From e76421d8190c87d81d42df45d662eeb7a5f7fd18 Mon Sep 17 00:00:00 2001
From: x2003bruneau <x2003bruneau@839d8a87-29fc-0310-9880-83ba4fa771e5>
Date: Mon, 29 Jan 2007 19:26:17 +0000
Subject: [PATCH] Track proxies

git-svn-id: svn+ssh://murphy/home/svn/platal/trunk@1429 839d8a87-29fc-0310-9880-83ba4fa771e5
---
 classes/corelogger.php           | 17 ++++++++++++++---
 include/xorg.misc.inc.php        | 15 +++++++++++++--
 modules/admin.php                |  4 ++--
 templates/admin/logger-view.tpl  | 11 +++++++++++
 upgrade/0.9.13/05_ip_watcher.sql |  4 ----
 upgrade/0.9.13/07_logger.sql     | 10 ++++++++++
 6 files changed, 50 insertions(+), 11 deletions(-)
 create mode 100644 upgrade/0.9.13/07_logger.sql

diff --git a/classes/corelogger.php b/classes/corelogger.php
index 96c53c6..5797236 100644
--- a/classes/corelogger.php
+++ b/classes/corelogger.php
@@ -52,14 +52,25 @@ class CoreLogger {
      * @param $suid the id of the administrator who has just su'd to the user
      * @return session the session id
      */
-    function writeSession($uid, $suid = null) {
+    function writeSession($uid, $suid = null)
+    {
         $ip      = $_SERVER['REMOTE_ADDR'];
         $host    = strtolower(gethostbyaddr($_SERVER['REMOTE_ADDR']));
         $browser = (isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '');
 
+        @list($forward_ip,) = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']);
+        $forward_host = $forward_ip;
+        if ($forward_host) {
+            $forward_host = strtolower(gethostbyaddr($forward_host));
+        }
+        $proxy = '';
+        if ($forward_ip || @$_SERVER['HTTP_VIA']) {
+            $proxy = 'proxy';
+        }
+
         XDB::execute("INSERT INTO logger.sessions
-                     SET uid={?}, host={?}, ip={?}, browser={?}, suid={?}",
-                     $uid, $host, $ip, $browser, $suid);
+                     SET uid={?}, host={?}, ip={?}, forward_ip={?}, forward_host={?}, browser={?}, suid={?}, flags={?}",
+                     $uid, $host, $ip, $forward_ip, $forward_host, $browser, $suid, $proxy);
 
         return XDB::insertId();
     }
diff --git a/include/xorg.misc.inc.php b/include/xorg.misc.inc.php
index 895be55..1dad772 100644
--- a/include/xorg.misc.inc.php
+++ b/include/xorg.misc.inc.php
@@ -114,10 +114,21 @@ function make_forlife($prenom,$nom,$promo) {
 function check_ip($level)
 {
     if (empty($_SERVER['REMOTE_ADDR'])) {
-        return 0;
+        return false;
     }
     if (empty($_SESSION['check_ip'])) {
-        $res = XDB::query('SELECT state FROM ip_watch WHERE ip = {?}', $_SERVER['REMOTE_ADDR']);
+        $ips = array();
+        if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
+            $ips = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']);
+        }
+        $ips[] = $_SERVER['REMOTE_ADDR'];
+        foreach ($ips as &$ip) {
+            $ip = "ip='$ip'";
+        }
+        $res = XDB::query('SELECT state
+                             FROM ip_watch
+                            WHERE ' . implode(' OR ', $ips) . '
+                         ORDER BY state DESC');
         if ($res->numRows()) {
             $_SESSION['check_ip'] = $res->fetchOneCell();
         } else {
diff --git a/modules/admin.php b/modules/admin.php
index 56ae5df..09fe710 100644
--- a/modules/admin.php
+++ b/modules/admin.php
@@ -964,9 +964,9 @@ class AdminModule extends PLModule
         $page->assign('action', $action);
 
         if ($action == 'list') {
-            $sql = "SELECT  w.ip, s.host, w.detection, w.state, a.alias AS forlife
+            $sql = "SELECT  w.ip, IF(w.ip = s.ip, s.host, s.forward_host), w.detection, w.state, a.alias AS forlife
                       FROM  ip_watch        AS w
-                 LEFT JOIN  logger.sessions AS s USING(ip)
+                 LEFT JOIN  logger.sessions AS s ON (s.ip = w.ip OR s.forward_ip = w.ip)
                  LEFT JOIN  aliases         AS a ON (a.id = s.uid AND a.type = 'a_vie')
                   GROUP BY  w.ip, a.alias
                   ORDER BY  w.state, w.ip, a.alias";
diff --git a/templates/admin/logger-view.tpl b/templates/admin/logger-view.tpl
index 04824b6..1a64925 100644
--- a/templates/admin/logger-view.tpl
+++ b/templates/admin/logger-view.tpl
@@ -33,10 +33,21 @@
   <td>{$session.username} {if $session.suer}(suid by {$session.suer}){/if}
   [<a href="{$platal->ns}admin/logger/user/{$session.username}">user's log</a>]</td>
 </tr>
+{if $session.forward_ip}
 <tr class="pair">
   <td class="titre">Hôte</td>
+  <td><em>{$session.forward_host}</em> <tt>IP: {$session.forward_ip}</tt></td>
+</tr>
+<tr class="pair">
+  <td class="titre">Proxy</td>
   <td><em>{$session.host}</em> <tt>IP: {$session.ip}</tt></td>
 </tr>
+{else}
+<tr class="pair">
+  <td class="titre">{if $session.flags}Proxy{else}Hôte{/if}</td>
+  <td><em>{$session.host}</em> <tt>IP: {$session.ip}</tt></td>
+</tr>
+{/if}
 <tr class="impair">
   <td class="titre">Navigateur</td>
   <td>{$session.browser}</td>
diff --git a/upgrade/0.9.13/05_ip_watcher.sql b/upgrade/0.9.13/05_ip_watcher.sql
index d8ad573..a354488 100644
--- a/upgrade/0.9.13/05_ip_watcher.sql
+++ b/upgrade/0.9.13/05_ip_watcher.sql
@@ -7,9 +7,5 @@ CREATE TABLE `ip_watch` (
     `description` TEXT NOT NULL,
     PRIMARY KEY(`ip`)
 );
-use logger;
-alter table sessions add key(ip);
-insert into actions (text, description) values ('view_page', 'Consultation d\'une page');
-use x4dat;
 
 # vim:set syntax=mysql:
diff --git a/upgrade/0.9.13/07_logger.sql b/upgrade/0.9.13/07_logger.sql
new file mode 100644
index 0000000..7ea86b0
--- /dev/null
+++ b/upgrade/0.9.13/07_logger.sql
@@ -0,0 +1,10 @@
+use logger;
+alter table sessions add column forward_ip varchar(64) default NULL;
+alter table sessions add column forward_host varchar(128) default NULL;
+alter table sessions add column set('proxy') NOT NULL default '';
+alter table sessions add key(forward_ip);
+alter table sessions add key(ip);
+insert into actions (text, description) values ('view_page', 'Consultation d\'une page');
+use x4dat;
+
+# vim:set syntax=mysql:
-- 
2.1.4