|
127 | 127 | // OR => Connection must be on the whitelist, or not on the blacklist |
128 | 128 | $ip_ruleset = 'OFF'; |
129 | 129 |
|
| 130 | +// List of HTTP headers that may contain the real IP address of the user |
| 131 | +$ip_http_headers = array( |
| 132 | + 'HTTP_CF_CONNECTING_IP', |
| 133 | + 'HTTP_X_FORWARDED_FOR', |
| 134 | + 'REMOTE_ADDR', |
| 135 | + 'HTTP_CLIENT_IP', |
| 136 | +); |
| 137 | + |
130 | 138 | // Should users be notified of their block? |
131 | 139 | $ip_silent = true; |
132 | 140 |
|
|
149 | 157 | @include($config_file); |
150 | 158 | } |
151 | 159 |
|
| 160 | +defined('FM_IP_HTTP_HEADERS') || define('FM_IP_HTTP_HEADERS', (version_compare(PHP_VERSION, '7.0.0', '<') ? serialize($ip_http_headers) : $ip_http_headers)); |
| 161 | + |
152 | 162 | // External CDN resources that can be used in the HTML (replace for GDPR compliance) |
153 | 163 | $external = array( |
154 | 164 | 'css-bootstrap' => '<link href="https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-QWTKZyjpPEjISv5WaRU9OFeRpok6YctnYmDr5pNlyT2bRjXh0JMhjY6hW+ALEwIH" crossorigin="anonymous">', |
@@ -283,14 +293,16 @@ function session_error_handling_function($code, $msg, $file, $line) |
283 | 293 | if ($ip_ruleset != 'OFF') { |
284 | 294 | function getClientIP() |
285 | 295 | { |
286 | | - if (array_key_exists('HTTP_CF_CONNECTING_IP', $_SERVER)) { |
287 | | - return $_SERVER["HTTP_CF_CONNECTING_IP"]; |
288 | | - } else if (array_key_exists('HTTP_X_FORWARDED_FOR', $_SERVER)) { |
289 | | - return $_SERVER["HTTP_X_FORWARDED_FOR"]; |
290 | | - } else if (array_key_exists('REMOTE_ADDR', $_SERVER)) { |
291 | | - return $_SERVER['REMOTE_ADDR']; |
292 | | - } else if (array_key_exists('HTTP_CLIENT_IP', $_SERVER)) { |
293 | | - return $_SERVER['HTTP_CLIENT_IP']; |
| 296 | + $ip_http_headers = FM_IP_HTTP_HEADERS; |
| 297 | + if (is_string($ip_http_headers)) { |
| 298 | + $ip_http_headers = @unserialize($ip_http_headers); |
| 299 | + } |
| 300 | + if (is_array($ip_http_headers)) { |
| 301 | + foreach ($ip_http_headers as $header) { |
| 302 | + if (array_key_exists($header, $_SERVER)) { |
| 303 | + return $_SERVER[$header]; |
| 304 | + } |
| 305 | + } |
294 | 306 | } |
295 | 307 | return ''; |
296 | 308 | } |
|
0 commit comments