Skip to content

Commit

Permalink
PLGVIR4-50: Hardening of getIpForwarded method (#45)
Browse files Browse the repository at this point in the history
  • Loading branch information
@Miguel-MultiSafepay
Miguel-MultiSafepay authored Sep 6, 2023
1 parent 4bdd724 commit 1949d92
Showing 1 changed file with 8 additions and 3 deletions.
11 changes: 8 additions & 3 deletions plg_vmpayment_multisafepay/multisafepay/library/multisafepay.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -779,11 +779,16 @@ private function getReferrer(): string
*/
private function getIpForwarded(): string
{
$ip_forwarded = '';
if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$ip_forwarded = filter_var($_SERVER['HTTP_X_FORWARDED_FOR'], FILTER_VALIDATE_IP);
$ips = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']);
foreach ($ips as $ip) {
$filtered_ip = filter_var(trim($ip), FILTER_VALIDATE_IP);
if ($filtered_ip !== false) {
return $filtered_ip;
}
}
}
return $ip_forwarded;
return '';
}

/**
Expand Down

0 comments on commit 1949d92

Please sign in to comment.