Clever Geek Handbook

Do browsers protect users' IP address?

I am writing code in PHP and I would like to determine the client's IP address. I am using $ _SERVER ['REMOTE_ADDR'].

It works normally ... But sometimes I get the address 127.255.255.255 when a user who was on a normal internet connection tried to connect a website. Is there a reason for this?

+3


source to share


4 answers


127.255.255.255

is a broadcast from your internal server (loopback)



If you are sure that this is an external user, you should check the code entry options on your site.

+3


source


The problem is that ip2long will return a number equal to 4294967295 (for 255.255.255.255) and that your MySQL INT field (if signed) takes a maximum value of 2147483647 (source: http://dev.mysql.com/doc/refman/ 5.0 / en / integer-types.html ) and so any value above 2147483647 will be stored as 2147483647. This is why you have 127.255.255.255 in your database.



I guess converting the database column to BIGINT or unsigned INT will fix this, but be aware that some implementations (I think it's 32-bit or 64-bit) of ip2long () will return a negative number, to be careful.

+1


source


To answer the question in the title: REMOTE_ADDR is set by the appropriate webserver and cannot be changed by the user (except using a proxy, etc.). It is determined by the outgoing TCP connection before HTTP happens.

However, it can be obfuscated by some firewalls or proxy servers on the server network.

Also, confusing is that 127.255.255.255 is a broadcast address and shouldn't be the source for an HTTP connection (which is TCP only, which is unicast only).

0


source


The problem is not where you are looking. In fact, when you store $_SERVER['REMOTE_ADDR']

in mysql with inet_aton

, you have to make sure the column is defined as int (11) unsigned

.

If your column is signed int

, then the data is truncated and all IPs that are larger than 127.255.255.255 are stored as such.

You need to run this query on your mysql table (change table and column name):

ALTER TABLE  `stats` CHANGE `ip` `ip` INT( 11 ) UNSIGNED;
0


source






More articles:


All Articles