compare $_SSSION['ip'] with real ip
Posted: Thu Sep 09, 2004 7:01 am
hellow.
i have a login page where in login.php i have:
in auth.php I check to see
the problem is that if the user is behind a proxy, I won't be able to see his real ip.
So for this I have the following function:
my question is :
How can I check now in auth.php if $_SESSION['ip'] is the same with the ip provided by the function?
thx
i have a login page where in login.php i have:
Code: Select all
<?php
$_SESSION['ip'] = $_POST['ip'];
?>Code: Select all
<?php
$new_ip = getenv("REMOTE_ADDR");
if($_SESSION['ip'] != $new_ip)
{
die ("Not logged in");
}
?>So for this I have the following function:
Code: Select all
<?php
function getIP() {
$ip;
if (getenv("HTTP_CLIENT_IP")) $ip = getenv("HTTP_CLIENT_IP");
else if(getenv("HTTP_X_FORWARDED_FOR")) $ip = getenv("HTTP_X_FORWARDED_FOR");
else if(getenv("REMOTE_ADDR")) $ip = getenv("REMOTE_ADDR");
else $ip = "UNKNOWN";
return $ip;
}
?>How can I check now in auth.php if $_SESSION['ip'] is the same with the ip provided by the function?
thx