From 5c3cdf2bceac170f156b36f6504a80cae9d263b2 Mon Sep 17 00:00:00 2001
From: ELF <360197197@qq.com>
Date: Fri, 8 Nov 2019 16:03:45 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E7=9C=9F=E5=AE=9Eip=E8=8E=B7?=
 =?UTF-8?q?=E5=8F=96?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 ThinkPHP/Common/functions.php   | 12 ++++++++----
 ThinkPHP/Mode/Api/functions.php | 10 +++++++---
 2 files changed, 15 insertions(+), 7 deletions(-)

diff --git a/ThinkPHP/Common/functions.php b/ThinkPHP/Common/functions.php
index 417f046e0..a6543df8d 100644
--- a/ThinkPHP/Common/functions.php
+++ b/ThinkPHP/Common/functions.php
@@ -1454,17 +1454,21 @@ function get_client_ip($type = 0,$adv=false) {
     static $ip  =   NULL;
     if ($ip !== NULL) return $ip[$type];
     if($adv){
-        if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
+        if (isset($_SERVER['HTTP_X_HWWAF_REAL_IP'])) {
+            $ip = $_SERVER['HTTP_X_HWWAF_REAL_IP'];
+        } elseif (isset($_SERVER['HTTP_X_REAL_IP'])) {
+            $ip = $_SERVER['HTTP_X_REAL_IP'];
+        } elseif (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
             $arr    =   explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']);
             $pos    =   array_search('unknown',$arr);
             if(false !== $pos) unset($arr[$pos]);
             $ip     =   trim($arr[0]);
-        }elseif (isset($_SERVER['HTTP_CLIENT_IP'])) {
+        } elseif (isset($_SERVER['HTTP_CLIENT_IP'])) {
             $ip     =   $_SERVER['HTTP_CLIENT_IP'];
-        }elseif (isset($_SERVER['REMOTE_ADDR'])) {
+        } elseif (isset($_SERVER['REMOTE_ADDR'])) {
             $ip     =   $_SERVER['REMOTE_ADDR'];
         }
-    }elseif (isset($_SERVER['REMOTE_ADDR'])) {
+    } elseif (isset($_SERVER['REMOTE_ADDR'])) {
         $ip     =   $_SERVER['REMOTE_ADDR'];
     }
     // IP地址合法验证
diff --git a/ThinkPHP/Mode/Api/functions.php b/ThinkPHP/Mode/Api/functions.php
index 04a8e6978..94213423f 100644
--- a/ThinkPHP/Mode/Api/functions.php
+++ b/ThinkPHP/Mode/Api/functions.php
@@ -1051,14 +1051,18 @@ function get_client_ip($type = 0) {
     $type       =  $type ? 1 : 0;
     static $ip  =   NULL;
     if ($ip !== NULL) return $ip[$type];
-    if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
+    if (isset($_SERVER['HTTP_X_HWWAF_REAL_IP'])) {
+        $ip = $_SERVER['HTTP_X_HWWAF_REAL_IP'];
+    } elseif (isset($_SERVER['HTTP_X_REAL_IP'])) {
+        $ip = $_SERVER['HTTP_X_REAL_IP'];
+    } elseif (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
         $arr    =   explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']);
         $pos    =   array_search('unknown',$arr);
         if(false !== $pos) unset($arr[$pos]);
         $ip     =   trim($arr[0]);
-    }elseif (isset($_SERVER['HTTP_CLIENT_IP'])) {
+    } elseif (isset($_SERVER['HTTP_CLIENT_IP'])) {
         $ip     =   $_SERVER['HTTP_CLIENT_IP'];
-    }elseif (isset($_SERVER['REMOTE_ADDR'])) {
+    } elseif (isset($_SERVER['REMOTE_ADDR'])) {
         $ip     =   $_SERVER['REMOTE_ADDR'];
     }
     // IP地址合法验证