githubFork/roundcubemail.git

			@@ -54,7 +54,7 @@
			{
			$this->db = $db;
			$this->start = microtime(true);
			$this->ip = $_SERVER['REMOTE_ADDR'];
			$this->ip = rcube_utils::remote_addr();
			$this->logging = $config->get('log_session', false);

			$lifetime = $config->get('session_lifetime', 1) * 60;
			@@ -480,7 +480,7 @@
			public function kill()
			{
			$this->vars = null;
			$this->ip = $_SERVER['REMOTE_ADDR']; // update IP (might have changed)
			$this->ip = rcube_utils::remote_addr(); // update IP (might have changed)
			$this->destroy(session_id());
			rcube_utils::setcookie($this->cookiename, '-del-', time() - 60);
			}
			@@ -694,10 +694,10 @@
			function check_auth()
			{
			$this->cookie = $_COOKIE[$this->cookiename];
			$result = $this->ip_check ? $_SERVER['REMOTE_ADDR'] == $this->ip : true;
			$result = $this->ip_check ? rcube_utils::remote_addr() == $this->ip : true;

			if (!$result) {
			$this->log("IP check failed for " . $this->key . "; expected " . $this->ip . "; got " . $_SERVER['REMOTE_ADDR']);
			$this->log("IP check failed for " . $this->key . "; expected " . $this->ip . "; got " . rcube_utils::remote_addr());
			}

			if ($result && $this->_mkcookie($this->now) != $this->cookie) {

			@@ -666,6 +666,21 @@


			/**
			* Returns the real remote IP address
			*
			* @return string Remote IP address
			*/
			public static function remote_addr()
			{
			foreach (array('HTTP_X_FORWARDED_FOR','HTTP_X_REAL_IP','REMOTE_ADDR') as $prop) {
			if (!empty($_SERVER[$prop]))
			return $_SERVER[$prop];
			}

			return '';
			}

			/**
			* Read a specific HTTP request header.
			*
			* @param string $name Header name

	program/lib/Roundcube/rcube_session.php	8 ●●●●● patch \| view \| raw \| blame \| history
	program/lib/Roundcube/rcube_utils.php	15 ●●●●● patch \| view \| raw \| blame \| history