* @deprecated since 1.18
*
* @param string $key key of the message
- * @param array $options processing rules. Can take the following options:
- * <i>parse</i>: parses wikitext to HTML
- * <i>parseinline</i>: parses wikitext to HTML and removes the surrounding
+ * @param array $options processing rules.
+ * Can take the following options:
+ * parse: parses wikitext to HTML
+ * parseinline: parses wikitext to HTML and removes the surrounding
* p's added by parser or tidy
- * <i>escape</i>: filters message through htmlspecialchars
- * <i>escapenoentities</i>: same, but allows entity references like   through
- * <i>replaceafter</i>: parameters are substituted after parsing or escaping
- * <i>parsemag</i>: transform the message using magic phrases
- * <i>content</i>: fetch message for content language instead of interface
- * Also can accept a single associative argument, of the form 'language' => 'xx':
- * <i>language</i>: Language object or language code to fetch message for
- * (overridden by <i>content</i>).
+ * escape: filters message through htmlspecialchars
+ * escapenoentities: same, but allows entity references like   through
+ * replaceafter: parameters are substituted after parsing or escaping
+ * parsemag: transform the message using magic phrases
+ * content: fetch message for content language instead of interface
+ * Also can accept a single associative argument, of the form 'language' => 'xx':
+ * language: Language object or language code to fetch message for
+ * (overridden by content).
* Behavior for conflicting options (e.g., parse+parseinline) is undefined.
*
* @return String
* with releases
*
* Note: Due to the behavior of PHP's version_compare() which is used in this
- * fuction, if you want to allow the 'wmf' development versions add a 'c' (or
+ * function, if you want to allow the 'wmf' development versions add a 'c' (or
* any single letter other than 'a', 'b' or 'p') as a post-fix to your
* targeted version number. For example if you wanted to allow any variation
* of 1.22 use `wfUseMW( '1.22c' )`. Using an 'a' or 'b' instead of 'c' will
wfRunHooks( 'CanIPUseHTTPS', array( $ip, &$canDo ) );
return !!$canDo;
}
+
+/**
+ * Work out the IP address based on various globals
+ * For trusted proxies, use the XFF client IP (first of the chain)
+ *
+ * @deprecated in 1.19; call $wgRequest->getIP() directly.
+ * @return string
+ */
+function wfGetIP() {
+ wfDeprecated( __METHOD__, '1.19' );
+ global $wgRequest;
+ return $wgRequest->getIP();
+}
+
+/**
+ * Checks if an IP is a trusted proxy provider.
+ * Useful to tell if X-Forwarded-For data is possibly bogus.
+ * Squid cache servers for the site are whitelisted.
+ *
+ * @param $ip String
+ * @return bool
+ */
+function wfIsTrustedProxy( $ip ) {
+ $trusted = wfIsConfiguredProxy( $ip );
+ wfRunHooks( 'IsTrustedProxy', array( &$ip, &$trusted ) );
+ return $trusted;
+}
+
+/**
+ * Checks if an IP matches a proxy we've configured.
+ * @param $ip String
+ * @return bool
+ * @since 1.23 Supports CIDR ranges in $wgSquidServersNoPurge
+ */
+function wfIsConfiguredProxy( $ip ) {
+ global $wgSquidServers, $wgSquidServersNoPurge;
+
+ // quick check of known proxy servers
+ $trusted = in_array( $ip, $wgSquidServers )
+ || in_array( $ip, $wgSquidServersNoPurge );
+
+ if ( !$trusted ) {
+ // slightly slower check to see if the ip is listed directly or in a CIDR
+ // block in $wgSquidServersNoPurge
+ foreach ( $wgSquidServersNoPurge as $block ) {
+ if ( strpos( $block, '/' ) !== false && IP::isInRange( $ip, $block ) ) {
+ $trusted = true;
+ break;
+ }
+ }
+ }
+ return $trusted;
+}