Below is what I would recommend built off of what lat9 initially identified.
in /includes/functions/functions_general.php and, unfortunately, also in the /admin/includes/functions/general.php, changing
Code:
function zen_get_ip_address() {
$ip = '';
/**
* resolve any proxies
*/
if (isset($_SERVER)) {
if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} elseif (isset($_SERVER['HTTP_CLIENT_IP'])) {
$ip = $_SERVER['HTTP_CLIENT_IP'];
} elseif (isset($_SERVER['HTTP_X_FORWARDED'])) {
$ip = $_SERVER['HTTP_X_FORWARDED'];
} elseif (isset($_SERVER['HTTP_X_CLUSTER_CLIENT_IP'])) {
$ip = $_SERVER['HTTP_X_CLUSTER_CLIENT_IP'];
} elseif (isset($_SERVER['HTTP_FORWARDED_FOR'])) {
$ip = $_SERVER['HTTP_FORWARDED_FOR'];
} elseif (isset($_SERVER['HTTP_FORWARDED'])) {
$ip = $_SERVER['HTTP_FORWARDED'];
} else {
$ip = $_SERVER['REMOTE_ADDR'];
}
}
if (trim($ip) == '') {
if (getenv('HTTP_X_FORWARDED_FOR')) {
$ip = getenv('HTTP_X_FORWARDED_FOR');
} elseif (getenv('HTTP_CLIENT_IP')) {
$ip = getenv('HTTP_CLIENT_IP');
} else {
$ip = getenv('REMOTE_ADDR');
}
}
/**
* sanitize for validity as an IPv4 or IPv6 address
*/
$ip = preg_replace('~[^a-fA-F0-9.:%/,]~', '', $ip);
/**
* if it's still blank, set to a single dot
*/
if (trim($ip) == '') $ip = '.';
return $ip;
}
to use the built-in PHP function to perform that address validation:
Code:
function zen_get_ip_address() {
$ip = '';
/**
* resolve any proxies
*/
if (isset($_SERVER)) {
if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} elseif (isset($_SERVER['HTTP_CLIENT_IP'])) {
$ip = $_SERVER['HTTP_CLIENT_IP'];
} elseif (isset($_SERVER['HTTP_X_FORWARDED'])) {
$ip = $_SERVER['HTTP_X_FORWARDED'];
} elseif (isset($_SERVER['HTTP_X_CLUSTER_CLIENT_IP'])) {
$ip = $_SERVER['HTTP_X_CLUSTER_CLIENT_IP'];
} elseif (isset($_SERVER['HTTP_FORWARDED_FOR'])) {
$ip = $_SERVER['HTTP_FORWARDED_FOR'];
} elseif (isset($_SERVER['HTTP_FORWARDED'])) {
$ip = $_SERVER['HTTP_FORWARDED'];
} else {
$ip = $_SERVER['REMOTE_ADDR'];
}
}
if (trim($ip) == '') {
if (getenv('HTTP_X_FORWARDED_FOR')) {
$ip = getenv('HTTP_X_FORWARDED_FOR');
} elseif (getenv('HTTP_CLIENT_IP')) {
$ip = getenv('HTTP_CLIENT_IP');
} else {
$ip = getenv('REMOTE_ADDR');
}
}
/**
* sanitize for validity as an IPv4, IPv6, private or reserved address
*/
$options = array('options' => array('default' => ''));
$ip = filter_var((string)$ip, FILTER_VALIDATE_IP, FILTER_DEFAULT, $options);
/**
* if it's not a valid IP address or still blank, set to a single dot
*/
if (trim($ip) == '') $ip = '.';
return $ip;
}
Bookmarks