Fix PHP strict standard. Thanks to Siebrand.

[lhc/web/wiklou.git] / includes / ProxyTools.php

diff --git a/includes/ProxyTools.php b/includes/ProxyTools.php
index 840c580..6585de4 100644 (file)
--- a/includes/ProxyTools.php
+++ b/includes/ProxyTools.php
@@ -3,6 +3,12 @@
  * Functions for dealing with proxies
  */
 
+/**
+ * Extracts the XFF string from the request header
+ * Checks first for "X-Forwarded-For", then "Client-ip"
+ * Note: headers are spoofable
+ * @return string
+ */
 function wfGetForwardedFor() {
        if( function_exists( 'apache_request_headers' ) ) {
                // More reliable than $_SERVER due to case and -/_ folding
@@ -26,34 +32,10 @@ function wfGetForwardedFor() {
 }
 
 /**
- * @todo FUCKING DOCUMENT THIS FUCKING FUNCTION
+ * Returns the browser/OS data from the request header
+ * Note: headers are spoofable
+ * @return string
  */
-function wfGetLastIPfromXFF( $xff ) {
-       if ( $xff ) {
-       // Avoid annoyingly long xff hacks
-               $xff = substr( $xff, 0, 255 );
-               // Look for the last IP, assuming they are separated by commas or spaces
-               $n = ( strrpos($xff, ',') ) ? strrpos($xff, ',') : strrpos($xff, ' ');
-               if ( $n !== false ) {
-                       $last = trim( substr( $xff, $n + 1 ) );
-                       // Make sure it is an IP
-                       $m = preg_match('#^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$#', $last);
-                       $n = preg_match('#^:(:[0-9A-Fa-f]{1,4}){1,7}|[0-9A-Fa-f]{1,4}(:{1,2}[0-9A-Fa-f]{1,4}|::$){1,7}$#', $last);
-                       if ( $m > 0 )
-                               $xff_ip = $last;
-                       else if ( $n > 0 ) 
-                               $xff_ip = $last;
-                       else 
-                               $xff_ip = null;
-               } else {
-                       $xff_ip = null;
-               } 
-       } else {
-               $xff_ip = null;
-       }
-       return $xff_ip;
-}
-
 function wfGetAgent() {
        if( function_exists( 'apache_request_headers' ) ) {
                // More reliable than $_SERVER due to case and -/_ folding
@@ -71,7 +53,11 @@ function wfGetAgent() {
        }
 }
 
-/** Work out the IP address based on various globals */
+/**
+ * Work out the IP address based on various globals
+ * For trusted proxies, use the XFF client IP (first of the chain)
+ * @return string
+ */
 function wfGetIP() {
        global $wgIP;
 
@@ -116,6 +102,13 @@ function wfGetIP() {
        return $ip;
 }
 
+/**
+ * Checks if an IP is a trusted proxy providor
+ * Useful to tell if X-Fowarded-For data is possibly bogus
+ * Squid cache servers for the site and AOL are whitelisted
+ * @param string $ip
+ * @return bool
+ */
 function wfIsTrustedProxy( $ip ) {
        global $wgSquidServers, $wgSquidServersNoPurge;
 
@@ -180,6 +173,7 @@ function wfProxyCheck() {
 
 /**
  * Convert a network specification in CIDR notation to an integer network and a number of bits
+ * @return array(string, int)
  */
 function wfParseCIDR( $range ) {
        return IP::parseCIDR( $range );
@@ -187,6 +181,7 @@ function wfParseCIDR( $range ) {
 
 /**
  * Check if an IP address is in the local proxy list
+ * @return bool
  */
 function wfIsLocallyBlockedProxy( $ip ) {
        global $wgProxyList;
@@ -219,6 +214,7 @@ function wfIsLocallyBlockedProxy( $ip ) {
 /**
  * TODO: move this list to the database in a global IP info table incorporating
  * trusted ISP proxies, blocked IP addresses and open proxies.
+ * @return bool
  */
 function wfIsAOLProxy( $ip ) {
        $ranges = array(
@@ -264,4 +260,4 @@ function wfIsAOLProxy( $ip ) {
 
 
 
-?>
+