[Mapbender-dev] mb_user_ip vs. remode_addr
Peter Freimuth
pfreimuth at arcor.de
Mon Feb 9 11:33:24 EST 2009
Christoph Baudson schrieb:
> NAGY, Tamas schrieb:
>> Hi folks!
>>
>> A couple of days ago, I came across an interesting phenomenon and i
>> would like to report it now:
>>
>> If visitors come through multiple web-proxies (the requests are made
>> once via proxy-a, once over proxy-b) and want to reach a mapbender GUI
>> it is not guaranteed that $_SESSION['mb_user_ip'] will be always
>> equal to $_SERVER['REMOTE_ADDR']. Therefore, because in the
>> mb_validateSession.php there is a check against these variables
>> whether they are equal or not, sometimes it can happen that the login
>> form appears for these users.
>> In bigger companies where there are more proxy servers it can happen
>> that once a web-request is made over proxy-a and once over proxy-b.
>
> Thanks for reporting this issue.
>
> Do you have a suggestion how to improve the current behaviour? Please
> feel free to supply a bug fix.
>
> Thanks
>
> Christoph
>
>>
>> Best regards,
>> wEZO
>>
>> _______________________________________________
>> Mapbender_dev mailing list
>> Mapbender_dev at lists.osgeo.org
>> http://lists.osgeo.org/mailman/listinfo/mapbender_dev
>
>
Hi,
what about using this one, not sure if this really solves the issue!?
function getRealIpAddr()
{
if (!empty($_SERVER['HTTP_CLIENT_IP'])) //check ip from share internet
{
$ip=$_SERVER['HTTP_CLIENT_IP'];
}
elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) //to check ip is
pass from proxy
{
$ip=$_SERVER['HTTP_X_FORWARDED_FOR'];
}
else
{
$ip=$_SERVER['REMOTE_ADDR'];
}
return $ip;
}
For me this worked in a similar case where i needed the external visible
ip from the client!
--
Peter Freimuth Muskauer Str. 11 10997 Berlin
Location:http://www.berlinonline.de/citymap/map.asp?start.x=5&plz=10997&str=Muskauer+Str.+11&grid=dedatlas10
========================================================================================================
Tel: +49(0)30 69816610 Mobil: +49(0)178 7863552 Firma: +049(0)
========================================================================================================
mailto:pfreimuth at arcor.de skype:pfreimuth msn:peter_freimuth at hotmail.com
More information about the Mapbender_dev
mailing list