[SOLVED] Ip address function

[Grant Holmes]

I've read a couple places to use

echo $_SERVER['REMOTE_ADDR'];

to collect an IP address. For this discussion, realize that I know they are unreliable at best.

 

My client would like a place on his website to show "who's listening" achieved by who responds to given forms.

 

I've seen ads on sites, "You're in XXCITY, USA!!!" That would get us close.

 

So my questions:

• Once on the form page, I assume the browser 'knows' the IP address.
  How do I submit it to my table with other form values? Do I just submit $_SERVER? Just knowing the snippet above doesn't help much.
   
  
• Once in the table, I know I could pull it to compare it somewhere-somehow to the cute IP thing above.
  How do they do that?
  

[btherl]

You should submit $_SERVER['REMOTE_ADDR'] to the table.  There's a lot of other stuff in the $_SERVER array that you don't need.

 

As for comparing it, the keyword is "geolocation".  Google will give you mountains of results for this.  It can be done in SQL in many ways, one of which is storing the lowest and highest ip of each range along with its country.  To generate that table you'll need a geolocation database.

[Grant Holmes]

Thanks for the GEO/Google piece. that should save LOADS of time.

 

on the submit, I'm a newbie, so a tad more help please.

 

Do I put that inside a hidden field like:

<input type="hidden" name="IP" value="$_SERVER['REMOTE_ADDR']">

 

or?????

 

[TheFilmGod]

Thanks for the GEO/Google piece. that should save LOADS of time.

 

on the submit, I'm a newbie, so a tad more help please.

 

Do I put that inside a hidden field like:

<input type="hidden" name="IP" value="$_SERVER['REMOTE_ADDR']">

 

or?????

 

 

You can but you need to change this

value="$_SERVER['REMOTE_ADDR']"

 

to:

 

value="<?php echo "$_SERVER['REMOTE_ADDR']"; ?>"

[Stooney]

I would suggest just getting the ip right before the insert query.  There's really no need to pass it through a form.  Plus that could also be changed by the user right before they submit the form.

[Grant Holmes]

FilmGod, If it was in a hidden field, how would they change it, or know to change it? I'm using

 <form action="polls/RequestProcessingDB.php" method="post">

to get the data into my table. How would I use "insert"????

 

 

Chris, So you're saying my line should be:

<input type="hidden" name="IP" value="<?php echo "$_SERVER['REMOTE_ADDR']"; ?>">

[Stooney]

I'm just saying that once the page is being viewed, the source code will show the value of IP as their ip address.

So when they view the source, they'll see:

<input type="hidden" name="IP" value="999.999.99.999">

 

Then they can use javascript in the address bar to change the value of IP and when the form submits, IP will contain the new value.  Just saying it's not as secure as just getting the IP before the query.

[Grant Holmes]

okay, assuming that we'd have visitors that smart, how do I use the Insert function stated.

 

Sorry I got your names backwards.

[trq]

The corect line would be....

 

<input type="hidden" name="IP" value="<?php echo $_SERVER['REMOTE_ADDR']; ?>">

 

But yeah, as chris pointed out, there is really no need to pass it via a form. Users could easily view/edit the html source code of your page and spoof the ip.

[trq]

okay, assuming that we'd have visitors that smart, how do I use the Insert function stated.

 

Sorry I got your names backwards.

 

You simply need to execute a query using mysql_query().

[Grant Holmes]

I'm not sure that "simply" covers my newbieness and capabilities. It seems NOTHING is simple.

 

Edited.

I read that link and had also thought that a query was to get something FROM the table, not put it there?

 

I think that DOES get me closer. I do have a PHP script that processes my form and there is an INSERT command there to put the data in the table. So now my question is,

 

how I pass the form IP address to the processing page, or will the browser do that? The user never sees the processing page.

[Grant Holmes]

in processing my form, it would appear that I'm successfully passing another "hidden" field lke this:

if($FTGEvent == "")  $FTGEvent = "request"; 

to put "request" in the field.

 

can I use the same logic for the IP? I tried:

if($FTGIP == "")  $FTGIP = "$_SERVER['REMOTE_ADDR']"; 

but that doesn't work.

 

After establishing the variable, a later INSERT puts 'request' in the table.

[Grant Holmes]

This was solved off-forum. Thanks for your help.