I am building a counter/security application of sorts that uses Curl and PHP. When a visitor comes to my site, the script is supposed to pass their IP address, browser headers, referring URLs and user agent through the Curl script, record data and perform security analysis.
Everything works fine except in the output of the script, it records my server’s IP address instead. This is a problem because I lose all the IP information from my clients
My question is how do I pass the client’s IP address through Curl without it being altered?
After the code runs, target-page.php is supposed to record the IP address of the visitor. Instead it records the IP address of my server running curl.
I’m not sure how “sockets” work but is there a way to create a connection between target-page.php and the client (for example, the target-page.php collects client IP information and sends information back to the client?)
In ‘tracker.php’ you can access the $_GET superglobal to obtain the remote users information. Although, I’m guessing you’re wanting some additional behaviour here…
Ah, I got the script working now and I see what it is doing. I was actually able to do the equivalent using session variables in some of my earlier attempts
What if we take this a step further though and tracker.php is on an external third party site out of my control (such as a counter and API)? If we use “REMOTE_ADDR” on tracker.php, the IP still shows up as my server.
Correct because your server has become the client to that site and its script. I think you might be able to convince it your a proxy or mirror using the HTTP_X_FORWARDED_FOR header but you’ll need to look into that.