WordPress.org

Make WordPress Core

Ticket #9235: get_remote_ip.patch

File get_remote_ip.patch, 2.2 KB (added by peetaur, 7 years ago)

patch for configurable proxy IP plus replacing for comments

  • wp-config-sample.php

    Only in b: wp-config.php
    diff -ur a/wp-config-sample.php b/wp-config-sample.php
    a b  
    8888
    8989/** Sets up WordPress vars and included files. */
    9090require_once(ABSPATH . 'wp-settings.php');
     91
     92/**
     93 * A space separated list of IP addresses used for finding the ip of the remote, instead of your proxy/balancer.
     94 * Any of these addresses will be replaced with the HTTP_X_FORWARDED_FOR header value if present, which a properly
     95 * configured proxy should set. Set to blank to disable.
     96 */
     97define('PROXY_IP', '');
     98
  • wp-includes/comment.php

    diff -ur a/wp-includes/comment.php b/wp-includes/comment.php
    a b  
    17031703        $parent_status = ( 0 < $commentdata['comment_parent'] ) ? wp_get_comment_status($commentdata['comment_parent']) : '';
    17041704        $commentdata['comment_parent'] = ( 'approved' == $parent_status || 'unapproved' == $parent_status ) ? $commentdata['comment_parent'] : 0;
    17051705
    1706         $commentdata['comment_author_IP'] = preg_replace( '/[^0-9a-fA-F:., ]/', '',$_SERVER['REMOTE_ADDR'] );
     1706        $commentdata['comment_author_IP'] = preg_replace( '/[^0-9a-fA-F:., ]/', '', get_remote_ip() );
    17071707        $commentdata['comment_agent']     = isset( $_SERVER['HTTP_USER_AGENT'] ) ? substr( $_SERVER['HTTP_USER_AGENT'], 0, 254 ) : '';
    17081708
    17091709        $commentdata['comment_date']     = current_time('mysql');
  • wp-includes/functions.php

    diff -ur a/wp-includes/functions.php b/wp-includes/functions.php
    a b  
    41914191function reset_mbstring_encoding() {
    41924192        mbstring_binary_safe_encoding( true );
    41934193}
     4194
     4195
     4196/**
     4197 * Return the real client address if the REMOTE_ADDR we see here is known to be our proxy.
     4198 */
     4199function get_remote_ip() {
     4200    if ( defined('PROXY_IP')
     4201            && strpos( PROXY_IP, $_SERVER['REMOTE_ADDR'] ) !== false
     4202            && $_SERVER['HTTP_X_FORWARDED_FOR'] != null
     4203            && ! empty( $_SERVER['HTTP_X_FORWARDED_FOR'] ) ) {
     4204        return $_SERVER['HTTP_X_FORWARDED_FOR'];
     4205    }else{
     4206        return $_SERVER['REMOTE_ADDR'];
     4207    }
     4208}
     4209