Skip to content

Commit

Permalink
remove HTTP_X_FORWARDED_FOR in ip check
Browse files Browse the repository at this point in the history
  • Loading branch information
@cornernote
cornernote authored Apr 19, 2018
1 parent 1ef5d94 commit dcfb9e1
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion email/components/EmailAccessFilter.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,8 @@ protected function preFilter($filterChain)
/** @var EmailModule $email */
$email = $app->getModule('email');
$user = $app->getUser();
$ip = isset($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : Yii::app()->request->userHostAddress;
//$ip = isset($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : Yii::app()->request->userHostAddress;
$ip = Yii::app()->request->userHostAddress;
if (!$this->allowUser($email, $user) || !$this->allowIp($email, $ip)) {
throw new CHttpException(403, 'You are not allowed to access this page.');
}
Expand Down

0 comments on commit dcfb9e1

Please sign in to comment.