Hello, I really love this plugin. Thanks for it. I just wanted to point out that these guys are getting crafty and have begun forging the request, and somehow sticking a
,1 after the IP address.
Warning: gethostbyaddr() [function.gethostbyaddr]: Address is not a valid IPv4 or IPv6 address in /wp-content/plugins/statpress-community-formerly-statcomm/classes/statcommspy.php on line 255
Not sure if they exposed anything by doing this, or if you can make it handle this gracefully by checking the format of the
$_SERVER['REMOTE_ADDR'] before running
gethostbyaddr. Perhaps validating that the remote addr is a valid IP with
FILTER_VALIDATE_IP or a regex would help.
Just thought I'd point out that they were able to tinker and trigger this :)