function _invoice_api_check_allowed_ips in Invoice 7

Check if the request is from an allowed IP addresses

1 call to _invoice_api_check_allowed_ips()

_invoice_api_authenticate in ./invoice_api.inc

Authenticates through basic HTTP authentication

File

./invoice_api.inc, line 131

Code

function _invoice_api_check_allowed_ips() {
  $allowedIps = variable_get('invoice_api_allowed_ips', '');
  if ('' != trim($allowedIps)) {

    // Trim ips
    $ips = explode(',', $allowedIps);
    foreach ($ips as $index => $ip) {
      $ips[$index] = trim($ip);
    }
    if (!in_array($_SERVER['REMOTE_ADDR'], $ips)) {

      // Authentication failed
      _invoice_api_http_response_code(403);
      echo json_encode(array(
        'code' => 403,
        'message' => 'IP address is not allowed',
      ));
      exit;
    }
  }
}