Getting user's IP

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
Dolphin
Forum Newbie
Posts: 2
Joined: Mon Aug 19, 2002 3:33 pm
Location: York, UK

Getting user's IP

Post by Dolphin »

I want my scripts to be able to see the user's IP address (security), but I can't find out how. I think it can be done, so could someone please tell me if it can and how, or if it can't?
User avatar
twigletmac
Her Royal Site Adminness
Posts: 5371
Joined: Tue Apr 23, 2002 2:21 am
Location: Essex, UK

Post by twigletmac »

Try:

Code: Select all

$_SERVERї'REMOTE_ADDR'];
Mac
User avatar
Takuma
Forum Regular
Posts: 931
Joined: Sun Aug 04, 2002 10:24 am
Location: UK
Contact:

Another way

Post by Takuma »

Another way is to use just:-

Code: Select all

$REMOTE_ADDR
User avatar
twigletmac
Her Royal Site Adminness
Posts: 5371
Joined: Tue Apr 23, 2002 2:21 am
Location: Essex, UK

Post by twigletmac »

$_SERVER['REMOTE_ADDR'] will work with PHP 4.1 and above and register globals on or off. $HTTP_SERVER_VARS['REMOTE_ADDR'] will work with pretty much any version of PHP and register globals on or off. $REMOTE_ADDR will work with pretty much any version of PHP but only when register globals is on. You need to choose the one which makes the most sense, in that do you want it to be future proof and should it be backwards compatible.

Mac
User avatar
PaTTeR
Forum Commoner
Posts: 56
Joined: Wed Jul 10, 2002 7:39 am
Location: Bulgaria
Contact:

Post by PaTTeR »

Keep in mind that that this IP is not 100% true. Your visitor can use a proxy server or something else, and you'll get this IP
User avatar
nielsene
DevNet Resident
Posts: 1834
Joined: Fri Aug 16, 2002 8:57 am
Location: Watertown, MA

Post by nielsene »

Depending on your needs, you can check $_SERVER["HTTP_X_FORWARDED_FOR"]. If its set, then it normally contains the users real IP, while $_SERVER["REMOTE_ADDR"] would hold the proxy's IP.

If you're worried about spoofing, doing a double name lookup can make it harder for the spoofer, but it will also slow your script down.

Code: Select all

function testIP($ip)
{
    $host = gethostbyaddr($ip);
    if ($host != $ip) // make sure we got a name
    {
         $ip2 = gethostbyname($host);
         return $ip2 == $ip;
    }
    return FALSE;
}
Dolphin
Forum Newbie
Posts: 2
Joined: Mon Aug 19, 2002 3:33 pm
Location: York, UK

Post by Dolphin »

Thanks. I got it working with $HTTP_SERVER_VARS['REMOTE_ADDR'] so it works with most versions.
User avatar
Takuma
Forum Regular
Posts: 931
Joined: Sun Aug 04, 2002 10:24 am
Location: UK
Contact:

Post by Takuma »

Depending on your needs, you can check $_SERVER["HTTP_X_FORWARDED_FOR"]. If its set, then it normally contains the users real IP, while $_SERVER["REMOTE_ADDR"] would hold the proxy's IP.
Never knew that thanks!
User avatar
Takuma
Forum Regular
Posts: 931
Joined: Sun Aug 04, 2002 10:24 am
Location: UK
Contact:

Post by Takuma »

Depending on your needs, you can check $_SERVER["HTTP_X_FORWARDED_FOR"]. If its set, then it normally contains the users real IP, while $_SERVER["REMOTE_ADDR"] would hold the proxy's IP.
Never knew that thanks!
Post Reply