|
@@ -11,7 +11,24 @@ require_once(dirname(__FILE__).'/i18n.php');
|
|
|
|
|
|
|
|
|
|
|
|
|
// Saving user IPs to the session for preventing session hijacking
|
|
// Saving user IPs to the session for preventing session hijacking
|
|
|
-$user_combined_ip = $_SERVER['REMOTE_ADDR'] .'|'. $_SERVER['HTTP_CLIENT_IP'] .'|'. $_SERVER['HTTP_X_FORWARDED_FOR'] .'|'. $_SERVER['HTTP_X_FORWARDED'] .'|'. $_SERVER['HTTP_FORWARDED_FOR'] .'|'. $_SERVER['HTTP_FORWARDED'];
|
|
|
|
|
|
|
+$user_combined_ip = $_SERVER['REMOTE_ADDR'];
|
|
|
|
|
+
|
|
|
|
|
+if(isset($_SERVER['HTTP_CLIENT_IP'])){
|
|
|
|
|
+ $user_combined_ip .= '|'. $_SERVER['HTTP_CLIENT_IP'];
|
|
|
|
|
+}
|
|
|
|
|
+if(isset($_SERVER['HTTP_X_FORWARDED_FOR'])){
|
|
|
|
|
+ $user_combined_ip .= '|'. $_SERVER['HTTP_X_FORWARDED_FOR'];
|
|
|
|
|
+}
|
|
|
|
|
+if(isset($_SERVER['HTTP_FORWARDED_FOR'])){
|
|
|
|
|
+ $user_combined_ip .= '|'. $_SERVER['HTTP_FORWARDED_FOR'];
|
|
|
|
|
+}
|
|
|
|
|
+if(isset($_SERVER['HTTP_X_FORWARDED'])){
|
|
|
|
|
+ $user_combined_ip .= '|'. $_SERVER['HTTP_X_FORWARDED'];
|
|
|
|
|
+}
|
|
|
|
|
+if(isset($_SERVER['HTTP_FORWARDED'])){
|
|
|
|
|
+ $user_combined_ip .= '|'. $_SERVER['HTTP_FORWARDED'];
|
|
|
|
|
+}
|
|
|
|
|
+
|
|
|
|
|
|
|
|
if(!isset($_SESSION['user_combined_ip'])){
|
|
if(!isset($_SESSION['user_combined_ip'])){
|
|
|
$_SESSION['user_combined_ip'] = $user_combined_ip;
|
|
$_SESSION['user_combined_ip'] = $user_combined_ip;
|
Dmitry Naumov-Socolov