git.shiar.nl / minimedit.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3f78a38)
edit: emulate ip authentication in php footer
authorMischa POSLAWSKY <perl@shiar.org>
Mon, 10 Jul 2017 01:36:40 +0000 (03:36 +0200)
committerMischa POSLAWSKY <perl@shiar.org>
Mon, 10 Jul 2017 03:11:37 +0000 (05:11 +0200)
Equivalent to .htaccess rules for SSI foot.inc.html.

foot.inc.php patch | blob | history

diff --git a/foot.inc.php b/foot.inc.php
index d2ba8267f89759a85582d76d6b89fbc951682aaf..799fb133ed688cce2dc91c77f921ebeb25ffb9ef 100755 (executable)
--- a/foot.inc.php
+++ b/foot.inc.php
@@ -1,18 +1,13 @@
 </div>
 <hr class="footer" />
 <?php
-if (($notfound = $_SERVER['SCRIPT_NAME'] == '/404.php')) {
-       echo <<<'EOT'
-<script>
-var pagebody = document.getElementsByClassName('article')[0];
-pagebody.innerHTML = '<h2>Nieuwe pagina</h2><p>&nbsp;</p>';
-</script>
-EOT;
-}
-
 define('N', "\n");
 
-$editable = FALSE; // "Beheer toegestaan voor {$_SERVER['REMOTE_ADDR']}:";
+$ALLOWED = [
+       '127.0.0.1',
+];
+$editable = in_array($_SERVER['REMOTE_ADDR'], $ALLOWED) ?
+       $_SERVER['REMOTE_ADDR'] : FALSE;
 
 $curfile = ltrim($_SERVER['SCRIPT_NAME'], '/');
 if (is_executable(__DIR__ . '/' . $curfile)) {
@@ -21,11 +16,23 @@ if (is_executable(__DIR__ . '/' . $curfile)) {
 }
 
 if ($editable) {
+       $edit = preg_match('/[?]edit$/', $_SERVER['REQUEST_URI']);
+
+       if ($edit) {
+               echo '<script src="/ckeditor/ckeditor.js"></script>'.N;
+               echo '<script src="/edit.js"></script>'.N;
+               if (($notfound = $_SERVER['SCRIPT_NAME'] == '/404.php')) {
+                       echo <<<'EOT'
+<script>
+var pagebody = document.getElementsByClassName('article')[0];
+pagebody.innerHTML = '<h2>Nieuwe pagina</h2><p>&nbsp;</p>';
+</script>
+EOT;
+               }
+       }
+
        echo '<p class="footer">'.N;
-       echo $editable.N;
-       echo '<script src="/ckeditor/ckeditor.js"></script>'.N;
-       echo '<script src="/edit.js"></script>'.N;
-       $edit = array_key_exists($_GET['edit']);
+       echo "Beheer toegestaan voor $editable:".N;
        printf('<a href="?%s">%s</a>'.N,
                $edit ? '' : 'edit',
                $edit ? 'lezen' : ($notfound ? 'aanmaken' : 'aanpassen')
MinimEdit - databaseless cms with only a bit of php