Page MenuHomePhorge
Files F117824458

D2482.1775298141.diff
No OneTemporary
Actions

Authored By
Unknown
Size
4 KB
Referenced Files
None
Subscribers
None

D2482.1775298141.diff
View Options

diff --git a/src/app/Http/Kernel.php b/src/app/Http/Kernel.php
--- a/src/app/Http/Kernel.php
+++ b/src/app/Http/Kernel.php
@@ -85,4 +85,17 @@
\Illuminate\Auth\Middleware\Authorize::class,
\App\Http\Middleware\AuthenticateAdmin::class,
];
+
+ /**
+ * Handle an incoming HTTP request.
+ *
+ * @param \Illuminate\Http\Request $request HTTP Request object
+ *
+ * @return \Illuminate\Http\Response
+ */
+ public function handle($request)
+ {
+ // Overwrite the http request object
+ return parent::handle(Request::createFrom($request));
+ }
}
diff --git a/src/app/Http/Middleware/TrustProxies.php b/src/app/Http/Middleware/TrustProxies.php
--- a/src/app/Http/Middleware/TrustProxies.php
+++ b/src/app/Http/Middleware/TrustProxies.php
@@ -12,7 +12,12 @@
*
* @var array|string
*/
- protected $proxies = '*';
+ protected $proxies = [
+ '10.0.0.0/8',
+ '127.0.0.1/8',
+ '172.16.0.0/12',
+ '192.168.0.0/16'
+ ];
/**
* The headers that should be used to detect proxies.
diff --git a/src/app/Http/Request.php b/src/app/Http/Request.php
new file mode 100644
--- /dev/null
+++ b/src/app/Http/Request.php
@@ -0,0 +1,22 @@
+<?php
+
+namespace App\Http;
+
+use Illuminate\Http\Request as LaravelRequest;
+
+class Request extends LaravelRequest
+{
+ /**
+ * Get the client IP address.
+ *
+ * @return string|null
+ */
+ public function ip()
+ {
+ if (($client_ip = $this->headers->get('X-Client-IP')) && $this->isFromTrustedProxy()) {
+ return $client_ip;
+ }
+
+ return parent::ip();
+ }
+}
diff --git a/src/app/Observers/SignupCodeObserver.php b/src/app/Observers/SignupCodeObserver.php
--- a/src/app/Observers/SignupCodeObserver.php
+++ b/src/app/Observers/SignupCodeObserver.php
@@ -34,6 +34,15 @@
}
}
+ $code->headers = collect(request()->headers->all())
+ ->filter(function ($value, $key) {
+ // remove some headers we don't care about
+ return !in_array($key, ['cookie', 'referer', 'x-test-payment-provider', 'origin']);
+ })
+ ->map(function ($value) {
+ return is_array($value) && count($value) == 1 ? $value[0] : $value;
+ });
+
$code->expires_at = Carbon::now()->addHours($exp_hours);
$code->ip_address = request()->ip();
diff --git a/src/app/SignupCode.php b/src/app/SignupCode.php
--- a/src/app/SignupCode.php
+++ b/src/app/SignupCode.php
@@ -72,6 +72,8 @@
'voucher'
];
+ protected $casts = ['headers' => 'array'];
+
/**
* The attributes that should be mutated to dates.
*
diff --git a/src/composer.json b/src/composer.json
--- a/src/composer.json
+++ b/src/composer.json
@@ -16,6 +16,7 @@
"require": {
"php": "^7.1.3",
"barryvdh/laravel-dompdf": "^0.8.6",
+ "doctrine/dbal": "^2.13",
"dyrynda/laravel-nullable-fields": "*",
"fideloper/proxy": "^4.0",
"kolab/net_ldap3": "dev-master",
diff --git a/src/database/migrations/2021_04_08_150000_signup_code_headers.php b/src/database/migrations/2021_04_08_150000_signup_code_headers.php
new file mode 100644
--- /dev/null
+++ b/src/database/migrations/2021_04_08_150000_signup_code_headers.php
@@ -0,0 +1,40 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\DB;
+use Illuminate\Support\Facades\Schema;
+
+// phpcs:ignore
+class SignupCodeHeaders extends Migration
+{
+ /**
+ * Run the migrations.
+ *
+ * @return void
+ */
+ public function up()
+ {
+ Schema::table(
+ 'signup_codes',
+ function (Blueprint $table) {
+ $table->text('headers')->nullable();
+ }
+ );
+ }
+
+ /**
+ * Reverse the migrations.
+ *
+ * @return void
+ */
+ public function down()
+ {
+ Schema::table(
+ 'signup_codes',
+ function (Blueprint $table) {
+ $table->dropColumn('headers');
+ }
+ );
+ }
+}

File Metadata

Mime Type
text/plain
Expires
Sat, Apr 4, 10:22 AM (14 h, 51 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
18828985
Default Alt Text
D2482.1775298141.diff (4 KB)

Event Timeline