ips = $ips; $this->forwardedFor = $forwardedFor; } public function authenticate($username, $password) { foreach ($this->ips as $ip) { if (strncasecmp($_SERVER["REMOTE_ADDR"], $ip, strlen($ip)) != 0) { continue; } if (!$this->forwardedFor) { return null; } $header = isset($_SERVER["HTTP_X_FORWARDED_FOR"]) ? $_SERVER["HTTP_X_FORWARDED_FOR"] : null; if (!$header) { continue; } $header = preg_replace('~.*, *~', "", $header); foreach ($this->forwardedFor as $forwardedFor) { if (strncasecmp($header, $forwardedFor, strlen($forwardedFor)) == 0) { return null; } } } return lang('Access denied.'); } }