From 843a6e11ae6ce05ee8d689b62ec7cb6eff97e92d Mon Sep 17 00:00:00 2001
From: "Fedor A. Fetisov" <faf@ossg.ru>
Date: Mon, 22 May 2017 02:01:08 +0300
Subject: [PATCH] Define correct remote IP for a visitor (with IPv6 support)

See #197
---
 src/mibew/libs/chat.php                            |  6 +++++-
 .../Mibew/RequestProcessor/UsersProcessor.php      | 14 ++++----------
 2 files changed, 9 insertions(+), 11 deletions(-)

diff --git a/src/mibew/libs/chat.php b/src/mibew/libs/chat.php
index 39b1f6e4..c21f7c16 100644
--- a/src/mibew/libs/chat.php
+++ b/src/mibew/libs/chat.php
@@ -581,7 +581,11 @@ function get_remote_host()
     $has_proxy = isset($_SERVER['HTTP_X_FORWARDED_FOR'])
         && $_SERVER['HTTP_X_FORWARDED_FOR'] != $_SERVER['REMOTE_ADDR'];
     if ($has_proxy) {
-        $ext_addr = $_SERVER['REMOTE_ADDR'] . ' (' . $_SERVER['HTTP_X_FORWARDED_FOR'] . ')';
+        $count = 0;
+        $ext_addr = preg_replace('/^([^,]+)(,\s.+)?/', '\\1', $_SERVER['HTTP_X_FORWARDED_FOR'], -1, $count);
+        if ($count > 1) {
+            $ext_addr = $ext_addr . ' (' . $_SERVER['HTTP_X_FORWARDED_FOR'] . ')';
+        }
     }
 
     return isset($_SERVER['REMOTE_HOST']) ? $_SERVER['REMOTE_HOST'] : $ext_addr;
diff --git a/src/mibew/libs/classes/Mibew/RequestProcessor/UsersProcessor.php b/src/mibew/libs/classes/Mibew/RequestProcessor/UsersProcessor.php
index 4cc007d1..b5f34ad2 100644
--- a/src/mibew/libs/classes/Mibew/RequestProcessor/UsersProcessor.php
+++ b/src/mibew/libs/classes/Mibew/RequestProcessor/UsersProcessor.php
@@ -266,11 +266,8 @@ class UsersProcessor extends ClientSideProcessor implements AuthenticationManage
             );
 
             // Get user ip
-            if (preg_match("/(\\d+\\.\\d+\\.\\d+\\.\\d+)/", $thread->remote, $matches) != 0) {
-                $user_ip = $matches[1];
-            } else {
-                $user_ip = false;
-            }
+            $user_ip = preg_replace('/^(\S+)(\s.+)?/', '\\1', $thread->remote);
+            $user_ip = filter_var($user_ip, FILTER_VALIDATE_IP);
 
             // Get thread operartor name
             $next_agent = $thread->nextAgent != 0
@@ -438,11 +435,8 @@ class UsersProcessor extends ClientSideProcessor implements AuthenticationManage
                 $user_agent = get_user_agent_version($details['user_agent']);
 
                 // Get user ip
-                if (preg_match("/(\\d+\\.\\d+\\.\\d+\\.\\d+)/", $details['remote_host'], $matches) != 0) {
-                    $user_ip = $matches[1];
-                } else {
-                    $user_ip = false;
-                }
+                $user_ip = preg_replace('/^(\S+)(\s.+)?/', '\\1', $details['remote_host']);
+                $user_ip = filter_var($user_ip, FILTER_VALIDATE_IP);
 
                 // Get invitation info
                 $row['invited'] = ($row['invitationstate'] == Thread::INVITATION_WAIT);