Page 1 of 1

Getting user's IP

Posted: Mon Aug 19, 2002 3:33 pm
by Dolphin
I want my scripts to be able to see the user's IP address (security), but I can't find out how. I think it can be done, so could someone please tell me if it can and how, or if it can't?

Posted: Mon Aug 19, 2002 3:37 pm
by twigletmac
Try:

Code: Select all

$_SERVERї'REMOTE_ADDR'];
Mac

Another way

Posted: Tue Aug 20, 2002 1:02 am
by Takuma
Another way is to use just:-

Code: Select all

$REMOTE_ADDR

Posted: Tue Aug 20, 2002 6:54 am
by twigletmac
$_SERVER['REMOTE_ADDR'] will work with PHP 4.1 and above and register globals on or off. $HTTP_SERVER_VARS['REMOTE_ADDR'] will work with pretty much any version of PHP and register globals on or off. $REMOTE_ADDR will work with pretty much any version of PHP but only when register globals is on. You need to choose the one which makes the most sense, in that do you want it to be future proof and should it be backwards compatible.

Mac

Posted: Tue Aug 20, 2002 11:27 am
by PaTTeR
Keep in mind that that this IP is not 100% true. Your visitor can use a proxy server or something else, and you'll get this IP

Posted: Tue Aug 20, 2002 11:51 am
by nielsene
Depending on your needs, you can check $_SERVER["HTTP_X_FORWARDED_FOR"]. If its set, then it normally contains the users real IP, while $_SERVER["REMOTE_ADDR"] would hold the proxy's IP.

If you're worried about spoofing, doing a double name lookup can make it harder for the spoofer, but it will also slow your script down.

Code: Select all

function testIP($ip)
{
    $host = gethostbyaddr($ip);
    if ($host != $ip) // make sure we got a name
    {
         $ip2 = gethostbyname($host);
         return $ip2 == $ip;
    }
    return FALSE;
}

Posted: Tue Aug 20, 2002 12:45 pm
by Dolphin
Thanks. I got it working with $HTTP_SERVER_VARS['REMOTE_ADDR'] so it works with most versions.

Posted: Tue Aug 20, 2002 4:25 pm
by Takuma
Depending on your needs, you can check $_SERVER["HTTP_X_FORWARDED_FOR"]. If its set, then it normally contains the users real IP, while $_SERVER["REMOTE_ADDR"] would hold the proxy's IP.
Never knew that thanks!

Posted: Tue Aug 20, 2002 4:25 pm
by Takuma
Depending on your needs, you can check $_SERVER["HTTP_X_FORWARDED_FOR"]. If its set, then it normally contains the users real IP, while $_SERVER["REMOTE_ADDR"] would hold the proxy's IP.
Never knew that thanks!