Capturing users IP when form sent

[chrismid259]

Hi,

I'm trying to configure my contact form so that the form will capture the ip of the user when they click the submit button.

 

Does anyone know a way of doing this. I've Googled this questions but can't seem to find a response.

 

The php code I have at the moment after the send button has been clicked.

 

    <?php
    if(isset($_POST['email'])) {
     
    // CHANGE THE TWO LINES BELOW
    $email_to = "mail@cmiddletonphotography.co.uk";
     
    $email_subject = "Website email alert!";
     
     
    function died($error) {
    // your error code can go here
    echo "There were error(s) found with the form you submitted. ";
    echo "These errors appear below.<br /><br />";
    echo $error."<br /><br />";
    echo "Please go back and fix these errors.<br /><br />";
    die();
    }
     
    // validation expected data exists
    if(!isset($_POST['first_name']) ||
    !isset($_POST['last_name']) ||
    !isset($_POST['email']) ||
    !isset($_POST['comments'])) {
    died('We are sorry, but there appears to be a problem with the form you submitted.');
    }
     
    $first_name = $_POST['first_name']; // required
    $last_name = $_POST['last_name']; // required
    $email_from = $_POST['email']; // required
    $comments = $_POST['comments']; // required
     
    $error_message = "";
    $email_exp = '/^[A-Za-z0-9._%-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$/';
    if(!preg_match($email_exp,$email_from)) {
    $error_message .= 'The Email Address you entered does not appear to be valid.<br />';
    }
    $string_exp = "/^[A-Za-z .'-]+$/";
    if(!preg_match($string_exp,$first_name)) {
    $error_message .= 'The First Name you entered does not appear to be valid.<br />';
    }
    if(!preg_match($string_exp,$last_name)) {
    $error_message .= 'The Last Name you entered does not appear to be valid.<br />';
    }
    if(strlen($comments) < 2) {
    $error_message .= 'The Comments you entered do not appear to be valid.<br />';
    }
    if(strlen($error_message) > 0) {
    died($error_message);
    }
    $email_message = "Form details below.\n\n";
     
    function clean_string($string) {
    $bad = array("content-type","bcc:","to:","cc:","href");
    return str_replace($bad,"",$string);
    }
     
    $email_message .= "First Name: ".clean_string($first_name)."\n";
    $email_message .= "Last Name: ".clean_string($last_name)."\n";
    $email_message .= "Email: ".clean_string($email_from)."\n";
    $email_message .= "Comments: ".clean_string($comments)."\n";
     
     
    // create email headers
    $headers = 'From: '.$email_from."\r\n".
    'Reply-To: '.$email_from."\r\n" .
    'X-Mailer: PHP/' . phpversion();
    @mail($email_to, $email_subject, $email_message, $headers);
    ?>
     
    <!-- place your own success html below --><head>
    
    <link rel="stylesheet" href="style.css" type="text/css" />
    
<title>Email Confirmation: Christopher Middleton Photography</title>
     
     <div id="fb-root"></div>
<script>(function(d, s, id) {
  var js, fjs = d.getElementsByTagName(s)[0];
  if (d.getElementById(id)) return;
  js = d.createElement(s); js.id = id;
  js.src = "//connect.facebook.net/en_GB/all.js#xfbml=1";
  fjs.parentNode.insertBefore(js, fjs);
}(document, 'script', 'facebook-jssdk'));</script>
     
    <center>Thank you for using the contact form.<br><br>Replies will be sent as soon as possible.<br><br>In 10 seconds, your browser will automatically return to the home page.<br /><br />Return to <a href="index.htm">homepage</a>.<br /><br /><br /><center>
    <div class="fb-like" data-href="http://www.facebook.com/cmiddletonphotography" data-send="true" data-layout="button_count" data-show-faces="true"></div></center>
    
<meta http-equiv="refresh" content="10; URL=index.htm">
     
    <?php
    }
    die();
    ?>

[kyle04]

$THIS_IP = $_SERVER['REMOTE_ADDR'];

[Christian F.]

Do note that the content of the REMOTE_ADDR index is provided by the client itself, and as such can quite easily be spoofed.

You'll want to validate that it is indeed a IP-address, before doing anything with it. Even then, keep in mind that it might very well be a different IP than what the user actually has.

[PFMaBiSmAd]

The $_SERVER['REMOTE_ADDR'] comes from the TCP/IP data packets.

[chrismid259]

Thank you for your replies.

 

Where exactly in my code would I implement this?