] = getenv('REMOTE_ADDR'); } } $_SERVER['REMOTE_ADDR'] = $ip; } /** * Should I allow the remote client's IP to be overridden by an X-Forwarded-For or Client-Ip HTTP header? * * @param boolean $newState True to allow the override * * @return void * * @since 1.6.0 */ public static function setAllowIpOverrides($newState) { self::$allowIpOverrides = $newState ? true : false; } /** * Gets the visitor's IP address. * * Automatically handles reverse proxies reporting the IPs of intermediate devices, like load balancers. Examples: * * - https://www.akeebabackup.com/support/admin-tools/13743-double-ip-adresses-in-security-exception-log-warnings.html * - https://stackoverflow.com/questions/2422395/why-is-request-envremote-addr-returning-two-ips * * The solution used is assuming that the last IP address is the external one. * * @return string * * @since 1.6.0 */ protected static function detectAndCleanIP() { $ip = static::detectIP(); if (strstr($ip, ',') !== false || strstr($ip, ' ') !== false) { $ip = str_replace(' ', ',', $ip); $ip = str_replace(',,', ',', $ip); $ips = explode(',', $ip); $ip = ''; while (empty($ip) && !empty($ips)) { $ip = array_shift($ips); $ip = trim($ip); } } else { $ip = trim($ip); } return $ip; } /** * Gets the visitor's IP address * * @return string * * @since 1.6.0 */ protected static function detectIP() { // Normally the $_SERVER superglobal is set if (isset($_SERVER)) { // Do we have an x-forwarded-for HTTP header (e.g. NginX)? if (self::$allowIpOverrides && isset($_SERVER['HTTP_X_FORWARDED_FOR'])) { return $_SERVER['HTTP_X_FORWARDED_FOR']; } // Do we have a client-ip header (e.g. non-transparent proxy)? if (self::$allowIpOverrides && isset($_SERVER['HTTP_CLIENT_IP'])) { return $_SERVER['HTTP_CLIENT_IP']; } // Normal, non-proxied server or server behind a transparent proxy if (isset($_SERVER['REMOTE_ADDR'])) { return $_SERVER['REMOTE_ADDR']; } } /* * This part is executed on PHP running as CGI, or on SAPIs which do not set the $_SERVER superglobal * If getenv() is disabled, you're screwed */ if (!\function_exists('getenv')) { return ''; } // Do we have an x-forwarded-for HTTP header? if (self::$allowIpOverrides && getenv('HTTP_X_FORWARDED_FOR')) { return getenv('HTTP_X_FORWARDED_FOR'); } // Do we have a client-ip header? if (self::$allowIpOverrides && getenv('HTTP_CLIENT_IP')) { return getenv('HTTP_CLIENT_IP'); } // Normal, non-proxied server or server behind a transparent proxy if (getenv('REMOTE_ADDR')) { return getenv('REMOTE_ADDR'); } // Catch-all case for broken servers, apparently return ''; } /** * Converts inet_pton output to bits string * * @param string $inet The in_addr representation of an IPv4 or IPv6 address * * @return string * * @since 1.6.0 */ protected static function inetToBits($inet) { if (\strlen($inet) == 4) { $unpacked = unpack('A4', $inet); } else { $unpacked = unpack('A16', $inet); } $unpacked = str_split($unpacked[1]); $binaryip = ''; foreach ($unpacked as $char) { $binaryip .= str_pad(decbin(\ord($char)), 8, '0', STR_PAD_LEFT); } return $binaryip; } /** * Checks if an IPv6 address $ip is part of the IPv6 CIDR block $cidrnet * * @param string $ip The IPv6 address to check, e.g. 21DA:00D3:0000:2F3B:02AC:00FF:FE28:9C5A * @param string $cidrnet The IPv6 CIDR block, e.g. 21DA:00D3:0000:2F3B::/64 * * @return boolean * * @since 1.6.0 */ protected static function checkIPv6CIDR($ip, $cidrnet) { $ip = inet_pton($ip); $binaryip = static::inetToBits($ip); list($net, $maskbits) = explode('/', $cidrnet); $net = inet_pton($net); $binarynet = static::inetToBits($net); $ipNetBits = substr($binaryip, 0, $maskbits); $netBits = substr($binarynet, 0, $maskbits); return $ipNetBits === $netBits; } } Error