reslover ip fix for nginx proxy

From Lawrence Amer, 3 Months ago, written in PHP, viewed 73 times.
URL https://secploit.com/view/218ec6e4 Embed
Download Paste or View Raw
  1. <?php
  2. /*
  3. Plugin Name: reslover ip fix for nginx proxy
  4.  
  5. Description: Sets the comment IP to the client IP provided by the X-Forwarded-For or X-Real-IP headers before the comment is saved to the database.
  6. Version: 1.0
  7. Author: Lawrence Amer
  8. Author URI: http://lawrenceamer.me
  9. License: Apache License V2
  10. */
  11.  
  12. /*
  13. Copyright 2012-2016 George Notaras <gnot>, CodeTRAX.org
  14.  
  15. Licensed under the Apache License, Version 2.0 (the "License");
  16. you may not use this file except in compliance with the License.
  17. You may obtain a copy of the License at
  18.  
  19.     http://www.apache.org/licenses/LICENSE-2.0
  20.  
  21. Unless required by applicable law or agreed to in writing, software
  22. distributed under the License is distributed on an "AS IS" BASIS,
  23. WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  24. See the License for the specific language governing permissions and
  25. limitations under the License.
  26. */
  27.  
  28. function rpcif__set_client_ip( $default ) {
  29.  
  30.     // Store the IP address of the REMOTE_ADDR server variable.
  31.     $client_ip = $_SERVER['REMOTE_ADDR'];
  32.  
  33.     // Determine the IP address by checking the following headers.
  34.  
  35.     $ip_addr = null;
  36.  
  37.     // Check X-Real-IP header (non standard)
  38.     if ( ! empty($_SERVER['X_REAL_IP']) ) {
  39.         $ip_addr = trim($_SERVER['X_REAL_IP']);
  40.     } elseif ( ! empty($_SERVER['HTTP_X_REAL_IP']) ) {
  41.         $ip_addr = trim($_SERVER['HTTP_X_REAL_IP']);
  42.     }
  43.     // Check X-Forwarded-For
  44.     elseif ( ! empty($_SERVER['X_FORWARDED_FOR']) ) {
  45.         $ips = explode(',', $_SERVER['X_FORWARDED_FOR']);
  46.         $ip_addr = trim($ips[0]);
  47.     } elseif ( ! empty($_SERVER['HTTP_X_FORWARDED_FOR']) ) {
  48.         $ips = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']);
  49.         $ip_addr = trim($ips[0]);
  50.     }
  51.  
  52.     // Check if we have an IP address.
  53.     if ( empty($ip_addr) ) {
  54.         return $client_ip;
  55.     }
  56.  
  57.     // Validate
  58.  
  59.     // IPv4 pattern
  60.     $ipv4_pattern = '#^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$#';
  61.     // IPv6 pattern
  62.     // From: http://stackoverflow.com/questions/53497/regular-expression-that-matches-valid-ipv6-addresses
  63.     $ipv6_pattern = '#^(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(ffff(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9]))$#';
  64.  
  65.     if ( ! preg_match($ipv4_pattern, $ip_addr, $matches) ) {
  66.         if ( ! preg_match($ipv6_pattern, $ip_addr, $matches) ) {
  67.             return $client_ip;
  68.         }
  69.     }
  70.  
  71.     return $ip_addr;
  72. }
  73. add_filter ('pre_comment_user_ip', 'rpcif__set_client_ip');
  74.  

Reply to "reslover ip fix for nginx proxy"

Here you can reply to the paste above