HTTP Reverse Proxy, can't ipban.

[FunHotel]

Hi, I am using an HTTP Reverse Proxy for my hotel.

I can't IP ban anyone because everyone has the same IP.
I assume I need to update ip_current, but to do so I need something that finds their real IP and that runs the query when they enter the client.

Like this:

if (!empty($_SERVER['HTTP_CLIENT_IP'])) {    $ip = $_SERVER['HTTP_CLIENT_IP'];} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {    $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];} else {    $ip = $_SERVER['REMOTE_ADDR'];}

And this maybe?

UPDATE users SET ip_current = ? WHERE username = ?;

But where should I put them? And the codes is not finished, right?

 

[timpegel]

I can help. Send me ur skype in PB.

 

[FunHotel]

I can help. Send me ur skype in PB.

Don't you think you can share a solution here? For everyone to take advantage off?
Also, I am using RevCMS, shock 2.2

 

[x9751]

What emulator are you using?

 

[FunHotel]

What emulator are you using?

I am using Arcturus.

 

[x9751]

I assume you are using 1.3? That is the only one with proxy support. The first code box you have RevCMS should already do by default. The second part is a query that you have to run when a user enters the client. I'll update with some code if you need it, I'll need to find a Rev, it's been a while since I looked at it.

 

[FunHotel]

I assume you are using 1.3? That is the only one with proxy support. The first code box you have RevCMS should already do by default. The second part is a query that you have to run when a user enters the client. I'll update with some code if you need it, I'll need to find a Rev, it's been a while since I looked at it.

Yes please update me with some code.

 

[x9751]

Can you link me to the thread where you go your version of RevCMS from? I only need to know if you are using a version with PDO or MySQL

 

[FunHotel]

Can you link me to the thread where you go your version of RevCMS from? I only need to know if you are using a version with PDO or MySQL

I think it is this one, someone sent it to me trough skype.

You must be registered to see links

 

[x9751]

Going based on those source files and assuming that you have made no other changes.

Opening up /app/class.core.php on line 90 is this line of code

$users->updateUser($_SESSION['user']['id'], 'ip_last', $_SERVER['HTTP_CF_CONNECTING_IP']);

If you are also using CloudFlare then most of this is fine. The only part you need to change is ip_last you need to change that to ip_current

However if you are NOT using CloudFlare you need to also change $_SERVER['HTTP_CF_CONNECTING_IP'] to $_SERVER['REMOTE_ADDR']

This is me trying to be more complete.

 

[FunHotel]

Going based on those source files and assuming that you have made no other changes.

Opening up /app/class.core.php on line 90 is this line of code

$users->updateUser($_SESSION['user']['id'], 'ip_last', $_SERVER['HTTP_CF_CONNECTING_IP']);

If you are also using CloudFlare then most of this is fine. The only part you need to change is ip_last you need to change that to ip_current

However if you are NOT using CloudFlare you need to also change $_SERVER['HTTP_CF_CONNECTING_IP'] to $_SERVER['REMOTE_ADDR']

This is me trying to be more complete.

Great answer, but the query? How do I add that? Is is just to add or do I have to do something with the class.core?

 

[x9751]

The $users->updateUser should run the query for you. ip_last is the column in the `users` table that it was updating and you are chaning that to ip_current because that emulator is different.

 

[FunHotel]

I tried $users->updateUser($_SESSION['user']['id'], 'ip_current', $_SERVER['REMOTE_ADDR']);


it was not working, I couldn't login using that. I also tried ip_register. It didnt help.

 

[x9751]

When you check the database the field ip_current doesn't change?

 

[FunHotel]

When you check the database the field ip_current doesn't change?

I think not, but I can't even login using that code.
So it shouldn't even know what what users ip_current to change?

 

[x9751]

Have you made any other changes to the source files? RevCMS was made for Phoenix Emulator, not Arcturus, so there are some differences in the database structure. You'll need to have a PHP programmer change the query's inside the CMS to match Arcturus Emulators structure.

 

[FunHotel]

But this RevCMS is adjusted for Arcturus.

I just need know what to put where.

 

[timpegel]

Line 69 class.core

[B]if($_SESSION['user']['ip_current'] != $_SERVER['REMOTE_ADDR'])[/B]                {                    header('Location: '.$_CONFIG['hotel']['url'].'/logout');                }                                switch($k)                {                    case "index":                    case null:                        header('Location: '.$_CONFIG['hotel']['url'].'/me');                    exit;                    break;                                        case "register":                    header('Location: '.$_CONFIG['hotel']['url'].'/me');                    exit;                    break;                                        case "forgot":                        header('Location: '.$_CONFIG['hotel']['url'].'/me');                        exit;                    break;                                        case "client":                        [B]$users->updateUser($_SESSION['user']['id'], 'ip_current', $_SERVER['REMOTE_ADDR']);                        $template->setParams('sso', $users->createSSO($_SESSION['user']['id']));[/B]                    break;

Check that lines, if it is different, replace all of that lines with those. Based on posts before I made it REMOTE_addr. If u're using CF, make sure you edit the $_server If still bugging, post yours right here and I'll have a look.

 

[Zoxq]

The ip_current is being, updated when the player loads the client. Which means you either have to edit the ipban command and add another field to players or even just create another table/use the table already created (player_access).
You can also just make it so the emulator doesn't update the IP when it loads and just use the CMS's IP updating system.

 

[FunHotel]

I heard that I need to run a query everytime someone enters the client.