3 files changed, 66 insertions, 4 deletions

diff --git a/system/core/Common.php b/system/core/Common.php
index 06b162264..57374b07d 100644
--- a/system/core/Common.php
+++ b/system/core/Common.php
@@ -598,5 +598,44 @@ if ( ! function_exists('html_escape'))
 	}
 }
 
+// ------------------------------------------------------------------------
+
+if ( ! function_exists('_stringify_attributes'))
+{
+	/**
+	 * Stringify attributes for use in HTML tags.
+	 *
+	 * Helper function used to convert a string, array, or object
+	 * of attributes to a string.
+	 *
+	 * @param	mixed	string, array, object
+	 * @param	bool
+	 * @return	string
+	 */
+	function _stringify_attributes($attributes, $js = FALSE)
+	{
+		$atts = NULL;
+
+		if (empty($attributes))
+		{
+			return $atts;
+		}
+
+		if (is_string($attributes))
+		{
+			return ' '.$attributes;
+		}
+
+		$attributes = (array) $attributes;
+
+		foreach ($attributes as $key => $val)
+		{
+			$atts .= ($js) ? $key.'='.$val.',' : ' '.$key.'="'.$val.'"';
+		}
+
+		return rtrim($atts, ',');
+	}
+}
+
 /* End of file Common.php */
 /* Location: ./system/core/Common.php */
\ No newline at end of file
diff --git a/system/core/Input.php b/system/core/Input.php
index 162e40c85..968a42a9a 100644
--- a/system/core/Input.php
+++ b/system/core/Input.php
@@ -330,10 +330,33 @@ class CI_Input {
 
 		if (config_item('proxy_ips') != '' && $this->server('HTTP_X_FORWARDED_FOR') && $this->server('REMOTE_ADDR'))
 		{
+			$has_ranges = strpos($proxies, '/') !== false;
 			$proxies = preg_split('/[\s,]/', config_item('proxy_ips'), -1, PREG_SPLIT_NO_EMPTY);
 			$proxies = is_array($proxies) ? $proxies : array($proxies);
+		
+			if ($has_ranges)
+			{
+				$long_ip = ip2long($_SERVER['REMOTE_ADDR']);
+				$bit_32 = 1 << 32;
+
+				// Go through each of the IP Addresses to check for and
+				// test against range notation
+				foreach($proxies as $ip)
+				{
+					list($address, $mask_length) = explode('/', $ip);
+
+					// Generate the bitmask for a 32 bit IP Address
+					$bitmask = $bit_32 - (1 << (32 - (int)$mask_length));
+					if (($long_ip & $bitmask) == $address)
+					{
+						$this->ip_address = $_SERVER['HTTP_X_FORWARDED_FOR'];
+						break;
+					}
+				}
 
-			$this->ip_address = in_array($_SERVER['REMOTE_ADDR'], $proxies) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR'];
+			} else {
+				$this->ip_address = in_array($_SERVER['REMOTE_ADDR'], $proxies) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR'];
+			}
 		}
 		elseif ( ! $this->server('HTTP_CLIENT_IP') && $this->server('REMOTE_ADDR'))
 		{
diff --git a/system/core/Output.php b/system/core/Output.php
index 5ec8c4bc0..9842f834d 100644
--- a/system/core/Output.php
+++ b/system/core/Output.php
@@ -552,13 +552,13 @@ class CI_Output {
 		fclose($fp);
 
 		// Strip out the embedded timestamp
-		if ( ! preg_match('/(\d+TS--->)/', $cache, $match))
+		if ( ! preg_match('/\d+TS--->/', $cache, $match))
 		{
 			return FALSE;
 		}
 
 		$last_modified = filemtime($cache_path);
-		$expire = trim(str_replace('TS--->', '', $match[1]));
+		$expire = str_replace('TS--->', '', $match[0]);
 
 		// Has the file expired?
 		if ($_SERVER['REQUEST_TIME'] >= $expire && is_really_writable($cache_path))
@@ -575,7 +575,7 @@ class CI_Output {
 		}
 
 		// Display the cache
-		$this->_display(str_replace($match[0], '', $cache));
+		$this->_display(substr($cache, strlen($match[0])));
 		log_message('debug', 'Cache file is current. Sending it to browser.');
 		return TRUE;
 	}