2014-04-27, 07:48 PM
Pages: 1 2
2014-04-28, 08:51 AM
{$session->ipaddress}
2014-04-28, 11:44 AM
I love you man thanks very much 
2014-04-28, 12:24 PM
{$_SERVER['REMOTE_ADDR']} will bypass even proxies.
2014-04-28, 12:35 PM
@Cedric you have nailed it mother thanks very much.
2014-04-28, 12:39 PM
(2014-04-28, 12:24 PM)Cedric Wrote: [ -> ]{$_SERVER['REMOTE_ADDR']} will bypass even proxies.
It won't - where did you read that? It would actually show proxy IP and it's not even possible to bypass many proxies in PHP. Before you tell I'm wrong, show source which actually confirms it. Also read these answers: http://stackoverflow.com/questions/30031...es#tab-top
Additionally, first look at inc/class_session.php:
$this->ipaddress = get_ip();function get_ip()
{
global $mybb, $plugins;
$ip = 0;
if(!preg_match("#^(10|172\.16|192\.168)\.#", $_SERVER['REMOTE_ADDR']))
{
$ip = $_SERVER['REMOTE_ADDR'];
}
if($mybb->settings['ip_forwarded_check'])
{
if(isset($_SERVER['HTTP_X_FORWARDED_FOR']))
{
preg_match_all("#[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}#s", $_SERVER['HTTP_X_FORWARDED_FOR'], $addresses);
}
elseif(isset($_SERVER['HTTP_X_REAL_IP']))
{
preg_match_all("#[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}#s", $_SERVER['HTTP_X_REAL_IP'], $addresses);
}
if(is_array($addresses[0]))
{
foreach($addresses[0] as $key => $val)
{
if(!preg_match("#^(10|172\.16|192\.168)\.#", $val))
{
$ip = $val;
break;
}
}
}
}
if(!$ip)
{
if(isset($_SERVER['HTTP_CLIENT_IP']))
{
$ip = $_SERVER['HTTP_CLIENT_IP'];
}
}
if($plugins)
{
$ip_array = array("ip" => &$ip); // Used for backwards compatibility on this hook with the updated run_hooks() function.
$plugins->run_hooks("get_ip", $ip_array);
}
return $ip;
}2014-04-28, 12:45 PM
Guys thanks yo all +1 one more question.
How to return also this information:
City:
State/Region:
Country:
How to return also this information:
City:
State/Region:
Country:
2014-04-28, 01:00 PM
You can use PHP geoip library if your host has it installed:
Or an external service if it hasn't:
$ip_array = @geoip_record_by_name($session->ipaddress);
$region = htmlspecialchars_uni(utf8_encode($ip_array['region']));
$country = htmlspecialchars_uni(utf8_encode($ip_array['country_name']));
$city = htmlspecialchars_uni(utf8_encode($ip_array['city']));Or an external service if it hasn't:
$ip_array = unserialize(file_get_contents('http://www.geoplugin.net/php.gp?ip='.$session->ipaddress));
$region = htmlspecialchars_uni(utf8_encode($ip_array['geoplugin_region']));
$country = htmlspecialchars_uni(utf8_encode($ip_array['geoplugin_countryName']));
$city = htmlspecialchars_uni(utf8_encode($ip_array['geoplugin_city']));2014-04-28, 01:03 PM
(2014-04-28, 12:39 PM)Destroy666 Wrote: [ -> ]if(!preg_match("#^(10|172\.16|192\.168)\.#", $_SERVER['REMOTE_ADDR']))
I just noticed a bug there, the RFC1918 20-bit range is 172.16.0.0/12, which is from 172.16.0.0 to 172.31.255.255. That regex only covers 172.16.*
2014-04-28, 01:15 PM
Destroy666 is right as it can't get proxies, I was actually confused.
But, REMOTE_ADDR is the best solution to others, for have a look at a situation:
$mybb->settings['ip_forwarded_check'] is enabled.
Now i spoof HTTP_X_FORWARDED_FOR with my neighbour's Ip.
What now? Correct me if I am wrong. I wanna learn more about this IP thing.
But, REMOTE_ADDR is the best solution to others, for have a look at a situation:
$mybb->settings['ip_forwarded_check'] is enabled.
Now i spoof HTTP_X_FORWARDED_FOR with my neighbour's Ip.
What now? Correct me if I am wrong. I wanna learn more about this IP thing.
Pages: 1 2