WordPress.org

Make WordPress Core


Ignore:
Timestamp:
04/12/2018 09:19:24 PM (18 months ago)
Author:
azaozz
Message:

Privacy: add helper function for anonymizing data in a standardized way.

Props jesperher, allendav, iandunn, birgire, azaozz.
Fixes #43545.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-admin/includes/class-wp-community-events.php

    r42968 r42971  
    235235    public static function get_unsafe_client_ip() {
    236236        $client_ip = false;
    237         $ip_prefix = '';
    238237
    239238        // In order of preference, with the best ones for this purpose first.
     
    266265        }
    267266
    268         // Detect what kind of IP address this is.
    269         $is_ipv6 = substr_count( $client_ip, ':' ) > 1;
    270         $is_ipv4 = ( 3 === substr_count( $client_ip, '.' ) );
    271 
    272         if ( $is_ipv6 && $is_ipv4 ) {
    273             // IPv6 compatibility mode, temporarily strip the IPv6 part, and treat it like IPv4.
    274             $ip_prefix = '::ffff:';
    275             $client_ip = preg_replace( '/^\[?[0-9a-f:]*:/i', '', $client_ip );
    276             $client_ip = str_replace( ']', '', $client_ip );
    277             $is_ipv6   = false;
    278         }
    279 
    280         if ( $is_ipv6 ) {
    281             // IPv6 addresses will always be enclosed in [] if there's a port.
    282             $left_bracket  = strpos( $client_ip, '[' );
    283             $right_bracket = strpos( $client_ip, ']' );
    284             $percent       = strpos( $client_ip, '%' );
    285             $netmask       = 'ffff:ffff:ffff:ffff:0000:0000:0000:0000';
    286 
    287             // Strip the port (and [] from IPv6 addresses), if they exist.
    288             if ( false !== $left_bracket && false !== $right_bracket ) {
    289                 $client_ip = substr( $client_ip, $left_bracket + 1, $right_bracket - $left_bracket - 1 );
    290             } elseif ( false !== $left_bracket || false !== $right_bracket ) {
    291                 // The IP has one bracket, but not both, so it's malformed.
    292                 return false;
    293             }
    294 
    295             // Strip the reachability scope.
    296             if ( false !== $percent ) {
    297                 $client_ip = substr( $client_ip, 0, $percent );
    298             }
    299 
    300             // No invalid characters should be left.
    301             if ( preg_match( '/[^0-9a-f:]/i', $client_ip ) ) {
    302                 return false;
    303             }
    304 
    305             // Partially anonymize the IP by reducing it to the corresponding network ID.
    306             if ( function_exists( 'inet_pton' ) && function_exists( 'inet_ntop' ) ) {
    307                 $client_ip = inet_ntop( inet_pton( $client_ip ) & inet_pton( $netmask ) );
    308             }
    309         } elseif ( $is_ipv4 ) {
    310             // Strip any port and partially anonymize the IP.
    311             $last_octet_position = strrpos( $client_ip, '.' );
    312             $client_ip           = substr( $client_ip, 0, $last_octet_position ) . '.0';
    313         } else {
     267        $anon_ip = wp_privacy_anonymize_ip( $client_ip, true );
     268
     269        if ( '0.0.0.0' === $anon_ip || '::' === $anon_ip ) {
    314270            return false;
    315271        }
    316272
    317         // Restore the IPv6 prefix to compatibility mode addresses.
    318         return $ip_prefix . $client_ip;
     273        return $anon_ip;
    319274    }
    320275
Note: See TracChangeset for help on using the changeset viewer.