PHP implementation of the restricted IP voting program IP source analysis, IP voting _php tutorial

Source: Internet
Author: User
Tags getting started with php php software forum software

PHP implementation of restricted IP voting program IP source analysis, IP polling


This paper analyzes the implementation of PHP restricted IP voting program. Share to everyone for your reference, as follows:

The need for a polling activity requires IP restrictions, each of which limits a certain chance of voting. I searched the search engine on the keywords: PHP client IP, the results are basically the following:

if (getenv (' http_client_ip ') && strcasecmp (getenv (' http_client_ip '), ' unknown ') {   $onlineip = getenv (' Http_client_ip ');} ElseIf (getenv (' http_x_forwarded_for ') && strcasecmp (getenv (' http_x_forwarded_for '), ' unknown ')) {   $ Onlineip = getenv (' http_x_forwarded_for ');} ElseIf (getenv (' remote_addr ') && strcasecmp (getenv (' remote_addr '), ' unknown ') {   $onlineip = getenv (' Remote_addr ');} ElseIf (Isset ($_server[' remote_addr ") && $_server[' remote_addr '] && strcasecmp ($_server[' Remote_ ADDR '], ' unknown ') {   $onlineip = $_server[' remote_addr ');}

This code is used in a wide range of "Discuz" forum software, as well as many open source PHP software, and the general idea is to obtain the final client IP address (the IP address of the user who can access the proxy).

Because many mature programs use this code to get the client IP address, so I also rest assured that the application in the program, fortunately, later a colleague reminded, found that this code can not be used in the restricted IP voting program, because http_x_forwarded_for this can be forged, Just add x-forwarded-for in the request. The content of this request header is received by $_server[' Http_x_forwarded_for ' on the server side.

Here I use the program to explain:

http://localhost/i.php content is obtained through the above code to obtain the IP address, and print out.

Write the generation that constructs the request, request this URL: Which adds x-forwarded-for this parameter in the request head:

$head = Array (), $head [] = ' get/i.php http/1.1 '; $head [] = ' host:localhost '; $head [] = ' x-forwarded-for:255.255.255.255 '; $head [] = ' connection:close '; $head = Join ("RN", $head) $head. = "Rnrn"; $fp = Fsockopen (' localhost '); fwrite ($FP, $hea d); $response = Array (); while ($buff = Fread ($fp, 4096)) {   $response [] = $buff;} Print join (' ', $response);

By executing this code, you know that the server side (localhost/i.php) prints 255.255.255.255.
It is indicated that this method of acquiring client IP is undesirable in restricting the voting activity of IP, and the IP address of the client can be forged. While the direct use of $_server[' REMOTE_ADDR ') is not the final IP address of the user, but the limited function is directly effective to achieve.

Of course, you can't say that the code is wrong. In some of the need for IP restrictions, should be used, for example, in some of the sites have a lot of geographical temperament site, through the user access to the IP, directly to the user's area of the subsite, and so on.

More about PHP related content readers can view the topic: "PHP Curl Usage Summary", "PHP Socket Usage Summary", "PHP Network Programming Skills Summary", "PHP Basic Grammar Primer Tutorial", "PHP operation Office Document tips summary (including word, excel,access,ppt), "PHP Date and Time usage summary", "PHP primer for Object-oriented programming", "PHP String Usage Summary", "Getting Started with Php+mysql database operations" and "PHP Common Database Operations Skills Summary"

I hope this article is helpful to you in PHP programming.

http://www.bkjia.com/PHPjc/1125235.html www.bkjia.com true http://www.bkjia.com/PHPjc/1125235.html techarticle PHP Implementation of the limited IP voting program IP source analysis, IP voting this paper analyzes the implementation of PHP limited IP voting program. Share to everyone for your reference, as follows: Received a poll live ...

  • Related Article

    Contact Us

    The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

    If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

    A Free Trial That Lets You Build Big!

    Start building with 50+ products and up to 12 months usage for Elastic Compute Service

    • Sales Support

      1 on 1 presale consultation

    • After-Sales Support

      24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.