Automattic\WooCommerce\StoreApi

Authentication::get_ip_address()protected staticWC 1.0

Get current user IP Address.

X_REAL_IP and CLIENT_IP are custom implementations designed to facilitate obtaining a user's ip through proxies, load balancers etc.

_FORWARDED_FOR (XFF) request header is a de-facto standard header for identifying the originating IP address of a client connecting to a web server through a proxy server. Note for X_FORWARDED_FOR, Proxy servers can send through this header like this: X-Forwarded-For: client1, proxy1, proxy2. Make sure we always only send through the first IP in the list which should always be the client IP. Documentation at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-For

Forwarded request header contains information that may be added by reverse proxy servers (load balancers, CDNs, and so on). Documentation at https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Forwarded Full RFC at https://datatracker.ietf.org/doc/html/rfc7239

Метод класса: Authentication{}

Хуков нет.

Возвращает

Строку.

Использование

$result = Authentication::get_ip_address( $proxy_support );
$proxy_support(true|false)
Enables/disables proxy support.
По умолчанию: false

Код Authentication::get_ip_address() WC 7.3.0

protected static function get_ip_address( bool $proxy_support = false ) {

	if ( ! $proxy_support ) {
		return self::validate_ip( sanitize_text_field( wp_unslash( $_SERVER['REMOTE_ADDR'] ?? 'unresolved_ip' ) ) );
	}

	if ( array_key_exists( 'HTTP_X_REAL_IP', $_SERVER ) ) {
		return self::validate_ip( sanitize_text_field( wp_unslash( $_SERVER['HTTP_X_REAL_IP'] ) ) );
	}

	if ( array_key_exists( 'HTTP_CLIENT_IP', $_SERVER ) ) {
		return self::validate_ip( sanitize_text_field( wp_unslash( $_SERVER['HTTP_CLIENT_IP'] ) ) );
	}

	if ( array_key_exists( 'HTTP_X_FORWARDED_FOR', $_SERVER ) ) {
		$ips = explode( ',', sanitize_text_field( wp_unslash( $_SERVER['HTTP_X_FORWARDED_FOR'] ) ) );
		if ( is_array( $ips ) && ! empty( $ips ) ) {
			return self::validate_ip( trim( $ips[0] ) );
		}
	}

	if ( array_key_exists( 'HTTP_FORWARDED', $_SERVER ) ) {
		// Using regex instead of explode() for a smaller code footprint.
		// Expected format: Forwarded: for=192.0.2.60;proto=http;by=203.0.113.43,for="[2001:db8:cafe::17]:4711"...
		preg_match(
			'/(?<=for\=)[^;,]*/i', // We catch everything on the first "for" entry, and validate later.
			sanitize_text_field( wp_unslash( $_SERVER['HTTP_FORWARDED'] ) ),
			$matches
		);

		if ( strpos( $matches[0] ?? '', '"[' ) !== false ) { // Detect for ipv6, eg "[ipv6]:port".
			preg_match(
				'/(?<=\[).*(?=\])/i', // We catch only the ipv6 and overwrite $matches.
				$matches[0],
				$matches
			);
		}

		if ( ! empty( $matches ) ) {
			return self::validate_ip( trim( $matches[0] ) );
		}
	}

	return '0.0.0.0';
}