Menu
▾
▴
[Phpbb-checkins] CVS: phpBB2 common.php,1.73,1.74
|
From: Paul S. O. <ps...@us...> - 2002-03-18 23:45:27
|
Update of /cvsroot/phpbb/phpBB2
In directory usw-pr-cvs1:/tmp/cvs-serv16624
Modified Files:
common.php
Log Message:
Allow global_var off for REMOTE_ADDR
Index: common.php
===================================================================
RCS file: /cvsroot/phpbb/phpBB2/common.php,v
retrieving revision 1.73
retrieving revision 1.74
diff -C2 -r1.73 -r1.74
*** common.php 18 Mar 2002 15:43:36 -0000 1.73
--- common.php 18 Mar 2002 23:45:24 -0000 1.74
***************
*** 21,24 ****
--- 21,29 ----
***************************************************************************/
+ if ( !defined('IN_PHPBB') )
+ {
+ die("Hacking attempt");
+ }
+
error_reporting (E_ERROR | E_WARNING | E_PARSE); // This will NOT report uninitialized variables
set_magic_quotes_runtime(0); // Disable magic_quotes_runtime
***************
*** 145,171 ****
if( getenv('HTTP_X_FORWARDED_FOR') != '' )
{
! $private_ips = array('192.168', '172.16', '10', '224', '240');
!
! if ( preg_match("/^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+/", getenv('HTTP_X_FORWARDED_FOR'), $ip_list) )
! {
! $private_ip = false;
! for($i = 0; $i < count($private_ips); $i++)
! {
! if ( strpos(' ' . $ip_list[0], $private_ips[$i], 1) == 1 )
! {
! $private_ip = true;
! }
! }
! $client_ip = ( !$private_ip ) ? $ip_list[0] : $REMOTE_ADDR;
! }
! else
{
! $client_ip = $REMOTE_ADDR;
}
}
else
{
! $client_ip = $REMOTE_ADDR;
}
$user_ip = encode_ip($client_ip);
--- 150,164 ----
if( getenv('HTTP_X_FORWARDED_FOR') != '' )
{
! $client_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : $REMOTE_ADDR );
! if ( preg_match("/^([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)/", getenv('HTTP_X_FORWARDED_FOR'), $ip_list) )
{
! $private_ip = array('/^127\.0\.0\.1/', '/^192\.168\..*/', '/^172\.16\..*/', '/^10..*/', '/^224..*/', '/^240..*/');
! $client_ip = preg_replace($private_ip, $client_ip, $ip_list[1]);
}
}
else
{
! $client_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : $REMOTE_ADDR );
}
$user_ip = encode_ip($client_ip);
|
