deblan-mirror/tinyfilemanager
deblan-mirror/tinyfilemanager
1
0
Fork 0
mirror of https://github.com/prasathmani/tinyfilemanager synced 2026-03-14 20:55:50 +01:00
Code Issues Projects Releases Wiki Activity

Merge 5b84ffb1ae into 6d1e962fc6

Browse source
This commit is contained in:
Michele Locati 2026-03-13 05:32:59 +00:00 committed by GitHub
commit b5402d0de6
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 20 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

28
tinyfilemanager.php
View file

@ -127,6 +127,14 @@ $upload_chunk_size_bytes = 2000000; // chunk size 2,000,000 bytes (~2MB)
// OR => Connection must be on the whitelist, or not on the blacklist
$ip_ruleset = 'OFF';
// List of HTTP headers that may contain the real IP address of the user
$ip_http_headers = array(
'HTTP_CF_CONNECTING_IP',
'HTTP_X_FORWARDED_FOR',
'REMOTE_ADDR',
'HTTP_CLIENT_IP',
);
// Should users be notified of their block?
$ip_silent = true;
@ -149,6 +157,8 @@ if (is_readable($config_file)) {
@include($config_file);
}
defined('FM_IP_HTTP_HEADERS') || define('FM_IP_HTTP_HEADERS', version_compare(PHP_VERSION, '7.0.0', '<') ? serialize($ip_http_headers) : $ip_http_headers);
// External CDN resources that can be used in the HTML (replace for GDPR compliance)
$external = array(
'css-bootstrap' => '<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-QWTKZyjpPEjISv5WaRU9OFeRpok6YctnYmDr5pNlyT2bRjXh0JMhjY6hW+ALEwIH" crossorigin="anonymous">',
@ -283,14 +293,16 @@ if (isset($_GET['logout'])) {
if ($ip_ruleset != 'OFF') {
function getClientIP()
{
if (array_key_exists('HTTP_CF_CONNECTING_IP', $_SERVER)) {
return $_SERVER["HTTP_CF_CONNECTING_IP"];
} else if (array_key_exists('HTTP_X_FORWARDED_FOR', $_SERVER)) {
return $_SERVER["HTTP_X_FORWARDED_FOR"];
} else if (array_key_exists('REMOTE_ADDR', $_SERVER)) {
return $_SERVER['REMOTE_ADDR'];
} else if (array_key_exists('HTTP_CLIENT_IP', $_SERVER)) {
return $_SERVER['HTTP_CLIENT_IP'];
$ip_http_headers = FM_IP_HTTP_HEADERS;
if (is_string($ip_http_headers)) {
$ip_http_headers = @unserialize($ip_http_headers);
}
if (is_array($ip_http_headers)) {
foreach ($ip_http_headers as $header) {
if (array_key_exists($header, $_SERVER)) {
return $_SERVER[$header];
}
}
}
return '';
}