Getting the client IP is not a simple job, because there are IP spoofing, and proxy problems, so the authenticity of the IP to obtain the client will be discounted, can not be hundred accurate. But we still try to find a better way to get the real IP of the client. There are many ways to get IP using PHP.
function GetIP () {if (getenv ("Http_client_ip") && strcasecmp (getenv ("Http_client_ip"), "unknown") $ip = getenv ("Http_client_ip"), Else if (getenv ("Http_x_forwarded_for") && strcasecmp (getenv ("Http_x_forwarded_for"), " Unknown ")) $ip = getenv (" Http_x_forwarded_for "), Else if (getenv (" REMOTE_ADDR ") && strcasecmp (getenv (" Remote_ ") ADDR ")," Unknown ")) $ip = getenv (" REMOTE_ADDR "), Else if (isset ($_server[' remote_addr ')) && $_server[' Remote_ ADDR '] && strcasecmp ($_server[' remote_addr '), "unknown") $ip = $_server[' remote_addr '];else$ip = "Unknown"; return ($IP);
Now we need to explain this code, here are two functions, getenv () and strcasecmp (), the previous function obtains the system environment variable, if can fetch the value, then returns the value, cannot return false.
$_server is an array of server super global variables, and the IP address of the client can also be obtained with $_server[' REMOTE_ADDR '. The difference is that the getenv does not support PHP that is running in the ISAPI mode of IIS.
The use of strcasecmp (STRING1,STRING2) String functions is to compare string1 and string2, if equal returns 0, if string1 is greater than string2, returns a number greater than 0, less than 0.
The function uses the client IP first, if not the method of trying to use proxy, if not, then use REMOTE_ADDR.
Also saw a more detailed method of detecting IP, considering the spoofing of IP, and multi-agent code. The method is similar.
function GetIP () {$unknown = ' unknown '; if (isset ($_server[' http_x_forwarded_for ']) && $_server[' http_x_ Forwarded_for '] && strcasecmp ($_server[' http_x_forwarded_for '), $unknown)) {$ip = $_server[' http_x_forwarded _for '];} ElseIf (Isset ($_server[' remote_addr ") && $_server[' remote_addr '] && strcasecmp ($_server[' Remote_ ADDR '], $unknown)) {$ip = $_server[' remote_addr ');} /* Handle multi-tier proxies or use regular mode: $ip = Preg_match ("/[\d\.") {7,15}/", $ip, $matches)? $matches [0]: $unknown; */if (False!== Strpos ($ip, ', ')) $ip = Reset (Explode (', ', $ip)); return $ip;}
One, not using the proxy server PHP to obtain the client IP situation:
REMOTE_ADDR = Client IP
Http_x_forwarded_for = no value or no display
Second, the use of transparent proxy server situation: Transparent Proxies
REMOTE_ADDR = Last Proxy server IP
http_x_forwarded_for = Client Real IP (this value is similar across multiple proxy servers: 221.5.252.160, 203.98.182.163, 203.129.72.215)
This kind of proxy server still sends the client's real IP to the Access object, it can't achieve the purpose of hiding the real identity.
Third, the use of ordinary anonymous proxy server PHP get client IP situation: Anonymous Proxies
REMOTE_ADDR = Last Proxy server IP
http_x_forwarded_for = Proxy Server IP (this value is similar across multiple proxy servers: 203.98.182.163, 203.98.182.163, 203.129.72.215)
In this case, the real IP of the client is hidden, but the Access object is disclosed to the client using a proxy server to access them.
Iv. use of deceptive proxy servers: distorting Proxies
REMOTE_ADDR = Proxy Server IP
Http_x_forwarded_for = Random IP (this value is similar across multiple proxy servers: 220.4.251.159, 203.98.182.163, 203.129.72.215)
This situation also revealed that the client was using a proxy server, but fabricated a bogus random IP (220.4.251.159) instead of the client's real IP to deceive it.
V. Use of high anonymous proxy server PHP to obtain client IP condition: Anonymity Proxies (Elite Proxies)
REMOTE_ADDR = Proxy Server IP
Http_x_forwarded_for = no value or no display
These header messages may not be available, either REMOTE_ADDR or http_forwarded_for, because different browsers might send different IP header messages for different network devices. So PHP uses $_server["REMOTE_ADDR"], $_ The value obtained by server["Http_x_forwarded_for"] may be either a null value or a "unknown" value.
The above is a small part of the introduction of PHP to get the User Client real IP solution, I hope that we have some help, if you have any questions please give me a message, small series will promptly reply to you. Thank you very much for your support for topic.alibabacloud.com!