Security methods for Web site access to User IP http_x_forwarded_for test _php skills

GetIP function after safe filtering

Copy Code code as follows:

function GetIP () {
$realip = '; Set default values
if (Isset ($_server[' http_x_forwarded_for ')) {
$realip = $_server[' http_x_forwarded_for '];
} elseif (Isset ($_server[' http_client_ip ')) {
$realip = $_server[' http_client_ip '];
} else {
$realip = $_server[' remote_addr '];
}

Preg_match ('/^ (?: \ D{1,3}\.) {3}\d{1,3})/', $realip, $match);
return $match $match [0]:false;
}

The above function, which increases IP judgment, reads only the beginning of the IP format data and the first satisfies the IP format value. If False is not returned. This allows you to read to the IP format that satisfies the format, and verify the IP formats of the data.

If I read the Internet IP, the user incoming LAN IP, I should directly filter out

We are on some websites, often can see the hint, illegal IP address, in fact, part of the IP address format error, part may be read to the IP address, do not meet the internet above allow IP format. The following function encapsulates a function through the IANA site specification. By entering an IP address, it is possible to know exactly whether the IP can be applied on the Internet.

Copy Code code as follows:

Internet allows IP addresses to be used
function IpType2 ($IP) {
$iplist = Explode (".", $ip);

if ($iplist [0] >= 224 && $iplist [0] <= 239)
return ' multicast ';
if ($iplist [0] >= && $iplist [0] <= 255)
return ' reserved ';

if (Preg_match ('/^198\.51\.100/', $ip))
Return ' test-net-2, documents and examples ';
if (Preg_match ('/^203\.0\.113/', $ip))
Return ' test-net-3, documents and examples ';

if (Preg_match ('/^192\. 18|19) \./', $ip)
Return ' network benchmark test ';

if (Preg_match ('/^192\.168/', $ip))
Return ' private network [intranet] ';

if (Preg_match ('/^192\.88\.99/', $ip))
Return ' ipv6to4 relay ';
if (Preg_match ('/^192\.0\.2\./', $ip))
Return ' test-net-1, documents and examples ';
if (Preg_match ('/^192\.0\.0\./', $ip))
Return ' reserved (IANA) ';
if (Preg_match ('/^192\.0\.0\./', $ip))
Return ' reserved (IANA) ';

if ($iplist [0] = = 172 && $iplist [1] <= && $iplist [1] >= 16)
Return ' private network [intranet] ';

if ($iplist [0] = = 169 && $iplist [1] = 254)
Return ' link local ';
if ($iplist [0] = = 127)
Return ' loopback address ';
if ($iplist [0] = = 10)
Return ' private network [intranet] ';
if ($iplist [0] = = 0)
Return ' This network (valid only as source address) ';

Return ' Internet address ';
}

When you enter an IP address, it returns "Internet address", and the IP address is not only well-formed, but is also the legal IP address above the Internet. This function is very complex, in fact, is to exclude many non-internet use of IP addresses. Our common 192,127, 10 initial address estimates are familiar. But in fact, many IP addresses are reserved, or left for them to use. cannot be used as Internet IP. With the above two functions, we can not only read the correct format of the IP address, but also to ensure that read is the IP address above the Internet. Above is the function which often uses in the work, welcome friends to Exchange!

Author: Chengmo qq:8292669