From a56f9eb234df9fa671e871c294a5fb7f2326b80a Mon Sep 17 00:00:00 2001
From: CaxtonTaylor <rafael.franco@caxtontaylor.com>
Date: Tue, 7 Feb 2017 17:23:46 -0500
Subject: [PATCH] Modify auth.php IP eval

Currently the plugin only gets the users IP form REMOTE_ADDR wich is not an entirely reliable source. a much better source would be the getremoteaddr() function since this is the one moodle uses in the reports. This also prevents issues wen moodle is implemented behind a load balancer. I tested the change in my server and it works like  a charm
---
 auth.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/auth.php b/auth.php
index dd6577c..3458bf1 100755
--- a/auth.php
+++ b/auth.php
@@ -55,7 +55,7 @@ class auth_plugin_ip extends auth_plugin_manual {
         global $DB, $CFG;
         if (($user = $DB->get_record('user', array('username'=>$username, 'mnethostid'=>$CFG->mnet_localhost_id)))) {
             // Check if IP is one of the restricted ones.
-            $userIp = filter_input(INPUT_SERVER, 'REMOTE_ADDR');
+            $userIp = getremoteaddr();
 
             if (isset($userIp) && $this->is_ip_valid($userIp)) {
                 return validate_internal_user_password($user, $password);