chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fixed web services for use through proxies

Browse Source
skala
Yannick Warnier 13 years ago
parent 48e852ce6f
commit 19a342efb0
4 changed files with 30 additions and 4 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 9
      main/webservices/cm_webservice.php
  2. 9
      main/webservices/registration.soap.php
  3. 7
      main/webservices/testip.php
  4. 9
      main/webservices/webservice.php

9
main/webservices/cm_webservice.php
Unescape View File

@ -108,7 +108,14 @@ class WSCM {
* @return mixed WSError in case of failure, null in case of success
*/
protected function verifyKey($secret_key) {
$security_key = $_SERVER['REMOTE_ADDR'].$this->_configuration['security_key'];
$ip = trim($_SERVER['REMOTE_ADDR']);
// if we are behind a reverse proxy, assume it will send the
// HTTP_X_FORWARDED_FOR header and use this IP instead
if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
list($ip1,$ip2) = split(',',$_SERVER['HTTP_X_FORWARDED_FOR']);
$ip = trim($ip1);
}
$security_key = $ip.$this->_configuration['security_key'];
if(!api_is_valid_secret_key($secret_key, $security_key)) {
return new WSCMError(1, "API key is invalid");

9
main/webservices/registration.soap.php
Unescape View File

@ -21,7 +21,14 @@ function WSHelperVerifyKey($params) {
} else {
$secret_key = $params;
}
$security_key = $_SERVER['REMOTE_ADDR'].$_configuration['security_key'];
$ip = trim($_SERVER['REMOTE_ADDR']);
// if we are behind a reverse proxy, assume it will send the
// HTTP_X_FORWARDED_FOR header and use this IP instead
if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
list($ip1,$ip2) = split(',',$_SERVER['HTTP_X_FORWARDED_FOR']);
$ip = trim($ip1);
}
$security_key = $ip.$_configuration['security_key'];
$result = api_is_valid_secret_key($secret_key, $security_key);
if ($debug) error_log('WSHelperVerifyKey result '.$result);

7
main/webservices/testip.php
Unescape View File

@ -3,4 +3,9 @@
/**
* @package chamilo.webservices
*/
echo htmlentities($_SERVER['REMOTE_ADDR']);
$ip = trim($_SERVER['REMOTE_ADDR']);
if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
list($ip1,$ip2) = split(',',$_SERVER['HTTP_X_FORWARDED_FOR']);
$ip = trim($ip1);
}
echo htmlentities($ip);

9
main/webservices/webservice.php
Unescape View File

@ -108,7 +108,14 @@ class WS {
* @return mixed WSError in case of failure, null in case of success
*/
protected function verifyKey($secret_key) {
$security_key = $_SERVER['REMOTE_ADDR'].$this->_configuration['security_key'];
$ip = trim($_SERVER['REMOTE_ADDR']);
// if we are behind a reverse proxy, assume it will send the
// HTTP_X_FORWARDED_FOR header and use this IP instead
if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
list($ip1,$ip2) = split(',',$_SERVER['HTTP_X_FORWARDED_FOR']);
$ip = trim($ip1);
}
$security_key = $ip.$this->_configuration['security_key'];
if(!api_is_valid_secret_key($secret_key, $security_key)) {
return new WSError(1, "API key is invalid");

Write Preview
Loading…
Cancel
Save