php获取代理服务器真实内网IP方法

时间:2023-01-09 18:23:03

 功能:获取用户真实IP地址,代理服务器内网IP,防HTTP_CDN_FORWARDED_FOR注入

function getIP() {

if (isset($_SERVER["HTTP_CDN_SRC_IP"])) {
$realip = $_SERVER["HTTP_CDN_SRC_IP"];
} else if (isset($_SERVER['HTTP_X_FORWARDED_FOR']) && preg_match('/^([0-9]{1,3}\.){3}[0-9]{1,3}$/',$_SERVER['HTTP_X_FORWARDED_FOR'])) {
$realip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} elseif (isset($_SERVER['HTTP_CLIENT_IP'])) {
$realip = $_SERVER['HTTP_CLIENT_IP'];
} else {
$realip = $_SERVER['REMOTE_ADDR'];
}

//如果是代理服务器,有可能返回两个IP,这是取第一个即可
if (stristr($realip, ','))
$realip = strstr($realip, ',', true);
return (str_replace('#', '', $realip));
}

  

关于注入漏洞,可以查看:http://www.cnblogs.com/chengmo/archive/2013/05/29/php.html)