Last active
February 21, 2022 07:10
-
-
Save MajideND/202145e385c40d349a508b7157048605 to your computer and use it in GitHub Desktop.
safest method to check user ip with cloudflare
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| function _getUserRealIP() { | |
| $ipaddress = ''; | |
| if(isset($_SERVER['REMOTE_ADDR'])) | |
| $ipaddress = $_SERVER['REMOTE_ADDR']; | |
| else | |
| $ipaddress = 'UNKNOWN'; | |
| return $ipaddress; | |
| } | |
| function _readCloudflareIps() | |
| { | |
| $file = file("https://www.cloudflare.com/ips-v4",FILE_IGNORE_NEW_LINES); | |
| return $file; | |
| } | |
| function _checkIpInRange($ip, $range) { | |
| if (strpos($range, '/') == false) | |
| $range .= '/32'; | |
| // $range is in IP/CIDR format eg 127.0.0.1/24 | |
| list($range, $netmask) = explode('/', $range, 2); | |
| $range_decimal = ip2long($range); | |
| $ip_decimal = ip2long($ip); | |
| $wildcard_decimal = pow(2, (32 - $netmask)) - 1; | |
| $netmask_decimal = ~ $wildcard_decimal; | |
| return (($ip_decimal & $netmask_decimal) == ($range_decimal & $netmask_decimal)); | |
| } | |
| function _checkIsCloudflare($ip) { | |
| $cf_ips = _readCloudflareIps(); | |
| $is_cf_ip = false; | |
| foreach ($cf_ips as $cf_ip) { | |
| if (_checkIpInRange($ip, $cf_ip)) { | |
| $is_cf_ip = true; | |
| break; | |
| } | |
| } | |
| return $is_cf_ip; | |
| } | |
| function getRealIp() | |
| { | |
| $httpIp = _getUserRealIP(); | |
| $check = _checkIsCloudflare($httpIp); | |
| if ($check) { | |
| return $_SERVER['HTTP_CF_CONNECTING_IP']; | |
| }else{ | |
| return $httpIp; | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment