From: Tim Düsterhus Date: Wed, 14 Oct 2020 12:18:53 +0000 (+0200) Subject: Stop accessing the ->ipAddress property of the session X-Git-Tag: 5.4.0_Alpha_1~724^2~10^2~11 X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=39c7ff4f768a0d411abd5e43dd31c8b4e77012b2;p=GitHub%2FWoltLab%2FWCF.git Stop accessing the ->ipAddress property of the session Use UserUtil::getIpAddress() instead. --- diff --git a/wcfsetup/install/files/lib/form/RegisterForm.class.php b/wcfsetup/install/files/lib/form/RegisterForm.class.php index 6509b57724..1bffc5af22 100644 --- a/wcfsetup/install/files/lib/form/RegisterForm.class.php +++ b/wcfsetup/install/files/lib/form/RegisterForm.class.php @@ -447,7 +447,7 @@ class RegisterForm extends UserAddForm { $registerVia3rdParty = $eventParameters['registerVia3rdParty']; $this->additionalFields['languageID'] = $this->languageID; - if (LOG_IP_ADDRESS) $this->additionalFields['registrationIpAddress'] = WCF::getSession()->ipAddress; + if (LOG_IP_ADDRESS) $this->additionalFields['registrationIpAddress'] = UserUtil::getIpAddress(); // generate activation code $addDefaultGroups = true; diff --git a/wcfsetup/install/files/lib/system/WCF.class.php b/wcfsetup/install/files/lib/system/WCF.class.php index db9326cd60..3ec0af5d03 100644 --- a/wcfsetup/install/files/lib/system/WCF.class.php +++ b/wcfsetup/install/files/lib/system/WCF.class.php @@ -487,7 +487,7 @@ class WCF { $isAjax = isset($_SERVER['HTTP_X_REQUESTED_WITH']) && ($_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest'); if (defined('BLACKLIST_IP_ADDRESSES') && BLACKLIST_IP_ADDRESSES != '') { - if (!StringUtil::executeWordFilter(UserUtil::convertIPv6To4(self::getSession()->ipAddress), BLACKLIST_IP_ADDRESSES)) { + if (!StringUtil::executeWordFilter(UserUtil::convertIPv6To4(UserUtil::getIpAddress()), BLACKLIST_IP_ADDRESSES)) { if ($isAjax) { throw new AJAXException(self::getLanguage()->getDynamicVariable('wcf.ajax.error.permissionDenied'), AJAXException::INSUFFICIENT_PERMISSIONS); } @@ -495,7 +495,7 @@ class WCF { throw new PermissionDeniedException(); } } - else if (!StringUtil::executeWordFilter(self::getSession()->ipAddress, BLACKLIST_IP_ADDRESSES)) { + else if (!StringUtil::executeWordFilter(UserUtil::getIpAddress(), BLACKLIST_IP_ADDRESSES)) { if ($isAjax) { throw new AJAXException(self::getLanguage()->getDynamicVariable('wcf.ajax.error.permissionDenied'), AJAXException::INSUFFICIENT_PERMISSIONS); } @@ -515,7 +515,7 @@ class WCF { } } if (defined('BLACKLIST_HOSTNAMES') && BLACKLIST_HOSTNAMES != '') { - if (!StringUtil::executeWordFilter(@gethostbyaddr(self::getSession()->ipAddress), BLACKLIST_HOSTNAMES)) { + if (!StringUtil::executeWordFilter(@gethostbyaddr(UserUtil::getIpAddress()), BLACKLIST_HOSTNAMES)) { if ($isAjax) { throw new AJAXException(self::getLanguage()->getDynamicVariable('wcf.ajax.error.permissionDenied'), AJAXException::INSUFFICIENT_PERMISSIONS); } diff --git a/wcfsetup/install/files/lib/system/event/listener/SessionAccessLogListener.class.php b/wcfsetup/install/files/lib/system/event/listener/SessionAccessLogListener.class.php index 775b1c5fd5..2135cae446 100644 --- a/wcfsetup/install/files/lib/system/event/listener/SessionAccessLogListener.class.php +++ b/wcfsetup/install/files/lib/system/event/listener/SessionAccessLogListener.class.php @@ -43,7 +43,7 @@ class SessionAccessLogListener implements IParameterizedEventListener { 'sessionID' => WCF::getSession()->sessionID, 'userID' => WCF::getUser()->userID, 'ipAddress' => UserUtil::getIpAddress(), - 'hostname' => @gethostbyaddr(WCF::getSession()->ipAddress), + 'hostname' => @gethostbyaddr(UserUtil::getIpAddress()), 'userAgent' => WCF::getSession()->userAgent, 'time' => TIME_NOW, 'lastActivityTime' => TIME_NOW