- Timestamp:
- 05/18/2017 05:33:14 PM (7 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-admin/includes/class-wp-community-events.php
r40777 r40781 157 157 $args = array( 158 158 'number' => 5, // Get more than three in case some get trimmed out. 159 'ip' => $this-> maybe_anonymize_ip_address( $this->get_unsafe_client_ip()),159 'ip' => $this->get_client_ip(), 160 160 ); 161 161 … … 183 183 184 184 /** 185 * Determines the user's actual IP address, if possible. 185 * Determines the user's actual IP address and attempts to partially 186 * anonymize an IP address by converting it to a network ID. 187 * 188 * Geolocating the network ID usually returns a similar location as the 189 * actual IP, but provides some privacy for the user. 186 190 * 187 191 * $_SERVER['REMOTE_ADDR'] cannot be used in all cases, such as when the user … … 191 195 * 192 196 * Modified from http://stackoverflow.com/a/2031935/450127, MIT license. 197 * Modified from https://github.com/geertw/php-ip-anonymizer, MIT license. 193 198 * 194 199 * SECURITY WARNING: This function is _NOT_ intended to be used in … … 200 205 * @since 4.8.0 201 206 * 202 * @return false|string false on failure, the string address on success. 203 */ 204 protected function get_unsafe_client_ip() { 207 * @return false|string The anonymized address on success; the given address 208 * or false on failure. 209 */ 210 protected function get_client_ip() { 205 211 $client_ip = false; 206 212 … … 230 236 } 231 237 238 // These functions are not available on Windows until PHP 5.3. 239 if ( function_exists( 'inet_pton' ) && function_exists( 'inet_ntop' ) ) { 240 if ( 4 === strlen( inet_pton( $client_ip ) ) ) { 241 $netmask = '255.255.255.0'; // ipv4. 242 } else { 243 $netmask = 'ffff:ffff:ffff:ffff:0000:0000:0000:0000'; // ipv6. 244 } 245 246 $client_ip = inet_ntop( inet_pton( $client_ip ) & inet_pton( $netmask ) ); 247 } 248 232 249 return $client_ip; 233 }234 235 /**236 * Attempts to partially anonymize an IP address by converting it to a network ID.237 *238 * Geolocating the network ID usually returns a similar location as the239 * actual IP, but provides some privacy for the user.240 *241 * Modified from https://github.com/geertw/php-ip-anonymizer, MIT license.242 *243 * @access protected244 * @since 4.8.0245 *246 * @param string $address The IP address that should be anonymized.247 * @return bool|string The anonymized address on success; the given address248 * or false on failure.249 */250 protected function maybe_anonymize_ip_address( $address ) {251 // These functions are not available on Windows until PHP 5.3.252 if ( ! function_exists( 'inet_pton' ) || ! function_exists( 'inet_ntop' ) ) {253 return $address;254 }255 256 if ( 4 === strlen( inet_pton( $address ) ) ) {257 $netmask = '255.255.255.0'; // ipv4.258 } else {259 $netmask = 'ffff:ffff:ffff:ffff:0000:0000:0000:0000'; // ipv6.260 }261 262 return inet_ntop( inet_pton( $address ) & inet_pton( $netmask ) );263 250 } 264 251
Note: See TracChangeset
for help on using the changeset viewer.