Clever Geek Handbook

Getting client ip from local network via internet

The fact is that at my institute we all have the same global IP address, now I have a site where we need to identify users uniquely for votes in the poll system ... otherwise we use cookies to their identification, which they are easily removed in order to line up polls. the local IP of the site is 192.168.1.69, so when someone notices from there, we get their client address, but I need to edit this code so that it checks if the website (not IP) is accessible from our institute or not if so, then the client's address should be stored, possibly by a ping local IP address. So please help me.

Here are some of the relevant code

if(!isset($_SERVER['HTTP_X_FORWARDED_FOR']))
$ip = $_SERVER['REMOTE_ADDR'];
else 
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
+3


source to share


1 answer


First, I wouldn't really use (only) an IP based login system. Read the comments above.

Hmmm .. Even after reading your question a few times, I'm not sure if I understand your question correctly. But if I understand this correctly, there may be a technical "limitation":

What I understood:

You have a site, say www.xyz.com. Then you have a local network with many clients accessing the Internet through a NAT gateway.

You are planning:



If an IP NAT router (like a client from your institute) is recognized as a client IP address at www.xyz.com, what are you planning to do "pingback" to get local IP clients from your institute network?

If I understand you correctly, then this is not possible because it violates NAT principles. The point of NAT (in light words) is to hide the local IP address from the Internet address space.

As restrictions that can be violated by programmers;) there will be ways to do this "pingback" with techniques called NAT traversal. But I would advise you not to implement an IP based login system. Because:

  • This is insecure because the IP can be easily spoofed. (You can just turn off one computer and use its IP address)

  • what about DHCP? what if the IP needs to change once?

Note. IP is not a sufficient login ID

+2


source






More articles:


All Articles