Do browsers protect users' IP address?

I am writing code in PHP and I would like to determine the client's IP address. I am using $ _SERVER ['REMOTE_ADDR'].

It works normally ... But sometimes I get the address when a user who was on a normal internet connection tried to connect a website. Is there a reason for this?


source to share

4 answers

is a broadcast from your internal server (loopback)

If you are sure that this is an external user, you should check the code entry options on your site.



The problem is that ip2long will return a number equal to 4294967295 (for and that your MySQL INT field (if signed) takes a maximum value of 2147483647 (source: 5.0 / en / integer-types.html ) and so any value above 2147483647 will be stored as 2147483647. This is why you have in your database.

I guess converting the database column to BIGINT or unsigned INT will fix this, but be aware that some implementations (I think it's 32-bit or 64-bit) of ip2long () will return a negative number, to be careful.



To answer the question in the title: REMOTE_ADDR is set by the appropriate webserver and cannot be changed by the user (except using a proxy, etc.). It is determined by the outgoing TCP connection before HTTP happens.

However, it can be obfuscated by some firewalls or proxy servers on the server network.

Also, confusing is that is a broadcast address and shouldn't be the source for an HTTP connection (which is TCP only, which is unicast only).



The problem is not where you are looking. In fact, when you store $_SERVER['REMOTE_ADDR']

in mysql with inet_aton

, you have to make sure the column is defined as int (11) unsigned


If your column is signed int

, then the data is truncated and all IPs that are larger than are stored as such.

You need to run this query on your mysql table (change table and column name):

ALTER TABLE  `stats` CHANGE `ip` `ip` INT( 11 ) UNSIGNED;




All Articles