Maybe I have misunderstood your question. Are you saying that $remote_host is correct upon the first invocation of the script. But subsequently linked invocations it is set to a username? If it is a qualified hostname instead of an IP address , then I understand but a username??

I am not sure I can think of how to mess with that part of the environment with a GET request. Could you post code that demonstrates the problem?