Forum Moderators: coopster
$_SERVER['HTTP_CLIENT_IP'] && $_SERVER['HTTP_X_FORWARDED_FOR']
Do these globals only run depending on how the PHP has been setup on the machine running it or are there other ways of finding out a terminals *genuine* IP, or am I going about this the wrong way.
I only get joy from using $_SERVER['REMOTE_ADDR'] at the moment, but I am aware that majority of terminals these days run via proxies etc.
I have a function already that stores IP address's in array format, but as yet its only $_SERVER['REMOTE_ADDR'] thats in use, when I echo the other two to screen, I get undefined index error's.
I am trying to add some security by using IP's and logging them for verification.
Cheers,
MRb
$_SERVER['HTTP_CLIENT_IP'] && $_SERVER['HTTP_X_FORWARDED_FOR'] are only available if they are populated, so you should always use isset [php.net] or empty [php.net] to check.
If IP addresses are stored in $_SERVER['HTTP_X_FORWARDED_FOR'], they may be seperated with a comma. Here`s a simple function you can use:
function getIPAddresses() {
$ip = array();
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
$ip[] = $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
if (strpos($_SERVER['HTTP_X_FORWARDED_FOR'],',')!==FALSE) {
$split = explode(',',$_SERVER['HTTP_X_FORWARDED_FOR']);
foreach ($split AS $value) {
$ip[] = $value;
}
} else {
$ip[] = $_SERVER['HTTP_X_FORWARDED_FOR'];
}
} else {
$ip[] = $_SERVER['REMOTE_ADDR'];
}
return (!empty($ip) ? implode(',',$ip) : '');
}
$ips = getIPAddresses();
print_r($ips);
dc
