[pmwiki-users] allow editing only from one IP

Oliver Betz list_ob at gmx.net
Thu Sep 25 01:50:50 CDT 2008

"Patrick R. Michaud" wrote:

>> Is it possible to allow editing only from one selected IP (and disallow from
>> all others) ?
>In config.php:
>if ($action == 'edit' && @$_SERVER['REMOTE_ADDR'] != '') 
>  $action = 'browse';
>This will prevent editing from any address other than

could you have a look at my solution to check also (dynamic) DNS

- snip -
<?php if (!defined('PmWiki')) exit();

  $_SESSION['DNSauth'] = '';
  $remoteip = preg_quote($_SERVER['REMOTE_ADDR']);      # quote '.' to
make search pattern
  $remoteip = preg_replace('/\\d+$/', '($0\\b|\\*)', $remoteip); #
same procedure as in blocklist

  $page = ReadPage($DNSauthPage, READPAGE_CURRENT);     # get IP
addresses and host names
  if ($page &&
$page['text'], $matches, PREG_SET_ORDER)) {
    foreach($matches as $m) {
        $hostip = $m[1]; # is already IP address
      else {
        $hostip = " " . gethostbyname($m[1]); # is a hostname -
resolve it
      if(preg_match("/\\b$remoteip/", $hostip)){
        $_SESSION['DNSauth'] = "$m[2]";
        SessionAuth($pagename, array('authlist' => array($m[2] =>

$FmtPV['$DNS'] = "htmlentities(stripmagic(\$_SESSION['DNSauth']))";

- snip -

It needs an entry like "$DNSauthPage = 'SiteAdmin/DNSallow';" in the
configuration script, this wiki page contains entries
"address:authname", e.g. "foobar.dyndns.org:someuser" or
"". The access rights are then defined with the
standard methods of authuser.

Since my php programming knowledge is pretty poor, I would be glad to
have someone looking over it, especially whether there are security
problems and whether the integration with AuthUser is done correctly.

To avoid a bunch of DNS queries with each page request, I do the
check only if the session hasn't been established. Is it a good idea
to check AuthList directly, or is there a cleaner way?

I would be glad to publish it on pmwiki.org, but not before some
confirmation that it's safe.


More information about the pmwiki-users mailing list