0

I know this seem to be trivial and maybe it is, but I'm wondering about what's the best way to determine, whether a script is executed on localhost or not.

So far, I've used the following distinction when I had to execute different logic, depending on whether a script is being executed locally or not:

if ( $_SERVER['REMOTE_ADDR'] === '127.0.0.1' || $_SERVER['REMOTE_ADDR'] === '::1' ) {
  // localhost-only stuff here (like different routing etc)
}

When I used this the very first time, I've checked obvious possibilities like:

Since the statement worked fine for all those variants, I didn't really care anymore about this. In meantime I've noticed that this does not really cover all cases, for example, when using the host name itself like in

  • http://mycomputer/foo.php

because $_SERVER['REMOTE_ADDR'] won't contains the loopback but local link ip (like fe80:... etc). This leads me to the question if there's a simple/safe/fast solution which really covers ALL possible ways for accessing localhost, since I'm sure there are plenty other variantions which could occur.

// Edit: There is no need to get the client ip as long as the script may take another execution path if running on localhost than if running on the webhost. For example to apply different document root paths without using vhosts or things like that

// Edit2: For now, it seems like there is no better solution than checking all possibly remote addresses like in the following:

    if ( $_SERVER['REMOTE_ADDR'] === '127.0.0.1' ||
         $_SERVER['REMOTE_ADDR'] === '::1' ||
         str_starts_with($_SERVER['REMOTE_ADDR'], 'fe80:') ||
         str_starts_with($_SERVER['REMOTE_ADDR'], '169.254.') ) {
      // running on localhost
    }
stuck1a
  • 13
  • 6
  • So add a check for link-local IPv6 addresses. Alternatively, consider localhost to be irrelevant and implement proper authentication. – Sammitch Oct 25 '21 at 21:38
  • 1
    Does this answer your question? [What is the most accurate way to retrieve a user's correct IP address in PHP?](https://stackoverflow.com/questions/1634782/what-is-the-most-accurate-way-to-retrieve-a-users-correct-ip-address-in-php) – ehymel Oct 25 '21 at 22:17
  • @Sammitch: So you mean, there isn't any other thinkable variant than all possible link local addresses as third variant? Well then it seems to just add those scopes to the statement will be the best solution to execute different code when running scripts local. Don't know what you mean with authentication. I just want to give the possibility to handle local mapping different than remote host without using vhosts or things like that – stuck1a Oct 25 '21 at 22:51
  • Can you explain what problem you are actually trying to solve? Even example.com can be local for a common server config. I can even make a host entry for apple.com that points to my machine. – Chris Haas Oct 26 '21 at 03:29
  • Well, e.g. if my website is stored locally under /projects/MyWebsite, but under /MyWebsite on the web host, this must be somehow specified. The MVC framework that I am currently writing should be as easy to use as possible. The user simply specifies a possibly deviating local mapping and the framework takes care of the rest. This is my current use case. However, I'm only concerned with the question of how to make a reliable distinction (e.g. for such purposes) between local execution and execution on the remote host, so my Router class can add the specified mapping if running local – stuck1a Oct 26 '21 at 05:10
  • Another use case: my company uses OXIDeShop. Our stage server runs on ubuntu but our local systems on win10. By adding a comparable case distinction like this one in oxid's config.inc.php to adjust paths/db infos for execution on localhost, we are able to work with the same local repo which uses local mappings/db if running on localhost and vice versa regardless of any IDE configurations or adjusting configs manually before deploy – stuck1a Oct 26 '21 at 08:03

0 Answers0