r19889 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r19888‎ \| r19889 \| r19890 >
Date:	01:02, 12 February 2007
Author:	aaron
Status:	old
Tags:
Comment:	* Added useragent and an xff function and header
Modified paths:	/trunk/phase3/includes/ProxyTools.php (modified) (history)

Diff [purge]

Index: trunk/phase3/includes/ProxyTools.php
—	—	@@ -8,18 +8,64 @@
9	9	// More reliable than $_SERVER due to case and -/_ folding
10	10	$set = apache_request_headers();
11	11	$index = 'X-Forwarded-For';
	12	+ $index2 = 'Client-ip';
12	13	} else {
13	14	// Subject to spoofing with headers like X_Forwarded_For
14	15	$set = $_SERVER;
15	16	$index = 'HTTP_X_FORWARDED_FOR';
	17	+ $index2 = 'CLIENT-IP';
16	18	}
	19	+ #Try a couple of headers
17	20	if( isset( $set[$index] ) ) {
18	21	return $set[$index];
	22	+ } else if( isset( $set[$index2] ) ) {
	23	+ return $set[$index2];
19	24	} else {
20	25	return null;
21	26	}
22	27	}
23	28
	29	+function wfGetLastIPfromXFF( $xff )
	30	+{
	31	+ if ( $xff ) {
	32	+ // Avoid annoyingly long xff hacks
	33	+ $xff = substr( $xff, 0, 255 );
	34	+ // Look for the last IP, assuming they are separated by commas
	35	+ $n = strrpos( $xff, ',' );
	36	+ if ( strrpos !== false ) {
	37	+ $last = substr( $xff, $n + 1 );
	38	+ // Make sure it is an IP
	39	+ $m = preg_match('#\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}#', $last, $last_ip);
	40	+ if ( $m > 0 )
	41	+ $xff_ip = $last_ip;
	42	+ else
	43	+ $xff_ip = null;
	44	+ } else {
	45	+ $xff_ip = null;
	46	+ }
	47	+ } else {
	48	+ $xff_ip = null;
	49	+ }
	50	+ return $xff_ip;
	51	+}
	52	+
	53	+function wfGetAgent() {
	54	+ if( function_exists( 'apache_request_headers' ) ) {
	55	+ // More reliable than $_SERVER due to case and -/_ folding
	56	+ $set = apache_request_headers();
	57	+ $index = 'User-Agent';
	58	+ } else {
	59	+ // Subject to spoofing with headers like X_Forwarded_For
	60	+ $set = $_SERVER;
	61	+ $index = 'HTTP_USER_AGENT';
	62	+ }
	63	+ if( isset( $set[$index] ) ) {
	64	+ return $set[$index];
	65	+ } else {
	66	+ return null;
	67	+ }
	68	+}
	69	+
24	70	/** Work out the IP address based on various globals */
25	71	function wfGetIP() {
26	72	global $wgIP;

Follow-up revisions

Revision	Commit summary	Author	Date
r21542	*Remove wfGetLastIPfromXFF() from r19889	aaron	19:00, 24 April 2007
r94489	* Revert r94487 and r19889 to an extent -- ONLY check for the X-Forwarded-For...	skizzerz	05:25, 15 August 2011