From 7318ec0eb10b002ec005d44ddb2cabe90ae159da Mon Sep 17 00:00:00 2001 From: Shish Date: Mon, 30 Sep 2024 20:12:53 +0100 Subject: [PATCH] ignore invalid IPs rather than crashing, see #1221 --- core/util.php | 4 ++-- ext/source_history/main.php | 2 +- ext/tag_history/main.php | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/core/util.php b/core/util.php index 23f3a3190..9b0a6c04e 100644 --- a/core/util.php +++ b/core/util.php @@ -209,7 +209,7 @@ function get_real_ip(): string if (is_trusted_proxy()) { if (isset($_SERVER['HTTP_X_REAL_IP'])) { - if (filter_var_ex($ip, FILTER_VALIDATE_IP)) { + if (filter_var($ip, FILTER_VALIDATE_IP)) { $ip = $_SERVER['HTTP_X_REAL_IP']; } } @@ -217,7 +217,7 @@ function get_real_ip(): string if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) { $ips = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']); $last_ip = $ips[count($ips) - 1]; - if (filter_var_ex($last_ip, FILTER_VALIDATE_IP)) { + if (filter_var($last_ip, FILTER_VALIDATE_IP)) { $ip = $last_ip; } } diff --git a/ext/source_history/main.php b/ext/source_history/main.php index 921ee95ee..cbfccb69a 100644 --- a/ext/source_history/main.php +++ b/ext/source_history/main.php @@ -179,7 +179,7 @@ protected function process_bulk_revert_request(): void } if (isset($_POST['revert_ip']) && !empty($_POST['revert_ip'])) { - $revert_ip = filter_var_ex($_POST['revert_ip'], FILTER_VALIDATE_IP, FILTER_FLAG_NO_RES_RANGE); + $revert_ip = filter_var($_POST['revert_ip'], FILTER_VALIDATE_IP, FILTER_FLAG_NO_RES_RANGE); if ($revert_ip === false) { // invalid ip given. diff --git a/ext/tag_history/main.php b/ext/tag_history/main.php index b63849208..2a498a241 100644 --- a/ext/tag_history/main.php +++ b/ext/tag_history/main.php @@ -225,7 +225,7 @@ protected function process_bulk_revert_request(): void } if (isset($_POST['revert_ip']) && !empty($_POST['revert_ip'])) { - $revert_ip = filter_var_ex($_POST['revert_ip'], FILTER_VALIDATE_IP, FILTER_FLAG_NO_RES_RANGE); + $revert_ip = filter_var($_POST['revert_ip'], FILTER_VALIDATE_IP, FILTER_FLAG_NO_RES_RANGE); if ($revert_ip === false) { // invalid ip given.