"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "matomo/core/IP.php" between
matomo-4.4.0-rc1.tar.gz and matomo-4.4.0-rc2.tar.gz

About: Matomo is a web analytics platform that aims to be an open source alternative to Google Analytics that let you retain ownership and control over your data (formerly Piwik). Release candidate.

IP.php  (matomo-4.4.0-rc1):IP.php  (matomo-4.4.0-rc2)
skipping to change at line 83 skipping to change at line 83
$config = Config::getInstance()->General; $config = Config::getInstance()->General;
if (isset($config['proxy_ips'])) { if (isset($config['proxy_ips'])) {
$proxyIps = $config['proxy_ips']; $proxyIps = $config['proxy_ips'];
} }
if (!is_array($proxyIps)) { if (!is_array($proxyIps)) {
$proxyIps = array(); $proxyIps = array();
} }
$proxyIps[] = $default; $proxyIps[] = $default;
$shouldReadLastProxyIp = Config::getInstance()->General['proxy_ip_read_l
ast_in_list'] == 1;
// examine proxy headers // examine proxy headers
foreach ($proxyHeaders as $proxyHeader) { foreach ($proxyHeaders as $proxyHeader) {
if (!empty($_SERVER[$proxyHeader])) { if (!empty($_SERVER[$proxyHeader])) {
// this may be buggy if someone has proxy IPs and proxy host hea ders configured as // this may be buggy if someone has proxy IPs and proxy host hea ders configured as
// `$_SERVER[$proxyHeader]` could be eg $_SERVER['HTTP_X_FORWARD ED_HOST'] and // `$_SERVER[$proxyHeader]` could be eg $_SERVER['HTTP_X_FORWARD ED_HOST'] and
// include an actual host name, not an IP // include an actual host name, not an IP
$proxyIp = self::getFirstIpFromList($_SERVER[$proxyHeader], $pro if ($shouldReadLastProxyIp) {
xyIps); $proxyIp = self::getLastIpFromList($_SERVER[$proxyHeader], $
proxyIps);
} else {
$proxyIp = self::getFirstIpFromList($_SERVER[$proxyHeader],
$proxyIps);
}
if (strlen($proxyIp) && stripos($proxyIp, 'unknown') === false) { if (strlen($proxyIp) && stripos($proxyIp, 'unknown') === false) {
return $proxyIp; return $proxyIp;
} }
} }
} }
return $default; return $default;
} }
/** /**
* Returns the last IP address in a comma separated list, subject to an opti onal exclusion list. * Returns the last IP address in a comma separated list, subject to an opti onal exclusion list.
* *
* @param string $csv Comma separated list of elements. * @param string $csv Comma separated list of elements.
* @param array $excludedIps Optional list of excluded IP addresses (or IP a ddress ranges). * @param array $excludedIps Optional list of excluded IP addresses (or IP a ddress ranges).
* @return string Last (non-excluded) IP address in the list or an empty str ing if all given IPs are excluded. * @return string Last (non-excluded) IP address in the list or an empty str ing if all given IPs are excluded.
*/ */
public static function getFirstIpFromList($csv, $excludedIps = null) public static function getFirstIpFromList($csv, $excludedIps = null)
{ {
$p = strrpos($csv, ','); $p = strrpos($csv, ',');
if ($p !== false) { if ($p !== false) {
$elements = explode(',', $csv); $elements = self::getIpsFromList($csv, $excludedIps);
foreach ($elements as $ipString) { return reset($elements) ?: '';
$element = trim(Common::sanitizeInputValue($ipString)); }
if(empty($element)) { return trim(Common::sanitizeInputValue($csv));
continue; }
}
$ip = \Matomo\Network\IP::fromStringIP(IPUtils::sanitizeIp($elem
ent));
if (empty($excludedIps) || (!in_array($element, $excludedIps) &&
!$ip->isInRanges($excludedIps))) {
return $element;
}
}
return ''; public static function getLastIpFromList($csv, $excludedIps = null)
{
$p = strrpos($csv, ',');
if ($p !== false) {
$elements = self::getIpsFromList($csv, $excludedIps);
return end($elements) ?: '';
} }
return trim(Common::sanitizeInputValue($csv)); return trim(Common::sanitizeInputValue($csv));
} }
private static function getIpsFromList(string $csv, ?array $excludedIps)
{
$result = [];
$elements = explode(',', $csv);
foreach ($elements as $ipString) {
$element = trim(Common::sanitizeInputValue($ipString));
if(empty($element)) {
continue;
}
$ip = \Matomo\Network\IP::fromStringIP(IPUtils::sanitizeIp($element)
);
if (empty($excludedIps) || (!in_array($element, $excludedIps) && !$i
p->isInRanges($excludedIps))) {
$result[] = $element;
}
}
return $result;
}
} }
 End of changes. 5 change blocks. 
16 lines changed or deleted 42 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)