#5301 $_SERVER['HTTP_X_FORWARDED_FOR'] faking by modifiying the headers

goldsky · Jul 22, 2011 · 27cef65 · 27cef65
1 parent 757ab89
commit 27cef65
Show file tree

Hide file tree

Showing 4 changed files with 28 additions and 12 deletions.
diff --git a/assets/modules/easy2/.version b/assets/modules/easy2/.version
@@ -1 +1 @@
-1.4.7-pl
+1.4.8-pl
diff --git a/assets/modules/easy2/changes.english.txt b/assets/modules/easy2/changes.english.txt
@@ -3,6 +3,10 @@
  ) _) /    \\___ \ )  /    / __/  ( (_ \/    \/ (_/\/ (_/\ ) _)  )   / )  /
 (____)\_/\_/(____/(__/    (____)   \___/\_/\_/\____/\____/(____)(__\_)(__/
 
+***************** 1.4.8 ******************
+Fix:
++ #5301 $_SERVER['HTTP_X_FORWARDED_FOR'] faking by modifiying the headers
+
 ***************** 1.4.7 ******************
 Fixes:
 + Bugfixed the sibling infos for prev up next navigation

diff --git a/assets/modules/easy2/includes/models/e2g.public.class.php b/assets/modules/easy2/includes/models/e2g.public.class.php
@@ -804,7 +804,20 @@ public function cropName($mbstring, $charSet, $nameLen, $text) {
      * @param string    $ip     IP Address
      * @return bool     TRUE if it is ignored | FALSE if it is not.
      */
-    public function checkIgnoredIp($ip) {
+    public function checkIgnoredIp() {
+        // getting the real ip address
+        $ip = empty($_SERVER['HTTP_CLIENT_IP']) ?
+                (empty($_SERVER['HTTP_X_FORWARDED_FOR']) ?
+                        $_SERVER['REMOTE_ADDR'] :
+                        $_SERVER['HTTP_X_FORWARDED_FOR']) :
+                $_SERVER['HTTP_CLIENT_IP'];
+
+        $ip = $this->sanitizedString($ip);
+
+        if (empty($ip)) {
+            return FALSE;
+        }
+
         $selectCountIgnIps = 'SELECT COUNT(ign_ip_address) '
                 . 'FROM ' . $this->modx->db->config['table_prefix'] . 'easy2_ignoredip '
                 . 'WHERE ign_ip_address=\'' . $ip . '\'';
@@ -831,7 +844,6 @@ public function languageSwitch($modPath = '../') {
         $langFile = realpath($modPath . 'langs/' . $modx->config['manager_language'] . '.inc.php');
         if (!empty($langFile) && file_exists($langFile)) {
             include $langFile; // loading $e2g_lang
-
             // if there is a blank language parameter, english will fill it as the default.
             $oldLangKey = $oldLangVal = array();
             foreach ($e2g_lang[$modx->config['manager_language']] as $olk => $olv) {
@@ -895,7 +907,7 @@ public function changeModOwnGrp($type, $fullPath, $checkPreviousMode = TRUE, $ch
         if (!$this->e2gPubCfg['chmod_enabled']) {
             return FALSE;
         }
-        
+
         $fullRealPath = realpath($fullPath);
         if (empty($fullRealPath)) {
             $_SESSION['easy2err'][] = __LINE__ . ' : ' . $this->lng['chmod_err'] . ' fullPath = ' . $fullPath;
@@ -921,7 +933,7 @@ public function changeModOwnGrp($type, $fullPath, $checkPreviousMode = TRUE, $ch
             clearstatcache();
             if ($checkPreviousMode === TRUE
                     && $oldPermission != sprintf("%04o", $this->e2gPubCfg['chmod_file'])
-                    && !$newPermission 
+                    && !$newPermission
                     && $this->e2gPubCfg['e2g_debug'] == '1'
             ) {
                 $_SESSION['easy2err'][] = __LINE__ . ' : ' . $this->lng['chmod_err'] . ' fullPath = ' . $fullPath;

diff --git a/assets/modules/easy2/includes/models/e2g.snippet.class.php b/assets/modules/easy2/includes/models/e2g.snippet.class.php
@@ -1101,9 +1101,7 @@ private function _loadThumbPlaceholders($row) {
          * Comments on the thumbnails
          */
         // HIDE COMMENTS from Ignored IP Addresses
-        $ip = isset($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR'];
-
-        $checkIgnoredIp = $this->checkIgnoredIp($ip);
+        $checkIgnoredIp = $this->checkIgnoredIp();
 
         if ($this->e2gSnipCfg['ecm'] == 1 && (!$checkIgnoredIp)) {
             $row['com'] = 'e2gcom' . ($row['comments'] == 0 ? 0 : 1);
@@ -1573,9 +1571,7 @@ private function _landingPage($fileId) {
              * Comments on the landing page
              */
             // HIDE COMMENTS from Ignored IP Addresses
-            $ip = isset($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR'];
-
-            $checkIgnoredIp = $this->checkIgnoredIp($ip);
+            $checkIgnoredIp = $this->checkIgnoredIp();
 
             if ($this->e2gSnipCfg['ecm'] == 1 && (!$checkIgnoredIp)) {
 
@@ -1620,7 +1616,11 @@ private function _comments($fileId) {
         $cpn = (empty($_GET['cpn']) || !is_numeric($_GET['cpn'])) ? 0 : (int) $_GET['cpn'];
 
         // Get a key from https://www.google.com/recaptcha/admin/create
-        require_once(E2G_SNIPPET_PATH . 'includes/recaptchalib.php');
+        $recaptchalib = realpath(E2G_SNIPPET_PATH . 'includes/recaptchalib.php');
+        if (!file_exists($recaptchalib)) {
+            return FALSE;
+        }
+        require_once($recaptchalib);
 
         if (file_exists(realpath(E2G_SNIPPET_PATH . 'includes/langs/' . $this->modx->config['manager_language'] . '.comments.php'))) {
             include_once E2G_SNIPPET_PATH . 'includes/langs/' . $this->modx->config['manager_language'] . '.comments.php';