/** Work out the IP address based on various globals */ function wfGetIP() { global $wgSquidServers, $wgSquidServersNoPurge; global $wgAutoLogin; /* collect the originating ips */ # Client connecting to this webserver if ($wgAutoLogin) { #if (isset($_SERVER['REMOTE_USER'])) { # $ipchain = array( $_SERVER['REMOTE_USER'] ); #} else { $host = gethostbyaddr($_SERVER['REMOTE_ADDR']); list($ip, $domain) = explode(".", $host); $ipchain = array($ip); /* $ip is userid or hostname of the logged-in user */ } elseif (isset($_SERVER['REMOTE_ADDR'])) { $ipchain = array($_SERVER['REMOTE_ADDR']); } else { # Running on CLI? $ipchain = array('127.0.0.1'); } $ip = $ipchain[0]; # Get list of trusted proxies # Flipped for quicker access $trustedProxies = array_flip(array_merge($wgSquidServers, $wgSquidServersNoPurge)); if (count($trustedProxies)) { # Append XFF on to $ipchain if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) { $xff = array_map('trim', explode(',', $_SERVER['HTTP_X_FORWARDED_FOR'])); $xff = array_reverse($xff); $ipchain = array_merge($ipchain, $xff); } # Step through XFF list and find the last address in the list which is a trusted server # Set $ip to the IP address given by that trusted server, unless the address is not sensible (e.g. private) foreach ($ipchain as $i => $curIP) { if (array_key_exists($curIP, $trustedProxies)) { if (isset($ipchain[$i + 1]) && wfIsIPPublic($ipchain[$i + 1])) { $ip = $ipchain[$i + 1]; } } else { break; } } } return $ip; }
/** Work out the IP address based on various globals */ function wfGetIP() { global $wgSquidServers, $wgSquidServersNoPurge, $wgIP; # Return cached result if (!empty($wgIP)) { return $wgIP; } /* collect the originating ips */ # Client connecting to this webserver if (isset($_SERVER['REMOTE_ADDR'])) { $ipchain = array($_SERVER['REMOTE_ADDR']); } else { # Running on CLI? $ipchain = array('127.0.0.1'); } $ip = $ipchain[0]; # Get list of trusted proxies # Flipped for quicker access $trustedProxies = array_flip(array_merge($wgSquidServers, $wgSquidServersNoPurge)); if (count($trustedProxies)) { # Append XFF on to $ipchain $forwardedFor = wfGetForwardedFor(); if (isset($forwardedFor)) { $xff = array_map('trim', explode(',', $forwardedFor)); $xff = array_reverse($xff); $ipchain = array_merge($ipchain, $xff); } # Step through XFF list and find the last address in the list which is a trusted server # Set $ip to the IP address given by that trusted server, unless the address is not sensible (e.g. private) foreach ($ipchain as $i => $curIP) { if (array_key_exists($curIP, $trustedProxies)) { if (isset($ipchain[$i + 1]) && wfIsIPPublic($ipchain[$i + 1])) { $ip = $ipchain[$i + 1]; } } else { break; } } } wfDebug("IP: {$ip}\n"); $wgIP = $ip; return $ip; }