Zabbix
Public
Source
xxxxxxxxxx return (array_key_exists('HTTP_X_FORWARDED_FOR', $_SERVER) && $_SERVER['HTTP_X_FORWARDED_FOR'] !== '')<?php/*** Zabbix** Copyright (C) 2001-2022 Zabbix SIA**** This program is free software; you can redistribute it and/or modify** it under the terms of the GNU General Public License as published by** the Free Software Foundation; either version 2 of the License, or** (at your option) any later version.**** This program is distributed in the hope that it will be useful,** but WITHOUT ANY WARRANTY; without even the implied warranty of** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the** GNU General Public License for more details.**** You should have received a copy of the GNU General Public License** along with this program; if not, write to the Free Software** Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.**/class CWebUser { public static $data = null; /** * Flag used to not to extend session lifetime in checkAuthentication. */ static $extend_session = true; /** * Disable automatic session extension. */ public static function disableSessionExtension() { self::$extend_session = false; } /** * Tries to login a user and populates self::$data on success. * * @param string $login user login * @param string $password user password * * @throws Exception if user cannot be logged in * * @return bool */ public static function login(string $login, string $password): bool { try { self::$data = API::User()->login([ 'username' => $login, 'password' => $password, 'userData' => true ]); if (!self::$data) { throw new Exception(); } API::getWrapper()->auth = self::$data['sessionid']; if (self::$data['gui_access'] == GROUP_GUI_ACCESS_DISABLED) { error(_('GUI access disabled.')); throw new Exception(); } if (isset(self::$data['attempt_failed']) && self::$data['attempt_failed']) { CProfile::init(); CProfile::update('web.login.attempt.failed', self::$data['attempt_failed'], PROFILE_TYPE_INT); CProfile::update('web.login.attempt.ip', self::$data['attempt_ip'], PROFILE_TYPE_STR); CProfile::update('web.login.attempt.clock', self::$data['attempt_clock'], PROFILE_TYPE_INT); if (!CProfile::flush()) { return false; } } return true; } catch (Exception $e) { self::setDefault(); return false; } } /** * Log-out the current user. */ public static function logout(): void { if (API::User()->logout([])) { self::$data = null; session_destroy();