1、原ip字段长度由20改39就行了
注意:很多会说直接去除正则,这个方法是可以正常获取,但时同也留下系统被就会注入风险。
- /**
- * 取得IP4或IPV6(php 7.4以上写法)
- *
- * 不合法回返空
- * @return string
- */
- function egetip(): string
- {
- global $ecms_config;
- if(getenv('HTTP_CLIENT_IP') && strcasecmp(getenv('HTTP_CLIENT_IP'), 'unknown')) {
- $ip = getenv('HTTP_CLIENT_IP');
- }
- elseif(getenv('HTTP_X_FORWARDED_FOR') && strcasecmp(getenv('HTTP_X_FORWARDED_FOR'), 'unknown')){
- $ip = getenv('HTTP_X_FORWARDED_FOR');
- }
- elseif(getenv('REMOTE_ADDR') && strcasecmp(getenv('REMOTE_ADDR'), 'unknown')){
- $ip = getenv('REMOTE_ADDR');
- }
- elseif(isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] && strcasecmp($_SERVER['REMOTE_ADDR'], 'unknown')){
- $ip = $_SERVER['REMOTE_ADDR'];
- }
- if($ecms_config['sets']['getiptype'] > 0){
- $ip = egetipadd();
- }
- return (substr_count($ip, ':') > 1 && false !== filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) || false !== filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) ? $ip : '';
- }
- /**
- * 取得IP4或IPV6(php 5.6以上写法)
- *
- * 不合法回返空
- * @return string
- */
- function egetip()
- {
- global $ecms_config;
- if(getenv('HTTP_CLIENT_IP') && strcasecmp(getenv('HTTP_CLIENT_IP'), 'unknown')) {
- $ip = getenv('HTTP_CLIENT_IP');
- }
- elseif(getenv('HTTP_X_FORWARDED_FOR') && strcasecmp(getenv('HTTP_X_FORWARDED_FOR'), 'unknown')){
- $ip = getenv('HTTP_X_FORWARDED_FOR');
- }
- elseif(getenv('REMOTE_ADDR') && strcasecmp(getenv('REMOTE_ADDR'), 'unknown')){
- $ip = getenv('REMOTE_ADDR');
- }
- elseif(isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] && strcasecmp($_SERVER['REMOTE_ADDR'], 'unknown')){
- $ip = $_SERVER['REMOTE_ADDR'];
- }
- if($ecms_config['sets']['getiptype'] > 0){
- $ip = egetipadd();
- }
- return (substr_count($ip, ':') > 1 && false !== filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) || false !== filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) ? $ip : '';
- }
- (substr_count($ip, ':') > 1 && false !== filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) || false !== filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) 这检测ipv4和ipv6合法性,可以放心用