[wikka-community] few feature idea / improvement suggestion's
Nils Lindenberg
niehle
Wed Sep 30 16:29:14 GMT 2009
Hi,
#2: adding the type to the login form should do no harm. I'll open a
ticket for it. (The login is handled by actions/usersettings.php, btw,
if you don't want to wait till the next release)
#1: is more complex, since the code used by mediawiki needs an
adoption for wikka. If you are willing to try, the best start would be
either to add the modified functions to the wikka core, i.e. libs/
Wakka.Class.php, or, to have avoid problems with upgrades, to add them
to a new file, placed in the libs directory. If you start a page on wikkawiki.org
, posting the code there maybe other people willing to help.
Greets,
Nils
Am 26.09.2009 um 13:44 schrieb morten hundevad:
> Hi all
>
> I am new to wikka, but i working with integration in to joomla
>
> 1# right now the you can see the results here: http://joomla.fanno.dk/universal-wikka/HomePage
> right now you see the host as "Your hostname is ws38.surf-town.net"
> because that i am using curl to integrate wikka in to joomla. my
> idea is to fix this by adding support for using the X-Forwarded-For
> header allowing me to send the users ip adress throw to wikka via
> the X-Forwarded-For header, however one might want to add in the
> config a list of trusted hosts so that wikka will only trust the X-
> Forwarded-For if it comes from certen ip adress (in this case it
> self) below i post the "main functions in mediawiki that allow for
> the same feature.
>
> #2 i have problem with curl login because the username in the login
> form is missing the type="text" any change this could be added ? as
> it is causing headacke for oure curl login class because using
> size="#" don't seem to cause some problems on our end.
>
>
> ------------------------------------------------------ code start
> ------------------------------------------------------
> /**
> * Extracts the XFF string from the request header
> * Checks first for "X-Forwarded-For", then "Client-ip"
> * Note: headers are spoofable
> * @return string
> */
> function wfGetForwardedFor() {
> if( function_exists( 'apache_request_headers' ) ) {
> // More reliable than $_SERVER due to case and -/_ folding
> $set = array ();
> foreach ( apache_request_headers() as $tempName =>
> $tempValue ) {
> $set[ strtoupper( $tempName ) ] = $tempValue;
> }
> $index = strtoupper ( 'X-Forwarded-For' );
> $index2 = strtoupper ( 'Client-ip' );
> } else {
> // Subject to spoofing with headers like X_Forwarded_For
> $set = $_SERVER;
> $index = 'HTTP_X_FORWARDED_FOR';
> $index2 = 'CLIENT-IP';
> }
>
> #Try a couple of headers
> if( isset( $set[$index] ) ) {
> return $set[$index];
> } else if( isset( $set[$index2] ) ) {
> return $set[$index2];
> } else {
> return null;
> }
> }
>
> /**
> * Work out the IP address based on various globals
> * For trusted proxies, use the XFF client IP (first of the chain)
> * @return string
> */
> function wfGetIP() {
> global $wgIP, $wgUsePrivateIPs;
>
> # Return cached result
> if ( !empty( $wgIP ) ) {
> return $wgIP;
> }
>
> /* collect the originating ips */
> # Client connecting to this webserver
> if ( isset( $_SERVER['REMOTE_ADDR'] ) ) {
> $ipchain = array( IP::canonicalize( $_SERVER
> ['REMOTE_ADDR'] ) );
> } else {
> # Running on CLI?
> $ipchain = array( '127.0.0.1' );
> }
> $ip = $ipchain[0];
>
> # Append XFF on to $ipchain
> $forwardedFor = wfGetForwardedFor();
> if ( isset( $forwardedFor ) ) {
> $xff = array_map( 'trim', explode( ',', $forwardedFor ) );
> $xff = array_reverse( $xff );
> $ipchain = array_merge( $ipchain, $xff );
> }
>
> # Step through XFF list and find the last address in the list
> which is a trusted server
> # Set $ip to the IP address given by that trusted server, unless
> the address is not sensible (e.g. private)
> foreach ( $ipchain as $i => $curIP ) {
> $curIP = IP::canonicalize( $curIP );
> if ( wfIsTrustedProxy( $curIP ) ) {
> if ( isset( $ipchain[$i + 1] ) ) {
> if( $wgUsePrivateIPs || IP::isPublic( $ipchain[$i +
> 1 ] ) ) {
> $ip = $ipchain[$i + 1];
> }
> }
> } else {
> break;
> }
> }
>
> wfDebug( "IP: $ip\n" );
> $wgIP = $ip;
> return $ip;
> }
>
> /**
> * Checks if an IP is a trusted proxy providor
> * Useful to tell if X-Fowarded-For data is possibly bogus
> * Squid cache servers for the site and AOL are whitelisted
> * @param string $ip
> * @return bool
> */
> function wfIsTrustedProxy( $ip ) {
> global $wgSquidServers, $wgSquidServersNoPurge;
>
> if ( in_array( $ip, $wgSquidServers ) ||
> in_array( $ip, $wgSquidServersNoPurge )
> ) {
> $trusted = true;
> } else {
> $trusted = false;
> }
> wfRunHooks( 'IsTrustedProxy', array( &$ip, &$trusted ) );
> return $trusted;
> }
> ------------------------------------------------------ code end
> ------------------------------------------------------
>
>
> -Thanks for listening/reading along
>
>
>
> _______________________________________________
> WikkaWiki Community mailing list
> community at wikkawiki.org
> http://mail.wikkawiki.org/mailman/listinfo/community_wikkawiki.org
More information about the community
mailing list