获取客户端的真实IP地址

April 17, 2009

2th:

1. function getip() { 2. if (isset($_SERVER)) { 3. /*在局域网通过透明代理访问外部的web服务器时, *在web服务器端, *通过header HTTP_X_FORWARDED_FOR 可以知道代理服务器的服务器名以及端口, */ 4. if (isset($_SERVER[HTTP_X_FORWARDED_FOR])) { 5. $realip = $_SERVER[HTTP_X_FORWARDED_FOR]; 6. } elseif (isset($_SERVER[HTTP_CLIENT_IP])) { 7. $realip = $_SERVER[HTTP_CLIENT_IP]; 8. } else { 9. $realip = $_SERVER[REMOTE_ADDR]; 10. } 11. } else { 12. /*string getenv ( string varname )*Returns the value of the environment variable varname, or FALSE on *an error. 13. */ 14. if (getenv(“HTTP_X_FORWARDED_FOR”)) { 15. $realip = getenv( “HTTP_X_FORWARDED_FOR”); 16. } elseif (getenv(“HTTP_CLIENT_IP”)) { 17. $realip = getenv(“HTTP_CLIENT_IP”); 18. } else { 19. $realip = getenv(“REMOTE_ADDR”); 20. } 21. } 22. return $realip;

HTTP_X_FORWARDED_FOR获取的是最真实的,“HTTP_X_FORWARDED_FOR”是HTTP协议头中的一部分，也就是说客户端可以伪造，使用时需要进行相应检测防止被利用，例如网站有封IP的功能，恶意用户可以伪造IP，使网站误封正常用户的IP。

3th:

# class Client extends Object # { # # /** # * Gets the “true” IP address of the current user # * # * @return string the ip of the user # */ # function getIp() # { # global ＄REMOTE_ADDR; # global ＄HTTP_X_FORWARDED_FOR, ＄HTTP_X_FORWARDED, ＄HTTP_FORWARDED_FOR, ＄HTTP_FORWARDED; # global ＄HTTP_VIA, ＄HTTP_X_COMING_FROM, ＄HTTP_COMING_FROM; # global ＄HTTP_SERVER_VARS, ＄HTTP_ENV_VARS; # # // Get some server/environment variables values # if (emptyempty(＄REMOTE_ADDR)) { # if (!emptyempty(＄_SERVER) && isset(＄_SERVER['REMOTE_ADDR'])) { # ＄REMOTE_ADDR = ＄_SERVER['REMOTE_ADDR']; # } # else if (!emptyempty(＄_ENV) && isset(＄_ENV['REMOTE_ADDR'])) { # ＄REMOTE_ADDR = ＄_ENV['REMOTE_ADDR']; # } # else if (!emptyempty(＄HTTP_SERVER_VARS) && isset(＄HTTP_SERVER_VARS['REMOTE_ADDR'])) { # ＄REMOTE_ADDR = ＄HTTP_SERVER_VARS['REMOTE_ADDR']; # } # else if (!emptyempty(＄HTTP_ENV_VARS) && isset(＄HTTP_ENV_VARS['REMOTE_ADDR'])) { # ＄REMOTE_ADDR = ＄HTTP_ENV_VARS['REMOTE_ADDR']; # } # else if (@getenv(‘REMOTE_ADDR’)) { # ＄REMOTE_ADDR = getenv(‘REMOTE_ADDR’); # } # } // end if # if (emptyempty(＄HTTP_X_FORWARDED_FOR)) { # if (!emptyempty(＄_SERVER) && isset(＄_SERVER['HTTP_X_FORWARDED_FOR'])) { # ＄HTTP_X_FORWARDED_FOR = ＄_SERVER['HTTP_X_FORWARDED_FOR']; # } # else if (!emptyempty(＄_ENV) && isset(＄_ENV['HTTP_X_FORWARDED_FOR'])) { # ＄HTTP_X_FORWARDED_FOR = ＄_ENV['HTTP_X_FORWARDED_FOR']; # } # else if (!emptyempty(＄HTTP_SERVER_VARS) && isset(＄HTTP_SERVER_VARS['HTTP_X_FORWARDED_FOR'])) { # ＄HTTP_X_FORWARDED_FOR = ＄HTTP_SERVER_VARS['HTTP_X_FORWARDED_FOR']; # } # else if (!emptyempty(＄HTTP_ENV_VARS) && isset(＄HTTP_ENV_VARS['HTTP_X_FORWARDED_FOR'])) { # ＄HTTP_X_FORWARDED_FOR = ＄HTTP_ENV_VARS['HTTP_X_FORWARDED_FOR']; # } # else if (@getenv(‘HTTP_X_FORWARDED_FOR’)) { # ＄HTTP_X_FORWARDED_FOR = getenv(‘HTTP_X_FORWARDED_FOR’); # } # } // end if # if (emptyempty(＄HTTP_X_FORWARDED)) { # if (!emptyempty(＄_SERVER) && isset(＄_SERVER['HTTP_X_FORWARDED'])) { # ＄HTTP_X_FORWARDED = ＄_SERVER['HTTP_X_FORWARDED']; # } # else if (!emptyempty(＄_ENV) && isset(＄_ENV['HTTP_X_FORWARDED'])) { # ＄HTTP_X_FORWARDED = ＄_ENV['HTTP_X_FORWARDED']; # } # else if (!emptyempty(＄HTTP_SERVER_VARS) && isset(＄HTTP_SERVER_VARS['HTTP_X_FORWARDED'])) { # ＄HTTP_X_FORWARDED = ＄HTTP_SERVER_VARS['HTTP_X_FORWARDED']; # } # else if (!emptyempty(＄HTTP_ENV_VARS) && isset(＄HTTP_ENV_VARS['HTTP_X_FORWARDED'])) { # ＄HTTP_X_FORWARDED = ＄HTTP_ENV_VARS['HTTP_X_FORWARDED']; # } # else if (@getenv(‘HTTP_X_FORWARDED’)) { # ＄HTTP_X_FORWARDED = getenv(‘HTTP_X_FORWARDED’); # } # } // end if # if (emptyempty(＄HTTP_FORWARDED_FOR)) { # if (!emptyempty(＄_SERVER) && isset(＄_SERVER['HTTP_FORWARDED_FOR'])) { # ＄HTTP_FORWARDED_FOR = ＄_SERVER['HTTP_FORWARDED_FOR']; # } # else if (!emptyempty(＄_ENV) && isset(＄_ENV['HTTP_FORWARDED_FOR'])) { # ＄HTTP_FORWARDED_FOR = ＄_ENV['HTTP_FORWARDED_FOR']; # } # else if (!emptyempty(＄HTTP_SERVER_VARS) && isset(＄HTTP_SERVER_VARS['HTTP_FORWARDED_FOR'])) { # ＄HTTP_FORWARDED_FOR = ＄HTTP_SERVER_VARS['HTTP_FORWARDED_FOR']; # } # else if (!emptyempty(＄HTTP_ENV_VARS) && isset(＄HTTP_ENV_VARS['HTTP_FORWARDED_FOR'])) { # ＄HTTP_FORWARDED_FOR = ＄HTTP_ENV_VARS['HTTP_FORWARDED_FOR']; # } # else if (@getenv(‘HTTP_FORWARDED_FOR’)) { # ＄HTTP_FORWARDED_FOR = getenv(‘HTTP_FORWARDED_FOR’); # } # } // end if # if (emptyempty(＄HTTP_FORWARDED)) { # if (!emptyempty(＄_SERVER) && isset(＄_SERVER['HTTP_FORWARDED'])) { # ＄HTTP_FORWARDED = ＄_SERVER['HTTP_FORWARDED']; # } # else if (!emptyempty(＄_ENV) && isset(＄_ENV['HTTP_FORWARDED'])) { # ＄HTTP_FORWARDED = ＄_ENV['HTTP_FORWARDED']; # } # else if (!emptyempty(＄HTTP_SERVER_VARS) && isset(＄HTTP_SERVER_VARS['HTTP_FORWARDED'])) { # ＄HTTP_FORWARDED = ＄HTTP_SERVER_VARS['HTTP_FORWARDED']; # } # else if (!emptyempty(＄HTTP_ENV_VARS) && isset(＄HTTP_ENV_VARS['HTTP_FORWARDED'])) { # ＄HTTP_FORWARDED = ＄HTTP_ENV_VARS['HTTP_FORWARDED']; # } # else if (@getenv(‘HTTP_FORWARDED’)) { # ＄HTTP_FORWARDED = getenv(‘HTTP_FORWARDED’); # } # } // end if # if (emptyempty(＄HTTP_VIA)) { # if (!emptyempty(＄_SERVER) && isset(＄_SERVER['HTTP_VIA'])) { # ＄HTTP_VIA = ＄_SERVER['HTTP_VIA']; # } # else if (!emptyempty(＄_ENV) && isset(＄_ENV['HTTP_VIA'])) { # ＄HTTP_VIA = ＄_ENV['HTTP_VIA']; # } # else if (!emptyempty(＄HTTP_SERVER_VARS) && isset(＄HTTP_SERVER_VARS['HTTP_VIA'])) { # ＄HTTP_VIA = ＄HTTP_SERVER_VARS['HTTP_VIA']; # } # else if (!emptyempty(＄HTTP_ENV_VARS) && isset(＄HTTP_ENV_VARS['HTTP_VIA'])) { # ＄HTTP_VIA = ＄HTTP_ENV_VARS['HTTP_VIA']; # } # else if (@getenv(‘HTTP_VIA’)) { # ＄HTTP_VIA = getenv(‘HTTP_VIA’); # } # } // end if # if (emptyempty(＄HTTP_X_COMING_FROM)) { # if (!emptyempty(＄_SERVER) && isset(＄_SERVER['HTTP_X_COMING_FROM'])) { # ＄HTTP_X_COMING_FROM = ＄_SERVER['HTTP_X_COMING_FROM']; # } # else if (!emptyempty(＄_ENV) && isset(＄_ENV['HTTP_X_COMING_FROM'])) { # ＄HTTP_X_COMING_FROM = ＄_ENV['HTTP_X_COMING_FROM']; # } # else if (!emptyempty(＄HTTP_SERVER_VARS) && isset(＄HTTP_SERVER_VARS['HTTP_X_COMING_FROM'])) { # ＄HTTP_X_COMING_FROM = ＄HTTP_SERVER_VARS['HTTP_X_COMING_FROM']; # } # else if (!emptyempty(＄HTTP_ENV_VARS) && isset(＄HTTP_ENV_VARS['HTTP_X_COMING_FROM'])) { # ＄HTTP_X_COMING_FROM = ＄HTTP_ENV_VARS['HTTP_X_COMING_FROM']; # } # else if (@getenv(‘HTTP_X_COMING_FROM’)) { # ＄HTTP_X_COMING_FROM = getenv(‘HTTP_X_COMING_FROM’); # } # } // end if # if (emptyempty(＄HTTP_COMING_FROM)) { # if (!emptyempty(＄_SERVER) && isset(＄_SERVER['HTTP_COMING_FROM'])) { # ＄HTTP_COMING_FROM = ＄_SERVER['HTTP_COMING_FROM']; # } # else if (!emptyempty(＄_ENV) && isset(＄_ENV['HTTP_COMING_FROM'])) { # ＄HTTP_COMING_FROM = ＄_ENV['HTTP_COMING_FROM']; # } # else if (!emptyempty(＄HTTP_COMING_FROM) && isset(＄HTTP_SERVER_VARS['HTTP_COMING_FROM'])) { # ＄HTTP_COMING_FROM = ＄HTTP_SERVER_VARS['HTTP_COMING_FROM']; # } # else if (!emptyempty(＄HTTP_ENV_VARS) && isset(＄HTTP_ENV_VARS['HTTP_COMING_FROM'])) { # ＄HTTP_COMING_FROM = ＄HTTP_ENV_VARS['HTTP_COMING_FROM']; # } # else if (@getenv(‘HTTP_COMING_FROM’)) { # ＄HTTP_COMING_FROM = getenv(‘HTTP_COMING_FROM’); # } # } // end if # # // Gets the default ip sent by the user # if (!emptyempty(＄REMOTE_ADDR)) { # ＄direct_ip = ＄REMOTE_ADDR; # } # # // Gets the proxy ip sent by the user # ＄proxy_ip = ‘; # if (!empty(＄HTTP_X_FORWARDED_FOR)) { # ＄proxy_ip = ＄HTTP_X_FORWARDED_FOR; # } else if (!empty(＄HTTP_X_FORWARDED)) { # ＄proxy_ip = ＄HTTP_X_FORWARDED; # } else if (!empty(＄HTTP_FORWARDED_FOR)) { # ＄proxy_ip = ＄HTTP_FORWARDED_FOR; # } else if (!empty(＄HTTP_FORWARDED)) { # ＄proxy_ip = ＄HTTP_FORWARDED; # } else if (!empty(＄HTTP_VIA)) { # ＄proxy_ip = ＄HTTP_VIA; # } else if (!empty(＄HTTP_X_COMING_FROM)) { # ＄proxy_ip = ＄HTTP_X_COMING_FROM; # } else if (!empty(＄HTTP_COMING_FROM)) { # ＄proxy_ip = ＄HTTP_COMING_FROM; # } // end if… else if… # # // Returns the true IP if it has been found, else FALSE # if (empty(＄proxy_ip)) { # // True IP without proxy # return ＄direct_ip; # } else { # ＄is_ip = ereg(’^([0-9]{1,3}.){3,3}[0-9]{1,3}‘, ＄proxy_ip, ＄regs); # if (＄is_ip && (count(＄regs) > 0)) { # // True IP behind a proxy # return ＄regs[0]; # } else { # // Can’t define IP: there is a proxy but we don‘t have # // information about the true IP # return FALSE; # } # } // end if… else… # } // end of the ‘PMA_getIp()’ function # }

添加新评论