function warden_access_callback in Warden 6
Same name and namespace in other branches
- 7 warden.module \warden_access_callback()
Access callback: Check authorized IP.
See also
1 string reference to 'warden_access_callback'
- warden_menu in ./
warden.module - Implements hook_menu().
File
- ./
warden.module, line 62 - Drupal system status
Code
function warden_access_callback() {
$allow_requests = variable_get('warden_allow_requests', FALSE);
if (empty($allow_requests)) {
watchdog('warden', 'Update request denied: warden_allow_requests is set to FALSE', array(), WATCHDOG_WARNING);
return FALSE;
}
if (empty($_POST) || empty($_POST['token'])) {
watchdog('warden', 'Update request denied: request body is empty or missing the security token', array(), WATCHDOG_WARNING);
return FALSE;
}
if (!warden_get_api()
->isValidWardenToken($_POST['token'], time())) {
watchdog('warden', 'Update request denied: Failed to validate security token in request at timestamp @time', array(
'@time' => time(),
), WATCHDOG_WARNING);
return FALSE;
}
$allowed_ips = variable_get('warden_public_allow_ips', '127.0.0.1,::1');
if (!empty($allowed_ips)) {
$ip_address = ip_address();
$allowed_ips = explode(',', variable_get('warden_public_allow_ips', '127.0.0.1,::1'));
foreach ($allowed_ips as &$address) {
if ($ip_address === $address) {
return TRUE;
}
}
// No IP addresses match.
watchdog('warden', 'Update request denied: The requesting IP is not in the warden_public_allow_ips whitelist - @ip', array(
'@ip' => $ip_address,
), WATCHDOG_WARNING);
return FALSE;
}
return TRUE;
}