diff options
| author | Nils Adermann <naderman@naderman.de> | 2006-12-10 20:13:46 +0000 |
|---|---|---|
| committer | Nils Adermann <naderman@naderman.de> | 2006-12-10 20:13:46 +0000 |
| commit | 81832ca6452edc04085d8e098132694121700780 (patch) | |
| tree | 8abc020393cdde4c8354da5e4a96f9a42fdb9325 /phpBB | |
| parent | 9b03d2a67e5d295d8b50d6b180c22cfcfc0d6742 (diff) | |
| download | forums-81832ca6452edc04085d8e098132694121700780.tar forums-81832ca6452edc04085d8e098132694121700780.tar.gz forums-81832ca6452edc04085d8e098132694121700780.tar.bz2 forums-81832ca6452edc04085d8e098132694121700780.tar.xz forums-81832ca6452edc04085d8e098132694121700780.zip | |
I'm a little oblivious today ;-)
git-svn-id: file:///svn/phpbb/trunk@6744 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB')
| -rw-r--r-- | phpBB/includes/acp/acp_board.php | 1 | ||||
| -rw-r--r-- | phpBB/includes/session.php | 27 | ||||
| -rw-r--r-- | phpBB/language/en/acp/board.php | 2 |
3 files changed, 26 insertions, 4 deletions
diff --git a/phpBB/includes/acp/acp_board.php b/phpBB/includes/acp/acp_board.php index d67cfba2f3..9638accc26 100644 --- a/phpBB/includes/acp/acp_board.php +++ b/phpBB/includes/acp/acp_board.php @@ -306,6 +306,7 @@ class acp_board 'max_autologin_time' => array('lang' => 'AUTOLOGIN_LENGTH', 'validate' => 'int', 'type' => 'text:5:5', 'explain' => true), 'ip_check' => array('lang' => 'IP_VALID', 'validate' => 'int', 'type' => 'custom', 'method' => 'select_ip_check', 'explain' => true), 'browser_check' => array('lang' => 'BROWSER_VALID', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), + 'forwarded_for_check' => array('lang' => 'FORWARDED_FOR_VALID', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), 'check_dnsbl' => array('lang' => 'CHECK_DNSBL', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), 'email_check_mx' => array('lang' => 'EMAIL_CHECK_MX', 'validate' => 'bool', 'type' => 'radio:yes_no', 'explain' => true), 'pass_complex' => array('lang' => 'PASSWORD_TYPE', 'validate' => 'string', 'type' => 'select', 'method' => 'select_password_chars', 'explain' => true), diff --git a/phpBB/includes/session.php b/phpBB/includes/session.php index 523e259618..91bdffc794 100644 --- a/phpBB/includes/session.php +++ b/phpBB/includes/session.php @@ -22,7 +22,6 @@ class session var $host = ''; var $session_id = ''; var $ip = ''; - var $ips = array(); var $load = 0; var $time_now = 0; var $update_session_page = true; @@ -167,7 +166,7 @@ class session foreach ($ips as $ip) { // check IPv4 first, the IPv6 is hopefully only going to be used very seldomly - if (!preg_match("#^$ipv4$#", $this->forwarded_for) && !preg_match("#^$ipv6$#", $this->forwarded_for)) + if (!empty($ip) && !preg_match($ipv4, $this->forwarded_for) && !preg_match($ipv6, $this->forwarded_for)) { if (!defined('DEBUG_EXTRA')) { @@ -249,7 +248,7 @@ class session $s_browser = ($config['browser_check']) ? strtolower(substr($this->data['session_browser'], 0, 149)) : ''; $u_browser = ($config['browser_check']) ? strtolower(substr($this->browser, 0, 149)) : ''; - $s_forwarded_for = ($config['forwarded_for_check']) ? substr($this->data['forwarded_for'], 0, 254) : ''; + $s_forwarded_for = ($config['forwarded_for_check']) ? substr($this->data['session_forwarded_for'], 0, 254) : ''; $u_forwarded_for = ($config['forwarded_for_check']) ? substr($this->forwarded_for, 0, 254) : ''; if ($u_ip === $s_ip && $s_browser === $u_browser && $s_forwarded_for === $u_forwarded_for) @@ -864,8 +863,28 @@ class session $ban_triggered_by = 'user'; while ($row = $db->sql_fetchrow($result)) { + $ip_banned = false; + if (!empty($row['ban_ip'])) + { + if (!is_array($user_ips)) + { + $ip_banned = preg_match('#^' . str_replace('*', '.*?', $row['ban_ip']) . '$#i', $user_ips); + } + else + { + foreach ($user_ips as $user_ip) + { + if (preg_match('#^' . str_replace('*', '.*?', $row['ban_ip']) . '$#i', $user_ip)) + { + $ip_banned = true; + break; + } + } + } + } + if ((!empty($row['ban_userid']) && intval($row['ban_userid']) == $user_id) || - (!empty($row['ban_ip']) && preg_match('#^' . str_replace('*', '.*?', $row['ban_ip']) . '$#i', $user_ips)) || + $ip_banned || (!empty($row['ban_email']) && preg_match('#^' . str_replace('*', '.*?', $row['ban_email']) . '$#i', $user_email))) { if (!empty($row['ban_exclude'])) diff --git a/phpBB/language/en/acp/board.php b/phpBB/language/en/acp/board.php index cfce514ebf..d3d3a3d6d0 100644 --- a/phpBB/language/en/acp/board.php +++ b/phpBB/language/en/acp/board.php @@ -346,6 +346,8 @@ $lang = array_merge($lang, array( 'EMAIL_CHECK_MX_EXPLAIN' => 'If enabled, the email domain provided on registration and profile changes is checked for a valid MX record.', 'FORCE_PASS_CHANGE' => 'Force password change', 'FORCE_PASS_CHANGE_EXPLAIN' => 'Require user to change their password after a set number of days or zero to disable.', + 'FORWARDED_FOR_VALID' => 'Validated X_FORWARDED_FOR header', + 'FORWARDED_FOR_VALID_EXPLAIN' => 'Sessions will only be continued if the sent X_FORWARDED_FOR header equals the one sent with the previous request. Bans will be checked against IPs in X_FORWARDED_FOR too.', 'IP_VALID' => 'Session IP validation', 'IP_VALID_EXPLAIN' => 'Determines how much of the users IP is used to validate a session; <samp>All</samp> compares the complete address, <samp>A.B.C</samp> the first x.x.x, <samp>A.B</samp> the first x.x, <samp>None</samp> disables checking.', 'MAX_LOGIN_ATTEMPTS' => 'Maximum number of login attempts', |