From 404cdba67a86bf8ea8604342e66804b676ae5465 Mon Sep 17 00:00:00 2001
From: Roman Kelesidis <roman25052006.kelesh@gmail.com>
Date: Fri, 19 Jan 2024 15:59:21 +0700
Subject: [PATCH] Updated

---
 CHANGELOG.md |  2 +-
 common.php   | 12 +++++-------
 2 files changed, 6 insertions(+), 8 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index f10797d8..f33854e6 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,7 +4,7 @@
 [Full Changelog](https://github.com/torrentpier/torrentpier-lts/compare/v2.1.5-2023.10-HotFix...v2.1.5-2024.02)
 
 - Release v2.1.5-2024.02 🎉
-- Added Fastly support
+- Added Fastly CDN support
 - Some improvements in default template
 - Fixed void function result used
 - Feature to ban specific torrent clients
diff --git a/common.php b/common.php
index 7293c97d..c94d149f 100644
--- a/common.php
+++ b/common.php
@@ -37,17 +37,15 @@ header('X-Frame-Options: SAMEORIGIN');
 header('X-Powered-By: TorrentPier LTS Forever!');
 
 // Set remote address
-if (isset($_SERVER['HTTP_X_FORWARDED_FOR']))
+$allowedCDNs = ['HTTP_X_FORWARDED_FOR', 'HTTP_FASTLY_CLIENT_IP', 'HTTP_CF_CONNECTING_IP'];
+foreach ($allowedCDNs as $allowedCDN)
 {
-	if (isset($_SERVER['HTTP_CF_CONNECTING_IP']))
+	if (isset($_SERVER[$allowedCDN]) && filter_var($_SERVER[$allowedCDN], FILTER_VALIDATE_IP))
 	{
-		$_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_CF_CONNECTING_IP']; // Cloudflare
-	}
-	elseif (isset($_SERVER['HTTP_FASTLY_CLIENT_IP']))
-	{
-		$_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_FASTLY_CLIENT_IP']; // Fastly
+		$_SERVER['REMOTE_ADDR'] = $_SERVER[$allowedCDN];
 	}
 }
+unset($allowedCDNs);
 
 // Get initial config
 if (file_exists(BB_ROOT . 'library/config.local.php'))