Well, as Salathe rightly pointed out, some ISPs rotate the IP on every page, and as Salathe is not man enough to say it himself
(grins), I'll say it myself and face the consequences! As AOL rotates the IP on every page, identifying unique visitors is something that can
never be determined.
However, as Bluesaga mentioned, and I have verified this with another source, then the comma-separated X_FORWARDED_FOR would be extremely useful. What I couldn't locate is the ordering of the comma+space separated X_FORWARDED_FOR and so if anybody knows, please let me know. Let's assume that I am correct in assuming that the original IP will be at the beginning of the X_FORWARDED_FOR attribute. The following code would work:
PHP Code:
function getUserIP()
{
if(isset($_SERVER['X_FORWARDED_FOR']))
{
if(strpos($_SERVER['X_FORWARDED_FOR'], ',') === false)
{
return $_SERVER['X_FORWARDED_FOR'];
}
return trim(reset(explode(',', $_SERVER['X_FORWARDED_FOR'])));
}
return $_SERVER['REMOTE_ADDR'];
}
This would check to see if there are any commas in X_FORWARDED_FOR, and if there are, return the first IP. If not then return X_FORWARDED_FOR as-is. If there is no X_FORWARDED_FOR set at all then return the address from REMOTE_ADDR. As pointed out in another article of mine, the two popular web-based proxies do not set the X_FORWARDED_FOR attribute as they are poorly coded and do not understand web-standards.
Let's mimic the X_FORWARDED_FOR and add the following code that calls our
getUserIP function:
PHP Code:
$_SERVER['X_FORWARDED_FOR'] = '127.0.0.1, 192.168.0.1';
echo 'User IP: ' . getUserIP();
This would rightfully return 127.0.0.1. If, however, my assumption is incorrect and the first proxy is at the end of the X_FORWARDED_FOR attribute, which I highly doubt, then replace the
reset function with
end. Though knowing the correct order would be much appreciated!