$this->ip = htmlspecialchars_decode($request->server('REMOTE_ADDR'));
Honestly, that's what happen when you don't know what you're doing. Cloudflare makes it easy to put a WAF, IP reputation filter and CDN in front of your web site but it isn't fairy dust either: you still have to understand a bit how to set it up.RMcGirr83 wrote:but I agree with Robert, cloudflare has caused problems on many forums. Namely with caching (admin makes a change expecting to see an immediate effect and it doesn't change for a while due to cloudflare).
I wasn't suggesting you were the one failing tho understand how to set it up, really. I was merely commenting on the fact that, if you do, you need to understand what you're doing.RMcGirr83 wrote:Let's be clear, it isn't me setting it up. It is admins for the forum setting it up and then asking for modification support as to why the coloring, or whatever, isn't changing.
Code: Select all
$this->ip = htmlspecialchars_decode($request->server('REMOTE_ADDR'));
Code: Select all
$this->ip = ((!empty($request->server('HTTP_CF_CONNECTING_IP')))
? htmlspecialchars_decode($request->server('HTTP_CF_CONNECTING_IP')) : '')
: ((!empty($request->server('REMOTE_ADDR'))) ? htmlspecialchars_decode($request->server('REMOTE_ADDR')) : '');
Code: Select all
$this->ip = !empty($request->server('HTTP_CF_CONNECTING_IP'))
? htmlspecialchars_decode($request->server('HTTP_CF_CONNECTING_IP')) : htmlspecialchars_decode($request->server('REMOTE_ADDR'));
You can't prevent people from doing stupid things. Best is to see it as a educational.the problem is that for many users they simply read that they will get some benefit for using cloudfare and just go turn it on in their hosting control panel.
I doubt this, really. If it's professional hosting, they do know what they are doing. If it's amateur hosting, well, then, again, that's the way people learn.many hosts may be turning it on by default without knowing what they are doing or how to set it up properly .( like they do with mod_security sometimes ).
you must not have dealt with many hosting companies.I doubt this, really. If it's professional hosting, they do know what they are doing.
Code: Select all
$this->ip = (!empty($_SERVER['REMOTE_ADDR'])) ? (string) $_SERVER['REMOTE_ADDR'] : '';
Code: Select all
$this->ip = (!empty($_SERVER['REMOTE_ADDR'])) ? htmlspecialchars((string) $_SERVER['REMOTE_ADDR']) : '';
Code: Select all
$this->ip = (!empty($_SERVER['HTTP_CF_CONNECTING_IP'])) ? htmlspecialchars((string) $_SERVER['HTTP_CF_CONNECTING_IP']) : '';