Ideas from https://github.com/OpenGamePanel/OGP-Website/pull/8... thanks!

includes/database_mysql.php

@@ -2406,18 +2406,7 @@ class OGPDatabaseMySQL extends OGPDatabase
 	
 	public function logger($message){
 		$user_id = isset($_SESSION['user_id']) ? $_SESSION['user_id'] : 0;
-		if ( isset($_SERVER["REMOTE_ADDR"]) )
-		{
-			$client_ip = $_SERVER["REMOTE_ADDR"];
-		}
-		elseif ( isset($_SERVER["HTTP_X_FORWARDED_FOR"]) )
-		{
-			$client_ip = $_SERVER["HTTP_X_FORWARDED_FOR"];
-		} 
-		elseif( isset($_SERVER["HTTP_CLIENT_IP"]) )
-		{
-			$client_ip = $_SERVER["HTTP_CLIENT_IP"]; 
-		}
+		$client_ip = getClientIPAddress();
 		$message = mysql_real_escape_string($message, $this->link);
 		$this->query("INSERT INTO OGP_DB_PREFIXlogger (date, user_id, ip, message) VALUE (FROM_UNIXTIME(UNIX_TIMESTAMP(), '%d-%m-%Y %H:%i:%s'), $user_id, '$client_ip', '$message');");
 	}

includes/database_mysqli.php

@@ -2413,18 +2413,7 @@ class OGPDatabaseMySQL extends OGPDatabase
 	
 	public function logger($message){
 		$user_id = isset($_SESSION['user_id']) ? $_SESSION['user_id'] : 0;
-		if ( isset($_SERVER["REMOTE_ADDR"]) )
-		{
-			$client_ip = $_SERVER["REMOTE_ADDR"];
-		}
-		elseif ( isset($_SERVER["HTTP_X_FORWARDED_FOR"]) )
-		{
-			$client_ip = $_SERVER["HTTP_X_FORWARDED_FOR"];
-		} 
-		elseif( isset($_SERVER["HTTP_CLIENT_IP"]) )
-		{
-			$client_ip = $_SERVER["HTTP_CLIENT_IP"]; 
-		}
+		$client_ip = getClientIPAddress();
 		$message = mysqli_real_escape_string($this->link,$message);
 		$this->query("INSERT INTO OGP_DB_PREFIXlogger (date, user_id, ip, message) VALUE (FROM_UNIXTIME(UNIX_TIMESTAMP(), '%d-%m-%Y %H:%i:%s'), $user_id, '$client_ip', '$message');");
 	}

includes/functions.php

@@ -529,4 +529,16 @@ function get_game_selector($os, $game_cfgs, $home_cfg_id = FALSE)
 	
 	return $selector;
 }
+
+function getClientIPAddress(){
+	if(isset($_SERVER['HTTP_CF_CONNECTING_IP']) && !empty($_SERVER['HTTP_CF_CONNECTING_IP'])){
+		return $_SERVER['HTTP_CF_CONNECTING_IP'];
+	}else if(isset($_SERVER['HTTP_X_FORWARDED_FOR']) && !empty($_SERVER['HTTP_X_FORWARDED_FOR'])){
+		return $_SERVER['HTTP_X_FORWARDED_FOR'];
+	}else if(isset($_SERVER['HTTP_X_REAL_IP']) && !empty($_SERVER['HTTP_X_REAL_IP'])){
+		return $_SERVER['HTTP_X_REAL_IP'];
+	}else{
+		return $_SERVER['REMOTE_ADDR'];
+	}
+}
 ?>

index.php

@@ -209,18 +209,7 @@ function ogpHome()
 		
 		if ( isset($_POST['login']) )
 		{
-			if ( isset($_SERVER["REMOTE_ADDR"]) )
-			{
-				$client_ip = $_SERVER["REMOTE_ADDR"];
-			}
-			elseif ( isset($_SERVER["HTTP_X_FORWARDED_FOR"]) )
-			{
-				$client_ip = $_SERVER["HTTP_X_FORWARDED_FOR"];
-			} 
-			elseif( isset($_SERVER["HTTP_CLIENT_IP"]) )
-			{
-				$client_ip = $_SERVER["HTTP_CLIENT_IP"]; 
-			}
+			$client_ip = getClientIPAddress();
 			
 			$ban_list = $db->resultQuery("SHOW TABLES LIKE 'OGP_DB_PREFIXban_list';");
 			if ( empty( $ban_list ) )
@@ -268,7 +257,7 @@ function ogpHome()
 		
 					require_once('includes/classes/recaptcha/autoload.php');
 					$recaptcha = new \ReCaptcha\ReCaptcha($secretkey);
-					$resp = $recaptcha->verify($gRecaptchaResponse, $_SERVER["REMOTE_ADDR"]);
+					$resp = $recaptcha->verify($gRecaptchaResponse, $client_ip);
 
 					if (empty($gRecaptchaResponse) || !$resp->isSuccess()){
 						print_failure("Recaptcha failed. Try again!");

js/modules/dashboard.js

@@ -62,7 +62,7 @@ function updateWidgetData(){
 	//Pass sortorder variable to server using ajax to save state  
 	$.post('home.php?m=dashboard&p=updateWidgets', 'data='+$.toJSON(sortorder), function(response){ 
 		if(response.indexOf("success") < 0){
-			$("#console").html('<h0><div class="Failed">Failed to save you\'r operation! Please contact OGP...</div></h0>').hide().fadeIn(1000);  
+			$("#console").html('<h0><div class="Failed">Failed to update widget order.</div></h0>').hide().fadeIn(1000);  
 		}
 	});  
-}
+}

js/modules/user_games.js

@@ -187,7 +187,7 @@ $(document).ready(function() {
 				var selected = new Date(e.localDate);
 				if( selected <= now )
 				{
-					alert('The given expiration date has already expired.');
+					alert('The selected date has already passed.');
 					datePickerInput.value = "";
 				}
 			}
@@ -210,7 +210,7 @@ $(document).ready(function() {
 					selected  = new Date(date[2], date[1]-1, date[0], time[0], time[1], time[2], 0);
 				if( selected <= now )
 				{
-					alert('The given expiration date has already expired.');
+					alert('The selected date has already passed.');
 					this.value = "";
 				}
 			}

modules/ftp/includes/registerglobals.inc.php

@@ -90,6 +90,20 @@ if(file_exists("includes/helpers.php")){
 	}
 }
 
+if(file_exists("includes/functions.php")){
+	require_once("includes/functions.php");
+}else{
+	if(file_exists(__DIR__ . "/../../../includes/functions.php")){
+		require_once(__DIR__ . "/../../../includes/functions.php");
+	}
+}
+
+if(function_exists("getClientIPAddress")){
+	$client_ip = getClientIPAddress();
+}else{
+	$client_ip = $_SERVER['REMOTE_ADDR'];
+}
+
 if(function_exists("startSession")){
 	startSession();
 }else{
@@ -103,7 +117,7 @@ else                                                     { $_SESSION["net2ftp_se
 if (isset($_SESSION["net2ftp_remote_addr_new"]) == true) { $_SESSION["net2ftp_remote_addr_old"] = $_SESSION["net2ftp_remote_addr_new"]; }
 else                                                     { $_SESSION["net2ftp_remote_addr_old"] = ""; }
 $_SESSION["net2ftp_session_id_new"]  = session_id();
-$_SESSION["net2ftp_remote_addr_new"] = $_SERVER["REMOTE_ADDR"];
+$_SESSION["net2ftp_remote_addr_new"] = $client_ip;
 
 // -------------------------------------------------------------------------
 // 3 SERVER variabes
@@ -114,7 +128,7 @@ else                                            { $net2ftp_globals["PHP_SELF"]
 if (isset($_SERVER["HTTP_REFERER"]) == true)    { $net2ftp_globals["HTTP_REFERER"]    = validateGenericInput($_SERVER["HTTP_REFERER"]); }
 else                                            { $net2ftp_globals["HTTP_REFERER"]    = ""; }
 if (isset($_SERVER["HTTP_USER_AGENT"]) == true) { $net2ftp_globals["HTTP_USER_AGENT"] = validateGenericInput($_SERVER["HTTP_USER_AGENT"]); }
-if (isset($_SERVER["REMOTE_ADDR"]) == true)     { $net2ftp_globals["REMOTE_ADDR"]     = validateGenericInput($_SERVER["REMOTE_ADDR"]); }
+if (isset($client_ip) == true)     { $net2ftp_globals["REMOTE_ADDR"]     = validateGenericInput($client_ip); }
 if (isset($_SERVER["REMOTE_PORT"]) == true)     { $net2ftp_globals["REMOTE_PORT"]     = validateGenericInput($_SERVER["REMOTE_PORT"]); }
 
 // Action URL

modules/gamemanager/view_server_log.php

@@ -85,7 +85,7 @@ function exec_ogp_module()
 		// Using the refreshed class
 		if( isset($_GET['refreshed']) )
 		{
-			echo "<pre class='log'><xmp>".htmlentities($home_log)."</xmp></pre>";
+			echo "<pre class='log'>".htmlentities($home_log)."</pre>";
 		}
 		else
 		{
@@ -152,7 +152,7 @@ function exec_ogp_module()
 			}
 			else
 			{
-				echo "<pre class='log'><xmp>".$home_log."</xmp></pre>";
+				echo "<pre class='log'>" . htmlentities($home_log) . "</pre>";
 				print_failure( server_not_running );
 			}
 			echo create_back_button( $_GET['m'], 'game_monitor&home_id-mod_id-ip-port='.$_GET['home_id-mod_id-ip-port'] );