function ip_address in Drupal 6
Same name and namespace in other branches
- 7 includes/bootstrap.inc \ip_address()
If Drupal is behind a reverse proxy, we use the X-Forwarded-For header instead of $_SERVER['REMOTE_ADDR'], which would be the IP address of the proxy server, and not the client's.
Return value
IP address of client machine, adjusted for reverse proxy.
13 calls to ip_address()
- comment_save in modules/
comment/ comment.module - Accepts a submission of new or changed comment content.
- drupal_anonymous_user in includes/
bootstrap.inc - Generates a default anonymous $user object.
- flood_is_allowed in includes/
common.inc - Check if the current visitor (hostname/IP) is allowed to proceed with the specified event.
- flood_register_event in includes/
common.inc - Register an event for the current visitor (hostname/IP) to the flood control mechanism.
- openid_verify_assertion_nonce in modules/
openid/ openid.module - Verify that the nonce has not been used in earlier assertions from the same OpenID provider.
File
- includes/
bootstrap.inc, line 1361 - Functions that need to be loaded on every Drupal request.
Code
function ip_address() {
static $ip_address = NULL;
if (!isset($ip_address)) {
$ip_address = $_SERVER['REMOTE_ADDR'];
if (variable_get('reverse_proxy', 0) && array_key_exists('HTTP_X_FORWARDED_FOR', $_SERVER)) {
// If an array of known reverse proxy IPs is provided, then trust
// the XFF header if request really comes from one of them.
$reverse_proxy_addresses = variable_get('reverse_proxy_addresses', array());
if (!empty($reverse_proxy_addresses) && in_array($ip_address, $reverse_proxy_addresses, TRUE)) {
// If there are several arguments, we need to check the most
// recently added one, i.e. the last one.
$ip_address_parts = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']);
$ip_address = array_pop($ip_address_parts);
}
}
}
return $ip_address;
}