function ip_address

Returns the IP address of the client machine.

If Drupal is behind a reverse proxy, we use the X-Forwarded-For header instead of $_SERVER['REMOTE_ADDR'], which would be the IP address of the proxy server, and not the client's. The actual header name can be configured by the reverse_proxy_header variable.

Return value

IP address of client machine, adjusted for reverse proxy and/or cluster environments.

20 calls to ip_address()
BanSubscriber::onKernelRequestBannedIpCheck in drupal/core/modules/ban/lib/Drupal/ban/EventSubscriber/BanSubscriber.php
Response with 403 if the visitor's IP adress is banned.
ban_ip_form_validate in drupal/core/modules/ban/ban.admin.inc
Form validation handler for ban_ip_form().
CommentLinksTest::setEnvironment in drupal/core/modules/comment/lib/Drupal/comment/Tests/CommentLinksTest.php
Re-configures the environment, module settings, and user permissions.
CommentNewIndicatorTest::testCommentNewCommentsIndicator in drupal/core/modules/comment/lib/Drupal/comment/Tests/CommentNewIndicatorTest.php
Tests new comment marker.
CommentStorageController::preSave in drupal/core/modules/comment/lib/Drupal/comment/CommentStorageController.php
Overrides Drupal\Core\Entity\DatabaseStorageController::preSave().

... See full list

3 string references to 'ip_address'
IpAddressTest::setUp in drupal/core/modules/system/lib/Drupal/system/Tests/Bootstrap/IpAddressTest.php
Sets up a Drupal site for running functional and integration tests.
IpAddressTest::tearDown in drupal/core/modules/system/lib/Drupal/system/Tests/Bootstrap/IpAddressTest.php
Delete created files and temporary files directory, delete the tables created by setUp(), and reset the database prefix.
IpAddressTest::testIPAddressHost in drupal/core/modules/system/lib/Drupal/system/Tests/Bootstrap/IpAddressTest.php
Tests IP address and hostname.

File

drupal/core/includes/bootstrap.inc, line 3017
Functions that need to be loaded on every Drupal request.

Code

function ip_address() {
  $ip_address =& drupal_static(__FUNCTION__);
  if (!isset($ip_address)) {
    $ip_address = $_SERVER['REMOTE_ADDR'];
    if (variable_get('reverse_proxy', 0)) {
      $reverse_proxy_header = variable_get('reverse_proxy_header', 'HTTP_X_FORWARDED_FOR');
      if (!empty($_SERVER[$reverse_proxy_header])) {

        // If an array of known reverse proxy IPs is provided, then trust
        // the XFF header if request really comes from one of them.
        $reverse_proxy_addresses = variable_get('reverse_proxy_addresses', array());

        // Turn XFF header into an array.
        $forwarded = explode(',', $_SERVER[$reverse_proxy_header]);

        // Trim the forwarded IPs; they may have been delimited by commas and spaces.
        $forwarded = array_map('trim', $forwarded);

        // Tack direct client IP onto end of forwarded array.
        $forwarded[] = $ip_address;

        // Eliminate all trusted IPs.
        $untrusted = array_diff($forwarded, $reverse_proxy_addresses);

        // The right-most IP is the most specific we can trust.
        $ip_address = array_pop($untrusted);
      }
    }
  }
  return $ip_address;
}