function ip_address
| 7.x bootstrap.inc | ip_address() |
| 6.x bootstrap.inc | ip_address() |
If Drupal is behind a reverse proxy, we use the X-Forwarded-For header instead of $_SERVER['REMOTE_ADDR'], which would be the IP address of the proxy server, and not the client's.
Return value
IP address of client machine, adjusted for reverse proxy.
13 calls to ip_address()
- comment_save in drupal-6.x/
modules/ comment/ comment.module - Accepts a submission of new or changed comment content.
- drupal_anonymous_user in drupal-6.x/
includes/ bootstrap.inc - Generates a default anonymous $user object.
- flood_is_allowed in drupal-6.x/
includes/ common.inc - Check if the current visitor (hostname/IP) is allowed to proceed with the specified event.
- flood_register_event in drupal-6.x/
includes/ common.inc - Register an event for the current visitor (hostname/IP) to the flood control mechanism.
- openid_verify_assertion_nonce in drupal-6.x/
modules/ openid/ openid.module - Verify that the nonce has not been used in earlier assertions from the same OpenID provider.
File
- drupal-6.x/
includes/ bootstrap.inc, line 1317 - Functions that need to be loaded on every Drupal request.
Code
function ip_address() {
static $ip_address = NULL;
if (!isset($ip_address)) {
$ip_address = $_SERVER['REMOTE_ADDR'];
if (variable_get('reverse_proxy', 0) && array_key_exists('HTTP_X_FORWARDED_FOR', $_SERVER)) {
// If an array of known reverse proxy IPs is provided, then trust
// the XFF header if request really comes from one of them.
$reverse_proxy_addresses = variable_get('reverse_proxy_addresses', array());
if (!empty($reverse_proxy_addresses) && in_array($ip_address, $reverse_proxy_addresses, TRUE)) {
// If there are several arguments, we need to check the most
// recently added one, i.e. the last one.
$ip_address_parts = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']);
$ip_address = array_pop($ip_address_parts);
}
}
}
return $ip_address;
}