recaptime.dev / phorge
@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.) hq.recaptime.dev/wiki/Phorge
phorge phabricator
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Added a setup check for empty REMOTE_ADDR

Summary: Fixes T8850. Previously, if a user's preamble script mangled `$_SERVER['REMOTE_ADDR']` or somehow set it to `null`, the user would get errors when performing certain actions. Now those errors shouldn't occur, and instead the user will be warned that there is a setup issue related to their preamble script.

Test Plan: Create a preamble script that contains `$_SERVER['REMOTE_ADDR'] = null;` then navigate to /config/issue/. There should be a warning there about `REMOTE_ADDR` not being available.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin, yelirekim, epriestley

Maniphest Tasks: T8850

Differential Revision: https://secure.phabricator.com/D16450

Josh Cox a88dc2af d135b3f2

+28 -1
+27
src/applications/config/check/PhabricatorPHPConfigSetupCheck.php
··· 197 197 ->setMessage($message); 198 198 } 199 199 } 200 + 201 + if (empty($_SERVER['REMOTE_ADDR'])) { 202 + $doc_href = PhabricatorEnv::getDocLink('Configuring a Preamble Script'); 203 + 204 + $summary = pht( 205 + 'You likely need to fix your preamble script so '. 206 + 'REMOTE_ADDR is no longer empty.'); 207 + 208 + $message = pht( 209 + 'No REMOTE_ADDR is available, so Phabricator cannot determine the '. 210 + 'origin address for requests. This will prevent Phabricator from '. 211 + 'performing important security checks. This most often means you '. 212 + 'have a mistake in your preamble script. Consult the documentation '. 213 + '(%s) and double-check that the script is written correctly.', 214 + phutil_tag( 215 + 'a', 216 + array( 217 + 'href' => $doc_href, 218 + 'target' => '_blank', 219 + ), 220 + pht('Configuring a Preamble Script'))); 221 + 222 + $this->newIssue('php.remote_addr') 223 + ->setName(pht('No REMOTE_ADDR available')) 224 + ->setSummary($summary) 225 + ->setMessage($message); 226 + } 200 227 } 201 228 }
+1 -1
src/applications/people/storage/PhabricatorUserLog.php
··· 108 108 $log->setUserPHID((string)$object_phid); 109 109 $log->setAction($action); 110 110 111 - $log->remoteAddr = idx($_SERVER, 'REMOTE_ADDR', ''); 111 + $log->remoteAddr = (string)idx($_SERVER, 'REMOTE_ADDR', ''); 112 112 113 113 return $log; 114 114 }