[Mapbender-dev] mb_user_ip vs. remode_addr

Peter Freimuth pfreimuth at arcor.de
Mon Feb 9 11:33:24 EST 2009 

Christoph Baudson schrieb:
> NAGY, Tamas schrieb:
>> Hi folks!
>>
>> A couple of days ago, I came across an interesting phenomenon and i
>> would like to report it now:
>>
>> If visitors come through multiple web-proxies (the requests are made
>> once via proxy-a, once over proxy-b) and want to reach a mapbender GUI
>> it is not guaranteed that $_SESSION['mb_user_ip'] will be always
>> equal to $_SERVER['REMOTE_ADDR']. Therefore, because in the
>> mb_validateSession.php there is a check against these variables
>> whether they are equal or not, sometimes it can happen that the login
>> form appears for these users.
>> In bigger companies where there are more proxy servers it can happen
>> that once a web-request is made over proxy-a and once over proxy-b.
>
> Thanks for reporting this issue.
>
> Do you have a suggestion how to improve the current behaviour? Please
> feel free to supply a bug fix.
>
> Thanks
>
> Christoph
>
>>
>> Best regards,
>> wEZO
>>
>> _______________________________________________
>> Mapbender_dev mailing list
>> Mapbender_dev at lists.osgeo.org
>> http://lists.osgeo.org/mailman/listinfo/mapbender_dev
>
>

Hi,
what about using this one, not sure if this really solves the issue!?
function getRealIpAddr()
{
    if (!empty($_SERVER['HTTP_CLIENT_IP']))   //check ip from share internet
    {
      $ip=$_SERVER['HTTP_CLIENT_IP'];
    }
    elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR']))   //to check ip is
pass from proxy
    {
      $ip=$_SERVER['HTTP_X_FORWARDED_FOR'];
    }
    else
    {
      $ip=$_SERVER['REMOTE_ADDR'];
    }
    return $ip;
}

For me this worked in a similar case where i needed the external visible
ip from the client!


-- 
Peter Freimuth  Muskauer Str. 11   10997 Berlin
Location:http://www.berlinonline.de/citymap/map.asp?start.x=5&plz=10997&str=Muskauer+Str.+11&grid=dedatlas10
========================================================================================================
Tel: +49(0)30 69816610  Mobil: +49(0)178 7863552  Firma: +049(0)
========================================================================================================
mailto:pfreimuth at arcor.de   skype:pfreimuth    msn:peter_freimuth at hotmail.com

More information about the Mapbender_dev mailing list