Checks X-Real-Ip header as well when determining client IP

author Paweł Sroka <srokap@gmail.com>

Sun, 8 Dec 2013 03:13:02 +0000 (04:13 +0100)

committer Steve Clay <steve@mrclay.org>

Sun, 8 Dec 2013 19:27:36 +0000 (14:27 -0500)
author Paweł Sroka <srokap@gmail.com>
Sun, 8 Dec 2013 03:13:02 +0000 (04:13 +0100)
committer Steve Clay <steve@mrclay.org>
Sun, 8 Dec 2013 19:27:36 +0000 (14:27 -0500)
diff --git a/engine/lib/system_log.php b/engine/lib/system_log.php

index bed86375501dfc9436067a174d481c127edbd9c6..84302632efae1e17a09b2873a2c703f931c5d277 100644 (file)
--- a/engine/lib/system_log.php
+++ b/engine/lib/system_log.php
@@ -187,11 +187,16 @@ function system_log($object, $event) {
                 $object_subtype = $object->getSubtype();
                 $event = sanitise_string($event);
                 $time = time();
+
                 if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
                         $ip_address = array_pop(explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']));
+               } elseif (!empty($_SERVER['HTTP_X_REAL_IP'])) {
+                       $ip_address = array_pop(explode(',', $_SERVER['HTTP_X_REAL_IP']));
                 } else {
-                       $ip_address = sanitise_string($_SERVER['REMOTE_ADDR']);
+                       $ip_address = $_SERVER['REMOTE_ADDR'];
                 }
+               $ip_address = sanitise_string($ip_address);
+
                 $performed_by = elgg_get_logged_in_user_guid();
  
                 if (isset($object->access_id)) {
author	Paweł Sroka <srokap@gmail.com>
	Sun, 8 Dec 2013 03:13:02 +0000 (04:13 +0100)
committer	Steve Clay <steve@mrclay.org>
	Sun, 8 Dec 2013 19:27:36 +0000 (14:27 -0500)