In opposite to the most comments, I think it is possible to get the client's hostname (machine name) in plain PHP, but it's a little bit "dirty".
By requesting "NTLM" authorization via HTTP header...
if (!isset($headers['AUTHORIZATION']) || substr($headers['AUTHORIZATION'],0,4) !== 'NTLM'){
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: NTLM');
exit;
}
You can force the client to send authorization credentials via NTLM format. The NTLM hash sent by the client to server contains, besides the login credtials, the clients machine name. This works cross-browser and PHP only.
$auth = $headers['AUTHORIZATION'];
if (substr($auth,0,5) == 'NTLM ') {
$msg = base64_decode(substr($auth, 5));
if (substr($msg, 0, 8) != "NTLMSSPx00")
die('error header not recognised');
if ($msg[8] == "x01") {
$msg2 = "NTLMSSPx00x02"."x00x00x00x00".
"x00x00x00x00".
"x01x02x81x01".
"x00x00x00x00x00x00x00x00".
"x00x00x00x00x00x00x00x00".
"x00x00x00x00x30x00x00x00";
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: NTLM '.trim(base64_encode($msg2)));
exit;
}
else if ($msg[8] == "x03") {
function get_msg_str($msg, $start, $unicode = true) {
$len = (ord($msg[$start+1]) * 256) + ord($msg[$start]);
$off = (ord($msg[$start+5]) * 256) + ord($msg[$start+4]);
if ($unicode)
return str_replace("\0", '', substr($msg, $off, $len));
else
return substr($msg, $off, $len);
}
$user = get_msg_str($msg, 36);
$domain = get_msg_str($msg, 28);
$workstation = get_msg_str($msg, 44);
print "You are $user from $workstation.$domain";
}
}
And yes, it's not a plain and easy "read the machine name function", because the user is prompted with an dialog, but it's an example, that it is indeed possible (against the other statements here).
Full code can be found here: https://en.code-bude.net/2017/05/07/how-to-read-client-hostname-in-php/