Wiki source for XForwardedFor
=====Adding support for the x-forward-for header to wikka=====
I have code ready that works.
however a few of the variables in the file need to come from the wikka config not sure how to do that...
In GetUserName instead of $ip = $_SERVER['REMOTE_ADDR']; i would use $ip = $this->GetUserIP();
note: the code / function below, is rough and should propearly be finetuned and note much of this code come direct from mediawiki. but its just to get the idea
added: to wakka.class.php
%%(php)
function GetUserIP()
{
static $ip;
if(isset($ip)) return $ip;
$aprovedip = array('212.97.132.138'); // need to be pulled from the config
$useXFF = true; // need to be pulled from the config
if (!$useXFF) {
$ip = $_SERVER['REMOTE_ADDR'];
return $ip;
}
/* collect the originating ips */
# Client connecting to this webserver
if ( isset( $_SERVER['REMOTE_ADDR'] ) ) {
$ipchain = array( $_SERVER['REMOTE_ADDR'] );
} else {
# Running on CLI?
$ipchain = array( '127.0.0.1' );
}
$ip = $ipchain[0];
# Append XFF on to $ipchain
if( function_exists( 'apache_request_headers' ) ) {
// More reliable than $_SERVER due to case and -/_ folding
$set = array ();
foreach ( apache_request_headers() as $tempName => $tempValue ) {
$set[ strtoupper( $tempName ) ] = $tempValue;
}
$index = strtoupper ( 'X-Forwarded-For' );
$index2 = strtoupper ( 'Client-ip' );
} else {
// Subject to spoofing with headers like X_Forwarded_For
$set = $_SERVER;
$index = 'HTTP_X_FORWARDED_FOR';
$index2 = 'CLIENT-IP';
}
#Try a couple of headers
if( isset( $set[$index] ) ) {
$forwardedFor = $set[$index];
} else if( isset( $set[$index2] ) ) {
$forwardedFor = $set[$index2];
} else {
$forwardedFor = null;
}
if ( isset( $forwardedFor ) ) {
$xff = array_map( 'trim', explode( ',', $forwardedFor ) );
$xff = array_reverse( $xff );
$ipchain = array_merge( $ipchain, $xff );
}
# Step through XFF list and find the last address in the list which is a trusted server
# Set $ip to the IP address given by that trusted server, unless the address is not sensible (e.g. private)
foreach ( $ipchain as $i => $curIP ) {
if ( in_array( $curIP, $aprovedip ) ) {
if ( isset( $ipchain[$i + 1] ) ) {
if( $useXFF ) {
$ip = $ipchain[$i + 1];
}
}
} else {
break;
}
}
return $ip;
}
%%
----
CategoryUserContributions
I have code ready that works.
however a few of the variables in the file need to come from the wikka config not sure how to do that...
In GetUserName instead of $ip = $_SERVER['REMOTE_ADDR']; i would use $ip = $this->GetUserIP();
note: the code / function below, is rough and should propearly be finetuned and note much of this code come direct from mediawiki. but its just to get the idea
added: to wakka.class.php
%%(php)
function GetUserIP()
{
static $ip;
if(isset($ip)) return $ip;
$aprovedip = array('212.97.132.138'); // need to be pulled from the config
$useXFF = true; // need to be pulled from the config
if (!$useXFF) {
$ip = $_SERVER['REMOTE_ADDR'];
return $ip;
}
/* collect the originating ips */
# Client connecting to this webserver
if ( isset( $_SERVER['REMOTE_ADDR'] ) ) {
$ipchain = array( $_SERVER['REMOTE_ADDR'] );
} else {
# Running on CLI?
$ipchain = array( '127.0.0.1' );
}
$ip = $ipchain[0];
# Append XFF on to $ipchain
if( function_exists( 'apache_request_headers' ) ) {
// More reliable than $_SERVER due to case and -/_ folding
$set = array ();
foreach ( apache_request_headers() as $tempName => $tempValue ) {
$set[ strtoupper( $tempName ) ] = $tempValue;
}
$index = strtoupper ( 'X-Forwarded-For' );
$index2 = strtoupper ( 'Client-ip' );
} else {
// Subject to spoofing with headers like X_Forwarded_For
$set = $_SERVER;
$index = 'HTTP_X_FORWARDED_FOR';
$index2 = 'CLIENT-IP';
}
#Try a couple of headers
if( isset( $set[$index] ) ) {
$forwardedFor = $set[$index];
} else if( isset( $set[$index2] ) ) {
$forwardedFor = $set[$index2];
} else {
$forwardedFor = null;
}
if ( isset( $forwardedFor ) ) {
$xff = array_map( 'trim', explode( ',', $forwardedFor ) );
$xff = array_reverse( $xff );
$ipchain = array_merge( $ipchain, $xff );
}
# Step through XFF list and find the last address in the list which is a trusted server
# Set $ip to the IP address given by that trusted server, unless the address is not sensible (e.g. private)
foreach ( $ipchain as $i => $curIP ) {
if ( in_array( $curIP, $aprovedip ) ) {
if ( isset( $ipchain[$i + 1] ) ) {
if( $useXFF ) {
$ip = $ipchain[$i + 1];
}
}
} else {
break;
}
}
return $ip;
}
%%
----
CategoryUserContributions
