<?php
/**
* Functions for dealing with proxies
+ *
* @file
*/
* @return string
*/
function wfGetIP() {
- global $wgIP;
+ global $wgUsePrivateIPs, $wgCommandLineMode;
+ static $ip = false;
# Return cached result
- if ( !empty( $wgIP ) ) {
- return $wgIP;
+ if ( !empty( $ip ) ) {
+ return $ip;
}
+ $ipchain = array();
+
/* collect the originating ips */
# Client connecting to this webserver
if ( isset( $_SERVER['REMOTE_ADDR'] ) ) {
- $ipchain = array( IP::canonicalize( $_SERVER['REMOTE_ADDR'] ) );
- } else {
- # Running on CLI?
- $ipchain = array( '127.0.0.1' );
+ $ip = IP::canonicalize( $_SERVER['REMOTE_ADDR'] );
+ } elseif( $wgCommandLineMode ) {
+ $ip = '127.0.0.1';
+ }
+ if( $ip ) {
+ $ipchain[] = $ip;
}
- $ip = $ipchain[0];
# Append XFF on to $ipchain
$forwardedFor = wfGetForwardedFor();
foreach ( $ipchain as $i => $curIP ) {
$curIP = IP::canonicalize( $curIP );
if ( wfIsTrustedProxy( $curIP ) ) {
- if ( isset( $ipchain[$i + 1] ) && IP::isPublic( $ipchain[$i + 1] ) ) {
- $ip = $ipchain[$i + 1];
+ if ( isset( $ipchain[$i + 1] ) ) {
+ if( $wgUsePrivateIPs || IP::isPublic( $ipchain[$i + 1 ] ) ) {
+ $ip = $ipchain[$i + 1];
+ }
}
} else {
break;
}
}
+ # Allow extensions to improve our guess
+ wfRunHooks( 'GetIP', array( &$ip ) );
+
+ if( !$ip ) {
+ throw new MWException( "Unable to determine IP" );
+ }
+
wfDebug( "IP: $ip\n" );
- $wgIP = $ip;
return $ip;
}
* Checks if an IP is a trusted proxy providor
* Useful to tell if X-Fowarded-For data is possibly bogus
* Squid cache servers for the site and AOL are whitelisted
- * @param string $ip
+ * @param $ip String
* @return bool
*/
function wfIsTrustedProxy( $ip ) {
escapeshellarg( $port ),
escapeshellarg( $url )
));
- exec( "php $params &>/dev/null &" );
+ exec( "php $params >" . wfGetNull() . " 2>&1 &" );
}
# Set MemCached key
$wgMemc->set( $mcKey, 1, $wgProxyMemcExpiry );
/**
* Convert a network specification in CIDR notation to an integer network and a number of bits
+ *
+ * @deprecated Call IP::parseCIDR() directly, will be removed in 1.19
* @return array(string, int)
*/
function wfParseCIDR( $range ) {
+ wfDeprecated( __FUNCTION__ );
return IP::parseCIDR( $range );
}
*/
function wfIsLocallyBlockedProxy( $ip ) {
global $wgProxyList;
- $fname = 'wfIsLocallyBlockedProxy';
if ( !$wgProxyList ) {
return false;
}
- wfProfileIn( $fname );
+ wfProfileIn( __METHOD__ );
if ( !is_array( $wgProxyList ) ) {
# Load from the specified file
} else {
$ret = false;
}
- wfProfileOut( $fname );
+ wfProfileOut( __METHOD__ );
return $ret;
}
dépôts / lhc / web / wiklou.git / blobdiff