ET_IpSecurity - Version 2.2.0

Version Notes

stable release

Download this release

Release Info

Developer Jurij
Extension ET_IpSecurity
Version 2.2.0
Comparing to
See all releases


Code changes from version 2.1.2 to 2.2.0

Files changed (44) hide show
  1. app/code/community/ET/IpSecurity/Block/Adminhtml/GetIpInfo.php +51 -41
  2. app/code/community/ET/IpSecurity/Block/Adminhtml/Log.php +10 -1
  3. app/code/community/ET/IpSecurity/Block/Adminhtml/Log/Grid.php +31 -7
  4. app/code/community/ET/IpSecurity/Block/Adminhtml/Log/Renderer/Translaterule.php +26 -2
  5. app/code/community/ET/IpSecurity/Block/Adminhtml/Support.php +47 -48
  6. app/code/community/ET/IpSecurity/Block/Adminhtml/System/Config/Form/Field/Admin/Link.php +47 -0
  7. app/code/community/ET/IpSecurity/Block/Adminhtml/System/Config/Form/Field/Link.php +44 -0
  8. app/code/community/ET/IpSecurity/Block/Adminhtml/System/Config/Form/Field/Token/Button.php +100 -0
  9. app/code/community/ET/IpSecurity/Block/Adminhtml/System/Config/Form/Field/Token/Update/Date.php +42 -0
  10. app/code/community/ET/IpSecurity/Block/Adminhtml/Token/Log.php +41 -0
  11. app/code/community/ET/IpSecurity/Block/Adminhtml/Token/Log/Grid.php +103 -0
  12. app/code/community/ET/IpSecurity/Helper/Data.php +442 -39
  13. app/code/community/ET/IpSecurity/Model/IpVariable.php +77 -64
  14. app/code/community/ET/IpSecurity/Model/Ipsecuritylog.php +6 -0
  15. app/code/community/ET/IpSecurity/Model/Iptokenlog.php +33 -0
  16. app/code/community/ET/IpSecurity/Model/Mysql4/Ipsecuritylog.php +6 -0
  17. app/code/community/ET/IpSecurity/Model/Mysql4/Ipsecuritylog/Collection.php +6 -0
  18. app/code/community/ET/IpSecurity/Model/Mysql4/Iptokenlog.php +33 -0
  19. app/code/community/ET/IpSecurity/Model/Mysql4/Iptokenlog/Collection.php +33 -0
  20. app/code/community/ET/IpSecurity/Model/Observer.php +906 -606
  21. app/code/community/ET/IpSecurity/Model/System/Config/Source/Cookie/Expire.php +62 -0
  22. app/code/community/ET/IpSecurity/Model/System/Config/Source/Token/Expire.php +88 -0
  23. app/code/community/ET/IpSecurity/Test/Model/Observer.php +3 -0
  24. app/code/community/ET/IpSecurity/controllers/Adminhtml/Etipsecurity/LogController.php +42 -3
  25. app/code/community/ET/IpSecurity/controllers/Adminhtml/Etipsecurity/Token/LogController.php +47 -0
  26. app/code/community/ET/IpSecurity/controllers/Adminhtml/Etipsecurity/TokenController.php +92 -0
  27. app/code/community/ET/IpSecurity/etc/config.xml +397 -313
  28. app/code/community/ET/IpSecurity/etc/system.xml +528 -299
  29. app/code/community/ET/IpSecurity/sql/ipsecurity_setup/mysql4-install-1.5.php +1 -1
  30. app/code/community/ET/IpSecurity/sql/ipsecurity_setup/mysql4-upgrade-1.5.3-2.0.0.php +1 -1
  31. app/code/community/ET/IpSecurity/sql/ipsecurity_setup/mysql4-upgrade-2.1.4-2.1.5.php +45 -0
  32. app/design/adminhtml/default/default/layout/et_ipsecurity.xml +19 -0
  33. app/design/adminhtml/default/default/template/et_ipsecurity/admin_config_generation_button.phtml +89 -0
  34. app/design/adminhtml/default/default/template/et_ipsecurity/tokenlog-grid-comment.phtml +58 -0
  35. app/locale/en_US/template/email/et_ipsecurity.html +6 -6
  36. app/locale/en_US/template/email/et_ipsecurity_admin.html +6 -6
  37. app/locale/en_US/template/email/et_ipsecurity_ipsecuritytoken.html +9 -0
  38. app/locale/en_US/template/email/et_ipsecurity_ipsecuritytoken_fail.html +15 -0
  39. app/locale/ru_RU/ET_IpSecurity.csv +65 -13
  40. app/locale/ru_RU/template/email/et_ipsecurity.html +6 -6
  41. app/locale/ru_RU/template/email/et_ipsecurity_admin.html +6 -6
  42. app/locale/ru_RU/template/email/et_ipsecurity_ipsecuritytoken.html +9 -0
  43. app/locale/ru_RU/template/email/et_ipsecurity_ipsecuritytoken_fail.html +16 -0
  44. package.xml +6 -6
app/code/community/ET/IpSecurity/Block/Adminhtml/GetIpInfo.php CHANGED
@@ -1,42 +1,52 @@
1
- <?php
2
- /**
3
- * NOTICE OF LICENSE
4
- *
5
- * You may not sell, sub-license, rent or lease
6
- * any portion of the Software or Documentation to anyone.
7
- *
8
- * DISCLAIMER
9
- *
10
- * Do not edit or add to this file if you wish to upgrade to newer
11
- * versions in the future.
12
- *
13
- * @category ET
14
- * @package ET_IpSecurity
15
- * @copyright Copyright (c) 2014 ET Web Solutions (http://etwebsolutions.com)
16
- * @contacts support@etwebsolutions.com
17
- * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
- */
19
-
20
- class ET_IpSecurity_Block_Adminhtml_GetIpInfo extends Mage_Adminhtml_Block_System_Config_Form_Field
21
- {
22
- /**
23
- * @param Varien_Data_Form_Element_Abstract $element
24
- * @return string
25
- * shows in admin panel which ip address returns each method
26
- */
27
- protected function _getElementHtml(Varien_Data_Form_Element_Abstract $element)
28
- {
29
- $helper = Mage::helper('etipsecurity');
30
- $result = $helper->__('Below is a list of standard variables where the server can '
31
- . 'store the IP address of the visitor, and what each of these variables contains on your server:<br><br>');
32
- $ip = '';
33
- $getIpMethodArray = Mage::getModel('etipsecurity/ipVariable')->getOptionArray();
34
- foreach ($getIpMethodArray as $key=>$value) {
35
- $ip = (isset($_SERVER[$value])) ? $_SERVER[$value] : $helper->__('Nothing');
36
- $result .= ' <b>' . $key . '</b> ' .
37
- $helper->__('returns') .
38
- '<b> ' . $ip . '</b><br>';
39
- }
40
- return $result;
41
- }
 
 
 
 
 
 
 
 
 
 
42
  }
1
+ <?php
2
+ /**
3
+ * NOTICE OF LICENSE
4
+ *
5
+ * You may not sell, sub-license, rent or lease
6
+ * any portion of the Software or Documentation to anyone.
7
+ *
8
+ * DISCLAIMER
9
+ *
10
+ * Do not edit or add to this file if you wish to upgrade to newer
11
+ * versions in the future.
12
+ *
13
+ * @category ET
14
+ * @package ET_IpSecurity
15
+ * @copyright Copyright (c) 2014 ET Web Solutions (http://etwebsolutions.com)
16
+ * @contacts support@etwebsolutions.com
17
+ * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
+ */
19
+
20
+ /**
21
+ * Class ET_IpSecurity_Block_Adminhtml_GetIpInfo
22
+ */
23
+ class ET_IpSecurity_Block_Adminhtml_GetIpInfo extends Mage_Adminhtml_Block_System_Config_Form_Field
24
+ {
25
+ /**
26
+ * Shows in admin panel which ip address returns each method
27
+ *
28
+ * @param Varien_Data_Form_Element_Abstract $element
29
+ * @return string
30
+ *
31
+ * @inheritdoc
32
+ */
33
+ protected function _getElementHtml(Varien_Data_Form_Element_Abstract $element)
34
+ {
35
+ /** @var ET_IpSecurity_Helper_Data $helper */
36
+ $helper = Mage::helper('etipsecurity');
37
+ /** @var ET_IpSecurity_Model_IpVariable $model */
38
+ $model = Mage::getModel('etipsecurity/ipVariable');
39
+
40
+ $result = $helper->__('Below is a list of standard variables where the server can '
41
+ . 'store the IP address of the visitor, and what each of these variables contains on your server:<br><br>');
42
+
43
+ $getIpMethodArray = $model->getOptionArray();
44
+ foreach ($getIpMethodArray as $key=>$value) {
45
+ $ip = (isset($_SERVER[$value])) ? $_SERVER[$value] : $helper->__('Nothing');
46
+ $result .= ' <b>' . $key . '</b> ' .
47
+ $helper->__('returns') .
48
+ '<b> ' . $ip . '</b><br>';
49
+ }
50
+ return $result;
51
+ }
52
  }
app/code/community/ET/IpSecurity/Block/Adminhtml/Log.php CHANGED
@@ -17,13 +17,22 @@
17
  * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
  */
19
 
 
 
 
20
  class ET_IpSecurity_Block_Adminhtml_Log extends Mage_Adminhtml_Block_Widget_Grid_Container
21
  {
 
 
 
22
  public function __construct()
23
  {
 
 
 
24
  $this->_controller = 'adminhtml_log';
25
  $this->_blockGroup = 'etipsecurity';
26
- $this->_headerText = Mage::helper('etipsecurity')->__('ET IP Security log table');
27
 
28
  parent::__construct();
29
  $this->_removeButton('add');
17
  * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
  */
19
 
20
+ /**
21
+ * Class ET_IpSecurity_Block_Adminhtml_Log
22
+ */
23
  class ET_IpSecurity_Block_Adminhtml_Log extends Mage_Adminhtml_Block_Widget_Grid_Container
24
  {
25
+ /**
26
+ * Constructor
27
+ */
28
  public function __construct()
29
  {
30
+ /** @var ET_IpSecurity_Helper_Data $helper */
31
+ $helper = Mage::helper('etipsecurity');
32
+
33
  $this->_controller = 'adminhtml_log';
34
  $this->_blockGroup = 'etipsecurity';
35
+ $this->_headerText = $helper->__('ET IP Security log table');
36
 
37
  parent::__construct();
38
  $this->_removeButton('add');
app/code/community/ET/IpSecurity/Block/Adminhtml/Log/Grid.php CHANGED
@@ -17,8 +17,14 @@
17
  * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
  */
19
 
 
 
 
20
  class ET_IpSecurity_Block_Adminhtml_Log_Grid extends Mage_Adminhtml_Block_Widget_Grid
21
  {
 
 
 
22
  public function __construct()
23
  {
24
  parent::__construct();
@@ -28,24 +34,42 @@ class ET_IpSecurity_Block_Adminhtml_Log_Grid extends Mage_Adminhtml_Block_Widget
28
  $this->setSaveParametersInSession(true);
29
  }
30
 
 
 
 
 
 
31
  protected function _prepareCollection()
32
  {
33
- $collection = Mage::getModel('etipsecurity/ipsecuritylog')->getCollection();
 
 
 
34
  $this->setCollection($collection);
35
  return parent::_prepareCollection();
36
  }
37
 
 
 
 
 
 
 
38
  protected function _prepareColumns()
39
  {
 
 
 
 
40
  $this->addColumn('blocked_ip', array(
41
- 'header' => Mage::helper('etipsecurity')->__('Blocked IP'),
42
  'align' => 'left',
43
  'width' => '150px',
44
  'index' => 'blocked_ip',
45
  ));
46
 
47
  $this->addColumn('qty', array(
48
- 'header' => Mage::helper('etipsecurity')->__('Qty blocked'),
49
  'align' => 'left',
50
  'width' => '100px',
51
  'index' => 'qty',
@@ -53,7 +77,7 @@ class ET_IpSecurity_Block_Adminhtml_Log_Grid extends Mage_Adminhtml_Block_Widget
53
  ));
54
 
55
  $this->addColumn('last_block_rule', array(
56
- 'header' => Mage::helper('etipsecurity')->__('Last block rule'),
57
  'align' => 'left',
58
  'width' => '300px',
59
  'index' => 'last_block_rule',
@@ -62,7 +86,7 @@ class ET_IpSecurity_Block_Adminhtml_Log_Grid extends Mage_Adminhtml_Block_Widget
62
  ));
63
 
64
  $this->addColumn('create_time', array(
65
- 'header' => Mage::helper('etipsecurity')->__('First block'),
66
  'align' => 'left',
67
  'width' => '160px',
68
  'index' => 'create_time',
@@ -70,7 +94,7 @@ class ET_IpSecurity_Block_Adminhtml_Log_Grid extends Mage_Adminhtml_Block_Widget
70
  ));
71
 
72
  $this->addColumn('update_time', array(
73
- 'header' => Mage::helper('etipsecurity')->__('Last block'),
74
  'align' => 'left',
75
  'width' => '160px',
76
  'index' => 'update_time',
@@ -78,7 +102,7 @@ class ET_IpSecurity_Block_Adminhtml_Log_Grid extends Mage_Adminhtml_Block_Widget
78
  ));
79
 
80
  $this->addColumn('blocked_from', array(
81
- 'header' => Mage::helper('etipsecurity')->__('Blocked from'),
82
  'align' => 'left',
83
  //'width' => '100px',
84
  'index' => 'blocked_from',
17
  * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
  */
19
 
20
+ /**
21
+ * Class ET_IpSecurity_Block_Adminhtml_Log_Grid
22
+ */
23
  class ET_IpSecurity_Block_Adminhtml_Log_Grid extends Mage_Adminhtml_Block_Widget_Grid
24
  {
25
+ /**
26
+ * Constructor
27
+ */
28
  public function __construct()
29
  {
30
  parent::__construct();
34
  $this->setSaveParametersInSession(true);
35
  }
36
 
37
+ /**
38
+ * Prepare grid collection object
39
+ *
40
+ * @return ET_IpSecurity_Block_Adminhtml_Log_Grid $this
41
+ */
42
  protected function _prepareCollection()
43
  {
44
+ /** @var ET_IpSecurity_Model_Ipsecuritylog $model */
45
+ $model = Mage::getModel('etipsecurity/ipsecuritylog');
46
+
47
+ $collection = $model->getCollection();
48
  $this->setCollection($collection);
49
  return parent::_prepareCollection();
50
  }
51
 
52
+ /**
53
+ * Prepare grid columns
54
+ *
55
+ * @return $this
56
+ * @throws Exception
57
+ */
58
  protected function _prepareColumns()
59
  {
60
+
61
+ /** @var ET_IpSecurity_Helper_Data $helper */
62
+ $helper = Mage::helper('etipsecurity');
63
+
64
  $this->addColumn('blocked_ip', array(
65
+ 'header' => $helper->__('Blocked IP'),
66
  'align' => 'left',
67
  'width' => '150px',
68
  'index' => 'blocked_ip',
69
  ));
70
 
71
  $this->addColumn('qty', array(
72
+ 'header' => $helper->__('Qty blocked'),
73
  'align' => 'left',
74
  'width' => '100px',
75
  'index' => 'qty',
77
  ));
78
 
79
  $this->addColumn('last_block_rule', array(
80
+ 'header' => $helper->__('Last block rule'),
81
  'align' => 'left',
82
  'width' => '300px',
83
  'index' => 'last_block_rule',
86
  ));
87
 
88
  $this->addColumn('create_time', array(
89
+ 'header' => $helper->__('First block'),
90
  'align' => 'left',
91
  'width' => '160px',
92
  'index' => 'create_time',
94
  ));
95
 
96
  $this->addColumn('update_time', array(
97
+ 'header' => $helper->__('Last block'),
98
  'align' => 'left',
99
  'width' => '160px',
100
  'index' => 'update_time',
102
  ));
103
 
104
  $this->addColumn('blocked_from', array(
105
+ 'header' => $helper->__('Blocked from'),
106
  'align' => 'left',
107
  //'width' => '100px',
108
  'index' => 'blocked_from',
app/code/community/ET/IpSecurity/Block/Adminhtml/Log/Renderer/Translaterule.php CHANGED
@@ -1,4 +1,25 @@
1
  <?php
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
2
  class ET_IpSecurity_Block_Adminhtml_Log_Renderer_Translaterule
3
  extends Mage_Adminhtml_Block_Widget_Grid_Column_Renderer_Abstract
4
  {
@@ -11,7 +32,10 @@ class ET_IpSecurity_Block_Adminhtml_Log_Renderer_Translaterule
11
  */
12
  public function _getValue(Varien_Object $row)
13
  {
14
- $data = parent::_getValue($row);
15
- return Mage::helper('etipsecurity')->__($data);
 
 
 
16
  }
17
  }
1
  <?php
2
+ /**
3
+ * NOTICE OF LICENSE
4
+ *
5
+ * You may not sell, sub-license, rent or lease
6
+ * any portion of the Software or Documentation to anyone.
7
+ *
8
+ * DISCLAIMER
9
+ *
10
+ * Do not edit or add to this file if you wish to upgrade to newer
11
+ * versions in the future.
12
+ *
13
+ * @category ET
14
+ * @package ET_IpSecurity
15
+ * @copyright Copyright (c) 2012 ET Web Solutions (http://etwebsolutions.com)
16
+ * @contacts support@etwebsolutions.com
17
+ * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
+ */
19
+
20
+ /**
21
+ * Class ET_IpSecurity_Block_Adminhtml_Log_Renderer_Translaterule
22
+ */
23
  class ET_IpSecurity_Block_Adminhtml_Log_Renderer_Translaterule
24
  extends Mage_Adminhtml_Block_Widget_Grid_Column_Renderer_Abstract
25
  {
32
  */
33
  public function _getValue(Varien_Object $row)
34
  {
35
+ /** @var ET_IpSecurity_Helper_Data $helper */
36
+ $helper = Mage::helper('etipsecurity');
37
+
38
+ $data = (string)parent::_getValue($row);
39
+ return $helper->__($data);
40
  }
41
  }
app/code/community/ET/IpSecurity/Block/Adminhtml/Support.php CHANGED
@@ -17,18 +17,39 @@
17
  * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
  */
19
 
 
 
 
20
  class ET_IpSecurity_Block_Adminhtml_Support
21
  extends Mage_Adminhtml_Block_Abstract
22
  implements Varien_Data_Form_Element_Renderer_Interface
23
  {
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
24
  /**
25
  * Support tab
26
- * version 2.0.1
 
 
27
  */
28
  public function render(Varien_Data_Form_Element_Abstract $element)
29
  {
30
- $helper = Mage::helper('etipsecurity');
31
- $moduleNameId = 'ET_IpSecurity';
32
 
33
  $moduleVersion = $this->_getConfigValue($moduleNameId, 'version');
34
  $moduleName = $this->_getConfigValue($moduleNameId, 'name');
@@ -110,6 +131,13 @@ class ET_IpSecurity_Block_Adminhtml_Support
110
  return $html;
111
  }
112
 
 
 
 
 
 
 
 
113
  protected function _getConfigValue($module, $config)
114
  {
115
  $locale = Mage::app()->getLocale()->getLocaleCode();
@@ -128,58 +156,29 @@ class ET_IpSecurity_Block_Adminhtml_Support
128
  }
129
  }
130
 
131
- const PLATFORM_CE = 'ce';
132
- const PLATFORM_PE = 'pe';
133
- const PLATFORM_EE = 'ee';
134
- const PLATFORM_GO = 'go';
135
- const PLATFORM_UNKNOWN = 'unknown';
136
-
137
- protected static $_platformCode = self::PLATFORM_UNKNOWN;
138
-
139
  /**
140
  * Get edition code
141
  * @return string
142
  */
143
  protected function _getPlatform()
144
  {
145
- if (self::$_platformCode == self::PLATFORM_UNKNOWN) {
146
- // from Magento CE version 1.7. we can get platform from Mage class
147
- if (property_exists('Mage', '_currentEdition')) {
148
- switch (Mage::getEdition()) {
149
- case Mage::EDITION_COMMUNITY:
150
- self::$_platformCode = self::PLATFORM_CE;
151
- break;
152
- case Mage::EDITION_PROFESSIONAL:
153
- self::$_platformCode = self::PLATFORM_PE;
154
- break;
155
- case Mage::EDITION_ENTERPRISE:
156
- self::$_platformCode = self::PLATFORM_EE;
157
- break;
158
- default:
159
- self::$_platformCode = self::PLATFORM_UNKNOWN;
160
- }
161
- }
162
-
163
- // if platform still unknown
164
- if (self::$_platformCode == self::PLATFORM_UNKNOWN) {
165
- $modulesArray = (array)Mage::getConfig()->getNode('modules')->children();
166
- $isEnterprise = array_key_exists('Enterprise_Enterprise', $modulesArray);
167
-
168
- $isProfessional = false; // TODO: how determine?
169
- $isGo = false; // TODO: how?
170
-
171
- if ($isEnterprise) {
172
- self::$_platformCode = self::PLATFORM_EE;
173
- } elseif ($isProfessional) {
174
- self::$_platformCode = self::PLATFORM_PE;
175
- } elseif ($isGo) {
176
- self::$_platformCode = self::PLATFORM_GO;
177
- } else {
178
- self::$_platformCode = self::PLATFORM_CE;
179
- }
180
- }
181
  }
182
- return self::$_platformCode;
 
 
 
 
 
 
 
183
  }
184
 
185
  }
17
  * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
  */
19
 
20
+ /**
21
+ * Class ET_IpSecurity_Block_Adminhtml_Support
22
+ */
23
  class ET_IpSecurity_Block_Adminhtml_Support
24
  extends Mage_Adminhtml_Block_Abstract
25
  implements Varien_Data_Form_Element_Renderer_Interface
26
  {
27
+
28
+ protected $_helperName = 'etipsecurity';
29
+
30
+ const PLATFORM_CE = 'ce';
31
+ const PLATFORM_PE = 'pe';
32
+ const PLATFORM_EE = 'ee';
33
+ const PLATFORM_UNKNOWN = 'unknown';
34
+
35
+ protected $_platformCode = self::PLATFORM_UNKNOWN;
36
+
37
+ protected $_platformNames = array(
38
+ Mage::EDITION_COMMUNITY => self::PLATFORM_CE,
39
+ Mage::EDITION_PROFESSIONAL => self::PLATFORM_PE,
40
+ Mage::EDITION_ENTERPRISE => self::PLATFORM_EE,
41
+ );
42
+
43
  /**
44
  * Support tab
45
+ * version 2.2.2
46
+ *
47
+ * @inheritdoc
48
  */
49
  public function render(Varien_Data_Form_Element_Abstract $element)
50
  {
51
+ $helper = Mage::helper($this->_helperName);
52
+ $moduleNameId = $this->getModuleName();
53
 
54
  $moduleVersion = $this->_getConfigValue($moduleNameId, 'version');
55
  $moduleName = $this->_getConfigValue($moduleNameId, 'name');
131
  return $html;
132
  }
133
 
134
+ /**
135
+ * Retrieve value from configuration
136
+ *
137
+ * @param string $module
138
+ * @param string $config
139
+ * @return Mage_Core_Model_Config_Element|SimpleXMLElement[]
140
+ */
141
  protected function _getConfigValue($module, $config)
142
  {
143
  $locale = Mage::app()->getLocale()->getLocaleCode();
156
  }
157
  }
158
 
 
 
 
 
 
 
 
 
159
  /**
160
  * Get edition code
161
  * @return string
162
  */
163
  protected function _getPlatform()
164
  {
165
+ if ($this->_platformCode != self::PLATFORM_UNKNOWN) {
166
+ return $this->_platformCode;
167
+ }
168
+
169
+ // from Magento CE version 1.7. we can get platform from Mage class
170
+ if (property_exists('Mage', '_currentEdition') && isset($this->_platformNames[Mage::getEdition()])) {
171
+ $this->_platformCode = $this->_platformNames[Mage::getEdition()];
172
+ return $this->_platformCode;
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
173
  }
174
+
175
+ // if platform still unknown
176
+ $modulesArray = (array)Mage::getConfig()->getNode('modules')->children();
177
+ $isEnterprise = array_key_exists('Enterprise_Enterprise', $modulesArray);
178
+
179
+ $this->_platformCode = $isEnterprise ? self::PLATFORM_EE : self::PLATFORM_CE;
180
+
181
+ return $this->_platformCode;
182
  }
183
 
184
  }
app/code/community/ET/IpSecurity/Block/Adminhtml/System/Config/Form/Field/Admin/Link.php ADDED
@@ -0,0 +1,47 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ /**
3
+ * NOTICE OF LICENSE
4
+ *
5
+ * You may not sell, sub-license, rent or lease
6
+ * any portion of the Software or Documentation to anyone.
7
+ *
8
+ * DISCLAIMER
9
+ *
10
+ * Do not edit or add to this file if you wish to upgrade to newer
11
+ * versions in the future.
12
+ *
13
+ * @category ET
14
+ * @package ET_IpSecurity
15
+ * @copyright Copyright (c) 2016 ET Web Solutions (http://etwebsolutions.com)
16
+ * @contacts support@etwebsolutions.com
17
+ * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
+ */
19
+
20
+ /**
21
+ * Class ET_IpSecurity_Block_Adminhtml_System_Config_Form_Field_Admin_Link
22
+ */
23
+ class ET_IpSecurity_Block_Adminhtml_System_Config_Form_Field_Admin_Link
24
+ extends Mage_Adminhtml_Block_System_Config_Form_Field
25
+ {
26
+
27
+ /**
28
+ * @param Varien_Data_Form_Element_Abstract $element
29
+ * @return string
30
+ */
31
+ protected function _getElementHtml(Varien_Data_Form_Element_Abstract $element)
32
+ {
33
+ $value = $element->getValue();
34
+ if (!$value) {
35
+ $value = Mage::helper('etipsecurity')->__(ET_IpSecurity_Helper_Data::MESSAGE_TOKEN_NOT_CREATED);
36
+ }
37
+
38
+ $html = '<div id="' . $element->getHtmlId() . '">';
39
+ $html .= '<span style="font-weight: bold;" id="etipsecurity_ipsecuritytoken_token_link_admin">' .
40
+ $value . '</span>';
41
+ $html .= '</div>';
42
+
43
+ return $html;
44
+ }
45
+
46
+
47
+ }
app/code/community/ET/IpSecurity/Block/Adminhtml/System/Config/Form/Field/Link.php ADDED
@@ -0,0 +1,44 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ /**
3
+ * NOTICE OF LICENSE
4
+ *
5
+ * You may not sell, sub-license, rent or lease
6
+ * any portion of the Software or Documentation to anyone.
7
+ *
8
+ * DISCLAIMER
9
+ *
10
+ * Do not edit or add to this file if you wish to upgrade to newer
11
+ * versions in the future.
12
+ *
13
+ * @category ET
14
+ * @package ET_IpSecurity
15
+ * @copyright Copyright (c) 2016 ET Web Solutions (http://etwebsolutions.com)
16
+ * @contacts support@etwebsolutions.com
17
+ * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
+ */
19
+
20
+ /**
21
+ * Class ET_IpSecurity_Block_Adminhtml_System_Config_Form_Field_Link
22
+ */
23
+ class ET_IpSecurity_Block_Adminhtml_System_Config_Form_Field_Link
24
+ extends Mage_Adminhtml_Block_System_Config_Form_Field
25
+ {
26
+
27
+ /**
28
+ * @param Varien_Data_Form_Element_Abstract|Varien_Data_Form_Element_Text $element
29
+ * @return string
30
+ */
31
+ protected function _getElementHtml(Varien_Data_Form_Element_Abstract $element)
32
+ {
33
+ $value = $element->getValue();
34
+ if ($value == '') {
35
+ $value = Mage::helper('etipsecurity')->__(ET_IpSecurity_Helper_Data::MESSAGE_TOKEN_NOT_CREATED);
36
+ }
37
+
38
+ $html = '<div id="' . $element->getHtmlId() . '">';
39
+ $html .= '<span style="font-weight: bold;" id="etipsecurity_ipsecuritytoken_token_link">' . $value . '</span>';
40
+ $html .= '</div>';
41
+ return $html;
42
+ }
43
+
44
+ }
app/code/community/ET/IpSecurity/Block/Adminhtml/System/Config/Form/Field/Token/Button.php ADDED
@@ -0,0 +1,100 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ /**
3
+ * NOTICE OF LICENSE
4
+ *
5
+ * You may not sell, sub-license, rent or lease
6
+ * any portion of the Software or Documentation to anyone.
7
+ *
8
+ * DISCLAIMER
9
+ *
10
+ * Do not edit or add to this file if you wish to upgrade to newer
11
+ * versions in the future.
12
+ *
13
+ * @category ET
14
+ * @package ET_IpSecurity
15
+ * @copyright Copyright (c) 2016 ET Web Solutions (http://etwebsolutions.com)
16
+ * @contacts support@etwebsolutions.com
17
+ * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
+ */
19
+
20
+ /**
21
+ * Class ET_IpSecurity_Block_Adminhtml_System_Config_Form_Field_Token_Button
22
+ */
23
+ class ET_IpSecurity_Block_Adminhtml_System_Config_Form_Field_Token_Button
24
+ extends Mage_Adminhtml_Block_System_Config_Form_Field
25
+ {
26
+ /** @var ET_IpSecurity_Helper_Data $_helper */
27
+ protected $_helper;
28
+
29
+ /**
30
+ * @inheritdoc
31
+ * ET_IpSecurity_Block_Adminhtml_System_Config_Form_Field_Token_Button constructor.
32
+ */
33
+ public function __construct()
34
+ {
35
+ parent::__construct();
36
+ $this->_helper = Mage::helper('etipsecurity');
37
+ }
38
+
39
+ /**
40
+ * @return $this
41
+ */
42
+ protected function _prepareLayout()
43
+ {
44
+ parent::_prepareLayout();
45
+ if (!$this->getTemplate()) {
46
+ $this->setTemplate('et_ipsecurity/admin_config_generation_button.phtml');
47
+ }
48
+ return $this;
49
+ }
50
+
51
+
52
+ /**
53
+ * @param Varien_Data_Form_Element_Abstract $element
54
+ * @return string
55
+ */
56
+ protected function _getElementHtml(Varien_Data_Form_Element_Abstract $element)
57
+ {
58
+ //1400 fix
59
+ if (!($originalData = $element->getOriginalData())) {
60
+ $originalData = array();
61
+ foreach ($element->getData("field_config") as $key => $value) {
62
+ if (!$value->hasChildren()) {
63
+ $originalData[$key] = (string)$value;
64
+ }
65
+ }
66
+ }
67
+
68
+ $this->addData(
69
+
70
+ array(
71
+ //'button_label' => $this->_helper->__($originalData['button_label']),
72
+
73
+ 'button_label' => $this->_helper->__('Generate token'),
74
+
75
+ 'comment' => $this->_helper->__($originalData['comment']),
76
+ 'html_id' => $element->getHtmlId(),
77
+ 'token_area' => $originalData["token_area"],
78
+
79
+ 'ajax_url' => Mage::getSingleton('adminhtml/url')
80
+ //->getUrl('adminhtml/etcountryblocker_update/addip',
81
+ ->getUrl('adminhtml/etipsecurity_token/generate',
82
+ array("token_area" => $originalData["token_area"])),
83
+
84
+
85
+
86
+ 'button_label_delete' => $this->_helper->__('Delete token'),
87
+
88
+ 'ajax_url_delete' => Mage::getSingleton('adminhtml/url')
89
+ //->getUrl('adminhtml/etcountryblocker_update/addip',
90
+ ->getUrl('adminhtml/etipsecurity_token/delete',
91
+ array("token_area" => $originalData["token_area"]))
92
+ )
93
+
94
+ );
95
+
96
+ return $this->_toHtml();
97
+ }
98
+
99
+
100
+ }
app/code/community/ET/IpSecurity/Block/Adminhtml/System/Config/Form/Field/Token/Update/Date.php ADDED
@@ -0,0 +1,42 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ /**
3
+ * NOTICE OF LICENSE
4
+ *
5
+ * You may not sell, sub-license, rent or lease
6
+ * any portion of the Software or Documentation to anyone.
7
+ *
8
+ * DISCLAIMER
9
+ *
10
+ * Do not edit or add to this file if you wish to upgrade to newer
11
+ * versions in the future.
12
+ *
13
+ * @category ET
14
+ * @package ET_IpSecurity
15
+ * @copyright Copyright (c) 2016 ET Web Solutions (http://etwebsolutions.com)
16
+ * @contacts support@etwebsolutions.com
17
+ * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
+ */
19
+
20
+ /**
21
+ * Class ET_IpSecurity_Block_Adminhtml_System_Config_Form_Field_Token_Update_Date
22
+ */
23
+ class ET_IpSecurity_Block_Adminhtml_System_Config_Form_Field_Token_Update_Date
24
+ extends Mage_Adminhtml_Block_System_Config_Form_Field
25
+ {
26
+
27
+ /**
28
+ * @inheritdoc
29
+ * @param Varien_Data_Form_Element_Abstract $element
30
+ * @return string
31
+ */
32
+ protected function _getElementHtml(Varien_Data_Form_Element_Abstract $element)
33
+ {
34
+ $value = $element->getValue();
35
+ if ($value) {
36
+ $value = $this->formatDate($value, Mage_Core_Model_Locale::FORMAT_TYPE_MEDIUM, true);
37
+ } else {
38
+ $value = Mage::helper('etipsecurity')->__(ET_IpSecurity_Helper_Data::MESSAGE_TOKEN_NOT_UPDATED);
39
+ }
40
+ return "<span id='etipsecurity_ipsecuritytoken_last_updated_date'>" . $value . "</span>";
41
+ }
42
+ }
app/code/community/ET/IpSecurity/Block/Adminhtml/Token/Log.php ADDED
@@ -0,0 +1,41 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ /**
3
+ * NOTICE OF LICENSE
4
+ *
5
+ * You may not sell, sub-license, rent or lease
6
+ * any portion of the Software or Documentation to anyone.
7
+ *
8
+ * DISCLAIMER
9
+ *
10
+ * Do not edit or add to this file if you wish to upgrade to newer
11
+ * versions in the future.
12
+ *
13
+ * @category ET
14
+ * @package ET_IpSecurity
15
+ * @copyright Copyright (c) 2016 ET Web Solutions (http://etwebsolutions.com)
16
+ * @contacts support@etwebsolutions.com
17
+ * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
+ */
19
+
20
+ /**
21
+ * Class ET_IpSecurity_Block_Adminhtml_Token_Log
22
+ */
23
+ class ET_IpSecurity_Block_Adminhtml_Token_Log extends Mage_Adminhtml_Block_Widget_Grid_Container
24
+ {
25
+ /**
26
+ * Constructor
27
+ */
28
+ public function __construct()
29
+ {
30
+ /** @var ET_IpSecurity_Helper_Data $helper */
31
+ $helper = Mage::helper('etipsecurity');
32
+
33
+ $this->_controller = 'adminhtml_token_log';
34
+ $this->_blockGroup = 'etipsecurity';
35
+ $this->_headerText = $helper->__('IP Security Access Token log');
36
+
37
+ parent::__construct();
38
+ $this->_removeButton('add');
39
+ }
40
+
41
+ }
app/code/community/ET/IpSecurity/Block/Adminhtml/Token/Log/Grid.php ADDED
@@ -0,0 +1,103 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ /**
3
+ * NOTICE OF LICENSE
4
+ *
5
+ * You may not sell, sub-license, rent or lease
6
+ * any portion of the Software or Documentation to anyone.
7
+ *
8
+ * DISCLAIMER
9
+ *
10
+ * Do not edit or add to this file if you wish to upgrade to newer
11
+ * versions in the future.
12
+ *
13
+ * @category ET
14
+ * @package ET_IpSecurity
15
+ * @copyright Copyright (c) 2016 ET Web Solutions (http://etwebsolutions.com)
16
+ * @contacts support@etwebsolutions.com
17
+ * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
+ */
19
+
20
+ /**
21
+ * Class ET_IpSecurity_Block_Adminhtml_Token_Log_Grid
22
+ */
23
+ class ET_IpSecurity_Block_Adminhtml_Token_Log_Grid extends Mage_Adminhtml_Block_Widget_Grid
24
+ {
25
+ /**
26
+ * Constructor
27
+ */
28
+ public function __construct()
29
+ {
30
+ parent::__construct();
31
+ $this->setId('etIpSecurityTokenLogGrid');
32
+ $this->setDefaultSort('create_time');
33
+ $this->setDefaultDir('DESC');
34
+ $this->setSaveParametersInSession(true);
35
+ }
36
+
37
+ /**
38
+ * Prepare grid collection object
39
+ *
40
+ * @return Mage_Adminhtml_Block_Widget_Grid
41
+ */
42
+ protected function _prepareCollection()
43
+ {
44
+ /** @var ET_IpSecurity_Model_Iptokenlog $model */
45
+ $model = Mage::getModel('etipsecurity/iptokenlog');
46
+
47
+ $collection = $model->getCollection();
48
+ $this->setCollection($collection);
49
+ return parent::_prepareCollection();
50
+ }
51
+
52
+
53
+ /**
54
+ * Prepare grid columns
55
+ *
56
+ * @return $this
57
+ * @throws Exception
58
+ */
59
+ protected function _prepareColumns()
60
+ {
61
+ /** @var ET_IpSecurity_Helper_Data $helper */
62
+ $helper = Mage::helper('etipsecurity');
63
+
64
+
65
+ $this->addColumn('create_time', array(
66
+ 'header' => $helper->__('Date'),
67
+ 'align' => 'left',
68
+ 'width' => '160px',
69
+ 'index' => 'create_time',
70
+ 'type' => 'datetime',
71
+ ));
72
+
73
+ $this->addColumn('last_block_rule', array(
74
+ 'header' => $helper->__('Event'),
75
+ 'align' => 'left',
76
+ 'width' => '300px',
77
+ 'index' => 'last_block_rule',
78
+ 'renderer' => 'etipsecurity/adminhtml_log_renderer_translaterule',
79
+ 'filter' => false,
80
+ ));
81
+
82
+ $this->addColumn('blocked_ip', array(
83
+ 'header' => $helper->__('IP'),
84
+ 'align' => 'left',
85
+ 'width' => '150px',
86
+ 'index' => 'blocked_ip',
87
+ ));
88
+
89
+ $this->addColumn('blocked_from', array(
90
+ 'header' => $helper->__('Url'),
91
+ 'align' => 'left',
92
+ //'width' => '100px',
93
+ 'index' => 'blocked_from',
94
+ ));
95
+
96
+
97
+ return parent::_prepareColumns();
98
+ }
99
+
100
+
101
+
102
+
103
+ }
app/code/community/ET/IpSecurity/Helper/Data.php CHANGED
@@ -1,40 +1,443 @@
1
- <?php
2
- /**
3
- * NOTICE OF LICENSE
4
- *
5
- * You may not sell, sub-license, rent or lease
6
- * any portion of the Software or Documentation to anyone.
7
- *
8
- * DISCLAIMER
9
- *
10
- * Do not edit or add to this file if you wish to upgrade to newer
11
- * versions in the future.
12
- *
13
- * @category ET
14
- * @package ET_IpSecurity
15
- * @copyright Copyright (c) 2012 ET Web Solutions (http://etwebsolutions.com)
16
- * @contacts support@etwebsolutions.com
17
- * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
- */
19
-
20
- class ET_IpSecurity_Helper_Data extends Mage_Core_Helper_Abstract
21
- {
22
- /**
23
- * @return mixed
24
- * returns ip method which is selected in admin settings
25
- */
26
- public function getIpVariable()
27
- {
28
- /** @var $model ET_IpSecurity_Model_IpVariable */
29
- $model = Mage::getModel('etipsecurity/ipVariable');
30
- $ipsArray = $model->getOptionArray();
31
-
32
- $configVariable = Mage::getStoreConfig('etipsecurity/global_settings/get_ip_method');
33
-
34
- if (!in_array($configVariable, $ipsArray)) {
35
- $configVariable = 'REMOTE_ADDR';
36
- }
37
-
38
- return $configVariable;
39
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
40
  }
1
+ <?php
2
+ /**
3
+ * NOTICE OF LICENSE
4
+ *
5
+ * You may not sell, sub-license, rent or lease
6
+ * any portion of the Software or Documentation to anyone.
7
+ *
8
+ * DISCLAIMER
9
+ *
10
+ * Do not edit or add to this file if you wish to upgrade to newer
11
+ * versions in the future.
12
+ *
13
+ * @category ET
14
+ * @package ET_IpSecurity
15
+ * @copyright Copyright (c) 2012 ET Web Solutions (http://etwebsolutions.com)
16
+ * @contacts support@etwebsolutions.com
17
+ * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
+ */
19
+
20
+ /**
21
+ * Class ET_IpSecurity_Helper_Data
22
+ */
23
+ class ET_IpSecurity_Helper_Data extends Mage_Core_Helper_Abstract
24
+ {
25
+ const MODULE_NAME = 'etipsecurity';
26
+ const MODULE_LOG_FOLDER = 'etipsecurity';
27
+
28
+ const MESSAGE_TOKEN_NOT_CREATED = 'Token not Created';
29
+ const MESSAGE_TOKEN_NOT_UPDATED = 'Token not Created';
30
+
31
+
32
+ /**
33
+ * @param $cookieName
34
+ * @return mixed
35
+ */
36
+ public function getCookie($cookieName)
37
+ {
38
+ return Mage::getModel('core/cookie')->get($cookieName);
39
+ }
40
+
41
+ /**
42
+ * set cookie token
43
+ *
44
+ * @param string $cookieName
45
+ * @param string $cookieValue
46
+ */
47
+ public function setCookieToken($cookieName, $cookieValue)
48
+ {
49
+ $cookieTime = Mage::getModel('etipsecurity/system_config_source_cookie_expire')->getCookieExpiredTime();
50
+ $this->setCookie($cookieName, $cookieValue, $cookieTime);
51
+ }
52
+
53
+
54
+ /**
55
+ * set Cookie Value
56
+ *
57
+ * @param string $cookieName
58
+ * @param string $cookieValue
59
+ * @param string $cookiePeriod
60
+ */
61
+ public function setCookie($cookieName, $cookieValue, $cookiePeriod)
62
+ {
63
+ /** @var Mage_Core_Model_Cookie $cookieModel */
64
+ $cookieModel = Mage::getModel('core/cookie');
65
+
66
+ //$period = $cookieModel->getLifetime()
67
+ $path = $cookieModel->getPath();
68
+ $domain = $cookieModel->getDomain();
69
+ $secure = $cookieModel->isSecure();
70
+ $httpOnly = $cookieModel->getHttponly();
71
+
72
+ $cookieModel->set($cookieName, $cookieValue, $cookiePeriod, $path, $domain, $secure, $httpOnly);
73
+ }
74
+
75
+
76
+ /**
77
+ * check is Enabled 'Security Token'
78
+ *
79
+ * @return bool
80
+ */
81
+ public function isEnabledIpSecurityToken()
82
+ {
83
+ return (bool)Mage::getStoreConfig(self::MODULE_NAME . '/ipsecuritytoken/enabled');
84
+ }
85
+
86
+
87
+ /**
88
+ * return count of days
89
+ *
90
+ * @return int
91
+ */
92
+ public function getTokenExpireTime()
93
+ {
94
+ return (int)Mage::getStoreConfig(self::MODULE_NAME . '/ipsecuritytoken/token_expire');
95
+ }
96
+
97
+
98
+ /**
99
+ * return time (hour)
100
+ *
101
+ * @return int
102
+ */
103
+ public function getCookieExpireTime()
104
+ {
105
+ return (int)Mage::getStoreConfig(self::MODULE_NAME . '/ipsecuritytoken/cookie_expire');
106
+ }
107
+
108
+ /**
109
+ * @return string
110
+ */
111
+ public function getTokenName()
112
+ {
113
+ return (string)Mage::getStoreConfig(self::MODULE_NAME . '/ipsecuritytoken/param_name');
114
+ }
115
+
116
+ /**
117
+ * @return string
118
+ */
119
+ public function getTokenValue()
120
+ {
121
+ return (string)Mage::getStoreConfig(self::MODULE_NAME . '/ipsecuritytoken/token');
122
+ }
123
+
124
+ /**
125
+ * remove token link
126
+ */
127
+ public function resetTokenLinks()
128
+ {
129
+ $this->saveConfigValue('ipsecuritytoken/token', '');
130
+ $this->saveConfigValue('ipsecuritytoken/token_link', '');
131
+ $this->saveConfigValue('ipsecuritytoken/token_link_admin', '');
132
+ }
133
+
134
+
135
+ /**
136
+ * set Url to admin page with token
137
+ *
138
+ * @param $tokenName
139
+ */
140
+ public function setToken($tokenName)
141
+ {
142
+ $adminUrl = Mage::getUrl('adminhtml');
143
+ $frontUrl = Mage::getUrl();
144
+
145
+ $token = '?' . $tokenName . '=';
146
+ $token .= $this->_setToken();
147
+
148
+ $adminUrl .= $token;
149
+ $frontUrl .= $token;
150
+
151
+ $this->saveConfigValue('ipsecuritytoken/token_link_admin', $adminUrl);
152
+ $this->saveConfigValue('ipsecuritytoken/token_link', $frontUrl);
153
+
154
+ }
155
+
156
+ /**
157
+ * get Url for access to FrontEnd
158
+ *
159
+ * @return string
160
+ */
161
+ public function getFrontTokenUrl()
162
+ {
163
+ return (string)Mage::getStoreConfig(self::MODULE_NAME . '/ipsecuritytoken/token_link');
164
+ }
165
+
166
+ /**
167
+ * get Url for access to FrontEnd
168
+ *
169
+ * @return string
170
+ */
171
+ public function getAdminTokenUrl()
172
+ {
173
+ return (string)Mage::getStoreConfig(self::MODULE_NAME . '/ipsecuritytoken/token_link_admin');
174
+ }
175
+
176
+
177
+ /**
178
+ * generate token & save to config
179
+ * @return string
180
+ */
181
+ protected function _setToken()
182
+ {
183
+ $token = md5(Mage::helper('core')->getRandomString($length = 32));
184
+ $this->saveConfigValue('ipsecuritytoken/token', $token);
185
+ return $token;
186
+ }
187
+
188
+
189
+ /**
190
+ * @param string $configPath
191
+ * @param string $value
192
+ */
193
+ public function saveConfigValue($configPath, $value)
194
+ {
195
+ $coreConfig = new Mage_Core_Model_Config();
196
+ $coreConfig->saveConfig(
197
+ self::MODULE_NAME . '/' . $configPath,
198
+ $value
199
+ );
200
+ Mage::getConfig()->reinit();
201
+ }
202
+
203
+
204
+ /**
205
+ * get Url to Admin page with token
206
+ *
207
+ * @return string
208
+ */
209
+ public function getToken()
210
+ {
211
+ return (string)Mage::getStoreConfig(self::MODULE_NAME . '/ipsecuritytoken/token');
212
+ }
213
+
214
+ /**
215
+ * remove Last Update Token Time
216
+ */
217
+ public function resetLastUpdateTokenTime()
218
+ {
219
+ $this->saveConfigValue('ipsecuritytoken/last_updated_date', '');
220
+ }
221
+
222
+ /**
223
+ * set Date Last Update Token
224
+ *
225
+ * @return string
226
+ */
227
+ public function setLastUpdateToken()
228
+ {
229
+ $date = now();
230
+ $this->saveConfigValue('ipsecuritytoken/last_updated_date', $date);
231
+ return $date;
232
+ }
233
+
234
+ /**
235
+ * create Comment Message For Grid of Expired Token Time
236
+ *
237
+ * @return string
238
+ */
239
+ public function getTokenExpiredTimeMessage_OLD()
240
+ {
241
+ $msg = '';
242
+ $timeLastUpdateToken = $this->getLastUpdateToken();
243
+
244
+ if ($timeLastUpdateToken == '') {
245
+ $msg .= $this->__('Token not created');
246
+ } else {
247
+
248
+ /** @var ET_IpSecurity_Model_System_Config_Source_Token_Expire $tokenModel */
249
+ $tokenModel = Mage::getModel('etipsecurity/system_config_source_token_expire');
250
+
251
+ if ($tokenModel->isTokenExpired()) {
252
+ $msg = $this->__('Token expired!');
253
+ $msg .= ' ';
254
+ } else {
255
+
256
+ $tokenExpiredTimeStamp = $tokenModel->getTokenExpiredTimestamp();
257
+ $differentTime = $tokenExpiredTimeStamp - time();
258
+
259
+ $differentTimeInHour = round($differentTime / (60 * 60));
260
+
261
+ $differentTimeInDay = (int)($differentTimeInHour / 24);
262
+ $msg .= $this->__('Token expires after:');
263
+ $msg .= ' ';
264
+
265
+ if ($differentTimeInDay) {
266
+ $msg .= $this->__('%s d', $differentTimeInDay);
267
+ $msg .= ' ';
268
+ }
269
+
270
+ $hour = (int)($differentTimeInHour - ($differentTimeInDay * 24));
271
+
272
+ if ($hour) {
273
+ $msg .= $this->__('%s h', $hour);
274
+ $msg .= ' ';
275
+ }
276
+
277
+ if ((!$differentTimeInDay) && (!$hour)) {
278
+ $minute = round($differentTimeInHour, 2) * 100;
279
+ $msg .= $this->__('%s m', $minute);
280
+ $msg .= ' ';
281
+ }
282
+ }
283
+ }
284
+
285
+ $msg = trim($msg);
286
+
287
+ return $msg;
288
+ }
289
+
290
+
291
+ /**
292
+ * create Comment Message For Grid of Expired Token Time
293
+ *
294
+ * @return string
295
+ */
296
+ public function getTokenExpiredTimeMessage()
297
+ {
298
+ $msg = '';
299
+ $timeLastUpdateToken = $this->getLastUpdateToken();
300
+
301
+ if ($timeLastUpdateToken == '') {
302
+ $msg .= $this->__('Token not created');
303
+ } else {
304
+
305
+ /** @var ET_IpSecurity_Model_System_Config_Source_Token_Expire $tokenModel */
306
+ $tokenModel = Mage::getModel('etipsecurity/system_config_source_token_expire');
307
+
308
+ if ($tokenModel->isTokenExpired()) {
309
+ $msg = $this->__('Token expired!');
310
+ } else {
311
+
312
+ $tokenExpiredTimeStamp = $tokenModel->getTokenExpiredTimestamp();
313
+ $differentTime = $tokenExpiredTimeStamp - time();
314
+
315
+ $differentTimeInHour = round($differentTime / (60 * 60));
316
+
317
+ if ($differentTimeInHour) {
318
+ $msg .= $this->__('Token expires after:');
319
+ $msg .= ' ';
320
+ $msg .= $this->__('%s (hours)', $differentTimeInHour);
321
+ } else {
322
+ $msg = $this->__('Token expired!');
323
+ }
324
+ }
325
+ }
326
+
327
+ $msg = trim($msg);
328
+
329
+ return $msg;
330
+ }
331
+
332
+
333
+ /**
334
+ * check token last Update && url (not empty)
335
+ *
336
+ * @return bool
337
+ */
338
+ public function isSetTokenLastUpdateAndUrl()
339
+ {
340
+ if (($this->getLastUpdateToken() != '') && ($this->getToken() != '')) {
341
+ $this->log('isSetTokenLastUpdateAndUrl(): true');
342
+ return true;
343
+ } else {
344
+ $this->log('isSetTokenLastUpdateAndUrl(): false');
345
+ return false;
346
+ }
347
+ }
348
+
349
+
350
+ /**
351
+ * get Date Last Update Token
352
+ *
353
+ * @return string
354
+ */
355
+ public function getLastUpdateToken()
356
+ {
357
+ return (string)Mage::getStoreConfig(self::MODULE_NAME . '/ipsecuritytoken/last_updated_date');
358
+ }
359
+
360
+
361
+ /**
362
+ * Returns ip method which is selected in admin settings
363
+ *
364
+ * @return mixed
365
+ */
366
+ public function getIpVariable()
367
+ {
368
+ /** @var $model ET_IpSecurity_Model_IpVariable */
369
+ $model = Mage::getModel('etipsecurity/ipVariable');
370
+ $ipsArray = $model->getOptionArray();
371
+
372
+ $configVariable = Mage::getStoreConfig(self::MODULE_NAME . '/global_settings/get_ip_method');
373
+
374
+ if (!in_array($configVariable, $ipsArray)) {
375
+ $configVariable = 'REMOTE_ADDR';
376
+ }
377
+
378
+ return $configVariable;
379
+ }
380
+
381
+
382
+ /**
383
+ * @param string|array $message
384
+ * @return bool
385
+ */
386
+ public function log($message)
387
+ {
388
+ if ($this->isLogEnabled()) {
389
+ $file = $this->getLogFileName();
390
+ if (is_array($message)) {
391
+ $forLog = array();
392
+ foreach ($message as $answerKey => $answerValue) {
393
+ $answer = !is_scalar($answerValue) ? print_r($answerValue, true) : $answerValue;
394
+ $forLog[] = $answerKey . ": " . $answer;
395
+ }
396
+ $forLog[] = '***************************';
397
+ $message = implode("\r\n", $forLog);
398
+ }
399
+
400
+ $argumentsCount = func_num_args();
401
+ if ($argumentsCount > 1) {
402
+ $forLog = array($message);
403
+ $forLog[] = "Additional data: ";
404
+ $arguments = func_get_args();
405
+ for ($i = 1; $i < $argumentsCount; $i++) {
406
+ $forLog[] = !is_scalar($arguments[$i]) ? print_r($arguments[$i], true) : $arguments[$i];
407
+ }
408
+ $message = implode("\r\n", $forLog);
409
+ }
410
+
411
+ Mage::log($message, Zend_Log::DEBUG, $file, true);
412
+ }
413
+ return true;
414
+ }
415
+
416
+ /**
417
+ * check Enabled Logging
418
+ *
419
+ * @return bool
420
+ */
421
+ public function isLogEnabled()
422
+ {
423
+ return (bool)Mage::getStoreConfig(self::MODULE_NAME . '/general/log_enabled');
424
+ }
425
+
426
+ /**
427
+ * return log FileName
428
+ *
429
+ * @return string
430
+ */
431
+ public function getLogFileName()
432
+ {
433
+ Mage::getConfig()->getVarDir('log' . DS . self::MODULE_LOG_FOLDER);
434
+ $fileName = Mage::getStoreConfig(self::MODULE_NAME . '/general/log_file');
435
+ if ($fileName == '') {
436
+ $fileName = self::MODULE_LOG_FOLDER . '.log';
437
+ }
438
+ $filePath = self::MODULE_LOG_FOLDER . DS . date("Ymd-") . $fileName;
439
+ return $filePath;
440
+ }
441
+
442
+
443
  }
app/code/community/ET/IpSecurity/Model/IpVariable.php CHANGED
@@ -1,64 +1,77 @@
1
- <?php
2
-
3
- /**
4
- * NOTICE OF LICENSE
5
- *
6
- * You may not sell, sub-license, rent or lease
7
- * any portion of the Software or Documentation to anyone.
8
- *
9
- * DISCLAIMER
10
- *
11
- * Do not edit or add to this file if you wish to upgrade to newer
12
- * versions in the future.
13
- *
14
- * @category ET
15
- * @package ET_IpSecurity
16
- * @copyright Copyright (c) 2014 ET Web Solutions (http://etwebsolutions.com)
17
- * @contacts support@etwebsolutions.com
18
- * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
19
- */
20
- class ET_IpSecurity_Model_IpVariable extends Mage_Eav_Model_Entity_Attribute_Source_Abstract
21
- {
22
- public function getAllOptions()
23
- {
24
- if (is_null($this->_options)) {
25
- $this->_options = array(
26
- array(
27
- 'label' => 'REMOTE_ADDR',
28
- 'value' => 'REMOTE_ADDR'
29
- ),
30
- array(
31
- 'label' => 'HTTP_X_REAL_IP',
32
- 'value' => 'HTTP_X_REAL_IP'
33
- ),
34
- array(
35
- 'label' => 'HTTP_CLIENT_IP',
36
- 'value' => 'HTTP_CLIENT_IP'
37
- ),
38
- array(
39
- 'label' => 'HTTP_X_FORWARDED_FOR',
40
- 'value' => 'HTTP_X_FORWARDED_FOR'
41
- ),
42
- array(
43
- 'label' => 'HTTP_X_CLUSTER_CLIENT_IP',
44
- 'value' => 'HTTP_X_CLUSTER_CLIENT_IP'
45
- ),
46
- );
47
- }
48
- return $this->_options;
49
- }
50
-
51
- public function getOptionArray()
52
- {
53
- $_options = array();
54
- foreach ($this->getAllOptions() as $option) {
55
- $_options[$option['value']] = $option['label'];
56
- }
57
- return $_options;
58
- }
59
-
60
- public function toOptionArray()
61
- {
62
- return $this->getOptionArray();
63
- }
64
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ /**
3
+ * NOTICE OF LICENSE
4
+ *
5
+ * You may not sell, sub-license, rent or lease
6
+ * any portion of the Software or Documentation to anyone.
7
+ *
8
+ * DISCLAIMER
9
+ *
10
+ * Do not edit or add to this file if you wish to upgrade to newer
11
+ * versions in the future.
12
+ *
13
+ * @category ET
14
+ * @package ET_IpSecurity
15
+ * @copyright Copyright (c) 2014 ET Web Solutions (http://etwebsolutions.com)
16
+ * @contacts support@etwebsolutions.com
17
+ * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
+ */
19
+
20
+ /**
21
+ * Class ET_IpSecurity_Model_IpVariable
22
+ */
23
+ class ET_IpSecurity_Model_IpVariable extends Mage_Eav_Model_Entity_Attribute_Source_Abstract
24
+ {
25
+ /**
26
+ * Option getter
27
+ * @return array
28
+ */
29
+ public function getAllOptions()
30
+ {
31
+ if (is_null($this->_options)) {
32
+ $this->_options = array(
33
+ array(
34
+ 'label' => 'REMOTE_ADDR',
35
+ 'value' => 'REMOTE_ADDR'
36
+ ),
37
+ array(
38
+ 'label' => 'HTTP_X_REAL_IP',
39
+ 'value' => 'HTTP_X_REAL_IP'
40
+ ),
41
+ array(
42
+ 'label' => 'HTTP_CLIENT_IP',
43
+ 'value' => 'HTTP_CLIENT_IP'
44
+ ),
45
+ array(
46
+ 'label' => 'HTTP_X_FORWARDED_FOR',
47
+ 'value' => 'HTTP_X_FORWARDED_FOR'
48
+ ),
49
+ array(
50
+ 'label' => 'HTTP_X_CLUSTER_CLIENT_IP',
51
+ 'value' => 'HTTP_X_CLUSTER_CLIENT_IP'
52
+ ),
53
+ );
54
+ }
55
+ return $this->_options;
56
+ }
57
+
58
+ /**
59
+ * @return array
60
+ */
61
+ public function getOptionArray()
62
+ {
63
+ $_options = array();
64
+ foreach ($this->getAllOptions() as $option) {
65
+ $_options[$option['value']] = $option['label'];
66
+ }
67
+ return $_options;
68
+ }
69
+
70
+ /**
71
+ * @return array
72
+ */
73
+ public function toOptionArray()
74
+ {
75
+ return $this->getOptionArray();
76
+ }
77
+ }
app/code/community/ET/IpSecurity/Model/Ipsecuritylog.php CHANGED
@@ -17,8 +17,14 @@
17
  * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
  */
19
 
 
 
 
20
  class ET_IpSecurity_Model_Ipsecuritylog extends Mage_Core_Model_Abstract
21
  {
 
 
 
22
  public function _construct()
23
  {
24
  parent::_construct();
17
  * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
  */
19
 
20
+ /**
21
+ * Class ET_IpSecurity_Model_Ipsecuritylog
22
+ */
23
  class ET_IpSecurity_Model_Ipsecuritylog extends Mage_Core_Model_Abstract
24
  {
25
+ /**
26
+ * Internal constructor
27
+ */
28
  public function _construct()
29
  {
30
  parent::_construct();
app/code/community/ET/IpSecurity/Model/Iptokenlog.php ADDED
@@ -0,0 +1,33 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ /**
3
+ * NOTICE OF LICENSE
4
+ *
5
+ * You may not sell, sub-license, rent or lease
6
+ * any portion of the Software or Documentation to anyone.
7
+ *
8
+ * DISCLAIMER
9
+ *
10
+ * Do not edit or add to this file if you wish to upgrade to newer
11
+ * versions in the future.
12
+ *
13
+ * @category ET
14
+ * @package ET_IpSecurity
15
+ * @copyright Copyright (c) 2016 ET Web Solutions (http://etwebsolutions.com)
16
+ * @contacts support@etwebsolutions.com
17
+ * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
+ */
19
+
20
+ /**
21
+ * Class ET_IpSecurity_Model_Iptokenlog
22
+ */
23
+ class ET_IpSecurity_Model_Iptokenlog extends Mage_Core_Model_Abstract
24
+ {
25
+ /**
26
+ * Internal constructor
27
+ */
28
+ public function _construct()
29
+ {
30
+ parent::_construct();
31
+ $this->_init('etipsecurity/iptokenlog');
32
+ }
33
+ }
app/code/community/ET/IpSecurity/Model/Mysql4/Ipsecuritylog.php CHANGED
@@ -17,8 +17,14 @@
17
  * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
  */
19
 
 
 
 
20
  class ET_IpSecurity_Model_Mysql4_Ipsecuritylog extends Mage_Core_Model_Mysql4_Abstract
21
  {
 
 
 
22
  public function _construct()
23
  {
24
  // Note that the logid refers to the key field in your database table.
17
  * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
  */
19
 
20
+ /**
21
+ * Class ET_IpSecurity_Model_Mysql4_Ipsecuritylog
22
+ */
23
  class ET_IpSecurity_Model_Mysql4_Ipsecuritylog extends Mage_Core_Model_Mysql4_Abstract
24
  {
25
+ /**
26
+ * Internal constructor
27
+ */
28
  public function _construct()
29
  {
30
  // Note that the logid refers to the key field in your database table.
app/code/community/ET/IpSecurity/Model/Mysql4/Ipsecuritylog/Collection.php CHANGED
@@ -17,8 +17,14 @@
17
  * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
  */
19
 
 
 
 
20
  class ET_IpSecurity_Model_Mysql4_Ipsecuritylog_Collection extends Mage_Core_Model_Mysql4_Collection_Abstract
21
  {
 
 
 
22
  public function _construct()
23
  {
24
  parent::_construct();
17
  * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
  */
19
 
20
+ /**
21
+ * Class ET_IpSecurity_Model_Mysql4_Ipsecuritylog_Collection
22
+ */
23
  class ET_IpSecurity_Model_Mysql4_Ipsecuritylog_Collection extends Mage_Core_Model_Mysql4_Collection_Abstract
24
  {
25
+ /**
26
+ * Internal constructor
27
+ */
28
  public function _construct()
29
  {
30
  parent::_construct();
app/code/community/ET/IpSecurity/Model/Mysql4/Iptokenlog.php ADDED
@@ -0,0 +1,33 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ /**
3
+ * NOTICE OF LICENSE
4
+ *
5
+ * You may not sell, sub-license, rent or lease
6
+ * any portion of the Software or Documentation to anyone.
7
+ *
8
+ * DISCLAIMER
9
+ *
10
+ * Do not edit or add to this file if you wish to upgrade to newer
11
+ * versions in the future.
12
+ *
13
+ * @category ET
14
+ * @package ET_IpSecurity
15
+ * @copyright Copyright (c) 2012 ET Web Solutions (http://etwebsolutions.com)
16
+ * @contacts support@etwebsolutions.com
17
+ * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
+ */
19
+
20
+ /**
21
+ * Class ET_IpSecurity_Model_Mysql4_Iptokenlog
22
+ */
23
+ class ET_IpSecurity_Model_Mysql4_Iptokenlog extends Mage_Core_Model_Mysql4_Abstract
24
+ {
25
+ /**
26
+ * Internal constructor
27
+ */
28
+ public function _construct()
29
+ {
30
+ // Note that the logid refers to the key field in your database table.
31
+ $this->_init('etipsecurity/iptokenlog', 'logid');
32
+ }
33
+ }
app/code/community/ET/IpSecurity/Model/Mysql4/Iptokenlog/Collection.php ADDED
@@ -0,0 +1,33 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ /**
3
+ * NOTICE OF LICENSE
4
+ *
5
+ * You may not sell, sub-license, rent or lease
6
+ * any portion of the Software or Documentation to anyone.
7
+ *
8
+ * DISCLAIMER
9
+ *
10
+ * Do not edit or add to this file if you wish to upgrade to newer
11
+ * versions in the future.
12
+ *
13
+ * @category ET
14
+ * @package ET_IpSecurity
15
+ * @copyright Copyright (c) 2012 ET Web Solutions (http://etwebsolutions.com)
16
+ * @contacts support@etwebsolutions.com
17
+ * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
+ */
19
+
20
+ /**
21
+ * Class ET_IpSecurity_Model_Mysql4_Iptokenlog_Collection
22
+ */
23
+ class ET_IpSecurity_Model_Mysql4_Iptokenlog_Collection extends Mage_Core_Model_Mysql4_Collection_Abstract
24
+ {
25
+ /**
26
+ * Internal constructor
27
+ */
28
+ public function _construct()
29
+ {
30
+ parent::_construct();
31
+ $this->_init('etipsecurity/iptokenlog');
32
+ }
33
+ }
app/code/community/ET/IpSecurity/Model/Observer.php CHANGED
@@ -1,607 +1,907 @@
1
- <?php
2
-
3
- /**
4
- * NOTICE OF LICENSE
5
- *
6
- * You may not sell, sub-license, rent or lease
7
- * any portion of the Software or Documentation to anyone.
8
- *
9
- * DISCLAIMER
10
- *
11
- * Do not edit or add to this file if you wish to upgrade to newer
12
- * versions in the future.
13
- *
14
- * @category ET
15
- * @package ET_IpSecurity
16
- * @copyright Copyright (c) 2012 ET Web Solutions (http://etwebsolutions.com)
17
- * @contacts support@etwebsolutions.com
18
- * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
19
- */
20
- class ET_IpSecurity_Model_Observer
21
- {
22
- protected $_redirectPage = null;
23
- protected $_redirectBlank = null;
24
- protected $_rawAllowIpData = null;
25
- protected $_rawBlockIpData = null;
26
- protected $_rawExceptIpData = null;
27
- protected $_eventEmail = "";
28
- protected $_emailTemplate = 0;
29
- protected $_emailIdentity = null;
30
- protected $_storeType = null;
31
- protected $_lastFoundIp = null;
32
- protected $_isFrontend = false;
33
- protected $_isDownloader = false;
34
- protected $_alwaysNotify = false;
35
-
36
- /**
37
- * If loading Frontend
38
- *
39
- * @param $observer
40
- */
41
- public function onLoadingFrontend($observer)
42
- {
43
- $this->_readFrontendConfig();
44
- $this->_processIpCheck($observer);
45
- }
46
-
47
- /**
48
- * If loading Admin
49
- *
50
- * @param $observer
51
- */
52
- public function onLoadingAdmin($observer)
53
- {
54
- $this->_readAdminConfig();
55
- $this->_processIpCheck($observer);
56
- }
57
-
58
- /**
59
- * On failed login to Admin
60
- *
61
- * @param $observer
62
- */
63
- public function onAdminLoginFailed($observer)
64
- {
65
- // TODO: for http://support.etwebsolutions.com/issues/371
66
- }
67
-
68
- /**
69
- * On loading Downloader
70
- *
71
- * @param $observer
72
- */
73
- public function onLoadingDownloader($observer)
74
- {
75
- //only in downloader exists Maged_Controller class
76
- if (class_exists("Maged_Controller", false)) {
77
- $this->_readDownloaderConfig();
78
- $this->_processIpCheck($observer);
79
- }
80
- }
81
-
82
- /**
83
- * Reading configuration for Frontend
84
- */
85
- protected function _readFrontendConfig()
86
- {
87
- $this->_redirectPage = $this->trimTrailingSlashes(
88
- Mage::getStoreConfig('etipsecurity/ipsecurityfront/redirect_page'));
89
- $this->_redirectBlank = Mage::getStoreConfig('etipsecurity/ipsecurityfront/redirect_blank');
90
- $this->_rawAllowIpData = Mage::getStoreConfig('etipsecurity/ipsecurityfront/allow');
91
- $this->_rawBlockIpData = Mage::getStoreConfig('etipsecurity/ipsecurityfront/block');
92
- $this->_eventEmail = Mage::getStoreConfig('etipsecurity/ipsecurityfront/email_event');
93
- $this->_emailTemplate = Mage::getStoreConfig('etipsecurity/ipsecurityfront/email_template');
94
- $this->_emailIdentity = Mage::getStoreConfig('etipsecurity/ipsecurityfront/email_identity');
95
- $this->_alwaysNotify = Mage::getStoreConfig('etipsecurity/ipsecurityfront/email_always');
96
- $this->_rawExceptIpData = Mage::getStoreConfig('etipsecurity/ipsecuritymaintetance/except');
97
-
98
- $this->_storeType = Mage::helper("catalog")->__("Frontend");
99
- $this->_isFrontend = true;
100
- }
101
-
102
- /**
103
- * Reading configuration for Admin
104
- */
105
- protected function _readAdminConfig()
106
- {
107
- $this->_redirectPage = $this->trimTrailingSlashes(
108
- Mage::getStoreConfig('etipsecurity/ipsecurityadmin/redirect_page'));
109
- $this->_redirectBlank = Mage::getStoreConfig('etipsecurity/ipsecurityadmin/redirect_blank');
110
- $this->_rawAllowIpData = Mage::getStoreConfig('etipsecurity/ipsecurityadmin/allow');
111
- $this->_rawBlockIpData = Mage::getStoreConfig('etipsecurity/ipsecurityadmin/block');
112
- $this->_eventEmail = Mage::getStoreConfig('etipsecurity/ipsecurityadmin/email_event');
113
- $this->_emailTemplate = Mage::getStoreConfig('etipsecurity/ipsecurityadmin/email_template');
114
- $this->_emailIdentity = Mage::getStoreConfig('etipsecurity/ipsecurityadmin/email_identity');
115
- $this->_alwaysNotify = Mage::getStoreConfig('etipsecurity/ipsecurityadmin/email_always');
116
-
117
- $this->_storeType = Mage::helper("core")->__("Admin");
118
- $this->_isFrontend = false;
119
- }
120
-
121
- /**
122
- * Read configuration for Downloader (used Admin config)
123
- */
124
- protected function _readDownloaderConfig()
125
- {
126
- $this->_readAdminConfig();
127
- $this->_storeType = Mage::helper("etipsecurity")->__("Downloader");
128
- $this->_isDownloader = true;
129
-
130
- // TODO: заглушка. Если страницы для перехода не существует,
131
- // то поиск ссылки на no-rout вызывет ошибку.
132
- //$this->_redirectBlank = true;
133
- }
134
-
135
- /**
136
- * Get current Scope (frontend, admin, downloader)
137
- *
138
- * @return string
139
- */
140
- protected function _getScopeName()
141
- {
142
- if ($this->_isFrontend) {
143
- $scope = 'frontend';
144
- } elseif ($this->_isDownloader) {
145
- $scope = 'downloader';
146
- } else {
147
- $scope = 'admin';
148
- }
149
-
150
- return $scope;
151
- }
152
-
153
- /**
154
- * Checking current ip for rules
155
- *
156
- * @param $observer
157
- * @return ET_IpSecurity_Model_Observer
158
- */
159
- protected function _processIpCheck($observer)
160
- {
161
- $currentIp = $this->getCurrentIp();
162
- $allowIps = $this->_ipTextToArray($this->_rawAllowIpData);
163
- $blockIps = $this->_ipTextToArray($this->_rawBlockIpData);
164
-
165
- $allow = $this->isIpAllowed($currentIp, $allowIps, $blockIps);
166
- $this->_processAllowDeny($allow, $currentIp);
167
-
168
- return $this;
169
- }
170
-
171
- /**
172
- * Check IP for allow/deny rules
173
- *
174
- * @param $currentIp string
175
- * @param $allowIps array
176
- * @param $blockIps array
177
- * @return bool
178
- */
179
- public function isIpAllowed($currentIp, $allowIps, $blockIps)
180
- {
181
- $allow = true;
182
-
183
- # look for allowed
184
- if ($allowIps) {
185
- # block all except allowed
186
- $allow = false;
187
-
188
- # are there any allowed ips
189
- if ($this->isIpInList($currentIp, $allowIps)) {
190
- $allow = true;
191
- }
192
- }
193
-
194
- # look for blocked
195
- if ($blockIps) {
196
- # are there any blocked ips
197
- if ($this->isIpInList($currentIp, $blockIps)) {
198
- $allow = false;
199
- }
200
- }
201
- return $allow;
202
- }
203
-
204
- /**
205
- * Redirect denied users to block page or show maintenance page to visitor
206
- *
207
- * @param $allow boolean
208
- * @param $currentIp string
209
- */
210
- protected function _processAllowDeny($allow, $currentIp)
211
- {
212
- //TODO: Refactoring?
213
- $currentPage = $this->trimTrailingSlashes(Mage::helper('core/url')->getCurrentUrl());
214
- // searching for CMS page storeId
215
- // if we don't do it - we have loop in redirect with setting Add Store Code to Urls = Yes
216
- // (block access to admin redirects to admin)
217
- $pageStoreId = $this->getPageStoreId();
218
- $this->_redirectPage = $this->trimTrailingSlashes(Mage::app()->getStore($pageStoreId)->getBaseUrl())
219
- . "/" . $this->_redirectPage;
220
- $scope = $this->_getScopeName();
221
-
222
- if (!strlen($this->_redirectPage) && !$this->_isDownloader) {
223
- $this->_redirectPage = $this->trimTrailingSlashes(Mage::getUrl('no-route'));
224
- }
225
-
226
- if ($this->_redirectBlank == 1 && !$allow) {
227
- header("HTTP/1.1 403 Forbidden");
228
- header("Status: 403 Forbidden");
229
- header("Content-type: text/html");
230
- $needToNotify = $this->saveToLog(array('blocked_from' => $scope, 'blocked_ip' => $currentIp));
231
- if (($this->_alwaysNotify) || $needToNotify) {
232
- $this->_send();
233
- }
234
- exit("Access denied for IP:<b> " . $currentIp . "</b>");
235
- }
236
-
237
- if ($this->trimTrailingSlashes($currentPage) != $this->trimTrailingSlashes($this->_redirectPage) && !$allow) {
238
- header('Location: ' . $this->_redirectPage);
239
- $needToNotify = $this->saveToLog(array('blocked_from' => $scope, 'blocked_ip' => $currentIp));
240
- if (($this->_alwaysNotify) || $needToNotify) {
241
- $this->_send();
242
- }
243
- exit();
244
- }
245
-
246
- $exceptIps = $this->_ipTextToArray($this->_rawExceptIpData);
247
- $isMaintenanceMode = Mage::getStoreConfig('etipsecurity/ipsecuritymaintetance/enabled');
248
- if (($isMaintenanceMode) && ($this->_isFrontend)) {
249
- $doNotLoadSite = true;
250
- # look for except
251
- if ($exceptIps) {
252
- # are there any except ips
253
- if ($this->isIpInList($currentIp, $exceptIps)) {
254
- Mage::app()->getResponse()->appendBody(
255
- html_entity_decode(
256
- Mage::getStoreConfig('etipsecurity/ipsecuritymaintetance/remindermessage'),
257
- ENT_QUOTES,
258
- "utf-8"
259
- )
260
- );
261
- $doNotLoadSite = false;
262
- }
263
- }
264
-
265
- if ($doNotLoadSite) {
266
- header('HTTP/1.1 503 Service Temporarily Unavailable');
267
- header('Status: 503 Service Temporarily Unavailable');
268
- header('Retry-After: 7200'); // in seconds
269
- print html_entity_decode(
270
- Mage::getStoreConfig('etipsecurity/ipsecuritymaintetance/message'),
271
- ENT_QUOTES,
272
- "utf-8"
273
- );
274
- exit();
275
- }
276
-
277
- }
278
- }
279
-
280
-
281
- /**
282
- * Get store id of target redirect cms page
283
- *
284
- * @return int
285
- */
286
- public function getPageStoreId()
287
- {
288
- $stores = array();
289
- $pageStoreIds = array();
290
-
291
- foreach (Mage::app()->getStores() as $store) {
292
- /* @var $store Mage_Core_Model_Store */
293
- $stores[] = $store->getId();
294
- $pageId = Mage::getModel('cms/page')->checkIdentifier($this->_redirectPage, $store->getId());
295
- if ($pageId === false) {
296
- continue;
297
- }
298
- $pageStoreIds = Mage::getResourceModel('cms/page')->lookupStoreIds($pageId);
299
- if (count($pageStoreIds)) { // found page
300
- break;
301
- }
302
- }
303
-
304
- if (!count($pageStoreIds)) { // no found in any store
305
- $pageStoreIds[] = 0;
306
- }
307
- //default
308
- $pageStoreId = 0;
309
- foreach ($pageStoreIds as $pageStoreId) {
310
- if ($pageStoreId > 0) {
311
- break;
312
- }
313
- }
314
-
315
- if ($pageStoreId == 0) {
316
- $pageStoreId = $stores[0];
317
- return $pageStoreId; // first available store
318
- }
319
- return $pageStoreId;
320
- }
321
-
322
-
323
- /**
324
- * Convert IP range as string to array with first and last IP of range
325
- *
326
- * @param $ipRange string
327
- * @return array[first,last]
328
- */
329
- protected function _convertIpStringToIpRange($ipRange)
330
- {
331
- $ip = explode("|", $ipRange);
332
- $ip = trim($ip[0]);
333
- $simpleRange = explode("-", $ip);
334
- //for xx.xx.xx.xx-yy.yy.yy.yy
335
- if (count($simpleRange) == 2) {
336
- $comparableIpRange = array(
337
- "first" => $this->_convertIpToComparableString($simpleRange[0]),
338
- "last" => $this->_convertIpToComparableString($simpleRange[1]));
339
- return $comparableIpRange;
340
- }
341
- //for xx.xx.xx.*
342
- if (strpos($ip, "*") !== false) {
343
- $fromIp = str_replace("*", "0", $ip);
344
- $toIp = str_replace("*", "255", $ip);
345
- $comparableIpRange = array(
346
- "first" => $this->_convertIpToComparableString($fromIp),
347
- "last" => $this->_convertIpToComparableString($toIp));
348
- return $comparableIpRange;
349
- }
350
- //for xx.xx.xx.xx/yy
351
- $maskRange = explode("/", $ip);
352
- if (count($maskRange) == 2) {
353
- $maskMoves = 32 - $maskRange[1];
354
- $mask = (0xFFFFFFFF >> $maskMoves) << $maskMoves;
355
- $subMask = 0;
356
- for ($maskDigits = 0; $maskDigits < $maskMoves; $maskDigits++) {
357
- $subMask = ($subMask << 1) | 1;
358
- }
359
- $fromIp = ip2long($maskRange[0]) & $mask;
360
- $toIp = long2ip($fromIp | $subMask);
361
- $fromIp = long2ip($fromIp);
362
- $comparableIpRange = array(
363
- "first" => $this->_convertIpToComparableString($fromIp),
364
- "last" => $this->_convertIpToComparableString($toIp));
365
- return $comparableIpRange;
366
- }
367
-
368
- $comparableIpRange = array(
369
- "first" => $this->_convertIpToComparableString($ip),
370
- "last" => $this->_convertIpToComparableString($ip)
371
- );
372
-
373
- return $comparableIpRange;
374
-
375
- }
376
-
377
- /**
378
- * Convert IP address (x.xx.xxx.xx) to easy comparable string (xxx.xxx.xxx.xxx)
379
- *
380
- * @param $ip string
381
- * @return string
382
- * @throws Exception
383
- */
384
- protected function _convertIpToComparableString($ip)
385
- {
386
- $partsOfIp = explode(".", trim($ip));
387
- if (count($partsOfIp) != 4) {
388
- throw new Exception("Incorrect IP format: " . $ip);
389
- }
390
- $comparableIpString = sprintf(
391
- "%03d%03d%03d%03d",
392
- $partsOfIp[0],
393
- $partsOfIp[1],
394
- $partsOfIp[2],
395
- $partsOfIp[3]
396
- );
397
- return $comparableIpString;
398
-
399
- }
400
-
401
- /**
402
- * Is ip in list of IP rules
403
- *
404
- * @param $searchIp string
405
- * @param $ipRulesList array
406
- * @return bool
407
- */
408
- public function isIpInList($searchIp, $ipRulesList)
409
- {
410
- $searchIpComparable = $this->_convertIpToComparableString($searchIp);
411
- if (count($ipRulesList) > 0) {
412
- foreach ($ipRulesList as $ipRule) {
413
- $ip = explode("|", $ipRule);
414
- $ip = trim($ip[0]);
415
- try {
416
- $ipRange = $this->_convertIpStringToIpRange($ip);
417
- //var_dump($ipRange);
418
- if (count($ipRange) == 2) {
419
- $ipFrom = $ipRange["first"];
420
- $ipTo = $ipRange["last"];
421
- if ((strcmp($ipFrom, $searchIpComparable) <= 0) &&
422
- (strcmp($searchIpComparable, $ipTo) <= 0)
423
- ) {
424
- $this->_lastFoundIp = $ipRule;
425
- return true;
426
- }
427
- }
428
- } catch (Exception $e) {
429
- Mage::log($e->getMessage());
430
- }
431
- //}
432
- }
433
- }
434
- return false;
435
- }
436
-
437
- /**
438
- * Trim trailing slashes, except single "/"
439
- *
440
- * @param $str string
441
- * @return string
442
- */
443
- protected function trimTrailingSlashes($str)
444
- {
445
- $str = trim($str);
446
- return $str == '/' ? $str : rtrim($str, '/');
447
- }
448
-
449
- /**
450
- * Send to admin information about IP blocking
451
- */
452
- protected function _send()
453
- {
454
- $sendResult = false;
455
- if (!$this->_eventEmail) {
456
- return $sendResult;
457
- }
458
- $currentIp = $this->getCurrentIp();
459
- //$storeId = 0; //admin
460
-
461
- $recipients = explode(",", $this->_eventEmail);
462
-
463
- /* @var $emailTemplate Mage_Core_Model_Email_Template */
464
- $emailTemplate = Mage::getModel('core/email_template');
465
- foreach ($recipients as $recipient) {
466
- $sendResult = $emailTemplate->setDesignConfig(array('area' => 'backend'))
467
- ->sendTransactional(
468
- $this->_emailTemplate,
469
- $this->_emailIdentity,
470
- trim($recipient),
471
- trim($recipient),
472
- array(
473
- 'ip' => $currentIp,
474
- 'ip_rule' => Mage::helper('etipsecurity')->__($this->getLastBlockRule()), // TODO: translation
475
- 'date' => Mage::helper('core')->formatDate(null, Mage_Core_Model_Locale::FORMAT_TYPE_FULL, true),
476
- 'storetype' => $this->_storeType,
477
- 'url' => Mage::helper('core/url')->getCurrentUrl(),
478
- 'info' => base64_encode(serialize(array($this->_rawAllowIpData, $this->_rawBlockIpData))),
479
- )
480
- );
481
- }
482
- return $sendResult;
483
- }
484
-
485
- /**
486
- * Return block rule
487
- *
488
- * @return string
489
- */
490
- public function getLastBlockRule()
491
- {
492
- $lastBlockRule = 'Not in allowed list';
493
- if (!is_null($this->_lastFoundIp)) {
494
- $lastBlockRule = $this->_lastFoundIp;
495
- }
496
- return $lastBlockRule;
497
- }
498
-
499
- /**
500
- * Get IP of current client
501
- *
502
- * @return string
503
- */
504
- public function getCurrentIp()
505
- {
506
- $helper = Mage::helper('etipsecurity');
507
- $selectedIpVariable = $helper->getIpVariable();
508
- $currentIp = $_SERVER[$selectedIpVariable];
509
- return $this->_getCurrentIp($currentIp, $selectedIpVariable);
510
- }
511
-
512
- /**
513
- * HTTP_X_FORWARDED_FOR can return comma delimetered list of IP addresses.
514
- * We need only one IP address to check
515
- *
516
- * @param $currentIp
517
- * @param $selectedIpVariable
518
- * @return string
519
- */
520
- protected function _getCurrentIp($currentIp, $selectedIpVariable)
521
- {
522
- switch ($selectedIpVariable) {
523
- case 'HTTP_X_FORWARDED_FOR':
524
- $resultArray = explode(',', $currentIp);
525
- $result = trim($resultArray[0]);
526
- break;
527
- default:
528
- $result = $currentIp;
529
- }
530
- return $result;
531
- }
532
-
533
- /**
534
- * Convert string with IP to IP array
535
- *
536
- * @param $text string
537
- * @return array
538
- */
539
- protected function _ipTextToArray($text)
540
- {
541
- $ips = preg_split("/[\n\r]+/", $text);
542
- foreach ($ips as $ipsk => $ipsv) {
543
- if (trim($ipsv) == "") {
544
- unset($ips[$ipsk]);
545
- }
546
- }
547
- return $ips;
548
- }
549
-
550
- /**
551
- * Save Blocked IP to log
552
- *
553
- * @param array $params
554
- * @return bool
555
- */
556
- protected function saveToLog($params = array())
557
- {
558
- $neednotify = true;
559
-
560
- if (!((isset($params['blocked_ip'])) && (strlen(trim($params['blocked_ip'])) > 0))) {
561
- $params['blocked_ip'] = $this->getCurrentIp();
562
- }
563
-
564
- if (!((isset($params['blocked_from'])) && (strlen(trim($params['blocked_from'])) > 0))) {
565
- $params['blocked_from'] = 'undefined';
566
- }
567
-
568
- $now = now();
569
-
570
- /* @var $logtable ET_IpSecurity_Model_Mysql4_Ipsecuritylog_Collection */
571
- $logtable = Mage::getModel('etipsecurity/ipsecuritylog')->getCollection();
572
- $logtable->getSelect()->where('blocked_from=?', $params['blocked_from'])
573
- ->where('blocked_ip=?', $params['blocked_ip']);
574
-
575
- if (count($logtable) > 0) {
576
- foreach ($logtable as $row) {
577
- /* @var $row ET_IpSecurity_Model_Ipsecuritylog */
578
- $timesBlocked = $row->getData('qty') + 1;
579
- $row->setData('qty', $timesBlocked);
580
- $row->setData('last_block_rule', $this->getLastBlockRule());
581
- $row->setData('update_time', $now);
582
- $row->save();
583
- if (($timesBlocked % 10) == 0) {
584
- $neednotify = true;
585
- } else {
586
- $neednotify = false;
587
- }
588
- }
589
- } else {
590
- $log = Mage::getModel('etipsecurity/ipsecuritylog');
591
-
592
- $log->setData('blocked_from', $params['blocked_from']);
593
- $log->setData('blocked_ip', $params['blocked_ip']);
594
- $log->setData('qty', '1');
595
- $log->setData('last_block_rule', $this->getLastBlockRule());
596
- $log->setData('create_time', $now);
597
- $log->setData('update_time', $now);
598
-
599
- $log->save();
600
- $neednotify = true;
601
- }
602
-
603
- // if returns true - IP blocked for first time or timesBloked is 10, 20, 30 etc.
604
- return $neednotify;
605
- }
606
-
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
607
  }
1
+ <?php
2
+ /**
3
+ * NOTICE OF LICENSE
4
+ *
5
+ * You may not sell, sub-license, rent or lease
6
+ * any portion of the Software or Documentation to anyone.
7
+ *
8
+ * DISCLAIMER
9
+ *
10
+ * Do not edit or add to this file if you wish to upgrade to newer
11
+ * versions in the future.
12
+ *
13
+ * @category ET
14
+ * @package ET_IpSecurity
15
+ * @copyright Copyright (c) 2012 ET Web Solutions (http://etwebsolutions.com)
16
+ * @contacts support@etwebsolutions.com
17
+ * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
+ */
19
+
20
+ /**
21
+ * Class ET_IpSecurity_Model_Observer
22
+ */
23
+ class ET_IpSecurity_Model_Observer
24
+ {
25
+ const TOKEN_COOKIE_NAME = 'ipsecurity_token';
26
+
27
+ protected $_redirectPage = null;
28
+ protected $_redirectBlank = null;
29
+ protected $_rawAllowIpData = null;
30
+ protected $_rawBlockIpData = null;
31
+ protected $_rawExceptIpData = null;
32
+ protected $_eventEmail = "";
33
+ protected $_emailTemplate = 0;
34
+ protected $_emailIdentity = null;
35
+ protected $_storeType = null;
36
+ protected $_lastFoundIp = null;
37
+ protected $_isFrontend = false;
38
+ protected $_isDownloader = false;
39
+ protected $_alwaysNotify = false;
40
+
41
+ protected $_eventEmailToken = "";
42
+ protected $_alwaysNotifyToken = false;
43
+ protected $_emailTemplateToken = 0;
44
+ protected $_emailTemplateTokenFail;
45
+ protected $_emailIdentityToken = null;
46
+
47
+ protected static $_flagCheckToken = 0;
48
+
49
+ /**
50
+ * If loading Frontend
51
+ *
52
+ * Event: controller_action_predispatch
53
+ * @param $observer
54
+ */
55
+ public function onLoadingFrontend($observer)
56
+ {
57
+ $this->_readFrontendConfig();
58
+ $this->_readTokenConfig();
59
+ $this->_processIpCheck($observer);
60
+ }
61
+
62
+ /**
63
+ * If loading Admin
64
+ *
65
+ * Event: controller_action_predispatch
66
+ * @param $observer
67
+ */
68
+ public function onLoadingAdmin($observer)
69
+ {
70
+ /** @var ET_IpSecurity_Helper_Data $helper */
71
+ $helper = Mage::helper('etipsecurity');
72
+ $helper->log('onLoadingAdmin()');
73
+
74
+ $eventName = (string)$observer->getEvent()->getName();
75
+ $helper->log('event Name: ' . $eventName);
76
+
77
+ $this->_readAdminConfig();
78
+ $this->_readTokenConfig();
79
+ $this->_processIpCheck($observer);
80
+ }
81
+
82
+ /**
83
+ * On failed login to Admin
84
+ *
85
+ * @param $observer
86
+ *
87
+ * @SuppressWarnings(PHPMD.UnusedFormalParameter)
88
+ */
89
+ public function onAdminLoginFailed($observer)
90
+ {
91
+ // TODO: for http://support.etwebsolutions.com/issues/371
92
+ }
93
+
94
+ /**
95
+ * On loading Downloader
96
+ *
97
+ * Event: controller_front_init_routers
98
+ * @param Varien_Event_Observer $observer
99
+ */
100
+ public function onLoadingDownloader($observer)
101
+ {
102
+ //only in downloader exists Maged_Controller class
103
+ if (class_exists("Maged_Controller", false)) {
104
+ $this->_readDownloaderConfig();
105
+ $this->_processIpCheck($observer);
106
+ }
107
+ }
108
+
109
+ /**
110
+ * Reading configuration for Frontend
111
+ */
112
+ protected function _readFrontendConfig()
113
+ {
114
+ $this->_redirectPage = $this->trimTrailingSlashes(
115
+ Mage::getStoreConfig('etipsecurity/ipsecurityfront/redirect_page'));
116
+ $this->_redirectBlank = Mage::getStoreConfig('etipsecurity/ipsecurityfront/redirect_blank');
117
+ $this->_rawAllowIpData = Mage::getStoreConfig('etipsecurity/ipsecurityfront/allow');
118
+ $this->_rawBlockIpData = Mage::getStoreConfig('etipsecurity/ipsecurityfront/block');
119
+ $this->_eventEmail = Mage::getStoreConfig('etipsecurity/ipsecurityfront/email_event');
120
+ $this->_emailTemplate = Mage::getStoreConfig('etipsecurity/ipsecurityfront/email_template');
121
+ $this->_emailIdentity = Mage::getStoreConfig('etipsecurity/ipsecurityfront/email_identity');
122
+ $this->_alwaysNotify = Mage::getStoreConfig('etipsecurity/ipsecurityfront/email_always');
123
+ $this->_rawExceptIpData = Mage::getStoreConfig('etipsecurity/ipsecuritymaintetance/except');
124
+
125
+ $this->_storeType = Mage::helper("catalog")->__("Frontend");
126
+ $this->_isFrontend = true;
127
+ }
128
+
129
+
130
+ /**
131
+ * Reading configuration for Admin
132
+ */
133
+ protected function _readAdminConfig()
134
+ {
135
+ $this->_redirectPage = $this->trimTrailingSlashes(
136
+ Mage::getStoreConfig('etipsecurity/ipsecurityadmin/redirect_page'));
137
+ $this->_redirectBlank = Mage::getStoreConfig('etipsecurity/ipsecurityadmin/redirect_blank');
138
+ $this->_rawAllowIpData = Mage::getStoreConfig('etipsecurity/ipsecurityadmin/allow');
139
+ $this->_rawBlockIpData = Mage::getStoreConfig('etipsecurity/ipsecurityadmin/block');
140
+ $this->_eventEmail = Mage::getStoreConfig('etipsecurity/ipsecurityadmin/email_event');
141
+ $this->_emailTemplate = Mage::getStoreConfig('etipsecurity/ipsecurityadmin/email_template');
142
+ $this->_emailIdentity = Mage::getStoreConfig('etipsecurity/ipsecurityadmin/email_identity');
143
+ $this->_alwaysNotify = Mage::getStoreConfig('etipsecurity/ipsecurityadmin/email_always');
144
+
145
+ $this->_storeType = Mage::helper("core")->__("Admin");
146
+ $this->_isFrontend = false;
147
+ }
148
+
149
+ /**
150
+ * load Token config
151
+ */
152
+ protected function _readTokenConfig()
153
+ {
154
+ $this->_eventEmailToken = Mage::getStoreConfig('etipsecurity/ipsecuritytoken/email_event');
155
+ $this->_alwaysNotifyToken = Mage::getStoreConfig('etipsecurity/ipsecuritytoken/email_always');
156
+ $this->_emailTemplateToken = Mage::getStoreConfig('etipsecurity/ipsecuritytoken/email_template');
157
+ $this->_emailTemplateTokenFail = Mage::getStoreConfig('etipsecurity/ipsecuritytoken/fail_email_template');
158
+ $this->_emailIdentityToken = Mage::getStoreConfig('etipsecurity/ipsecuritytoken/email_identity');
159
+ }
160
+
161
+
162
+ /**
163
+ * Read configuration for Downloader (used Admin config)
164
+ */
165
+ protected function _readDownloaderConfig()
166
+ {
167
+ $this->_readAdminConfig();
168
+ $this->_storeType = Mage::helper("etipsecurity")->__("Downloader");
169
+ $this->_isDownloader = true;
170
+
171
+ // TODO: заглушка. Если страницы для перехода не существует,
172
+ // то поиск ссылки на no-rout вызывет ошибку.
173
+ //$this->_redirectBlank = true;
174
+ }
175
+
176
+ /**
177
+ * Get current Scope (frontend, admin, downloader)
178
+ *
179
+ * @return string
180
+ */
181
+ protected function _getScopeName()
182
+ {
183
+ if ($this->_isFrontend) {
184
+ $scope = 'frontend';
185
+ } elseif ($this->_isDownloader) {
186
+ $scope = 'downloader';
187
+ } else {
188
+ $scope = 'admin';
189
+ }
190
+
191
+ return $scope;
192
+ }
193
+
194
+ /**
195
+ * Checking current ip for rules
196
+ *
197
+ * @param Varien_Event_Observer $observer
198
+ * @return ET_IpSecurity_Model_Observer
199
+ */
200
+ protected function _processIpCheck($observer)
201
+ {
202
+ $currentIp = $this->getCurrentIp();
203
+ $allowIps = $this->_ipTextToArray($this->_rawAllowIpData);
204
+ $blockIps = $this->_ipTextToArray($this->_rawBlockIpData);
205
+
206
+ $allow = $this->isIpAllowed($currentIp, $allowIps, $blockIps);
207
+
208
+ //FOR DEBUG TESTING Token Access !!!! REMOVE AFTER TEST
209
+ //$allow = false;
210
+
211
+ if (!$allow) {
212
+ $allow = $this->_checkSecurityTokenAccess($observer);
213
+ }
214
+
215
+ $this->_processAllowDeny($allow, $currentIp);
216
+
217
+ return $this;
218
+ }
219
+
220
+
221
+ /**
222
+ * check Access By Token
223
+ *
224
+ * @param Varien_Event_Observer $observer
225
+ * @return bool
226
+ */
227
+ protected function _checkSecurityTokenAccess(Varien_Event_Observer $observer)
228
+ {
229
+ /** @var ET_IpSecurity_Helper_Data $helper */
230
+ $helper = Mage::helper('etipsecurity');
231
+ $helper->log('_checkSecurityTokenAccess()');
232
+
233
+ $access = false;
234
+
235
+ // if Module Enabled && Not Empty Url and Token
236
+ if (($helper->isEnabledIpSecurityToken()) && ($helper->isSetTokenLastUpdateAndUrl())) {
237
+
238
+ $helper->log('IpSecurityToken: Enabled');
239
+
240
+ /** @var ET_IpSecurity_Model_System_Config_Source_Token_Expire $tokenModel */
241
+ $tokenModel = Mage::getModel('etipsecurity/system_config_source_token_expire');
242
+
243
+ if (!$tokenModel->isTokenExpired()) {
244
+ $helper->log('token not expired');
245
+
246
+ $tokenValueConfig = $helper->getTokenValue();
247
+
248
+ $access = $this->_checkAccessByCookie($tokenValueConfig);
249
+
250
+ if (!$access) {
251
+ $access = $this->_checkAccessByToken($observer, $tokenValueConfig);
252
+ }
253
+
254
+ } else {
255
+ // log token expired
256
+ $helper->log('token expired');
257
+ }
258
+ } else {
259
+ $helper->log('IpSecurityToken: Disabled');
260
+ }
261
+
262
+ return $access;
263
+ }
264
+
265
+ /**
266
+ * send Token email notification
267
+ *
268
+ * @param bool $success
269
+ * @throws Mage_Core_Exception
270
+ */
271
+ protected function _notifyLoginByToken($fullUrl, $success)
272
+ {
273
+ /** @var ET_IpSecurity_Helper_Data $helper */
274
+ $helper = Mage::helper('etipsecurity');
275
+ $helper->log('_notifyLoginByToken()');
276
+
277
+ if ($success) {
278
+ $template = $this->_emailTemplateToken;
279
+ } else {
280
+ $template = $this->_emailTemplateTokenFail;
281
+ }
282
+
283
+ if (!$this->_eventEmailToken && (!$template)) {
284
+ return;
285
+ }
286
+
287
+ $currentIp = $this->getCurrentIp();
288
+ $recipients = explode(",", $this->_eventEmailToken);
289
+
290
+ /* @var Mage_Core_Model_Email_Template $emailTemplate */
291
+ $emailTemplate = Mage::getModel('core/email_template')->setDesignConfig(array('area' => 'backend'));
292
+
293
+ $coreHelper = Mage::helper('core');
294
+
295
+ foreach ($recipients as $recipient) {
296
+
297
+ try {
298
+ $emailTemplate
299
+ ->sendTransactional(
300
+ $template,
301
+ $this->_emailIdentityToken,
302
+ trim($recipient),
303
+ trim($recipient),
304
+ array(
305
+ 'ip' => $currentIp,
306
+ 'ip_rule' => Mage::helper('etipsecurity')->__($this->getLastBlockRule()),
307
+ 'date' => $coreHelper->formatDate(null, Mage_Core_Model_Locale::FORMAT_TYPE_FULL, true),
308
+ 'storetype' => $this->_storeType,
309
+ 'url' => $fullUrl,
310
+ 'info' => base64_encode(serialize(array($this->_rawAllowIpData, $this->_rawBlockIpData))),
311
+ )
312
+ );
313
+ } catch (Exception $ex) {
314
+ $helper->log($ex);
315
+ }
316
+ }
317
+ }
318
+
319
+
320
+ /**
321
+ * @param Varien_Event_Observer $observer
322
+ * @param string $tokenValueConfig
323
+ * @return bool
324
+ */
325
+ protected function _checkAccessByToken($observer, $tokenValueConfig)
326
+ {
327
+ /** @var ET_IpSecurity_Helper_Data $helper */
328
+ $helper = Mage::helper('etipsecurity');
329
+ $helper->log('_checkAccessByToken()');
330
+
331
+ $access = false;
332
+
333
+ /** @var Mage_Cms_IndexController $controller */
334
+ $controller = $observer->getControllerAction();
335
+ $eventName = (string)$observer->getEvent()->getName();
336
+ $helper->log('event Name: ' . $eventName);
337
+
338
+ if ($controller) {
339
+
340
+ $tokenName = $helper->getTokenName();
341
+ $helper->log('token Name: ' . $tokenName);
342
+
343
+ $tokenValueRequest = $controller->getRequest()->getParam($tokenName);
344
+
345
+ //$fullUrl = $controller->getRequest()->getServer('HTTP_REFERER');
346
+ //$fullUrl = $controller->getRequest()->getServer('SCRIPT_URI');
347
+ $fullUrl = Mage::helper('core/url')->getCurrentUrl();
348
+
349
+ $helper->log('token value request: ' . $tokenValueRequest);
350
+ $helper->log('token value config: ' . $tokenValueConfig);
351
+
352
+ if ($tokenValueRequest) {
353
+
354
+ if ($tokenValueRequest == $tokenValueConfig) {
355
+
356
+ $helper->setCookieToken(self::TOKEN_COOKIE_NAME, $tokenValueConfig);
357
+ $access = true;
358
+
359
+ if (!self::$_flagCheckToken) {
360
+ $this->_addTokenLog($fullUrl, 'Successful token use');
361
+
362
+ $this->_notifyLoginByToken($fullUrl, true);
363
+
364
+ // log logOn By token Ok
365
+ $helper->log('Successful token use: Ok, set cookie Ok');
366
+
367
+ self::$_flagCheckToken = 1;
368
+ }
369
+
370
+ } else {
371
+ // log not valid token
372
+ $helper->log('Unsuccessful token use attempt: not valid token');
373
+
374
+ $this->_addTokenLog($fullUrl, 'Unsuccessful token use attempt');
375
+
376
+ if ($this->_alwaysNotifyToken) {
377
+ $this->_notifyLoginByToken($fullUrl, false);
378
+ }
379
+ }
380
+ }
381
+ }
382
+
383
+ return $access;
384
+ }
385
+
386
+ /**
387
+ * add token Log
388
+ *
389
+ * @param string $message
390
+ */
391
+ protected function _addTokenLog($fullUrl, $message)
392
+ {
393
+ /** @var ET_IpSecurity_Helper_Data $helper */
394
+ $helper = Mage::helper('etipsecurity');
395
+
396
+ /** @var ET_IpSecurity_Model_Iptokenlog $ipTokenLogModel */
397
+ $ipTokenLogModel = Mage::getModel('etipsecurity/iptokenlog');
398
+
399
+ $ipTokenLogModel->setData('blocked_ip', $this->getCurrentIp());
400
+
401
+ $ipTokenLogModel->setData('last_block_rule',
402
+ //$helper->__($message)
403
+ $message
404
+ );
405
+
406
+ $ipTokenLogModel->setData('create_time', now());
407
+
408
+ $helper->log('_addTokenLog():');
409
+ $helper->log('url: '.$fullUrl);
410
+
411
+ $ipTokenLogModel->setData('blocked_from', $fullUrl);
412
+
413
+ try {
414
+ $ipTokenLogModel->save();
415
+ } catch (Exception $ex) {
416
+ $helper->log('error Add Token Log: ', $ex);
417
+ }
418
+ }
419
+
420
+
421
+ /**
422
+ * check access By cookie
423
+ * is set & valid return true
424
+ *
425
+ * @param string $tokenValueConfig
426
+ * @return bool
427
+ */
428
+ protected function _checkAccessByCookie($tokenValueConfig)
429
+ {
430
+ /** @var ET_IpSecurity_Helper_Data $helper */
431
+ $helper = Mage::helper('etipsecurity');
432
+ $helper->log('_checkAccessByCookie()');
433
+ $access = false;
434
+
435
+ $cookieValue = $helper->getCookie(self::TOKEN_COOKIE_NAME);
436
+
437
+ // check cookie if OK set new Time Expire
438
+ if ($cookieValue) {
439
+ if ($cookieValue == $tokenValueConfig) {
440
+
441
+ $helper->setCookieToken(self::TOKEN_COOKIE_NAME, $cookieValue);
442
+ $access = true;
443
+
444
+ // log cookie update
445
+ $helper->log('cookie valid & update, access: true');
446
+ } else {
447
+ // cookie not valid
448
+ $helper->log('cookie not valid, access: false');
449
+ }
450
+ } else {
451
+ $helper->log('cookie not set');
452
+ }
453
+
454
+ return $access;
455
+ }
456
+
457
+
458
+ /**
459
+ * Check IP for allow/deny rules
460
+ *
461
+ * @param $currentIp string
462
+ * @param $allowIps array
463
+ * @param $blockIps array
464
+ * @return bool
465
+ */
466
+ public function isIpAllowed($currentIp, $allowIps, $blockIps)
467
+ {
468
+ $allow = true;
469
+
470
+ # look for allowed
471
+ if ($allowIps) {
472
+ # block all except allowed
473
+ $allow = false;
474
+
475
+ # are there any allowed ips
476
+ if ($this->isIpInList($currentIp, $allowIps)) {
477
+ $allow = true;
478
+ }
479
+ }
480
+
481
+ # look for blocked
482
+ if ($blockIps) {
483
+ # are there any blocked ips
484
+ if ($this->isIpInList($currentIp, $blockIps)) {
485
+ $allow = false;
486
+ }
487
+ }
488
+ return $allow;
489
+ }
490
+
491
+ /**
492
+ * Redirect denied users to block page or show maintenance page to visitor
493
+ *
494
+ * @param $allow boolean
495
+ * @param $currentIp string
496
+ */
497
+ protected function _processAllowDeny($allow, $currentIp)
498
+ {
499
+ //TODO: Refactoring?
500
+ $currentPage = $this->trimTrailingSlashes(Mage::helper('core/url')->getCurrentUrl());
501
+ // searching for CMS page storeId
502
+ // if we don't do it - we have loop in redirect with setting Add Store Code to Urls = Yes
503
+ // (block access to admin redirects to admin)
504
+ $pageStoreId = $this->getPageStoreId();
505
+ $this->_redirectPage = $this->trimTrailingSlashes(Mage::app()->getStore($pageStoreId)->getBaseUrl())
506
+ . "/" . $this->_redirectPage;
507
+ $scope = $this->_getScopeName();
508
+
509
+ if (!strlen($this->_redirectPage) && !$this->_isDownloader) {
510
+ $this->_redirectPage = $this->trimTrailingSlashes(Mage::getUrl('no-route'));
511
+ }
512
+
513
+ if ($this->_redirectBlank == 1 && !$allow) {
514
+ header("HTTP/1.1 403 Forbidden");
515
+ header("Status: 403 Forbidden");
516
+ header("Content-type: text/html");
517
+ $needToNotify = $this->saveToLog(array('blocked_from' => $scope, 'blocked_ip' => $currentIp));
518
+ if (($this->_alwaysNotify) || $needToNotify) {
519
+ $this->_send();
520
+ }
521
+ exit("Access denied for IP:<b> " . $currentIp . "</b>");
522
+ }
523
+
524
+ if ($this->trimTrailingSlashes($currentPage) != $this->trimTrailingSlashes($this->_redirectPage) && !$allow) {
525
+ header('Location: ' . $this->_redirectPage);
526
+ $needToNotify = $this->saveToLog(array('blocked_from' => $scope, 'blocked_ip' => $currentIp));
527
+ if (($this->_alwaysNotify) || $needToNotify) {
528
+ $this->_send();
529
+ }
530
+ exit();
531
+ }
532
+
533
+ $exceptIps = $this->_ipTextToArray($this->_rawExceptIpData);
534
+ $isMaintenanceMode = Mage::getStoreConfig('etipsecurity/ipsecuritymaintetance/enabled');
535
+ if (($isMaintenanceMode) && ($this->_isFrontend)) {
536
+ $doNotLoadSite = true;
537
+ # look for except
538
+ if ($exceptIps) {
539
+ # are there any except ips
540
+ if ($this->isIpInList($currentIp, $exceptIps)) {
541
+ Mage::app()->getResponse()->appendBody(
542
+ html_entity_decode(
543
+ Mage::getStoreConfig('etipsecurity/ipsecuritymaintetance/remindermessage'),
544
+ ENT_QUOTES,
545
+ "utf-8"
546
+ )
547
+ );
548
+ $doNotLoadSite = false;
549
+ }
550
+ }
551
+
552
+ if ($doNotLoadSite) {
553
+ header('HTTP/1.1 503 Service Temporarily Unavailable');
554
+ header('Status: 503 Service Temporarily Unavailable');
555
+ header('Retry-After: 7200'); // in seconds
556
+ print html_entity_decode(
557
+ Mage::getStoreConfig('etipsecurity/ipsecuritymaintetance/message'),
558
+ ENT_QUOTES,
559
+ "utf-8"
560
+ );
561
+ exit();
562
+ }
563
+
564
+ }
565
+ }
566
+
567
+
568
+ /**
569
+ * Get store id of target redirect cms page
570
+ *
571
+ * @return int
572
+ */
573
+ public function getPageStoreId()
574
+ {
575
+ $stores = array();
576
+ $pageStoreIds = array();
577
+
578
+ foreach (Mage::app()->getStores() as $store) {
579
+ /* @var $store Mage_Core_Model_Store */
580
+ $stores[] = $store->getId();
581
+ $pageId = Mage::getModel('cms/page')->checkIdentifier($this->_redirectPage, $store->getId());
582
+ if ($pageId === false) {
583
+ continue;
584
+ }
585
+ $pageStoreIds = Mage::getResourceModel('cms/page')->lookupStoreIds($pageId);
586
+ if (count($pageStoreIds)) { // found page
587
+ break;
588
+ }
589
+ }
590
+
591
+ if (!count($pageStoreIds)) { // no found in any store
592
+ $pageStoreIds[] = 0;
593
+ }
594
+ //default
595
+ $pageStoreId = 0;
596
+ foreach ($pageStoreIds as $pageStoreId) {
597
+ if ($pageStoreId > 0) {
598
+ break;
599
+ }
600
+ }
601
+
602
+ if ($pageStoreId == 0) {
603
+ $pageStoreId = $stores[0];
604
+ return $pageStoreId; // first available store
605
+ }
606
+ return $pageStoreId;
607
+ }
608
+
609
+
610
+ /**
611
+ * Convert IP range as string to array with first and last IP of range
612
+ *
613
+ * @param $ipRange string
614
+ * @return array[first,last]
615
+ */
616
+ protected function _convertIpStringToIpRange($ipRange)
617
+ {
618
+ $ip = explode("|", $ipRange);
619
+ $ip = trim($ip[0]);
620
+ $simpleRange = explode("-", $ip);
621
+ //for xx.xx.xx.xx-yy.yy.yy.yy
622
+ if (count($simpleRange) == 2) {
623
+ $comparableIpRange = array(
624
+ "first" => $this->_convertIpToComparableString($simpleRange[0]),
625
+ "last" => $this->_convertIpToComparableString($simpleRange[1]));
626
+ return $comparableIpRange;
627
+ }
628
+ //for xx.xx.xx.*
629
+ if (strpos($ip, "*") !== false) {
630
+ $fromIp = str_replace("*", "0", $ip);
631
+ $toIp = str_replace("*", "255", $ip);
632
+ $comparableIpRange = array(
633
+ "first" => $this->_convertIpToComparableString($fromIp),
634
+ "last" => $this->_convertIpToComparableString($toIp));
635
+ return $comparableIpRange;
636
+ }
637
+ //for xx.xx.xx.xx/yy
638
+ $maskRange = explode("/", $ip);
639
+ if (count($maskRange) == 2) {
640
+ $maskMoves = 32 - $maskRange[1];
641
+ $mask = (0xFFFFFFFF >> $maskMoves) << $maskMoves;
642
+ $subMask = 0;
643
+ for ($maskDigits = 0; $maskDigits < $maskMoves; $maskDigits++) {
644
+ $subMask = ($subMask << 1) | 1;
645
+ }
646
+ $fromIp = ip2long($maskRange[0]) & $mask;
647
+ $toIp = long2ip($fromIp | $subMask);
648
+ $fromIp = long2ip($fromIp);
649
+ $comparableIpRange = array(
650
+ "first" => $this->_convertIpToComparableString($fromIp),
651
+ "last" => $this->_convertIpToComparableString($toIp));
652
+ return $comparableIpRange;
653
+ }
654
+
655
+ $comparableIpRange = array(
656
+ "first" => $this->_convertIpToComparableString($ip),
657
+ "last" => $this->_convertIpToComparableString($ip)
658
+ );
659
+
660
+ return $comparableIpRange;
661
+
662
+ }
663
+
664
+ /**
665
+ * Convert IP address (x.xx.xxx.xx) to easy comparable string (xxx.xxx.xxx.xxx)
666
+ *
667
+ * @param $ip string
668
+ * @return string
669
+ * @throws Exception
670
+ */
671
+ protected function _convertIpToComparableString($ip)
672
+ {
673
+ $partsOfIp = explode(".", trim($ip));
674
+ if (count($partsOfIp) != 4) {
675
+ throw new Exception("Incorrect IP format: " . $ip);
676
+ }
677
+ $comparableIpString = sprintf(
678
+ "%03d%03d%03d%03d",
679
+ $partsOfIp[0],
680
+ $partsOfIp[1],
681
+ $partsOfIp[2],
682
+ $partsOfIp[3]
683
+ );
684
+ return $comparableIpString;
685
+
686
+ }
687
+
688
+ /**
689
+ * Is ip in list of IP rules
690
+ *
691
+ * @param $searchIp string
692
+ * @param $ipRulesList array
693
+ * @return bool
694
+ */
695
+ public function isIpInList($searchIp, $ipRulesList)
696
+ {
697
+ $searchIpComparable = $this->_convertIpToComparableString($searchIp);
698
+ if (count($ipRulesList) > 0) {
699
+ foreach ($ipRulesList as $ipRule) {
700
+ $ip = explode("|", $ipRule);
701
+ $ip = trim($ip[0]);
702
+ try {
703
+ $ipRange = $this->_convertIpStringToIpRange($ip);
704
+ //var_dump($ipRange);
705
+ if (count($ipRange) == 2) {
706
+ $ipFrom = $ipRange["first"];
707
+ $ipTo = $ipRange["last"];
708
+ if ((strcmp($ipFrom, $searchIpComparable) <= 0) &&
709
+ (strcmp($searchIpComparable, $ipTo) <= 0)
710
+ ) {
711
+ $this->_lastFoundIp = $ipRule;
712
+ return true;
713
+ }
714
+ }
715
+ } catch (Exception $e) {
716
+ Mage::log($e->getMessage());
717
+ }
718
+ //}
719
+ }
720
+ }
721
+ return false;
722
+ }
723
+
724
+ /**
725
+ * Trim trailing slashes, except single "/"
726
+ *
727
+ * @param $str string
728
+ * @return string
729
+ */
730
+ protected function trimTrailingSlashes($str)
731
+ {
732
+ $str = trim($str);
733
+ return $str == '/' ? $str : rtrim($str, '/');
734
+ }
735
+
736
+ /**
737
+ * Send to admin information about IP blocking
738
+ */
739
+ protected function _send()
740
+ {
741
+ $sendResult = false;
742
+ if (!$this->_eventEmail) {
743
+ return $sendResult;
744
+ }
745
+ $currentIp = $this->getCurrentIp();
746
+ //$storeId = 0; //admin
747
+
748
+ $recipients = explode(",", $this->_eventEmail);
749
+
750
+ /* @var Mage_Core_Model_Email_Template $emailTemplate */
751
+ $emailTemplate = Mage::getModel('core/email_template')->setDesignConfig(array('area' => 'backend'));
752
+ $coreHelper = Mage::helper('core');
753
+ $coreUrlHelper = Mage::helper('core/url');
754
+ foreach ($recipients as $recipient) {
755
+ $sendResult = $emailTemplate
756
+ ->sendTransactional(
757
+ $this->_emailTemplate,
758
+ $this->_emailIdentity,
759
+ trim($recipient),
760
+ trim($recipient),
761
+ array(
762
+ 'ip' => $currentIp,
763
+ 'ip_rule' => Mage::helper('etipsecurity')->__($this->getLastBlockRule()),
764
+ 'date' => $coreHelper->formatDate(null, Mage_Core_Model_Locale::FORMAT_TYPE_FULL, true),
765
+ 'storetype' => $this->_storeType,
766
+ 'url' => $coreUrlHelper->getCurrentUrl(),
767
+ 'info' => base64_encode(serialize(array($this->_rawAllowIpData, $this->_rawBlockIpData))),
768
+ )
769
+ );
770
+ }
771
+ return $sendResult;
772
+ }
773
+
774
+ /**
775
+ * Return block rule
776
+ *
777
+ * @return string
778
+ */
779
+ public function getLastBlockRule()
780
+ {
781
+ $lastBlockRule = 'Not in allowed list';
782
+ if (!is_null($this->_lastFoundIp)) {
783
+ $lastBlockRule = $this->_lastFoundIp;
784
+ }
785
+ return $lastBlockRule;
786
+ }
787
+
788
+ /**
789
+ * Get IP of current client
790
+ *
791
+ * @return string
792
+ */
793
+ public function getCurrentIp()
794
+ {
795
+ /** @var $helper ET_IpSecurity_Helper_Data */
796
+ $helper = Mage::helper('etipsecurity');
797
+ $selectedIpVariable = $helper->getIpVariable();
798
+
799
+ if (isset($_SERVER[$selectedIpVariable])) {
800
+ $currentIp = $_SERVER[$selectedIpVariable];
801
+ } elseif (isset($_SERVER["REMOTE_ADDR"])) { //
802
+ //no default IP variable
803
+ $currentIp = $_SERVER["REMOTE_ADDR"];
804
+ } else {
805
+ //unknown IP
806
+ $currentIp = "0.0.0.0";
807
+ }
808
+ return $this->_getCurrentIp($currentIp, $selectedIpVariable);
809
+ }
810
+
811
+ /**
812
+ * HTTP_X_FORWARDED_FOR can return comma delimetered list of IP addresses.
813
+ * We need only one IP address to check
814
+ *
815
+ * @param $currentIp
816
+ * @param $selectedIpVariable
817
+ * @return string
818
+ */
819
+ protected function _getCurrentIp($currentIp, $selectedIpVariable)
820
+ {
821
+ switch ($selectedIpVariable) {
822
+ case 'HTTP_X_FORWARDED_FOR':
823
+ $resultArray = explode(',', $currentIp);
824
+ $result = trim($resultArray[0]);
825
+ break;
826
+ default:
827
+ $result = $currentIp;
828
+ }
829
+ return $result;
830
+ }
831
+
832
+ /**
833
+ * Convert string with IP to IP array
834
+ *
835
+ * @param $text string
836
+ * @return array
837
+ */
838
+ protected function _ipTextToArray($text)
839
+ {
840
+ $ips = preg_split("/[\n\r]+/", $text);
841
+ foreach ($ips as $ipsk => $ipsv) {
842
+ if (trim($ipsv) == "") {
843
+ unset($ips[$ipsk]);
844
+ }
845
+ }
846
+ return $ips;
847
+ }
848
+
849
+ /**
850
+ * Save Blocked IP to log
851
+ *
852
+ * @param array $params
853
+ * @return bool
854
+ */
855
+ protected function saveToLog($params = array())
856
+ {
857
+ $needNotify = true;
858
+
859
+ if (!((isset($params['blocked_ip'])) && (strlen(trim($params['blocked_ip'])) > 0))) {
860
+ $params['blocked_ip'] = $this->getCurrentIp();
861
+ }
862
+
863
+ if (!((isset($params['blocked_from'])) && (strlen(trim($params['blocked_from'])) > 0))) {
864
+ $params['blocked_from'] = 'undefined';
865
+ }
866
+
867
+ $now = now();
868
+
869
+ /* @var $logTable ET_IpSecurity_Model_Mysql4_Ipsecuritylog_Collection */
870
+ $logTable = Mage::getModel('etipsecurity/ipsecuritylog')->getCollection();
871
+ $logTable->getSelect()->where('blocked_from=?', $params['blocked_from'])
872
+ ->where('blocked_ip=?', $params['blocked_ip']);
873
+
874
+ if (count($logTable) > 0) {
875
+ foreach ($logTable as $row) {
876
+ /* @var $row ET_IpSecurity_Model_Ipsecuritylog */
877
+ $timesBlocked = $row->getData('qty') + 1;
878
+ $row->setData('qty', $timesBlocked);
879
+ $row->setData('last_block_rule', $this->getLastBlockRule());
880
+ $row->setData('update_time', $now);
881
+ $row->save();
882
+ if (($timesBlocked % 10) == 0) {
883
+ $needNotify = true;
884
+ } else {
885
+ $needNotify = false;
886
+ }
887
+ }
888
+ } else {
889
+ /** @var ET_IpSecurity_Model_Ipsecuritylog $log */
890
+ $log = Mage::getModel('etipsecurity/ipsecuritylog');
891
+
892
+ $log->setData('blocked_from', $params['blocked_from']);
893
+ $log->setData('blocked_ip', $params['blocked_ip']);
894
+ $log->setData('qty', '1');
895
+ $log->setData('last_block_rule', $this->getLastBlockRule());
896
+ $log->setData('create_time', $now);
897
+ $log->setData('update_time', $now);
898
+
899
+ $log->save();
900
+ $needNotify = true;
901
+ }
902
+
903
+ // if returns true - IP blocked for first time or timesBloked is 10, 20, 30 etc.
904
+ return $needNotify;
905
+ }
906
+
907
  }
app/code/community/ET/IpSecurity/Model/System/Config/Source/Cookie/Expire.php ADDED
@@ -0,0 +1,62 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ /**
3
+ * NOTICE OF LICENSE
4
+ *
5
+ * You may not sell, sub-license, rent or lease
6
+ * any portion of the Software or Documentation to anyone.
7
+ *
8
+ * DISCLAIMER
9
+ *
10
+ * Do not edit or add to this file if you wish to upgrade to newer
11
+ * versions in the future.
12
+ *
13
+ * @category ET
14
+ * @package ET_IpSecurity
15
+ * @copyright Copyright (c) 2016 ET Web Solutions (http://etwebsolutions.com)
16
+ * @contacts support@etwebsolutions.com
17
+ * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
+ */
19
+
20
+ /**
21
+ * Class ET_IpSecurity_Model_System_Config_Source_Cookie_Expire
22
+ */
23
+ class ET_IpSecurity_Model_System_Config_Source_Cookie_Expire
24
+ {
25
+ const COOKIE_DISABLED_AFTER_1_HOUR = 1;
26
+ const COOKIE_DISABLED_AFTER_24_HOUR = 24;
27
+
28
+ public function toOptionArray()
29
+ {
30
+ $option = array();
31
+ /** @var ET_IpSecurity_Helper_Data $helper */
32
+ //$helper = Mage::helper('etipsecurity');
33
+
34
+ $option[] = array(
35
+ //'label' => '1 ' . $helper->__('hour'),
36
+ 'label' => self::COOKIE_DISABLED_AFTER_1_HOUR,
37
+ 'value' => self::COOKIE_DISABLED_AFTER_1_HOUR
38
+ );
39
+
40
+ $option[] = array(
41
+ //'label' => '24 ' . $helper->__('hour'),
42
+ 'label' => self::COOKIE_DISABLED_AFTER_24_HOUR,
43
+ 'value' => self::COOKIE_DISABLED_AFTER_24_HOUR
44
+ );
45
+
46
+ return $option;
47
+ }
48
+
49
+ /**
50
+ * return timestamp + cookie time life
51
+ *
52
+ * @return int
53
+ */
54
+ public function getCookieExpiredTime()
55
+ {
56
+ /** @var ET_IpSecurity_Helper_Data $helper */
57
+ $helper = Mage::helper('etipsecurity');
58
+ $cookieTimeInDays = $helper->getCookieExpireTime();
59
+ return time() + 60 * 60 * $cookieTimeInDays;
60
+ }
61
+
62
+ }
app/code/community/ET/IpSecurity/Model/System/Config/Source/Token/Expire.php ADDED
@@ -0,0 +1,88 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ /**
3
+ * NOTICE OF LICENSE
4
+ *
5
+ * You may not sell, sub-license, rent or lease
6
+ * any portion of the Software or Documentation to anyone.
7
+ *
8
+ * DISCLAIMER
9
+ *
10
+ * Do not edit or add to this file if you wish to upgrade to newer
11
+ * versions in the future.
12
+ *
13
+ * @category ET
14
+ * @package ET_IpSecurity
15
+ * @copyright Copyright (c) 2016 ET Web Solutions (http://etwebsolutions.com)
16
+ * @contacts support@etwebsolutions.com
17
+ * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
+ */
19
+
20
+ /**
21
+ * Class ET_IpSecurity_Model_System_Config_Source_Token_Expire
22
+ */
23
+ class ET_IpSecurity_Model_System_Config_Source_Token_Expire
24
+ {
25
+ const TOKEN_DISABLED_AFTER_3_DAYS = 3;
26
+ const TOKEN_DISABLED_AFTER_5_DAYS = 5;
27
+ const TOKEN_DISABLED_AFTER_10_DAYS = 10;
28
+
29
+ public function toOptionArray()
30
+ {
31
+ $option = array();
32
+ /** @var ET_IpSecurity_Helper_Data $helper */
33
+ //$helper = Mage::helper('etipsecurity');
34
+
35
+ $option[] = array(
36
+ //'label' => '3 ' . $helper->__('days'),
37
+ 'label' => self::TOKEN_DISABLED_AFTER_3_DAYS,
38
+ 'value' => self::TOKEN_DISABLED_AFTER_3_DAYS
39
+ );
40
+
41
+ $option[] = array(
42
+ //'label' => '5 ' . $helper->__('days'),
43
+ 'label' => self::TOKEN_DISABLED_AFTER_5_DAYS,
44
+ 'value' => self::TOKEN_DISABLED_AFTER_5_DAYS
45
+ );
46
+
47
+ $option[] = array(
48
+ //'label' => '10 ' . $helper->__('days'),
49
+ 'label' => self::TOKEN_DISABLED_AFTER_10_DAYS,
50
+ 'value' => self::TOKEN_DISABLED_AFTER_10_DAYS
51
+ );
52
+
53
+ return $option;
54
+ }
55
+
56
+ /**
57
+ * return timestamp(LastTimeUpdate + token time life)
58
+ *
59
+ * @return int
60
+ */
61
+ public function getTokenExpiredTimestamp()
62
+ {
63
+ /** @var ET_IpSecurity_Helper_Data $helper */
64
+ $helper = Mage::helper('etipsecurity');
65
+ $tokenTimeInDays = $helper->getTokenExpireTime();
66
+
67
+ $tokenLastUpdate = $helper->getLastUpdateToken();
68
+
69
+ if ($tokenLastUpdate) {
70
+ $tokenLastUpdate = strtotime($tokenLastUpdate);
71
+ }
72
+
73
+ return $tokenLastUpdate + 60 * 60 * 24 * $tokenTimeInDays;
74
+ }
75
+
76
+ /**
77
+ * @return bool
78
+ */
79
+ public function isTokenExpired()
80
+ {
81
+ if (time() > $this->getTokenExpiredTimestamp()) {
82
+ return true;
83
+ } else {
84
+ return false;
85
+ }
86
+ }
87
+
88
+ }
app/code/community/ET/IpSecurity/Test/Model/Observer.php CHANGED
@@ -17,6 +17,9 @@
17
  * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
  */
19
 
 
 
 
20
  class ET_IpSecurity_Test_Model_Observer extends EcomDev_PHPUnit_Test_Case
21
  {
22
  /**
17
  * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
  */
19
 
20
+ /**
21
+ * Class ET_IpSecurity_Test_Model_Observer
22
+ */
23
  class ET_IpSecurity_Test_Model_Observer extends EcomDev_PHPUnit_Test_Case
24
  {
25
  /**
app/code/community/ET/IpSecurity/controllers/Adminhtml/Etipsecurity/LogController.php CHANGED
@@ -17,40 +17,70 @@
17
  * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
  */
19
 
 
 
 
20
  class ET_IpSecurity_Adminhtml_Etipsecurity_LogController extends Mage_Adminhtml_Controller_Action
21
  {
 
 
 
 
22
  protected function _initAction()
23
  {
 
 
 
24
  $this->loadLayout()->_setActiveMenu('customers')->_addBreadcrumb(
25
  Mage::helper('adminhtml')->__('Customers'),
26
- Mage::helper('etipsecurity')->__('ET IP Security log')
27
  );
28
 
29
  return $this;
30
  }
31
 
 
 
 
32
  public function indexAction()
33
  {
34
  $this->_initAction()
35
  ->renderLayout();
36
  }
37
 
 
 
 
38
  public function exportCsvAction()
39
  {
40
  $fileName = 'et_ipsecurity.csv';
41
- $content = $this->getLayout()->createBlock('etipsecurity/adminhtml_log_grid')->getCsv();
 
 
 
42
 
43
  $this->_sendUploadResponse($fileName, $content);
44
  }
45
 
 
 
 
46
  public function exportXmlAction()
47
  {
48
  $fileName = 'et_ipsecurity.xml';
49
- $content = $this->getLayout()->createBlock('etipsecurity/adminhtml_log_grid')->getXml();
 
 
 
50
 
51
  $this->_sendUploadResponse($fileName, $content);
52
  }
53
 
 
 
 
 
 
54
  protected function _sendUploadResponse($fileName, $content, $contentType = 'application/octet-stream')
55
  {
56
  $response = $this->getResponse();
@@ -67,4 +97,13 @@ class ET_IpSecurity_Adminhtml_Etipsecurity_LogController extends Mage_Adminhtml_
67
  die;
68
  }
69
 
 
 
 
 
 
 
 
 
 
70
  }
17
  * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
  */
19
 
20
+ /**
21
+ * Class ET_IpSecurity_Adminhtml_Etipsecurity_LogController
22
+ */
23
  class ET_IpSecurity_Adminhtml_Etipsecurity_LogController extends Mage_Adminhtml_Controller_Action
24
  {
25
+ /**
26
+ * Init action
27
+ * @return ET_IpSecurity_Adminhtml_Etipsecurity_LogController $this
28
+ */
29
  protected function _initAction()
30
  {
31
+ /** @var ET_IpSecurity_Helper_Data $helper */
32
+ $helper = Mage::helper('etipsecurity');
33
+
34
  $this->loadLayout()->_setActiveMenu('customers')->_addBreadcrumb(
35
  Mage::helper('adminhtml')->__('Customers'),
36
+ $helper->__('ET IP Security log')
37
  );
38
 
39
  return $this;
40
  }
41
 
42
+ /**
43
+ * Default Action
44
+ */
45
  public function indexAction()
46
  {
47
  $this->_initAction()
48
  ->renderLayout();
49
  }
50
 
51
+ /**
52
+ * Export grid data to csv file Action
53
+ */
54
  public function exportCsvAction()
55
  {
56
  $fileName = 'et_ipsecurity.csv';
57
+
58
+ /** @var ET_IpSecurity_Block_Adminhtml_Log_Grid $block */
59
+ $block = $this->getLayout()->createBlock('etipsecurity/adminhtml_log_grid');
60
+ $content = $block->getCsv();
61
 
62
  $this->_sendUploadResponse($fileName, $content);
63
  }
64
 
65
+ /**
66
+ * Export grid data to xml file Action
67
+ */
68
  public function exportXmlAction()
69
  {
70
  $fileName = 'et_ipsecurity.xml';
71
+
72
+ /** @var ET_IpSecurity_Block_Adminhtml_Log_Grid $block */
73
+ $block = $this->getLayout()->createBlock('etipsecurity/adminhtml_log_grid');
74
+ $content = $block->getXml();
75
 
76
  $this->_sendUploadResponse($fileName, $content);
77
  }
78
 
79
+ /**
80
+ * @param string $fileName
81
+ * @param string $content
82
+ * @param string $contentType
83
+ */
84
  protected function _sendUploadResponse($fileName, $content, $contentType = 'application/octet-stream')
85
  {
86
  $response = $this->getResponse();
97
  die;
98
  }
99
 
100
+ /**
101
+ * Check for ACL permissions
102
+ *
103
+ * @return bool
104
+ */
105
+ protected function _isAllowed()
106
+ {
107
+ return Mage::getSingleton('admin/session')->isAllowed('customer/etipsecurity/restricted_log');
108
+ }
109
  }
app/code/community/ET/IpSecurity/controllers/Adminhtml/Etipsecurity/Token/LogController.php ADDED
@@ -0,0 +1,47 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ /**
3
+ * NOTICE OF LICENSE
4
+ *
5
+ * You may not sell, sub-license, rent or lease
6
+ * any portion of the Software or Documentation to anyone.
7
+ *
8
+ * DISCLAIMER
9
+ *
10
+ * Do not edit or add to this file if you wish to upgrade to newer
11
+ * versions in the future.
12
+ *
13
+ * @category ET
14
+ * @package ET_IpSecurity
15
+ * @copyright Copyright (c) 2016 ET Web Solutions (http://etwebsolutions.com)
16
+ * @contacts support@etwebsolutions.com
17
+ * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
+ */
19
+
20
+ /**
21
+ * Class ET_IpSecurity_Adminhtml_Etipsecurity_Token_LogController
22
+ */
23
+ class ET_IpSecurity_Adminhtml_Etipsecurity_Token_LogController extends Mage_Adminhtml_Controller_Action
24
+ {
25
+ protected function _initAction()
26
+ {
27
+ /** @var ET_IpSecurity_Helper_Data $helper */
28
+ $helper = Mage::helper('etipsecurity');
29
+
30
+ $this->loadLayout()->_setActiveMenu('customers')->_addBreadcrumb(
31
+ Mage::helper('adminhtml')->__('Customers'),
32
+ $helper->__('ET IP Security Token log')
33
+ );
34
+
35
+ return $this;
36
+ }
37
+
38
+
39
+ /**
40
+ * Default Action
41
+ */
42
+ public function indexAction()
43
+ {
44
+ $this->_initAction()
45
+ ->renderLayout();
46
+ }
47
+ }
app/code/community/ET/IpSecurity/controllers/Adminhtml/Etipsecurity/TokenController.php ADDED
@@ -0,0 +1,92 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ /**
3
+ * NOTICE OF LICENSE
4
+ *
5
+ * You may not sell, sub-license, rent or lease
6
+ * any portion of the Software or Documentation to anyone.
7
+ *
8
+ * DISCLAIMER
9
+ *
10
+ * Do not edit or add to this file if you wish to upgrade to newer
11
+ * versions in the future.
12
+ *
13
+ * @category ET
14
+ * @package ET_IpSecurity
15
+ * @copyright Copyright (c) 2016 ET Web Solutions (http://etwebsolutions.com)
16
+ * @contacts support@etwebsolutions.com
17
+ * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
+ */
19
+
20
+ /**
21
+ * Class ET_IpSecurity_Adminhtml_Etipsecurity_TokenController
22
+ */
23
+ class ET_IpSecurity_Adminhtml_Etipsecurity_TokenController extends Mage_Adminhtml_Controller_Action
24
+ {
25
+
26
+ /**
27
+ * Action Delete Token
28
+ */
29
+ public function deleteAction()
30
+ {
31
+ /** @var ET_IpSecurity_Helper_Data $helper */
32
+ $helper = Mage::helper('etipsecurity');
33
+
34
+ $response = array(
35
+ 'frontUrl' => $helper->__(ET_IpSecurity_Helper_Data::MESSAGE_TOKEN_NOT_CREATED),
36
+ 'adminUrl' => $helper->__(ET_IpSecurity_Helper_Data::MESSAGE_TOKEN_NOT_CREATED),
37
+ 'date' => $helper->__(ET_IpSecurity_Helper_Data::MESSAGE_TOKEN_NOT_UPDATED)
38
+ );
39
+
40
+ $helper->resetTokenLinks();
41
+ $helper->resetLastUpdateTokenTime();
42
+
43
+ $body = Mage::helper('core')->jsonEncode($response);
44
+ $this->getResponse()->setBody($body);
45
+ }
46
+
47
+
48
+
49
+ /**
50
+ * action generate token
51
+ */
52
+ public function generateAction()
53
+ {
54
+ $response = array(
55
+ 'frontUrl' => '',
56
+ 'adminUrl' => '',
57
+ 'date' => ''
58
+ );
59
+
60
+ $value = $this->getRequest()->getParam('ipsecurity_token_name');
61
+
62
+ if ($value != '') {
63
+ /** @var ET_IpSecurity_Helper_Data $helper */
64
+ $helper = Mage::helper('etipsecurity');
65
+
66
+ $date = $helper->setLastUpdateToken();
67
+ $date = Mage::helper('core')->formatDate($date, Mage_Core_Model_Locale::FORMAT_TYPE_MEDIUM, true);
68
+
69
+ $value = trim($value);
70
+
71
+ $helper->setToken($value);
72
+
73
+ $response['frontUrl'] = $helper->getFrontTokenUrl();
74
+ $response['adminUrl'] = $helper->getAdminTokenUrl();
75
+
76
+ $response['date'] = $date;
77
+ }
78
+
79
+ $body = Mage::helper('core')->jsonEncode($response);
80
+ $this->getResponse()->setBody($body);
81
+ }
82
+
83
+
84
+ /**
85
+ * check ACL
86
+ * @return bool
87
+ */
88
+ protected function _isAllowed()
89
+ {
90
+ return Mage::getSingleton('admin/session')->isAllowed('system/config/etipsecurity');
91
+ }
92
+ }
app/code/community/ET/IpSecurity/etc/config.xml CHANGED
@@ -1,313 +1,397 @@
1
- <?xml version="1.0"?>
2
- <!--
3
- /**
4
- * NOTICE OF LICENSE
5
- *
6
- * You may not sell, sub-license, rent or lease
7
- * any portion of the Software or Documentation to anyone.
8
- *
9
- * DISCLAIMER
10
- *
11
- * Do not edit or add to this file if you wish to upgrade to newer
12
- * versions in the future.
13
- *
14
- * @category ET
15
- * @package ET_IpSecurity
16
- * @copyright Copyright (c) 2012 ET Web Solutions (http://etwebsolutions.com)
17
- * @contacts support@etwebsolutions.com
18
- * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
19
- */
20
- -->
21
-
22
- <config>
23
- <modules>
24
- <ET_IpSecurity>
25
- <name>ET Ip Security</name>
26
- <version>2.1.2</version>
27
- <descr>
28
- <ru_RU><![CDATA[Модуль позволяет ограничивать доступ к сайту посетителям по IP, IP маскам или диапозону IP.
29
- <br>При срабатывании правила перенаправляет посетителя на указанную CMS страницу или просто на пустую страницу.
30
- Также может оповестить владельца сайта о сработавшем правиле по е-майл.
31
- <br><br>
32
- Доступна функция отключения сайта на техническое обслуживание.]]>
33
- </ru_RU>
34
- <en_US><![CDATA[Extension allows to restrict access to website for visitors by IP, IP mask or IP range.
35
- <br>When blocking rule is triggered user will be redirected to selected CMS page or blank page.
36
- Extension can also notify website owner about blocked visitor by email.
37
- <br><br>
38
- Secondary feature: Allows to turn off frontend during maintenance operations.]]>
39
- </en_US>
40
- </descr>
41
- <permanentlink>
42
- <ru_RU>http://shop.etwebsolutions.com/rus/et-ip-security.html</ru_RU>
43
- <en_US>http://shop.etwebsolutions.com/eng/et-ip-security.html</en_US>
44
- </permanentlink>
45
- <license>
46
- <ru_RU><![CDATA[ETWS Свободная лицензия (EFL1)]]></ru_RU>
47
- <en_US><![CDATA[ETWS Free License (EFL1)]]></en_US>
48
- </license>
49
- <licenselink>
50
- <ru_RU>http://shop.etwebsolutions.com/rus/etws-license-free-v1</ru_RU>
51
- <en_US>http://shop.etwebsolutions.com/eng/etws-license-free-v1</en_US>
52
- </licenselink>
53
- <redminelink>http://support.etwebsolutions.com/projects/et-ipsecurity/roadmap</redminelink>
54
- <ourserviceslink>
55
- <ru_RU>http://shop.etwebsolutions.com/rus/our-services</ru_RU>
56
- <en_US>http://shop.etwebsolutions.com/eng/our-services</en_US>
57
- </ourserviceslink>
58
- </ET_IpSecurity>
59
- </modules>
60
- <global>
61
- <models>
62
- <etipsecurity>
63
- <class>ET_IpSecurity_Model</class>
64
- <resourceModel>etipsecurity_mysql4</resourceModel>
65
- </etipsecurity>
66
- <etipsecurity_mysql4>
67
- <class>ET_IpSecurity_Model_Mysql4</class>
68
- <entities>
69
- <ipsecuritylog>
70
- <table>ipsecurity_log</table>
71
- </ipsecuritylog>
72
- </entities>
73
- </etipsecurity_mysql4>
74
- </models>
75
- <helpers>
76
- <etipsecurity>
77
- <class>ET_IpSecurity_Helper</class>
78
- </etipsecurity>
79
- </helpers>
80
- <blocks>
81
- <etipsecurity>
82
- <class>ET_IpSecurity_Block</class>
83
- </etipsecurity>
84
- </blocks>
85
- <resources>
86
- <ipsecurity_setup>
87
- <setup>
88
- <module>ET_IpSecurity</module>
89
- </setup>
90
- <connection>
91
- <use>core_setup</use>
92
- </connection>
93
- </ipsecurity_setup>
94
- <etipsecurity_write>
95
- <connection>
96
- <use>core_write</use>
97
- </connection>
98
- </etipsecurity_write>
99
- <etipsecurity_read>
100
- <connection>
101
- <use>core_read</use>
102
- </connection>
103
- </etipsecurity_read>
104
- </resources>
105
-
106
-
107
- <template>
108
- <email>
109
- <etipsecurity_ipsecurityfront_email_template translate="label" module="etipsecurity">
110
- <label>Security Violence to Frontend</label>
111
- <file>et_ipsecurity.html</file>
112
- <type>text</type>
113
- </etipsecurity_ipsecurityfront_email_template>
114
- <etipsecurity_ipsecurityadmin_email_template translate="label" module="etipsecurity">
115
- <label>Security Violence to Admin</label>
116
- <file>et_ipsecurity_admin.html</file>
117
- <type>text</type>
118
- </etipsecurity_ipsecurityadmin_email_template>
119
- </email>
120
- </template>
121
-
122
-
123
- <events>
124
- <!--
125
- <admin_session_user_login_failed>
126
- <observers>
127
- <ET_IpSecurity_observer>
128
- <type>singleton</type>
129
- <class>etipsecurity/observer</class>
130
- <method>onAdminLoginFailed</method>
131
- </ET_IpSecurity_observer>
132
- </observers>
133
- </admin_session_user_login_failed>
134
- -->
135
- <controller_front_init_routers>
136
- <observers>
137
- <ET_IpSecurity_observer>
138
- <type>singleton</type>
139
- <class>etipsecurity/observer</class>
140
- <method>onLoadingDownloader</method>
141
- </ET_IpSecurity_observer>
142
- </observers>
143
- </controller_front_init_routers>
144
- </events>
145
- </global>
146
-
147
- <default>
148
- <etipsecurity>
149
- <global_settings>
150
- <get_ip_method>REMOTE_ADDR</get_ip_method>
151
- </global_settings>
152
- <ipsecurityfront>
153
- <email_always>0</email_always>
154
- </ipsecurityfront>
155
- <ipsecurityadmin>
156
- <email_always>0</email_always>
157
- </ipsecurityadmin>
158
- <ipsecuritymaintetance>
159
- <enabled>0</enabled>
160
- <message><![CDATA[
161
- <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
162
- <head>
163
- <title>We're sorry, but our website is under maintenance.</title>
164
- <style>
165
- body {
166
- background:#FFF none repeat scroll 0 0;
167
- color:#000;
168
- font-family:Helvetica,Arial,Verdana,sans-serif;
169
- font-size:12px;
170
-
171
- margin:0;
172
- padding:0;
173
- text-align:center;
174
- }
175
- h1
176
- {
177
- margin:0px;
178
- padding:0px;
179
- margin-top:30%;
180
- font-size: 25pt;
181
- display:block;
182
- }
183
- h2
184
- {
185
- padding:0px;
186
- margin-top: 5px;
187
- font-size: 18pt;
188
- }
189
-
190
- </style>
191
- </head>
192
-
193
- <body>
194
- <h1>We're sorry, but our website is under maintenance.</h1>
195
- <h2>Please try refreshing this page later.</h2>
196
- </body>
197
- ]]>
198
- </message>
199
- <remindermessage>
200
- <![CDATA[<p style="margin:0; padding:6px 10px; background:#d75f07; font-size:12px; line-height:1.15; text-align:center; color:#fff;">This store is under maintenance. Yo can see this page because your IP is in exception list.</p>]]></remindermessage>
201
- </ipsecuritymaintetance>
202
- </etipsecurity>
203
- </default>
204
-
205
-
206
- <frontend>
207
- <events>
208
- <controller_action_predispatch>
209
- <observers>
210
- <ET_IpSecurity_observer>
211
- <type>singleton</type>
212
- <class>etipsecurity/observer</class>
213
- <method>onLoadingFrontend</method>
214
- </ET_IpSecurity_observer>
215
- </observers>
216
- </controller_action_predispatch>
217
- </events>
218
- </frontend>
219
- <admin>
220
- <routers>
221
- <adminhtml>
222
- <args>
223
- <modules>
224
- <etipsecurity after="Mage_Adminhtml">ET_IpSecurity_Adminhtml</etipsecurity>
225
- <frontName>etipsecurity</frontName>
226
- </modules>
227
- </args>
228
- </adminhtml>
229
- <!--etipsecurity>
230
- <use>admin</use>
231
- <args>
232
- <module>ET_IpSecurity</module>
233
- <frontName>etipsecurity</frontName>
234
- </args>
235
- </etipsecurity-->
236
- </routers>
237
- </admin>
238
- <adminhtml>
239
- <events>
240
- <controller_action_predispatch>
241
- <observers>
242
- <ET_IpSecurity_observer>
243
- <type>singleton</type>
244
- <class>etipsecurity/observer</class>
245
- <method>onLoadingAdmin</method>
246
- </ET_IpSecurity_observer>
247
- </observers>
248
- </controller_action_predispatch>
249
- </events>
250
- <menu>
251
- <customer>
252
- <children>
253
- <etipsecurity translate="title" module="etipsecurity">
254
- <title>ET IP Security log</title>
255
- <action>adminhtml/etipsecurity_log</action>
256
- <sort_order>300</sort_order>
257
- </etipsecurity>
258
- </children>
259
- </customer>
260
- </menu>
261
- <acl>
262
- <resources>
263
- <admin>
264
- <children>
265
- <system>
266
- <children>
267
- <config>
268
- <children>
269
- <etipsecurity translate="title" module="etipsecurity">
270
- <title>ET IP Security Section</title>
271
- <sort_order>300</sort_order>
272
- </etipsecurity>
273
- </children>
274
- </config>
275
- </children>
276
- </system>
277
- <customer>
278
- <children>
279
- <etipsecurity translate="title" module="etipsecurity">
280
- <title>ET IP Security log</title>
281
- <sort_order>300</sort_order>
282
- </etipsecurity>
283
- </children>
284
- </customer>
285
- </children>
286
- </admin>
287
- </resources>
288
- </acl>
289
- <translate>
290
- <modules>
291
- <ET_IpSecurity>
292
- <files>
293
- <default>ET_IpSecurity.csv</default>
294
- </files>
295
- </ET_IpSecurity>
296
- </modules>
297
- </translate>
298
- <layout>
299
- <updates>
300
- <etipsecurity>
301
- <file>et_ipsecurity.xml</file>
302
- </etipsecurity>
303
- </updates>
304
- </layout>
305
- </adminhtml>
306
- <phpunit>
307
- <suite>
308
- <modules>
309
- <ET_IpSecurity />
310
- </modules>
311
- </suite>
312
- </phpunit>
313
- </config>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?xml version="1.0"?>
2
+ <!--
3
+ /**
4
+ * NOTICE OF LICENSE
5
+ *
6
+ * You may not sell, sub-license, rent or lease
7
+ * any portion of the Software or Documentation to anyone.
8
+ *
9
+ * DISCLAIMER
10
+ *
11
+ * Do not edit or add to this file if you wish to upgrade to newer
12
+ * versions in the future.
13
+ *
14
+ * @category ET
15
+ * @package ET_IpSecurity
16
+ * @copyright Copyright (c) 2012 ET Web Solutions (http://etwebsolutions.com)
17
+ * @contacts support@etwebsolutions.com
18
+ * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
19
+ */
20
+ -->
21
+
22
+ <config>
23
+ <modules>
24
+ <ET_IpSecurity>
25
+ <name>ET Ip Security</name>
26
+ <version>2.2.0</version>
27
+ <descr>
28
+ <ru_RU><![CDATA[Модуль позволяет ограничивать доступ к сайту посетителям по IP, IP маскам или диапозону IP.
29
+ <br>При срабатывании правила перенаправляет посетителя на указанную CMS страницу или просто на пустую страницу.
30
+ Также может оповестить владельца сайта о сработавшем правиле по е-майл.
31
+ <br><br>
32
+ Доступна функция отключения сайта на техническое обслуживание.]]>
33
+ </ru_RU>
34
+ <en_US><![CDATA[Extension allows to restrict access to website for visitors by IP, IP mask or IP range.
35
+ <br>When blocking rule is triggered user will be redirected to selected CMS page or blank page.
36
+ Extension can also notify website owner about blocked visitor by email.
37
+ <br><br>
38
+ Secondary feature: Allows to turn off frontend during maintenance operations.]]>
39
+ </en_US>
40
+ </descr>
41
+ <permanentlink>
42
+ <ru_RU>http://shop.etwebsolutions.com/rus/et-ip-security.html</ru_RU>
43
+ <en_US>http://shop.etwebsolutions.com/eng/et-ip-security.html</en_US>
44
+ </permanentlink>
45
+ <license>
46
+ <ru_RU><![CDATA[ETWS Свободная лицензия (EFL1)]]></ru_RU>
47
+ <en_US><![CDATA[ETWS Free License (EFL1)]]></en_US>
48
+ </license>
49
+ <licenselink>
50
+ <ru_RU>http://shop.etwebsolutions.com/rus/etws-license-free-v1</ru_RU>
51
+ <en_US>http://shop.etwebsolutions.com/eng/etws-license-free-v1</en_US>
52
+ </licenselink>
53
+ <redminelink>http://support.etwebsolutions.com/projects/et-ipsecurity/roadmap</redminelink>
54
+ <ourserviceslink>
55
+ <ru_RU>http://shop.etwebsolutions.com/rus/our-services</ru_RU>
56
+ <en_US>http://shop.etwebsolutions.com/eng/our-services</en_US>
57
+ </ourserviceslink>
58
+ </ET_IpSecurity>
59
+ </modules>
60
+ <global>
61
+
62
+ <models>
63
+ <etipsecurity>
64
+ <class>ET_IpSecurity_Model</class>
65
+ <resourceModel>etipsecurity_mysql4</resourceModel>
66
+ </etipsecurity>
67
+ <etipsecurity_mysql4>
68
+ <class>ET_IpSecurity_Model_Mysql4</class>
69
+ <entities>
70
+ <ipsecuritylog>
71
+ <table>ipsecurity_log</table>
72
+ </ipsecuritylog>
73
+ </entities>
74
+
75
+ <entities>
76
+ <iptokenlog>
77
+ <table>ipsecurity_token_log</table>
78
+ </iptokenlog>
79
+ </entities>
80
+
81
+ </etipsecurity_mysql4>
82
+ </models>
83
+
84
+ <helpers>
85
+ <etipsecurity>
86
+ <class>ET_IpSecurity_Helper</class>
87
+ </etipsecurity>
88
+ </helpers>
89
+ <blocks>
90
+ <etipsecurity>
91
+ <class>ET_IpSecurity_Block</class>
92
+ </etipsecurity>
93
+ </blocks>
94
+ <resources>
95
+ <ipsecurity_setup>
96
+ <setup>
97
+ <module>ET_IpSecurity</module>
98
+ </setup>
99
+ <connection>
100
+ <use>core_setup</use>
101
+ </connection>
102
+ </ipsecurity_setup>
103
+ <etipsecurity_write>
104
+ <connection>
105
+ <use>core_write</use>
106
+ </connection>
107
+ </etipsecurity_write>
108
+ <etipsecurity_read>
109
+ <connection>
110
+ <use>core_read</use>
111
+ </connection>
112
+ </etipsecurity_read>
113
+ </resources>
114
+
115
+
116
+ <template>
117
+ <email>
118
+ <etipsecurity_ipsecurityfront_email_template translate="label" module="etipsecurity">
119
+ <label>Security Violence to Frontend</label>
120
+ <file>et_ipsecurity.html</file>
121
+ <type>text</type>
122
+ </etipsecurity_ipsecurityfront_email_template>
123
+
124
+ <etipsecurity_ipsecurityadmin_email_template translate="label" module="etipsecurity">
125
+ <label>Security Violence to Admin</label>
126
+ <file>et_ipsecurity_admin.html</file>
127
+ <type>text</type>
128
+ </etipsecurity_ipsecurityadmin_email_template>
129
+
130
+ <etipsecurity_ipsecuritytoken_email_template translate="label" module="etipsecurity">
131
+ <label>Successful authentication by token</label>
132
+ <file>et_ipsecurity_ipsecuritytoken.html</file>
133
+ <type>text</type>
134
+ </etipsecurity_ipsecuritytoken_email_template>
135
+
136
+ <etipsecurity_ipsecuritytoken_fail_email_template translate="label" module="etipsecurity">
137
+ <label>Unsuccessful authentication by token</label>
138
+ <file>et_ipsecurity_ipsecuritytoken_fail.html</file>
139
+ <type>text</type>
140
+ </etipsecurity_ipsecuritytoken_fail_email_template>
141
+ </email>
142
+ </template>
143
+
144
+
145
+ <events>
146
+ <!--
147
+ <admin_session_user_login_failed>
148
+ <observers>
149
+ <ET_IpSecurity_observer>
150
+ <type>singleton</type>
151
+ <class>etipsecurity/observer</class>
152
+ <method>onAdminLoginFailed</method>
153
+ </ET_IpSecurity_observer>
154
+ </observers>
155
+ </admin_session_user_login_failed>
156
+ -->
157
+ <controller_front_init_routers>
158
+ <observers>
159
+ <ET_IpSecurity_observer>
160
+ <type>singleton</type>
161
+ <class>etipsecurity/observer</class>
162
+ <method>onLoadingDownloader</method>
163
+ </ET_IpSecurity_observer>
164
+ </observers>
165
+ </controller_front_init_routers>
166
+ </events>
167
+ </global>
168
+
169
+ <default>
170
+ <etipsecurity>
171
+ <global_settings>
172
+ <get_ip_method>REMOTE_ADDR</get_ip_method>
173
+ </global_settings>
174
+ <ipsecurityfront>
175
+ <email_always>0</email_always>
176
+ </ipsecurityfront>
177
+ <ipsecurityadmin>
178
+ <email_always>0</email_always>
179
+ </ipsecurityadmin>
180
+ <ipsecuritymaintetance>
181
+ <enabled>0</enabled>
182
+ <message><![CDATA[
183
+ <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
184
+ <head>
185
+ <title>We're sorry, but our website is under maintenance.</title>
186
+ <style>
187
+ body {
188
+ background:#FFF none repeat scroll 0 0;
189
+ color:#000;
190
+ font-family:Helvetica,Arial,Verdana,sans-serif;
191
+ font-size:12px;
192
+
193
+ margin:0;
194
+ padding:0;
195
+ text-align:center;
196
+ }
197
+ h1
198
+ {
199
+ margin:0px;
200
+ padding:0px;
201
+ margin-top:30%;
202
+ font-size: 25pt;
203
+ display:block;
204
+ }
205
+ h2
206
+ {
207
+ padding:0px;
208
+ margin-top: 5px;
209
+ font-size: 18pt;
210
+ }
211
+
212
+ </style>
213
+ </head>
214
+
215
+ <body>
216
+ <h1>We're sorry, but our website is under maintenance.</h1>
217
+ <h2>Please try refreshing this page later.</h2>
218
+ </body>
219
+ ]]>
220
+ </message>
221
+ <remindermessage>
222
+ <![CDATA[<p style="margin:0; padding:6px 10px; background:#d75f07; font-size:12px; line-height:1.15; text-align:center; color:#fff;">This store is under maintenance. Yo can see this page because your IP is in exception list.</p>]]>
223
+ </remindermessage>
224
+ </ipsecuritymaintetance>
225
+
226
+ <ipsecuritytoken>
227
+ <enabled>0</enabled>
228
+ <param_name>ipbypas</param_name>
229
+ <!--<token></token>-->
230
+ <!--<token_link></token_link>-->
231
+ <!--<last_updated_date></last_updated_date>-->
232
+ </ipsecuritytoken>
233
+ <general>
234
+ <log_enabled>1</log_enabled>
235
+ <log_file>etipsecurity.log</log_file>
236
+ </general>
237
+ </etipsecurity>
238
+ </default>
239
+
240
+
241
+ <frontend>
242
+ <events>
243
+ <controller_action_predispatch>
244
+ <observers>
245
+ <ET_IpSecurity_observer>
246
+ <type>singleton</type>
247
+ <class>etipsecurity/observer</class>
248
+ <method>onLoadingFrontend</method>
249
+ </ET_IpSecurity_observer>
250
+ </observers>
251
+ </controller_action_predispatch>
252
+ </events>
253
+ </frontend>
254
+ <admin>
255
+ <routers>
256
+ <adminhtml>
257
+ <args>
258
+ <modules>
259
+ <etipsecurity after="Mage_Adminhtml">ET_IpSecurity_Adminhtml</etipsecurity>
260
+ <frontName>etipsecurity</frontName>
261
+ </modules>
262
+ </args>
263
+ </adminhtml>
264
+
265
+ </routers>
266
+ </admin>
267
+ <adminhtml>
268
+ <events>
269
+
270
+ <controller_action_predispatch>
271
+ <observers>
272
+ <ET_IpSecurity_observer>
273
+ <type>singleton</type>
274
+ <class>etipsecurity/observer</class>
275
+ <method>onLoadingAdmin</method>
276
+ </ET_IpSecurity_observer>
277
+ </observers>
278
+ </controller_action_predispatch>
279
+
280
+ <admin_user_authenticate_before>
281
+ <observers>
282
+ <ET_IpSecurity_observer>
283
+ <type>singleton</type>
284
+ <class>etipsecurity/observer</class>
285
+ <method>onLoadingAdmin</method>
286
+ </ET_IpSecurity_observer>
287
+ </observers>
288
+ </admin_user_authenticate_before>
289
+
290
+ </events>
291
+ <menu>
292
+ <customer>
293
+ <children>
294
+ <etipsecurity translate="title" module="etipsecurity">
295
+ <title>IP Security</title>
296
+ <sort_order>300</sort_order>
297
+ <children>
298
+
299
+ <restricted_log translate="title" module="etipsecurity">
300
+ <title>Security log</title>
301
+ <sort_order>30</sort_order>
302
+ <action>adminhtml/etipsecurity_log</action>
303
+ </restricted_log>
304
+
305
+ <restricted_token_log translate="title" module="etipsecurity">
306
+ <title>Security Token log</title>
307
+ <sort_order>50</sort_order>
308
+ <action>adminhtml/etipsecurity_token_log</action>
309
+ </restricted_token_log>
310
+
311
+
312
+ <system_config translate="title" module="etipsecurity">
313
+ <title>Global settings</title>
314
+ <sort_order>900</sort_order>
315
+ <action>adminhtml/system_config/edit/section/etipsecurity</action>
316
+ </system_config>
317
+
318
+
319
+ </children>
320
+ </etipsecurity>
321
+ </children>
322
+ </customer>
323
+ </menu>
324
+ <acl>
325
+ <resources>
326
+ <admin>
327
+ <children>
328
+
329
+ <system>
330
+ <children>
331
+ <config>
332
+ <children>
333
+ <etipsecurity translate="title" module="etipsecurity">
334
+ <title>ET IP Security Section</title>
335
+ <sort_order>300</sort_order>
336
+ </etipsecurity>
337
+ </children>
338
+ </config>
339
+ </children>
340
+ </system>
341
+
342
+ <customer>
343
+ <children>
344
+ <etipsecurity translate="title" module="etipsecurity">
345
+ <title>ET IP Security Section</title>
346
+ <sort_order>300</sort_order>
347
+ <children>
348
+ <restricted_log>
349
+ <title>Security log</title>
350
+ <sort_order>300</sort_order>
351
+ </restricted_log>
352
+
353
+ <restricted_token_log>
354
+ <title>Security Token log</title>
355
+ <sort_order>350</sort_order>
356
+ </restricted_token_log>
357
+
358
+
359
+ <system_config>
360
+ <title>Global settings</title>
361
+ <sort_order>900</sort_order>
362
+ </system_config>
363
+
364
+
365
+ </children>
366
+ </etipsecurity>
367
+ </children>
368
+ </customer>
369
+ </children>
370
+ </admin>
371
+ </resources>
372
+ </acl>
373
+ <translate>
374
+ <modules>
375
+ <ET_IpSecurity>
376
+ <files>
377
+ <default>ET_IpSecurity.csv</default>
378
+ </files>
379
+ </ET_IpSecurity>
380
+ </modules>
381
+ </translate>
382
+ <layout>
383
+ <updates>
384
+ <etipsecurity>
385
+ <file>et_ipsecurity.xml</file>
386
+ </etipsecurity>
387
+ </updates>
388
+ </layout>
389
+ </adminhtml>
390
+ <phpunit>
391
+ <suite>
392
+ <modules>
393
+ <ET_IpSecurity />
394
+ </modules>
395
+ </suite>
396
+ </phpunit>
397
+ </config>
app/code/community/ET/IpSecurity/etc/system.xml CHANGED
@@ -1,299 +1,528 @@
1
- <?xml version="1.0"?>
2
- <!--
3
- /**
4
- * NOTICE OF LICENSE
5
- *
6
- * You may not sell, sub-license, rent or lease
7
- * any portion of the Software or Documentation to anyone.
8
- *
9
- * DISCLAIMER
10
- *
11
- * Do not edit or add to this file if you wish to upgrade to newer
12
- * versions in the future.
13
- *
14
- * @category ET
15
- * @package ET_IpSecurity
16
- * @copyright Copyright (c) 2012 ET Web Solutions (http://etwebsolutions.com)
17
- * @contacts support@etwebsolutions.com
18
- * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
19
- */
20
- -->
21
-
22
- <config>
23
- <tabs>
24
- <etall translate="label">
25
- <label>ET Extensions</label>
26
- <sort_order>400</sort_order>
27
- </etall>
28
- </tabs>
29
-
30
- <sections>
31
- <etipsecurity translate="label" module="etipsecurity">
32
- <label>IP Security</label>
33
- <tab>etall</tab>
34
- <frontend_type>text</frontend_type>
35
- <sort_order>300</sort_order>
36
- <show_in_default>1</show_in_default>
37
- <show_in_website>1</show_in_website>
38
- <show_in_store>1</show_in_store>
39
- <groups>
40
- <info translate="label">
41
- <label>IP Security information</label>
42
- <sort_order>1</sort_order>
43
- <show_in_default>1</show_in_default>
44
- <show_in_website>1</show_in_website>
45
- <show_in_store>1</show_in_store>
46
- <fields>
47
- <support_information>
48
- <frontend_model>etipsecurity/adminhtml_support</frontend_model>
49
- <sort_order>100</sort_order>
50
- <show_in_default>1</show_in_default>
51
- <show_in_website>1</show_in_website>
52
- <show_in_store>1</show_in_store>
53
- </support_information>
54
- </fields>
55
- </info>
56
- <global_settings translate="label">
57
- <label>Global Settings</label>
58
- <sort_order>2</sort_order>
59
- <show_in_default>1</show_in_default>
60
- <show_in_website>1</show_in_website>
61
- <show_in_store>1</show_in_store>
62
- <fields>
63
- <get_ip_method translate="label comment">
64
- <label>Method to get IP</label>
65
- <comment><![CDATA[Extension receives customer IP from server. Servers can store this information in different variables. Usually variable REMOTE_ADDR is used. But if your server is configured differently, you can select neccessary IP address get method.]]></comment>
66
- <frontend_type>select</frontend_type>
67
- <source_model>etipsecurity/ipVariable</source_model>
68
- <sort_order>100</sort_order>
69
- <show_in_default>1</show_in_default>
70
- <show_in_website>1</show_in_website>
71
- <show_in_store>1</show_in_store>
72
- </get_ip_method>
73
- <methods_information translate="label">
74
- <frontend_model>etipsecurity/adminhtml_getIpInfo</frontend_model>
75
- <label>Current server values</label>
76
- <sort_order>200</sort_order>
77
- <show_in_default>1</show_in_default>
78
- <show_in_website>1</show_in_website>
79
- <show_in_store>1</show_in_store>
80
- </methods_information>
81
- </fields>
82
- </global_settings>
83
- <ipsecurityfront translate="label comment">
84
- <label>IP Security - Frontend</label>
85
- <sort_order>10</sort_order>
86
- <show_in_default>1</show_in_default>
87
- <show_in_website>1</show_in_website>
88
- <show_in_store>1</show_in_store>
89
- <fields>
90
- <allow translate="label comment">
91
- <label>Allow these IPs</label>
92
- <comment><![CDATA[Visitors with other IPs will be blocked.]]></comment>
93
- <frontend_type>textarea</frontend_type>
94
- <sort_order>10</sort_order>
95
- <show_in_default>1</show_in_default>
96
- <show_in_website>1</show_in_website>
97
- <show_in_store>1</show_in_store>
98
- </allow>
99
- <block translate="label">
100
- <label>Block these IPs</label>
101
- <comment><![CDATA[You can enter IP addresses, masks and ranges. Comments are added with character |. Each rule on separate row.<br>Example:<br>127.0.0.1|My address<br>10.*.*.*|internal company IPs<br>10.0.0.1-20.0.0.1|IP Range<br>10.0.0.192/26|IP Range]]></comment>
102
- <frontend_type>textarea</frontend_type>
103
- <sort_order>20</sort_order>
104
- <show_in_default>1</show_in_default>
105
- <show_in_website>1</show_in_website>
106
- <show_in_store>1</show_in_store>
107
- </block>
108
- <redirect_blank translate="label comment">
109
- <label>Redirect to blank page</label>
110
- <comment><![CDATA[When blocking rule is triggered visitor will be redirected to a blank page with blocking rule description.]]></comment>
111
- <frontend_type>select</frontend_type>
112
- <source_model>adminhtml/system_config_source_yesno</source_model>
113
- <sort_order>30</sort_order>
114
- <show_in_default>1</show_in_default>
115
- <show_in_website>1</show_in_website>
116
- <show_in_store>1</show_in_store>
117
- </redirect_blank>
118
- <redirect_page translate="label comment">
119
- <label>Redirect to CMS page</label>
120
- <comment><![CDATA[Visitor will not be notified about blocking rule redirection.]]></comment>
121
- <frontend_type>select</frontend_type>
122
- <source_model>adminhtml/system_config_source_cms_page</source_model>
123
- <sort_order>40</sort_order>
124
- <show_in_default>1</show_in_default>
125
- <show_in_website>1</show_in_website>
126
- <show_in_store>1</show_in_store>
127
- </redirect_page>
128
- <email_event translate="label comment">
129
- <label>Mail block events to</label>
130
- <comment><![CDATA[You can specify multiple recipients. Comma separated. For example: admin1@example.com, admin2@example.com]]></comment>
131
- <frontend_type>text</frontend_type>
132
- <sort_order>50</sort_order>
133
- <show_in_default>1</show_in_default>
134
- <show_in_website>1</show_in_website>
135
- <show_in_store>1</show_in_store>
136
- </email_event>
137
- <email_template translate="label">
138
- <label>Email Template</label>
139
- <frontend_type>select</frontend_type>
140
- <source_model>adminhtml/system_config_source_email_template</source_model>
141
- <sort_order>60</sort_order>
142
- <show_in_default>1</show_in_default>
143
- <show_in_website>1</show_in_website>
144
- <show_in_store>1</show_in_store>
145
- </email_template>
146
- <email_identity translate="label">
147
- <label>Store email</label>
148
- <frontend_type>select</frontend_type>
149
- <source_model>adminhtml/system_config_source_email_identity</source_model>
150
- <sort_order>70</sort_order>
151
- <show_in_default>1</show_in_default>
152
- <show_in_website>1</show_in_website>
153
- <show_in_store>1</show_in_store>
154
- </email_identity>
155
- <email_always translate="label comment">
156
- <label>Email always</label>
157
- <comment><![CDATA[Yes - mail notification will be sent every time when blocking rule applies. No - mail notification will be sent when IP is blocked for first time and each 10th time blocking occurs.]]></comment>
158
- <frontend_type>select</frontend_type>
159
- <source_model>adminhtml/system_config_source_yesno</source_model>
160
- <sort_order>80</sort_order>
161
- <show_in_default>1</show_in_default>
162
- <show_in_website>1</show_in_website>
163
- <show_in_store>1</show_in_store>
164
- </email_always>
165
- </fields>
166
- </ipsecurityfront>
167
- <ipsecurityadmin translate="label comment">
168
- <label>IP Security - Admin</label>
169
- <sort_order>20</sort_order>
170
- <show_in_default>1</show_in_default>
171
- <show_in_website>1</show_in_website>
172
- <show_in_store>1</show_in_store>
173
- <fields>
174
- <allow translate="label comment">
175
- <label>Allow these IPs</label>
176
- <frontend_type>textarea</frontend_type>
177
- <comment>Be careful not to lock yourself out!</comment>
178
- <sort_order>10</sort_order>
179
- <show_in_default>1</show_in_default>
180
- <show_in_website>1</show_in_website>
181
- <show_in_store>1</show_in_store>
182
- </allow>
183
- <block translate="label">
184
- <label>Block these IPs</label>
185
- <comment><![CDATA[You can enter IP addresses, masks and ranges. Comments are added with character |. Each rule on separate row.<br>Example:<br>127.0.0.1|My address<br>10.*.*.*|internal company IPs<br>10.0.0.1-20.0.0.1|IP Range<br>10.0.0.192/26|IP Range]]></comment>
186
- <frontend_type>textarea</frontend_type>
187
- <sort_order>20</sort_order>
188
- <show_in_default>1</show_in_default>
189
- <show_in_website>1</show_in_website>
190
- <show_in_store>1</show_in_store>
191
- </block>
192
- <redirect_blank translate="label comment">
193
- <label>Redirect to blank page</label>
194
- <comment><![CDATA[When blocking rule is triggered visitor will be redirected to a blank page with blocking rule description.]]></comment>
195
- <frontend_type>select</frontend_type>
196
- <source_model>adminhtml/system_config_source_yesno</source_model>
197
- <sort_order>30</sort_order>
198
- <show_in_default>1</show_in_default>
199
- <show_in_website>1</show_in_website>
200
- <show_in_store>1</show_in_store>
201
- </redirect_blank>
202
- <redirect_page translate="label">
203
- <label>Redirect to CMS page</label>
204
- <frontend_type>select</frontend_type>
205
- <source_model>adminhtml/system_config_source_cms_page</source_model>
206
- <sort_order>40</sort_order>
207
- <show_in_default>1</show_in_default>
208
- <show_in_website>1</show_in_website>
209
- <show_in_store>1</show_in_store>
210
- </redirect_page>
211
- <email_event translate="label comment">
212
- <label>Mail block events to</label>
213
- <comment><![CDATA[You can specify multiple recipients. Comma separated. For example: admin1@example.com, admin2@example.com]]></comment>
214
- <frontend_type>text</frontend_type>
215
- <sort_order>50</sort_order>
216
- <show_in_default>1</show_in_default>
217
- <show_in_website>1</show_in_website>
218
- <show_in_store>1</show_in_store>
219
- </email_event>
220
- <email_template translate="label">
221
- <label>Email Template</label>
222
- <frontend_type>select</frontend_type>
223
- <source_model>adminhtml/system_config_source_email_template</source_model>
224
- <sort_order>60</sort_order>
225
- <show_in_default>1</show_in_default>
226
- <show_in_website>1</show_in_website>
227
- <show_in_store>1</show_in_store>
228
- </email_template>
229
- <email_identity translate="label">
230
- <label>Store email</label>
231
- <frontend_type>select</frontend_type>
232
- <source_model>adminhtml/system_config_source_email_identity</source_model>
233
- <sort_order>70</sort_order>
234
- <show_in_default>1</show_in_default>
235
- <show_in_website>1</show_in_website>
236
- <show_in_store>1</show_in_store>
237
- </email_identity>
238
- <email_always translate="label comment">
239
- <label>Email always</label>
240
- <comment><![CDATA[Yes - mail notification will be sent every time when blocking rule applies. No - mail notification will be sent when IP is blocked for first time and each 10th time blocking occurs.]]></comment>
241
- <frontend_type>select</frontend_type>
242
- <source_model>adminhtml/system_config_source_yesno</source_model>
243
- <sort_order>80</sort_order>
244
- <show_in_default>1</show_in_default>
245
- <show_in_website>1</show_in_website>
246
- <show_in_store>1</show_in_store>
247
- </email_always>
248
- </fields>
249
- </ipsecurityadmin>
250
-
251
- <ipsecuritymaintetance translate="label comment">
252
- <label>IP Security - Maintenance page</label>
253
- <sort_order>30</sort_order>
254
- <show_in_default>1</show_in_default>
255
- <show_in_website>1</show_in_website>
256
- <show_in_store>1</show_in_store>
257
- <fields>
258
- <enabled translate="label comment">
259
- <label>Store Offline</label>
260
- <comment>For frontend only.</comment>
261
- <frontend_type>select</frontend_type>
262
- <source_model>adminhtml/system_config_source_yesno</source_model>
263
- <sort_order>10</sort_order>
264
- <show_in_default>1</show_in_default>
265
- <show_in_website>1</show_in_website>
266
- <show_in_store>1</show_in_store>
267
- </enabled>
268
- <except translate="label comment">
269
- <label>Except these IPs</label>
270
- <frontend_type>textarea</frontend_type>
271
- <comment><![CDATA[Visitors with these IPs will not be redirected to maintenance page.]]></comment>
272
- <sort_order>20</sort_order>
273
- <show_in_default>1</show_in_default>
274
- <show_in_website>1</show_in_website>
275
- <show_in_store>1</show_in_store>
276
- </except>
277
- <message translate="label">
278
- <label>Message</label>
279
- <frontend_type>textarea</frontend_type>
280
- <sort_order>30</sort_order>
281
- <show_in_default>1</show_in_default>
282
- <show_in_website>1</show_in_website>
283
- <show_in_store>1</show_in_store>
284
- </message>
285
- <remindermessage translate="label">
286
- <label>Reminder message</label>
287
- <comment><![CDATA[This message will be shown on frontend for visitors with IP adresses from exception list while maintenance mode is on.]]></comment>
288
- <frontend_type>textarea</frontend_type>
289
- <sort_order>40</sort_order>
290
- <show_in_default>1</show_in_default>
291
- <show_in_website>1</show_in_website>
292
- <show_in_store>1</show_in_store>
293
- </remindermessage>
294
- </fields>
295
- </ipsecuritymaintetance>
296
- </groups>
297
- </etipsecurity>
298
- </sections>
299
- </config>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?xml version="1.0"?>
2
+ <!--
3
+ /**
4
+ * NOTICE OF LICENSE
5
+ *
6
+ * You may not sell, sub-license, rent or lease
7
+ * any portion of the Software or Documentation to anyone.
8
+ *
9
+ * DISCLAIMER
10
+ *
11
+ * Do not edit or add to this file if you wish to upgrade to newer
12
+ * versions in the future.
13
+ *
14
+ * @category ET
15
+ * @package ET_IpSecurity
16
+ * @copyright Copyright (c) 2012 ET Web Solutions (http://etwebsolutions.com)
17
+ * @contacts support@etwebsolutions.com
18
+ * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
19
+ */
20
+ -->
21
+
22
+ <config>
23
+ <tabs>
24
+ <etall translate="label">
25
+ <label>ET Extensions</label>
26
+ <sort_order>400</sort_order>
27
+ </etall>
28
+ </tabs>
29
+
30
+ <sections>
31
+ <etipsecurity translate="label" module="etipsecurity">
32
+ <label>IP Security</label>
33
+ <tab>etall</tab>
34
+ <frontend_type>text</frontend_type>
35
+ <sort_order>300</sort_order>
36
+ <show_in_default>1</show_in_default>
37
+ <show_in_website>1</show_in_website>
38
+ <show_in_store>1</show_in_store>
39
+ <groups>
40
+
41
+ <info translate="label">
42
+ <label>IP Security information</label>
43
+ <sort_order>1</sort_order>
44
+ <show_in_default>1</show_in_default>
45
+ <show_in_website>1</show_in_website>
46
+ <show_in_store>1</show_in_store>
47
+ <fields>
48
+ <support_information>
49
+ <frontend_model>etipsecurity/adminhtml_support</frontend_model>
50
+ <sort_order>100</sort_order>
51
+ <show_in_default>1</show_in_default>
52
+ <show_in_website>1</show_in_website>
53
+ <show_in_store>1</show_in_store>
54
+ </support_information>
55
+ </fields>
56
+ </info>
57
+
58
+ <global_settings translate="label">
59
+ <label>Global Settings</label>
60
+ <sort_order>2</sort_order>
61
+ <show_in_default>1</show_in_default>
62
+ <show_in_website>1</show_in_website>
63
+ <show_in_store>1</show_in_store>
64
+ <fields>
65
+ <get_ip_method translate="label comment">
66
+ <label>Method to get IP</label>
67
+ <comment><![CDATA[Extension receives customer IP from server. Servers can store this information in different variables. Usually variable REMOTE_ADDR is used. But if your server is configured differently, you can select neccessary IP address get method.]]></comment>
68
+ <frontend_type>select</frontend_type>
69
+ <source_model>etipsecurity/ipVariable</source_model>
70
+ <sort_order>100</sort_order>
71
+ <show_in_default>1</show_in_default>
72
+ <show_in_website>1</show_in_website>
73
+ <show_in_store>1</show_in_store>
74
+ </get_ip_method>
75
+ <methods_information translate="label">
76
+ <frontend_model>etipsecurity/adminhtml_getIpInfo</frontend_model>
77
+ <label>Current server values</label>
78
+ <sort_order>200</sort_order>
79
+ <show_in_default>1</show_in_default>
80
+ <show_in_website>1</show_in_website>
81
+ <show_in_store>1</show_in_store>
82
+ </methods_information>
83
+ </fields>
84
+ </global_settings>
85
+
86
+ <ipsecurityfront translate="label comment">
87
+ <label>IP Security - Frontend</label>
88
+ <sort_order>10</sort_order>
89
+ <show_in_default>1</show_in_default>
90
+ <show_in_website>1</show_in_website>
91
+ <show_in_store>1</show_in_store>
92
+ <fields>
93
+ <allow translate="label comment">
94
+ <label>Allow these IPs</label>
95
+ <comment><![CDATA[Visitors with other IPs will be blocked.]]></comment>
96
+ <frontend_type>textarea</frontend_type>
97
+ <sort_order>10</sort_order>
98
+ <show_in_default>1</show_in_default>
99
+ <show_in_website>1</show_in_website>
100
+ <show_in_store>1</show_in_store>
101
+ </allow>
102
+ <block translate="label">
103
+ <label>Block these IPs</label>
104
+ <comment><![CDATA[You can enter IP addresses, masks and ranges. Comments are added with character |. Each rule on separate row.<br>Example:<br>127.0.0.1|My address<br>10.*.*.*|internal company IPs<br>10.0.0.1-20.0.0.1|IP Range<br>10.0.0.192/26|IP Range]]></comment>
105
+ <frontend_type>textarea</frontend_type>
106
+ <sort_order>20</sort_order>
107
+ <show_in_default>1</show_in_default>
108
+ <show_in_website>1</show_in_website>
109
+ <show_in_store>1</show_in_store>
110
+ </block>
111
+ <redirect_blank translate="label comment">
112
+ <label>Redirect to blank page</label>
113
+ <comment><![CDATA[When blocking rule is triggered visitor will be redirected to a blank page with blocking rule description.]]></comment>
114
+ <frontend_type>select</frontend_type>
115
+ <source_model>adminhtml/system_config_source_yesno</source_model>
116
+ <sort_order>30</sort_order>
117
+ <show_in_default>1</show_in_default>
118
+ <show_in_website>1</show_in_website>
119
+ <show_in_store>1</show_in_store>
120
+ </redirect_blank>
121
+ <redirect_page translate="label comment">
122
+ <label>Redirect to CMS page</label>
123
+ <comment><![CDATA[Visitor will not be notified about blocking rule redirection.]]></comment>
124
+ <frontend_type>select</frontend_type>
125
+ <source_model>adminhtml/system_config_source_cms_page</source_model>
126
+ <sort_order>40</sort_order>
127
+ <show_in_default>1</show_in_default>
128
+ <show_in_website>1</show_in_website>
129
+ <show_in_store>1</show_in_store>
130
+ </redirect_page>
131
+ <email_event translate="label comment">
132
+ <label>Mail block events to</label>
133
+ <comment><![CDATA[You can specify multiple recipients. Comma separated. For example: admin1@example.com, admin2@example.com]]></comment>
134
+ <frontend_type>text</frontend_type>
135
+ <sort_order>50</sort_order>
136
+ <show_in_default>1</show_in_default>
137
+ <show_in_website>1</show_in_website>
138
+ <show_in_store>1</show_in_store>
139
+ </email_event>
140
+ <email_template translate="label">
141
+ <label>Email Template</label>
142
+ <frontend_type>select</frontend_type>
143
+ <source_model>adminhtml/system_config_source_email_template</source_model>
144
+ <sort_order>60</sort_order>
145
+ <show_in_default>1</show_in_default>
146
+ <show_in_website>1</show_in_website>
147
+ <show_in_store>1</show_in_store>
148
+ </email_template>
149
+ <email_identity translate="label">
150
+ <label>Store email</label>
151
+ <frontend_type>select</frontend_type>
152
+ <source_model>adminhtml/system_config_source_email_identity</source_model>
153
+ <sort_order>70</sort_order>
154
+ <show_in_default>1</show_in_default>
155
+ <show_in_website>1</show_in_website>
156
+ <show_in_store>1</show_in_store>
157
+ </email_identity>
158
+ <email_always translate="label comment">
159
+ <label>Email always</label>
160
+ <comment><![CDATA[Yes - mail notification will be sent every time when blocking rule applies. No - mail notification will be sent when IP is blocked for first time and each 10th time blocking occurs.]]></comment>
161
+ <frontend_type>select</frontend_type>
162
+ <source_model>adminhtml/system_config_source_yesno</source_model>
163
+ <sort_order>80</sort_order>
164
+ <show_in_default>1</show_in_default>
165
+ <show_in_website>1</show_in_website>
166
+ <show_in_store>1</show_in_store>
167
+ </email_always>
168
+ </fields>
169
+ </ipsecurityfront>
170
+
171
+ <ipsecurityadmin translate="label comment">
172
+ <label>IP Security - Admin</label>
173
+ <sort_order>20</sort_order>
174
+ <show_in_default>1</show_in_default>
175
+ <show_in_website>1</show_in_website>
176
+ <show_in_store>1</show_in_store>
177
+ <fields>
178
+ <allow translate="label comment">
179
+ <label>Allow these IPs</label>
180
+ <frontend_type>textarea</frontend_type>
181
+ <comment>Be careful not to lock yourself out!</comment>
182
+ <sort_order>10</sort_order>
183
+ <show_in_default>1</show_in_default>
184
+ <show_in_website>1</show_in_website>
185
+ <show_in_store>1</show_in_store>
186
+ </allow>
187
+ <block translate="label">
188
+ <label>Block these IPs</label>
189
+ <comment><![CDATA[You can enter IP addresses, masks and ranges. Comments are added with character |. Each rule on separate row.<br>Example:<br>127.0.0.1|My address<br>10.*.*.*|internal company IPs<br>10.0.0.1-20.0.0.1|IP Range<br>10.0.0.192/26|IP Range]]></comment>
190
+ <frontend_type>textarea</frontend_type>
191
+ <sort_order>20</sort_order>
192
+ <show_in_default>1</show_in_default>
193
+ <show_in_website>1</show_in_website>
194
+ <show_in_store>1</show_in_store>
195
+ </block>
196
+ <redirect_blank translate="label comment">
197
+ <label>Redirect to blank page</label>
198
+ <comment><![CDATA[When blocking rule is triggered visitor will be redirected to a blank page with blocking rule description.]]></comment>
199
+ <frontend_type>select</frontend_type>
200
+ <source_model>adminhtml/system_config_source_yesno</source_model>
201
+ <sort_order>30</sort_order>
202
+ <show_in_default>1</show_in_default>
203
+ <show_in_website>1</show_in_website>
204
+ <show_in_store>1</show_in_store>
205
+ </redirect_blank>
206
+ <redirect_page translate="label">
207
+ <label>Redirect to CMS page</label>
208
+ <frontend_type>select</frontend_type>
209
+ <source_model>adminhtml/system_config_source_cms_page</source_model>
210
+ <sort_order>40</sort_order>
211
+ <show_in_default>1</show_in_default>
212
+ <show_in_website>1</show_in_website>
213
+ <show_in_store>1</show_in_store>
214
+ </redirect_page>
215
+ <email_event translate="label comment">
216
+ <label>Mail block events to</label>
217
+ <comment><![CDATA[You can specify multiple recipients. Comma separated. For example: admin1@example.com, admin2@example.com]]></comment>
218
+ <frontend_type>text</frontend_type>
219
+ <sort_order>50</sort_order>
220
+ <show_in_default>1</show_in_default>
221
+ <show_in_website>1</show_in_website>
222
+ <show_in_store>1</show_in_store>
223
+ </email_event>
224
+ <email_template translate="label">
225
+ <label>Email Template</label>
226
+ <frontend_type>select</frontend_type>
227
+ <source_model>adminhtml/system_config_source_email_template</source_model>
228
+ <sort_order>60</sort_order>
229
+ <show_in_default>1</show_in_default>
230
+ <show_in_website>1</show_in_website>
231
+ <show_in_store>1</show_in_store>
232
+ </email_template>
233
+ <email_identity translate="label">
234
+ <label>Store email</label>
235
+ <frontend_type>select</frontend_type>
236
+ <source_model>adminhtml/system_config_source_email_identity</source_model>
237
+ <sort_order>70</sort_order>
238
+ <show_in_default>1</show_in_default>
239
+ <show_in_website>1</show_in_website>
240
+ <show_in_store>1</show_in_store>
241
+ </email_identity>
242
+ <email_always translate="label comment">
243
+ <label>Email always</label>
244
+ <comment><![CDATA[Yes - mail notification will be sent every time when blocking rule applies. No - mail notification will be sent when IP is blocked for first time and each 10th time blocking occurs.]]></comment>
245
+ <frontend_type>select</frontend_type>
246
+ <source_model>adminhtml/system_config_source_yesno</source_model>
247
+ <sort_order>80</sort_order>
248
+ <show_in_default>1</show_in_default>
249
+ <show_in_website>1</show_in_website>
250
+ <show_in_store>1</show_in_store>
251
+ </email_always>
252
+ </fields>
253
+ </ipsecurityadmin>
254
+
255
+ <ipsecuritymaintetance translate="label comment">
256
+ <label>IP Security - Maintenance page</label>
257
+ <sort_order>30</sort_order>
258
+ <show_in_default>1</show_in_default>
259
+ <show_in_website>1</show_in_website>
260
+ <show_in_store>1</show_in_store>
261
+ <fields>
262
+ <enabled translate="label comment">
263
+ <label>Store Offline</label>
264
+ <comment>For frontend only.</comment>
265
+ <frontend_type>select</frontend_type>
266
+ <source_model>adminhtml/system_config_source_yesno</source_model>
267
+ <sort_order>10</sort_order>
268
+ <show_in_default>1</show_in_default>
269
+ <show_in_website>1</show_in_website>
270
+ <show_in_store>1</show_in_store>
271
+ </enabled>
272
+ <except translate="label comment">
273
+ <label>Except these IPs</label>
274
+ <frontend_type>textarea</frontend_type>
275
+ <comment><![CDATA[Visitors with these IPs will not be redirected to maintenance page.]]></comment>
276
+ <sort_order>20</sort_order>
277
+ <show_in_default>1</show_in_default>
278
+ <show_in_website>1</show_in_website>
279
+ <show_in_store>1</show_in_store>
280
+ </except>
281
+ <message translate="label">
282
+ <label>Message</label>
283
+ <frontend_type>textarea</frontend_type>
284
+ <sort_order>30</sort_order>
285
+ <show_in_default>1</show_in_default>
286
+ <show_in_website>1</show_in_website>
287
+ <show_in_store>1</show_in_store>
288
+ </message>
289
+ <remindermessage translate="label">
290
+ <label>Reminder message</label>
291
+ <comment><![CDATA[This message will be shown on frontend for visitors with IP adresses from exception list while maintenance mode is on.]]></comment>
292
+ <frontend_type>textarea</frontend_type>
293
+ <sort_order>40</sort_order>
294
+ <show_in_default>1</show_in_default>
295
+ <show_in_website>1</show_in_website>
296
+ <show_in_store>1</show_in_store>
297
+ </remindermessage>
298
+ </fields>
299
+ </ipsecuritymaintetance>
300
+
301
+ <ipsecuritytoken translate="label">
302
+ <label>IP Security - Token access</label>
303
+ <sort_order>40</sort_order>
304
+ <show_in_default>1</show_in_default>
305
+ <show_in_website>0</show_in_website>
306
+ <show_in_store>0</show_in_store>
307
+ <fields>
308
+
309
+ <enabled translate="label">
310
+ <label>Enable access by token</label>
311
+ <frontend_type>select</frontend_type>
312
+ <source_model>adminhtml/system_config_source_yesno</source_model>
313
+ <sort_order>10</sort_order>
314
+ <show_in_default>1</show_in_default>
315
+ <show_in_website>0</show_in_website>
316
+ <show_in_store>0</show_in_store>
317
+ </enabled>
318
+
319
+ <heading_token_link translate="label">
320
+ <label>Generate Access link</label>
321
+ <frontend_model>adminhtml/system_config_form_field_heading</frontend_model>
322
+ <sort_order>12</sort_order>
323
+ <show_in_default>1</show_in_default>
324
+ <show_in_website>0</show_in_website>
325
+ <show_in_store>0</show_in_store>
326
+ <depends>
327
+ <enabled>1</enabled>
328
+ </depends>
329
+ </heading_token_link>
330
+
331
+ <param_name translate="label">
332
+ <label>GET parameter name</label>
333
+ <comment><![CDATA[We recommend changing the default name of this parameter - it will complicate the possibility of link brute force. This field is required to create a token. Do not use spaces and special characters.]]></comment>
334
+ <frontend_type>text</frontend_type>
335
+ <sort_order>20</sort_order>
336
+ <show_in_default>1</show_in_default>
337
+ <show_in_website>0</show_in_website>
338
+ <show_in_store>0</show_in_store>
339
+ <depends>
340
+ <enabled>1</enabled>
341
+ </depends>
342
+ </param_name>
343
+
344
+ <last_updated_date translate="label button_label comment">
345
+ <label>Access link create time</label>
346
+ <frontend_type>label</frontend_type>
347
+ <frontend_model>etipsecurity/adminhtml_system_config_form_field_token_update_date</frontend_model>
348
+ <sort_order>25</sort_order>
349
+ <show_in_default>1</show_in_default>
350
+ <show_in_website>0</show_in_website>
351
+ <show_in_store>0</show_in_store>
352
+ <depends>
353
+ <enabled>1</enabled>
354
+ </depends>
355
+ </last_updated_date>
356
+
357
+ <token_button translate="label comment">
358
+ <!--<button_label>Generate token</button_label>-->
359
+ <frontend_model>etipsecurity/adminhtml_system_config_form_field_token_button</frontend_model>
360
+ <comment><![CDATA[When creating a new token, old link is deactivated]]></comment>
361
+ <sort_order>30</sort_order>
362
+ <show_in_default>1</show_in_default>
363
+ <show_in_website>0</show_in_website>
364
+ <show_in_store>0</show_in_store>
365
+ <token_area>front</token_area>
366
+ <depends>
367
+ <enabled>1</enabled>
368
+ </depends>
369
+ </token_button>
370
+
371
+
372
+ <token_link translate="label">
373
+ <label>Access link to Site</label>
374
+ <comment><![CDATA[Use this link to access the site from the blocked IP addresses. Note the token and cookie lifetimes.]]></comment>
375
+ <frontend_model>etipsecurity/adminhtml_system_config_form_field_link</frontend_model>
376
+ <sort_order>40</sort_order>
377
+ <show_in_default>1</show_in_default>
378
+ <show_in_website>0</show_in_website>
379
+ <show_in_store>0</show_in_store>
380
+ <depends>
381
+ <enabled>1</enabled>
382
+ </depends>
383
+ </token_link>
384
+
385
+
386
+ <token_link_admin translate="label">
387
+ <label>Access link to Admin page</label>
388
+ <comment><![CDATA[Use this link to access the site administration panel from the blocked IP addresses. Note the token and cookie lifetimes.]]></comment>
389
+ <frontend_model>etipsecurity/adminhtml_system_config_form_field_admin_link</frontend_model>
390
+ <sort_order>45</sort_order>
391
+ <show_in_default>1</show_in_default>
392
+ <show_in_website>0</show_in_website>
393
+ <show_in_store>0</show_in_store>
394
+ <depends>
395
+ <enabled>1</enabled>
396
+ </depends>
397
+ </token_link_admin>
398
+
399
+
400
+ <heading_validity_settings translate="label">
401
+ <!--<label>Validity and Notification</label>-->
402
+ <label>Validity</label>
403
+ <frontend_model>adminhtml/system_config_form_field_heading</frontend_model>
404
+ <sort_order>50</sort_order>
405
+ <show_in_default>1</show_in_default>
406
+ <show_in_website>0</show_in_website>
407
+ <show_in_store>0</show_in_store>
408
+ <depends>
409
+ <enabled>1</enabled>
410
+ </depends>
411
+ </heading_validity_settings>
412
+
413
+
414
+ <token_expire>
415
+ <label>Validity period of token</label>
416
+ <comment><![CDATA[Measured in days. After this time the access link will not be available. The countdown starts from access link create time.]]></comment>
417
+ <frontend_type>select</frontend_type>
418
+ <source_model>etipsecurity/system_config_source_token_expire</source_model>
419
+ <sort_order>60</sort_order>
420
+ <show_in_default>1</show_in_default>
421
+ <show_in_website>0</show_in_website>
422
+ <show_in_store>0</show_in_store>
423
+ <depends>
424
+ <enabled>1</enabled>
425
+ </depends>
426
+ </token_expire>
427
+
428
+ <cookie_expire>
429
+ <label>Cookie lifetime</label>
430
+ <comment><![CDATA[Measured in hours. The countdown starts from the last page visit by the access link or the last action on the site after using the access link. After this time, access to the site from the banned IP addresses will not be possible without re-entering access link.]]></comment>
431
+ <frontend_type>select</frontend_type>
432
+ <source_model>etipsecurity/system_config_source_cookie_expire</source_model>
433
+ <sort_order>70</sort_order>
434
+ <show_in_default>1</show_in_default>
435
+ <show_in_website>0</show_in_website>
436
+ <show_in_store>0</show_in_store>
437
+ <depends>
438
+ <enabled>1</enabled>
439
+ </depends>
440
+ </cookie_expire>
441
+
442
+ <heading_notification_settings translate="label">
443
+ <!--<label>Validity and Notification</label>-->
444
+ <label>Notification</label>
445
+ <frontend_model>adminhtml/system_config_form_field_heading</frontend_model>
446
+ <sort_order>80</sort_order>
447
+ <show_in_default>1</show_in_default>
448
+ <show_in_website>0</show_in_website>
449
+ <show_in_store>0</show_in_store>
450
+ <depends>
451
+ <enabled>1</enabled>
452
+ </depends>
453
+ </heading_notification_settings>
454
+
455
+ <email_always translate="label comment">
456
+ <label>Notify when Access Link is used</label>
457
+ <comment><![CDATA[Yes - the notification will be sent on any attempt to use the access link. No - the notification will be sent only on a successful attempt.]]></comment>
458
+ <frontend_type>select</frontend_type>
459
+ <source_model>adminhtml/system_config_source_yesno</source_model>
460
+ <sort_order>90</sort_order>
461
+ <show_in_default>1</show_in_default>
462
+ <show_in_website>0</show_in_website>
463
+ <show_in_store>0</show_in_store>
464
+ <depends>
465
+ <enabled>1</enabled>
466
+ </depends>
467
+ </email_always>
468
+
469
+ <email_event translate="label comment">
470
+ <label>Email for notification</label>
471
+ <comment><![CDATA[You can specify multiple recipients. Comma separated. For example: admin1@example.com, admin2@example.com]]></comment>
472
+ <frontend_type>text</frontend_type>
473
+ <!--<validate>required-entry</validate>-->
474
+ <sort_order>100</sort_order>
475
+ <show_in_default>1</show_in_default>
476
+ <show_in_website>0</show_in_website>
477
+ <show_in_store>0</show_in_store>
478
+ <depends>
479
+ <enabled>1</enabled>
480
+ </depends>
481
+ </email_event>
482
+
483
+ <email_template translate="label">
484
+ <label>Authentication success email template</label>
485
+ <frontend_type>select</frontend_type>
486
+ <source_model>adminhtml/system_config_source_email_template</source_model>
487
+ <sort_order>110</sort_order>
488
+ <show_in_default>1</show_in_default>
489
+ <show_in_website>1</show_in_website>
490
+ <show_in_store>1</show_in_store>
491
+ <depends>
492
+ <enabled>1</enabled>
493
+ </depends>
494
+ </email_template>
495
+
496
+ <fail_email_template translate="label">
497
+ <label>Authentication fail email template</label>
498
+ <frontend_type>select</frontend_type>
499
+ <source_model>adminhtml/system_config_source_email_template</source_model>
500
+ <sort_order>120</sort_order>
501
+ <show_in_default>1</show_in_default>
502
+ <show_in_website>1</show_in_website>
503
+ <show_in_store>1</show_in_store>
504
+ <depends>
505
+ <enabled>1</enabled>
506
+ </depends>
507
+ </fail_email_template>
508
+
509
+
510
+ <email_identity translate="label">
511
+ <label>Store email</label>
512
+ <frontend_type>select</frontend_type>
513
+ <source_model>adminhtml/system_config_source_email_identity</source_model>
514
+ <sort_order>130</sort_order>
515
+ <show_in_default>1</show_in_default>
516
+ <show_in_website>1</show_in_website>
517
+ <show_in_store>1</show_in_store>
518
+ </email_identity>
519
+
520
+
521
+
522
+ </fields>
523
+ </ipsecuritytoken>
524
+
525
+ </groups>
526
+ </etipsecurity>
527
+ </sections>
528
+ </config>
app/code/community/ET/IpSecurity/sql/ipsecurity_setup/mysql4-install-1.5.php CHANGED
@@ -17,8 +17,8 @@
17
  * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
  */
19
 
 
20
  $installer = $this;
21
- /* $installer Mage_Core_Model_Resource_Setup */
22
 
23
  $installer->startSetup();
24
 
17
  * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
  */
19
 
20
+ /** @var Mage_Core_Model_Resource_Setup $installer */
21
  $installer = $this;
 
22
 
23
  $installer->startSetup();
24
 
app/code/community/ET/IpSecurity/sql/ipsecurity_setup/mysql4-upgrade-1.5.3-2.0.0.php CHANGED
@@ -17,8 +17,8 @@
17
  * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
  */
19
 
 
20
  $installer = $this;
21
- /* $installer Mage_Core_Model_Resource_Setup */
22
 
23
  $installer->startSetup();
24
 
17
  * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
  */
19
 
20
+ /** @var Mage_Core_Model_Resource_Setup $installer */
21
  $installer = $this;
 
22
 
23
  $installer->startSetup();
24
 
app/code/community/ET/IpSecurity/sql/ipsecurity_setup/mysql4-upgrade-2.1.4-2.1.5.php ADDED
@@ -0,0 +1,45 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ /**
3
+ * NOTICE OF LICENSE
4
+ *
5
+ * You may not sell, sub-license, rent or lease
6
+ * any portion of the Software or Documentation to anyone.
7
+ *
8
+ * DISCLAIMER
9
+ *
10
+ * Do not edit or add to this file if you wish to upgrade to newer
11
+ * versions in the future.
12
+ *
13
+ * @category ET
14
+ * @package ET_IpSecurity
15
+ * @copyright Copyright (c) 2016 ET Web Solutions (http://etwebsolutions.com)
16
+ * @contacts support@etwebsolutions.com
17
+ * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
+ */
19
+
20
+ /** @var Mage_Core_Model_Resource_Setup $installer */
21
+ $installer = $this;
22
+
23
+ $installer->startSetup();
24
+
25
+ //try
26
+ //{
27
+ $installer->run("
28
+ DROP TABLE IF EXISTS {$this->getTable('ipsecurity_token_log')};
29
+ CREATE TABLE {$this->getTable('ipsecurity_token_log')}
30
+ (
31
+ `logid` int(11) NOT NULL AUTO_INCREMENT,
32
+ `blocked_ip` varchar(23) NOT NULL,
33
+ `last_block_rule` VARCHAR( 255 ) NOT NULL,
34
+ `blocked_from` varchar(255) NOT NULL,
35
+ `create_time` datetime NOT NULL,
36
+ `update_time` datetime NOT NULL,
37
+ PRIMARY KEY (`logid`),
38
+ KEY `blocked_from` (`blocked_from`),
39
+ KEY `blocked_ip` (`blocked_ip`)
40
+ ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COMMENT='ip security token log' AUTO_INCREMENT=1 ;
41
+ ");
42
+
43
+ //}catch(Exception $e){}
44
+
45
+ $installer->endSetup();
app/design/adminhtml/default/default/layout/et_ipsecurity.xml CHANGED
@@ -20,6 +20,7 @@
20
  -->
21
 
22
  <layout version="0.1.0">
 
23
  <etipsecurity_adminhtml_log_index>
24
  <reference name="content">
25
  <block type="etipsecurity/adminhtml_log" name="log"/>
@@ -29,4 +30,22 @@
29
  <adminhtml_etipsecurity_log_index>
30
  <update handle="etipsecurity_adminhtml_log_index" />
31
  </adminhtml_etipsecurity_log_index>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
32
  </layout>
20
  -->
21
 
22
  <layout version="0.1.0">
23
+
24
  <etipsecurity_adminhtml_log_index>
25
  <reference name="content">
26
  <block type="etipsecurity/adminhtml_log" name="log"/>
30
  <adminhtml_etipsecurity_log_index>
31
  <update handle="etipsecurity_adminhtml_log_index" />
32
  </adminhtml_etipsecurity_log_index>
33
+
34
+
35
+
36
+ <etipsecurity_adminhtml_token_log_index>
37
+ <reference name="content">
38
+ <block type="core/template" name="etipsecutity.tokenlog.grid.comment"
39
+ template="et_ipsecurity/tokenlog-grid-comment.phtml"/>
40
+ <block type="etipsecurity/adminhtml_token_log" name="log"/>
41
+ </reference>
42
+ </etipsecurity_adminhtml_token_log_index>
43
+
44
+
45
+ <adminhtml_etipsecurity_token_log_index>
46
+ <update handle="etipsecurity_adminhtml_token_log_index" />
47
+ </adminhtml_etipsecurity_token_log_index>
48
+
49
+
50
+
51
  </layout>
app/design/adminhtml/default/default/template/et_ipsecurity/admin_config_generation_button.phtml ADDED
@@ -0,0 +1,89 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ /**
3
+ * NOTICE OF LICENSE
4
+ *
5
+ * You may not sell, sub-license, rent or lease
6
+ * any portion of the Software or Documentation to anyone.
7
+ *
8
+ * DISCLAIMER
9
+ *
10
+ * Do not edit or add to this file if you wish to upgrade to newer
11
+ * versions in the future.
12
+ *
13
+ * @category ET
14
+ * @package ET_IpSecurity
15
+ * @copyright Copyright (c) 2016 ET Web Solutions (http://etwebsolutions.com)
16
+ * @contacts support@etwebsolutions.com
17
+ * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
+ */
19
+ ?>
20
+
21
+ <?php
22
+ /**@var ET_IpSecurity_Block_Adminhtml_System_Config_Form_Field_Token_Button $this */
23
+ ?>
24
+
25
+ <button onclick="etIpSecurityGetToken(); return false;" class="scalable" type="button"
26
+ id="<?php echo $this->getHtmlId() ?>">
27
+ <span id="ipsecuritytoken_token_genegate_button"><?php echo $this->escapeHtml($this->getData('button_label')) ?></span>
28
+ </button>
29
+
30
+ &nbsp;
31
+
32
+ <button onclick="etIpSecurityRemoveToken(); return false;" class="scalable" type="button"
33
+ id="<?php echo $this->getHtmlId() ?>">
34
+ <span id="ipsecuritytoken_token_remove_button"><?php echo $this->escapeHtml($this->getData('button_label_delete')) ?></span>
35
+ </button><br/>
36
+
37
+
38
+ <script type="text/javascript">
39
+ //<![CDATA[
40
+ function etIpSecurityGetToken() {
41
+ //var elem = $('<?php echo $this->getHtmlId() ?>');
42
+
43
+ new Ajax.Request('<?php echo $this->getAjaxUrl() ?>', {
44
+ parameters:{
45
+ "ipsecurity_token_name":$("etipsecurity_ipsecuritytoken_param_name").value
46
+ },
47
+
48
+ onSuccess:function (transport) {
49
+
50
+ //$('<?php echo $this->getHtmlId() ?>').disabled = true;
51
+ try {
52
+ response = eval('(' + transport.responseText + ')');
53
+ $("etipsecurity_ipsecuritytoken_token_link").innerHTML = response.frontUrl;
54
+ $("etipsecurity_ipsecuritytoken_token_link_admin").innerHTML = response.adminUrl;
55
+
56
+ $("etipsecurity_ipsecuritytoken_last_updated_date").update(response.date);
57
+ } catch (e) {
58
+ }
59
+ }
60
+ });
61
+ }
62
+
63
+
64
+ function etIpSecurityRemoveToken() {
65
+ //var elem = $('<?php echo $this->getHtmlId() ?>');
66
+
67
+ new Ajax.Request('<?php echo $this->getData('ajax_url_delete') ?>', {
68
+ parameters:{
69
+ "ipsecurity_token_name":$("etipsecurity_ipsecuritytoken_param_name").value
70
+ },
71
+
72
+ onSuccess:function (transport) {
73
+
74
+ //$('<?php echo $this->getHtmlId() ?>').disabled = true;
75
+ try {
76
+ response = eval('(' + transport.responseText + ')');
77
+ $("etipsecurity_ipsecuritytoken_token_link").innerHTML = response.frontUrl;
78
+ $("etipsecurity_ipsecuritytoken_token_link_admin").innerHTML = response.adminUrl;
79
+
80
+ $("etipsecurity_ipsecuritytoken_last_updated_date").update(response.date);
81
+ } catch (e) {
82
+ }
83
+ }
84
+ });
85
+ }
86
+
87
+
88
+ //]]>
89
+ </script>
app/design/adminhtml/default/default/template/et_ipsecurity/tokenlog-grid-comment.phtml ADDED
@@ -0,0 +1,58 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ /**
3
+ * NOTICE OF LICENSE
4
+ *
5
+ * You may not sell, sub-license, rent or lease
6
+ * any portion of the Software or Documentation to anyone.
7
+ *
8
+ * DISCLAIMER
9
+ *
10
+ * Do not edit or add to this file if you wish to upgrade to newer
11
+ * versions in the future.
12
+ *
13
+ * @category ET
14
+ * @package ET_IpSecurity
15
+ * @copyright Copyright (c) 2016 ET Web Solutions (http://etwebsolutions.com)
16
+ * @contacts support@etwebsolutions.com
17
+ * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
+ */
19
+ ?>
20
+
21
+ <?php
22
+ /** @var Mage_Core_Block_Template $this */
23
+ /** @var ET_IpSecurity_Helper_Data $helper */
24
+ $helper = Mage::helper('etipsecurity');
25
+
26
+ $msg = '';
27
+ $isAccessByTokenEnabled = $helper->isEnabledIpSecurityToken();
28
+
29
+ $urlToSistemConfig = Mage::helper('adminhtml')->getUrl("adminhtml/system_config/edit/section/etipsecurity");
30
+
31
+ if (!$isAccessByTokenEnabled) {
32
+ $message = 'Access by security token is disabled, you can enable access in the <a href=\'%s\' target=\'_blank\'>module settings</a>.';
33
+ $msg .= $helper->__($message, $urlToSistemConfig);
34
+ $msg .= '<br/>';
35
+ }
36
+
37
+ $tokenLink = $helper->getToken();
38
+
39
+ if ($tokenLink != '') {
40
+ $msg .= $helper->__('Current token is:');
41
+ $msg .= ' ' . $tokenLink;
42
+ $msg .= '<br/>';
43
+ }
44
+
45
+ $msg .= $helper->getTokenExpiredTimeMessage();
46
+ $msg .= '<br/>';
47
+
48
+ if ($isAccessByTokenEnabled) {
49
+ $message = 'You can change Token Access settings in the <a href=\'%s\' target=\'_blank\'>module settings</a>.';
50
+ $msg .= $helper->__($message, $urlToSistemConfig);
51
+ $msg .= '<br/>';
52
+ }
53
+
54
+ ?>
55
+
56
+ <div class="content-header" style="margin-bottom: 50px;">
57
+ <?php echo $msg ?>
58
+ </div>
app/locale/en_US/template/email/et_ipsecurity.html CHANGED
@@ -1,7 +1,7 @@
1
- <!--@subject IP Security - Security Violence @-->
2
- Rejected access to {{var storetype}} ({{var url}}) from
3
-
4
- ip: {{var ip}}
5
- ip rules: {{var ip_rule}}
6
-
7
  time: {{var date}}
1
+ <!--@subject IP Security - Security Violence @-->
2
+ Rejected access to {{var storetype}} ({{var url}}) from
3
+
4
+ ip: {{var ip}}
5
+ ip rules: {{var ip_rule}}
6
+
7
  time: {{var date}}
app/locale/en_US/template/email/et_ipsecurity_admin.html CHANGED
@@ -1,7 +1,7 @@
1
- <!--@subject IP Security - Security Violence @-->
2
- Rejected access to {{var storetype}} ({{var url}}) from
3
-
4
- ip: {{var ip}}
5
- ip rules: {{var ip_rule}}
6
-
7
  time: {{var date}}
1
+ <!--@subject IP Security - Security Violence @-->
2
+ Rejected access to {{var storetype}} ({{var url}}) from
3
+
4
+ ip: {{var ip}}
5
+ ip rules: {{var ip_rule}}
6
+
7
  time: {{var date}}
app/locale/en_US/template/email/et_ipsecurity_ipsecuritytoken.html ADDED
@@ -0,0 +1,9 @@
 
 
 
 
 
 
 
 
 
1
+ <!--@subject IP Security - Successful token use @-->
2
+ Visitor bypassed successfully blocking IP address
3
+ {{var storetype}} ({{var url}})
4
+
5
+ from
6
+ ip: {{var ip}}
7
+ ip rules: {{var ip_rule}}
8
+
9
+ time: {{var date}}
app/locale/en_US/template/email/et_ipsecurity_ipsecuritytoken_fail.html ADDED
@@ -0,0 +1,15 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <!--@subject IP Security - Unsuccessful token use attempt @-->
2
+ Visitor tried to bypass a blocked IP address using token
3
+ {{var storetype}} ({{var url}})
4
+
5
+ from
6
+ ip: {{var ip}}
7
+ ip rules: {{var ip_rule}}
8
+
9
+ time: {{var date}}
10
+
11
+ Access to site was not received.
12
+ Possible reasons:
13
+ * incorrect token.
14
+ * token expired.
15
+ * disabled access by token.
app/locale/ru_RU/ET_IpSecurity.csv CHANGED
@@ -1,3 +1,13 @@
 
 
 
 
 
 
 
 
 
 
1
  "IP Security information","Информация о модуле IP Security"
2
  "Security Violence to Frontend","Правило блокировки. Пользовательская часть"
3
  "Security Violence to Admin","Правило блокировки. Панель администрирования"
@@ -25,7 +35,7 @@
25
  "For frontend only.","Только для пользовательской части."
26
  "Email always","Оповещать всегда"
27
  "Yes - mail notification will be sent every time when blocking rule applies. No - mail notification will be sent when IP is blocked for first time and each 10th time blocking occurs.","Да - оповещение будет отсылаться при каждой блокировке. Нет - оповещение будет отослано, если IP заблокирован первый раз или количество блокировок кратно 10."
28
- "ET IP Security log","ET IP Security журнал"
29
  "ET IP Security log table","ET IP Security журнал блокировок"
30
  "Blocked IP","Блокированный IP"
31
  "Qty blocked","Блокировано раз"
@@ -41,17 +51,59 @@
41
  "Current server values","Значения на этом сервере"
42
  "Extension receives customer IP from server. Servers can store this information in different variables. Usually variable REMOTE_ADDR is used. But if your server is configured differently, you can select neccessary IP address get method.","Модуль получает IP адрес посетителя от сервера. Сервера могут хранить эту информацию в разных переменных. Обычно это переменная REMOTE_ADDR. Но если ваш сервер настроен по другому, то вы можете указать нужный метод получения IP адреса."
43
  "Below is a list of standard variables where the server can store the IP address of the visitor, and what each of these variables contains on your server:<br><br>","Ниже представлен список стандартных переменных, в которых сервера могут хранить IP адрес посетителя, и что находится в каждой из этих переменных на вашем сервере:<br><br>"
44
- "Global Settings","Глобальные настройки"
 
 
 
 
45
 
46
- "Extension:","Модуль:"
47
- "<strong>%s</strong> (version %s)","<strong>%s</strong> (версия %s)"
48
- "License:","Лицензия:"
49
- "Short Description:","Краткое описание:"
50
- "Documentation:","Документация:"
51
- "Support:","Поддержка:"
52
- "Advertisement:","Реклама:"
53
- "You can see description of extension features and answers to the frequently asked questions on <a href=""%s"" target=""_blank"">our website</a>.","Описание позможностей модуля и ответы на часто задаваемые вопросы смотрите на <a href=""%s"" target=""_blank"">нашем сайте</a>."
54
- "You can hire our team to customize the extension. E-mail us on sales@etwebsolutions.com.<br><br>You can see a list of provided services on <a href=""%s"" target=""_blank"">our website</a>.","Вы можете нанять нашу команду для любых работ по модификации модуля. Пишите на адрес sales@etwebsolutions.com.<br><br>Со списком предоставляемых нами услуг вы можете ознакомиться <a href=""%s"" target=""_blank"">на нашем сайте</a>."
55
- "Extension support is available through <a href=""%s"" target=""_blank"">issue tracking system</a>.<br>You can see information freely, but you will have to sign up to open a ticket.<br><br>Please, report all bugs and feature requests that are related to this extension.<br><br>If by some reason you can not submit a question, bug report or feature request to our ticket system, you can write us an email - support@etwebsolutions.com.","Поддержка модуля осуществляется через <a href=""%s"" target=""_blank"">систему отслеживания заданий</a>.<br>Для создания задачи будет необходимо зарегистрироваться. Для просмотра информации регистрация не требуется.<br><br>Пожалуйста, сообщайте нам о найденных ошибках и о своих пожеланиях в рамках этого модуля.<br><br>Если по каким-либо причинам вы не можете размеситить вопрос/сообщение об ошибке/пожелание в списке задач, то можете написать нам по адресу support@etwebsolutions.com."
56
 
57
- "You can enter IP addresses, masks and ranges. Comments are added with character |. Each rule on separate row.<br>Example:<br>127.0.0.1|My address<br>10.*.*.*|internal company IPs<br>10.0.0.1-20.0.0.1|IP Range<br>10.0.0.192/26|IP Range","Можно указывать как IP адреса, так и маски адресов и диапазоны IP адресов. К каждому правилу можно добавить комментарий через символ |. По одному правилу на строку.<br>Пример:<br>127.0.0.1|My address<br>10.*.*.*|internal company IPs<br>10.0.0.1-20.0.0.1|IP Range<br>10.0.0.192/26|IP Range"
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ "Extension:","Модуль:"
2
+ "<strong>%s</strong> (version %s)","<strong>%s</strong> (версия %s)"
3
+ "License:","Лицензия:"
4
+ "Short Description:","Краткое описание:"
5
+ "Documentation:","Документация:"
6
+ "Support:","Поддержка:"
7
+ "Advertisement:","Реклама:"
8
+ "You can see description of extension features and answers to the frequently asked questions on <a href=""%s"" target=""_blank"">our website</a>.","Описание позможностей модуля и ответы на часто задаваемые вопросы смотрите на <a href=""%s"" target=""_blank"">нашем сайте</a>."
9
+ "You can hire our team to customize the extension. E-mail us on sales@etwebsolutions.com.<br><br>You can see a list of provided services on <a href=""%s"" target=""_blank"">our website</a>.","Вы можете нанять нашу команду для любых работ по модификации модуля. Пишите на адрес sales@etwebsolutions.com.<br><br>Со списком предоставляемых нами услуг вы можете ознакомиться <a href=""%s"" target=""_blank"">на нашем сайте</a>."
10
+ "Extension support is available through <a href=""%s"" target=""_blank"">issue tracking system</a>.<br>You can see information freely, but you will have to sign up to open a ticket.<br><br>Please, report all bugs and feature requests that are related to this extension.<br><br>If by some reason you can not submit a question, bug report or feature request to our ticket system, you can write us an email - support@etwebsolutions.com.","Поддержка модуля осуществляется через <a href=""%s"" target=""_blank"">систему отслеживания заданий</a>.<br>Для создания задачи будет необходимо зарегистрироваться. Для просмотра информации регистрация не требуется.<br><br>Пожалуйста, сообщайте нам о найденных ошибках и о своих пожеланиях в рамках этого модуля.<br><br>Если по каким-либо причинам вы не можете размеситить вопрос/сообщение об ошибке/пожелание в списке задач, то можете написать нам по адресу support@etwebsolutions.com."
11
  "IP Security information","Информация о модуле IP Security"
12
  "Security Violence to Frontend","Правило блокировки. Пользовательская часть"
13
  "Security Violence to Admin","Правило блокировки. Панель администрирования"
35
  "For frontend only.","Только для пользовательской части."
36
  "Email always","Оповещать всегда"
37
  "Yes - mail notification will be sent every time when blocking rule applies. No - mail notification will be sent when IP is blocked for first time and each 10th time blocking occurs.","Да - оповещение будет отсылаться при каждой блокировке. Нет - оповещение будет отослано, если IP заблокирован первый раз или количество блокировок кратно 10."
38
+ "Security log","Security журнал"
39
  "ET IP Security log table","ET IP Security журнал блокировок"
40
  "Blocked IP","Блокированный IP"
41
  "Qty blocked","Блокировано раз"
51
  "Current server values","Значения на этом сервере"
52
  "Extension receives customer IP from server. Servers can store this information in different variables. Usually variable REMOTE_ADDR is used. But if your server is configured differently, you can select neccessary IP address get method.","Модуль получает IP адрес посетителя от сервера. Сервера могут хранить эту информацию в разных переменных. Обычно это переменная REMOTE_ADDR. Но если ваш сервер настроен по другому, то вы можете указать нужный метод получения IP адреса."
53
  "Below is a list of standard variables where the server can store the IP address of the visitor, and what each of these variables contains on your server:<br><br>","Ниже представлен список стандартных переменных, в которых сервера могут хранить IP адрес посетителя, и что находится в каждой из этих переменных на вашем сервере:<br><br>"
54
+ "Global settings","Глобальные настройки"
55
+ "You can enter IP addresses, masks and ranges. Comments are added with character |. Each rule on separate row.<br>Example:<br>127.0.0.1|My address<br>10.*.*.*|internal company IPs<br>10.0.0.1-20.0.0.1|IP Range<br>10.0.0.192/26|IP Range","Можно указывать как IP адреса, так и маски адресов и диапазоны IP адресов. К каждому правилу можно добавить комментарий через символ |. По одному правилу на строку.<br>Пример:<br>127.0.0.1|My address<br>10.*.*.*|internal company IPs<br>10.0.0.1-20.0.0.1|IP Range<br>10.0.0.192/26|IP Range"
56
+ "Enable access by token","Включить доступ по токену"
57
+ "Validity period of token","Срок действия токена"
58
+ "Necessity of email notification","Уведомления по электронной почте"
59
 
 
 
 
 
 
 
 
 
 
 
60
 
61
+ "Access link to Site","Ссылка доступа на сайт"
62
+ "GET parameter name","Имя GET параметра"
63
+ "Generate Access link","Формирование ссылки доступа"
64
+ "Validity","Срок действия"
65
+ "Notification","Оповещение"
66
+
67
+ "We recommend changing the default name of this parameter - it will complicate the possibility of link brute force. This field is required to create a token. Do not use spaces and special characters.","Советуем изменить имя параметра по умолчанию, что ещё больше усложнит возможность подбора ссылки. Для создания токена это поле должно быть заполнено. Не используйте пробелы и спец. символы."
68
+ "When creating a new token, old link is deactivated","При создании нового токена старая ссылка перестаёт действовать."
69
+
70
+ "days","дня"
71
+ "hour","час"
72
+ "Generate token","Создать токен"
73
+ "Date","Дата"
74
+
75
+ "Successful token use","Успешное использование токена"
76
+ "Unsuccessful token use attempt","Неудачная попытка использования токена"
77
+
78
+ "IP Security - Token access","IP Security - Доступ по токену"
79
+ "Delete token","Удалить токен"
80
+ "Current token is:","Текущий токен:"
81
+ "here","здесь"
82
+ "Token not created","Токен не создан"
83
+ "Token expires after:","Действие токена истекает через:"
84
+ "IP Security Access Token log","IP Security журнал авторизации по токену"
85
+ "Token not Created","Токен не создан"
86
+ "Enable","Включить"
87
+ "Enabled","Включено"
88
+ "Disable","Отключить"
89
+ "Disabled","Отключено"
90
+ "Access by security token is disabled, you can enable access in the <a href='%s' target='_blank'>module settings</a>.","Функция доступа по токену отключена. Вы можете включить доступ в <a href='%s' target='_blank'>настройках модуля</a>."
91
+ "Token expired!","Срок действия токена истёк!"
92
+ "You can change Token Access settings in the <a href='%s' target='_blank'>module settings</a>.","Вы можете изменить параметры доступа по токену в <a href='%s' target='_blank'>настройках модуля</a>."
93
+ "%s (hours)","%s (часов)"
94
+ "Use this link to access the site from the blocked IP addresses. Note the token and cookie lifetimes.","Используйте эту ссылку для получения доступа к сайту с заблокированного IP адреса. Обратите внимание на срок действия токена и срок действия cookie."
95
+ "Use this link to access the site administration panel from the blocked IP addresses. Note the token and cookie lifetimes.","Используйте эту ссылку для получения доступа к панели администрирования сайта с заблокированного IP адреса. Обратите внимание на срок действия токена и срок действия cookie."
96
+ "Access link to Admin page","Ссылка доступа в панель администрирования"
97
+ "Access link create time","Время создания ссылки доступа"
98
+
99
+ "Measured in days. After this time the access link will not be available. The countdown starts from access link create time.","Измеряется в днях. По истечении указанного времени ссылка доступа перестанет действовать. Отсчёт идёт с момента создания ссылки доступа."
100
+ "Cookie lifetime","Срок действия cookie"
101
+ "Measured in hours. The countdown starts from the last page visit by the access link or the last action on the site after using the access link. After this time, access to the site from the banned IP addresses will not be possible without re-entering access link.","Измеряется в часах. Отсчёт идёт с момента входа на сайт по ссылке доступа или последнего действия на сайте после захода по ссылке. По истечении указанного времени доступ к сайту с запрещённого IP адреса будет невозможен без повторного использования ссылки доступа."
102
+ "Notify when Access Link is used","Оповестить при использовании ссылки доступа"
103
+ "Yes - the notification will be sent on any attempt to use the access link. No - the notification will be sent only on a successful attempt.","Да - оповещение будет отсылаться при любой попытке использования ссылки доступа. Нет - оповещение будет отсылаться только при успешном попадании на сайт."
104
+ "Email for notification","Email для оповещений"
105
+ "Authentication success email template","Email Шаблон успешной аутентификации"
106
+ "Authentication fail email template","Email Шаблон неудачной аутентификации"
107
+ "Event","Событие"
108
+ "Login by token success","Успешная аутентификация с помощью токена."
109
+ "Login by token fail","Неудачная аутентификация с помощью токена."
app/locale/ru_RU/template/email/et_ipsecurity.html CHANGED
@@ -1,7 +1,7 @@
1
- <!--@subject IP Security - сработало правило блокировки @-->
2
- Запрещён доступ к {{var storetype}} ({{var url}}) с
3
-
4
- ip: {{var ip}}
5
- ip маски: {{var ip_rule}}
6
-
7
  время: {{var date}}
1
+ <!--@subject IP Security - сработало правило блокировки @-->
2
+ Запрещён доступ к {{var storetype}} ({{var url}}) с
3
+
4
+ ip: {{var ip}}
5
+ ip маски: {{var ip_rule}}
6
+
7
  время: {{var date}}
app/locale/ru_RU/template/email/et_ipsecurity_admin.html CHANGED
@@ -1,7 +1,7 @@
1
- <!--@subject IP Security - сработало правило блокировки @-->
2
- Запрещён доступ к {{var storetype}} ({{var url}}) c
3
-
4
- ip: {{var ip}}
5
- ip маски: {{var ip_rule}}
6
-
7
  время: {{var date}}
1
+ <!--@subject IP Security - сработало правило блокировки @-->
2
+ Запрещён доступ к {{var storetype}} ({{var url}}) c
3
+
4
+ ip: {{var ip}}
5
+ ip маски: {{var ip_rule}}
6
+
7
  время: {{var date}}
app/locale/ru_RU/template/email/et_ipsecurity_ipsecuritytoken.html ADDED
@@ -0,0 +1,9 @@
 
 
 
 
 
 
 
 
 
1
+ <!--@subject IP Security - Успешное использование токена @-->
2
+ Посетитель успешно обошёл блокировку по IP адресу
3
+ {{var storetype}} ({{var url}})
4
+
5
+ c
6
+ ip: {{var ip}}
7
+ ip маски: {{var ip_rule}}
8
+
9
+ время: {{var date}}
app/locale/ru_RU/template/email/et_ipsecurity_ipsecuritytoken_fail.html ADDED
@@ -0,0 +1,16 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <!--@subject IP Security - Неудачная попытка использования токена @-->
2
+ Посетитель пытался обойти блокировку по IP адресу с помощью токена
3
+ {{var storetype}} ({{var url}})
4
+
5
+ c
6
+ ip: {{var ip}}
7
+ ip маски: {{var ip_rule}}
8
+
9
+ время: {{var date}}
10
+ Доступ к сайту не был получен.
11
+
12
+ Возможные причины:
13
+ * неправильный токен
14
+ * срок действия токена закончился
15
+ * функция доступа по токену отключена
16
+
package.xml CHANGED
@@ -1,7 +1,7 @@
1
  <?xml version="1.0"?>
2
  <package>
3
  <name>ET_IpSecurity</name>
4
- <version>2.1.2</version>
5
  <stability>stable</stability>
6
  <license uri="http://shop.etwebsolutions.com/eng/etws-license-free-v1">ETWS Free License (EFL1)</license>
7
  <channel>community</channel>
@@ -9,10 +9,10 @@
9
  <summary>Extension gives you ability to restrict access to your website by IP address or to close your shop for maintenance.</summary>
10
  <description>IP Security can restrict access to website by IP address or IP masks. When restrict rule is triggered, customer gets redirected to CMS page specified in settings or just blank page. You can get notifications about triggered rules by email. There is also opportunity to switch your website off for maintenance.</description>
11
  <notes>stable release</notes>
12
- <authors><author><name>Jurij</name><user>auto-converted</user><email>support@etwebsolutions.com</email></author><author><name>Andrej</name><user>auto-converted</user><email>support@etwebsolutions.com</email></author></authors>
13
- <date>2015-10-28</date>
14
- <time>08:46:21</time>
15
- <contents><target name="magecommunity"><dir name="ET"><dir name="IpSecurity"><dir name="Block"><dir name="Adminhtml"><dir name="Log"><dir name="Renderer"><file name="Translaterule.php" hash="ca65f7951033aa9012d28e2d57aef2a5"/></dir><file name="Grid.php" hash="2fb7a3f5f89954ed59c6fba4547d6633"/></dir><file name="GetIpInfo.php" hash="2ebe7ee7e4eedbf51b0d783c0e2a5a8e"/><file name="Log.php" hash="71e986aa8d17ca38fbbebf293aaadb7c"/><file name="Support.php" hash="507d03079350e4a58cda0ee1e2f33ce1"/></dir></dir><dir name="Helper"><file name="Data.php" hash="bb998ef9431d76e3a03e9d0b3c55e5f8"/></dir><dir name="Model"><dir name="Mysql4"><dir name="Ipsecuritylog"><file name="Collection.php" hash="d052dd9e02c801d4343dcc847e48a7b2"/></dir><file name="Ipsecuritylog.php" hash="bbefc57c3bea478057e6038f6882843c"/></dir><file name="IpVariable.php" hash="0ab9d9cc78d4479df22c3a3a90a32216"/><file name="Ipsecuritylog.php" hash="73e41e474f5bde2b994f097de68a2d3b"/><file name="Observer.php" hash="7ab5d8e0697d4aedeb81eacf45b22e9a"/></dir><dir name="Test"><dir name="Model"><dir name="Observer"><dir name="providers"><file name="testIsIpAllowed.yaml" hash="404d102cf95f0ccce2169ff28bdbb74f"/><file name="testIsIpInList.yaml" hash="ba21c5f51a0b20d1e0e04ca3e1a9db11"/></dir></dir><file name="Observer.php" hash="173a1298271aeaa8811f8b7759975b0e"/></dir></dir><dir name="controllers"><dir name="Adminhtml"><dir name="Etipsecurity"><file name="LogController.php" hash="07ef2c8fe4c37d4893fd1da72a144631"/></dir></dir></dir><dir name="etc"><file name="config.xml" hash="4bc7d807cfc137af3298190959a2375f"/><file name="system.xml" hash="145c64a5e7b22ab70058535b8158bb72"/></dir><dir name="sql"><dir name="ipsecurity_setup"><file name="mysql4-install-1.5.php" hash="8ab37ac7b1e54c6f3c1a41aad932b5c6"/><file name="mysql4-upgrade-1.5.3-2.0.0.php" hash="1b6f0580e385634cd93c688adae5d19d"/></dir></dir></dir></dir></target><target name="magelocale"><dir name="ru_RU"><dir name="template"><dir name="email"><file name="et_ipsecurity.html" hash="b25448f879024a4f9694136cb45258b3"/><file name="et_ipsecurity_admin.html" hash="33efea1ec67fbcb5946fbb34429470f2"/></dir></dir><file name="ET_IpSecurity.csv" hash="550ce954f02f6a3b1a4ddd2e7c7e0c05"/></dir><dir name="en_US"><dir name="template"><dir name="email"><file name="et_ipsecurity.html" hash="ffb1da1a35a7f598a8d2edfe4cba3ef3"/><file name="et_ipsecurity_admin.html" hash="ffb1da1a35a7f598a8d2edfe4cba3ef3"/></dir></dir><file name="ET_IpSecurity.csv" hash="7f9caec31be429a5851a67357eb44848"/></dir></target><target name="mageetc"><dir name="modules"><file name="ET_IpSecurity.xml" hash="3405c1babf6948a8af04228c60894fcf"/></dir></target><target name="magedesign"><dir name="adminhtml"><dir name="default"><dir name="default"><dir name="layout"><file name="et_ipsecurity.xml" hash="fe835822c357d166d0e0ce3d2af028c9"/></dir></dir></dir></dir></target></contents>
16
  <compatible/>
17
- <dependencies/>
18
  </package>
1
  <?xml version="1.0"?>
2
  <package>
3
  <name>ET_IpSecurity</name>
4
+ <version>2.2.0</version>
5
  <stability>stable</stability>
6
  <license uri="http://shop.etwebsolutions.com/eng/etws-license-free-v1">ETWS Free License (EFL1)</license>
7
  <channel>community</channel>
9
  <summary>Extension gives you ability to restrict access to your website by IP address or to close your shop for maintenance.</summary>
10
  <description>IP Security can restrict access to website by IP address or IP masks. When restrict rule is triggered, customer gets redirected to CMS page specified in settings or just blank page. You can get notifications about triggered rules by email. There is also opportunity to switch your website off for maintenance.</description>
11
  <notes>stable release</notes>
12
+ <authors><author><name>Jurij</name><user>niro</user><email>support@etwebsolutions.com</email></author><author><name>Andrej</name><user>zlojd</user><email>support@etwebsolutions.com</email></author></authors>
13
+ <date>2016-08-31</date>
14
+ <time>10:26:15</time>
15
+ <contents><target name="magecommunity"><dir name="ET"><dir name="IpSecurity"><dir name="Block"><dir name="Adminhtml"><file name="GetIpInfo.php" hash="ea909a6464f2431531548b504caa8746"/><dir name="Log"><file name="Grid.php" hash="22786f39900c84f41e68515e10c988d2"/><dir name="Renderer"><file name="Translaterule.php" hash="2ef4acf4a351e2f6b5a9ab649d1d9fe0"/></dir></dir><file name="Log.php" hash="3a1f843ff4f17dd2d2dafb9097217461"/><file name="Support.php" hash="5995c5add23eedf7eaada7460436d3bc"/><dir name="System"><dir name="Config"><dir name="Form"><dir name="Field"><dir name="Admin"><file name="Link.php" hash="acccb0a8f76604aea233a3572a367344"/></dir><file name="Link.php" hash="30cbb66b7afed00304570a6bd3fe8170"/><dir name="Token"><file name="Button.php" hash="7f4c6b038036faa3fbc41f0f331f245e"/><dir name="Update"><file name="Date.php" hash="7f27a876527c548cc4e1bc8dfe9a8c2b"/></dir></dir></dir></dir></dir></dir><dir name="Token"><dir name="Log"><file name="Grid.php" hash="29c85a75c5e84816ede1c6ea958855a4"/></dir><file name="Log.php" hash="cec3b21af090a7360401813d71e72c19"/></dir></dir></dir><dir name="Helper"><file name="Data.php" hash="42365704bdf72131af088aae2da0f7e6"/></dir><dir name="Model"><file name="IpVariable.php" hash="8752e013d2ce56ad566b90034fcb6037"/><file name="Ipsecuritylog.php" hash="f231196b4baddf2631e5bd04fadf566f"/><file name="Iptokenlog.php" hash="9665497c5d30d4e2a57b4e17368120e9"/><dir name="Mysql4"><dir name="Ipsecuritylog"><file name="Collection.php" hash="639d0518f5c4591a361bca726a64199c"/></dir><file name="Ipsecuritylog.php" hash="276e615ba49454754ee4210394953172"/><dir name="Iptokenlog"><file name="Collection.php" hash="e7e40abc9e7e761fb821889752a97084"/></dir><file name="Iptokenlog.php" hash="030285c846fdc9c1900a2fae98cd9657"/></dir><file name="Observer.php" hash="5b33a978342b63a5703b6cbf5b22e990"/><dir name="System"><dir name="Config"><dir name="Source"><dir name="Cookie"><file name="Expire.php" hash="3dd32275a8489bfd53681242fdbec4f7"/></dir><dir name="Token"><file name="Expire.php" hash="55da91ba0715346124b52b5aaa37998e"/></dir></dir></dir></dir></dir><dir name="Test"><dir name="Model"><dir name="Observer"><dir name="providers"><file name="testIsIpAllowed.yaml" hash="404d102cf95f0ccce2169ff28bdbb74f"/><file name="testIsIpInList.yaml" hash="ba21c5f51a0b20d1e0e04ca3e1a9db11"/></dir></dir><file name="Observer.php" hash="09458ee6341cc5de5a03f2bfef79bfb8"/></dir></dir><dir name="controllers"><dir name="Adminhtml"><dir name="Etipsecurity"><file name="LogController.php" hash="2658feea29ba2bd9b4d153ab51572a7c"/><dir name="Token"><file name="LogController.php" hash="f3debb1aa77c7a7f0adc9e9b2f94b989"/></dir><file name="TokenController.php" hash="efeeb7ed1442ca5a0f10479a7e48e4e7"/></dir></dir></dir><dir name="etc"><file name="config.xml" hash="b83e8cb04ac532ca3e26c70a05b21498"/><file name="system.xml" hash="f8a2a4d756b095d1e28e8495cdccca7a"/></dir><dir name="sql"><dir name="ipsecurity_setup"><file name="mysql4-install-1.5.php" hash="a2c026dec475ac9d9f8153181b590a32"/><file name="mysql4-upgrade-1.5.3-2.0.0.php" hash="dcff32a9576905b3187958cccd11d468"/><file name="mysql4-upgrade-2.1.4-2.1.5.php" hash="562af7bebeaa1a44cb6106762ce88899"/></dir></dir></dir></dir></target><target name="magelocale"><dir name="ru_RU"><file name="ET_IpSecurity.csv" hash="29f6c6dcb9bf71ceb8a2fec656431a3a"/><dir name="template"><dir name="email"><file name="et_ipsecurity.html" hash="e02159d2880a6b786a169c1b821fab64"/><file name="et_ipsecurity_admin.html" hash="bbd286df243d58a76d4c1dee45f7836d"/><file name="et_ipsecurity_ipsecuritytoken.html" hash="28bfe4307be61980300a76dabe349e55"/><file name="et_ipsecurity_ipsecuritytoken_fail.html" hash="98c00b08c94dffaf2e884deb4471fda6"/></dir></dir></dir><dir name="en_US"><file name="ET_IpSecurity.csv" hash="7f9caec31be429a5851a67357eb44848"/><dir name="template"><dir name="email"><file name="et_ipsecurity.html" hash="bbd4e4a1cb7184187d63719439775273"/><file name="et_ipsecurity_admin.html" hash="bbd4e4a1cb7184187d63719439775273"/><file name="et_ipsecurity_ipsecuritytoken.html" hash="70f787d6af15b0a857fee634010c2c00"/><file name="et_ipsecurity_ipsecuritytoken_fail.html" hash="80f1b74078ae512dc16d708cc1a8d592"/></dir></dir></dir></target><target name="mageetc"><dir name="modules"><file name="ET_IpSecurity.xml" hash="3405c1babf6948a8af04228c60894fcf"/></dir></target><target name="magedesign"><dir name="adminhtml"><dir name="default"><dir name="default"><dir name="layout"><file name="et_ipsecurity.xml" hash="1d2513d729a683fb3a302fdd7dce454e"/></dir><dir name="template"><dir name="et_ipsecurity"><file name="admin_config_generation_button.phtml" hash="7dd6a2f86f83140a013cdf80eedec7f6"/><file name="tokenlog-grid-comment.phtml" hash="2d545b6ab6876cde6709bb51967f6e6b"/></dir></dir></dir></dir></dir></target></contents>
16
  <compatible/>
17
+ <dependencies><required><php><min>5.0.0</min><max>6.0.0</max></php></required></dependencies>
18
  </package>