summaryrefslogtreecommitdiffstats
path: root/system/libraries/Input.php
diff options
context:
space:
mode:
authorDerek Jones <derek.jones@ellislab.com>2009-02-04 22:40:20 +0100
committerDerek Jones <derek.jones@ellislab.com>2009-02-04 22:40:20 +0100
commitc59722885288a8af90392b8019b415dd84229775 (patch)
treeac50b503725063df0b386fca0bc6989f0a87283c /system/libraries/Input.php
parent149ca0820ef2fe3df34e023a109b4e72dbb4899d (diff)
added proxy_ips config item to whitelist reverse proxy servers to use the HTTP_X_FORWARDED_FOR header safely to determine the visitor's IP address
Diffstat (limited to 'system/libraries/Input.php')
-rw-r--r--system/libraries/Input.php11
1 files changed, 9 insertions, 2 deletions
diff --git a/system/libraries/Input.php b/system/libraries/Input.php
index e879e2d13..6491d1791 100644
--- a/system/libraries/Input.php
+++ b/system/libraries/Input.php
@@ -346,8 +346,15 @@ class CI_Input {
{
return $this->ip_address;
}
+
+ if ($this->config->item('proxy_ips') != '' && $this->server('HTTP_X_FORWARDED_FOR') && $this->server('REMOTE_ADDR'))
+ {
+ $proxies = preg_split('/[\s,]/', $this->config->item('proxy_ips'), -1, PREG_SPLIT_NO_EMPTY);
+ $proxies = is_array($proxies) ? $proxies : array($proxies);
- if ($this->server('REMOTE_ADDR') AND $this->server('HTTP_CLIENT_IP'))
+ $this->ip_address = in_array($_SERVER['REMOTE_ADDR'], $proxies) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR'];
+ }
+ elseif ($this->server('REMOTE_ADDR') AND $this->server('HTTP_CLIENT_IP'))
{
$this->ip_address = $_SERVER['HTTP_CLIENT_IP'];
}
@@ -373,7 +380,7 @@ class CI_Input {
if (strstr($this->ip_address, ','))
{
$x = explode(',', $this->ip_address);
- $this->ip_address = end($x);
+ $this->ip_address = trim(end($x));
}
if ( ! $this->valid_ip($this->ip_address))