Java获取IP并存储数据库
可是当我访问http://www.xxx.com/index.jsp/ 时,返回的IP地址始终是unknown,也并不是如上所示的127.0.0.1 或 192.168.1.110了,而我访问http://192.168.1.110:2046/index.jsp 时,则能返回客户端的真实IP地址,写了个方法去验证。原因出在了Squid上。squid.conf 的配制文件 forwarded_for 项默认是为on,如果 forwarded_for 设成了 off 则:X-Forwarded-For: unknown
于是可得出获得客户端真实IP地址的方法二:
public String getIpAddr(HttpServletRequest request) { String ip = request.getHeader("x-forwarded-for"); if(ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { ip = request.getHeader("Proxy-Client-IP"); } if(ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { ip = request.getHeader("WL-Proxy-Client-IP"); } if(ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { ip = request.getRemoteAddr(); } return ip; }
可是,如果通过了多级反向代理的话,X-Forwarded-For的值并不止一个,而是一串ip值,究竟哪个才是真正的用户端的真实IP呢?
答案是取X-Forwarded-For中第一个非unknown的有效IP字符串。
如:
X-Forwarded-For:192.168.1.110, 192.168.1.120, 192.168.1.130, 192.168.1.100
用户真实IP为: 192.168.1.110
注意:以上信息转自别人文章,具体地址不详
<% if(session.getAttribute("maxId") == null){//表示访问的为同一个会话,避免刷新 int maxId = 0;//maxId表示ip记录最大id rs = conn.executeQuery("select max(id) as maxid from ip"); if (rs.next()) maxId = rs.getInt("maxid") + 1; rs.close(); rs = null; // 获取来访客户的IP String ip = request.getHeader("x-forwarded-for"); if(ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { ip = request.getHeader("Proxy-Client-IP"); } if(ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { ip = request.getHeader("WL-Proxy-Client-IP"); } if(ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) { ip = request.getRemoteAddr(); } sql = "insert into ip values(" + maxId + ",'" + ip + "', NOW()" + ")"; System.out.println(sql); conn.executeUpdate(sql);//存储客户IP session.setAttribute("maxId", maxId); } %>
MYSQL知识点:
NOW()函数以`'YYYY-MM-DD HH:MM:SS'返回当前的日期时间,可以直接存到DATETIME字段中。
CURDATE()以’YYYY-MM-DD’的格式返回今天的日期,可以直接存到DATE字段中。
CURTIME()以’HH:MM:SS’的格式返回当前的时间,可以直接存到TIME字段中。
例:insert into ip values(1, '192.168.0.0', NOW())