php: getting ip address

Question

I want to get an ip address of visitors. could you tell me what element of $_SERVER[] i should use?

$_SERVER['HTTP_CLIENT_IP'];
$_SERVER['HTTP_X_FORWARDED_FOR'];
or
$_SERVER['REMOTE_ADDR'];

UPDATE:

If your client is connected to the Internet through Proxy Server then $_SERVER['REMOTE_ADDR'] in PHP just returns the the IP address of the proxy server not of the client’s machine.There are extra Server variable which might be available to determine the exact IP address of the client’s machine in PHP, they are HTTP_CLIENT_IP and HTTP_X_FORWARDED_FOR.

Answer 1

Use this:

function getIP() {
  foreach (array('HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_X_CLUSTER_CLIENT_IP', 'HTTP_FORWARDED_FOR', 'HTTP_FORWARDED', 'REMOTE_ADDR') as $key) {
    if (array_key_exists($key, $_SERVER) === true) {
        foreach (explode(',', $_SERVER[$key]) as $ip) {
           if (filter_var($ip, FILTER_VALIDATE_IP) !== false) {
              return $ip;
           }
        }
     }
   }
 }

Answer 2

$_SERVER['REMOTE_ADDR'];

According to the PHP documentation: The IP address from which the user is viewing the current page.

This is the IP that is connected to your server (reported by your server).
The other values are set by the client.

The HTTP_X_FORWARDED_FOR is a non-standard header (hence the x-prefix), set by certain proxy-servers. It is an attempt by the big proxy server vendors to help ISPs identify abusive IP addresses; it contains a list with all forwarded-for IPs.

I don't know the origin of the HTTP_CLIENT_IP header

Answer 3

It depends on if your application is behind a reverse proxy or something like that. The easiest thing to do is check all three and choose the one that is not one of your IPs.