Use IP address helper method consistently

diff --git a/CRM/Api4/Page/AJAX.php b/CRM/Api4/Page/AJAX.php
index 638d547624f07cb43f011bf05e6ffa6f68b841ed..3b57e2bc2d1d4e00d13b44e07fd65fe5e6fbd184 100644 (file)
--- a/CRM/Api4/Page/AJAX.php
+++ b/CRM/Api4/Page/AJAX.php
@@ -29,7 +29,7 @@ class CRM_Api4_Page_AJAX extends CRM_Core_Page {
       ];
       Civi::log()->debug("SECURITY ALERT: Ajax requests can only be issued by javascript clients, eg. CRM.api4().",
         [
-          'IP' => $_SERVER['REMOTE_ADDR'],
+          'IP' => CRM_Utils_System::ipAddress(),
           'level' => 'security',
           'referer' => $_SERVER['HTTP_REFERER'],
           'reason' => 'CSRF suspected',
@@ -48,7 +48,7 @@ class CRM_Api4_Page_AJAX extends CRM_Core_Page {
       ];
       Civi::log()->debug("SECURITY: All requests that modify the database must be http POST, not GET.",
         [
-          'IP' => $_SERVER['REMOTE_ADDR'],
+          'IP' => CRM_Utils_System::ipAddress(),
           'level' => 'security',
           'referer' => $_SERVER['HTTP_REFERER'],
           'reason' => 'Destructive HTTP GET',

diff --git a/CRM/Core/IDS.php b/CRM/Core/IDS.php
index fb8a01974a9e2ecf9a617d70d05b69f0c447cd3e..ebdcda430cbbd9dc77b75463d469503f0dd71d0b 100644 (file)
--- a/CRM/Core/IDS.php
+++ b/CRM/Core/IDS.php
@@ -233,7 +233,7 @@ class CRM_Core_IDS {
    */
   private function log($result, $reaction = 0) {
     // Include X_FORWARD_FOR ip address if set as per IDS patten.
-    $ip = $_SERVER['REMOTE_ADDR'] . (isset($_SERVER['HTTP_X_FORWARDED_FOR']) ? ' (' . $_SERVER['HTTP_X_FORWARDED_FOR'] . ')' : '');
+    $ip = CRM_Utils_System::ipAddress() . (isset($_SERVER['HTTP_X_FORWARDED_FOR']) ? ' (' . $_SERVER['HTTP_X_FORWARDED_FOR'] . ')' : '');
 
     $data = [];
     $session = CRM_Core_Session::singleton();
@@ -285,7 +285,7 @@ class CRM_Core_IDS {
       $error = civicrm_api3_create_error(
         $msg,
         [
-          'IP' => $_SERVER['REMOTE_ADDR'],
+          'IP' => CRM_Utils_System::ipAddress(),
           'error_code' => 'IDS_KICK',
           'level' => 'security',
           'referer' => $_SERVER['HTTP_REFERER'],

diff --git a/CRM/Core/Page/AJAX/Attachment.php b/CRM/Core/Page/AJAX/Attachment.php
index ec4ebd4fbfb36103f1f7a2bb46020a87b9ee910e..15c3fb610e8b1f436ba329ae861fc3c7ea28a44e 100644 (file)
--- a/CRM/Core/Page/AJAX/Attachment.php
+++ b/CRM/Core/Page/AJAX/Attachment.php
@@ -54,7 +54,7 @@ class CRM_Core_Page_AJAX_Attachment {
         require_once 'api/v3/utils.php';
         $results[$key] = civicrm_api3_create_error("SECURITY ALERT: Attaching files via AJAX requires a recent, valid token.",
           [
-            'IP' => $server['REMOTE_ADDR'],
+            'IP' => CRM_Utils_System::ipAddress(),
             'level' => 'security',
             'referer' => $server['HTTP_REFERER'],
             'reason' => 'CSRF suspected',

diff --git a/CRM/Utils/REST.php b/CRM/Utils/REST.php
index 0a4e9aa4fa433786c4bfe5552abfba45ddd93230..9a2f7ee25ea66cbf467ef3f6a82a01e9def0e324 100644 (file)
--- a/CRM/Utils/REST.php
+++ b/CRM/Utils/REST.php
@@ -277,7 +277,7 @@ class CRM_Utils_REST {
       require_once 'api/v3/utils.php';
       return civicrm_api3_create_error("SECURITY: All requests that modify the database must be http POST, not GET.",
         [
-          'IP' => $_SERVER['REMOTE_ADDR'],
+          'IP' => CRM_Utils_System::ipAddress(),
           'level' => 'security',
           'referer' => $_SERVER['HTTP_REFERER'],
           'reason' => 'Destructive HTTP GET',
@@ -430,7 +430,7 @@ class CRM_Utils_REST {
     if (!$config->debug && !self::isWebServiceRequest()) {
       $error = civicrm_api3_create_error("SECURITY ALERT: Ajax requests can only be issued by javascript clients, eg. CRM.api3().",
         [
-          'IP' => $_SERVER['REMOTE_ADDR'],
+          'IP' => CRM_Utils_System::ipAddress(),
           'level' => 'security',
           'referer' => $_SERVER['HTTP_REFERER'],
           'reason' => 'CSRF suspected',
@@ -492,7 +492,7 @@ class CRM_Utils_REST {
       require_once 'api/v3/utils.php';
       $error = civicrm_api3_create_error("SECURITY ALERT: Ajax requests can only be issued by javascript clients, eg. CRM.api3().",
         [
-          'IP' => $_SERVER['REMOTE_ADDR'],
+          'IP' => CRM_Utils_System::ipAddress(),
           'level' => 'security',
           'referer' => $_SERVER['HTTP_REFERER'],
           'reason' => 'CSRF suspected',

diff --git a/CRM/Utils/System.php b/CRM/Utils/System.php
index 345db10a479a1fe026e5cdfed8445043c8fed8af..9ce478fe6f1440e887448c9cf2cc5494deffcafd 100644 (file)
--- a/CRM/Utils/System.php
+++ b/CRM/Utils/System.php
@@ -1272,7 +1272,7 @@ class CRM_Utils_System {
   }
 
   /**
-   * Get logged in user's IP address.
+   * Get the client's IP address.
    *
    * Get IP address from HTTP REMOTE_ADDR header. If the CMS is Drupal then use
    * the Drupal function as this also handles reverse proxies (based on proper

diff --git a/ext/recaptcha/CRM/Utils/ReCAPTCHA.php b/ext/recaptcha/CRM/Utils/ReCAPTCHA.php
index e4283cb4d813d4a947154efd27c0899074450ec2..4381a6092cc6fd1bc2a919b5ab2c8adc89f91535 100644 (file)
--- a/ext/recaptcha/CRM/Utils/ReCAPTCHA.php
+++ b/ext/recaptcha/CRM/Utils/ReCAPTCHA.php
@@ -215,7 +215,7 @@ class CRM_Utils_ReCAPTCHA {
     require_once E::path('lib/recaptcha/recaptchalib.php');
 
     $resp = recaptcha_check_answer(CRM_Core_Config::singleton()->recaptchaPrivateKey,
-      $_SERVER['REMOTE_ADDR'],
+      CRM_Utils_System::ipAddress(),
       $response
     );
     return $resp->is_valid;