Grant Holmes Posted January 9, 2008 Share Posted January 9, 2008 I've read a couple places to use echo $_SERVER['REMOTE_ADDR']; to collect an IP address. For this discussion, realize that I know they are unreliable at best. My client would like a place on his website to show "who's listening" achieved by who responds to given forms. I've seen ads on sites, "You're in XXCITY, USA!!!" That would get us close. So my questions: Once on the form page, I assume the browser 'knows' the IP address. How do I submit it to my table with other form values? Do I just submit $_SERVER? Just knowing the snippet above doesn't help much. Once in the table, I know I could pull it to compare it somewhere-somehow to the cute IP thing above. How do they do that? Quote Link to comment Share on other sites More sharing options...
btherl Posted January 9, 2008 Share Posted January 9, 2008 You should submit $_SERVER['REMOTE_ADDR'] to the table. There's a lot of other stuff in the $_SERVER array that you don't need. As for comparing it, the keyword is "geolocation". Google will give you mountains of results for this. It can be done in SQL in many ways, one of which is storing the lowest and highest ip of each range along with its country. To generate that table you'll need a geolocation database. Quote Link to comment Share on other sites More sharing options...
Grant Holmes Posted January 9, 2008 Author Share Posted January 9, 2008 Thanks for the GEO/Google piece. that should save LOADS of time. on the submit, I'm a newbie, so a tad more help please. Do I put that inside a hidden field like: <input type="hidden" name="IP" value="$_SERVER['REMOTE_ADDR']"> or????? Quote Link to comment Share on other sites More sharing options...
TheFilmGod Posted January 9, 2008 Share Posted January 9, 2008 Thanks for the GEO/Google piece. that should save LOADS of time. on the submit, I'm a newbie, so a tad more help please. Do I put that inside a hidden field like: <input type="hidden" name="IP" value="$_SERVER['REMOTE_ADDR']"> or????? You can but you need to change this value="$_SERVER['REMOTE_ADDR']" to: value="<?php echo "$_SERVER['REMOTE_ADDR']"; ?>" Quote Link to comment Share on other sites More sharing options...
Stooney Posted January 9, 2008 Share Posted January 9, 2008 I would suggest just getting the ip right before the insert query. There's really no need to pass it through a form. Plus that could also be changed by the user right before they submit the form. Quote Link to comment Share on other sites More sharing options...
Grant Holmes Posted January 9, 2008 Author Share Posted January 9, 2008 FilmGod, If it was in a hidden field, how would they change it, or know to change it? I'm using <form action="polls/RequestProcessingDB.php" method="post"> to get the data into my table. How would I use "insert"???? Chris, So you're saying my line should be: <input type="hidden" name="IP" value="<?php echo "$_SERVER['REMOTE_ADDR']"; ?>"> Quote Link to comment Share on other sites More sharing options...
Stooney Posted January 9, 2008 Share Posted January 9, 2008 I'm just saying that once the page is being viewed, the source code will show the value of IP as their ip address. So when they view the source, they'll see: <input type="hidden" name="IP" value="999.999.99.999"> Then they can use javascript in the address bar to change the value of IP and when the form submits, IP will contain the new value. Just saying it's not as secure as just getting the IP before the query. Quote Link to comment Share on other sites More sharing options...
Grant Holmes Posted January 9, 2008 Author Share Posted January 9, 2008 okay, assuming that we'd have visitors that smart, how do I use the Insert function stated. Sorry I got your names backwards. Quote Link to comment Share on other sites More sharing options...
trq Posted January 9, 2008 Share Posted January 9, 2008 The corect line would be.... <input type="hidden" name="IP" value="<?php echo $_SERVER['REMOTE_ADDR']; ?>"> But yeah, as chris pointed out, there is really no need to pass it via a form. Users could easily view/edit the html source code of your page and spoof the ip. Quote Link to comment Share on other sites More sharing options...
trq Posted January 9, 2008 Share Posted January 9, 2008 okay, assuming that we'd have visitors that smart, how do I use the Insert function stated. Sorry I got your names backwards. You simply need to execute a query using mysql_query(). Quote Link to comment Share on other sites More sharing options...
Grant Holmes Posted January 9, 2008 Author Share Posted January 9, 2008 I'm not sure that "simply" covers my newbieness and capabilities. It seems NOTHING is simple. Edited. I read that link and had also thought that a query was to get something FROM the table, not put it there? I think that DOES get me closer. I do have a PHP script that processes my form and there is an INSERT command there to put the data in the table. So now my question is, how I pass the form IP address to the processing page, or will the browser do that? The user never sees the processing page. Quote Link to comment Share on other sites More sharing options...
Grant Holmes Posted January 9, 2008 Author Share Posted January 9, 2008 in processing my form, it would appear that I'm successfully passing another "hidden" field lke this: if($FTGEvent == "") $FTGEvent = "request"; to put "request" in the field. can I use the same logic for the IP? I tried: if($FTGIP == "") $FTGIP = "$_SERVER['REMOTE_ADDR']"; but that doesn't work. After establishing the variable, a later INSERT puts 'request' in the table. Quote Link to comment Share on other sites More sharing options...
Grant Holmes Posted January 9, 2008 Author Share Posted January 9, 2008 This was solved off-forum. Thanks for your help. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.