Re: [PHP] php behind firewall

Fri, 04 Aug 2006 08:52:48 -0700 

Andrew Senyshyn wrote:
> Hi all,
> 
> I need to get local user IP, but server with apache and php is in
> another subnetwork.
> So from server environment I can get only router's IP.
> The only solution that I see - is getting with some magic algorithm
> local IP from brouser and sending it to server.
> My application is for intranet, so I don't see any reason to make users
> authorization.
> Any ideas for this?

you can't always get the real users IP because of proxies, anonimizers, 
firewalls/gateways
[on the user end] (and don't bother using an IP as an absolute indicator when 
validating a
session - you can use it as one of a number of metrics - for instance AOL users 
have their
IP addresses changed roughly every 300 milliseconds).

nonetheless here are a couple of funcs that might help you (at least to 
understand
what is possible it terms of trying to determine a users IP):

/* Determine if an ip is in a net.
 * E.G. 120.120.120.120 in 120.120.0.0/16
 */
function isIPInSubnet($ip, $net, $mask)
{
    $firstpart  = substr(str_pad(decbin(ip2long($net)), 32, "0", STR_PAD_LEFT) 
,0 , $mask);
    $firstip    = substr(str_pad(decbin(ip2long($ip)), 32, "0", STR_PAD_LEFT), 
0, $mask);

    return (strcmp($firstpart, $firstip) == 0);
}

/* This function check if a ip is in an array of nets (ip and mask) */
function isPrivateIP($theip)
{
    foreach (array("10.0.0.0/8",
                   "172.16.0.0/12",
                   "192.168.0.0/16") as $subnet)
    {
        list($net, $mask) = explode('/', $subnet);
        if(isIPInSubnet($theip,$net,$mask)) {
            return true;
        }
    }

    return false;
}

/* Building the ip array with the HTTP_X_FORWARDED_FOR and REMOTE_ADDR HTTP 
vars.
 * With this function we get an array where first are the ip's listed in
 * HTTP_X_FORWARDED_FOR and the last ip is the REMOTE_ADDR
 */
function getRequestIPs()
{
    $ipList = array();

    foreach (array('HTTP_X_FORWARDED_FOR', 'HTTP_FORWARDED_FOR', 'REMOTE_ADDR') 
as $key) {
        if (isset($_SERVER[$key]) && $_SERVER[$key]) {
            $ipList = array_merge($ipList, explode(',', $_SERVER[$key]));
            break;
        }
    }

    return $ipList;
}

/* try hard to determine whAt the users/clients public IP address is */
function getRequestIP($allowPrivIPs = false)
{
    foreach (getRequestIPs() as $ip) {
        if($ip && ($allowPrivIPs === true || !isPrivateIP($ip))) {
            return $ip;
        }
    }


    return 'unknown';
}



> thanks beforehand
> 

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to