Page 1 of 1

[SOLVED]Getting user IP address

Posted: Mon Oct 23, 2006 6:05 pm
by batfastad
Hi guys

I'm building a simple intranet application on windows 2000, with php5 and mysql4 on apache 2.2

I'm using the $_SERVER['REMOTE_ADDR'] to get a user's IP address if they make a change to the record, but according to my log script there's been occasions where the IP address hasn't been entered.

I was wondering if there's any reason why this might happen from the PHP / Apache side.

Should this reserved variable always return the user's IP address?
Or are there occasions when the IP address doesn't get returned correctly using this method.


Thanks

Ben

Posted: Mon Oct 23, 2006 6:25 pm
by Burrito
I have never known the IP address to NOT work. Other SERVER variables can be hit or miss (referring url), but REMOTE_ADDR has ALWAYS worked for me.

Posted: Mon Oct 23, 2006 7:51 pm
by alex.barylski
The IP address is sent by the client nothing to do at all with the server side of things...

You should typically get IP's back as I would think most popular browsers use them properly...however there might be a option FF which allows IP blocking...or maybe their going through a proxy...

Lots of reasons why it won't or might not work...thats why it's a horrible way to do business...it's unreliable like anything else sent in by the client through headers...

In short: Don't trust IP for anything, but use it only for basic non-security type situations...

Posted: Mon Oct 23, 2006 8:32 pm
by volka
Hockey wrote:The IP address is sent by the client nothing to do at all with the server side of things...

You should typically get IP's back as I would think most popular browsers use them properly...however there might be a option FF which allows IP blocking
no, the address and the port are part of the socket connection. If the information is faked no return data will reach the client - not even will the tcp/ip connection be fully established.

Posted: Mon Oct 23, 2006 10:42 pm
by alex.barylski
volka wrote:
Hockey wrote:The IP address is sent by the client nothing to do at all with the server side of things...

You should typically get IP's back as I would think most popular browsers use them properly...however there might be a option FF which allows IP blocking
no, the address and the port are part of the socket connection. If the information is faked no return data will reach the client - not even will the tcp/ip connection be fully established.
Ok I realize that, but instead of correcting me...as I wasn't the one asking the question, why not explain to the fellow I replied too, why the IP of some users doesn't show???

My best guess was some browsers maybe didn't construct the headers properly, but your right, I don't think the IP is handled by the browser. So my second guess, would be a proxy possibly causing the problem, or hackers poking at his web site.

If the IP isn't valid it's obvious, data cannot be sent back to the requesting application, so, why then would an IP be bogus? DoS attack or similar is the only thing I can think of, where the attacker doesn't care about feedback, they simply want to tax a system and not have any trace.

I'm out of guesses, but I'm interested in hearing yours...

p.s-In all fareness when I said client I wasn't refering to browsers per se, but rather the client machine, regardless of where it came from.

Cheers :)

Posted: Tue Oct 24, 2006 12:20 am
by Chris Corbyn
~Hockey, I believe ~volka was correcting you in an informative manner to the OP. If somebody says something directly to the OP which is so significantly incorrect it's kind of sensible to correct them ;)

Back on-topic please.

Posted: Tue Oct 24, 2006 6:33 am
by batfastad
Hi everyone

Thanks for all your input.
I use it generally for logging and noticed that on some ocassions it wasn't getting entered.
I won't look into it any further though since proxies can munge all kinds of information.


Thanks everyone

Ben

Posted: Tue Oct 24, 2006 9:04 am
by Z3RO21
Even with a proxy i thought you would still get the proxy IP, check your logging code there may be an error that is not being noticed? Just my 2 cents :) cheers everyone

Posted: Tue Oct 24, 2006 10:41 am
by RobertGonzalez
You will get an IP with a proxy, but it can (and for has) change. Often. So I wouldn't rely on it for anything critical. But $_SERVER['REMOTE_ADDR'] should work in all cases.