switching to SHA256 HMAC of IPs in traffic limiter, resolves #57

This commit is contained in:
El RIDO 2015-12-22 20:58:23 +01:00
parent deda8e4783
commit 09dd79dbc7

View File

@ -79,7 +79,7 @@ class trafficlimiter extends persistence
*/ */
public static function getIp() public static function getIp()
{ {
return md5($_SERVER[self::$_ipKey]); return $_SERVER[self::$_ipKey];
} }
/** /**
@ -94,11 +94,11 @@ class trafficlimiter extends persistence
*/ */
public static function canPass() public static function canPass()
{ {
$ip = self::getIp();
// disable limits if set to less then 1 // disable limits if set to less then 1
if (self::$_limit < 1) return true; if (self::$_limit < 1) return true;
$ip = hash_hmac('sha256', self::getIp(), serversalt::get());
$file = 'traffic_limiter.php'; $file = 'traffic_limiter.php';
if (!self::_exists($file)) if (!self::_exists($file))
{ {