summaryrefslogtreecommitdiffstats
path: root/system/core/Input.php
diff options
context:
space:
mode:
authorJordan Pittman <thecrypticace+github@gmail.com>2012-07-21 00:36:43 +0200
committerJordan Pittman <thecrypticace+github@gmail.com>2012-07-21 00:36:43 +0200
commita5a71359a5b320b0dc35fabfeb3e74e97a466a10 (patch)
tree662317751810f337beb5bac1396c2a1fd97b211f /system/core/Input.php
parentfa4af2c268eb920e8eb772b793962000c10ac79c (diff)
Added support for IP Address Range Masks (e.g. 192.168.137.0/24) to the Proxy IPs config option
Diffstat (limited to 'system/core/Input.php')
-rw-r--r--system/core/Input.php21
1 files changed, 19 insertions, 2 deletions
diff --git a/system/core/Input.php b/system/core/Input.php
index 162e40c85..c0c85a5e8 100644
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -330,10 +330,27 @@ class CI_Input {
if (config_item('proxy_ips') != '' && $this->server('HTTP_X_FORWARDED_FOR') && $this->server('REMOTE_ADDR'))
{
+ $hasRanges = strpos($proxies, '/') !== false;
$proxies = preg_split('/[\s,]/', config_item('proxy_ips'), -1, PREG_SPLIT_NO_EMPTY);
$proxies = is_array($proxies) ? $proxies : array($proxies);
-
- $this->ip_address = in_array($_SERVER['REMOTE_ADDR'], $proxies) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR'];
+
+ if ($hasRanges) {
+ $longIP = ip2long($_SERVER['REMOTE_ADDR']);
+ $bit32 = 1 << 32;
+
+ foreach($proxies as $ip) {
+ list($address, $maskLength) = explode('/', $ip);
+
+ $bitmask = $bit32 - (1 << (32 - (int)$maskLength));
+
+ if (($longIP & $bitmask) == $address) {
+ $this->ip_address = $_SERVER['HTTP_X_FORWARDED_FOR'];
+ break;
+ }
+ }
+ } else {
+ $this->ip_address = in_array($_SERVER['REMOTE_ADDR'], $proxies) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR'];
+ }
}
elseif ( ! $this->server('HTTP_CLIENT_IP') && $this->server('REMOTE_ADDR'))
{