aboutsummaryrefslogtreecommitdiff
path: root/engine/lib/system_log.php
diff options
context:
space:
mode:
Diffstat (limited to 'engine/lib/system_log.php')
-rw-r--r--engine/lib/system_log.php22
1 files changed, 17 insertions, 5 deletions
diff --git a/engine/lib/system_log.php b/engine/lib/system_log.php
index 53fa24557..84302632e 100644
--- a/engine/lib/system_log.php
+++ b/engine/lib/system_log.php
@@ -10,6 +10,8 @@
/**
* Retrieve the system log based on a number of parameters.
*
+ * @todo too many args, and the first arg is too confusing
+ *
* @param int|array $by_user The guid(s) of the user(s) who initiated the event.
* Use 0 for unowned entries. Anything else falsey means anyone.
* @param string $event The event you are searching on.
@@ -22,12 +24,12 @@
* @param int $timebefore Lower time limit
* @param int $timeafter Upper time limit
* @param int $object_id GUID of an object
- * @param str $ip_address The IP address.
+ * @param string $ip_address The IP address.
* @return mixed
*/
-function get_system_log($by_user = "", $event = "", $class = "", $type = "", $subtype = "",
-$limit = 10, $offset = 0, $count = false, $timebefore = 0, $timeafter = 0, $object_id = 0,
-$ip_address = false) {
+function get_system_log($by_user = "", $event = "", $class = "", $type = "", $subtype = "", $limit = 10,
+ $offset = 0, $count = false, $timebefore = 0, $timeafter = 0, $object_id = 0,
+ $ip_address = "") {
global $CONFIG;
@@ -166,6 +168,7 @@ function system_log($object, $event) {
if ($object instanceof Loggable) {
+ /* @var ElggEntity|ElggExtender $object */
if (datalist_get('version') < 2012012000) {
// this is a site that doesn't have the ip_address column yet
return;
@@ -184,7 +187,16 @@ function system_log($object, $event) {
$object_subtype = $object->getSubtype();
$event = sanitise_string($event);
$time = time();
- $ip_address = sanitise_string($_SERVER['REMOTE_ADDR']);
+
+ if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
+ $ip_address = array_pop(explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']));
+ } elseif (!empty($_SERVER['HTTP_X_REAL_IP'])) {
+ $ip_address = array_pop(explode(',', $_SERVER['HTTP_X_REAL_IP']));
+ } else {
+ $ip_address = $_SERVER['REMOTE_ADDR'];
+ }
+ $ip_address = sanitise_string($ip_address);
+
$performed_by = elgg_get_logged_in_user_guid();
if (isset($object->access_id)) {