birdie Posted May 13, 2006 Share Posted May 13, 2006 hi, the new php 5 doesnt allow $_SERVER['HTTP_X_FORWARDED_FOR']; so i'm after your help. Does anyone know a function which either finds out if the client has a proxy or even the clients real ip?thanks alot Quote Link to comment Share on other sites More sharing options...
toplay Posted May 13, 2006 Share Posted May 13, 2006 Please indicate why you say that?That has nothing to do with what version of PHP you're using. That gets populated if it's in the HTTP header request.Assuming a non-anonymous proxy is used, the HTTP_X_FORWARDED_FOR header contains the IP address of the user. In the event a user is going through multiple proxies, the HTTP_X_FORWARDED_FOR header might contain multiple addresses separated by commas. The last address in the list is the original address of the user.None of that will be accurate 100% of the time. There is no full proof way to get a user's IP address because of various reasons. Any proxy along the way might not pass on the IP address, or users can specify the HTTP_X_FORWARDED_FOR themselves. Anonymous (real anonymous!) proxy servers don't transfer the information about the IP-address of the user.Note: You must validate the HTTP_X_FORWARDED_FOR field or it could result in XSS (cross-site scripting) or SQL injection attack, depending on how you use it. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.