diff options
Diffstat (limited to 'phpBB/common.php')
| -rw-r--r-- | phpBB/common.php | 22 |
1 files changed, 20 insertions, 2 deletions
diff --git a/phpBB/common.php b/phpBB/common.php index 3b636f3025..2cb8ee9891 100644 --- a/phpBB/common.php +++ b/phpBB/common.php @@ -142,9 +142,27 @@ $nav_links['author'] = array ( // // Obtain and encode users IP // -if( !empty($HTTP_X_FORWARDED_FOR) ) +if( getenv('HTTP_X_FORWARDED_FOR') != '' ) { - $client_ip = ( preg_match("/^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+/", $HTTP_X_FORWARDED_FOR, $ip_list) ) ? $ip_list[0] : $REMOTE_ADDR; + $private_ips = array('192.168', '172.16', '10', '224', '240'); + + if ( preg_match("/^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+/", getenv('HTTP_X_FORWARDED_FOR'), $ip_list) ) + { + $private_ip = false; + for($i = 0; $i < count($private_ips); $i++) + { + if ( strpos(' ' . $ip_list[0], $private_ips[$i], 1) == 1 ) + { + $private_ip = true; + } + } + + $client_ip = ( !$private_ip ) ? $ip_list[0] : $REMOTE_ADDR; + } + else + { + $client_ip = $REMOTE_ADDR; + } } else { |