From c02b01a31278f4ab2476c254655a8a9538cae689 Mon Sep 17 00:00:00 2001
From: Imran Hussain <imranh@sucs.org>
Date: Wed, 2 May 2018 11:45:38 +0100
Subject: [PATCH] Add ability to ban users and add sucs special service
 accounts

---
 public/index.php | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/public/index.php b/public/index.php
index 3e26842..c826b71 100644
--- a/public/index.php
+++ b/public/index.php
@@ -1,5 +1,7 @@
 <?php
 
+$bannedUsers = array("vote","signup","cacti","video");
+
 function ip_in_range($ip, $range) {
 	if (strpos($range, '/') == false) {
 		$range .= '/32';
@@ -22,12 +24,16 @@ if (!ip_in_range($ipAddr, "137.44.10.128/25")){
 }
 
 if(isset($_REQUEST['username'])) {
-	$username = $_REQUEST['username'];
+	$username = strtolower($_REQUEST['username']);
 }
 if(isset($_REQUEST['password'])) {
 	$password = $_REQUEST['password'];
 }
 
+if ( in_array($username,$bannedUsers) ) {
+	die("u r b&");
+}
+
 include_once("../ldap-auth.php");
 
 $isAuthd = ldapAuth($username, $password);
-- 
GitLab