function _restrict_by_ip_login in Restrict Login or Role Access by IP Address 7.3

Same name and namespace in other branches

1. 6.3 restrict_by_ip.module \_restrict_by_ip_login()
2. 6.2 restrict_by_ip.module \_restrict_by_ip_login()

Login function Checks the user's ip address on login If they are not restricted, or logging in from the appropriate address allow logon to continue. If not redirect to a designated page

2 calls to _restrict_by_ip_login()

restrict_by_ip_init in ./restrict_by_ip.module

Implmentation of hook_init().

restrict_by_ip_user_login in ./restrict_by_ip.module

Implementation of hook_user_login().

File

./restrict_by_ip.module, line 464

Allows the admin to select which ip addresses role or a user can login from for this site Some of the code below is taken from the cck_ipaddress_module

Code

function _restrict_by_ip_login(&$user) {
  if ($user->uid != 0) {
    $ip2check = _restrict_by_ip_get_ip();

    // Check for global login IP restrictions and validate against
    $global_data = variable_get('restrict_by_ip_login_range', '');
    if (strlen($global_data) > 0) {
      $valid = FALSE;
      $ipaddresses = explode(';', $global_data);
      if (is_array($ipaddresses)) {
        foreach ($ipaddresses as $ipaddress) {
          if (_restrict_by_ip_cidrcheck($ip2check, $ipaddress)) {
            $valid = TRUE;
          }
        }
      }
      if (!$valid) {

        // Log the error with the ip address
        watchdog('user', t('Session closed for %name - Invalid IP. ' . $ip2check, array(
          '%name' => $user->name,
        )));

        // Destroy the current session
        session_destroy();
        module_invoke_all('user', 'logout', NULL, $user);

        // Load the anonymous user
        $user = drupal_anonymous_user();

        // unset destination required to force them to the ip page during drupal_goto()
        if (isset($_GET['destination'])) {
          unset($_GET['destination']);
        }

        // Goto the page detailed in the site configuration - restrict by ip - settings page
        drupal_goto(variable_get('restrict_by_ip_error_page', ''));
      }
    }

    // Check for individual user IP restrictions and validate against them
    $usrdata = db_query('SELECT * FROM {restrict_by_ip} WHERE uid = :uid', array(
      ':uid' => $user->uid,
    ))
      ->fetchObject();
    $logonvalid = FALSE;

    // If the user has restrict by ip address set
    if ($usrdata) {
      $ipaddresses = explode(";", $usrdata->restrict_by_ip_address);

      // Check each valid ip address in database against users ip address
      // If one matches allow logon
      foreach ($ipaddresses as $ipaddress) {
        if (_restrict_by_ip_cidrcheck($ip2check, $ipaddress)) {
          $logonvalid = TRUE;
        }
      }

      // Restrict by ip address is set and no addresses match users ip address
      if (!$logonvalid) {

        // Log the error with the ip address
        watchdog('user', t('Session closed for %name - Invalid IP. ' . $ip2check, array(
          '%name' => $user->name,
        )));

        // Destroy the current session
        session_destroy();
        module_invoke_all('user', 'logout', NULL, $user);

        // Load the anonymous user
        $user = drupal_anonymous_user();

        // unset destination required to force them to the ip page during drupal_goto()
        if (isset($_GET['destination'])) {
          unset($_GET['destination']);
        }

        // Goto the page detailed in the site configuration - restrict by ip - settings page
        drupal_goto(variable_get('restrict_by_ip_error_page', ''));
      }
    }
  }
}