Clarifying unorthodox MIME type

[lhc/web/wiklou.git] / includes / ProxyTools.php

diff --git a/includes/ProxyTools.php b/includes/ProxyTools.php
index 683b6d6..6585de4 100644 (file)
--- a/includes/ProxyTools.php
+++ b/includes/ProxyTools.php
@@ -3,24 +3,61 @@
  * Functions for dealing with proxies
  */
 
+/**
+ * Extracts the XFF string from the request header
+ * Checks first for "X-Forwarded-For", then "Client-ip"
+ * Note: headers are spoofable
+ * @return string
+ */
 function wfGetForwardedFor() {
        if( function_exists( 'apache_request_headers' ) ) {
                // More reliable than $_SERVER due to case and -/_ folding
                $set = apache_request_headers();
                $index = 'X-Forwarded-For';
+               $index2 = 'Client-ip';
        } else {
                // Subject to spoofing with headers like X_Forwarded_For
                $set = $_SERVER;
                $index = 'HTTP_X_FORWARDED_FOR';
+               $index2 = 'CLIENT-IP';
        }
+       #Try a couple of headers
        if( isset( $set[$index] ) ) {
                return $set[$index];
+       } else if( isset( $set[$index2] ) ) {
+               return $set[$index2];
        } else {
                return null;
        }
 }
 
-/** Work out the IP address based on various globals */
+/**
+ * Returns the browser/OS data from the request header
+ * Note: headers are spoofable
+ * @return string
+ */
+function wfGetAgent() {
+       if( function_exists( 'apache_request_headers' ) ) {
+               // More reliable than $_SERVER due to case and -/_ folding
+               $set = apache_request_headers();
+               $index = 'User-Agent';
+       } else {
+               // Subject to spoofing with headers like X_Forwarded_For
+               $set = $_SERVER;
+               $index = 'HTTP_USER_AGENT';
+       }
+       if( isset( $set[$index] ) ) {
+               return $set[$index];
+       } else {
+               return '';
+       }
+}
+
+/**
+ * Work out the IP address based on various globals
+ * For trusted proxies, use the XFF client IP (first of the chain)
+ * @return string
+ */
 function wfGetIP() {
        global $wgIP;
 
@@ -65,6 +102,13 @@ function wfGetIP() {
        return $ip;
 }
 
+/**
+ * Checks if an IP is a trusted proxy providor
+ * Useful to tell if X-Fowarded-For data is possibly bogus
+ * Squid cache servers for the site and AOL are whitelisted
+ * @param string $ip
+ * @return bool
+ */
 function wfIsTrustedProxy( $ip ) {
        global $wgSquidServers, $wgSquidServersNoPurge;
 
@@ -129,6 +173,7 @@ function wfProxyCheck() {
 
 /**
  * Convert a network specification in CIDR notation to an integer network and a number of bits
+ * @return array(string, int)
  */
 function wfParseCIDR( $range ) {
        return IP::parseCIDR( $range );
@@ -136,6 +181,7 @@ function wfParseCIDR( $range ) {
 
 /**
  * Check if an IP address is in the local proxy list
+ * @return bool
  */
 function wfIsLocallyBlockedProxy( $ip ) {
        global $wgProxyList;
@@ -168,6 +214,7 @@ function wfIsLocallyBlockedProxy( $ip ) {
 /**
  * TODO: move this list to the database in a global IP info table incorporating
  * trusted ISP proxies, blocked IP addresses and open proxies.
+ * @return bool
  */
 function wfIsAOLProxy( $ip ) {
        $ranges = array(
@@ -213,4 +260,4 @@ function wfIsAOLProxy( $ip ) {
 
 
 
-?>
+