Index: in-auction/units/listing/listing_eh.php =================================================================== --- in-auction/units/listing/listing_eh.php (revision 15437) +++ in-auction/units/listing/listing_eh.php (working copy) @@ -1249,47 +1249,39 @@ function IsHitCountable($listing_id) { - $ip = @$_SERVER['REMOTE_ADDR']; - $sql = 'SELECT LastHitTime - FROM '.TABLE_PREFIX.'eBayListingHits - WHERE - ListingId = '.$listing_id.' - AND IP = '.$this->Conn->qstr($ip).' - '; + $ip = $this->Application->getClientIp(); + $sql = 'SELECT LastHitTime + FROM ' . TABLE_PREFIX . 'eBayListingHits + WHERE ListingId = ' . $listing_id . ' AND IP = ' . $this->Conn->qstr($ip); $time = $this->Conn->GetOne($sql); - if ($time == 0) - { - $a_hash = Array( + if ( $time == 0 ) { + $a_hash = Array ( 'ListingId' => $listing_id, 'IP' => $ip, 'LastHitTime' => adodb_mktime() ); - $this->Conn->doInsert($a_hash, TABLE_PREFIX.'eBayListingHits'); + + $this->Conn->doInsert($a_hash, TABLE_PREFIX . 'eBayListingHits'); return true; } $limit_minutes = $this->Application->ConfigValue('eBay_ListingHitsDelayMinutes'); - if ($limit_minutes < 1) - { + if ( $limit_minutes < 1 ) { $limit_minutes = 60; } - if ($time < (adodb_mktime() - $limit_minutes * 60)) - { - $sql = 'UPDATE '.TABLE_PREFIX.'eBayListingHits - SET LastHitTime = '.adodb_mktime().' - WHERE - ListingId = '.$listing_id.' - AND IP = '.$this->Conn->qstr($ip).' - '; + if ( $time < (adodb_mktime() - $limit_minutes * 60) ) { + $sql = 'UPDATE ' . TABLE_PREFIX . 'eBayListingHits + SET LastHitTime = ' . adodb_mktime() . ' + WHERE ListingId = ' . $listing_id . ' AND IP = ' . $this->Conn->qstr($ip); + return true; } return false; - } /** Generates png-chart output Index: in-bulletin/units/poll_comments/poll_comment_eh.php =================================================================== --- in-bulletin/units/poll_comments/poll_comment_eh.php (revision 15437) +++ in-bulletin/units/poll_comments/poll_comment_eh.php (working copy) @@ -109,7 +109,7 @@ } $object->SetDBField('CreatedById', $this->Application->RecallVar('user_id')); - $object->SetDBField('UserIP', $_SERVER['REMOTE_ADDR']); + $object->SetDBField('UserIP', $this->Application->getClientIp()); $object->SetDBField('Status', STATUS_ACTIVE); } Index: in-bulletin/units/polls/poll_eh.php =================================================================== --- in-bulletin/units/polls/poll_eh.php (revision 15437) +++ in-bulletin/units/polls/poll_eh.php (working copy) @@ -116,7 +116,7 @@ return ; } - $ip_address = $_SERVER['REMOTE_ADDR']; + $ip_address = $this->Application->getClientIp(); if (!$object->GetDBField('AllowMultipleVotings')) { $sql = 'SELECT StatisticsId Index: in-bulletin/units/polls/poll_tp.php =================================================================== --- in-bulletin/units/polls/poll_tp.php (revision 15437) +++ in-bulletin/units/polls/poll_tp.php (working copy) @@ -27,10 +27,17 @@ $object = $this->getObject($params); /* @var $object kDBItem */ - if (!$object->GetDBField('AllowMultipleVotings')) { + if ( !$object->GetDBField('AllowMultipleVotings') ) { + $where_clause = Array ( + 'PollId = ' . $object->GetID(), + 'CreatedById = ' . $this->Application->RecallVar('user_id'), + 'UserIP = ' . $this->Conn->qstr($this->Application->getClientIp()), + ); + $sql = 'SELECT StatisticsId - FROM '.TABLE_PREFIX.'PollsStatistics - WHERE PollId = '.$object->GetID().' AND CreatedById = '.$this->Application->RecallVar('user_id').' AND UserIP = '.$this->Conn->qstr(getenv('REMOTE_ADDR')); + FROM ' . TABLE_PREFIX . 'PollsStatistics + WHERE (' . implode(') AND (', $where_clause) . ')'; + return $this->Conn->GetOne($sql) > 0; } Index: in-bulletin/units/posts/post_eh.php =================================================================== --- in-bulletin/units/posts/post_eh.php (revision 15437) +++ in-bulletin/units/posts/post_eh.php (working copy) @@ -60,7 +60,7 @@ $object->SetDBField('Modified_date', $now); $object->SetDBField('Modified_time', $now); - $object->SetDBField('IPAddress', $_SERVER['REMOTE_ADDR']); + $object->SetDBField('IPAddress', $this->Application->getClientIp()); $sql = 'SELECT Username FROM ' . TABLE_PREFIX . 'Users Index: in-commerce/units/downloads/download_helper.php =================================================================== --- in-commerce/units/downloads/download_helper.php (revision 15437) +++ in-commerce/units/downloads/download_helper.php (working copy) @@ -67,7 +67,7 @@ $down_object->SetDBField('ProductName', $product_object->GetField('Name')); $down_object->SetDBField('FileId', $file_info['FileId']); $down_object->SetDBField('Filename', $file_info['FilePath']); - $down_object->SetDBField('IPAddress', $_SERVER['REMOTE_ADDR']); + $down_object->SetDBField('IPAddress', $this->Application->getClientIp()); $down_object->SetDBField('StartedOn_date', $file_info['download_start']); $down_object->SetDBField('StartedOn_time', $file_info['download_start']); Index: in-commerce/units/gateways/gw_classes/atosorigin.php =================================================================== --- in-commerce/units/gateways/gw_classes/atosorigin.php (revision 15437) +++ in-commerce/units/gateways/gw_classes/atosorigin.php (working copy) @@ -70,7 +70,7 @@ $params['amount'] = str_replace( Array('.', ','), '', $txt_amount); $params['caddie'] = $this->Application->GetSID() . ',' . MD5($item_data['OrderId']); $params['order_id'] = $item_data['OrderId']; - $params['customer_ip_address'] = $_SERVER['REMOTE_ADDR']; + $params['customer_ip_address'] = $this->Application->getClientIp(); $params['customer_id'] = $item_data['PortalUserId']; $billing_email = $item_data['BillingEmail']; Index: in-commerce/units/gateways/gw_classes/paybox.php =================================================================== --- in-commerce/units/gateways/gw_classes/paybox.php (revision 15437) +++ in-commerce/units/gateways/gw_classes/paybox.php (working copy) @@ -73,7 +73,7 @@ $params['PBX_CMD'] = $this->Application->GetSID().','.MD5($item_data['OrderId']); /*$params['order_id'] = $item_data['OrderId']; - $params['customer_ip_address'] = $_SERVER['REMOTE_ADDR']; + $params['customer_ip_address'] = $this->Application->getClientIp(); $params['customer_id'] = $item_data['PortalUserId'];*/ $billing_email = $item_data['BillingEmail']; Index: in-commerce/units/gateways/gw_classes/paypal_direct.php =================================================================== --- in-commerce/units/gateways/gw_classes/paypal_direct.php (revision 15437) +++ in-commerce/units/gateways/gw_classes/paypal_direct.php (working copy) @@ -38,7 +38,7 @@ // -- Login Information -- $post_fields['METHOD'] = 'DoDirectPayment'; $post_fields['VERSION'] = '52.0'; - $post_fields['IPADDRESS'] = $_SERVER['REMOTE_ADDR']; + $post_fields['IPADDRESS'] = $this->Application->getClientIp(); $post_fields['USER'] = $gw_params['api_username']; $post_fields['PWD'] = $gw_params['api_password']; $post_fields['SIGNATURE'] = $gw_params['signature']; Index: in-commerce/units/gateways/gw_classes/rightconnect.php =================================================================== --- in-commerce/units/gateways/gw_classes/rightconnect.php (revision 15437) +++ in-commerce/units/gateways/gw_classes/rightconnect.php (working copy) @@ -60,7 +60,7 @@ $post_fields["trans_amount"] = "8.98"; $post_fields["user1"] = "DELIM"; $post_fields["ALIAS"] = "www.yourdomain.com"; - $post_fields["customer_ip"] = $_SERVER['REMOTE_ADDR']; + $post_fields["customer_ip"] = $this->Application->getClientIp(); $post_fields["ADMIN_EMAIL"] = "admin@yourdomain.com";*/ Index: in-commerce/units/orders/orders_event_handler.php =================================================================== --- in-commerce/units/orders/orders_event_handler.php (revision 15540) +++ in-commerce/units/orders/orders_event_handler.php (working copy) @@ -1610,7 +1610,7 @@ $this->setNextOrderNumber($event); - $object->SetDBField('OrderIP', $_SERVER['REMOTE_ADDR']); + $object->SetDBField('OrderIP', $this->Application->getClientIp()); $order_type = $this->getTypeBySpecial( $this->Application->GetVar('order_type') ); $object->SetDBField('Status', $order_type); @@ -2427,7 +2427,7 @@ $this->CheckUser($event); if ( !$object->GetDBField('OrderIP') ) { - $object->SetDBField('OrderIP', $_SERVER['REMOTE_ADDR']); + $object->SetDBField('OrderIP', $this->Application->getClientIp()); } $shipping_option = $this->Application->GetVar('OriginalShippingOption'); Index: in-commerce/units/products/products_event_handler.php =================================================================== --- in-commerce/units/products/products_event_handler.php (revision 15540) +++ in-commerce/units/products/products_event_handler.php (working copy) @@ -693,7 +693,7 @@ $sql = ' SELECT * FROM ' . TABLE_PREFIX . 'SpamControl WHERE ItemResourceId=' . $object->GetDBField('ResourceId') . ' - AND IPaddress="' . $_SERVER['REMOTE_ADDR'] . '" + AND IPaddress="' . $this->Application->getClientIp() . '" AND PortalUserId=' . $user_id . ' AND DataType="Rating"'; $res = $this->Conn->GetRow($sql); @@ -701,7 +701,7 @@ if ( $res && $res['Expire'] < adodb_mktime() ) { $sql = ' DELETE FROM ' . TABLE_PREFIX . 'SpamControl WHERE ItemResourceId=' . $object->GetDBField('ResourceId') . ' - AND IPaddress="' . $_SERVER['REMOTE_ADDR'] . '" + AND IPaddress="' . $this->Application->getClientIp() . '" AND PortalUserId=' . $user_id . ' AND DataType="Rating"'; $this->Conn->Query($sql); @@ -724,7 +724,7 @@ $sql = ' INSERT INTO ' . TABLE_PREFIX . 'SpamControl (ItemResourceId, IPaddress, PortalUserId, DataType, Expire) VALUES (' . $object->GetDBField('ResourceId') . ', - "' . $_SERVER['REMOTE_ADDR'] . '", + "' . $this->Application->getClientIp() . '", ' . $user_id . ', "Rating", ' . $expire . ')'; Index: in-commerce/units/shipping_quote_engines/usps.php =================================================================== --- in-commerce/units/shipping_quote_engines/usps.php (revision 15437) +++ in-commerce/units/shipping_quote_engines/usps.php (working copy) @@ -1158,7 +1158,7 @@ if ($fp) { $request_url = sprintf("Date %s : IP %s\n\nPost\n\n%s\n\nReplay\n\n%s\n\n", adodb_date('m/d/Y H:i:s'), - $_SERVER['REMOTE_ADDR'], + $this->Application->getClientIp(), $usps_server . '/' . $api_dll . '?' . urldecode($request), $body );