From 97f3dfee15154b384254aff3af987e1275f82b27 Mon Sep 17 00:00:00 2001 From: MauricioGM Date: Fri, 22 Nov 2024 14:58:18 -0600 Subject: [PATCH] obtener_ip_para_autorizar_prestamos --- ajax/venta.php | 51 +++++++++++++++++++++++++++++++++ files/articulos/1732288097.jpg | Bin 0 -> 3050 bytes vistas/header.php | 1 - vistas/venta.php | 47 ++++++++++++++++++++++++++---- 4 files changed, 93 insertions(+), 6 deletions(-) create mode 100644 files/articulos/1732288097.jpg diff --git a/ajax/venta.php b/ajax/venta.php index dd98418..8ba5b34 100644 --- a/ajax/venta.php +++ b/ajax/venta.php @@ -3,6 +3,36 @@ require_once "../modelos/Venta.php"; if (strlen(session_id())<1) session_start(); + // Obtener la IP del dispositivo que ingreso + function getIp(): string + { + if (isset($_SERVER['HTTP_CF_CONNECTING_IP'])) { + $ip = $_SERVER['HTTP_CF_CONNECTING_IP']; + } elseif (isset($_SERVER['REMOTE_ADDR']) === true) { + $ip = $_SERVER['REMOTE_ADDR']; + if (preg_match('/^(?:127|10)\.0\.0\.[12]?\d{1,2}$/', $ip)) { + if (isset($_SERVER['HTTP_X_REAL_IP'])) { + $ip = $_SERVER['HTTP_X_REAL_IP']; + } elseif (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) { + $ip = $_SERVER['HTTP_X_FORWARDED_FOR']; + } + } + } else { + $ip = '127.0.0.1'; + } + if (in_array($ip, ['::1', '0.0.0.0', 'localhost'], true)) { + $ip = '127.0.0.1'; + } + $filter = filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4); + if ($filter === false) { + $ip = '127.0.0.1'; + } + + return $ip; + } + + $ip_autorizada ='127.0.0.1'; + $venta = new Venta(); $idventa=isset($_POST["idventa"])? limpiarCadena($_POST["idventa"]):""; @@ -78,6 +108,7 @@ switch ($_GET["op"]) { $rspta=$venta->listar(); $data=Array(); +if((getIp() == $ip_autorizada) || ($_SESSION['acceso']==1)) { while ($reg=$rspta->fetch_object()) { if ($reg->tipo_comprobante=='Ticket') { $url='../reportes/exTicket.php?id='; @@ -96,6 +127,26 @@ switch ($_GET["op"]) { "7"=>($reg->estado=='Aceptado')?'Aceptado':'Devuelto' ); } +}else{ + while ($reg=$rspta->fetch_object()) { + if ($reg->tipo_comprobante=='Ticket') { + $url='../reportes/exTicket.php?id='; + }else{ + $url='../reportes/exFactura.php?id='; + } + + $data[]=array( + "0"=>'Sin Acceso', + "1"=>$reg->fecha, + "2"=>$reg->cliente, + "3"=>$reg->usuario, + "4"=>$reg->tipo_comprobante, + "5"=>$reg->serie_comprobante. '-' .$reg->num_comprobante, + "6"=>$reg->total_venta, + "7"=>($reg->estado=='Aceptado')?'Aceptado':'Devuelto' + ); +} +} $results=array( "sEcho"=>1,//info para datatables "iTotalRecords"=>count($data),//enviamos el total de registros al datatable diff --git a/files/articulos/1732288097.jpg b/files/articulos/1732288097.jpg new file mode 100644 index 0000000000000000000000000000000000000000..4704ec186a0463c95788d71032aded3e00b5f792 GIT binary patch literal 3050 zcmZuz2|Scr8-K@on+PG2P$9c4gRvF9lr&_98Dr~~MvV#4*vHbMx|WnBnUQS_4Kj_A zYfIE{BkNc~Q`sZ3@7wpPd%xTLe)l=Q-+P|tJm);;|9{STpWoSfzx5dqK4ocT2|yqK z00A4Y)d$=JcJT2F{w+d+LfgjoPF!Tq9!U{#amoEka*|S7`^7~MY9CNgR@czb*eeS& z&{5adg=?xppit;8!CexZ+>h+X52D9JexCz=KxOL{ zAo2^)5A<_G4gy>v5N;93)*E2oHcW2FHrBrc!o$nQ&BYHo;lcnHgqw>8vV)(S_s0wf z7dMXxui5ScT6X97M8ytj`(9(#=$IqV``vFlWHF7(Dz5F%2A4{KA-4nn6%_2Zm-6v~ zzJns5i;D|%a&iCZhj58-@8&sRrX_9%2Holf1h%~*+#qVn8AIg_EBoyE#`VEyO`|jjacf{L98%D$24d}<|$LA2nxpzk;Or@U%bz>55n;I2T z+46tz>-^^T3qX|zv|a8&%m4}bKLF$fKuHdg0Gdz$;1Q4{)9O>H$lRHj`f7JLuFDyX z;J_Iw3v^s-&UA|MTkkdLm|&BlaX8||Y@b)P=$kp26R_dt-g%O=!A!qA^bYD;^P27b zs##}8qDo!Vi47HoNXv)Eo3W#8QQoY!@sxEr)8lp16jFJnzQH zViq(AL%vtt`vh`)qQAlkb5KUt#Rk)HpLB#D;hCwBsz*_Jb|}T=x?B(U;beS^K6MNj2B-SDcY#P$nu7?r{y{irCX0U!TqH!`kOg=35IFsIh%=JOh?==H&nMWwVtG?yAWfW6LiCt-AI1#9CL-#Jm~Zh(nNJLq->ylDzry+VZYpg(2={2^(Y;^T9Fx=} z{L~W#OSkZNHNBzo$D<7OfhA{u%i88~n0xZuLf;c`-w1~RtMEPA0N=fz^Y$ZaM*x8T zQOFUx#17UeZO5bwi3sTz)S-1RG0$F)H2m9UlM7#(7E%Hc^GTum@lsk3cCUHj+__J5 zBsUp9&q7N&;75(MzopNFq4fCS5f_b4h5uLYZ&13U+ZDj7RPOr>~`%JuKMOw$7Mck7G(9&du58D^M_xN`gA#cQ5I#vKBAW zbIW2UJ@PFc>A%fm%U-KaT;69LGD8skKIS|*b#^KW8EF|eFKk8KagXOr_2x<6_UCwC|kiWFy)WQI0Y1@)7joZQ}1|7gcc6%|>d~bMBdH6~_P& z`?h?)aR7MZeu#0AS3i1}sEb{S!-AV)Lh_r!!%_|gG;?nkm|pz!>M+T!RYo7(TEM@f zkhM9sLmB#8R^G4T9}f4dXf+31MAkq3KNeZ$rx z{aw40OGk13ldq*J+AZXQ;!R__HZYy{7$Ai_wshKA;-bgp%?Ft0ZfNu{yw52AfrEI} z>!!ntuz>oNPOooP>Y!Y5JGoIg zOiz!MatQ!yCGUY_03iGm3jok!6!yDO@?c3Tx#e}P>>e^*dQRR`x+Cz;ePs&;Y$i38EO0#6}@(RIbn+9 zGo=L*AOf}RQ~kaO8)I4&OL{bF3*f`k10sRU?ce*Ce?SKSZc*gZysL;>LY=l-hXO~+ zRp$%{s`cAyghwgIx37QJ5Vg~uP3NGlkVndD3B5Nf7;~u)`wCrQg`N)w1*Am^6WIO zq;v-DeKvu`ejX);A&L1$*41d=+M9jDN-xuv+>Y`QkEh_SDTuLc$)VcUsSm2C7@LC8 z$E#h%L1{&;r(90jg~S+y?n-WjG|l-G8HaVq=_{cu zx}Bv&T-$Ub(U>t?fO>d&`@=5GJ%)^uXwC$nZ`F+rRW(FU&k-}Tq)VeJ zLQBgM%p<{v>q$UB0N@7Skgr|=M~?iPfnU#RI~2$>(4op+Q+c=rjJOU2uV^8suG<&U o8%zlzaaOR@prE3(rV&1Y1xoK!D<7Yr9P-!9pNamP9 diff --git a/vistas/venta.php b/vistas/venta.php index 4a9490a..25f56cf 100644 --- a/vistas/venta.php +++ b/vistas/venta.php @@ -2,11 +2,41 @@ //activamos almacenamiento en el buffer ob_start(); session_start(); + +// Obtener la IP del dispositivo que ingreso +function getIp(): string +{ + if (isset($_SERVER['HTTP_CF_CONNECTING_IP'])) { + $ip = $_SERVER['HTTP_CF_CONNECTING_IP']; + } elseif (isset($_SERVER['REMOTE_ADDR']) === true) { + $ip = $_SERVER['REMOTE_ADDR']; + if (preg_match('/^(?:127|10)\.0\.0\.[12]?\d{1,2}$/', $ip)) { + if (isset($_SERVER['HTTP_X_REAL_IP'])) { + $ip = $_SERVER['HTTP_X_REAL_IP']; + } elseif (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) { + $ip = $_SERVER['HTTP_X_FORWARDED_FOR']; + } + } + } else { + $ip = '127.0.0.1'; + } + if (in_array($ip, ['::1', '0.0.0.0', 'localhost'], true)) { + $ip = '127.0.0.1'; + } + $filter = filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4); + if ($filter === false) { + $ip = '127.0.0.1'; + } + + return $ip; +} + +$ip_autorizada ='127.0.0.1'; + if (!isset($_SESSION['nombre'])) { header("Location: login.html"); }else{ - require 'header.php'; if ($_SESSION['ventas']==1) { @@ -21,10 +51,17 @@ if ($_SESSION['ventas']==1) {
-

Vales

-
- -
+

Vales

+ + + +
+