Ticket #4579: 4579.ipv4-and-ipv6-only.diff

File 4579.ipv4-and-ipv6-only.diff, 1.0 KB (added by ruckus, 4 years ago)

Overly strict filtering that does not allow other protocols than IPv4 and IPv6

  • wp-includes/comment.php

     
    552552        extract($commentdata, EXTR_SKIP); 
    553553 
    554554        if ( ! isset($comment_author_IP) ) 
    555                 $comment_author_IP = preg_replace( '/[^0-9a-fA-F:., ]/', '',$_SERVER['REMOTE_ADDR'] ); 
     555                $comment_author_IP = preg_replace( '/[^0-9a-fA-F:.]/', '',$_SERVER['REMOTE_ADDR'] ); 
    556556        if ( ! isset($comment_date) ) 
    557557                $comment_date = current_time('mysql'); 
    558558        if ( ! isset($comment_date_gmt) ) 
     
    650650        $commentdata['comment_post_ID'] = (int) $commentdata['comment_post_ID']; 
    651651        $commentdata['user_ID']         = (int) $commentdata['user_ID']; 
    652652 
    653         $commentdata['comment_author_IP'] = preg_replace( '/[^0-9., ]/', '',$_SERVER['REMOTE_ADDR'] ); 
     653        $commentdata['comment_author_IP'] = preg_replace( '/[^0-9a-fA-F:.]/', '',$_SERVER['REMOTE_ADDR'] ); 
    654654        $commentdata['comment_agent']     = $_SERVER['HTTP_USER_AGENT']; 
    655655 
    656656        $commentdata['comment_date']     = current_time('mysql');