public static function getNonProxyIpFromHeader($default, $proxyHeaders)
{
$proxyIps = array();
$config = Config::getInstance()->General;
if (isset($config['proxy_ips'])) {
$proxyIps = $config['proxy_ips'];
}
if (!is_array($proxyIps)) {
$proxyIps = array();
}
$proxyIps[] = $default;
// examine proxy headers
foreach ($proxyHeaders as $proxyHeader) {
if (!empty($_SERVER[$proxyHeader])) {
// this may be buggy if someone has proxy IPs and proxy host headers configured as
// `$_SERVER[$proxyHeader]` could be eg $_SERVER['HTTP_X_FORWARDED_HOST'] and
// include an actual host name, not an IP
$proxyIp = self::getFirstIpFromList($_SERVER[$proxyHeader], $proxyIps);
if (strlen($proxyIp) && stripos($proxyIp, 'unknown') === false) {
return $proxyIp;
}
}
}
return $default;
}
/** * Returns the current host. * * @param string $default Default value to return if host unknown * @param bool $checkTrustedHost Whether to do trusted host check. Should ALWAYS be true, * except in Controller. * @return string eg, `"example.org"` if the current URL is * `"http://example.org/dir1/dir2/index.php?param1=value1¶m2=value2"` * @api */ public static function getCurrentHost($default = 'unknown', $checkTrustedHost = true) { $hostHeaders = array(); $config = Config::getInstance()->General; if (isset($config['proxy_host_headers'])) { $hostHeaders = $config['proxy_host_headers']; } if (!is_array($hostHeaders)) { $hostHeaders = array(); } $host = self::getHost($checkTrustedHost); $default = Common::sanitizeInputValue($host ? $host : $default); return IP::getNonProxyIpFromHeader($default, $hostHeaders); }