Cavemanon/cavepaintings
8
Fork 2
Code Issues 3 Pull Requests Projects Releases Wiki Activity

Merge pull request #869 from thoughever/reverse_proxy

Browse Source 
X-Real-IP support and Varnish PURGE config options
This commit is contained in:
Shish
2022-05-01 10:42:54 +01:00
committed by GitHub
parent 3f553501f9 f15407bc75
commit b859e1fc60
20 changed files with 71 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
ext/comment/main.php
View File

@@ -497,7 +497,7 @@ class CommentList extends Extension
SELECT *
FROM comments
WHERE owner_ip = :remote_ip AND posted > now() - $window_sql
", ["remote_ip"=>$_SERVER['REMOTE_ADDR']]);
", ["remote_ip"=>get_real_ip()]);
return (count($result) >= $max);
}
@@ -516,7 +516,7 @@ class CommentList extends Extension
*/
public static function get_hash(): string
{
return md5($_SERVER['REMOTE_ADDR'] . date("%Y%m%d"));
return md5(get_real_ip() . date("%Y%m%d"));
}
private function is_spam_akismet(string $text): bool
@@ -576,7 +576,7 @@ class CommentList extends Extension
$database->execute(
"INSERT INTO comments(image_id, owner_id, owner_ip, posted, comment) ".
"VALUES(:image_id, :user_id, :remote_addr, now(), :comment)",
["image_id"=>$image_id, "user_id"=>$user->id, "remote_addr"=>$_SERVER['REMOTE_ADDR'], "comment"=>$comment]
["image_id"=>$image_id, "user_id"=>$user->id, "remote_addr"=>get_real_ip(), "comment"=>$comment]
);
$cid = $database->get_last_insert_id('comments_id_seq');
$snippet = substr($comment, 0, 100);

4
ext/image_view_counter/main.php
View File

@@ -29,7 +29,7 @@ class ImageViewCounter extends Extension
WHERE ipaddress=:ipaddress AND timestamp >:lasthour AND image_id =:image_id
",
[
"ipaddress" => $_SERVER['REMOTE_ADDR'],
"ipaddress" => get_real_ip(),
"lasthour" => time() - $this->view_interval,
"image_id" => $imgid
]
@@ -50,7 +50,7 @@ class ImageViewCounter extends Extension
"image_id" => $imgid,
"user_id" => $user->id,
"timestamp" => time(),
"ipaddress" => $_SERVER['REMOTE_ADDR'],
"ipaddress" => get_real_ip(),
]
);
}

7
ext/ipban/main.php
View File

@@ -128,8 +128,7 @@ class IPBan extends Extension
// Check if our current IP is in either of the ban lists
$active_ban_id = (
$this->find_active_ban($ips, $_SERVER['REMOTE_ADDR'], $networks) ??
$this->find_active_ban($ips, @$_SERVER['HTTP_X_FORWARDED_FOR'], $networks)
$this->find_active_ban($ips, get_real_ip(), $networks)
);
// If an active ban is found, act on it
@@ -139,10 +138,12 @@ class IPBan extends Extension
return;
}
$row_banner_id_int = intval($row['banner_id']);
$msg = $config->get_string("ipban_message_{$row['mode']}") ?? $config->get_string("ipban_message");
$msg = str_replace('$IP', $row["ip"], $msg);
$msg = str_replace('$DATE', $row['expires'] ?? 'the end of time', $msg);
$msg = str_replace('$ADMIN', User::by_id($row['banner_id'])->name, $msg);
$msg = str_replace('$ADMIN', User::by_id($row_banner_id_int)->name, $msg);
$msg = str_replace('$REASON', $row['reason'], $msg);
$contact_link = contact_link();
if (!empty($contact_link)) {

2
ext/log_db/main.php
View File

@@ -295,7 +295,7 @@ class LogDatabase extends Extension
VALUES(now(), :section, :priority, :username, :address, :message)
", [
"section"=>$event->section, "priority"=>$event->priority, "username"=>$username,
"address"=>$_SERVER['REMOTE_ADDR'], "message"=>$event->message
"address"=>get_real_ip(), "message"=>$event->message
]);
}
}

2
ext/log_logstash/main.php
View File

@@ -21,7 +21,7 @@ class LogLogstash extends Extension
#"@request" => $_SERVER,
"@request" => [
"UID" => get_request_id(),
"REMOTE_ADDR" => $_SERVER['REMOTE_ADDR'],
"REMOTE_ADDR" => get_real_ip(),
],
];

2
ext/log_net/main.php
View File

@@ -15,7 +15,7 @@ class LogNet extends Extension
if ($this->count < 10) {
// TODO: colour based on event->priority
$username = ($user && $user->name) ? $user->name : "Anonymous";
$str = sprintf("%-15s %-10s: %s", $_SERVER['REMOTE_ADDR'], $username, $event->message);
$str = sprintf("%-15s %-10s: %s", get_real_ip(), $username, $event->message);
$this->msg($str);
} elseif ($this->count == 10) {
$this->msg('suppressing flood, check the web log');

4
ext/notes/main.php
View File

@@ -257,7 +257,7 @@ class Notes extends Extension
"
INSERT INTO notes (enable, image_id, user_id, user_ip, date, x1, y1, height, width, note)
VALUES (:enable, :image_id, :user_id, :user_ip, now(), :x1, :y1, :height, :width, :note)",
['enable'=>1, 'image_id'=>$imageID, 'user_id'=>$user_id, 'user_ip'=>$_SERVER['REMOTE_ADDR'], 'x1'=>$noteX1, 'y1'=>$noteY1, 'height'=>$noteHeight, 'width'=>$noteWidth, 'note'=>$noteText]
['enable'=>1, 'image_id'=>$imageID, 'user_id'=>$user_id, 'user_ip'=>get_real_ip(), 'x1'=>$noteX1, 'y1'=>$noteY1, 'height'=>$noteHeight, 'width'=>$noteWidth, 'note'=>$noteText]
);
$noteID = $database->get_last_insert_id('notes_id_seq');
@@ -423,7 +423,7 @@ class Notes extends Extension
INSERT INTO note_histories (note_enable, note_id, review_id, image_id, user_id, user_ip, date, x1, y1, height, width, note)
VALUES (:note_enable, :note_id, :review_id, :image_id, :user_id, :user_ip, now(), :x1, :y1, :height, :width, :note)
",
['note_enable'=>$noteEnable, 'note_id'=>$noteID, 'review_id'=>$reviewID, 'image_id'=>$imageID, 'user_id'=>$user->id, 'user_ip'=>$_SERVER['REMOTE_ADDR'],
['note_enable'=>$noteEnable, 'note_id'=>$noteID, 'review_id'=>$reviewID, 'image_id'=>$imageID, 'user_id'=>$user->id, 'user_ip'=>get_real_ip(),
'x1'=>$noteX1, 'y1'=>$noteY1, 'height'=>$noteHeight, 'width'=>$noteWidth, 'note'=>$noteText]
);
}

2
ext/pm/main.php
View File

@@ -176,7 +176,7 @@ class PrivMsg extends Extension
$from_id = $user->id;
$subject = $_POST["subject"];
$message = $_POST["message"];
send_event(new SendPMEvent(new PM($from_id, $_SERVER["REMOTE_ADDR"], $to_id, $subject, $message)));
send_event(new SendPMEvent(new PM($from_id, get_real_ip(), $to_id, $subject, $message)));
$page->flash("PM sent");
$page->set_mode(PageMode::REDIRECT);
$page->set_redirect(referer_or(make_link()));

2
ext/pm_triggers/main.php
View File

@@ -18,7 +18,7 @@ class PMTrigger extends Extension
global $user;
send_event(new SendPMEvent(new PM(
$user->id,
$_SERVER["REMOTE_ADDR"],
get_real_ip(),
$to_id,
$subject,
$body

2
ext/source_history/main.php
View File

@@ -382,7 +382,7 @@ class SourceHistory extends Extension
"
INSERT INTO source_histories(image_id, source, user_id, user_ip, date_set)
VALUES (:image_id, :source, :user_id, :user_ip, now())",
["image_id"=>$image->id, "source"=>$new_source, "user_id"=>$user->id, "user_ip"=>$_SERVER['REMOTE_ADDR']]
["image_id"=>$image->id, "source"=>$new_source, "user_id"=>$user->id, "user_ip"=>get_real_ip()]
);
$entries++;

2
ext/tag_history/main.php
View File

@@ -381,7 +381,7 @@ class TagHistory extends Extension
"
INSERT INTO tag_histories(image_id, tags, user_id, user_ip, date_set)
VALUES (:image_id, :tags, :user_id, :user_ip, now())",
["image_id"=>$image->id, "tags"=>$new_tags, "user_id"=>$user->id, "user_ip"=>$_SERVER['REMOTE_ADDR']]
["image_id"=>$image->id, "tags"=>$new_tags, "user_id"=>$user->id, "user_ip"=>get_real_ip()]
);
$entries++;

2
ext/user/main.php
View File

@@ -204,7 +204,7 @@ class UserPage extends Extension
$event->add_stats("Joined: $h_join_date", 10);
if ($user->name == $event->display_user->name) {
$event->add_stats("Current IP: {$_SERVER['REMOTE_ADDR']}", 80);
$event->add_stats("Current IP: " . get_real_ip(), 80);
}
$event->add_stats("Class: $h_class", 90);

18
ext/varnish/main.php
View File

@@ -4,6 +4,14 @@ declare(strict_types=1);
class VarnishPurger extends Extension
{
public function onInitExt(InitExtEvent $event)
{
global $config;
$config->set_default_string('varnish_host', '127.0.0.1');
$config->set_default_int('varnish_port', 80);
$config->set_default_string('varnish_protocol', 'http');
}
private function curl_purge($path)
{
// waiting for curl timeout adds ~5 minutes to unit tests
@@ -11,13 +19,21 @@ class VarnishPurger extends Extension
return;
}
$url = make_http(make_link($path));
global $config;
$host = $config->get_string('varnish_host');
$port = $config->get_int('varnish_port');
$protocol = $config->get_string('varnish_protocol');
$url = $protocol . '://'. $host . '/' . $path;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_PORT, $port);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "PURGE");
curl_setopt($ch, CURLOPT_TIMEOUT, 5);
$result = curl_exec($ch);
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
if ($httpCode != 200) {
throw new SCoreException('PURGE ' . $url . ' unsuccessful (HTTP '. $httpCode . ')');
}
curl_close($ch);
assert(!is_null($result) && !is_null($httpCode));
//return $result;

4
ext/wiki/main.php
View File

@@ -254,7 +254,7 @@ class Wiki extends Extension
"
INSERT INTO wiki_pages(owner_id, owner_ip, date, title, revision, locked, body)
VALUES (:owner_id, :owner_ip, now(), :title, :revision, :locked, :body)",
["owner_id"=>$event->user->id, "owner_ip"=>$_SERVER['REMOTE_ADDR'],
["owner_id"=>$event->user->id, "owner_ip"=>get_real_ip(),
"title"=>$wpage->title, "revision"=>$wpage->revision, "locked"=>$wpage->locked, "body"=>$wpage->body]
);
} else {
@@ -262,7 +262,7 @@ class Wiki extends Extension
"
UPDATE wiki_pages SET owner_id=:owner_id, owner_ip=:owner_ip, date=now(), locked=:locked, body=:body
WHERE title = :title ORDER BY revision DESC LIMIT 1",
["owner_id"=>$event->user->id, "owner_ip"=>$_SERVER['REMOTE_ADDR'],
["owner_id"=>$event->user->id, "owner_ip"=>get_real_ip(),
"title"=>$wpage->title, "locked"=>$wpage->locked, "body"=>$wpage->body]
);
}