[wp-hackers] WordPress IPv6 bug

Kimmo Suominen kimmo at global-wire.fi
Fri Sep 28 07:03:06 GMT 2007


Hi!

I have a comment from 2007-03-03 with a good IP address logged:

    2001:14b8:1ee:0:211:11ff:fe98:edf1

But on another comment from 2007-09-13 I have this:

    20011481021111981

It appears to be the same address (my workstation), but with all
the colons and non-digit characters removed.

It seems this has already been reported on trac:

    #4579: IPv6 IPs
    #3987: IPv6 support

The culprit appears to be in changeset 3990:

    http://trac.wordpress.org/changeset/3990

I think the changes made to wp-includes/comment.php should just
be reversed.  The data in $_SERVER['REMOTE_ADDR'] is filled in by
the web server using information from the socket structure, so it
seems to me there is little need to further "sanitize" it.

I've attached a patch to ticket #4579 to revert the change.

The change in wp-includes/functions.php is fine, since Spamhaus
does not support IPv6.  It might be good to check for the case
that $ipnum has become empty after calling preg_replace().

Best regards,
+ Kimmo
-- 
<A HREF="http://kimmo.suominen.com/">Kimmo Suominen</A>



More information about the wp-hackers mailing list