Jump to content

Capturing users IP when form sent

chrismid259

By chrismid259
in PHP Coding Help

 Share

Recommended Posts

chrismid259 Newbie

chrismid259

Posted
Posted

Hi,

I'm trying to configure my contact form so that the form will capture the ip of the user when they click the submit button.

 

Does anyone know a way of doing this. I've Googled this questions but can't seem to find a response.

 

The php code I have at the moment after the send button has been clicked.

 

    <?php
    if(isset($_POST['email'])) {
     
    // CHANGE THE TWO LINES BELOW
    $email_to = "mail@cmiddletonphotography.co.uk";
     
    $email_subject = "Website email alert!";
     
     
    function died($error) {
    // your error code can go here
    echo "There were error(s) found with the form you submitted. ";
    echo "These errors appear below.<br /><br />";
    echo $error."<br /><br />";
    echo "Please go back and fix these errors.<br /><br />";
    die();
    }
     
    // validation expected data exists
    if(!isset($_POST['first_name']) ||
    !isset($_POST['last_name']) ||
    !isset($_POST['email']) ||
    !isset($_POST['comments'])) {
    died('We are sorry, but there appears to be a problem with the form you submitted.');
    }
     
    $first_name = $_POST['first_name']; // required
    $last_name = $_POST['last_name']; // required
    $email_from = $_POST['email']; // required
    $comments = $_POST['comments']; // required
     
    $error_message = "";
    $email_exp = '/^[A-Za-z0-9._%-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$/';
    if(!preg_match($email_exp,$email_from)) {
    $error_message .= 'The Email Address you entered does not appear to be valid.<br />';
    }
    $string_exp = "/^[A-Za-z .'-]+$/";
    if(!preg_match($string_exp,$first_name)) {
    $error_message .= 'The First Name you entered does not appear to be valid.<br />';
    }
    if(!preg_match($string_exp,$last_name)) {
    $error_message .= 'The Last Name you entered does not appear to be valid.<br />';
    }
    if(strlen($comments) < 2) {
    $error_message .= 'The Comments you entered do not appear to be valid.<br />';
    }
    if(strlen($error_message) > 0) {
    died($error_message);
    }
    $email_message = "Form details below.\n\n";
     
    function clean_string($string) {
    $bad = array("content-type","bcc:","to:","cc:","href");
    return str_replace($bad,"",$string);
    }
     
    $email_message .= "First Name: ".clean_string($first_name)."\n";
    $email_message .= "Last Name: ".clean_string($last_name)."\n";
    $email_message .= "Email: ".clean_string($email_from)."\n";
    $email_message .= "Comments: ".clean_string($comments)."\n";
     
     
    // create email headers
    $headers = 'From: '.$email_from."\r\n".
    'Reply-To: '.$email_from."\r\n" .
    'X-Mailer: PHP/' . phpversion();
    @mail($email_to, $email_subject, $email_message, $headers);
    ?>
     
    <!-- place your own success html below --><head>
    
    <link rel="stylesheet" href="style.css" type="text/css" />
    
<title>Email Confirmation: Christopher Middleton Photography</title>
     
     <div id="fb-root"></div>
<script>(function(d, s, id) {
  var js, fjs = d.getElementsByTagName(s)[0];
  if (d.getElementById(id)) return;
  js = d.createElement(s); js.id = id;
  js.src = "//connect.facebook.net/en_GB/all.js#xfbml=1";
  fjs.parentNode.insertBefore(js, fjs);
}(document, 'script', 'facebook-jssdk'));</script>
     
    <center>Thank you for using the contact form.<br><br>Replies will be sent as soon as possible.<br><br>In 10 seconds, your browser will automatically return to the home page.<br /><br />Return to <a href="index.htm">homepage</a>.<br /><br /><br /><center>
    <div class="fb-like" data-href="http://www.facebook.com/cmiddletonphotography" data-send="true" data-layout="button_count" data-show-faces="true"></div></center>
    
<meta http-equiv="refresh" content="10; URL=index.htm">
     
    <?php
    }
    die();
    ?>

Link to comment
Share on other sites
Christian F. Member

Christian F.

Posted
Posted

Do note that the content of the REMOTE_ADDR index is provided by the client itself, and as such can quite easily be spoofed.

You'll want to validate that it is indeed a IP-address, before doing anything with it. Even then, keep in mind that it might very well be a different IP than what the user actually has.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.