tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-07-02 17:39:30 +02:00
Code Issues Projects Releases Wiki Activity

Add checks to see if REMOTE_ADDR is set before making use of it.

Browse Source 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@60578 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
Sam Minnee 2008-08-13 01:43:49 +00:00
parent 48b60fa710
commit 128e5e4a05
2 changed files with 11 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
core/Session.php
View File

@ -207,14 +207,16 @@ class Session {
public static function load_config() { public static function load_config() {
foreach(self::$session_ips as $sessionIP => $timeout) { foreach(self::$session_ips as $sessionIP => $timeout) {
if(preg_match('/^([0-9.]+)\s?-\s?([0-9.]+)$/', $sessionIP, $ips)) { if(preg_match('/^([0-9.]+)\s?-\s?([0-9.]+)$/', $sessionIP, $ips)) {
$startIP = ip2long($ips[1]); if(isset($_SERVER['REMOTE_ADDR'])) {
$endIP = ip2long($ips[2]); $startIP = ip2long($ips[1]);
$clientIP = ip2long($_SERVER['REMOTE_ADDR']); $endIP = ip2long($ips[2]);
$minIP = min($startIP, $endIP); $clientIP = ip2long($_SERVER['REMOTE_ADDR']);
$maxIP = max($startIP, $endIP); $minIP = min($startIP, $endIP);
$maxIP = max($startIP, $endIP);
if($minIP <= $clientIP && $clientIP <= $maxIP) {
return self::set_timeout($timeout); if($minIP <= $clientIP && $clientIP <= $maxIP) {
return self::set_timeout($timeout);
}
} }
} }
// TODO - Net masks or something // TODO - Net masks or something

2
core/control/HTTPRequest.php
View File

@ -349,7 +349,7 @@ class HTTPRequest extends Object implements ArrayAccess {
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) { } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
//to check ip is pass from proxy //to check ip is pass from proxy
return $_SERVER['HTTP_X_FORWARDED_FOR']; return $_SERVER['HTTP_X_FORWARDED_FOR'];
} else { } elseif(isset($_SERVER['REMOTE_ADDR'])) {
return $_SERVER['REMOTE_ADDR']; return $_SERVER['REMOTE_ADDR'];
} }
} }