From 6640bdf0d8be3d7b9a9be473f855c9c99ff061aa Mon Sep 17 00:00:00 2001 From: Aaron Schulz Date: Sun, 15 Dec 2013 18:07:04 -0800 Subject: [PATCH] Removed deprecated functions and merged ProxyTools into GlobalFunctions Kept wfGetIP() for now because it is still in use in the SecurePoll extension and in WMF configuration. Change-Id: Id412e37743f89bb67eb329a2f475f8496cf7b006 --- includes/GlobalFunctions.php | 53 +++++++++++++++++++ includes/ProxyTools.php | 100 ----------------------------------- includes/Setup.php | 1 - includes/utils/IP.php | 2 - 4 files changed, 53 insertions(+), 103 deletions(-) delete mode 100644 includes/ProxyTools.php diff --git a/includes/GlobalFunctions.php b/includes/GlobalFunctions.php index 5a1ef6cedb..b2a8f5e55c 100644 --- a/includes/GlobalFunctions.php +++ b/includes/GlobalFunctions.php @@ -4160,3 +4160,56 @@ function wfCanIPUseHTTPS( $ip ) { wfRunHooks( 'CanIPUseHTTPS', array( $ip, &$canDo ) ); return !!$canDo; } + +/** + * Work out the IP address based on various globals + * For trusted proxies, use the XFF client IP (first of the chain) + * + * @deprecated in 1.19; call $wgRequest->getIP() directly. + * @return string + */ +function wfGetIP() { + wfDeprecated( __METHOD__, '1.19' ); + global $wgRequest; + return $wgRequest->getIP(); +} + +/** + * Checks if an IP is a trusted proxy provider. + * Useful to tell if X-Forwarded-For data is possibly bogus. + * Squid cache servers for the site are whitelisted. + * + * @param $ip String + * @return bool + */ +function wfIsTrustedProxy( $ip ) { + $trusted = wfIsConfiguredProxy( $ip ); + wfRunHooks( 'IsTrustedProxy', array( &$ip, &$trusted ) ); + return $trusted; +} + +/** + * Checks if an IP matches a proxy we've configured. + * @param $ip String + * @return bool + * @since 1.23 Supports CIDR ranges in $wgSquidServersNoPurge + */ +function wfIsConfiguredProxy( $ip ) { + global $wgSquidServers, $wgSquidServersNoPurge; + + // quick check of known proxy servers + $trusted = in_array( $ip, $wgSquidServers ) + || in_array( $ip, $wgSquidServersNoPurge ); + + if ( !$trusted ) { + // slightly slower check to see if the ip is listed directly or in a CIDR + // block in $wgSquidServersNoPurge + foreach ( $wgSquidServersNoPurge as $block ) { + if ( strpos( $block, '/' ) !== false && IP::isInRange( $ip, $block ) ) { + $trusted = true; + break; + } + } + } + return $trusted; +} diff --git a/includes/ProxyTools.php b/includes/ProxyTools.php deleted file mode 100644 index a0f9e5f6dd..0000000000 --- a/includes/ProxyTools.php +++ /dev/null @@ -1,100 +0,0 @@ -getHeader( 'X-Forwarded-For' ) instead. - * @return string - */ -function wfGetForwardedFor() { - wfDeprecated( __METHOD__, '1.19' ); - global $wgRequest; - return $wgRequest->getHeader( 'X-Forwarded-For' ); -} - -/** - * Returns the browser/OS data from the request header - * Note: headers are spoofable - * - * @deprecated in 1.18; use $wgRequest->getHeader( 'User-Agent' ) instead. - * @return string - */ -function wfGetAgent() { - wfDeprecated( __METHOD__, '1.18' ); - global $wgRequest; - return $wgRequest->getHeader( 'User-Agent' ); -} - -/** - * Work out the IP address based on various globals - * For trusted proxies, use the XFF client IP (first of the chain) - * - * @deprecated in 1.19; call $wgRequest->getIP() directly. - * @return string - */ -function wfGetIP() { - wfDeprecated( __METHOD__, '1.19' ); - global $wgRequest; - return $wgRequest->getIP(); -} - -/** - * Checks if an IP is a trusted proxy provider. - * Useful to tell if X-Forwarded-For data is possibly bogus. - * Squid cache servers for the site are whitelisted. - * - * @param $ip String - * @return bool - */ -function wfIsTrustedProxy( $ip ) { - $trusted = wfIsConfiguredProxy( $ip ); - wfRunHooks( 'IsTrustedProxy', array( &$ip, &$trusted ) ); - return $trusted; -} - -/** - * Checks if an IP matches a proxy we've configured. - * @param $ip String - * @return bool - * @since 1.23 Supports CIDR ranges in $wgSquidServersNoPurge - */ -function wfIsConfiguredProxy( $ip ) { - global $wgSquidServers, $wgSquidServersNoPurge; - - // quick check of known proxy servers - $trusted = in_array( $ip, $wgSquidServers ) - || in_array( $ip, $wgSquidServersNoPurge ); - - if ( !$trusted ) { - // slightly slower check to see if the ip is listed directly or in a CIDR - // block in $wgSquidServersNoPurge - foreach ( $wgSquidServersNoPurge as $block ) { - if ( strpos( $block, '/' ) !== false && IP::isInRange( $ip, $block ) ) { - $trusted = true; - break; - } - } - } - return $trusted; -} diff --git a/includes/Setup.php b/includes/Setup.php index f75ee2983f..3a02615283 100644 --- a/includes/Setup.php +++ b/includes/Setup.php @@ -419,7 +419,6 @@ wfProfileOut( $fname . '-exception' ); wfProfileIn( $fname . '-includes' ); require_once "$IP/includes/normal/UtfNormalUtil.php"; require_once "$IP/includes/GlobalFunctions.php"; -require_once "$IP/includes/ProxyTools.php"; require_once "$IP/includes/normal/UtfNormalDefines.php"; wfProfileOut( $fname . '-includes' ); diff --git a/includes/utils/IP.php b/includes/utils/IP.php index 002dcd9272..2686e1133c 100644 --- a/includes/utils/IP.php +++ b/includes/utils/IP.php @@ -367,7 +367,6 @@ class IP { /** * Determine if an IP address really is an IP address, and if it is public, * i.e. not RFC 1918 or similar - * Comes from ProxyTools.php * * @param $ip String * @return Boolean @@ -482,7 +481,6 @@ class IP { /** * Given an IP address in dotted-quad/octet notation, returns an unsigned integer. * Like ip2long() except that it actually works and has a consistent error return value. - * Comes from ProxyTools.php * * @param string $ip quad dotted IP address. * @return Mixed: string/int/false -- 2.20.1