Easy-digital-downloads: Possible for edd_get_ip() to return a CSV of IP addresses

Created on 1 Jun 2016  路  4Comments  路  Source: easydigitaldownloads/easy-digital-downloads

edd_get_ip() can use the $_SERVER['HTTP_X_FORWARDED_FOR'] value as the IP address. This can cause problems because $_SERVER['HTTP_X_FORWARDED_FOR'] allows returning a comma-separated value, not just a single IP.

This causes problems with payment gateways that verify the IP addresses, like PayPal, which threw this error message: "Invalid IP: The IP Address provided is invalid."

I'll submit a patch in a few minutes that fixes the problem.

component-orders type-bug
Source
picture zackkatz

All 4 comments

@zackkatz Thanks for the catch!

We'll get this reviewed and included in a release soon after 2.6.

pippinsplugins picture pippinsplugins on 1 Jun 2016
👍1

Works fine for me 馃憤

sunnyratilal picture sunnyratilal on 1 Jul 2016

Due to the format of $_SERVER['HTTP_X_FORWARDED_FOR'], we should wrap the $ip_array[0] in a trim function so it reads trim( $ip_array[0] ) just to avoid any whitespace

sunnyratilal picture sunnyratilal on 1 Jul 2016

Let's also get some unit tests in for this with various (good and bad) formats.

pippinsplugins picture pippinsplugins on 1 Jul 2016
👍1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

davidsherlock picture davidsherlock  路  4Comments
nabeghe picture nabeghe  路  5Comments
DrewAPicture picture DrewAPicture  路  5Comments
julien731 picture julien731  路  5Comments
SDavisMedia picture SDavisMedia  路  3Comments