TalkPHP - View Single Post

delayedinsanity · 11-25-2009, 01:15 AM

Has anybody ever seen an Apache/PHP formatted HTTP_X_FORWARDED_FOR string? According to the RFC the following function should work, but I've never trapped a hit from a proxy server to be sure.

In addition, I've seen some people write their functions to grab the last ip in the set, but according to the RFC it should be the first.

php Code:

function kstats_trap_ip() {

    // This one *should* be trustworthy if found
    if ( getenv( 'HTTP_CLIENT_IP' ) )
        return $_SERVER['HTTP_CLIENT_IP'];

    // Otherwise we'll check if there's a proxy present
    if ( getenv( 'HTTP_X_FORWARDED_FOR' ) ) {

        $ip = explode( ',', $_SERVER['HTTP_X_FORWARDED_FOR'] );
        return trim( $ip[0] );

    }

    // Nothing else found
    return $_SERVER['REMOTE_ADDR'];

}

11-25-2009, 01:15 AM	#1 (permalink)
delayedinsanity is cute and cuddly Join Date: Mar 2008 Location: Vegas, Baby Posts: 963 Thanks: 31	Http_x_forwarded_for Has anybody ever seen an Apache/PHP formatted HTTP_X_FORWARDED_FOR string? According to the RFC the following function should work, but I've never trapped a hit from a proxy server to be sure. In addition, I've seen some people write their functions to grab the last ip in the set, but according to the RFC it should be the first. php Code: function kstats_trap_ip() { // This one should be trustworthy if found if ( getenv( 'HTTP_CLIENT_IP' ) ) return $_SERVER['HTTP_CLIENT_IP']; // Otherwise we'll check if there's a proxy present if ( getenv( 'HTTP_X_FORWARDED_FOR' ) ) { $ip = explode( ',', $_SERVER['HTTP_X_FORWARDED_FOR'] ); return trim( $ip[0] ); } // Nothing else found return $_SERVER['REMOTE_ADDR']; }