You are here

function ip_address in Drupal 6

Same name and namespace in other branches
  1. 7 includes/bootstrap.inc \ip_address()

If Drupal is behind a reverse proxy, we use the X-Forwarded-For header instead of $_SERVER['REMOTE_ADDR'], which would be the IP address of the proxy server, and not the client's.

Return value

IP address of client machine, adjusted for reverse proxy.

13 calls to ip_address()
comment_save in modules/comment/comment.module
Accepts a submission of new or changed comment content.
drupal_anonymous_user in includes/bootstrap.inc
Generates a default anonymous $user object.
flood_is_allowed in includes/common.inc
Check if the current visitor (hostname/IP) is allowed to proceed with the specified event.
flood_register_event in includes/common.inc
Register an event for the current visitor (hostname/IP) to the flood control mechanism.
openid_verify_assertion_nonce in modules/openid/openid.module
Verify that the nonce has not been used in earlier assertions from the same OpenID provider.

... See full list

File

includes/bootstrap.inc, line 1361
Functions that need to be loaded on every Drupal request.

Code

function ip_address() {
  static $ip_address = NULL;
  if (!isset($ip_address)) {
    $ip_address = $_SERVER['REMOTE_ADDR'];
    if (variable_get('reverse_proxy', 0) && array_key_exists('HTTP_X_FORWARDED_FOR', $_SERVER)) {

      // If an array of known reverse proxy IPs is provided, then trust
      // the XFF header if request really comes from one of them.
      $reverse_proxy_addresses = variable_get('reverse_proxy_addresses', array());
      if (!empty($reverse_proxy_addresses) && in_array($ip_address, $reverse_proxy_addresses, TRUE)) {

        // If there are several arguments, we need to check the most
        // recently added one, i.e. the last one.
        $ip_address_parts = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']);
        $ip_address = array_pop($ip_address_parts);
      }
    }
  }
  return $ip_address;
}