PHP获取客户端IP地址的方法 [英] How to get the client IP address in PHP

问题描述

如何使用 PHP 获取客户端 IP 地址?

我想记录通过他/她的 IP 地址登录我网站的用户.

解决方案

无论您做什么，请确保不要信任从客户端发送的数据.$_SERVER['REMOTE_ADDR'] 包含连接方的真实 IP 地址.这是您能找到的最可靠的值.

但是，它们可能位于代理服务器后面，在这种情况下，代理可能设置了 $_SERVER['HTTP_X_FORWARDED_FOR']，但该值很容易被欺骗.例如，可以由没有代理的人设置，或者IP可以是代理后面LAN的内部IP.

这意味着如果您要保存 $_SERVER['HTTP_X_FORWARDED_FOR']，请确保您还保存 $_SERVER['REMOTE_ADDR'] 值.例如.通过将这两个值保存在数据库的不同字段中.

如果您要将 IP 作为字符串保存到数据库中，请确保您有至少 45 个字符的空间.IPv6 将继续存在，而且这些地址比旧的 IPv4 地址更大.

(注意 IPv6 通常最多使用 39 个字符，但也有一个特殊的 IPv6 表示法对于 IPv4 地址，其完整形式最多可包含 45 个字符.因此，如果您知道自己在做什么，则可以使用 39 个字符，但如果您只想设置并忘记它，请使用 45 个).>

How can I get the client IP address using PHP?

I want to keep record of the user who logged into my website through his/her IP address.

解决方案

Whatever you do, make sure not to trust data sent from the client. $_SERVER['REMOTE_ADDR'] contains the real IP address of the connecting party. That is the most reliable value you can find.

However, they can be behind a proxy server in which case the proxy may have set the $_SERVER['HTTP_X_FORWARDED_FOR'], but this value is easily spoofed. For example, it can be set by someone without a proxy, or the IP can be an internal IP from the LAN behind the proxy.

This means that if you are going to save the $_SERVER['HTTP_X_FORWARDED_FOR'], make sure you also save the $_SERVER['REMOTE_ADDR'] value. E.g. by saving both values in different fields in your database.

If you are going to save the IP to a database as a string, make sure you have space for at least 45 characters. IPv6 is here to stay and those addresses are larger than the older IPv4 addresses.

(Note that IPv6 usually uses 39 characters at most but there is also a special IPv6 notation for IPv4 addresses which in its full form can be up to 45 characters. So if you know what you are doing you can use 39 characters, but if you just want to set and forget it, use 45).

这篇关于PHP获取客户端IP地址的方法的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！