You are here

Home » API reference » Zircon Profile 8.0 » Request.php » Request

public function Request::getClientIps in Zircon Profile 8.0

Same name and namespace in other branches
  1. 8 vendor/symfony/http-foundation/Request.php \Symfony\Component\HttpFoundation\Request::getClientIps()

Returns the client IP addresses.

In the returned array the most trusted IP address is first, and the least trusted one last. The "real" client IP address is the last one, but this is also the least trusted one. Trusted proxies are stripped.

Use this method carefully; you should use getClientIp() instead.

Return value

array The client IP addresses

See also

getClientIp()

1 call to Request::getClientIps()
Request::getClientIp in vendor/symfony/http-foundation/Request.php
Returns the client IP address.

File

vendor/symfony/http-foundation/Request.php, line 799

Class

Request
Request represents an HTTP request.

Namespace

Symfony\Component\HttpFoundation

Code

public function getClientIps() {
  $clientIps = array();
  $ip = $this->server
    ->get('REMOTE_ADDR');
  if (!$this
    ->isFromTrustedProxy()) {
    return array(
      $ip,
    );
  }
  if (self::$trustedHeaders[self::HEADER_FORWARDED] && $this->headers
    ->has(self::$trustedHeaders[self::HEADER_FORWARDED])) {
    $forwardedHeader = $this->headers
      ->get(self::$trustedHeaders[self::HEADER_FORWARDED]);
    preg_match_all('{(for)=("?\\[?)([a-z0-9\\.:_\\-/]*)}', $forwardedHeader, $matches);
    $clientIps = $matches[3];
  }
  elseif (self::$trustedHeaders[self::HEADER_CLIENT_IP] && $this->headers
    ->has(self::$trustedHeaders[self::HEADER_CLIENT_IP])) {
    $clientIps = array_map('trim', explode(',', $this->headers
      ->get(self::$trustedHeaders[self::HEADER_CLIENT_IP])));
  }
  $clientIps[] = $ip;

  // Complete the IP chain with the IP the request actually came from
  $ip = $clientIps[0];

  // Fallback to this when the client IP falls into the range of trusted proxies
  foreach ($clientIps as $key => $clientIp) {

    // Remove port (unfortunately, it does happen)
    if (preg_match('{((?:\\d+\\.){3}\\d+)\\:\\d+}', $clientIp, $match)) {
      $clientIps[$key] = $clientIp = $match[1];
    }
    if (IpUtils::checkIp($clientIp, self::$trustedProxies)) {
      unset($clientIps[$key]);
    }
  }

  // Now the IP chain contains only untrusted proxies and the client IP
  return $clientIps ? array_reverse($clientIps) : array(
    $ip,
  );
}