On Aug 28, 2010, at 8:28 PM, tedd wrote:
> Sorry for not making sense. But sometimes you have to confirm the
> players (both server and remote) in communications.
>
> Try this -- place this script on your site:
>
> <?php
> print_r($_SERVER);
> ?>
>
> You will note that:
>
> [SERVER_NAME] => is the domain name of your site.
>
> Also:
>
> [SERVER_ADDR] => is the IP of your site. If you are on a shared
> host, then it will still be the IP of the main host.
>
> Please note:
>
> [REMOTE_ADDR] => is the IP of the remote server. It *will be* the IP
> of the remote main host regardless of if the requesting script is
> running on the remote main host OR is running under a remote shared
> host.
>
> Here's an example:
>
> My site http://webbytedd.com is running on a shared host.
>
> The server address reported for this site is: 74.208.162.186
>
> However, if I enter 74.208.162.186 into a browser, I do not arrive
> at webbytedd.com, but instead go to securelayer.com who is my host.
>
> Now, if webbytedd.com was the requesting script, how could the
> original script know what domain name the request came from? As it
> is now, it can only know the main host ID, but not the domain name
> of the requesting script. Does that make my question any clearer?
>
> So my questions basically is -- how can I discover the actual domain
> name of the remote script when it is running on a shared server?
>
> I hope that makes better sense.
>
> Cheers,
>
> tedd
I really don't understand what you mean by "remote script" -- most
requests are made by clients. REMOTE_ADDR is the IP address of the
*client* - i.e. the requesting system. It may or may not be a script.
And it may or may not have an accessible hostname.
Is this a situation where you are establishing a service that is to be
called by other servers, i.e, some form of API? If not, and if it is a
case of a browser client calling a PHP script on your server, most
browser clients aren't running on very useful hostnames for the
outside world anyway. E.g. the hostname of my mac is "paladin.local"
but it obviously can't be called by the outside world by that name.
Maybe tell us what you are trying to accomplish by knowing the
hostname of the calling machine? Maybe there's another way.
Are you trying to set up two-way communication between the two
servers? Normally, communication is established without regard for
the calling machine's hostname, because it's going through the
connection established by the web server. PHP just returns info along
that connection to the calling machine. It seems you would only need
to know the requesting system's hostname if you were going to
establish some other channel of communication with it, i.e., if your
original script was somehow going to call back the calling machine,
webbytedd.com to do some other kind of activity. If that *is* what
you're doing, I can probably guarantee there's a better way to do it.
However, if what you're after is *authenticating* that the requester
is who they say they are, there are ways to do that as well without
knowing the requesting host's name (and better than knowing the
requesting host's name, you can establish authenticity and access
control for a particular script which is much better than just
establishing blanket authority for a particular hostname).
However, I'm really reaching here with trying to understand what you
want to accomplish by knowing the requesting machine's hostname.
So, please, explain what you are trying to do and maybe we can help
with that.
Tamara
> At 10:56 AM +0200 8/29/10, Peter Lind wrote:
>> On 29 August 2010 08:08, Jim Lucas <li...@cmsws.com> wrote:
>>
>> *snip*
>>
>>> Their is not existing variable (if you would) that your server, when
>>> connecting to a remote server, would be sending. So, to have the
>>> remote end
>>> be able to identify the initiating host identity, the initiating
>>> side would
>>> have to add some something to the headers or pass it along in the
>>> body of
>>> the request itself.
>>>
>>
>> +1. Let the requestion script send through identification/
>> authentification.
>>
>> Regards
>> Peter
>
> To all:
>
> My post about SERVER globals was simply an observation that the
> SERVER global report of host and remote was not symmetric -- for
> example you could obtain both the IP and Domain Name of the host,
> but only the IP of the remote. Sorry for any confusion I may have
> caused in my post.
>
> As to the reason why I was asking, please review my next post,
> namely "Secure Communication?"
>
> Cheers,
>
> tedd
Hey tedd,
My understanding of how shared hosting works would make this near
impossible... Basically Apache grabs a header that is sent at the
initial connection which includes the destination hostname and from
there it translates it to the proper directory on the shared host.
All the IP's though are based off of the parent site's server...
Now with dedicated hosting where you have the entire machine you can
do what you are looking at because the IP address will always
translate back to your website.
Now hopefully my understanding of shared hosting isn't flawed but if
it is I'm sure someone will nicely point out why :)
*snip*
> Their is not existing variable (if you would) that your server, when
> connecting to a remote server, would be sending. So, to have the remote end
> be able to identify the initiating host identity, the initiating side would
> have to add some something to the headers or pass it along in the body of
> the request itself.
>
+1. Let the requestion script send through identification/authentification.
Regards
Peter
--
<hype>
WWW: http://plphp.dk / http://plind.dk
LinkedIn: http://www.linkedin.com/in/plind
BeWelcome/Couchsurfing: Fake51
Twitter: http://twitter.com/kafe15
</hype>
To all:
My post about SERVER globals was simply an observation that the
SERVER global report of host and remote was not symmetric -- for
example you could obtain both the IP and Domain Name of the host, but
only the IP of the remote. Sorry for any confusion I may have caused
in my post.
As to the reason why I was asking, please review my next post, namely
"Secure Communication?"
Cheers,
tedd
--
-------
http://sperling.com/
> Hi gang:
>
> The server global:
>
> $_SERVER['SERVER_ADDR']
>
> Provides the IP of the server where the current script is executing.
>
> And, the server global:
>
> $_SERVER['REMOTE_ADDR']
>
> Provides the IP of the server executing the script.
Yes, aka the client address.
> As such, you can enter the IP of either into a browser and see that
> specific domain.
Huh? If my server is 192.168.29.104 and my client is 192.168.29.114, I
might get the default website on the server address, and nothing on the
client (assuming it is not running a webserver).
> However, that doesn't work when you are dealing with shared hosting.
> Doing that will show you to the parent domain, but not the child
> domain (i.e., alias).
>
> So, how can I identify the exact location of the 'server_addr' and of
> the 'remote_addr' on shared hosting? Is that possible?
$_SERVER['SERVER_NAME'] will tell you the name of the virtual host - I
don't know if that is what you're after.
--
Per Jessen, Zürich (12.2°C)
Your understanding is the same as my understanding.
Certainly, $_SERVER['SERVER_NAME'] will tell you
the name of the virtual host, but what about the
virtual remote?
You see, I can have a script on one server
communicate with another script on a another
server and the remote addresses reported on
either will not translate back to their
respective virtual hosts, but instead to their
hosts.
So, I'm trying to figure out a compliment to
$_SERVER['SERVER_NAME'] such as something like
$_SERVER['REMOTE_NAME'].
Is there such a beast?
> My understanding of how shared hosting works would make this near
> impossible... Basically Apache grabs a header that is sent at the
> initial connection which includes the destination hostname and from
> there it translates it to the proper directory on the shared host.
>
> All the IP's though are based off of the parent site's server...
>
> Now with dedicated hosting where you have the entire machine you can
> do what you are looking at because the IP address will always
> translate back to your website.
AFAICT, Tedd was not asking about the server, he's asking about the
client.
--
Per Jessen, Zürich (17.2°C)
The HTTP protocol does not provide a domain among the request header
fields - you need to implement idenfication/authentication in a
different manner (preferably in a way that does not rely upon IP
addresses, seeing as that doesn't provide any reliable sort of
identification).
In php project, I am using OOp feature, I want to know, which way the
following is better. 1, write a new class, create a new file. 2. write
all class in one php file.
Thanks.
--
Thanks!
VVThumb Microproduction
Location:Room 807,QiLuRuanJianDaSha Qilu Software Park
No. 1 Shunhua Rd High-Tech Development Zone
Jinan, China 250101
Website: http://www.haulynjason.net/haulyn
Mobile: +86 15854103759
Haulyn Jason
The server global:
$_SERVER['SERVER_ADDR']
Provides the IP of the server where the current script is executing.
And, the server global:
$_SERVER['REMOTE_ADDR']
Provides the IP of the server executing the script.
As such, you can enter the IP of either into a browser and see that
specific domain.
However, that doesn't work when you are dealing with shared hosting.
Doing that will show you to the parent domain, but not the child
domain (i.e., alias).
So, how can I identify the exact location of the 'server_addr' and of
the 'remote_addr' on shared hosting? Is that possible?
Thanks,
You're not making any sense. For the script on your local host to be
able to connect and communicate with the remote host, it would need to
know the name of the remote host. Hence, the local host already knows
the name and has no reason to ask the remote host for a name by which
to contact it.
That's what I get from your description of the problem. You probably
want to clarify some things.
Peter:
<?php
print_r($_SERVER);
?>
You will note that:
Also:
Please note:
Here's an example:
Cheers,
Their is not existing variable (if you would) that your server, when
connecting to a remote server, would be sending. So, to have the remote
end be able to identify the initiating host identity, the initiating
side would have to add some something to the headers or pass it along in
the body of the request itself.
What type of service are you trying to create on your server? And what
protocol would it be using to connect to the remote server? If you are
using cURL, you could add something to the headers before you send the
request. But, if you are using something like fopen or
file_get_contents, you are stuck. You would not be able to modify the
headers being sent in the request.
If you are in need of identifying the initial server from the second
server, then I would suggest using cURL and adding something unique to
the headers before you send the request to the remote server.
Hope that is clear as mud.
For maintainability: 1 class, 1 file
For performance: all critical/core class in same file (i.e. the ones
you WILL load no matter what), the rest loaded as needed
It's a tradeoff. If you don't know which to pick, go with 1 class, 1 file.
Thanks Eric, I have read the autoload document, but not pay attention on
it. I will search more about it now, thanks.
--
> On Mon, Aug 30, 2010 at 10:34:42PM +0200, Peter Lind wrote:
>
> > On 30 August 2010 22:34, Paul M Foster <pa...@quillandmouse.com> wrote:
> > > On Mon, Aug 30, 2010 at 09:53:46PM +0200, Peter Lind wrote:
> > >
>
> <snip>
>
> > >> > $_SERVER['REMOTE_NAME']
> > >> >
> > >> > So the question is, how would he get that last variable. It becomes
> > >> > complicated when using a shared hosting environment, because server
> > >> > names and IPs aren't a 1:1 mapping. An IP may represent numerous
> actual
> > >> > site names. This was part or all of the reason why the http
> protocol was
> > >> > revised from 1.0 to 1.1-- in order to accommodate all the domains,
> which
> > >> > because of the cramped IP space of IPv4, had to share IPs. So in the
> > >> > HTTP 1.1 protocol, there is additional information passed about
> the name
> > >> > of the domain.
> > >> >
> > >>
> > >> In the scenario painted, it's explicitly stated that one server acts
> > >> as a client in trying to access a resource on another server. Could
> > >> you enlighten me as to where the domain name of a client is located in
> > >> the request header fields? Here's the RFC for HTTP 1.1
> > >> http://www.w3.org/Protocols/rfc2616/rfc2616-sec5.html#sec5.3
> > >
> > > From http://www8.org/w8-papers/5c-protocols/key/key.html:
>
> <snip>
>
> > >
> > > My mistake, though: this change was by no means the only reason for the
> > > creation of HTTP 1.1
> >
> > Not only that, it has nothing whatsoever to do with the case at hand.
> > The Host header field specifies the domain you're asking a resource
> > from, not the the domain of the client. Hence, it cannot be used in
> > any fashion to provide identification of the client doing the request,
> > which is what Tedd wanted.
>
> Tedd was looking for the server name for the remote server, as seen from
> the perspective of the asking server. In his example, he was looking for
> a variable which would tell him "Slave's" name from "Master's"
> perspective. That's why he was asking if there was anything like
> $_SERVER['REMOTE_NAME'] as a known PHP server variable.
I'm mistaken here. He's looking for the name of the server making the
request, which doesn't appear to be transmitted anywhere.
Paul
--
Paul M. Foster
No, he's talking about the server. But the server he's using may offload
the processing of a script to another machine. So
$_SERVER['SERVER_ADDR'] and $_SERVER['SERVER_NAME']
both relate to the server which the client is originally communicating
with. But he wants to know if he can get the same information about a
different remote server which is processing a script for him. The
problem is that we have:
$_SERVER['REMOTE_ADDR']
but no
$_SERVER['REMOTE_NAME']
So the question is, how would he get that last variable. It becomes
complicated when using a shared hosting environment, because server
names and IPs aren't a 1:1 mapping. An IP may represent numerous actual
site names. This was part or all of the reason why the http protocol was
revised from 1.0 to 1.1-- in order to accommodate all the domains, which
because of the cramped IP space of IPv4, had to share IPs. So in the
HTTP 1.1 protocol, there is additional information passed about the name
of the domain.
Paul
--
Paul M. Foster
> On 30 August 2010 22:34, Paul M Foster <pa...@quillandmouse.com> wrote:
> > On Mon, Aug 30, 2010 at 09:53:46PM +0200, Peter Lind wrote:
> >
<snip>
> >> > $_SERVER['REMOTE_NAME']
> >> >
> >> > So the question is, how would he get that last variable. It becomes
> >> > complicated when using a shared hosting environment, because server
> >> > names and IPs aren't a 1:1 mapping. An IP may represent numerous actual
> >> > site names. This was part or all of the reason why the http protocol was
> >> > revised from 1.0 to 1.1-- in order to accommodate all the domains, which
> >> > because of the cramped IP space of IPv4, had to share IPs. So in the
> >> > HTTP 1.1 protocol, there is additional information passed about the name
> >> > of the domain.
> >> >
> >>
> >> In the scenario painted, it's explicitly stated that one server acts
> >> as a client in trying to access a resource on another server. Could
> >> you enlighten me as to where the domain name of a client is located in
> >> the request header fields? Here's the RFC for HTTP 1.1
> >> http://www.w3.org/Protocols/rfc2616/rfc2616-sec5.html#sec5.3
> >
> > From http://www8.org/w8-papers/5c-protocols/key/key.html:
<snip>
> >
> > My mistake, though: this change was by no means the only reason for the
> > creation of HTTP 1.1
>
> Not only that, it has nothing whatsoever to do with the case at hand.
> The Host header field specifies the domain you're asking a resource
> from, not the the domain of the client. Hence, it cannot be used in
> any fashion to provide identification of the client doing the request,
> which is what Tedd wanted.
Tedd was looking for the server name for the remote server, as seen from
the perspective of the asking server. In his example, he was looking for
a variable which would tell him "Slave's" name from "Master's"
perspective. That's why he was asking if there was anything like
$_SERVER['REMOTE_NAME'] as a known PHP server variable.
Of course, you're correct in that the HTTP 1.1 spec I cited wouldn't help
him. I just mentioned it as being of tangential interest.
In the scenario painted, it's explicitly stated that one server acts
as a client in trying to access a resource on another server. Could
you enlighten me as to where the domain name of a client is located in
the request header fields? Here's the RFC for HTTP 1.1
http://www.w3.org/Protocols/rfc2616/rfc2616-sec5.html#sec5.3
Regards
Sorry, I went on vacation for a few days (it was a surprise vacation
with a 2 day notice).
I think you both understand what I was looking for and found what I
wanted was not possible. It's just one of those things in life you
have to live with.
Thanks very much for your time and comment.