Aside from the lack of quotes I don't see anything wrong with what you're doing.

If you're getting a large number of blank IPs my guess is that your problem is somewhere else in your code, maybe the part where you do the actual recording.

Try adding a few more...

if(getenv('HTTP_CLIENT_IP')) {
$ip = getenv('HTTP_CLIENT_IP');
} elseif (getenv('HTTP_X_FORWARDED_FOR')) {
$ip = getenv('HTTP_X_FORWARDED_FOR');
} elseif (getenv('HTTP_X_FORWARDED')) {
$ip = getenv('HTTP_X_FORWARDED');
} elseif (getenv('HTTP_FORWARDED_FOR')) {
$ip = getenv('HTTP_FORWARDED_FOR');
} elseif (getenv('HTTP_FORWARDED')) {
$ip = getenv('HTTP_FORWARDED');
} else {
$ip = $_SERVER['REMOTE_ADDR']'
}

Perhaps there are proxies around who send an empty HTTP_X_FORWARDED_FOR -- don't know.

The HTTP_X_FORWARDED_FOR information is a cortesy of a remote proxy, so you shouldn't rely on it and add some code to fall back to the remote_addr if the HTTP_X_FORWARDED_FOR makes no sense.
This information can easily be faked by users by adding it to a HTTP request themselves.

Note that the X-Forwarded-for header might contain multiple addresses (comma separated), if the request was forwarded through multiple proxies.

Kind regards,
R.

Thanx for all the replies..

I usualy get Blank ips when Spammers from Nigeria and other Small Afirican countries try to do some Spamming on my site..

Nigerian really sucks.. they keep doing their work very dedicatedly and no matter how many ips you block.. they will keep coming with new one. On an avarage i block more than 100 accounts daily on my site..

see how big pain is this..

Anybody has any other idea about getting blank ips?

Regards
Tabish

I was under the impression that $_SERVER["REMOTE_ADDR"] always gave you the requesting IP, although it could be a proxy. The other two variables that I have heard of are $_SERVER["HTTP_VIA"] and $_SERVER["HTTP_PROXY_CONNECTION"].

I was having similar problems with $_SERVER['SERVER_ADDR'] returning a blank string on a couple of servers. I wound up writing a script similar to the following and Coopster modified it a little to keep from tripping warning errors.

if (isset($_SERVER['SERVER_ADDR']) && $_SERVER['SERVER_ADDR'] <> '') { 
 $_SESSION['ip'] = $_SERVER['SERVER_ADDR']; 
} else { 
 $_SESSION['ip'] = gethostbyname($_SERVER['SERVER_NAME']); 
}

If the SERVER_ADDR is there, then that's used. If not the IP is looked up through DNS and then stored as a session variable so it only has to be looked up once per session.

So far, I haven't come across a situation where it hasn't worked :)

[edited by: Nutter at 2:13 pm (utc) on Jan. 9, 2007]

Nutter, I believe you are referring to the thread in which you found the $ SERVER['SERVER ADDR'] blank [webmasterworld.com] and if so, the variable you are/were after was the IP address of the server under which the current script is executing. That is not the same IP that tabish is after here.

And furthermore, gethostbyname relies on the REMOTE_ADDR being present. The REMOTE_ADDR is guaranteed to be there, as it is recorded at the TCP/IP connection level. Looking up a hostname relies on having an IP address to send to the DNS system to do a reverse-DNS lookup.

The IP address is also required for a double-reverse-lookup, where an IP address is sent to DNS to look up the hostname, and then the hostname is sent back to DNS to look up the IP address. If the IP address looked up from the hostname does not match the original IP address, then the double-reverse lookup fails. As such, it is good for looking up faked REMOTE_HOSTnames, HTTP_REFERERs, or any other IP addresses or hostnames.

The original problem in this thread is that HTTP_X_FORWARDED_FOR will only be sent by 'good' proxies --that is, non-anonymous proxies-- to inform you of the real remote user's IP address. If it's not present, it could simply be that the user is not behind a proxy, so that header won't be sent.

So, the suggestion to fall back to REMOTE_ADDR and to check some of the other possible proxy-appended headers if HTTP_X_FORWARDED_FOR is missing is a good one.

Jim

[edited by: jdMorgan at 7:31 pm (utc) on Jan. 9, 2007]

You are correct coop, I was thinking backwards :)