EsOne Posted December 12, 2009 Share Posted December 12, 2009 Hello. I am new(er) to PHP, but I think I am learning pretty quickly. You guys have helped me out a few times already. Today I am trying to log/record IPs of visitors. I am not quite sure of the principles behind it, but would like to learn. Both the how and why of it. I have learned to ban certain IPs, but it would only be assuming I know the IP address of the person I am trying to restrict. That code is: <?php if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) { $ip = $_SERVER['HTTP_X_FORWARDED_FOR']; } elseif (isset($_SERVER['HTTP_VIA'])) { $ip = $_SERVER['HTTP_VIA']; } elseif (isset($_SERVER['REMOTE_ADDR'])) { $ip = $_SERVER['REMOTE_ADDR']; } else { $ip = "Banned"; } $banned = file("banned.txt", "r+"); $nbanned = count($banned); function ban($ip, $banned, $nbanned){ for ($i = 0 ; $i < $nbanned ; $i++) { // Use this if you want to use IP patterns with regular expressions: // if (eregi($ip, $banned[$i])) { // We have to strip the end-of-line characters, to test for equality: if ($ip == rtrim($banned[$i])) { echo "You have been banned from this site, if you feel this is in error "; echo "please send email to *********@***** "; die(); } } } ban($ip, $banned, $nbanned); ?> I'll admit that it was a copy/paste code. Not quite sure what it all does. But, as I said, this only limits people that I know the IP address of. Any help, or patient teaching is appreciated. Quote Link to comment https://forums.phpfreaks.com/topic/184897-ip-address-recording/ Share on other sites More sharing options...
RussellReal Posted December 12, 2009 Share Posted December 12, 2009 $_SERVER['REMOTE_ADDR'] will give you the IP address that the client gives to you lol. If you really want to log IP activity.. You could probably skate a lil bit and just record IP + REQUEST VARS. That way you can see what they're sending you, However, the ip they send you won't always be their actual IP address, could be a Proxy. or other possabilities so IP bans should be used lightly lol Quote Link to comment https://forums.phpfreaks.com/topic/184897-ip-address-recording/#findComment-976067 Share on other sites More sharing options...
EsOne Posted December 12, 2009 Author Share Posted December 12, 2009 Could you explain that in a bit more detail? REQUEST VARS? I am guessing I will need to create a database in MYSQL to hold the information, correct? Quote Link to comment https://forums.phpfreaks.com/topic/184897-ip-address-recording/#findComment-976074 Share on other sites More sharing options...
oni-kun Posted December 12, 2009 Share Posted December 12, 2009 I'll admit that it was a copy/paste code. Not quite sure what it all does. But, as I said, this only limits people that I know the IP address of. Any help, or patient teaching is appreciated. $_SERVER['REMOTE_ADDR'] will return the primary connection to the server, minus any server variables that may be set (for valid reasons). X_FORWARDED_FOR is a very basic setting set by proxies, But virtually no web proxies actually use them, This is sort of deprecated (and old) for detecting a proxy. Your code: elseif (isset($_SERVER['REMOTE_ADDR'])) { $ip = $_SERVER['REMOTE_ADDR']; Will always equate to TRUE, as remote_addr is required by the client to be sent, so there's not much of a chance it'll go to the 'ELSE' statement you have at the bottom. .. A MySQL database would be simple to create, you can read tutorials on this site, etc. EDIT: Request variables are anything under SERVER_VARS, $_SERVER, $_GET, $_POST etc.. Quote Link to comment https://forums.phpfreaks.com/topic/184897-ip-address-recording/#findComment-976075 Share on other sites More sharing options...
EsOne Posted December 12, 2009 Author Share Posted December 12, 2009 I have started a tutorial on MYSQL a few days ago. I know how to create tables and whatnot now. I just don't know how to get information from MYSQL into a php page in a usable way, or how to make a code write to the table. So, I would use the $_SERVER['REMOTE_ADDR'] to get the IP. What would the syntax look like if I wanted to put it into MYSQL? Also, to view the IPs generated easily, would it be a good idea to create another page to list the IPs that have visited? I'm not really worried about proxy use, as the site I am trying to do is but a small section. I want to limit access, but avoid "user passwords" I want to avoid that because the few people that would have access to it could easily give out their password to friends. Then, I would be at square one over again. Having access to limit the IPs that visit seem better. Since, even if I did decide to go with a password/username system, I could still limit access from people that should not have access. Quote Link to comment https://forums.phpfreaks.com/topic/184897-ip-address-recording/#findComment-976084 Share on other sites More sharing options...
RussellReal Posted December 12, 2009 Share Posted December 12, 2009 mysql_query("INSERT INTO ip_table (ip,request_vars) VALUES('{$_SERVER['REMOTE_ADDR']}','".mysql_real_escape_string(print_r($_REQUEST,true))."')"); and yes it would make moderating or looking through the data if you create a page for listing the activity. Quote Link to comment https://forums.phpfreaks.com/topic/184897-ip-address-recording/#findComment-976093 Share on other sites More sharing options...
oni-kun Posted December 12, 2009 Share Posted December 12, 2009 $IP = $_SERVER['REMOTE_ADDR']; //Or whatever refined IP $Requests = mysql_real_escape_string(print_r($_REQUEST,true)); //Grab server request vars $Date = date('Y-m-d'); //The date, you can use other info.. mysql_query("INSERT INTO ip_table (IP, requests, date) VALUES('".$IP."','".$Requests."', '".$Date."' ) ") or die(mysql_error()); An example. It'll automatically add a new row, depending that your ID field is auto_increment. Yes, you should create a passworded page that echos the contents of the table 'ip_table' via the while loop i'm sure the tutorials taught you, you can easily just store any info you want. You may want to use php_myadmin to maintain or switch any tables without redoing it all.. Quote Link to comment https://forums.phpfreaks.com/topic/184897-ip-address-recording/#findComment-976097 Share on other sites More sharing options...
ngreenwood6 Posted December 12, 2009 Share Posted December 12, 2009 I'm not really worried about proxy use, as the site I am trying to do is but a small section. I want to limit access, but avoid "user passwords" I want to avoid that because the few people that would have access to it could easily give out their password to friends. Then, I would be at square one over again. Having access to limit the IPs that visit seem better. Since, even if I did decide to go with a password/username system, I could still limit access from people that should not have access. There is few problems with what you are trying to do. Say you allow a user to have access to the site, but they are using a public proxy. Anyone using that proxy can now access your website because they are coming from the same ip. The other problem is that most home users are using a dynamic ip address meaning that it can change. If you limit it to ip address and there ip address changes then they will no longer have access to the site. Quote Link to comment https://forums.phpfreaks.com/topic/184897-ip-address-recording/#findComment-976111 Share on other sites More sharing options...
Daniel0 Posted December 12, 2009 Share Posted December 12, 2009 $_SERVER['REMOTE_ADDR'] will return the primary connection to the server, minus any server variables that may be set (for valid reasons). X_FORWARDED_FOR is a very basic setting set by proxies, But virtually no web proxies actually use them, This is sort of deprecated (and old) for detecting a proxy. Plus, anyone who knows just a little bit about HTTP can send their own X-Forwarded-For header with bogus information, which just makes spoofing IP addresses even easier. Quote Link to comment https://forums.phpfreaks.com/topic/184897-ip-address-recording/#findComment-976114 Share on other sites More sharing options...
EsOne Posted December 12, 2009 Author Share Posted December 12, 2009 @ngreenwood - not sure I understand what you mean. Or, vice-versa. This site will be closely monitored. I will pesonally monitor who I know is on there. If I see an unexplained IP, I will try to limit it. The part of the site I am trying to do this on will only have a max of 10 users, all of which are friends of mine. If I notice an IP that differs from the 10 peoples IP, I will limit the access. Even if the persons IP is dynamic, I will still know it is them by asking them. LOL. I think I will give up on this for now. I really need to learn more about MYSQL first. Since, I don't really know how to get PHP to store the correct info in the correct place. Thanks everyone. I will be back if I need any more assistance. Quote Link to comment https://forums.phpfreaks.com/topic/184897-ip-address-recording/#findComment-976122 Share on other sites More sharing options...
ngreenwood6 Posted December 12, 2009 Share Posted December 12, 2009 If you are going to know all the ipaddresses then no big deal. One thing that I never suggest is giving up because you dont understand something. Imagine if every programmer out there did that. We wouldnt have the great sites/programs/operating systems that we have. Sometimes just sticking to it and asking questions is a great way to learn. Here is a great site for php and mysql beginner tutorials http://www.tizag.com/mysqlTutorial/index.php. Go through some of the tutorials and if you dont understand something come back here and ask and someone will be more than happy to answer your question. No question is a dumb question (hence the reason it is a question). Quote Link to comment https://forums.phpfreaks.com/topic/184897-ip-address-recording/#findComment-976125 Share on other sites More sharing options...
EsOne Posted December 12, 2009 Author Share Posted December 12, 2009 The page you recommended goes to a 404. Oni-kun recommended $IP = $_SERVER['REMOTE_ADDR']; //Or whatever refined IP $Requests = mysql_real_escape_string(print_r($_REQUEST,true)); //Grab server request vars $Date = date('Y-m-d'); //The date, you can use other info.. mysql_query("INSERT INTO ip_table (IP, requests, date) VALUES('".$IP."','".$Requests."', '".$Date."' ) ") or die(mysql_error()); I get the $IP = $_SERVER['REMOTE_ADDR']; //Or whatever refined IP line. It is assigning the results from the $_SERVER['REMOTE_ADDR'] to the variable $IP. $Requests = mysql_real_escape_string(print_r($_REQUEST,true)); //Grab server request vars Not sure on this line. The mysql_real_escape_string(print_r($_REQUEST,true)); is being assigned to $Requests, but what is it, and what exactly is the string it is assigning to $Requests? $Date = date('Y-m-d'); //The date, you can use other info.. A bit obvious. It is assigning the date into the variable $Date. However, where is it pulling the date from? mysql_query("INSERT INTO ip_table (IP, requests, date) VALUES('".$IP."','".$Requests."', '".$Date."' ) ") or die(mysql_error()); This is writing the information into MYSQL, correct? The ("INSERT INTO ip_table (IP, requests, date) VALUES('".$IP.",".$Requests."','".$Date."') ") is saying insert the values of $IP, $Requests, and $Data into ip_table in the IP, requests, and date sections. I have tried this, with the following: <?php $connection= mysql_connect("host","username","password."); if(!$connection) { die("Error" . mysql_error()); } $dbselect= mysql_select_db("ip_table",$connection); $IP =$_SERVER['REMOTE_ADDR']; //Or whatever refined IP $Requests =mysql_real_escape_string(print_r($_REQUEST,true)); //Grab server request vars $Date =date('Y-m-d'); //The date, you can use other info.. mysql_query($dbselect,"INSERT INTO ip_table (IP, requests, date) VALUES('".$IP."','".$Requests."', '".$Date."' ) ") or die(mysql_error()); I get this error: Warning: mysql_query(): supplied argument is not a valid MySQL-Link resource in /home/content/e/s/o/esone/html/test/jsontest.php on line 16 Access denied for user 'username'@'%' to database 'ip_table' Maybe because of how I have my MYSQL table set up? Quote Link to comment https://forums.phpfreaks.com/topic/184897-ip-address-recording/#findComment-976142 Share on other sites More sharing options...
ngreenwood6 Posted December 12, 2009 Share Posted December 12, 2009 it goes to a 404 because it is taking the . i added to the sentence to the end of the url just remove it or use this link http://www.tizag.com/mysqlTutorial/index.php . the error that you are getting from mysql is because in your mysql_connect function you are using username as the username instead of the actual username. your mysql_connect should look like this if you are using wampserver: mysql_connect('localhost','root',''); Quote Link to comment https://forums.phpfreaks.com/topic/184897-ip-address-recording/#findComment-976152 Share on other sites More sharing options...
EsOne Posted December 12, 2009 Author Share Posted December 12, 2009 Oh, I have a connection. I just changed the password, host, and username for privacy reasons when posting it. Quote Link to comment https://forums.phpfreaks.com/topic/184897-ip-address-recording/#findComment-976158 Share on other sites More sharing options...
ngreenwood6 Posted December 12, 2009 Share Posted December 12, 2009 oh ok just making sure. you are trying to connect to a database but you are using the table name by looking at your screen shot this line: $dbselect= mysql_select_db("ip_table",$connection); should be this: $dbselect= mysql_select_db("greg1233",$connection); Quote Link to comment https://forums.phpfreaks.com/topic/184897-ip-address-recording/#findComment-976160 Share on other sites More sharing options...
EsOne Posted December 12, 2009 Author Share Posted December 12, 2009 Wonderful. It worked. Now... In my above pic of my table. Do I have the types right for each section? (IP being int, Requests being text, and date being an int) I did notice some information being written to it after I visited the page. I just want the information to be in the right format for being pulled up later. Quote Link to comment https://forums.phpfreaks.com/topic/184897-ip-address-recording/#findComment-976166 Share on other sites More sharing options...
EsOne Posted December 12, 2009 Author Share Posted December 12, 2009 I changed the IP field to "text", and date to "Date", and kept the Request as "Text" While browsing the table I see my IP and the correct date, and in the Requests section I see: Array ( [wp-settings-1] => m0=o&m1=o&m2=c&m3=c&m4=o&m5=o&m6=o&m7=o&mate=c&m9=c&uploader=1&hidetb=1&editor=tinymce&align=right&m10=c [wp-settings-time-1] => 1259685694 [phpbb3_n8av8_k] => [style_cookie] => null [phpbb3_n8av8_u] => 2 [phpbb3_n8av8_sid] => 02150c018d96853be6e39d2ac537223c What exactly does this "Requests" section do? And what info does it hold? Quote Link to comment https://forums.phpfreaks.com/topic/184897-ip-address-recording/#findComment-976171 Share on other sites More sharing options...
EsOne Posted December 12, 2009 Author Share Posted December 12, 2009 Also, tried this to show the info on a new page: $result= mysql_query("SELECT * FROM greg1233"); while ($row = mysql_fetch_array($result)); { echo $row[1]. " " .$row[3]."</br>"; ) (while testing, this is all going in one file. Kind of like a big test compilation.) It comes back with this error: Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/content/e/s/o/esone/html/test/jsontest.php on line 53 Line 53 being: while ($row = mysql_fetch_array($result)); Quote Link to comment https://forums.phpfreaks.com/topic/184897-ip-address-recording/#findComment-976179 Share on other sites More sharing options...
oni-kun Posted December 12, 2009 Share Posted December 12, 2009 Hmm.. Maybe the supplied table is wrong, your code appears to be correct, Try: $result= mysql_query("SELECT * FROM greg1233 WHERE `id` = '1'"); while ($row = mysql_fetch_array($result)); { echo $row['text']. " - " .$row['Date']." - </br>"; ) And Request field, contains all GET/POST/Cookie/Session variables. EDIT: date is a function, Also you may want to look at http://www.php.net/manual/en/reserved.variables.request.php Quote Link to comment https://forums.phpfreaks.com/topic/184897-ip-address-recording/#findComment-976194 Share on other sites More sharing options...
EsOne Posted December 12, 2009 Author Share Posted December 12, 2009 Okay, I fixed the line 53 error. Now I am having an issue turning the data into an array. When I used the fetch_array thing, it did not return an error, but did nothing. I did some debugging, I echoed $result before the fetch array, and it came back as: Resource id #3 After I var_dumped @result. I got this return: resource(3) of type (mysql result) And i also echoed $result AFTER I had assigned the array to it, and it still echoes as Resource id#3. Here is the updated code I am using: $result = mysql_query("SELECT * FROM ip_table ORDER BY ID DESC"); echo $result . "</br>"; while ($row = mysql_fetch_array($result)); { echo $row["IP"]. " " .$row["Date"]."</br>"; } var_dump($result); echo "</br>" . $result; @oni - I just tried that with these results: Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/content/e/s/o/esone/html/test/jsontest.php on line 55 bool(false) Quote Link to comment https://forums.phpfreaks.com/topic/184897-ip-address-recording/#findComment-976196 Share on other sites More sharing options...
oni-kun Posted December 12, 2009 Share Posted December 12, 2009 Maybe try an association array? $result = mysql_query("SELECT * FROM ip_table ORDER BY ID DESC"); while ($row = mysql_fetch_assoc($result)) { echo $row[0]; echo $row[1]; echo $row[2]; } EDIT: While loop. Quote Link to comment https://forums.phpfreaks.com/topic/184897-ip-address-recording/#findComment-976198 Share on other sites More sharing options...
EsOne Posted December 12, 2009 Author Share Posted December 12, 2009 Nothing comes up now. No errors, but nothing else either. I echoed $result again, and it still says resource id#3 Just posting this again to maybe find out if I am coding it wrong for the location I am trying to get an array from. "SELECT * FROM ip_table ORDER BY ID DESC" I am telling it to select all data from the table ip_table and to order it decending. I think that part may be what is wrong. However, I tried "SELECT * FROM ip_table WHERE 'id' ORDER DESC" with the same results. In my table, the IP should be in row[1], and the date in row[3]. Quote Link to comment https://forums.phpfreaks.com/topic/184897-ip-address-recording/#findComment-976206 Share on other sites More sharing options...
oni-kun Posted December 12, 2009 Share Posted December 12, 2009 $query=mysql_query("SELECT * FROM ip_table ORDER BY ID DESC"); $row=mysql_fetch_array($query); echo($row[1]); Maybe try this.. Resource ID#3 is an internal pointer that MySQL uses in the result. mysql_fetch_* should not return that.. Hmm. Quote Link to comment https://forums.phpfreaks.com/topic/184897-ip-address-recording/#findComment-976224 Share on other sites More sharing options...
ngreenwood6 Posted December 12, 2009 Share Posted December 12, 2009 it looks like your query is failing, you should change your query to this when troubleshooting: $query=mysql_query("SELECT * FROM ip_table ORDER BY ID DESC") or die(mysql_error()); I think the issue is because you are trying to order it by ID but the field is id (different case) so try this: $query=mysql_query("SELECT * FROM ip_table ORDER BY id DESC"); Quote Link to comment https://forums.phpfreaks.com/topic/184897-ip-address-recording/#findComment-976230 Share on other sites More sharing options...
EsOne Posted December 12, 2009 Author Share Posted December 12, 2009 $query=mysql_query("SELECT * FROM ip_table ORDER BY ID DESC"); $row=mysql_fetch_array($query); echo($row[1]); Maybe try this.. Resource ID#3 is an internal pointer that MySQL uses in the result. mysql_fetch_* should not return that.. Hmm. That worked! Well, sorda! It did show me an ip, and I added it to echo $row[3] so it shows the date, however, isn't it supposed to echo all the IPs in that row ordered by decending ID? It only showed me one IP and date. Also. What changed in that code? The only thing I really notice is the $result changed to $query. Quote Link to comment https://forums.phpfreaks.com/topic/184897-ip-address-recording/#findComment-976232 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.