Jump to content

Archived

This topic is now archived and is closed to further replies.

birdie

php proxy detect

Recommended Posts

hi, the new php 5 doesnt allow $_SERVER['HTTP_X_FORWARDED_FOR']; so i'm after your help. Does anyone know a function which either finds out if the client has a proxy or even the clients real ip?

thanks alot

Share this post


Link to post
Share on other sites
Please indicate why you say that?

That has nothing to do with what version of PHP you're using. That gets populated if it's in the HTTP header request.

Assuming a non-anonymous proxy is used, the HTTP_X_FORWARDED_FOR header contains the IP address of the user. In the event a user is going through multiple proxies, the HTTP_X_FORWARDED_FOR header might contain multiple addresses separated by commas. The last address in the list is the original address of the user.

None of that will be accurate 100% of the time. There is no full proof way to get a user's IP address because of various reasons. Any proxy along the way might not pass on the IP address, or users can specify the HTTP_X_FORWARDED_FOR themselves. Anonymous (real anonymous!) proxy servers don't transfer the information about the IP-address of the user.

Note: You must validate the HTTP_X_FORWARDED_FOR field or it could result in XSS (cross-site scripting) or SQL injection attack, depending on how you use it.

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.