Snitz Forums 2000
Snitz Forums 2000
Home | Profile | Register | Active Topics | Members | Search | FAQ
Username:
Password:
Save Password
Forgot your Password?

 All Forums
 Snitz Forums 2000 DEV-Group
 DEV Bug Reports (Closed)
 Problem with Proxy IPs in inc_func_common.asp
 Forum Locked  Topic Locked
 Printer Friendly
Next Page
Author Previous Topic Topic Next Topic
Page: of 2

Shaggy
Support Moderator

Ireland
6780 Posts

Posted - 06 October 2006 :  06:54:17  Show Profile
Ocassionally, if someone is not going through a proxy, the HTTP_X_FORWARDED_FOR will return "unknown" with the IP address which will throw an error in the UpdateLastHereDate function in inc_func_common.asp. Also, if they are going through multiple proxies, multiple IPs may be returned in a comma or semi-colon delimited list which will throw an error too. To fix this, see here.

<edit>Similar changes will also need to be made in post_info.asp at lines 807 and 991, just doing them up now to post in the above topic.</edit>

<edit>Oopsie, meant to post this in the General Dev forum.</edit>

<

Search is your friend
“I was having a mildly paranoid day, mostly due to the
fact that the mad priest lady from over the river had
taken to nailing weasels to my front door again.”

Edited by - AnonJr on 17 March 2009 19:00:19

HuwR
Forum Admin

United Kingdom
20497 Posts

Posted - 06 October 2006 :  07:51:26  Show Profile  Visit HuwR's Homepage
quote:
<edit>Oopsie, meant to post this in the General Dev forum.</edit>
why? if it's a problem then it is a BUG <
Go to Top of Page

HuwR
Forum Admin

United Kingdom
20497 Posts

Posted - 06 October 2006 :  08:09:20  Show Profile  Visit HuwR's Homepage
technically speaking HTTP_X_FORWARDED_FOR should never contain the word unknown, if it does the likelihood is that the user is trying to spoof their identity and should be disallowed from registering. however it will not cause the problem you were addressing since it is shorter than an IP address, the problem of multiple IP addresses does however need addressing since that is what was causing the reported error.<
Go to Top of Page

Shaggy
Support Moderator

Ireland
6780 Posts

Posted - 06 October 2006 :  08:17:46  Show Profile
quote:
Originally posted by HuwR
technically speaking HTTP_X_FORWARDED_FOR should never contain the word unknown, if it does the likelihood is that the user is trying to spoof their identity and should be disallowed from registering.
Which is why I didn't want to post it in the bug forum yet
quote:
however it will not cause the problem you were addressing since it is shorter than an IP address
If you look at the post above the fix in that topic, you'll see that one person was reporting that HTTP_X_FORWARDED_FOR returned "unknown, 123.456.789.012" and the person who reported the problem originally said the error was occurring with a legitimate user.

Actually, there may be a couple of other files that need, changing; I'll have a look after lunch.

<

Search is your friend
“I was having a mildly paranoid day, mostly due to the
fact that the mad priest lady from over the river had
taken to nailing weasels to my front door again.”
Go to Top of Page

HuwR
Forum Admin

United Kingdom
20497 Posts

Posted - 06 October 2006 :  08:39:27  Show Profile  Visit HuwR's Homepage
yes, but the error is because of the multiple IP's not because of unknown, and I still maintain that unknown means they are trying to spoof their identity, many "legitimate" users try to do this, and NO legitimate proxy will put unknown in the variable.<
Go to Top of Page

Shaggy
Support Moderator

Ireland
6780 Posts

Posted - 06 October 2006 :  08:44:50  Show Profile
Ah, OK, gotcha So, what I need to do then is drop the check for the "unknown" and just grab the first address if there're multiple ones and then prevent them from registering if that first address is "unknown"?

<

Search is your friend
“I was having a mildly paranoid day, mostly due to the
fact that the mad priest lady from over the river had
taken to nailing weasels to my front door again.”
Go to Top of Page

HuwR
Forum Admin

United Kingdom
20497 Posts

Posted - 06 October 2006 :  08:47:44  Show Profile  Visit HuwR's Homepage
well, we need to think about which adress to grab :) since I don't know nor can I foind out how it is supposed to add them to the variable, so have no idea whether it would be the first IP or the last IP that is the correct one to pick <
Go to Top of Page

HuwR
Forum Admin

United Kingdom
20497 Posts

Posted - 06 October 2006 :  08:48:46  Show Profile  Visit HuwR's Homepage
maybe we should just increase the size of the field so that it can log multiple adresses and keep them all, that would tell us more about the person trying to register than just keeping one of them<
Go to Top of Page

HuwR
Forum Admin

United Kingdom
20497 Posts

Posted - 06 October 2006 :  08:50:10  Show Profile  Visit HuwR's Homepage
on another IP issue, I have noticed some where the IP takes the form 012.034.056.123 these are almost certainly spoofed as well since I have never seen a valid IP that started with leading 0's<
Go to Top of Page

Shaggy
Support Moderator

Ireland
6780 Posts

Posted - 06 October 2006 :  10:01:35  Show Profile
quote:
Originally posted by HuwR
since I don't know nor can I foind out how it is supposed to add them to the variable, so have no idea whether it would be the first IP or the last IP that is the correct one to pick
According to this the first one is the one we need; each proxy adds its address on to the end of the string.

<

Search is your friend
“I was having a mildly paranoid day, mostly due to the
fact that the mad priest lady from over the river had
taken to nailing weasels to my front door again.”
Go to Top of Page

Davio
Development Team Member

Jamaica
12212 Posts

Posted - 03 December 2006 :  22:02:29  Show Profile
Shaggy, in your suggested fix in the link you posted, why are you checking for the semi-colon ; character? Only see someone posted an example with a comma between the ip's.<

Support Snitz Forums
Go to Top of Page

Shaggy
Support Moderator

Ireland
6780 Posts

Posted - 04 December 2006 :  04:42:11  Show Profile
When I was reading up on it, I discovered that some proxies will separate multiple IPs with commas while others use semi-colon so included a check for both.

<

Search is your friend
“I was having a mildly paranoid day, mostly due to the
fact that the mad priest lady from over the river had
taken to nailing weasels to my front door again.”
Go to Top of Page

Doc Orac
Starting Member

Netherlands
28 Posts

Posted - 13 January 2007 :  16:43:13  Show Profile
I got this error also (running 3.4.06). While analysing the problem, I noticed that R_IP, T_IP, M_LAST_IP in MEMBERS_PENDING, A_TOPICS and A_REPLY are type text/varchar and all have a length of 15. With IPv6 (see also RFC4291) coming, i.m.o, this must also be changed (to length 47?). Or am I missing something?<

Have A Nice Day!
Doc Orac (Remco Beekmans) @ Rotterdam (NL)
Go to Top of Page

HuwR
Forum Admin

United Kingdom
20497 Posts

Posted - 13 January 2007 :  17:56:11  Show Profile  Visit HuwR's Homepage
I thought they were set to 50 anyway<
Go to Top of Page

Doc Orac
Starting Member

Netherlands
28 Posts

Posted - 14 January 2007 :  03:29:17  Show Profile
Nope, if that was the case, the Proxy-problem/bug wouldn't appear that often. Maybe in v4 Beta?<

Have A Nice Day!
Doc Orac (Remco Beekmans) @ Rotterdam (NL)
Go to Top of Page

HuwR
Forum Admin

United Kingdom
20497 Posts

Posted - 14 January 2007 :  05:04:21  Show Profile  Visit HuwR's Homepage
They obviously got set to 50 here at some point, so yes I would agre it needs changing in the forum setup scripts<
Go to Top of Page
Page: of 2 Previous Topic Topic Next Topic  
Next Page
 Forum Locked  Topic Locked
 Printer Friendly
Jump To:
Snitz Forums 2000 © 2000-2019 Snitz™ Communications Go To Top Of Page
This page was generated in 0.08 seconds. Powered By: Snitz Forums 2000 Version 3.4.07