Jump to content

What info can I get from PHP ?

php new bie

By php new bie
in PHP Coding Help

 Share

Recommended Posts

php new bie Member

php new bie

Posted
Posted

hello,

 

a noob Q but i appreciate anyone help me :)

 

i wondered which info can PHP get from user ..

 

i figured out those of global variable $_SERVER

 

like .. IP adress , Remote host name ,useragent .. etc

 

so what can i get also from php if i want to improve the log and cookie system of any web application :)

 

thanks

Link to comment
Share on other sites
Axeia Member

Axeia

Posted
Posted

I think the idea behind it is that you have everything in one spot.

print_r( $_SERVER );

 

Can greatly help in helping to understand all the information as you'll get an instant example of what everything at the very least may contain.

Link to comment
Share on other sites
php new bie Member

php new bie

Posted
  • Author
Posted

i'm sorry if i don't clarify what i want ..

 

so, i know this variable and use it ... and get information ... this step DONE !

 

now any other methods to get information like .. hard drive serial .. MAC address , computer name .. etc (another type of information not in the variable $_SERVER ) .. something more specific and unique to each user

Link to comment
Share on other sites
jackpf Member

jackpf

Posted
Posted

Well, I don't know of any web browsers that offer hard drive serial numbers.

 

You'd have to use an active-x control or something. Although I don't really see why you'd need to get someone's harddrive details...

Link to comment
Share on other sites
php new bie Member

php new bie

Posted
  • Author
Posted

i don't need a hard serial number as it..

 

i need something specific and unique for each user other than supplied by $_SERVER variable :)

 

so what can i do with this ?

 

the value will be encrypted and placen in cookies to be checked each visit :)

 

also to detect cheating users ..

Link to comment
Share on other sites
gevans Regular Member

gevans

Posted
Posted

You could use $_ENV and get the COMPUTERNAME and PROCESSOR_REVISION.

 

Two random things like taht mixed with an ip?

 

doesnt that return the servers COMPUTERNAME and PROCESSOR_REVISION ?

 

http://tw2.php.net/manual/en/reserved.variables.environment.php   (ENVIRONMENT VARIABLES ?)

 

Well, that's embaressing. I thought I was being a genius when I was looking at my phpinfo(), ignore me, please ignore me!

Link to comment
Share on other sites
Ken2k7 Member

Ken2k7

Posted
Posted

i'm sorry if i don't clarify what i want ..

 

so, i know this variable and use it ... and get information ... this step DONE !

 

now any other methods to get information like .. hard drive serial .. MAC address , computer name .. etc (another type of information not in the variable $_SERVER ) .. something more specific and unique to each user

Nope! PHP resides in the server so even if you could get those, you'll be getting the specs of your server hard drive, MAC address etc.

 

If you want that to grab the user's computer specs, I find that very invasive. I probably would avoid your site.

Link to comment
Share on other sites
php new bie Member

php new bie

Posted
  • Author
Posted

What's wrong with an IP address? Combined with their user agent string possibly.

 

simple modem restart and user agent switcher plugin in FF can override this .

 

 

 

You can not get such information like a MAC address from PHP at a minimum you can get it's ip or his ip when he is using a proxy

 

yes i googled and got that php is a server side lang ..

 

 

i'm sorry if i don't clarify what i want ..

 

so, i know this variable and use it ... and get information ... this step DONE !

 

now any other methods to get information like .. hard drive serial .. MAC address , computer name .. etc (another type of information not in the variable $_SERVER ) .. something more specific and unique to each user

Nope! PHP resides in the server so even if you could get those, you'll be getting the specs of your server hard drive, MAC address etc.

 

If you want that to grab the user's computer specs, I find that very invasive. I probably would avoid your site.

 

ken, any website is based on TRUST between the web application and returning visitors ..

 

some ppl you need to ban them and they are just annoying u change their ips .. user agents  have  tons of membership ?

 

so what can you do if you were me !

 

i need to improve my system to raise the security and privacy and ensure there is only one member has one account !

 

Link to comment
Share on other sites
Ken2k7 Member

Ken2k7

Posted
Posted

ken, any website is based on TRUST between the web application and returning visitors ..

 

some ppl you need to ban them and they are just annoying u change their ips .. user agents  have  tons of membership ?

 

so what can you do if you were me !

 

i need to improve my system to raise the security and privacy and ensure there is only one member has one account !

 

To be honest, you need to have some consent form to which no one will agree on. By taking those information, you're invading the user's privacy. Honestly, I won't consent to you just taking my MAC address. You should know by now that in the online world, TRUST means nothing.

Link to comment
Share on other sites
jackpf Member

jackpf

Posted
Posted

Two people using the same pc is abuse?

Lol, that must mean that my entire school is a bunch of abusers considering they're all using the same IP address through the school's proxy server :P

 

Just use an IP address. I don't know of any site that does more than that. As long as email addresses have to be unique, you're pretty safe. Someone's got to make a new email address for every account they make that way.

 

If they're up for that they must have a lot of spare time, or hate your site pretty bad.

Link to comment
Share on other sites
gevans Regular Member

gevans

Posted
Posted

Someone's got to make a new email address for every account they make that way.

 

What about catch-all boxes. Any domain I own can have an unlimited number of email boxes. I can create one that will catch everything sent to that domain.

 

Example;

 

admin@domain.com -> made by me as a catch all

 

a@domain.com -> sent to admin@domain.com

b@domain.com -> sent to admin@domain.com

d7sds8dg@domain.com -> sent to admin@domain.com

 

Very easy to re-register with a website if they only check email addresses, IP is fairly easy to change as well.

 

(I don't have a solution here though, never had a huge problem with users)

Link to comment
Share on other sites
jackpf Member

jackpf

Posted
Posted

Well you can't be sure if someone doesn't have two accounts short of requiring a DNA sample upon registering.

 

Even with your suggested methods which sound impossible, they could still own two, three four pc's.

 

I think in the end, you just have to rely on the fact that making multiple accounts is pretty pointless.

Link to comment
Share on other sites
php new bie Member

php new bie

Posted
  • Author
Posted

yes ken , sure updating site policy will be changed thats if i found any solution.

 

Two people using the same pc is abuse?

Lol, that must mean that my entire school is a bunch of abusers considering they're all using the same IP address through the school's proxy server :P

 

Just use an IP address. I don't know of any site that does more than that. As long as email addresses have to be unique, you're pretty safe. Someone's got to make a new email address for every account they make that way.

 

If they're up for that they must have a lot of spare time, or hate your site pretty bad.

 

lol, i don't say two ppl using the same pc is abuse.I said based on the harm and abuse they do ,

 

if i start new topic in any boatd and have 2 accounts and then start to use the both in same thread and replying on my self and some of that infant mind do !!

 

banning based on that you're sure that these accounts from the same PC and have some kind of similar pc info.

 

and about schools , sure any webmaster will take that in his consideration ;)

Link to comment
Share on other sites
jackpf Member

jackpf

Posted
Posted

Well, if you record user's IP addresses, and notice some schizophrenic talking to himself on different accounts in your forum then yes, by all means, you can probably deduce that he has multiple accounts :P

 

I'm just not sure what else you can do. I don't think there even is anything else you can do.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.