Backend Development
PHP Tutorial
IP source analysis of restricted IP voting program implemented in PHP, ip voting_PHP tutorial
IP source analysis of restricted IP voting program implemented in PHP, ip voting_PHP tutorial
IP source analysis of restricted IP voting program implemented by PHP, ip voting
This article analyzes the restricted IP voting program implemented by PHP through examples. Share it with everyone for your reference, the details are as follows:
After receiving a request for a voting event, IP restrictions need to be implemented. Each IP limits certain voting opportunities. I searched for the keyword: PHP client IP on the search engine, and the results are basically the following:
if(getenv('HTTP_CLIENT_IP') && strcasecmp(getenv('HTTP_CLIENT_IP'), 'unknown')) {
$onlineip = getenv('HTTP_CLIENT_IP');
} elseif(getenv('HTTP_X_FORWARDED_FOR') && strcasecmp(getenv('HTTP_X_FORWARDED_FOR'), 'unknown')) {
$onlineip = getenv('HTTP_X_FORWARDED_FOR');
} elseif(getenv('REMOTE_ADDR') && strcasecmp(getenv('REMOTE_ADDR'), 'unknown')) {
$onlineip = getenv('REMOTE_ADDR');
} elseif(isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] && strcasecmp($_SERVER['REMOTE_ADDR'], 'unknown')) {
$onlineip = $_SERVER['REMOTE_ADDR'];
}
This code is used in the widely used "discuz" forum software, as well as many open source PHP software. The general idea is to obtain the final client IP address (the IP address of the user who uses a proxy to access it can be obtained address).
Since many mature programs use this code to obtain the client IP address, I can safely use it in the program. Fortunately, a colleague later reminded me that this code cannot be used to restrict IP voting. In the program, because HTTP_X_FORWARDED_FOR can be forged, just add X-Forwarded-For to the request header. What $_SERVER['HTTP_X_FORWARDED_FOR'] on the server side receives is the content of this request header.
Let me explain it using a program:
The content of http://localhost/i.php is to obtain the IP address through the above code and print it out.
Write the code to construct the request and request this URL: The parameter X-Forwarded-For is added to the request header:
$head = array();
$head[] = 'GET /i.php HTTP/1.1';
$head[] = 'Host: localhost';
$head[] = 'X-Forwarded-For: 255.255.255.255' ;
$head[] = 'Connection: Close' ;
$head = join("rn",$head) ;
$head .= "rnrn";
$fp = fsockopen('localhost', 80);
fwrite($fp, $head);
$response = array() ;
while($buff = fread($fp, 4096)){
$response[] = $buff;
}
print join('',$response) ;
Executing this code, you can see that the server side (localhost/i.php) printed 255.255.255.255.
It shows that this method of obtaining the client IP is not advisable in voting activities that restrict IP, and the client's IP address can be forged. Although using $_SERVER['REMOTE_ADDR'] directly does not obtain the user's final IP address, the restriction function is achieved directly and effectively.
Of course, that code cannot be said to be wrong. In some cases where there are no restrictions on IP, it should be used. For example, in some websites with many regional sub-sites, the IP accessed by the user can directly jump to the sub-site in the region where the user is located.
Readers who are interested in more PHP related content can check out the special topics of this site: "php curl usage summary", "php socket usage summary", "PHP network programming skills summary", "PHP basic syntax introductory tutorial", " Summary of php operating office document skills (including word, excel, access, ppt)", "php date and time usage summary", "php object-oriented programming introductory tutorial", "php string (string) usage summary", "php MySQL database operation introductory tutorial" and "php common database operation skills summary"
I hope this article will be helpful to everyone in PHP programming.
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
CakePHP Project Configuration
Sep 10, 2024 pm 05:25 PM
In this chapter, we will understand the Environment Variables, General Configuration, Database Configuration and Email Configuration in CakePHP.
PHP 8.4 Installation and Upgrade guide for Ubuntu and Debian
Dec 24, 2024 pm 04:42 PM
PHP 8.4 brings several new features, security improvements, and performance improvements with healthy amounts of feature deprecations and removals. This guide explains how to install PHP 8.4 or upgrade to PHP 8.4 on Ubuntu, Debian, or their derivati
CakePHP Date and Time
Sep 10, 2024 pm 05:27 PM
To work with date and time in cakephp4, we are going to make use of the available FrozenTime class.
CakePHP File upload
Sep 10, 2024 pm 05:27 PM
To work on file upload we are going to use the form helper. Here, is an example for file upload.
CakePHP Routing
Sep 10, 2024 pm 05:25 PM
In this chapter, we are going to learn the following topics related to routing ?
Discuss CakePHP
Sep 10, 2024 pm 05:28 PM
CakePHP is an open-source framework for PHP. It is intended to make developing, deploying and maintaining applications much easier. CakePHP is based on a MVC-like architecture that is both powerful and easy to grasp. Models, Views, and Controllers gu
CakePHP Creating Validators
Sep 10, 2024 pm 05:26 PM
Validator can be created by adding the following two lines in the controller.
CakePHP Working with Database
Sep 10, 2024 pm 05:25 PM
Working with database in CakePHP is very easy. We will understand the CRUD (Create, Read, Update, Delete) operations in this chapter.
