51 lines
1.6 KiB
PHP
51 lines
1.6 KiB
PHP
|
<?php
|
|||
|
|
|
|||
|
|
/**
|
|||
|
|
* 获得用户的真实IP地址
|
|||
|
|
* <br />来源:ecshop
|
|||
|
|
* <br />$_SERVER和getenv的区别,getenv不支持IIS的isapi方式运行的php
|
|||
|
|
* @access public
|
|||
|
|
* @return string
|
|||
|
|
*/
|
|||
|
|
function real_ip()
|
|||
|
|
{
|
|||
|
|
static $realip = NULL;
|
|||
|
|
if ($realip !== NULL) {
|
|||
|
|
return $realip;
|
|||
|
|
}
|
|||
|
|
if (isset($_SERVER)) {
|
|||
|
|
if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
|
|||
|
|
$arr = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']);
|
|||
|
|
/* 取X-Forwarded-For中第一个非unknown的有效IP字符串 */
|
|||
|
|
foreach ($arr as $ip) {
|
|||
|
|
$ip = trim($ip);
|
|||
|
|
|
|||
|
|
if ($ip != 'unknown') {
|
|||
|
|
$realip = $ip;
|
|||
|
|
|
|||
|
|
break;
|
|||
|
|
}
|
|||
|
|
}
|
|||
|
|
} elseif (isset($_SERVER['HTTP_CLIENT_IP'])) {
|
|||
|
|
$realip = $_SERVER['HTTP_CLIENT_IP'];
|
|||
|
|
} else {
|
|||
|
|
if (isset($_SERVER['REMOTE_ADDR'])) {
|
|||
|
|
$realip = $_SERVER['REMOTE_ADDR'];
|
|||
|
|
} else {
|
|||
|
|
$realip = '0.0.0.0';
|
|||
|
|
}
|
|||
|
|
}
|
|||
|
|
} else {
|
|||
|
|
if (getenv('HTTP_X_FORWARDED_FOR')) {
|
|||
|
|
$realip = getenv('HTTP_X_FORWARDED_FOR');
|
|||
|
|
} elseif (getenv('HTTP_CLIENT_IP')) {
|
|||
|
|
$realip = getenv('HTTP_CLIENT_IP');
|
|||
|
|
} else {
|
|||
|
|
$realip = getenv('REMOTE_ADDR');
|
|||
|
|
}
|
|||
|
|
}
|
|||
|
|
// 使用正则验证IP地址的有效性,防止伪造IP地址进行SQL注入攻击
|
|||
|
|
preg_match("/[\d\.]{7,15}/", $realip, $onlineip);
|
|||
|
|
$realip = !empty($onlineip[0]) ? $onlineip[0] : '0.0.0.0';
|
|||
|
|
return $realip;
|
|||
|
|
}
|