The method of using PHP to get the real IP of user Client

This article mainly introduces the use of PHP to obtain the user client real IP method, has a certain reference value, now share to everyone, have the need for friends can refer to

Getting the client IP is not a simple job, because there are IP spoofing, and proxy issues, so the authenticity of the IP that gets the client will be compromised, Can not be hundred percent accurate. But we try to use a more sophisticated method to obtain the customer's IP, the following to share PHP to get the user Client real IP method, together to see it

Getting the client IP is not a simple job, because there are IP spoofing, and proxy problems, so the authenticity of the IP to obtain the client will be discounted, can not be hundred accurate. But we still try to find a better way to get the real IP of the client. There are many ways to get IP using PHP.

function GetIP () {if (getenv ("Http_client_ip") && strcasecmp (getenv ("Http_client_ip"), "unknown") $ip = getenv ("Http_client_ip"), Else if (getenv ("Http_x_forwarded_for") && strcasecmp (getenv ("Http_x_forwarded_for"), " Unknown ")) $ip = getenv (" Http_x_forwarded_for "), Else if (getenv (" REMOTE_ADDR ") && strcasecmp (getenv (" Remote_ ") ADDR ")," Unknown ")) $ip = getenv (" REMOTE_ADDR "), Else if (isset ($_server[' remote_addr ')) && $_server[' Remote_ ADDR '] && strcasecmp ($_server[' remote_addr '), "unknown") $ip = $_server[' remote_addr '];else$ip = "Unknown"; return ($IP);

Now we need to explain this code, here are two functions, getenv () and strcasecmp (), the previous function obtains the system environment variable, if can fetch the value, then returns the value, cannot return false.

$_server is an array of server super global variables, and the IP address of the client can also be obtained with $_server[' REMOTE_ADDR '. The difference is that the getenv does not support PHP that is running in the ISAPI mode of IIS.

The use of strcasecmp (STRING1,STRING2) String functions is to compare string1 and string2, if equal returns 0, if string1 is greater than string2, returns a number greater than 0, less than 0.

The function uses the client IP first, if not the method of trying to use proxy, if not, then use REMOTE_ADDR.

Also saw a more detailed method of detecting IP, considering the spoofing of IP, and multi-agent code. The method is similar.

function GetIP () {$unknown = ' unknown '; if (isset ($_server[' http_x_forwarded_for ']) && $_server[' http_x_ Forwarded_for '] && strcasecmp ($_server[' http_x_forwarded_for '), $unknown)) {$ip = $_server[' http_x_forwarded _for '];} ElseIf (Isset ($_server[' remote_addr ") && $_server[' remote_addr '] && strcasecmp ($_server[' Remote_ ADDR '], $unknown)) {$ip = $_server[' remote_addr ');} /* Handle multi-tier proxies or use regular mode: $ip = Preg_match ("/[\d\.") {7,15}/", $ip, $matches)? $matches [0]: $unknown; */if (False!== Strpos ($ip, ', ')) $ip = Reset (Explode (', ', $ip)); return $ip;}

One, not using the proxy server PHP to obtain the client IP situation:

REMOTE_ADDR = Client IP
Http_x_forwarded_for = no value or no display

Second, the use of transparent proxy server situation: Transparent Proxies

REMOTE_ADDR = Last Proxy server IP
http_x_forwarded_for = Client Real IP (this value is similar across multiple proxy servers: 221.5.252.160, 203.98.182.163, 203.129.72.215)

This kind of proxy server still sends the client's real IP to the Access object, it can't achieve the purpose of hiding the real identity.

Third, the use of ordinary anonymous proxy server PHP get client IP situation: Anonymous Proxies

REMOTE_ADDR = Last Proxy server IP
http_x_forwarded_for = Proxy Server IP (this value is similar across multiple proxy servers: 203.98.182.163, 203.98.182.163, 203.129.72.215)

In this case, the real IP of the client is hidden, but the Access object is disclosed to the client using a proxy server to access them.

Iv. use of deceptive proxy servers: distorting Proxies

REMOTE_ADDR = Proxy Server IP
Http_x_forwarded_for = Random IP (this value is similar across multiple proxy servers: 220.4.251.159, 203.98.182.163, 203.129.72.215)

This situation also revealed that the client was using a proxy server, but fabricated a bogus random IP (220.4.251.159) instead of the client's real IP to deceive it.

V. Use of high anonymous proxy server PHP to obtain client IP condition: Anonymity Proxies (Elite Proxies)

REMOTE_ADDR = Proxy Server IP

Http_x_forwarded_for = no value or no display

These header messages may not be available, either REMOTE_ADDR or http_forwarded_for, because different browsers might send different IP header messages for different network devices. So PHP uses $_server["REMOTE_ADDR"], $_ The value obtained by server["Http_x_forwarded_for"] may be either a null value or a "unknown" value.

The above is the whole content of this article, I hope that everyone's learning has helped, more relevant content please pay attention to topic.alibabacloud.com!