From 165afb004b68d0429c6e65e296a4508308929f26 Mon Sep 17 00:00:00 2001
From: Lukas Reschke <lukas@owncloud.com>
Date: Tue, 24 Feb 2015 11:49:40 +0100
Subject: [PATCH] Use getRemoteAddress which supports reverse proxies

Breaking change for 8.1 wiki (Security > Administrators):

The log format for failed logins has changed and uses now the remote address and is considering reverse proxies for such scenarios when configured correctly.
---
 apps/files_sharing/ajax/publicpreview.php | 2 +-
 lib/private/user/manager.php              | 5 +----
 2 files changed, 2 insertions(+), 5 deletions(-)

diff --git a/apps/files_sharing/ajax/publicpreview.php b/apps/files_sharing/ajax/publicpreview.php
index ffb6f8d314..1b61c08c2a 100644
--- a/apps/files_sharing/ajax/publicpreview.php
+++ b/apps/files_sharing/ajax/publicpreview.php
@@ -68,7 +68,7 @@ if($linkedItem['item_type'] === 'folder') {
 	$isValid = \OC\Files\Filesystem::isValidPath($file);
 	if(!$isValid) {
 		\OC_Response::setStatus(\OC_Response::STATUS_BAD_REQUEST);
-		\OC_Log::write('core-preview', 'Passed filename is not valid, might be malicious (file:"' . $file . '";ip:"' . $_SERVER['REMOTE_ADDR'] . '")', \OC_Log::WARN);
+		\OC_Log::write('core-preview', 'Passed filename is not valid, might be malicious (file:"' . $file . '";ip:"' . \OC::$server->getRequest()->getRemoteAddress() . '")', \OC_Log::WARN);
 		exit;
 	}
 	$sharedFile = \OC\Files\Filesystem::normalizePath($file);
diff --git a/lib/private/user/manager.php b/lib/private/user/manager.php
index 33858dfd9d..c965b22edb 100644
--- a/lib/private/user/manager.php
+++ b/lib/private/user/manager.php
@@ -181,10 +181,7 @@ class Manager extends PublicEmitter implements IUserManager {
 			}
 		}
 
-		$remoteAddr = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '';
-		$forwardedFor = isset($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : '';
-
-		\OC::$server->getLogger()->warning('Login failed: \''. $loginname .'\' (Remote IP: \''. $remoteAddr .'\', X-Forwarded-For: \''. $forwardedFor .'\')', array('app' => 'core'));
+		\OC::$server->getLogger()->warning('Login failed: \''. $loginname .'\' (Remote IP: \''. \OC::$server->getRequest()->getRemoteAddress(). ')', ['app' => 'core']);
 		return false;
 	}
 
-- 
GitLab