[wikka-community] few feature idea / improvement suggestion's

morten hundevad fannoj
Wed Sep 30 19:06:52 GMT 2009 

Regarding #1 i know that one is complex, but i am not going to create code
for it if you all were not interested in having it in wikka at all.. would
waste both mine and your time =), and ya i know the mediawiki functions
would not work out of the box =), but if you want I can give it a try !

I would properly create a function somewhere caled EG: GetIp, that function
would then return the ip address for logging or anything. return value saved
in a static so that the function only need to run "once".

Morten

2009/9/30 Nils Lindenberg <niehle at gmail.com>

> Hi,
>
> #2: adding the type to the login form  should do no harm. I'll open a
> ticket for it. (The login is handled by actions/usersettings.php, btw, if
> you don't want to wait till the next release)
>
> #1: is more complex, since the code used by mediawiki needs an adoption for
> wikka. If you are willing to try, the best start would be either to add the
> modified functions to the wikka core, i.e. libs/Wakka.Class.php, or, to have
> avoid problems with upgrades, to add them to a new file, placed in the libs
> directory. If you start a page on wikkawiki.org, posting the code there
> maybe other people willing to help.
>
> Greets,
> Nils
>
>
> Am 26.09.2009 um 13:44 schrieb morten hundevad:
>
>  Hi all
>>
>> I am new to wikka, but i working with integration in to joomla
>>
>> 1# right now the you can see the results here:
>> http://joomla.fanno.dk/universal-wikka/HomePage right now you see the
>> host as "Your hostname is ws38.surf-town.net" because that i am using
>> curl to integrate wikka in to joomla. my idea is to fix this by adding
>> support for using the X-Forwarded-For header allowing me to send the users
>> ip adress throw to wikka via the X-Forwarded-For header, however one might
>> want to add in the config a list of trusted hosts so that wikka will only
>> trust the X-Forwarded-For if it comes from certen ip adress (in this case it
>> self) below i post the "main functions in mediawiki that allow for the same
>> feature.
>>
>> #2 i have problem with curl login because the username in the login form
>> is missing the type="text" any change this could be added ? as it is causing
>> headacke for oure curl login class because using size="#" don't seem to
>> cause some problems on our end.
>>
>>
>> ------------------------------------------------------ code start
>> ------------------------------------------------------
>> /**
>>  * Extracts the XFF string from the request header
>>  * Checks first for "X-Forwarded-For", then "Client-ip"
>>  * Note: headers are spoofable
>>  * @return string
>>  */
>> function wfGetForwardedFor() {
>>    if( function_exists( 'apache_request_headers' ) ) {
>>        // More reliable than $_SERVER due to case and -/_ folding
>>        $set = array ();
>>        foreach ( apache_request_headers() as $tempName => $tempValue ) {
>>            $set[ strtoupper( $tempName ) ] = $tempValue;
>>        }
>>        $index = strtoupper ( 'X-Forwarded-For' );
>>        $index2 = strtoupper ( 'Client-ip' );
>>    } else {
>>        // Subject to spoofing with headers like X_Forwarded_For
>>        $set = $_SERVER;
>>        $index = 'HTTP_X_FORWARDED_FOR';
>>        $index2 = 'CLIENT-IP';
>>    }
>>
>>    #Try a couple of headers
>>    if( isset( $set[$index] ) ) {
>>        return $set[$index];
>>    } else if( isset( $set[$index2] ) ) {
>>        return $set[$index2];
>>    } else {
>>        return null;
>>    }
>> }
>>
>> /**
>>  * Work out the IP address based on various globals
>>  * For trusted proxies, use the XFF client IP (first of the chain)
>>  * @return string
>>  */
>> function wfGetIP() {
>>    global $wgIP, $wgUsePrivateIPs;
>>
>>    # Return cached result
>>    if ( !empty( $wgIP ) ) {
>>        return $wgIP;
>>    }
>>
>>    /* collect the originating ips */
>>    # Client connecting to this webserver
>>    if ( isset( $_SERVER['REMOTE_ADDR'] ) ) {
>>        $ipchain = array( IP::canonicalize( $_SERVER['REMOTE_ADDR'] ) );
>>    } else {
>>        # Running on CLI?
>>        $ipchain = array( '127.0.0.1' );
>>    }
>>    $ip = $ipchain[0];
>>
>>    # Append XFF on to $ipchain
>>    $forwardedFor = wfGetForwardedFor();
>>    if ( isset( $forwardedFor ) ) {
>>        $xff = array_map( 'trim', explode( ',', $forwardedFor ) );
>>        $xff = array_reverse( $xff );
>>        $ipchain = array_merge( $ipchain, $xff );
>>    }
>>
>>    # Step through XFF list and find the last address in the list which is
>> a trusted server
>>    # Set $ip to the IP address given by that trusted server, unless the
>> address is not sensible (e.g. private)
>>    foreach ( $ipchain as $i => $curIP ) {
>>        $curIP = IP::canonicalize( $curIP );
>>        if ( wfIsTrustedProxy( $curIP ) ) {
>>            if ( isset( $ipchain[$i + 1] ) ) {
>>                if( $wgUsePrivateIPs || IP::isPublic( $ipchain[$i + 1 ] ) )
>> {
>>                    $ip = $ipchain[$i + 1];
>>                }
>>            }
>>        } else {
>>            break;
>>        }
>>    }
>>
>>    wfDebug( "IP: $ip\n" );
>>    $wgIP = $ip;
>>    return $ip;
>> }
>>
>> /**
>>  * Checks if an IP is a trusted proxy providor
>>  * Useful to tell if X-Fowarded-For data is possibly bogus
>>  * Squid cache servers for the site and AOL are whitelisted
>>  * @param string $ip
>>  * @return bool
>>  */
>> function wfIsTrustedProxy( $ip ) {
>>    global $wgSquidServers, $wgSquidServersNoPurge;
>>
>>    if ( in_array( $ip, $wgSquidServers ) ||
>>        in_array( $ip, $wgSquidServersNoPurge )
>>    ) {
>>        $trusted = true;
>>    } else {
>>        $trusted = false;
>>    }
>>    wfRunHooks( 'IsTrustedProxy', array( &$ip, &$trusted ) );
>>    return $trusted;
>> }
>> ------------------------------------------------------ code end
>> ------------------------------------------------------
>>
>>
>> -Thanks for listening/reading along
>>
>>
>>
>> _______________________________________________
>> WikkaWiki Community mailing list
>> community at wikkawiki.org
>> http://mail.wikkawiki.org/mailman/listinfo/community_wikkawiki.org
>>
>
>
> _______________________________________________
> WikkaWiki Community mailing list
> community at wikkawiki.org
> http://mail.wikkawiki.org/mailman/listinfo/community_wikkawiki.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.wikkawiki.org/pipermail/community_wikkawiki.org/attachments/20090930/6f024882/attachment.html>

More information about the community mailing list