标签:discuz style blog http io ar os sp for
private function _get_client_ip() {
$ip = $_SERVER[‘REMOTE_ADDR‘];
if (isset($_SERVER[‘HTTP_CLIENT_IP‘]) && preg_match(‘/^([0-9]{1,3}\.){3}[0-9]{1,3}$/‘, $_SERVER[‘HTTP_CLIENT_IP‘])) {
$ip = $_SERVER[‘HTTP_CLIENT_IP‘];
} elseif(isset($_SERVER[‘HTTP_X_FORWARDED_FOR‘]) AND preg_match_all(‘#\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}#s‘, $_SERVER[‘HTTP_X_FORWARDED_FOR‘], $matches)) {
foreach ($matches[0] AS $xip) {
if (!preg_match(‘#^(10|172\.16|192\.168)\.#‘, $xip)) {
$ip = $xip;
break;
}
}
}
return $ip;
}
但是通过 HTTP_X_FORWARDED_FOR 获取代理IP的方法有风险,客户端可以伪造:http://www.cnblogs.com/kingthy/archive/2007/11/24/970783.html
标签:discuz style blog http io ar os sp for
原文地址:http://www.cnblogs.com/leezhxing/p/4152769.html
