switching to SHA256 HMAC of IPs in traffic limiter, resolves #57
This commit is contained in:
parent
deda8e4783
commit
09dd79dbc7
@ -79,7 +79,7 @@ class trafficlimiter extends persistence
|
||||
*/
|
||||
public static function getIp()
|
||||
{
|
||||
return md5($_SERVER[self::$_ipKey]);
|
||||
return $_SERVER[self::$_ipKey];
|
||||
}
|
||||
|
||||
/**
|
||||
@ -94,11 +94,11 @@ class trafficlimiter extends persistence
|
||||
*/
|
||||
public static function canPass()
|
||||
{
|
||||
$ip = self::getIp();
|
||||
|
||||
// disable limits if set to less then 1
|
||||
if (self::$_limit < 1) return true;
|
||||
|
||||
$ip = hash_hmac('sha256', self::getIp(), serversalt::get());
|
||||
|
||||
$file = 'traffic_limiter.php';
|
||||
if (!self::_exists($file))
|
||||
{
|
||||
|
Loading…
Reference in New Issue
Block a user