4

Possible Duplicate:
Getting Users Real IP address using PHP

I want to log the ip address of anyone who visits my website using a php script to block possible spammers. Is there a surefire way to find and log anyone's real ip address or a most reliable method?

UPDATE: my website only asks users for a password to log in, no username required. If I want to keep my current method of validation, what other methods can I use to block or deter most spammers?

Community
  • 1
  • 1
user701510
  • 5,563
  • 17
  • 61
  • 86
  • 1
    $_SERVER['REMOTE_ADDR'], you can't block spammers by ip any reliable way –  Apr 26 '11 at 04:30

2 Answers2

15

Function to find real IP address in PHP

function getRealIpAddr()
{
    if (!empty($_SERVER['HTTP_CLIENT_IP']))   //check ip from share internet
    {
      $ip=$_SERVER['HTTP_CLIENT_IP'];
    }
    elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR']))   //to check ip is pass from proxy
    {
      $ip=$_SERVER['HTTP_X_FORWARDED_FOR'];
    }
    else
    {
      $ip=$_SERVER['REMOTE_ADDR'];
    }
    return $ip;
}

Source:- http://roshanbh.com.np/2007/12/getting-real-ip-address-in-php.html

Mukesh Chapagain
  • 25,063
  • 15
  • 119
  • 120
  • 2
    Be advised that X-Forwarded-For may be a comma+space separated list of IPs instead of just 1: http://en.wikipedia.org/wiki/X-Forwarded-For#Format – Fanis Hatzidakis Oct 31 '12 at 08:49
  • Isnt this very dangerous? http_x_forwared can be modified by the client right? Just stick with $_SERVER['REMOTE_ADDR']; – Gokigooooks Aug 18 '16 at 13:43
1

As Dagon said, $_SERVER['REMOTE_ADDR'], at least using Apache.

But then again, it's already in the Apache logs.

jcomeau_ictx
  • 37,688
  • 6
  • 92
  • 107