace('*', '0', $netmask);
$netmask_dec = ip2long($netmask);
return ( (ip2long($ip) & $netmask_dec) == (ip2long($range) & $netmask_dec) );
}
// Netmask is a CIDR size block
else {
// fix the range argument
$x = explode('.', $range);
while(count($x) < 4) {
$x[] = 0;
}
list($a, $b, $c, $d) = $x;
$range = sprintf("%u.%u.%u.%u", empty($a)?'0':$a, empty($b)?'0':$b,empty($c)?'0':$c,empty($d)?'0':$d);
$range_dec = ip2long($range);
$ip_dec = ip2long($ip);
$wildcard_dec = pow(2, (32-$netmask)) - 1;
$netmask_dec = ~ $wildcard_dec;
return (($ip_dec & $netmask_dec) == ($range_dec & $netmask_dec));
}
}
// Range might be 255.255.*.* or 1.2.3.0-1.2.3.255
elseif (strpos($range, '*') !== false || strpos($range, '-') !== false) {
// a.b.*.* format
if (strpos($range, '*') !== false) {
// Just convert to A-B format by setting * to 0 for A and 255 for B
$lower = str_replace('*', '0', $range);
$upper = str_replace('*', '255', $range);
$range = "$lower-$upper";
}
// A-B format
if (strpos($range, '-') !== false) {
list($lower, $upper) = explode('-', $range, 2);
$lower_dec = (float)sprintf("%u",ip2long($lower));
$upper_dec = (float)sprintf("%u",ip2long($upper));
$ip_dec = (float)sprintf("%u",ip2long($ip));
return ( ($ip_dec>=$lower_dec) && ($ip_dec<=$upper_dec) );
}
return false;
}
// Full IP format 192.168.10.10
else {
return ($ip == $range);
}
return false;
}
} }

4
app/Http/Middleware/UploadAccess.php
View file

@ -3,6 +3,7 @@
namespace app\Http\Middleware; namespace app\Http\Middleware;
use Closure; use Closure;
use Upload;
class UploadAccess class UploadAccess
{ {
@ -15,6 +16,9 @@ class UploadAccess
*/ */
public function handle($request, Closure $next) public function handle($request, Closure $next)
{ {
if (Upload::canUpload($request->ip()) !== true) {
return redirect()->route('homepage');
}
return $next($request); return $next($request);
} }
} }

12
config/sharing.php
View file

@ -5,5 +5,17 @@ return [
'max_filesize' => env('UPLOAD_MAX_FILESIZE', '5M'), 'max_filesize' => env('UPLOAD_MAX_FILESIZE', '5M'),
'max_files' => env('UPLOAD_MAX_FILES', 100), 'max_files' => env('UPLOAD_MAX_FILES', 100),
/**
** IP v4 access limitations
** Acceptable formats :
** 1. Full IP address (192.168.10.2)
** 2. Wildcard format (192.168.10.*)
** 3. CIDR Format (192.168.10/24) OR 1.2.3.4/255.255.255.0
** 4. Start-end IP (192.168.10.0-192.168.10.10)
*/
'upload_ip_limit' => [
'127.0.0.1'
]
]; ];

9
resources/lang/en/app.php
View file

@ -21,6 +21,13 @@ return [
'you-can-add-files' => 'You may keep adding files if you want to.', 'you-can-add-files' => 'You may keep adding files if you want to.',
'error-title' => 'An error has occurred', 'error-title' => 'An error has occurred',
'files-count-limit' => 'Max number of files reached', 'files-count-limit' => 'Max number of files reached',
'file-too-big' => 'This file is too big (size : {{filesize}}MB, limit : {{maxFilesize}}MB)' 'file-too-big' => 'This file is too big (size : {{filesize}}MB, limit : {{maxFilesize}}MB)',
'cannot-upload' => 'Téléversement impossible',
'cannot-upload-blocked-ip' => 'You haven\'t been granted permission to upload on this application',
'upload-permission-required' => 'Permission required for upload',
'cannot-upload-no-password' => 'You must provide a valid password in order to upload on this application',
'password' => 'Password: ',
'upload-disabled' => 'Upload is disabled on this application',
'start-new-upload' => 'Click here to start a new upload'
]; ];

10
resources/lang/fr/app.php
View file

@ -21,6 +21,12 @@ return [
'you-can-add-files' => 'Vous pouvez continuer d\'ajouter autant de fichiers que vous le souhaitez.', 'you-can-add-files' => 'Vous pouvez continuer d\'ajouter autant de fichiers que vous le souhaitez.',
'error-title' => 'Une erreur est survenue', 'error-title' => 'Une erreur est survenue',
'files-count-limit' => 'Nombre maximal de fichiers atteint', 'files-count-limit' => 'Nombre maximal de fichiers atteint',
'file-too-big' => 'Le fichier est trop gros (poids : {{filesize}}MB, limite : {{maxFilesize}}MB)' 'file-too-big' => 'Le fichier est trop gros (poids : {{filesize}}MB, limite : {{maxFilesize}}MB)',
'cannot-upload' => 'Téléversement impossible',
'cannot-upload-blocked-ip' => 'L\'administrateur de cette application ne vous autorise pas à téléverser.',
'upload-permission-required' => 'Autorisation requise pour téléverser',
'cannot-upload-no-password' => 'Vous devez saisir un mot de passe pour pouvoir téléverser sur cette application',
'password' => 'Mot de passe : ',
'upload-disabled' => 'Le téléversement est désactivé sur cette application',
'start-new-upload' => 'Cliquez ici pour démarrer un nouveau téléversement'
]; ];

8
resources/views/cannotupload.blade.php Normal file
View file

@ -0,0 +1,8 @@
@extends('master')
@section('page', 'home')
@section('content')
<h1>@lang('app.cannot-upload')</h1>
@lang('app.cannot-upload-blocked-ip')
@endsection

15
routes/web.php
View file

@ -1,5 +1,7 @@
<?php <?php
use Illuminate\Http\Request;
/* /*
|-------------------------------------------------------------------------- |--------------------------------------------------------------------------
| Application Routes | Application Routes
@ -11,9 +13,18 @@
| |
*/ */
Route::get('/', function() { Route::get('/', function(Request $request) {
if (Upload::canUpload($request->ip()) !== true) {
return view('cannotupload', [
'u' => $request->get('u')
]);
}
else {
return redirect()->route('upload.create'); return redirect()->route('upload.create');
}); }
})->name('homepage');
Route::prefix('upload')->middleware(['web', 'upload'])->group(function() { Route::prefix('upload')->middleware(['web', 'upload'])->group(function() {
Route::get('/', [ Route::get('/', [