|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2006-05-04 17:01 UTC] nlopess@php.net
|
|||||||||||||||||||||||||||
Copyright © 2001-2026 The PHP GroupAll rights reserved. |
Last updated: Tue Jun 16 18:00:02 2026 UTC |
Description: ------------ The most important IP address, $ip, is not processed by the is_spammer() function. Two IPs are currently checked: - $_SERVER['REMOTE_ADDR']: This is almost always a mirror, but sometimes a user so it is still needed. - $redirip: This is supplied by the mirror (or potentially a user) and contains the X-Forwarded-For or Via IP. However, mirrors also provide $ip, which is the direct $_SERVER['REMOTE_ADDR'] from that mirror. This needs to be checked for spammers too! Here's a patch: diff -u -r1.51 user-note.php --- user-note.php 22 Mar 2006 19:20:20 -0000 1.51 +++ user-note.php 4 May 2006 14:51:32 -0000 @@ -50,7 +50,7 @@ die("missing some parameters."); // check if the IP is blacklisted -if (is_spammer($_SERVER['REMOTE_ADDR']) || is_spammer($redirip)) { +if (is_spammer($_SERVER['REMOTE_ADDR']) || is_spammer($ip) || is_spammer($redirip)) { die ('[SPAMMER]'); }