一、getUserIpFromIpHeaders方法,从请求头检索客户端ip
// 返回客户端ip地址
protected function getUserIpFromIpHeaders()
{
$ip = $this->getSecureForwardedHeaderTrustedPart('for');
if ($ip !== null && preg_match(
'/^\[?(?P<ip>(?:(?:(?:[0-9a-f]{1,4}:){1,6}(?:[0-9a-f]{1,4})?(?:(?::[0-9a-f]{1,4}){1,6}))|(?:[\d]{1,3}\.){3}[\d]{1,3}))\]?(?::(?P<port>[\d]+))?$/',
$ip,
$matches
)) {
$ip = $this->getUserIpFromIpHeader($matches['ip']);
if ($ip !== null) {
return $ip;
}
}
foreach ($this->ipHeaders as $ipHeader) {
if ($this->headers->has($ipHeader)) {
$ip = $this->getUserIpFromIpHeader($this->headers->get($ipHeader));
if ($ip !== null) {
return $ip;
}
}
}
return null;
}
二、getUserIp方法,返回用户ip地址
public function getUserIP()
{
// 优先从ip头检测客户端ip
$ip = $this->getUserIpFromIpHeaders();
return $ip === null ?
// 客户ip
$this->getRemoteIP() :
$ip;
}
三、getUserIpFromIpHeader方法,从请求头检索ip地址
//从ip头返回用户ip
protected function getUserIpFromIpHeader($ips)
{
$ips = trim($ips);
if ($ips === '') {
return null;
}
$ips = preg_split('/\s*,\s*/', $ips, -1, PREG_SPLIT_NO_EMPTY);
krsort($ips);
$validator = $this->getIpValidator();
$resultIp = null;
foreach ($ips as $ip) {
$validator->setRanges('any');
//检查ip格式
if (!$validator->validate($ip) /* checking IP format */) {
break;
}
// ip格式正确,以下又不符合条件,
//终止检测
$resultIp = $ip;
$isTrusted = false;
foreach ($this->trustedHosts as $trustedCidr => $trustedCidrOrHeaders) {
if (!is_array($trustedCidrOrHeaders)) {
$trustedCidr = $trustedCidrOrHeaders;
}
$validator->setRanges($trustedCidr);
if ($validator->validate($ip) /* checking trusted range */) {
$isTrusted = true;
break;
}
}
if (!$isTrusted) {
break;
}
}
return $resultIp;
}
总结:
阅读了3个方法:
- getUserIpFromIpHeaders方法,从请求头检索客户端ip
- getUserIp方法,返回用户ip地址
- getUserIpFromIpHeader方法,从请求头检索ip地址