为什么有时读不到ip地址,这个功能
我正在使用这个函数来获取我网站中用户的IP地址,但有时它无法读取IP地址。我不知道用户是否可以隐藏ip地址?如果用户能够这样做,那么我如何获取 IP 地址或任何其他解决方案来识别用户的本地计算机,以便我可以阻止该计算机打开我的网站。
任何建议将不胜感激。
function GetIP()
{
if (getenv("HTTP_CLIENT_IP") && strcasecmp(getenv("HTTP_CLIENT_IP"), "unknown"))
$ip = getenv("HTTP_CLIENT_IP");
else if (getenv("HTTP_X_FORWARDED_FOR") && strcasecmp(getenv("HTTP_X_FORWARDED_FOR"), "unknown"))
$ip = getenv("HTTP_X_FORWARDED_FOR");
else if (getenv("REMOTE_ADDR") && strcasecmp(getenv("REMOTE_ADDR"), "unknown"))
$ip = getenv("REMOTE_ADDR");
else if (isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] && strcasecmp($_SERVER['REMOTE_ADDR'], "unknown"))
$ip = $_SERVER['REMOTE_ADDR'];
else
$ip = "unknown";
return($ip);
}
多谢。
I am using this function to get ip address of the user in my site but it cant read ipaddress sometimes. I dont know that a user can hide the ipaddress or not ? If a user able to do so then how can i get the ipaddress or any other solution to identify the local computer of the user so i can prevent that computer to open my site.
Any suggestion would be greatly appreciated.
function GetIP()
{
if (getenv("HTTP_CLIENT_IP") && strcasecmp(getenv("HTTP_CLIENT_IP"), "unknown"))
$ip = getenv("HTTP_CLIENT_IP");
else if (getenv("HTTP_X_FORWARDED_FOR") && strcasecmp(getenv("HTTP_X_FORWARDED_FOR"), "unknown"))
$ip = getenv("HTTP_X_FORWARDED_FOR");
else if (getenv("REMOTE_ADDR") && strcasecmp(getenv("REMOTE_ADDR"), "unknown"))
$ip = getenv("REMOTE_ADDR");
else if (isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] && strcasecmp($_SERVER['REMOTE_ADDR'], "unknown"))
$ip = $_SERVER['REMOTE_ADDR'];
else
$ip = "unknown";
return($ip);
}
Thanks a lot.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
通常只需
echo $_SERVER['REMOTE_ADDR'];就可以完成这项工作。否则,请向我们解释一下“有时无法读取 ip 地址”是什么意思Normally just
echo $_SERVER['REMOTE_ADDR'];should do the job. Otherwise, explain us, what you mean with "it cant read ipaddress sometimes"IP 地址并不是禁止用户的可靠方法,因为他们可以使用代理,或者可以拥有动态 IP。例如,对于某些用户来说,禁止 IP 仅意味着他们必须重新启动路由器,然后才能再次访问您的网站。
根据您的站点,拒绝某人访问的更好方法是使用用户身份验证(用户登录)。
Ip addresses aren't a sure-fire way of banning users, since they can use Proxies, or can have a dynamic IP. For instance, for some users, banning the IP would just mean they'd have to restart their router and they can access your site again.
Depending on your site, a better way to deny someone access is to use user authentication (user login).
简而言之,没有 100% 保证获取用户 IP 地址的方法 -
$_SERVER['REMOTE_ADDR']是最好的选择,但即使这样也不是 100% 可靠 - 特别是对于网络上的用户。任何从客户端通过 HTTP 传递的内容都可能被阻止/欺骗。
以相反的方式解决你的问题会更容易 - 将访问列入白名单比将其列入黑名单更容易(也更安全) - 如果你能以这种方式解决问题,我会这么做。它只需要类似简单的东西(在 Apache .htaccess 或 vhost 配置中):
The short answer is that there is no 100% guaranteed way of getting a user's IP address -
$_SERVER['REMOTE_ADDR']is your best bet but even that's not 100% reliable - especially for users on networks.Anything that's passed over HTTP from the client could be blocked/spoofed.
It's easier to work your problem the other way around - it's much easier (and more secure) to whitelist access rather than blacklist it - if you can work that way around, I'd go for it. It only requires something like a simple (in an Apache .htaccess or vhost configuration):
您可以从环境中获取的唯一 IP 地址是
REMOTE_ADDR之一。代码中的其他愚蠢字符串只不过是 HTTP 标头,可选的标头。可能是伪造的、遗漏的、格式错误的、为空的等等。
我留下一个结论让你做。
the only IP address you can get from the environment is
REMOTE_ADDRone.The other silly strings in your code is no more than HTTP headers, optional ones. Can be faked, omitted, have wrong format, be empty etc.
I leave a conclusion for you to make.