[wp-hackers] WordPress IPv6 bug
peter.westwood at ftwr.co.uk
Fri Sep 28 08:11:56 GMT 2007
On Fri, September 28, 2007 8:03 am, Kimmo Suominen wrote:
> I have a comment from 2007-03-03 with a good IP address logged:
> But on another comment from 2007-09-13 I have this:
> It appears to be the same address (my workstation), but with all
> the colons and non-digit characters removed.
> It seems this has already been reported on trac:
> #4579: IPv6 IPs
> #3987: IPv6 support
> The culprit appears to be in changeset 3990:
> I think the changes made to wp-includes/comment.php should just
> be reversed. The data in $_SERVER['REMOTE_ADDR'] is filled in by
> the web server using information from the socket structure, so it
> seems to me there is little need to further "sanitize" it.
> I've attached a patch to ticket #4579 to revert the change.
> The change in wp-includes/functions.php is fine, since Spamhaus
> does not support IPv6. It might be good to check for the case
> that $ipnum has become empty after calling preg_replace().
I think the best solution here would be to move the checks to a
sanitization function and allow plugins to override it.
We could then add IPv6 support to the santization function (or to start
with it could be provided by a plugin)
Peter Westwood <peter.westwood at ftwr.co.uk>
More information about the wp-hackers