Merge pull request dsoares#12 from tokred/master

dsoares · web-flow · commit e9e484c76bba · 2016-07-21T15:29:03.000+01:00
Update de_DE localization.
diff --git a/config.inc.php.dist b/config.inc.php.dist
@@ -38,3 +38,6 @@ $rcmail_config['recaptcha_log'] = false;
 $rcmail_config['recaptcha_log_success'] = 'Verification succeeded for %u. [%r]';
 $rcmail_config['recaptcha_log_failure'] = 'Error: Verification failed for %u. [%r]';
 $rcmail_config['recaptcha_log_unknown'] = 'Error: Unknown log type.';
+
+// Block IPv6 clients based on prefix length
+$rcmail_config['rcguard_ipv6_prefix'] = 64;
diff --git a/localization/de_DE.inc b/localization/de_DE.inc
@@ -3,7 +3,7 @@
 $labels = array();
 
 $messages = array();
-$messages['recaptchafailed'] = 'Die Überprüfung des Sicherheitscodes ist fehlgeschlagen!';
-$messages['recaptchaempty'] = 'Bitte geben Sie den Sicherheitscode ein!';
+$messages['recaptchafailed'] = 'Die Überprüfung des Captchas ist fehlgeschlagen!';
+$messages['recaptchaempty'] = 'Bitte füllen Sie das Captcha aus!';
 
 ?>
diff --git a/rcguard.php b/rcguard.php
@@ -276,6 +276,29 @@ private function table_name()
 
     private function get_client_ip()
     {
-        return rcube_utils::remote_addr();
+        $prefix = rcmail::get_instance()->config->get('rcguard_ipv6_prefix', 128);
+        $client_ip = rcube_utils::remote_addr();
+
+        // process only v6 addresses
+        if (!filter_var($client_ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) === false) {
+
+            // process only if prefix is sane
+            if (is_int($prefix) && $prefix > 16 && $prefix < 128 ) {
+
+                // construct subnet mask
+                $mask_string = str_repeat('1', $prefix) . str_repeat('0', 128-$prefix);
+                $mask_split = str_split($mask_string, 16);
+                foreach($mask_split as &$item) {
+                    $item = base_convert($item, 2, 16);
+                }
+                $mask_hex = implode(":", $mask_split);
+
+                // return network part
+                return inet_ntop( inet_pton($client_ip) & inet_pton($mask_hex) );
+            }
+         }
+
+         // fall back: return unaltered client IP
+         return $client_ip;
     }
 }
