Changeset 1076

Timestamp:

Dec 7, 2006, 8:59:40 PM (16 years ago)

Author:

takanashi

Message:

#314 管理画面からのCMDの使用・未使用の選択機能

Location:

OpenPNE/trunk

Files:

• setup/sql/update/061201_insert_c_api.sql (copied) (copied from OpenPNE/branches/takanashi/prj_takanashi2/setup/sql/update/061201_insert_c_api.sql)
• setup/sql/update/update06-for2.5.6_create_table_c_api.sql (added)
• setup/sql/update/update07-for2.5.6_insert_c_api.sql (added)
• webapp/lib/db/api.php (modified) (2 diffs)
• webapp/modules/admin/do/update_c_api.php (copied) (copied from OpenPNE/branches/takanashi/prj_takanashi2/webapp/modules/admin/do/update_c_api.php)
• webapp/modules/admin/lib/db_admin.php (modified) (1 diff)
• webapp/modules/admin/lib/etc_admin.php (modified) (2 diffs)
• webapp/modules/admin/page/list_c_api.php (copied) (copied from OpenPNE/branches/takanashi/prj_takanashi2/webapp/modules/admin/page/list_c_api.php)
• webapp/modules/admin/templates/inc_header.tpl (modified) (1 diff)
• webapp/modules/admin/templates/list_c_api.tpl (copied) (copied from OpenPNE/branches/takanashi/prj_takanashi2/webapp/modules/admin/templates/list_c_api.tpl)
• webapp/modules/admin/validate/do/update_c_api.ini (copied) (copied from OpenPNE/branches/takanashi/prj_takanashi2/webapp/modules/admin/validate/do/update_c_api.ini)
• webapp/modules/admin/validate/page/list_c_api.ini (copied) (copied from OpenPNE/branches/takanashi/prj_takanashi2/webapp/modules/admin/validate/page/list_c_api.ini)
• webapp/modules/api/auth.inc (modified) (1 diff)
• webapp/modules/api/do/xmlrpc.php (modified) (1 diff)
• webapp/modules/api/lib/xmlrpc/deny.php (copied) (copied from OpenPNE/branches/takanashi/prj_takanashi2/webapp/modules/api/lib/xmlrpc/deny.php)

OpenPNE/trunk/webapp/lib/db/api.php

@@ -15 +15 @@
     }
 }
-
-?>
-<?php
-/**
- * @copyright 2005-2006 OpenPNE Project
- * @license   http://www.php.net/license/3_01.txt PHP License 3.01
- */
 
 function db_api_insert_token($c_member_id, $token = '')
@@ -64 +57 @@
 }
 
+
+//API‚ðˆê‚Ž擾
+function db_api_get_c_api_one($name)
+{
+    $sql = 'SELECT * FROM c_api WHERE name = ?';
+    $params = array(strval($name));
+
+    return db_get_row($sql, $params);
+}
+
+//API‚ª‹–‰Â‚µ‚Ä‚¢‚éIP‚©‚Ç‚¤‚©ƒ`ƒFƒbƒN‚·‚é
+function db_api_check_ip($name, $ip)
+{
+    $api = db_api_get_c_api_one($name);
+    if ($api['ip'] == '*' || $api['ip'] == $ip) {
+        return true;
+    } else {
+        return false;
+    }
+}
+
+
+
 ?>

OpenPNE/trunk/webapp/modules/admin/lib/db_admin.php

@@ -1857 +1857 @@
 }
 
+//APIを全て取得(ページャー付き)
+function db_admin_get_c_api_all($page, $page_size, &$pager)
+{
+    $sql = 'SELECT * FROM c_api ORDER BY c_api_id';
+
+    $list = db_get_all_page($sql, $page, $page_size, $params);
+
+    $sql = 'SELECT count(*) FROM c_api';
+    $total_num = db_get_one($sql, $params);
+    $pager = admin_make_pager($page, $page_size, $total_num);
+
+    return $list;
+}
+
+//APIを編集
+function db_admin_update_c_api($c_api_id, $name, $ip)
+{
+    $data = array(
+        'name' => strval($name),
+        'ip' => strval($ip),
+    );
+    $where = array('c_api_id' => intval($c_api_id));
+    return db_update('c_api', $data, $where);
+}
+
 ?>

OpenPNE/trunk/webapp/modules/admin/lib/etc_admin.php

@@ -34 +34 @@
 function admin_make_pager($page, $page_size, $total_num)
 {
+    if ($total_num == 0) {
+        return;
+    }
     $pager = array(
         'page' => $page,
@@ -114 +117 @@
 }
 
+//IPアドレスとして正しいか
+//例：XXX.XXX.XXX.XXX
+function admin_is_ip($ip)
+{
+    return preg_match('/^([0-9]{1,3}\.){3}[0-9]{1,3}$/',$ip);
+}
+
+//APIを許容するIPアドレスとして正しいか
+//XXX.XXX.XXX.XXX or *(アスタリスク) or 空
+function admin_api_is_ip($ip)
+{
+    if (!$ip || $ip == '*') {
+        return true;
+    } else {
+        return admin_is_ip($ip);
+    }
+}
+
 ?>

OpenPNE/trunk/webapp/modules/admin/templates/inc_header.tpl

@@ -69 +69 @@
 <li><a href="?m=({$module_name})&amp;a=page_({$hash_tbl->hash('edit_c_banner')})" title="バナー管理: トップバナー、サイドバナー追加、任意HTML挿入">バナー管理</a></li>
 <li><a href="?m=({$module_name})&amp;a=page_({$hash_tbl->hash('limit_domain')})" title="ドメイン制限: ドメイン制限追加、編集、削除">ドメイン制限</a></li>
+<li><a href="?m=({$module_name})&amp;a=page_({$hash_tbl->hash('list_c_api')})" title="OpenPNE API設定: API通信を許可するIPアドレスの設定">OpenPNE API設定</a></li>
+<li><a href="?m=({$module_name})&amp;a=page_({$hash_tbl->hash('list_c_cmd')})" title="CMD設定: CMDを許可するページの設定">CMD設定</a></li>
 </ul>
 

OpenPNE/trunk/webapp/modules/api/auth.inc

@@ -5 +5 @@
  */
 
-// IP制限
-if (!in_array('any', (array)$GLOBALS['_OPENPNE_API_IP_LIST'])) {
-    $ip = $_SERVER[SERVER_IP_KEY];
-    if (!in_array($ip, (array)$GLOBALS['_OPENPNE_API_IP_LIST'])) {
-        exit('Access Denied');
-    }
-}
+
 
 ?>

OpenPNE/trunk/webapp/modules/api/do/xmlrpc.php

@@ -27 +27 @@
                     include_once realpath("$dir/$file");
                     $name = substr($file, 0, -4);
-                    $dispMap[$name] = array('function' => 'xmlrpc_' . $name);
+                    if (db_api_check_ip($name,$_SERVER[SERVER_IP_KEY])) {
+                        $dispMap[$name] = array('function' => 'xmlrpc_' . $name);
+                    } else {
+                        $dispMap[$name] = array('function' => 'xmlrpc_deny');
+                    }
                 }
                 closedir($dh);