wok rev 13154
zerobin: add proxy fix
| author | Pascal Bellard <pascal.bellard@slitaz.org> |
|---|---|
| date | Mon Jul 16 11:07:01 2012 +0200 (2012-07-16) |
| parents | 2eb82e8dc17d |
| children | 37066c566083 |
| files | zerobin/stuff/zerobin.u |
line diff
1.1 --- a/zerobin/stuff/zerobin.u Mon Jul 16 10:19:42 2012 +0200 1.2 +++ b/zerobin/stuff/zerobin.u Mon Jul 16 11:07:01 2012 +0200 1.3 @@ -14,3 +14,38 @@ 1.4 var cipherdata = zeroCipher(randomkey,$('textarea#message').val()); 1.5 var data_to_send = { data:cipherdata, 1.6 expire:$('select#pasteExpiration').val(), 1.7 +--- index.php 1.8 ++++ index.php 1.9 +@@ -16,6 +16,13 @@ 1.10 + $_COOKIE = array_map('stripslashes_deep', $_COOKIE); 1.11 + } 1.12 + 1.13 ++function remote_address() 1.14 ++{ 1.15 ++ if (isset($_SERVER["HTTP_X_FORWARDED_FOR"])) 1.16 ++ return $_SERVER["HTTP_X_FORWARDED_FOR"]; 1.17 ++ return $_SERVER["REMOTE_ADDR"]; 1.18 ++} 1.19 ++ 1.20 + // trafic_limiter : Make sure the IP address makes at most 1 request every 10 seconds. 1.21 + // Will return false if IP address made a call less than 10 seconds ago. 1.22 + function trafic_limiter_canPass($ip) 1.23 +@@ -136,7 +143,7 @@ 1.24 + } 1.25 + 1.26 + // Make sure last paste from the IP address was more than 10 seconds ago. 1.27 +- if (!trafic_limiter_canPass($_SERVER['REMOTE_ADDR'])) 1.28 ++ if (!trafic_limiter_canPass(remote_address())) 1.29 + { echo json_encode(array('status'=>1,'message'=>'Please wait 10 seconds between each post.')); exit; } 1.30 + 1.31 + // Make sure content is not too big. 1.32 +@@ -191,7 +198,7 @@ 1.33 + // (We assume that if the user did not enter a nickname, he/she wants 1.34 + // to be anonymous and we will not generate the vizhash.) 1.35 + $vz = new vizhash16x16(); 1.36 +- $pngdata = $vz->generate($_SERVER['REMOTE_ADDR']); 1.37 ++ $pngdata = $vz->generate(remote_address()); 1.38 + if ($pngdata!='') $meta['vizhash'] = 'data:image/png;base64,'.base64_encode($pngdata); 1.39 + // Once the avatar is generated, we do not keep the IP address, nor its hash. 1.40 + } 1.41 +