[vhffs-dev] [2039] use $cgi->remote_addr instead of $ENV{REMOTE_ADDR}, this seems safer with FastCGI

[ Thread Index | Date Index | More vhffs.org/vhffs-dev Archives ]


Revision: 2039
Author:   gradator
Date:     2012-02-23 01:01:06 +0100 (Thu, 23 Feb 2012)
Log Message:
-----------
use $cgi->remote_addr instead of $ENV{REMOTE_ADDR}, this seems safer with FastCGI

Modified Paths:
--------------
    trunk/vhffs-api/src/Vhffs/Panel/Subscribe.pm

Modified: trunk/vhffs-api/src/Vhffs/Panel/Subscribe.pm
===================================================================
--- trunk/vhffs-api/src/Vhffs/Panel/Subscribe.pm	2012-02-22 22:46:14 UTC (rev 2038)
+++ trunk/vhffs-api/src/Vhffs/Panel/Subscribe.pm	2012-02-23 00:01:06 UTC (rev 2039)
@@ -85,8 +85,7 @@
 			my $captcha = new Captcha::reCAPTCHA();
 			my $challenge = $cgi->param('recaptcha_challenge_field');
 			my $response = $cgi->param('recaptcha_response_field');
-			# TODO: use CGI supplied REMOTE_ADDR if any
-			my $result = $captcha->check_answer( $captcha_privkey, $ENV{REMOTE_ADDR}, $challenge, $response);
+			my $result = $captcha->check_answer( $captcha_privkey, $cgi->remote_addr, $challenge, $response);
 			$panel->add_error( gettext('Codes do not match')) unless $result->{is_valid};
 		}
 


Mail converted by MHonArc 2.6.19+ http://listengine.tuxfamily.org/