Last active
December 14, 2015 16:27
-
-
Save mbarcia/38b2a1488ba23981a918 to your computer and use it in GitHub Desktop.
ip_address()
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/** | |
* Returns the IP address of the client machine. | |
* | |
* If Drupal is behind a reverse proxy, we use the X-Forwarded-For header | |
* instead of $_SERVER['REMOTE_ADDR'], which would be the IP address of | |
* the proxy server, and not the client's. The actual header name can be | |
* configured by the reverse_proxy_header variable. | |
* | |
* @return | |
* IP address of client machine, adjusted for reverse proxy and/or cluster | |
* environments. | |
*/ | |
function ip_address() { | |
$ip_address = &drupal_static(__FUNCTION__); | |
if (!isset($ip_address)) { | |
$ip_address = $_SERVER['REMOTE_ADDR']; | |
if (variable_get('reverse_proxy', 0)) { | |
$reverse_proxy_header = variable_get('reverse_proxy_header', 'HTTP_X_FORWARDED_FOR'); | |
if (!empty($_SERVER[$reverse_proxy_header])) { | |
// If an array of known reverse proxy IPs is provided, then trust | |
// the XFF header if request really comes from one of them. | |
$reverse_proxy_addresses = variable_get('reverse_proxy_addresses', array()); | |
// Turn XFF header into an array. | |
$forwarded = explode(',', $_SERVER[$reverse_proxy_header]); | |
// Trim the forwarded IPs; they may have been delimited by commas and spaces. | |
$forwarded = array_map('trim', $forwarded); | |
// Tack direct client IP onto end of forwarded array. | |
$forwarded[] = $ip_address; | |
// Eliminate all trusted IPs. | |
$untrusted = array_diff($forwarded, $reverse_proxy_addresses); | |
// The right-most IP is the most specific we can trust. | |
$ip_address = array_pop($untrusted); | |
} | |
} | |
} | |
return $ip_address; | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment