which is the better way to get the ip
What is the better way of getting the IP address in PHP:
getenv(\'REMOTE_ADDR\');
or,
$_SERVER[\'REMOTE_ADDR\'];
-
This post is a bit dated, so I thought I would share how I am currently getting the request IP address in my PHP scripts, as this post was originally about a better way to get a request IP. This is a better way, although not one of the choices given in the original post.
This approach uses a small function library for ease of portability.
// Function to sanitize IP string function sanitize_ip($string){ $string = trim($string); $string = strip_tags($string); $string = htmlspecialchars($string, ENT_QUOTES, 'UTF-8'); $string = str_replace('\n', '', $string); $string = trim($string); return $string; } // Function to evaluate HTTP headers for IP function evaluate_ip(){ $ip_keys = array( 'HTTP_CF_CONNECTING_IP', 'HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_X_CLUSTER_CLIENT_IP', 'HTTP_X_REAL_IP', 'HTTP_X_COMING_FROM', 'HTTP_PROXY_CONNECTION', 'HTTP_FORWARDED_FOR', 'HTTP_FORWARDED', 'HTTP_COMING_FROM', 'HTTP_VIA', 'REMOTE_ADDR' ); foreach ($ip_keys as $key){ if (array_key_exists($key, $_SERVER) === true){ foreach (explode(',', $_SERVER[$key]) as $ip){ $ip = trim($ip); $ip = normalize_ip($ip); if (validate_ip($ip)) return $ip; } } } // Build error response HTML $msg = 'ERROR: Invalid IP Address'; echo $msg; exit; } // Function to normalize IPv4 and IPv6 addresses with port function normalize_ip($ip){ // IPv4 with port (e.g., 123.123.123.123:80) if (strpos($ip, ':') !== false && substr_count($ip, '.') == 3 && strpos($ip, '[') === false){ $ip = explode(':', $ip); $ip = $ip[0]; } // IPv6 with port (e.g., [::1]:80) else { $ip = explode(']', $ip); $ip = ltrim($ip[0], '['); } return $ip; } // Function to validate IP address function validate_ip($ip){ $options = FILTER_FLAG_IPV4 | FILTER_FLAG_IPV6 | FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE; $filtered = filter_var($ip, FILTER_VALIDATE_IP, $options); if (!$filtered || empty($filtered)){ if (preg_match("/^(([1-9]?[0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5]).){3}([1-9]?[0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$/", $ip)){ return $ip; // IPv4 } elseif (preg_match("/^\s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:)))(%.+)?\s*$/", $ip)){ return $ip; // IPv6 } // Build error response HTML $msg = 'ERROR: Invalid IP Address'; echo $msg; exit; } return $filtered; } function get_ip(){ $ip = evaluate_ip(); if (preg_match('/(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})/', $ip, $ip_match)){ $ip = $ip_match[1]; } return sanitize_ip($ip); } // To Use $ip = get_ip(); //Hope this will help someone now in 2018!
加载中...
- 热议问题