holm/egroupware
1
1
Fork 0
forked from extern/egroupware
Code Issues Pull Requests Packages Projects Releases Wiki Activity

use $_SERVER[HTTP_X_FORWARDED_FOR] IP for ACL check if set, if not use $_SERVER[REMOTE_ADDR]

Browse Source
This commit is contained in:
Ralf Becker 2016-11-09 22:17:07 +01:00
parent e57c5832a6
commit 58c1596002
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
setup/inc/class.setup.inc.php
View File

@ -259,7 +259,8 @@ class setup
$auth_type = strtolower($_auth_type); $auth_type = strtolower($_auth_type);
$GLOBALS['egw_info']['setup']['HeaderLoginMSG'] = $GLOBALS['egw_info']['setup']['ConfigLoginMSG'] = ''; $GLOBALS['egw_info']['setup']['HeaderLoginMSG'] = $GLOBALS['egw_info']['setup']['ConfigLoginMSG'] = '';
if(!$this->checkip($_SERVER['REMOTE_ADDR'])) if(!$this->checkip(isset($_SERVER['HTTP_X_FORWARDED_FOR']) ?
$_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR']))
{ {
//error_log(__METHOD__."('$auth_type') invalid IP"); //error_log(__METHOD__."('$auth_type') invalid IP");
return false; return false;