This is a purify function to ensure user-inputed string is sanitized and prevent XSS kind of attacks.
function purify($input){
$result = "";
if (isset($input) && !empty($input)) {
$result = rawurldecode($input);
$result = strip_tags($result);
$result = stripcslashes($result);
$result = htmlspecialchars($result, ENT_QUOTES);
$result = iconv('utf-8','utf-8//IGNORE',$result);
}
return $result;
}
The following PHP code snippet will return client IP address.
function get_client_ip() {
$ipaddress = '';
if (getenv('HTTP_CLIENT_IP'))
$ipaddress = getenv('HTTP_CLIENT_IP');
else if(getenv('HTTP_X_FORWARDED_FOR'))
$ipaddress = getenv('HTTP_X_FORWARDED_FOR');
else if(getenv('HTTP_X_FORWARDED'))
$ipaddress = getenv('HTTP_X_FORWARDED');
else if(getenv('HTTP_FORWARDED_FOR'))
$ipaddress = getenv('HTTP_FORWARDED_FOR');
else if(getenv('HTTP_FORWARDED'))
$ipaddress = getenv('HTTP_FORWARDED');
else if(getenv('REMOTE_ADDR'))
$ipaddress = getenv('REMOTE_ADDR');
else
$ipaddress = 'UNKNOWN';
return $ipaddress;
}