Index: branches/5.2.x/core/kernel/utility/debugger.php =================================================================== diff -u -N -r15552 -r15569 --- branches/5.2.x/core/kernel/utility/debugger.php (.../debugger.php) (revision 15552) +++ branches/5.2.x/core/kernel/utility/debugger.php (.../debugger.php) (revision 15569) @@ -1,6 +1,6 @@ never match + if ( php_sapi_name() == 'cli' ) { return false; } $ip_match = false; $ip_addresses = $ip_list ? explode($separator, $ip_list) : Array (); + $client_ip = self::getClientIp(); + foreach ($ip_addresses as $ip_address) { - if (self::netMatch($ip_address, $_SERVER['REMOTE_ADDR'])) { + if ( self::netMatch($ip_address, $client_ip) ) { $ip_match = true; break; } @@ -105,6 +113,37 @@ } /** + * Returns the client IP address. + * + * @return string The client IP address + * @access public + */ + public static function getClientIp() + { + if ( self::$trustProxy ) { + if ( array_key_exists('HTTP_CLIENT_IP', $_SERVER) ) { + return $_SERVER['HTTP_CLIENT_IP']; + } + + if ( array_key_exists('HTTP_X_FORWARDED_FOR', $_SERVER) ) { + $client_ip = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']); + + foreach ($client_ip as $ip_address) { + $clean_ip_address = trim($ip_address); + + if ( false !== filter_var($clean_ip_address, FILTER_VALIDATE_IP) ) { + return $clean_ip_address; + } + } + + return ''; + } + } + + return $_SERVER['REMOTE_ADDR']; + } + + /** * Checks, that given ip belongs to given subnet * * @param string $network @@ -352,6 +391,11 @@ die('error: constant DEBUG_MODE defined directly, please use $dbg_options array instead'); } + if ( class_exists('kUtil') ) { + $vars = kUtil::getConfigVars(); + DebuggerUtil::$trustProxy = isset($vars['TrustProxy']) ? (bool)$vars['TrustProxy'] : false; + } + // check IP before enabling debug mode $ip_match = DebuggerUtil::ipMatch(isset($dbg_options['DBG_IP']) ? $dbg_options['DBG_IP'] : '');