Ticket #543 (accepted enhancement)
Enhanced support for handling IP addresses
|Reported by:||JavaWoman||Owned by:||JavaWoman|
There is a number of use cases for using an IP address for an anonymous user, but currently Wikka doesn't support this very well. What I envisage is the following:
Currently GetUserName retrieves username for a logged-in user or IP address or hostname for an anonymous user - no choice to not retrieve anything in case user is not logged in, and only a global setting whether or not to allow reverse DNS lookup (which can be really slow).
- with a slightly different interface, GetUserName() could be told explicitly whether to retrieve anything for an anonymous user, and if so, what (IP address only, or reverse lookup if allowed); the default (no parameter passed) would be the most usual case: name of logged in user only
- for logging and reporting spam usually only an IP address is needed (and preferable), while for storing (and later displaying) 'username' on anonymous edits and comments generally the host name would be preferable
When an admin now enables reverse DNS lookup (for nicer display of anonymous "user names", the result is a lot of slower page displays because GetUserName() is called for every page name to be displayed from inside the HasAccess() method.
- by specifying no parameter in the new situation, such lookups would never occur here (even if they are allowed at system level), speeding up access control considerably
- by specifying only IP address in this context, this slowdown would not occur either (the IP address is already available in the $_SERVER super global) - but it would allow us to work with IP addresses in ACLs as well (to deny or grant access by IP address)
- admin could still allow reverse DNS lookup for anonymous comment posts or page edits (which is a once-off lookup instead of a whole series for any page that shows some list of pages
These changes would be trivial to implement (I have the changed GetUserName() already implemented on my local development machine), and not only speed up access for anonymous users but make the system more flexible as well, allowing working with both IP addresses and host names.