getClientIP example

'link' => '',
      'uid' => 0,
      'request_uri' => '',
      'referer' => '',
      'ip' => '',
      'timestamp' => time(),
    ];
    // Some context values are only available when in a request context.     if ($this->requestStack && $request = $this->requestStack->getCurrentRequest()) {
      $context['request_uri'] = $request->getUri();
      $context['referer'] = $request->headers->get('Referer', '');
      $context['ip'] = $request->getClientIP() ?: '';

      if ($this->currentUser) {
        $context['uid'] = $this->currentUser->id();
      }
    }

    if (is_string($level)) {
      // Convert to integer equivalent for consistency with RFC 5424.       $level = $this->levelTranslation[$level];
    }
    // Call all available loggers.
        if ($this->ipAddress === null) {
            return $this->ipAddress = '0.0.0.0';
        }

        // @TODO Extract all this IP address logic to another class.         foreach ($proxyIPs as $proxyIP => $header) {
            // Check if we have an IP address or a subnet             if (strpos($proxyIP, '/') === false) {
                // An IP address (and not a subnet) is specified.                 // We can compare right away.                 if ($proxyIP === $this->ipAddress) {
                    $spoof = $this->getClientIP($header);

                    if ($spoof !== null) {
                        $this->ipAddress = $spoof;
                        break;
                    }
                }

                continue;
            }

            // We have a subnet ... now the heavy lifting begins
/** * {@inheritdoc} */
  #[\ReturnTypeWillChange]   public function write(#[\SensitiveParameter] $sid, $value) {     // The exception handler is not active at this point, so we need to do it     // manually.     try {
      $request = $this->requestStack->getCurrentRequest();
      $fields = [
        'uid' => $request->getSession()->get('uid', 0),
        'hostname' => $request->getClientIP(),
        'session' => $value,
        'timestamp' => REQUEST_TIME,
      ];
      $this->connection->merge('sessions')
        ->keys(['sid' => Crypt::hashBase64($sid)])
        ->fields($fields)
        ->execute();
      return TRUE;
    }
    catch (\Exception $exception) {
      require_once DRUPAL_ROOT . '/core/includes/errors.inc';
      
/** @var \Drupal\user\UserInterface $user */
    $user = $this->userStorage->load($uid);
    if ($redirect = $this->determineErrorRedirect($user$timestamp$hash)) {
      return $redirect;
    }

    $flood_config = $this->config('user.flood');
    if ($flood_config->get('uid_only')) {
      $identifier = $user->id();
    }
    else {
      $identifier = $user->id() . '-' . $request->getClientIP();
    }

    $this->flood->clear('user.failed_login_user', $identifier);
    $this->flood->clear('user.http_login', $identifier);

    user_login_finalize($user);
    $this->logger->info('User %name used one-time login link at time %timestamp.', ['%name' => $user->getDisplayName(), '%timestamp' => $timestamp]);
    $this->messenger()->addStatus($this->t('You have just used your one-time login link. It is no longer necessary to use this link to log in. Please set your password.'));
    // Let the user's password be changed without the current password     // check.     $token = Crypt::randomBytesBase64(55);
    
return $form;
  }

  /** * {@inheritdoc} */
  public function validateForm(array &$form, FormStateInterface $form_state) {
    $ip = trim($form_state->getValue('ip'));
    if ($this->ipManager->isBanned($ip)) {
      $form_state->setErrorByName('ip', $this->t('This IP address is already banned.'));
    }
    elseif ($ip == $this->getRequest()->getClientIP()) {
      $form_state->setErrorByName('ip', $this->t('You may not ban your own IP address.'));
    }
    elseif (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_RES_RANGE) == FALSE) {
      $form_state->setErrorByName('ip', $this->t('Enter a valid IP address.'));
    }
  }

  /** * {@inheritdoc} */
  public function submitForm(array &$form, FormStateInterface $form_state) {
    
$account = reset($accounts);
      if ($account) {
        if ($flood_config->get('uid_only')) {
          // Register flood events based on the uid only, so they apply for any           // IP address. This is the most secure option.           $identifier = $account->id();
        }
        else {
          // The default identifier is a combination of uid and IP address. This           // is less secure but more resistant to denial-of-service attacks that           // could lock out all users with public user names.           $identifier = $account->id() . '-' . $request->getClientIP();
        }
        // Don't allow login if the limit for this user has been reached.         // Default is to allow 5 failed attempts every 6 hours.         if ($this->flood->isAllowed('basic_auth.failed_login_user', $flood_config->get('user_limit')$flood_config->get('user_window')$identifier)) {
          $uid = $this->userAuth->authenticate($username$password);
          if ($uid) {
            $this->flood->clear('basic_auth.failed_login_user', $identifier);
            return $this->entityTypeManager->getStorage('user')->load($uid);
          }
          else {
            // Register a per-user failed login event.
$account = reset($accounts);
      if ($account) {
        if ($flood_config->get('uid_only')) {
          // Register flood events based on the uid only, so they apply for any           // IP address. This is the most secure option.           $identifier = $account->id();
        }
        else {
          // The default identifier is a combination of uid and IP address. This           // is less secure but more resistant to denial-of-service attacks that           // could lock out all users with public user names.           $identifier = $account->id() . '-' . $this->getRequest()->getClientIP();
        }
        $form_state->set('flood_control_user_identifier', $identifier);

        // Don't allow login if the limit for this user has been reached.         // Default is to allow 5 failed attempts every 6 hours.         if (!$this->userFloodControl->isAllowed('user.failed_login_user', $flood_config->get('user_limit')$flood_config->get('user_window')$identifier)) {
          $form_state->set('flood_control_triggered', 'user');
          return;
        }
      }
      // We are not limited by flood control, so try to authenticate.
return \Drupal::currentUser()->hasPermission('skip comment approval') ? CommentInterface::PUBLISHED : CommentInterface::NOT_PUBLISHED;
  }

  /** * Returns the default value for entity hostname base field. * * @return string * The client host name. */
  public static function getDefaultHostname() {
    if (\Drupal::config('comment.settings')->get('log_ip_addresses')) {
      return \Drupal::request()->getClientIP();
    }
    return '';
  }

}
Home | Imprint | This part of the site doesn't use cookies.