From 4e18cb3c66362c4141e8de7c773792faa1622917 Mon Sep 17 00:00:00 2001 From: Gabriel Pedro Date: Wed, 11 May 2016 18:32:51 -0400 Subject: [PATCH] resolves #214 --- api/modules/base/player/class/player.php | 2 +- createcharacter.php | 2 +- engine/function/general.php | 20 +++++++++++++++----- engine/init.php | 2 +- helpdesk.php | 2 +- login.php | 2 +- myaccount.php | 2 +- register.php | 2 +- 8 files changed, 22 insertions(+), 12 deletions(-) diff --git a/api/modules/base/player/class/player.php b/api/modules/base/player/class/player.php index 2d387d5..d6588d1 100644 --- a/api/modules/base/player/class/player.php +++ b/api/modules/base/player/class/player.php @@ -348,7 +348,7 @@ class Player { 'vocation' => $_POST['selected_vocation'], 'town_id' => $_POST['selected_town'], 'sex' => $_POST['selected_gender'], - 'lastip' => ip2long(getIP()), + 'lastip' => getIPLong(), 'created' => time() ); diff --git a/createcharacter.php b/createcharacter.php index 19dba61..2d653a6 100644 --- a/createcharacter.php +++ b/createcharacter.php @@ -90,7 +90,7 @@ if (isset($_GET['success']) && empty($_GET['success'])) { 'vocation' => $_POST['selected_vocation'], 'town_id' => $_POST['selected_town'], 'sex' => $_POST['selected_gender'], - 'lastip' => ip2long(getIP()), + 'lastip' => getIPLong(), 'created' => time() ); diff --git a/engine/function/general.php b/engine/function/general.php index f865a20..b015dd7 100644 --- a/engine/function/general.php +++ b/engine/function/general.php @@ -124,7 +124,7 @@ function znote_visitors_get_data() { // Set visitor basic data function znote_visitor_set_data($visitor_data) { $exist = false; - $ip = ip2long(getIP()); + $ip = getIPLong(); foreach ((array)$visitor_data as $row) { if ($ip == $row['ip']) { @@ -159,7 +159,7 @@ function znote_visitor_insert_detailed_data($type) { type 4 = search character */ $time = time(); - $ip = ip2long(getIP()); + $ip = getIPLong(); if (user_logged_in()) { $acc = (int)getSession('user_id'); mysql_insert("INSERT INTO `znote_visitors_details` (`ip`, `time`, `type`, `account_id`) VALUES ('$ip', '$time', '$type', '$acc')"); @@ -168,7 +168,7 @@ function znote_visitor_insert_detailed_data($type) { function something () { // Make acc data compatible: - $ip = ip2long(getIP()); + $ip = getIPLong(); } // Secret token @@ -233,9 +233,9 @@ function validate_name($string) { // Checks if an IPv4(or localhost IPv6) address is valid function validate_ip($ip) { - $ipL = ip2long($ip); + $ipL = safeIp2Long($ip); $ipR = long2ip($ipL); - + if ($ip === $ipR) { return true; } elseif ($ip=='::1') { @@ -269,6 +269,7 @@ function online_list() { else return mysql_select_multi("SELECT `p`.`name` as `name`, `p`.`level` as `level`, `p`.`vocation` as `vocation`, `g`.`name` as `gname` FROM `players` p LEFT JOIN `guild_ranks` gr ON `gr`.`id` = `p`.`rank_id` LEFT JOIN `guilds` g ON `gr`.`guild_id` = `g`.`id` WHERE `p`.`online` = '1' ORDER BY `p`.`name` DESC;"); } + // Gets you the actual IP address even from users behind ISP proxies and so on. function getIP() { /* @@ -289,6 +290,15 @@ function getIP() { return $_SERVER['REMOTE_ADDR']; } +function safeIp2Long($ip) { + return sprintf('%u', ip2long($ip)); +} + +// Gets you the actual IP address even from users in long type +function getIPLong() { + return safeIp2Long(getIP()); +} + // Deprecated, just use count($array) instead. function array_length($ar) { $r = 1; diff --git a/engine/init.php b/engine/init.php index a52cd6a..65a21a5 100644 --- a/engine/init.php +++ b/engine/init.php @@ -79,7 +79,7 @@ if ($config['log_ip']) { $v_form = 0; foreach ((array)$visitor_detailed as $v_d) { // Activity - if ($v_d['ip'] == ip2long(getIP())) { + if ($v_d['ip'] == getIPLong()) { // count each type of visit switch ($v_d['type']) { case 0: // max activity diff --git a/helpdesk.php b/helpdesk.php index f2d03e1..db9ea9a 100644 --- a/helpdesk.php +++ b/helpdesk.php @@ -165,7 +165,7 @@ if ($view !== false) { 'username'=> getValue($_POST['username']), 'subject' => getValue($_POST['subject']), 'message' => getValue($_POST['message']), - 'ip' => ip2long(getIP()), + 'ip' => getIPLong(), 'creation' => time(), 'status' => 'Open' ); diff --git a/login.php b/login.php index 3d09cd2..cbcafea 100644 --- a/login.php +++ b/login.php @@ -48,7 +48,7 @@ if (empty($_POST) === false) { $znote_data = user_znote_account_data($login); if ($znote_data['ip'] == 0) { $update_data = array( - 'ip' => ip2long(getIP()), + 'ip' => getIPLong(), ); user_update_znote_account($update_data); } diff --git a/myaccount.php b/myaccount.php index a97c2ae..eba81f2 100644 --- a/myaccount.php +++ b/myaccount.php @@ -348,7 +348,7 @@ if ($config['zeotss']['enabled'] && $config['zeotss']['visitors']) { curl_setopt($curl_connection, CURLOPT_RETURNTRANSFER, true); curl_setopt($curl_connection, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($curl_connection, CURLOPT_FOLLOWLOCATION, 0); - $post_string = "longip=".ip2long($_SERVER['REMOTE_ADDR'])."®ister=1"; + $post_string = "longip=".getIPLong()."®ister=1"; curl_setopt($curl_connection, CURLOPT_POSTFIELDS, $post_string); $result = curl_exec($curl_connection); if ($config['zeotss']['debug']) data_dump(false, array($result), "CURL DATA"); diff --git a/register.php b/register.php index a567c6c..2d64f08 100644 --- a/register.php +++ b/register.php @@ -112,7 +112,7 @@ if (isset($_GET['success']) && empty($_GET['success'])) { 'password' => $_POST['password'], 'email' => $_POST['email'], 'created' => time(), - 'ip' => ip2long(getIP()), + 'ip' => getIPLong(), 'flag' => $_POST['flag'] );