web站点获取用户IP的安全方法 HTTP_X_FORWARDED_FOR检验
安全过滤后的getIP函数
复制代码 代码如下:
function getIP() {
$realip = ''; //设置默认值
if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$realip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} elseif (isset($_SERVER['HTTP_CLIENT_IP'])) {
$realip = $_SERVER['HTTP_CLIENT_IP'];
} else {
$realip = $_SERVER['REMOTE_ADDR'];
}
preg_match('/^((?:\d{1,3}\.){3}\d{1,3})/',$realip,$match);
return $match?$match[0]:false;
}
以上函数,增加了IP判断,只会读取以Ip格式数据开头,并且第一个满足IP格式值。如果没有返回false。 这样就可以读取到满足格式的IP,验证了数据的IP格式。
如果我读取互联网的IP,用户传入局域网的IP,我应该直接过滤掉
我们在一些网站上面,经常可以看到提示,非法的IP地址,其实一部分是IP地址格式错误,一部分可能是读取到IP地址,不满足互联网上面允许IP格式。 以下这个函数,是通过IANA站点规范,封装了个函数。 通过输入IP地址,能够准确知道,该IP是不是可以在互联网应用。
复制代码 代码如下:
//互联网允许使用IP地址
function ipType2($ip) {
$iplist = explode(".", $ip);
if ($iplist[0] >= 224 && $iplist[0] return '多播';
if ($iplist[0] >= 240 && $iplist[0] return '保留';
if (preg_match('/^198\.51\.100/', $ip))
return 'TEST-NET-2,文档和示例';
if (preg_match('/^203\.0\.113/', $ip))
return 'TEST-NET-3,文档和示例';
if (preg_match('/^192\.(18|19)\./', $ip))
return '网络基准测试';
if (preg_match('/^192\.168/', $ip))
return '专用网络[内部网]';
if (preg_match('/^192\.88\.99/', $ip))
return 'ipv6to4中继';
if (preg_match('/^192\.0\.2\./', $ip))
return 'TEST-NET-1,文档和示例';
if (preg_match('/^192\.0\.0\./', $ip))
return '保留(IANA)';
if (preg_match('/^192\.0\.0\./', $ip))
return '保留(IANA)';
if ($iplist[0] == 172 && $iplist[1] = 16)
return '专用网络[内部网]';
if ($iplist[0] == 169 && $iplist[1] == 254)
return '链路本地';
if ($iplist[0] == 127)
return '环回地址';
if ($iplist[0] == 10)
return '专用网络[内部网]';
if ($iplist[0] == 0)
return '本网络(仅作为源地址时合法)';
return 'InterNet网地址';
}
当你输入IP地址,它返回是“'InterNet网地址' ,那么这个IP地址不光格式正确,而且是互联网上面合法的IP地址。 这个函数很复杂,其实就是排除很多非互联网使用IP地址。 我们常见的192,127,10开头地址估计都很熟悉了。 但实际上,很多IP地址是保留的,或者留作它用。 不能作为互联网 IP使用。 有了以上两个函数,我们不光可以读到正确格式IP地址,还能够保证读到是互联网上面IP地址。 以上是工作中常使用的函数,欢迎朋友们交流!
作者:chengmo QQ:8292669
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1664
14
1423
52
1317
25
1268
29
1248
24
How to add trusted sites in Google Chrome
Jul 19, 2024 pm 04:14 PM
How to add trusted sites in Google Chrome? Some users cannot browse the web normally because the page prompts that it is not secure when surfing the Internet. At this time, they can add the website as a trusted site, and we can access it normally and surf the Internet smoothly. The editor below will bring you the steps to add a trusted site in Google Chrome. The steps are simple and easy to operate, and even beginners can easily get started. Friends who need it can learn about it together. How to add a trusted site in Google Chrome: 1. Open Google Chrome and click the three dots in the upper right corner. Click [Settings]. Choose privacy settings and security. (As shown in the picture) 2. Click Website Settings at the bottom of the page. (As shown in the picture) 3. Click on the unsafe content at the bottom of the page. (As shown in the picture) 4. Click the Add button to the right of the Allow option. (As shown in the picture) 5. Lose
The secret of hatching mobile dragon eggs is revealed (step by step to teach you how to successfully hatch mobile dragon eggs)
May 04, 2024 pm 06:01 PM
Mobile games have become an integral part of people's lives with the development of technology. It has attracted the attention of many players with its cute dragon egg image and interesting hatching process, and one of the games that has attracted much attention is the mobile version of Dragon Egg. To help players better cultivate and grow their own dragons in the game, this article will introduce to you how to hatch dragon eggs in the mobile version. 1. Choose the appropriate type of dragon egg. Players need to carefully choose the type of dragon egg that they like and suit themselves, based on the different types of dragon egg attributes and abilities provided in the game. 2. Upgrade the level of the incubation machine. Players need to improve the level of the incubation machine by completing tasks and collecting props. The level of the incubation machine determines the hatching speed and hatching success rate. 3. Collect the resources required for hatching. Players need to be in the game
How to set font size on mobile phone (easily adjust font size on mobile phone)
May 07, 2024 pm 03:34 PM
Setting font size has become an important personalization requirement as mobile phones become an important tool in people's daily lives. In order to meet the needs of different users, this article will introduce how to improve the mobile phone use experience and adjust the font size of the mobile phone through simple operations. Why do you need to adjust the font size of your mobile phone - Adjusting the font size can make the text clearer and easier to read - Suitable for the reading needs of users of different ages - Convenient for users with poor vision to use the font size setting function of the mobile phone system - How to enter the system settings interface - In Find and enter the "Display" option in the settings interface - find the "Font Size" option and adjust it. Adjust the font size with a third-party application - download and install an application that supports font size adjustment - open the application and enter the relevant settings interface - according to the individual
Complete collection of excel function formulas
May 07, 2024 pm 12:04 PM
1. The SUM function is used to sum the numbers in a column or a group of cells, for example: =SUM(A1:J10). 2. The AVERAGE function is used to calculate the average of the numbers in a column or a group of cells, for example: =AVERAGE(A1:A10). 3. COUNT function, used to count the number of numbers or text in a column or a group of cells, for example: =COUNT(A1:A10) 4. IF function, used to make logical judgments based on specified conditions and return the corresponding result.
How to choose a mobile phone screen protector to protect your mobile phone screen (several key points and tips for purchasing mobile phone screen protectors)
May 07, 2024 pm 05:55 PM
Mobile phone film has become one of the indispensable accessories with the popularity of smartphones. To extend its service life, choose a suitable mobile phone film to protect the mobile phone screen. To help readers choose the most suitable mobile phone film for themselves, this article will introduce several key points and techniques for purchasing mobile phone film. Understand the materials and types of mobile phone films: PET film, TPU, etc. Mobile phone films are made of a variety of materials, including tempered glass. PET film is relatively soft, tempered glass film has good scratch resistance, and TPU has good shock-proof performance. It can be decided based on personal preference and needs when choosing. Consider the degree of screen protection. Different types of mobile phone films have different degrees of screen protection. PET film mainly plays an anti-scratch role, while tempered glass film has better drop resistance. You can choose to have better
How to implement HTTP streaming using C++?
May 31, 2024 am 11:06 AM
How to implement HTTP streaming in C++? Create an SSL stream socket using Boost.Asio and the asiohttps client library. Connect to the server and send an HTTP request. Receive HTTP response headers and print them. Receives the HTTP response body and prints it.
Implementing Machine Learning Algorithms in C++: Security Considerations and Best Practices
Jun 01, 2024 am 09:26 AM
When implementing machine learning algorithms in C++, security considerations are critical, including data privacy, model tampering, and input validation. Best practices include adopting secure libraries, minimizing permissions, using sandboxes, and continuous monitoring. The practical case demonstrates the use of the Botan library to encrypt and decrypt the CNN model to ensure safe training and prediction.
Security configuration and hardening of Struts 2 framework
May 31, 2024 pm 10:53 PM
To protect your Struts2 application, you can use the following security configurations: Disable unused features Enable content type checking Validate input Enable security tokens Prevent CSRF attacks Use RBAC to restrict role-based access
