kopia lustrzana https://github.com/to3k/twittodon
by tymoteuszjozwiak with small edit
fix: prevent IP address from being taken from input #4pull/4/head
rodzic
377e315fde
commit
e387d7d770
28
contact.php
28
contact.php
|
@ -23,6 +23,19 @@
|
|||
{
|
||||
if($_POST['consent'] == "agree")
|
||||
{
|
||||
if($_SERVER['HTTP_CLIENT_IP'])
|
||||
{
|
||||
$ip = $_SERVER['HTTP_CLIENT_IP'];
|
||||
}
|
||||
elseif($_SERVER['HTTP_X_FORWARDED_FOR'])
|
||||
{
|
||||
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
|
||||
}
|
||||
else
|
||||
{
|
||||
$ip = $_SERVER['REMOTE_ADDR'];
|
||||
}
|
||||
|
||||
$message = "<html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"en\" lang=\"en\">
|
||||
<head>
|
||||
<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />
|
||||
|
@ -30,7 +43,7 @@
|
|||
<body>
|
||||
<b>Submitter's address:</b> ".$email."<br>
|
||||
<b>Submitter's name:</b> ".addslashes(strip_tags($_POST['form_name']))."<br>
|
||||
<b>IP:</b> ".addslashes(strip_tags($ip))."<br>
|
||||
<b>IP:</b> ".$ip."<br>
|
||||
<b>Message:</b><br>
|
||||
".addslashes(strip_tags($_POST['form_message']))."
|
||||
</body>
|
||||
|
@ -54,19 +67,6 @@
|
|||
else { $alert = 4; }
|
||||
}
|
||||
|
||||
if($_SERVER['HTTP_CLIENT_IP'])
|
||||
{
|
||||
$ip = $_SERVER['HTTP_CLIENT_IP'];
|
||||
}
|
||||
elseif($_SERVER['HTTP_X_FORWARDED_FOR'])
|
||||
{
|
||||
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
|
||||
}
|
||||
else
|
||||
{
|
||||
$ip = $_SERVER['REMOTE_ADDR'];
|
||||
}
|
||||
|
||||
mysqli_close($mysqli);
|
||||
|
||||
//Change language
|
||||
|
|
Ładowanie…
Reference in New Issue