Rev 2 | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
| Rev 2 | Rev 4 | ||
|---|---|---|---|
| Line 1... | Line 1... | ||
| 1 | <?php |
1 | <?php |
| 2 | 2 | ||
| 3 | /* |
3 | /* |
| 4 | * IP functions |
4 | * IP functions |
| 5 | * Copyright 2015 Daniel Marschall, ViaThinkSoft |
5 | * Copyright 2015-2022 Daniel Marschall, ViaThinkSoft |
| 6 | * Version 2015-10-27 |
6 | * Version 2021-01-07 |
| 7 | * |
7 | * |
| 8 | * Licensed under the Apache License, Version 2.0 (the "License"); |
8 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 9 | * you may not use this file except in compliance with the License. |
9 | * you may not use this file except in compliance with the License. |
| 10 | * You may obtain a copy of the License at |
10 | * You may obtain a copy of the License at |
| 11 | * |
11 | * |
| Line 16... | Line 16... | ||
| 16 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
16 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 17 | * See the License for the specific language governing permissions and |
17 | * See the License for the specific language governing permissions and |
| 18 | * limitations under the License. |
18 | * limitations under the License. |
| 19 | */ |
19 | */ |
| 20 | 20 | ||
| - | 21 | // Attention in re $allow_proxy: It is not secure to use these, since they are not validated: http://www.thespanner.co.uk/2007/12/02/faking-the-unexpected/ |
|
| 21 | function get_real_ip() { |
22 | function get_real_ip($allow_proxy=false) { |
| 22 | /* Eindeutige IP Adresse erhalten, auch bei Proxies und (neu:) von SSH connections im CLI modus */ |
23 | /* Eindeutige IP Adresse erhalten, auch bei Proxies und (neu:) von SSH connections im CLI modus */ |
| 23 | // http://lists.phpbar.de/pipermail/php/Week-of-Mon-20040322/007749.html |
24 | // http://lists.phpbar.de/pipermail/php/Week-of-Mon-20040322/007749.html |
| 24 | // Modificated by VTS |
25 | // Modificated by VTS |
| 25 | // Version: 2015-10-27 |
26 | // Version: 2021-01-07 |
| 26 | 27 | ||
| 27 | // TODO: ipv6 |
28 | // TODO: ipv6 |
| 28 | 29 | ||
| 29 | if (isset($_SERVER['SSH_CLIENT'])) { $ary = explode(' ', $_SERVER['SSH_CLIENT']); return $ary[0]; } |
30 | if (isset($_SERVER['SSH_CLIENT'])) { $ary = explode(' ', $_SERVER['SSH_CLIENT']); return $ary[0]; } |
| 30 | if (isset($_SERVER['SSH_CONNECTION'])) { $ary = explode(' ', $_SERVER['SSH_CONNECTION']); return $ary[0]; } |
31 | if (isset($_SERVER['SSH_CONNECTION'])) { $ary = explode(' ', $_SERVER['SSH_CONNECTION']); return $ary[0]; } |
| 31 | 32 | ||
| 32 | $client_ip = (isset($_SERVER['HTTP_CLIENT_IP'])) ? $_SERVER['HTTP_CLIENT_IP'] : ''; |
33 | $client_ip = ($allow_proxy && isset($_SERVER['HTTP_CLIENT_IP'])) ? $_SERVER['HTTP_CLIENT_IP'] : ''; |
| 33 | - | ||
| 34 | // It is not secure to use these, since they are not validated: http://www.thespanner.co.uk/2007/12/02/faking-the-unexpected/ |
- | |
| 35 | // $x_forwarded_for = (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : ''; |
34 | $x_forwarded_for = ($allow_proxy && isset($_SERVER['HTTP_X_FORWARDED_FOR'])) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : ''; |
| 36 | $x_forwarded_for = ''; |
- | |
| 37 | - | ||
| 38 | $remote_addr = (isset($_SERVER['REMOTE_ADDR'])) ? $_SERVER['REMOTE_ADDR'] : ''; |
35 | $remote_addr = (isset($_SERVER['REMOTE_ADDR'])) ? $_SERVER['REMOTE_ADDR'] : ''; |
| 39 | 36 | ||
| 40 | if (!empty($client_ip)) { |
37 | if (!empty($client_ip)) { |
| 41 | $ip_expl = explode('.', $client_ip); |
38 | $ip_expl = explode('.', $client_ip); |
| 42 | $referer = explode('.', $remote_addr); |
39 | $referer = explode('.', $remote_addr); |