Added AllowAccessFromWebToFollowingIPAddresses parameter

diff --git a/wwwroot/cgi-bin/awstats.model.conf b/wwwroot/cgi-bin/awstats.model.conf
index 9d7aac01d2d0074a947128eea0794817ace8499f..beb76cadf19f26584a62c4e31c52143ee4efd9b1 100644 (file)
--- a/wwwroot/cgi-bin/awstats.model.conf
+++ b/wwwroot/cgi-bin/awstats.model.conf
@@ -251,6 +251,15 @@ AllowAccessFromWebToAuthenticatedUsersOnly=0
 AllowAccessFromWebToFollowingAuthenticatedUsers=""
 
 
+# When this parameter is define to something, the IP address of the user that
+# read its statistics from a browser (when AWStats is used as a CGI) is
+# checked and must match the IP address range defined by this parameter.
+# Example: "123.123.123.10-123.123.123.255"
+# Default: ""
+#
+AllowAccessFromWebToFollowingIPAddresses=""
+
+
 # If the "DirData" directory (see above) does not exists, AWStats return an
 # error. However, you can ask AWStats to create it.
 # This option can be used by some Web Hosting Providers that has defined a 

diff --git a/wwwroot/cgi-bin/awstats.pl b/wwwroot/cgi-bin/awstats.pl
index fc66377e1e0711c26588064a874d27d31aedd17e..4b5e3d51908e98deb5505e59e813db9d1d74a804 100644 (file)
--- a/wwwroot/cgi-bin/awstats.pl
+++ b/wwwroot/cgi-bin/awstats.pl
@@ -152,13 +152,13 @@ $LevelForSearchEnginesDetection, $LevelForKeywordsDetection)=
 (2,1,1,1,1,1);
 use vars qw/
 $DirLock $DirCgi $DirData $DirIcons $DirLang $AWScript $ArchiveFileName
-$HTMLHeadSection $HTMLEndSection $LinksToWhoIs
+$AllowAccessFromWebToFollowingIPAddresses $HTMLHeadSection $HTMLEndSection $LinksToWhoIs
 $LogFile $LogFormat $LogSeparator $Logo $LogoLink $StyleSheet $WrapperScript $SiteDomain
 /;
 ($DirLock, $DirCgi, $DirData, $DirIcons, $DirLang, $AWScript, $ArchiveFileName,
-$HTMLHeadSection, $HTMLEndSection, $LinksToWhoIs,
+$AllowAccessFromWebToFollowingIPAddresses, $HTMLHeadSection, $HTMLEndSection, $LinksToWhoIs,
 $LogFile, $LogFormat, $LogSeparator, $Logo, $LogoLink, $StyleSheet, $WrapperScript, $SiteDomain)=
-("","","","","","","","","","","","","","","","","","");
+("","","","","","","","","","","","","","","","","","","");
 use vars qw/
 $color_Background $color_TableBG $color_TableBGRowTitle
 $color_TableBGTitle $color_TableBorder $color_TableRowTitle $color_TableTitle
@@ -823,6 +823,7 @@ sub Read_Config {
                        foreach my $elem (split(/\s+/,$value))    { push @AllowAccessFromWebToFollowingAuthenticatedUsers,$elem; }
                        next;
                        }
+               if ($param =~ /^AllowAccessFromWebToFollowingIPAddresses/)              { $AllowAccessFromWebToFollowingIPAddresses=$value; next; }
                if ($param =~ /^CreateDirDataIfNotExists/)   { $CreateDirDataIfNotExists=$value; next; }
                if ($param =~ /^SaveDatabaseFilesWithPermissionsForEveryone/)   { $SaveDatabaseFilesWithPermissionsForEveryone=$value; next; }
                if ($param =~ /^PurgeLogFile/)          { $PurgeLogFile=$value; next; }
@@ -3407,6 +3408,21 @@ sub SigHandler {
        sleep 10;
 }
 
+#--------------------------------------------------------------------
+# Function:     Convert an IPAddress into an integer
+# Parameters:   IPAddress
+# Input:        None
+# Output:       None
+# Return:       Int
+#--------------------------------------------------------------------
+sub Convert_IP_To_Decimal()
+{
+       my ($IPAddress) = @_;
+       my @ip_seg_arr = split(/\./,$IPAddress);
+       my $decimal_ip_address = 256 * 256 *256 * $ip_seg_arr[0] + 256 * 256 * $ip_seg_arr[1] + 256 * $ip_seg_arr[2] + $ip_seg_arr[3];
+       return($decimal_ip_address);
+}
+
 
 #--------------------------------------------------------------------
 # MAIN
@@ -3674,6 +3690,17 @@ if ($AllowAccessFromWebToAuthenticatedUsersOnly && $ENV{"GATEWAY_INTERFACE"}) {
                }
        }
 }
+if ($AllowAccessFromWebToFollowingIPAddresses && $ENV{"GATEWAY_INTERFACE"}) {
+       if ($AllowAccessFromWebToFollowingIPAddresses   !~ /^(\d+\.\d+\.\d+\.\d+)-(\d+\.\d+\.\d+\.\d+)$/) {
+               error("Error: AllowAccessFromWebToFollowingIPAddresses is defined to '$AllowAccessFromWebToFollowingIPAddresses' but does not match the correct syntax: IPAddressMin-IPAddressMax");
+       }
+       my $ipmin=&Convert_IP_To_Decimal($1);
+       my $ipmax=&Convert_IP_To_Decimal($2);
+       my $useripaddress=&Convert_IP_To_Decimal($ENV{"REMOTE_ADDR"});
+       if ($useripaddress < $ipmin || $useripaddress > $ipmax) {
+               error("Error: Access to statistics is not allowed from your IP Address ".$ENV{"REMOTE_ADDR"});
+       }
+}
 if ($UpdateStats && (! $AllowToUpdateStatsFromBrowser) && $ENV{"GATEWAY_INTERFACE"}) {
        error("Error: Update of statistics is not allowed from a browser.");
 }