From 8dc0bf2d95668241d6111df82215f69ba67a830d Mon Sep 17 00:00:00 2001 From: Lihi Dor Date: Thu, 10 Nov 2016 14:35:13 +0200 Subject: [PATCH 1/2] add ability to restrict by IP --- attendance.php | 12 +++++++++++- classes/structure.php | 4 +++- db/install.xml | 5 +++-- db/upgrade.php | 10 +++++++++- lang/en/attendance.php | 5 ++++- mod_form.php | 11 ++++++++++- version.php | 4 ++-- 7 files changed, 42 insertions(+), 9 deletions(-) diff --git a/attendance.php b/attendance.php index 8b9bda8..d4c071a 100644 --- a/attendance.php +++ b/attendance.php @@ -83,5 +83,15 @@ $PAGE->navbar->add($att->name); $output = $PAGE->get_renderer('mod_attendance'); echo $output->header(); -$mform->display(); +if (!empty ($attendance->subnet)) { + if (!address_in_subnet(getremoteaddr(), $attendance->subnet)) { + $wrongip = html_writer::tag('p', get_string('subnetwrong', 'attendance')); + $button = html_writer::tag('p', $output->continue_button($CFG->wwwroot . '/course/view.php?id=' . $course->id)); + echo $output->box($wrongip ."\n\n".$button."\n", 'generalbox', 'notice'); + } else { + $mform->display(); + } else { + $mform->display(); +} + echo $output->footer(); diff --git a/classes/structure.php b/classes/structure.php index 772a021..99f5e96 100644 --- a/classes/structure.php +++ b/classes/structure.php @@ -58,6 +58,8 @@ class mod_attendance_structure { /** current page parameters */ public $pageparams; + public $subnet; + private $groupmode; private $statuses; @@ -1058,4 +1060,4 @@ class mod_attendance_structure { return null; } -} +} \ No newline at end of file diff --git a/db/install.xml b/db/install.xml index 5259382..ac9f7a0 100644 --- a/db/install.xml +++ b/db/install.xml @@ -1,5 +1,5 @@ - @@ -11,6 +11,7 @@ + @@ -103,4 +104,4 @@ - \ No newline at end of file + diff --git a/db/upgrade.php b/db/upgrade.php index 3485f7f..8bf2f4a 100644 --- a/db/upgrade.php +++ b/db/upgrade.php @@ -191,6 +191,14 @@ function xmldb_attendance_upgrade($oldversion=0) { // Attendance savepoint reached. upgrade_mod_savepoint(true, 2016082900, 'attendance'); } + if ($oldversion < 201611071400) { + $table = new xmldb_table('attendance'); + $newfield = $table->add_field('subnet', XMLDB_TYPE_CHAR, '255', null, null, null, null); + if (!$dbman->field_exists($table, $newfield)) { + $dbman->add_field($table, $newfield); + } + upgrade_mod_savepoint(true, 201611071400, 'attendance'); + } return $result; -} +} \ No newline at end of file diff --git a/lang/en/attendance.php b/lang/en/attendance.php index 6e04022..dc6b702 100644 --- a/lang/en/attendance.php +++ b/lang/en/attendance.php @@ -332,4 +332,7 @@ $string['repeatuntil'] = 'Repeat until'; $string['repeaton'] = 'Repeat on'; $string['invalidsessionendtime'] = 'The end time must be greater than start time'; $string['deletedgroup'] = 'The group associated with this session has been deleted'; -$string['search:activity'] = 'Attendance - activity information'; \ No newline at end of file +$string['extrarestrictions'] = 'Extra restrictions'; +$string['configrequiresubnet'] = 'Students can only record own attendance from these computers.'; +$string['subnetwrong'] = 'Attendance can only be recorded from certain locations, and this computer is not on the allowed list.'; +$string['requiresubnet_help'] = 'Attendance recording may be restricted to particular subnets by specifying a comma-separated list of partial or full IP addresses.'; \ No newline at end of file diff --git a/mod_form.php b/mod_form.php index 6cd15f7..682a90e 100644 --- a/mod_form.php +++ b/mod_form.php @@ -42,6 +42,7 @@ class mod_attendance_mod_form extends moodleform_mod { * @return void */ public function definition() { + $attendanceconfig = get_config('attendance'); $mform =& $this->_form; $mform->addElement('header', 'general', get_string('general', 'form')); @@ -55,6 +56,14 @@ class mod_attendance_mod_form extends moodleform_mod { $this->standard_grading_coursemodule_elements(); $this->standard_coursemodule_elements(true); + + $mform->addElement('header', 'security', get_string('extrarestrictions', 'attendance')); + // IP address. + $mform->addElement('text', 'subnet', get_string('requiresubnet', 'attendance'), array('size' => '164')); + $mform->setType('subnet', PARAM_TEXT); + $mform->addHelpButton('subnet', 'requiresubnet', 'attendance'); + $mform->setDefault('subnet', $attendanceconfig->subnet); + $this->add_action_buttons(); } -} +} \ No newline at end of file diff --git a/version.php b/version.php index 39e624d..15fd1c2 100644 --- a/version.php +++ b/version.php @@ -22,9 +22,9 @@ * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ -$plugin->version = 2016082900; +$plugin->version = 2016110714; $plugin->requires = 2016052300; $plugin->release = '3.1.1.1'; $plugin->maturity = MATURITY_STABLE; $plugin->cron = 0; -$plugin->component = 'mod_attendance'; +$plugin->component = 'mod_attendance'; \ No newline at end of file From 96df70674be4977bb584ba07df62df65826159f8 Mon Sep 17 00:00:00 2001 From: Dan Marsden Date: Mon, 21 Nov 2016 14:58:08 +1300 Subject: [PATCH 2/2] Tidy up requiredip work. --- attendance.php | 19 ++++++++----------- db/install.xml | 2 +- db/upgrade.php | 6 +++--- lang/en/attendance.php | 2 +- mod_form.php | 3 +++ version.php | 2 +- 6 files changed, 17 insertions(+), 17 deletions(-) diff --git a/attendance.php b/attendance.php index d4c071a..f702fbf 100644 --- a/attendance.php +++ b/attendance.php @@ -43,6 +43,13 @@ if (empty(get_config('attendance', 'studentscanmark')) || empty($attforsession-> redirect(new moodle_url('/mod/attendance/view.php', array('id' => $cm->id))); exit; } + +// Check if subnet is set and if the user is in the allowed range. +if (!empty($attendance->subnet) && !address_in_subnet(getremoteaddr(), $attendance->subnet)) { + notice(get_string('subnetwrong', 'attendance')); + exit; // Notice calls this anyway. +} + $pageparams->sessionid = $id; $att = new mod_attendance_structure($attendance, $cm, $course, $PAGE->context, $pageparams); @@ -83,15 +90,5 @@ $PAGE->navbar->add($att->name); $output = $PAGE->get_renderer('mod_attendance'); echo $output->header(); -if (!empty ($attendance->subnet)) { - if (!address_in_subnet(getremoteaddr(), $attendance->subnet)) { - $wrongip = html_writer::tag('p', get_string('subnetwrong', 'attendance')); - $button = html_writer::tag('p', $output->continue_button($CFG->wwwroot . '/course/view.php?id=' . $course->id)); - echo $output->box($wrongip ."\n\n".$button."\n", 'generalbox', 'notice'); - } else { - $mform->display(); - } else { - $mform->display(); -} - +$mform->display(); echo $output->footer(); diff --git a/db/install.xml b/db/install.xml index ac9f7a0..0704227 100644 --- a/db/install.xml +++ b/db/install.xml @@ -11,7 +11,7 @@ - + diff --git a/db/upgrade.php b/db/upgrade.php index 8bf2f4a..8457cda 100644 --- a/db/upgrade.php +++ b/db/upgrade.php @@ -191,13 +191,13 @@ function xmldb_attendance_upgrade($oldversion=0) { // Attendance savepoint reached. upgrade_mod_savepoint(true, 2016082900, 'attendance'); } - if ($oldversion < 201611071400) { + if ($oldversion < 2016112100) { $table = new xmldb_table('attendance'); - $newfield = $table->add_field('subnet', XMLDB_TYPE_CHAR, '255', null, null, null, null); + $newfield = $table->add_field('subnet', XMLDB_TYPE_CHAR, '255', null, null, null, null, 'timemodified'); if (!$dbman->field_exists($table, $newfield)) { $dbman->add_field($table, $newfield); } - upgrade_mod_savepoint(true, 201611071400, 'attendance'); + upgrade_mod_savepoint(true, 2016112100, 'attendance'); } return $result; diff --git a/lang/en/attendance.php b/lang/en/attendance.php index dc6b702..d0dc440 100644 --- a/lang/en/attendance.php +++ b/lang/en/attendance.php @@ -333,6 +333,6 @@ $string['repeaton'] = 'Repeat on'; $string['invalidsessionendtime'] = 'The end time must be greater than start time'; $string['deletedgroup'] = 'The group associated with this session has been deleted'; $string['extrarestrictions'] = 'Extra restrictions'; -$string['configrequiresubnet'] = 'Students can only record own attendance from these computers.'; +$string['requiresubnet'] = 'Students can only record own attendance from these computers.'; $string['subnetwrong'] = 'Attendance can only be recorded from certain locations, and this computer is not on the allowed list.'; $string['requiresubnet_help'] = 'Attendance recording may be restricted to particular subnets by specifying a comma-separated list of partial or full IP addresses.'; \ No newline at end of file diff --git a/mod_form.php b/mod_form.php index 682a90e..013a91e 100644 --- a/mod_form.php +++ b/mod_form.php @@ -43,6 +43,9 @@ class mod_attendance_mod_form extends moodleform_mod { */ public function definition() { $attendanceconfig = get_config('attendance'); + if (!isset($attendanceconfig->subnet)) { + $attendanceconfig->subnet = ''; + } $mform =& $this->_form; $mform->addElement('header', 'general', get_string('general', 'form')); diff --git a/version.php b/version.php index 15fd1c2..4e6153b 100644 --- a/version.php +++ b/version.php @@ -22,7 +22,7 @@ * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later */ -$plugin->version = 2016110714; +$plugin->version = 2016112100; $plugin->requires = 2016052300; $plugin->release = '3.1.1.1'; $plugin->maturity = MATURITY_STABLE;